From 9b5f88d7ac9d573c9989c2213b9efad41ae24450 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=A4fer?= Date: Fri, 1 Feb 2019 01:25:05 +0100 Subject: [PATCH] Kubernetes best practices: * put many configurations in one file * expose services before you start pods See: https://kubernetes.io/docs/concepts/configuration/overview/ --- README.md | 13 ++- deployments/db-migration-worker.yml | 172 ++++++++++++++++------------ deployments/neo4j.yml | 144 ++++++++++++++--------- deployments/web.yml | 5 - volumes/ssh-keys.yml | 25 ---- 5 files changed, 193 insertions(+), 166 deletions(-) delete mode 100644 volumes/ssh-keys.yml diff --git a/README.md b/README.md index 1fbabb948..0096071ee 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,13 @@ $ kubectl apply -f secrets.yml ```shell $ kubectl apply -f volumes/ ``` -Wait until the persistent volumes get available. + +## Expose the services + +```shell +$ kubectl apply -f services/ +``` +Wait until persistent volumes and services become available. ## Create deployments ```shell @@ -68,11 +74,6 @@ Sit back and relax and have a look into your kubernetes dashboard. Wait until all pods turn green and they don't show a warning `Waiting: ContainerCreating` anymore. -## Expose the services - -```shell -$ kubectl apply -f services/ -``` ## Access the services diff --git a/deployments/db-migration-worker.yml b/deployments/db-migration-worker.yml index 509f98093..685904aba 100644 --- a/deployments/db-migration-worker.yml +++ b/deployments/db-migration-worker.yml @@ -1,75 +1,101 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: nitro-db-migration-worker - namespace: staging -spec: - replicas: 1 - minReadySeconds: 15 - progressDeadlineSeconds: 60 - selector: - matchLabels: - workload.user.cattle.io/workloadselector: deployment-staging-db-migration-worker - template: - metadata: - labels: +--- + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: nitro-db-migration-worker + namespace: staging + spec: + replicas: 1 + minReadySeconds: 15 + progressDeadlineSeconds: 60 + selector: + matchLabels: workload.user.cattle.io/workloadselector: deployment-staging-db-migration-worker - name: "nitro-db-migration-worker" - spec: - containers: - - env: - - name: SSH_USERNAME - valueFrom: - configMapKeyRef: - name: staging-db-migration-worker - key: SSH_USERNAME - - name: SSH_HOST - valueFrom: - configMapKeyRef: - name: staging-db-migration-worker - key: SSH_HOST - - name: MONGODB_USERNAME - valueFrom: - configMapKeyRef: - name: staging-db-migration-worker - key: MONGODB_USERNAME - - name: MONGODB_AUTH_DB - valueFrom: - configMapKeyRef: - name: staging-db-migration-worker - key: MONGODB_AUTH_DB - - name: MONGODB_DATABASE - valueFrom: - configMapKeyRef: - name: staging-db-migration-worker - key: MONGODB_DATABASE - - name: UPLOADS_DIRECTORY - valueFrom: - configMapKeyRef: - name: staging-db-migration-worker - key: UPLOADS_DIRECTORY - - name: MONGODB_PASSWORD - valueFrom: - secretKeyRef: - name: staging - key: MONGODB_PASSWORD - optional: false - image: humanconnection/db-migration-worker:latest + template: + metadata: + labels: + workload.user.cattle.io/workloadselector: deployment-staging-db-migration-worker name: nitro-db-migration-worker - resources: {} - imagePullPolicy: Always - volumeMounts: - - mountPath: /root/ - name: ssh-keys-directory - - mountPath: /mongo-export/ - name: mongo-export - restartPolicy: Always - volumes: - - name: ssh-keys-directory - persistentVolumeClaim: - claimName: ssh-keys-claim - - name: mongo-export - persistentVolumeClaim: - claimName: mongo-export-claim - terminationGracePeriodSeconds: 30 -status: {} + spec: + containers: + - env: + - name: SSH_USERNAME + valueFrom: + configMapKeyRef: + name: staging-db-migration-worker + key: SSH_USERNAME + - name: SSH_HOST + valueFrom: + configMapKeyRef: + name: staging-db-migration-worker + key: SSH_HOST + - name: MONGODB_USERNAME + valueFrom: + configMapKeyRef: + name: staging-db-migration-worker + key: MONGODB_USERNAME + - name: MONGODB_AUTH_DB + valueFrom: + configMapKeyRef: + name: staging-db-migration-worker + key: MONGODB_AUTH_DB + - name: MONGODB_DATABASE + valueFrom: + configMapKeyRef: + name: staging-db-migration-worker + key: MONGODB_DATABASE + - name: UPLOADS_DIRECTORY + valueFrom: + configMapKeyRef: + name: staging-db-migration-worker + key: UPLOADS_DIRECTORY + - name: MONGODB_PASSWORD + valueFrom: + secretKeyRef: + name: staging + key: MONGODB_PASSWORD + optional: false + image: humanconnection/db-migration-worker:latest + name: nitro-db-migration-worker + resources: {} + imagePullPolicy: Always + volumeMounts: + - mountPath: /root/ + name: ssh-keys-directory + - mountPath: /mongo-export/ + name: mongo-export + restartPolicy: Always + volumes: + - name: ssh-keys-directory + persistentVolumeClaim: + claimName: ssh-keys-claim + - name: mongo-export + persistentVolumeClaim: + claimName: mongo-export-claim + terminationGracePeriodSeconds: 30 + status: {} +--- + apiVersion: v1 + kind: PersistentVolume + metadata: + name: ssh-keys-volume + namespace: staging + spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Mi + hostPath: + path: /data/pv0001/ +--- + kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: ssh-keys-claim + namespace: staging + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Mi diff --git a/deployments/neo4j.yml b/deployments/neo4j.yml index 2b3485c77..7f96cd45a 100644 --- a/deployments/neo4j.yml +++ b/deployments/neo4j.yml @@ -1,59 +1,89 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: nitro-neo4j - namespace: staging -spec: - replicas: 1 - strategy: {} - selector: - matchLabels: - workload.user.cattle.io/workloadselector: deployment-staging-neo4j - template: - metadata: - labels: +--- + apiVersion: extensions/v1beta1 + kind: Deployment + metadata: + name: nitro-neo4j + namespace: staging + spec: + replicas: 1 + strategy: {} + selector: + matchLabels: workload.user.cattle.io/workloadselector: deployment-staging-neo4j - name: "nitro-neo4j" - spec: - containers: - - env: - - name: NEO4J_apoc_import_file_enabled - value: "true" - - name: NEO4J_dbms_memory_pagecache_size - value: 1G - - name: NEO4J_dbms_memory_heap_max__size - value: 1G - - name: NEO4J_AUTH - value: none - - name: NEO4J_URI - valueFrom: - configMapKeyRef: - name: staging-neo4j - key: NEO4J_URI - - name: NEO4J_USER - valueFrom: - configMapKeyRef: - name: staging-neo4j - key: NEO4J_USER - - name: NEO4J_AUTH - valueFrom: - configMapKeyRef: - name: staging-neo4j - key: NEO4J_AUTH - image: humanconnection/neo4j:latest + template: + metadata: + labels: + workload.user.cattle.io/workloadselector: deployment-staging-neo4j name: nitro-neo4j - ports: - - containerPort: 7687 - - containerPort: 7474 - # - containerPort: 7473 - resources: {} - imagePullPolicy: IfNotPresent - volumeMounts: - - mountPath: /mongo-export/ - name: mongo-export - restartPolicy: Always - volumes: - - name: mongo-export - persistentVolumeClaim: - claimName: mongo-export-claim -status: {} + spec: + containers: + - env: + - name: NEO4J_apoc_import_file_enabled + value: "true" + - name: NEO4J_dbms_memory_pagecache_size + value: 1G + - name: NEO4J_dbms_memory_heap_max__size + value: 1G + - name: NEO4J_AUTH + value: none + - name: NEO4J_URI + valueFrom: + configMapKeyRef: + name: staging-neo4j + key: NEO4J_URI + - name: NEO4J_USER + valueFrom: + configMapKeyRef: + name: staging-neo4j + key: NEO4J_USER + - name: NEO4J_AUTH + valueFrom: + configMapKeyRef: + name: staging-neo4j + key: NEO4J_AUTH + image: humanconnection/neo4j:latest + name: nitro-neo4j + ports: + - containerPort: 7687 + - containerPort: 7474 + resources: {} + imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /data/ + name: neo4j-data + - mountPath: /mongo-export/ + name: mongo-export + restartPolicy: Always + volumes: + - name: mongo-export + persistentVolumeClaim: + claimName: mongo-export-claim + - name: neo4j-data + persistentVolumeClaim: + claimName: neo4j-data-claim + status: {} +--- + apiVersion: v1 + kind: PersistentVolume + metadata: + name: neo4j-data-volume + namespace: staging + spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 4Gi + hostPath: + path: /data/neo4j/ +--- + kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: neo4j-data-claim + namespace: staging + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 4Gi diff --git a/deployments/web.yml b/deployments/web.yml index 5cad7f039..43be04bbe 100644 --- a/deployments/web.yml +++ b/deployments/web.yml @@ -7,11 +7,6 @@ spec: replicas: 2 minReadySeconds: 15 progressDeadlineSeconds: 60 - # strategy: - # rollingUpdate: - # maxSurge: 1 - # maxUnavailable: 0 - # type: RollingUpdate selector: matchLabels: workload.user.cattle.io/workloadselector: deployment-staging-web diff --git a/volumes/ssh-keys.yml b/volumes/ssh-keys.yml deleted file mode 100644 index 4ffd83e80..000000000 --- a/volumes/ssh-keys.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- - apiVersion: v1 - kind: PersistentVolume - metadata: - name: ssh-keys-volume - namespace: staging - spec: - accessModes: - - ReadWriteOnce - capacity: - storage: 1Mi - hostPath: - path: /data/pv0001/ ---- - kind: PersistentVolumeClaim - apiVersion: v1 - metadata: - name: ssh-keys-claim - namespace: staging - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Mi