imfreedom/k8s-cluster

Add the new jetbrains hub service and remove ldap which has been replaced by hub

2019-09-25, Gary Kramlich
e66d37205a07
Parents 285b647aea94
Children caa6fffdbf59
Add the new jetbrains hub service and remove ldap which has been replaced by hub
2 files changed, 156 insertions(+), 93 deletions(-)
  • +156 -0
    50-hub.imfreedom.org.yaml
  • +0 -93
    50-ldap.imfreedom.org.yaml
    • --- /dev/null Thu Jan 01 00:00:00 1970 +0000
    +++ b/50-hub.imfreedom.org.yaml Wed Sep 25 03:02:59 2019 -0500
    @@ -0,0 +1,156 @@
    +# hub is a deployment of jetbrains hub software which we use for a centralized
    +# authentication platform.
    +---
    +apiVersion: extensions/v1beta1
    +kind: Ingress
    +metadata:
    + namespace: imfreedom
    + name: hub
    + annotations:
    + certmanager.k8s.io/issuer: letsencrypt
    + nginx.ingress.kubernetes.io/configuration-snippet: |
    + more_set_headers "X-Frame-Options: SAMEORIGIN";
    + labels:
    + app: hub
    +spec:
    + rules:
    + - host: hub.imfreedom.org
    + http:
    + paths:
    + - backend:
    + serviceName: hub
    + servicePort: 8080
    + path: /
    + tls:
    + - hosts:
    + - hub.imfreedom.org
    + secretName: hub-tls
    +---
    +apiVersion: certmanager.k8s.io/v1alpha1
    +kind: Certificate
    +metadata:
    + namespace: imfreedom
    + name: hub
    +spec:
    + secretName: hub-tls
    + issuerRef:
    + name: letsencrypt
    + commonName: hub.imfreedom.org
    + dnsNames:
    + - hub.imfreedom.org
    + acme:
    + config:
    + - http01:
    + ingress: hub
    + domains:
    + - hub.imfreedom.org
    +---
    +apiVersion: v1
    +kind: Service
    +metadata:
    + namespace: imfreedom
    + labels:
    + app: hub
    + name: hub
    +spec:
    + ports:
    + - port: 8080
    + protocol: TCP
    + selector:
    + app: hub
    +---
    +apiVersion: networking.k8s.io/v1
    +kind: NetworkPolicy
    +metadata:
    + namespace: imfreedom
    + name: hub
    + labels:
    + app: hub
    +spec:
    + podSelector:
    + matchLabels:
    + app: hub
    + ingress:
    + - from:
    + - namespaceSelector:
    + matchLabels:
    + name: kube-public
    + podSelector:
    + matchLabels:
    + app: ingress
    + role: controller
    + ports:
    + - port: 8080
    + protocol: TCP
    +---
    +apiVersion: apps/v1
    +kind: Deployment
    +metadata:
    + namespace: imfreedom
    + name: hub
    + labels:
    + app: hub
    +spec:
    + replicas: 1
    + selector:
    + matchLabels:
    + app: hub
    + strategy:
    + type: Recreate
    + template:
    + metadata:
    + labels:
    + app: hub
    + spec:
    + containers:
    + - name: hub
    + image: docker.io/jetbrains/hub:2019.1.11738
    + ports:
    + - containerPort: 8080
    + resources:
    + limits:
    + cpu: 250m
    + memory: 1024Mi
    + requests:
    + cpu: 100m
    + memory: 512Mi
    + volumeMounts:
    + - mountPath: /opt/hub/data/
    + name: hub
    + readOnly: false
    + subPath: data
    + - mountPath: /opt/hub/conf/
    + name: hub
    + readOnly: false
    + subPath: conf
    + - mountPath: /opt/hub/logs/
    + name: hub
    + readOnly: false
    + subPath: logs
    + - mountPath: /opt/hub/backups/
    + name: hub
    + readOnly: false
    + subPath: backups
    + securityContext:
    + fsGroup: 13001
    + runAsUser: 13001
    + volumes:
    + - name: hub
    + persistentVolumeClaim:
    + claimName: hub
    +---
    +apiVersion: v1
    +kind: PersistentVolumeClaim
    +metadata:
    + namespace: imfreedom
    + name: hub
    + labels:
    + app: hub
    +spec:
    + accessModes:
    + - ReadWriteOnce
    + resources:
    + requests:
    + storage: 1Gi
    +---
    +
    --- a/50-ldap.imfreedom.org.yaml Wed Sep 25 02:59:19 2019 -0500
    +++ /dev/null Thu Jan 01 00:00:00 1970 +0000
    @@ -1,93 +0,0 @@
    -apiVersion: v1
    -kind: Service
    -metadata:
    - namespace: imfreedom
    - labels:
    - app: ldap
    - name: ldap
    -spec:
    - ports:
    - - port: 3389
    - protocol: TCP
    - selector:
    - app: ldap
    ----
    -apiVersion: apps/v1
    -kind: Deployment
    -metadata:
    - namespace: imfreedom
    - name: ldap
    - labels:
    - app: ldap
    -spec:
    - replicas: 1
    - selector:
    - matchLabels:
    - app: ldap
    - strategy:
    - type: Recreate
    - template:
    - metadata:
    - labels:
    - app: ldap
    - spec:
    - containers:
    - - name: ldap
    - env:
    - - name: DOMAIN
    - value: imfreedom.org
    - - name: ORGANIZATION
    - value: Instant Messaging Freedom, Inc
    - - name: ADMIN_PASSWD
    - valueFrom:
    - secretKeyRef:
    - name: ldap
    - key: adminPasswd
    - image: rwgrim/ldap:latest
    - imagePullPolicy: Always
    - readinessProbe:
    - tcpSocket:
    - port: 3389
    - periodSeconds: 10
    - initialDelaySeconds: 1
    - livenessProbe:
    - tcpSocket:
    - port: 3389
    - periodSeconds: 30
    - initialDelaySeconds: 30
    - ports:
    - - containerPort: 3389
    - volumeMounts:
    - - mountPath: /var/lib/ldap
    - name: data
    - readOnly: false
    - resources:
    - limits:
    - cpu: 400m
    - memory: 1024Mi
    - requests:
    - cpu: 200m
    - memory: 512Mi
    - securityContext:
    - fsGroup: 101
    - runAsUser: 101
    - volumes:
    - - name: data
    - persistentVolumeClaim:
    - claimName: ldap-data
    ----
    -apiVersion: v1
    -kind: PersistentVolumeClaim
    -metadata:
    - namespace: imfreedom
    - name: ldap-data
    - labels:
    - app: ldap
    -spec:
    - accessModes:
    - - ReadWriteOnce
    - resources:
    - requests:
    - storage: 1Gi
    ----
    -