jorge_sanchez/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Workers prod

Browse Source
This commit is contained in:
Jorge Sánchez
2024-10-01 18:28:01 -05:00
parent 8a2b9d90d4
commit bbfc836c6b
16 changed files with 319 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Backend/kube-manifests/CronJobs/Dev/1 - Secret.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: api-key
type: Opaque
data:
key: ZG9wX3YxXzJlMmFiMDMxYzNjMjVmMTI4ZjA2MGYwMThiZjM3OTc3YmUyYTc4N2FjMmQ2YmZiMTlhMjBmOTYxYmQ0NGRlYmY=

26
Backend/kube-manifests/CronJobs/Dev/2 - CronJob.yaml Normal file
View File

@@ -0,0 +1,26 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: kuikwork-cron
spec:
schedule: "*/5 * * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
containers:
- name: kuikwork-cron
image: juampynr/digital-ocean-cronjob:latest
env:
- name: DIGITALOCEAN_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: api-key
key: key
command: ["/bin/sh", "-c"]
args:
- doctl kubernetes cluster kubeconfig save 6c15b3d8-c73f-4881-bc85-2f813b74e4db
- POD_NAME=$(kubectl get pods -o=jsonpath='{.items[0].metadata.name}' -n dev-workers-ns -l app=dev-workers-ap)
- kubectl exec -n dev-workers-ns POD_NAME -- php -v
restartPolicy: OnFailure

10
Backend/kube-manifests/Dev/.dockerconfigjson Normal file
View File

@@ -0,0 +1,10 @@
{
"auths": {
"https://registry.gitlab.com": {
"username": "kube-puller",
"password": "gldt-KsuiWhf3z4qBSyxnMXC8",
"email": "jorge.sanchez@articulacion.com.co",
"auth": "a3ViZS1wdWxsZXI6Z2xkdC1Lc3VpV2hmM3o0cUJTeXhuTVhDOA=="
}
}
}

4
Backend/kube-manifests/Dev/1 - namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: dev-workers-ns

8
Backend/kube-manifests/Dev/2 - gitlab-img.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: workers-gitlab-img
namespace: dev-workers-ns
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: ewogICAgImF1dGhzIjogewogICAgICAgICJodHRwczovL3JlZ2lzdHJ5LmdpdGxhYi5jb20iOiB7CiAgICAgICAgICAgICJ1c2VybmFtZSI6ICJrdWJlLXB1bGxlciIsCiAgICAgICAgICAgICJwYXNzd29yZCI6ICJnbGR0LUtzdWlXaGYzejRxQlN5eG5NWEM4IiwKICAgICAgICAgICAgImVtYWlsIjogImpvcmdlLnNhbmNoZXpAYXJ0aWN1bGFjaW9uLmNvbS5jbyIsCiAgICAgICAgICAgICJhdXRoIjogImEzVmlaUzF3ZFd4c1pYSTZaMnhrZEMxTGMzVnBWMmhtTTNvMGNVSlRlWGh1VFZoRE9BPT0iCiAgICAgICAgfQogICAgfQp9Cg==

30
Backend/kube-manifests/Dev/3 - deployment.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: dev-workers-dp
namespace: dev-workers-ns
spec:
replicas: 1
selector:
matchLabels:
app: dev-workers-ap
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: dev-workers-ap
spec:
containers:
- name: dev-workers-pd
image: registry.gitlab.com/articulacion/workers:dev
imagePullPolicy: Always
resources:
requests:
memory: "100Mi"
cpu: "100m"
limits:
memory: "150Gi"
cpu: "150m"
imagePullSecrets:
- name: workers-gitlab-img

20
Backend/sample-cronjob.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: dev-workers-cronjob
spec:
schedule: "*/1 * * * *"
jobTemplate:
metadata:
name: hello
spec:
template:
spec:
containers:
- name: hello
image: busybox
command:
- /bin/sh
- -c
- date; echo Hello from the Kubernetes cluster
restartPolicy: OnFailure

37
Backend/utility-deploy.yaml Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: utilities
labels:
app: utilities
spec:
replicas: 1
selector:
matchLabels:
app: utilities
template:
metadata:
labels:
app: utilities
spec:
containers:
- name: utilities
image: quay.io/sudermanjr/utilities:latest
# Just spin & wait forever
command: ["/bin/bash", "-c", "--"]
args: ["while true; do sleep 30; done;"]
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 10324
capabilities:
drop:
- ALL
resources:
requests:
cpu: 30m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi

7
Workers/kube-manifests/CronJobs/Dev/1 - Secret.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: api-key
type: Opaque
data:
key: ZG9wX3YxXzJlMmFiMDMxYzNjMjVmMTI4ZjA2MGYwMThiZjM3OTc3YmUyYTc4N2FjMmQ2YmZiMTlhMjBmOTYxYmQ0NGRlYmY=

26
Workers/kube-manifests/CronJobs/Dev/2 - CronJob.yaml Normal file
View File

@@ -0,0 +1,26 @@
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: kuikwork-cron
spec:
schedule: "*/5 * * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
containers:
- name: kuikwork-cron
image: juampynr/digital-ocean-cronjob:latest
env:
- name: DIGITALOCEAN_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: api-key
key: key
command: ["/bin/sh", "-c"]
args:
- doctl kubernetes cluster kubeconfig save 6c15b3d8-c73f-4881-bc85-2f813b74e4db
- POD_NAME=$(kubectl get pods -o=jsonpath='{.items[0].metadata.name}' -n dev-workers-ns -l app=dev-workers-ap)
- kubectl exec -n dev-workers-ns POD_NAME -- php -v
restartPolicy: OnFailure

2
Workers/kube-manifests/Dev/3 - deployment.yaml
View File

@@ -17,7 +17,7 @@ spec:
spec: spec:
containers: containers:
- name: dev-workers-pd - name: dev-workers-pd
image: registry.gitlab.com/articulacion/workers:dev-0.0.1 image: registry.gitlab.com/articulacion/workers:dev
imagePullPolicy: Always imagePullPolicy: Always
resources: resources:
requests: requests:

10
Workers/kube-manifests/Prod/.dockerconfigjson Normal file
View File

@@ -0,0 +1,10 @@
{
"auths": {
"https://registry.gitlab.com": {
"username": "kube-puller",
"password": "gldt-KsuiWhf3z4qBSyxnMXC8",
"email": "jorge.sanchez@articulacion.com.co",
"auth": "a3ViZS1wdWxsZXI6Z2xkdC1Lc3VpV2hmM3o0cUJTeXhuTVhDOA=="
}
}
}

4
Workers/kube-manifests/Prod/1 - namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: prod-workers-ns

8
Workers/kube-manifests/Prod/2 - gitlab-img.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: workers-gitlab-img
namespace: prod-workers-ns
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: ewogICAgImF1dGhzIjogewogICAgICAgICJodHRwczovL3JlZ2lzdHJ5LmdpdGxhYi5jb20iOiB7CiAgICAgICAgICAgICJ1c2VybmFtZSI6ICJrdWJlLXB1bGxlciIsCiAgICAgICAgICAgICJwYXNzd29yZCI6ICJnbGR0LUtzdWlXaGYzejRxQlN5eG5NWEM4IiwKICAgICAgICAgICAgImVtYWlsIjogImpvcmdlLnNhbmNoZXpAYXJ0aWN1bGFjaW9uLmNvbS5jbyIsCiAgICAgICAgICAgICJhdXRoIjogImEzVmlaUzF3ZFd4c1pYSTZaMnhrZEMxTGMzVnBWMmhtTTNvMGNVSlRlWGh1VFZoRE9BPT0iCiAgICAgICAgfQogICAgfQp9Cg==

30
Workers/kube-manifests/Prod/3 - deployment.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: prod-workers-dp
namespace: prod-workers-ns
spec:
replicas: 1
selector:
matchLabels:
app: prod-workers-ap
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: prod-workers-ap
spec:
containers:
- name: prod-workers-pd
image: registry.gitlab.com/articulacion/workers:latest
imagePullPolicy: Always
resources:
requests:
memory: "100Mi"
cpu: "100m"
limits:
memory: "150Gi"
cpu: "150m"
imagePullSecrets:
- name: workers-gitlab-img

91
gitlab-ci-main.yml Normal file
View File

@@ -0,0 +1,91 @@
variables:
BUILD_VERSION: $CI_COMMIT_SHORT_SHA
IMAGE_NAME: panel-workers
FRONT_URL: $FRONT_URL
DB_HOST: $DB_HOST
DB_PORT: $DB_PORT
DB_DATABASE: $DB_DATABASE
DB_USERNAME: $DB_USERNAME
DB_PASSWORD: $DB_PASSWORD
stages:
- build_bkp
- build
pre_build_image:
tags:
- workers-dind
stage: build_bkp
image: docker:25.0.1
services:
- docker:25.0.1-dind
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
IMAGE_TAG: $CI_COMMIT_SHORT_SHA
before_script:
- echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
script:
# Building Docker image (tag $CI_COMMIT_SHORT_SHA)...
- echo "Building Docker images (tag $CI_COMMIT_SHORT_SHA)..."
- docker build
--pull
--build-arg FRONT_URL=$FRONT_URL
--build-arg DB_HOST=$DB_HOST
--build-arg DB_PORT=$DB_PORT
--build-arg DB_DATABASE=$DB_DATABASE
--build-arg DB_USERNAME=$DB_USERNAME
--build-arg DB_PASSWORD=$DB_PASSWORD
--cache-from $CI_REGISTRY_IMAGE:$IMAGE_TAG
--label "org.opencontainers.image.title=$CI_PROJECT_TITLE"
--label "org.opencontainers.image.url=$CI_PROJECT_URL"
--label "org.opencontainers.image.created=$CI_JOB_STARTED_AT"
--label "org.opencontainers.image.revision=$CI_COMMIT_SHA"
--label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME"
--tag $CI_REGISTRY_IMAGE:$IMAGE_TAG .
# Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)...
- echo "Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)..."
- docker push $CI_REGISTRY_IMAGE:$IMAGE_TAG
build_image:
tags:
- workers-dind
stage: build
variables:
DOCKER_TLS_CERTDIR: /certs
image: docker:25.0.1
services:
- docker:25.0.1-dind
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
variables:
IMAGE_TAG: latest
- if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
variables:
IMAGE_TAG: $CI_COMMIT_BRANCH
before_script:
- echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
- echo "tag=$IMAGE_TAG"
script:
# Building Docker image (tag $IMAGE_TAG)...
- echo "Building Docker image (tag $IMAGE_TAG)..."
- docker build
--pull
--build-arg FRONT_URL=$FRONT_URL
--build-arg DB_HOST=$DB_HOST
--build-arg DB_PORT=$DB_PORT
--build-arg DB_DATABASE=$DB_DATABASE
--build-arg DB_USERNAME=$DB_USERNAME
--build-arg DB_PASSWORD=$DB_PASSWORD
--cache-from $CI_REGISTRY_IMAGE:$IMAGE_TAG
--label "org.opencontainers.image.title=$CI_PROJECT_TITLE"
--label "org.opencontainers.image.url=$CI_PROJECT_URL"
--label "org.opencontainers.image.created=$CI_JOB_STARTED_AT"
--label "org.opencontainers.image.revision=$CI_COMMIT_SHA"
--label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME"
--tag $CI_REGISTRY_IMAGE:$IMAGE_TAG .
# Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)...
- echo "Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)..."
- docker push $CI_REGISTRY_IMAGE:$IMAGE_TAG