IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Grzegorz Leoniec 2019-01-17 14:10:38 +01:00
commit 81e211f6fb
No known key found for this signature in database
GPG Key ID: 3AA43686D4EB1377
16 changed files with 584 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
*secrets*.yaml

35
README.md Normal file
View File

@ -0,0 +1,35 @@
# Human-Connection Nitro | Deployment Configuration
> Currently the deployment is not primetime ready as you still have to do some manual work. That we need to change, the following list gives some glimpse of the missing steps.
## Todo`s
- [ ] check labels and selectors if they all are correct
- [ ] configure NGINX from yaml
- [ ] configure Let's Encrypt cert-manager from yaml
- [ ] configure ingress form yaml
- [ ] configure persistent & shared storage between nodes
- [ ] reproduce setup locally
> The dummy directory has some lb configurations that did not work properly on Digital Ocean but could be used as a starting point for getting it right
## Apply the config map to staging namespace
```shell
cd ./staging
kubectl apply -f configmap-neo4j.yaml -f configmap-backend.yaml -f configmap-web.yaml
```
## Setup secrets and deploy themn
```shell
cd ./staging
cp secrets.yaml.template secrets.yaml
# change all vars as needed and deploy it afterwards
kubectl apply -f secrets.yaml
```
## Deploy the app
```shell
cd ./staging
kubectl apply -f deployment-neo4j.yaml -f deployment-backend.yaml -f deployment-web.yaml
```

13
dummies/backend-service.yaml Normal file
View File

@ -0,0 +1,13 @@
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: nitro-backend
name: nitro-backend
namespace: staging
spec:
ports:
- port: 4000
targetPort: 4000
selector:
k8s-app: nitro-backend

12
dummies/do-loadbalancer.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: sample-load-balancer
namespace: staging
spec:
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
name: http

15
dummies/ingress-backend.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: backend-ingress
namespace: staging
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- http:
paths:
- path: /
backend:
serviceName: backend
servicePort: 4000

22
dummies/nginx.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: staging
labels:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx
spec:
type: NodePort
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
- name: https
port: 443
targetPort: 443
protocol: TCP
selector:
app.kubernetes.io/name: ingress-nginx
app.kubernetes.io/part-of: ingress-nginx

13
dummies/web-service.yaml Normal file
View File

@ -0,0 +1,13 @@
kind: Service
apiVersion: v1
metadata:
labels:
k8s-app: nitro-web
name: nitro-web
namespace: staging
spec:
ports:
- port: 3000
targetPort: 3000
selector:
k8s-app: nitro-web

9
staging/backend-configmap.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v1
kind: ConfigMap
data:
GRAPHQL_PORT: "4000"
GRAPHQL_URI: "https://api-nitro-staging.human-connection.org"
MOCK: "false"
metadata:
name: staging-backend
namespace: staging

62
staging/backend-deployment.yaml Normal file
View File

@ -0,0 +1,62 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nitro-backend
namespace: staging
spec:
replicas: 2
minReadySeconds: 15
progressDeadlineSeconds: 60
# strategy:
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
# type: RollingUpdate
selector:
matchLabels:
workload.user.cattle.io/workloadselector: deployment-staging-backend
template:
metadata:
labels:
workload.user.cattle.io/workloadselector: deployment-staging-backend
name: "nitro-backend"
spec:
containers:
- env:
- name: MOCK
value: "false"
- name: CLIENT_URI
valueFrom:
configMapKeyRef:
name: staging-web
key: CLIENT_URI
- name: GRAPHQL_PORT
valueFrom:
configMapKeyRef:
name: staging-backend
key: GRAPHQL_PORT
- name: GRAPHQL_URI
valueFrom:
configMapKeyRef:
name: staging-backend
key: GRAPHQL_URI
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: staging
key: JWT_SECRET
optional: false
- name: NEO4J_URI
valueFrom:
configMapKeyRef:
name: staging-neo4j
key: NEO4J_URI
image: humanconnection/nitro-backend:latest
name: nitro-backend
ports:
- containerPort: 4000
resources: {}
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
status: {}

260
staging/deployment.yaml Normal file
View File

@ -0,0 +1,260 @@
apiVersion: v1
items:
- apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: backend
namespace: staging
spec:
minReadySeconds: 15
progressDeadlineSeconds: 60
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
cattle.io/creator: norman
workload.user.cattle.io/workloadselector: deployment-staging-backend
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
template:
spec:
containers:
- env:
- name: MOCK
valueFrom:
configMapKeyRef:
key: MOCK
name: staging-backend
optional: false
- name: NEO4J_URI
valueFrom:
configMapKeyRef:
key: NEO4J_URI
name: staging-neo4j
optional: false
- name: JWT_SECRET
valueFrom:
secretKeyRef:
key: JWT_SECRET
name: staging
optional: false
- name: NEO4J_AUTH
valueFrom:
configMapKeyRef:
key: NEO4J_AUTH
name: staging-neo4j
optional: false
- name: CLIENT_URI
valueFrom:
configMapKeyRef:
key: CLIENT_URI
name: staging-web
optional: false
- name: GRAPHQL_PORT
valueFrom:
configMapKeyRef:
key: GRAPHQL_PORT
name: staging-backend
optional: false
- name: GRAPHQL_URI
valueFrom:
configMapKeyRef:
key: GRAPHQL_URI
name: staging-backend
optional: false
image: humanconnection/nitro-backend:latest
imagePullPolicy: Always
name: backend
resources: {}
tty: true
restartPolicy: Always
terminationGracePeriodSeconds: 30
#- apiVersion: extensions/v1beta1
# kind: Deployment
# metadata:
# annotations:
# deployment.kubernetes.io/revision: "2"
# field.cattle.io/creatorId: user-x8jr4
# field.cattle.io/publicEndpoints: '[{"nodeName":"c-2kbhr:m-bmgq4","addresses":["104.248.30.130"],"port":7687,"protocol":"TCP","podName":"staging:neo4j-2-6589cbc4d5-q4bxl","allNodes":false},{"nodeName":"c-2kbhr:m-bmgq4","addresses":["104.248.30.130"],"port":7474,"protocol":"TCP","podName":"staging:neo4j-2-6589cbc4d5-q4bxl","allNodes":false},{"nodeName":"c-2kbhr:m-bmgq4","addresses":["104.248.30.130"],"port":7473,"protocol":"TCP","podName":"staging:neo4j-2-6589cbc4d5-q4bxl","allNodes":false}]'
# creationTimestamp: 2018-12-10T19:07:58Z
# generation: 8
# labels:
# cattle.io/creator: norman
# workload.user.cattle.io/workloadselector: deployment-staging-neo4j-2
# name: neo4j-2
# namespace: staging
# resourceVersion: "2380945"
# selfLink: /apis/extensions/v1beta1/namespaces/staging/deployments/neo4j-2
# uid: e80460f6-fcae-11e8-943a-c6c288d5f6fa
# spec:
# progressDeadlineSeconds: 600
# replicas: 1
# revisionHistoryLimit: 10
# selector:
# matchLabels:
# workload.user.cattle.io/workloadselector: deployment-staging-neo4j-2
# strategy:
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
# type: RollingUpdate
# template:
# metadata:
# annotations:
# cattle.io/timestamp: 2018-12-11T11:11:09Z
# field.cattle.io/ports: '[[{"containerPort":7687,"dnsName":"neo4j-2-hostport","hostPort":7687,"kind":"HostPort","name":"7687tcp76870","protocol":"TCP","sourcePort":7687},{"containerPort":7474,"dnsName":"neo4j-2-hostport","hostPort":7474,"kind":"HostPort","name":"7474tcp74740","protocol":"TCP","sourcePort":7474},{"containerPort":7473,"dnsName":"neo4j-2-hostport","hostPort":7473,"kind":"HostPort","name":"7473tcp74730","protocol":"TCP","sourcePort":7473}]]'
# creationTimestamp: null
# labels:
# workload.user.cattle.io/workloadselector: deployment-staging-neo4j-2
# spec:
# containers:
# - env:
# - name: NEO4J_AUTH
# value: none
# image: humanconnection/neo4j:latest
# imagePullPolicy: IfNotPresent
# name: neo4j-2
# ports:
# - containerPort: 7687
# hostPort: 7687
# name: 7687tcp76870
# protocol: TCP
# - containerPort: 7474
# hostPort: 7474
# name: 7474tcp74740
# protocol: TCP
# - containerPort: 7473
# hostPort: 7473
# name: 7473tcp74730
# protocol: TCP
# resources: {}
# securityContext:
# allowPrivilegeEscalation: false
# capabilities: {}
# privileged: false
# readOnlyRootFilesystem: false
# runAsNonRoot: false
# stdin: true
# terminationMessagePath: /dev/termination-log
# terminationMessagePolicy: File
# tty: true
# dnsPolicy: ClusterFirst
# restartPolicy: Always
# schedulerName: default-scheduler
# securityContext: {}
# terminationGracePeriodSeconds: 30
# status:
# availableReplicas: 1
# conditions:
# - lastTransitionTime: 2018-12-10T19:07:58Z
# lastUpdateTime: 2018-12-11T11:11:18Z
# message: ReplicaSet "neo4j-2-6589cbc4d5" has successfully progressed.
# reason: NewReplicaSetAvailable
# status: "True"
# type: Progressing
# - lastTransitionTime: 2018-12-11T12:12:41Z
# lastUpdateTime: 2018-12-11T12:12:41Z
# message: Deployment has minimum availability.
# reason: MinimumReplicasAvailable
# status: "True"
# type: Available
# observedGeneration: 8
# readyReplicas: 1
# replicas: 1
# updatedReplicas: 1
##- apiVersion: extensions/v1beta1
# kind: Deployment
# metadata:
# annotations:
# deployment.kubernetes.io/revision: "15"
# field.cattle.io/creatorId: user-x8jr4
# field.cattle.io/publicEndpoints: '[{"addresses":["68.183.211.116"],"port":31726,"protocol":"TCP","serviceName":"staging:web-nodeport","allNodes":true},{"addresses":["104.248.25.205"],"port":80,"protocol":"HTTP","serviceName":"staging:ingress-ef72b2ceebfff95d50b0537c0e9e98d8","ingressName":"staging:web","hostname":"web.staging.104.248.25.205.xip.io","allNodes":true}]'
# creationTimestamp: 2018-11-30T13:56:41Z
# generation: 56
# labels:
# cattle.io/creator: norman
# workload.user.cattle.io/workloadselector: deployment-staging-web
# name: web
# namespace: staging
# resourceVersion: "2401610"
# selfLink: /apis/extensions/v1beta1/namespaces/staging/deployments/web
# uid: c3870196-f4a7-11e8-943a-c6c288d5f6fa
# spec:
# progressDeadlineSeconds: 600
# replicas: 1
# revisionHistoryLimit: 10
# selector:
# matchLabels:
# workload.user.cattle.io/workloadselector: deployment-staging-web
# strategy:
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
# type: RollingUpdate
# template:
# metadata:
# labels:
# workload.user.cattle.io/workloadselector: deployment-staging-web
# spec:
# containers:
# - env:
# - name: HOST
# value: 0.0.0.0
# - name: JWT_SECRET
# valueFrom:
# secretKeyRef:
# key: JWT_SECRET
# name: jwt-secret
# optional: false
# - name: BACKEND_URL
# valueFrom:
# configMapKeyRef:
# key: GRAPHQL_URI
# name: staging-configs
# optional: false
# image: humanconnection/nitro-web:latest
# imagePullPolicy: Always
# name: web
# ports:
# - containerPort: 3000
# name: 3000tcp01
# protocol: TCP
# resources: {}
# securityContext:
# allowPrivilegeEscalation: false
# capabilities: {}
# privileged: false
# readOnlyRootFilesystem: false
# runAsNonRoot: false
# stdin: true
# terminationMessagePath: /dev/termination-log
# terminationMessagePolicy: File
# tty: true
# dnsPolicy: ClusterFirst
# restartPolicy: Always
# schedulerName: default-scheduler
# securityContext: {}
# terminationGracePeriodSeconds: 30
# status:
# availableReplicas: 1
# conditions:
# - lastTransitionTime: 2018-11-30T14:53:36Z
# lastUpdateTime: 2018-12-11T11:17:34Z
# message: ReplicaSet "web-5864d6db9c" has successfully progressed.
# reason: NewReplicaSetAvailable
# status: "True"
# type: Progressing
# - lastTransitionTime: 2018-12-11T11:23:17Z
# lastUpdateTime: 2018-12-11T11:23:17Z
# message: Deployment has minimum availability.
# reason: MinimumReplicasAvailable
# status: "True"
# type: Available
# observedGeneration: 56
# readyReplicas: 1
# replicas: 1
# updatedReplicas: 1
kind: List

9
staging/neo4j-configmap.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v1
kind: ConfigMap
data:
NEO4J_URI: "bolt://neo4j:7687"
NEO4J_USER: "neo4j"
NEO4J_AUTH: none
metadata:
name: staging-neo4j
namespace: staging

50
staging/neo4j-deployment.yaml Normal file
View File

@ -0,0 +1,50 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nitro-neo4j
namespace: staging
spec:
replicas: 1
strategy: {}
selector:
matchLabels:
workload.user.cattle.io/workloadselector: deployment-staging-neo4j
template:
metadata:
labels:
workload.user.cattle.io/workloadselector: deployment-staging-neo4j
name: "nitro-neo4j"
spec:
containers:
- env:
- name: NEO4J_dbms_memory_pagecache_size
value: 1G
- name: NEO4J_dbms_memory_heap_max__size
value: 1G
- name: NEO4J_AUTH
value: none
- name: NEO4J_URI
valueFrom:
configMapKeyRef:
name: staging-neo4j
key: NEO4J_URI
- name: NEO4J_USER
valueFrom:
configMapKeyRef:
name: staging-neo4j
key: NEO4J_USER
- name: NEO4J_AUTH
valueFrom:
configMapKeyRef:
name: staging-neo4j
key: NEO4J_AUTH
image: humanconnection/neo4j:latest
name: nitro-neo4j
ports:
- containerPort: 7687
- containerPort: 7474
# - containerPort: 7473
resources: {}
imagePullPolicy: IfNotPresent
restartPolicy: Always
status: {}

22
staging/neo4j-service.yaml Normal file
View File

@ -0,0 +1,22 @@
apiVersion: v1
kind: Service
metadata:
annotations:
field.cattle.io/ipAddresses: "null"
field.cattle.io/targetDnsRecordIds: "null"
field.cattle.io/targetWorkloadIds: '["deployment:staging:nitro-neo4j"]'
labels:
cattle.io/creator: norman
name: neo4j
namespace: staging
spec:
clusterIP: None
ports:
- name: default
port: 42
protocol: TCP
targetPort: 42
selector:
workloadID_neo4j: "true"
sessionAffinity: None
type: ClusterIP

7
staging/secrets.yaml.template Normal file
View File

@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
data:
JWT_SECRET: "HgfiztF679FvIZtvv3"
metadata:
name: staging
namespace: staging

7
staging/web-configmap.yaml Normal file
View File

@ -0,0 +1,7 @@
apiVersion: v1
kind: ConfigMap
data:
CLIENT_URI: "https://nitro-staging.human-connection.org"
metadata:
name: staging-web
namespace: staging

47
staging/web-deployment.yaml Normal file
View File

@ -0,0 +1,47 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: nitro-web
namespace: staging
spec:
replicas: 2
minReadySeconds: 15
progressDeadlineSeconds: 60
# strategy:
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
# type: RollingUpdate
selector:
matchLabels:
workload.user.cattle.io/workloadselector: deployment-staging-web
template:
metadata:
labels:
workload.user.cattle.io/workloadselector: deployment-staging-web
name: nitro-web
spec:
containers:
- env:
- name: HOST
value: 0.0.0.0
- name: BACKEND_URL
valueFrom:
configMapKeyRef:
name: staging-backend
key: GRAPHQL_URI
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: staging
key: JWT_SECRET
optional: false
image: humanconnection/nitro-web:latest
name: web
ports:
- containerPort: 3000
resources: {}
imagePullPolicy: Always
restartPolicy: Always
terminationGracePeriodSeconds: 30
status: {}