From e52fee62b2fda421e675b5dd3ce0738d96f87b3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Beto=20S=C3=A1nchez?= Date: Thu, 24 Apr 2025 11:37:29 -0500 Subject: [PATCH] Update --- .../CronJobs/Dev/1 - Secret.yaml | 7 -- .../CronJobs/Dev/2 - CronJob.yaml | 26 ------ Backend/sample-cronjob.yaml | 20 ---- .../CronJobs/Dev/1 - Secret.yaml | 7 -- .../CronJobs/Dev/2 - CronJob.yaml | 26 ------ Workers/kube-manifests/Dev/.dockerconfigjson | 10 -- .../kube-manifests/Dev/2 - gitlab-img.yaml | 8 -- .../kube-manifests/Dev/3 - deployment.yaml | 30 ------ Workers/kube-manifests/Prod/.dockerconfigjson | 10 -- Workers/sample-cronjob.yaml | 20 ---- Workers/utility-deploy.yaml | 37 -------- gitlab-ci-main.yml | 91 ------------------- k8s/doctl-kubernetes.sh | 2 + k8s/fluentd/1 - cluster-role.yaml | 8 ++ k8s/fluentd/2 - cluster-role-binding.yaml | 12 +++ k8s/fluentd/3 - config-map.yaml | 46 ++++++++++ k8s/fluentd/3 - deployment-fluentd.yaml | 57 ++++++++++++ k8s/ingress-nginx/ingress-nginx.sh | 2 + k8s/ingress-nginx/nginx-values.yaml | 13 +++ kube-manifests/Dev/Backend/.dockerconfigjson | 10 ++ .../Dev/Backend}/1 - namespace.yaml | 2 +- kube-manifests/Dev/Backend/2 - gitea-img.yaml | 8 ++ .../Dev/Backend/3 - deployment.yaml | 34 +++++++ .../Dev/Backend/4 - service-redis.yaml | 15 +++ kube-manifests/Dev/Backend/4 - service.yaml | 14 +++ kube-manifests/Dev/Backend/5 - ingress.yaml | 25 +++++ .../Dev/Workers}/1 - namespace.yaml | 0 .../Dev/Workers}/2 - gitlab-img.yaml | 0 .../Dev/Workers}/3 - deployment.yaml | 0 .../Prod/Backend/1 - namespace.yaml | 4 + .../Prod/Backend/2 - gitea-img.yaml | 8 ++ .../Prod/Backend/3 - deployment-redis.yaml | 32 +++++++ .../Prod/Backend/3 - deployment.yaml | 34 +++++++ .../Prod/Backend/4 - service-redis.yaml | 15 +++ kube-manifests/Prod/Backend/4 - service.yaml | 14 +++ kube-manifests/Prod/Backend/5 - ingress.yaml | 25 +++++ kube-manifests/Prod/Backend/6 - hpa.yaml | 25 +++++ .../Prod/Workers}/.dockerconfigjson | 0 .../Prod/Workers}/1 - namespace.yaml | 0 .../Prod/Workers}/2 - gitlab-img.yaml | 0 .../Prod/Workers}/3 - deployment.yaml | 0 ssl/star_articulacion_com_co.csr | 28 ++++++ ssl/star_articulacion_com_co.key | 52 +++++++++++ ...utility-deploy.yaml => utility-deploy.yaml | 0 44 files changed, 484 insertions(+), 293 deletions(-) delete mode 100644 Backend/kube-manifests/CronJobs/Dev/1 - Secret.yaml delete mode 100644 Backend/kube-manifests/CronJobs/Dev/2 - CronJob.yaml delete mode 100644 Backend/sample-cronjob.yaml delete mode 100644 Workers/kube-manifests/CronJobs/Dev/1 - Secret.yaml delete mode 100644 Workers/kube-manifests/CronJobs/Dev/2 - CronJob.yaml delete mode 100644 Workers/kube-manifests/Dev/.dockerconfigjson delete mode 100644 Workers/kube-manifests/Dev/2 - gitlab-img.yaml delete mode 100644 Workers/kube-manifests/Dev/3 - deployment.yaml delete mode 100644 Workers/kube-manifests/Prod/.dockerconfigjson delete mode 100644 Workers/sample-cronjob.yaml delete mode 100644 Workers/utility-deploy.yaml delete mode 100644 gitlab-ci-main.yml create mode 100644 k8s/doctl-kubernetes.sh create mode 100644 k8s/fluentd/1 - cluster-role.yaml create mode 100644 k8s/fluentd/2 - cluster-role-binding.yaml create mode 100644 k8s/fluentd/3 - config-map.yaml create mode 100644 k8s/fluentd/3 - deployment-fluentd.yaml create mode 100644 k8s/ingress-nginx/ingress-nginx.sh create mode 100644 k8s/ingress-nginx/nginx-values.yaml create mode 100644 kube-manifests/Dev/Backend/.dockerconfigjson rename {Workers/kube-manifests/Dev => kube-manifests/Dev/Backend}/1 - namespace.yaml (63%) create mode 100644 kube-manifests/Dev/Backend/2 - gitea-img.yaml create mode 100644 kube-manifests/Dev/Backend/3 - deployment.yaml create mode 100644 kube-manifests/Dev/Backend/4 - service-redis.yaml create mode 100644 kube-manifests/Dev/Backend/4 - service.yaml create mode 100644 kube-manifests/Dev/Backend/5 - ingress.yaml rename {Backend/kube-manifests/Dev => kube-manifests/Dev/Workers}/1 - namespace.yaml (100%) rename {Backend/kube-manifests/Dev => kube-manifests/Dev/Workers}/2 - gitlab-img.yaml (100%) rename {Backend/kube-manifests/Dev => kube-manifests/Dev/Workers}/3 - deployment.yaml (100%) create mode 100644 kube-manifests/Prod/Backend/1 - namespace.yaml create mode 100644 kube-manifests/Prod/Backend/2 - gitea-img.yaml create mode 100644 kube-manifests/Prod/Backend/3 - deployment-redis.yaml create mode 100644 kube-manifests/Prod/Backend/3 - deployment.yaml create mode 100644 kube-manifests/Prod/Backend/4 - service-redis.yaml create mode 100644 kube-manifests/Prod/Backend/4 - service.yaml create mode 100644 kube-manifests/Prod/Backend/5 - ingress.yaml create mode 100644 kube-manifests/Prod/Backend/6 - hpa.yaml rename {Backend/kube-manifests/Dev => kube-manifests/Prod/Workers}/.dockerconfigjson (100%) rename {Workers/kube-manifests/Prod => kube-manifests/Prod/Workers}/1 - namespace.yaml (100%) rename {Workers/kube-manifests/Prod => kube-manifests/Prod/Workers}/2 - gitlab-img.yaml (100%) rename {Workers/kube-manifests/Prod => kube-manifests/Prod/Workers}/3 - deployment.yaml (100%) create mode 100644 ssl/star_articulacion_com_co.csr create mode 100644 ssl/star_articulacion_com_co.key rename Backend/utility-deploy.yaml => utility-deploy.yaml (100%) diff --git a/Backend/kube-manifests/CronJobs/Dev/1 - Secret.yaml b/Backend/kube-manifests/CronJobs/Dev/1 - Secret.yaml deleted file mode 100644 index df87f97..0000000 --- a/Backend/kube-manifests/CronJobs/Dev/1 - Secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: api-key -type: Opaque -data: - key: ZG9wX3YxXzJlMmFiMDMxYzNjMjVmMTI4ZjA2MGYwMThiZjM3OTc3YmUyYTc4N2FjMmQ2YmZiMTlhMjBmOTYxYmQ0NGRlYmY= diff --git a/Backend/kube-manifests/CronJobs/Dev/2 - CronJob.yaml b/Backend/kube-manifests/CronJobs/Dev/2 - CronJob.yaml deleted file mode 100644 index fe51da9..0000000 --- a/Backend/kube-manifests/CronJobs/Dev/2 - CronJob.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: kuikwork-cron -spec: - schedule: "*/5 * * * *" - concurrencyPolicy: Forbid - jobTemplate: - spec: - template: - spec: - containers: - - name: kuikwork-cron - image: juampynr/digital-ocean-cronjob:latest - env: - - name: DIGITALOCEAN_ACCESS_TOKEN - valueFrom: - secretKeyRef: - name: api-key - key: key - command: ["/bin/sh", "-c"] - args: - - doctl kubernetes cluster kubeconfig save 6c15b3d8-c73f-4881-bc85-2f813b74e4db - - POD_NAME=$(kubectl get pods -o=jsonpath='{.items[0].metadata.name}' -n dev-workers-ns -l app=dev-workers-ap) - - kubectl exec -n dev-workers-ns POD_NAME -- php -v - restartPolicy: OnFailure diff --git a/Backend/sample-cronjob.yaml b/Backend/sample-cronjob.yaml deleted file mode 100644 index bf4fc52..0000000 --- a/Backend/sample-cronjob.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: dev-workers-cronjob -spec: - schedule: "*/1 * * * *" - jobTemplate: - metadata: - name: hello - spec: - template: - spec: - containers: - - name: hello - image: busybox - command: - - /bin/sh - - -c - - date; echo Hello from the Kubernetes cluster - restartPolicy: OnFailure diff --git a/Workers/kube-manifests/CronJobs/Dev/1 - Secret.yaml b/Workers/kube-manifests/CronJobs/Dev/1 - Secret.yaml deleted file mode 100644 index df87f97..0000000 --- a/Workers/kube-manifests/CronJobs/Dev/1 - Secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: api-key -type: Opaque -data: - key: ZG9wX3YxXzJlMmFiMDMxYzNjMjVmMTI4ZjA2MGYwMThiZjM3OTc3YmUyYTc4N2FjMmQ2YmZiMTlhMjBmOTYxYmQ0NGRlYmY= diff --git a/Workers/kube-manifests/CronJobs/Dev/2 - CronJob.yaml b/Workers/kube-manifests/CronJobs/Dev/2 - CronJob.yaml deleted file mode 100644 index fe51da9..0000000 --- a/Workers/kube-manifests/CronJobs/Dev/2 - CronJob.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: kuikwork-cron -spec: - schedule: "*/5 * * * *" - concurrencyPolicy: Forbid - jobTemplate: - spec: - template: - spec: - containers: - - name: kuikwork-cron - image: juampynr/digital-ocean-cronjob:latest - env: - - name: DIGITALOCEAN_ACCESS_TOKEN - valueFrom: - secretKeyRef: - name: api-key - key: key - command: ["/bin/sh", "-c"] - args: - - doctl kubernetes cluster kubeconfig save 6c15b3d8-c73f-4881-bc85-2f813b74e4db - - POD_NAME=$(kubectl get pods -o=jsonpath='{.items[0].metadata.name}' -n dev-workers-ns -l app=dev-workers-ap) - - kubectl exec -n dev-workers-ns POD_NAME -- php -v - restartPolicy: OnFailure diff --git a/Workers/kube-manifests/Dev/.dockerconfigjson b/Workers/kube-manifests/Dev/.dockerconfigjson deleted file mode 100644 index c60973f..0000000 --- a/Workers/kube-manifests/Dev/.dockerconfigjson +++ /dev/null @@ -1,10 +0,0 @@ -{ - "auths": { - "https://registry.gitlab.com": { - "username": "kube-puller", - "password": "gldt-KsuiWhf3z4qBSyxnMXC8", - "email": "jorge.sanchez@articulacion.com.co", - "auth": "a3ViZS1wdWxsZXI6Z2xkdC1Lc3VpV2hmM3o0cUJTeXhuTVhDOA==" - } - } -} diff --git a/Workers/kube-manifests/Dev/2 - gitlab-img.yaml b/Workers/kube-manifests/Dev/2 - gitlab-img.yaml deleted file mode 100644 index 6e3611c..0000000 --- a/Workers/kube-manifests/Dev/2 - gitlab-img.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: workers-gitlab-img - namespace: dev-workers-ns -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: ewogICAgImF1dGhzIjogewogICAgICAgICJodHRwczovL3JlZ2lzdHJ5LmdpdGxhYi5jb20iOiB7CiAgICAgICAgICAgICJ1c2VybmFtZSI6ICJrdWJlLXB1bGxlciIsCiAgICAgICAgICAgICJwYXNzd29yZCI6ICJnbGR0LUtzdWlXaGYzejRxQlN5eG5NWEM4IiwKICAgICAgICAgICAgImVtYWlsIjogImpvcmdlLnNhbmNoZXpAYXJ0aWN1bGFjaW9uLmNvbS5jbyIsCiAgICAgICAgICAgICJhdXRoIjogImEzVmlaUzF3ZFd4c1pYSTZaMnhrZEMxTGMzVnBWMmhtTTNvMGNVSlRlWGh1VFZoRE9BPT0iCiAgICAgICAgfQogICAgfQp9Cg== diff --git a/Workers/kube-manifests/Dev/3 - deployment.yaml b/Workers/kube-manifests/Dev/3 - deployment.yaml deleted file mode 100644 index 9c6baf0..0000000 --- a/Workers/kube-manifests/Dev/3 - deployment.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: dev-workers-dp - namespace: dev-workers-ns -spec: - replicas: 1 - selector: - matchLabels: - app: dev-workers-ap - strategy: - type: RollingUpdate - template: - metadata: - labels: - app: dev-workers-ap - spec: - containers: - - name: dev-workers-pd - image: registry.gitlab.com/articulacion/workers:dev - imagePullPolicy: Always - resources: - requests: - memory: "100Mi" - cpu: "100m" - limits: - memory: "150Gi" - cpu: "150m" - imagePullSecrets: - - name: workers-gitlab-img diff --git a/Workers/kube-manifests/Prod/.dockerconfigjson b/Workers/kube-manifests/Prod/.dockerconfigjson deleted file mode 100644 index c60973f..0000000 --- a/Workers/kube-manifests/Prod/.dockerconfigjson +++ /dev/null @@ -1,10 +0,0 @@ -{ - "auths": { - "https://registry.gitlab.com": { - "username": "kube-puller", - "password": "gldt-KsuiWhf3z4qBSyxnMXC8", - "email": "jorge.sanchez@articulacion.com.co", - "auth": "a3ViZS1wdWxsZXI6Z2xkdC1Lc3VpV2hmM3o0cUJTeXhuTVhDOA==" - } - } -} diff --git a/Workers/sample-cronjob.yaml b/Workers/sample-cronjob.yaml deleted file mode 100644 index bf4fc52..0000000 --- a/Workers/sample-cronjob.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: dev-workers-cronjob -spec: - schedule: "*/1 * * * *" - jobTemplate: - metadata: - name: hello - spec: - template: - spec: - containers: - - name: hello - image: busybox - command: - - /bin/sh - - -c - - date; echo Hello from the Kubernetes cluster - restartPolicy: OnFailure diff --git a/Workers/utility-deploy.yaml b/Workers/utility-deploy.yaml deleted file mode 100644 index 96ac2a7..0000000 --- a/Workers/utility-deploy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: utilities - labels: - app: utilities -spec: - replicas: 1 - selector: - matchLabels: - app: utilities - template: - metadata: - labels: - app: utilities - spec: - containers: - - name: utilities - image: quay.io/sudermanjr/utilities:latest - # Just spin & wait forever - command: ["/bin/bash", "-c", "--"] - args: ["while true; do sleep 30; done;"] - securityContext: - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 10324 - capabilities: - drop: - - ALL - resources: - requests: - cpu: 30m - memory: 64Mi - limits: - cpu: 100m - memory: 128Mi diff --git a/gitlab-ci-main.yml b/gitlab-ci-main.yml deleted file mode 100644 index 0866c3e..0000000 --- a/gitlab-ci-main.yml +++ /dev/null @@ -1,91 +0,0 @@ -variables: - BUILD_VERSION: $CI_COMMIT_SHORT_SHA - IMAGE_NAME: panel-workers - FRONT_URL: $FRONT_URL - DB_HOST: $DB_HOST - DB_PORT: $DB_PORT - DB_DATABASE: $DB_DATABASE - DB_USERNAME: $DB_USERNAME - DB_PASSWORD: $DB_PASSWORD - - -stages: - - build_bkp - - build - -pre_build_image: - tags: - - workers-dind - stage: build_bkp - image: docker:25.0.1 - services: - - docker:25.0.1-dind - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - variables: - IMAGE_TAG: $CI_COMMIT_SHORT_SHA - before_script: - - echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin - script: - # Building Docker image (tag $CI_COMMIT_SHORT_SHA)... - - echo "Building Docker images (tag $CI_COMMIT_SHORT_SHA)..." - - docker build - --pull - --build-arg FRONT_URL=$FRONT_URL - --build-arg DB_HOST=$DB_HOST - --build-arg DB_PORT=$DB_PORT - --build-arg DB_DATABASE=$DB_DATABASE - --build-arg DB_USERNAME=$DB_USERNAME - --build-arg DB_PASSWORD=$DB_PASSWORD - --cache-from $CI_REGISTRY_IMAGE:$IMAGE_TAG - --label "org.opencontainers.image.title=$CI_PROJECT_TITLE" - --label "org.opencontainers.image.url=$CI_PROJECT_URL" - --label "org.opencontainers.image.created=$CI_JOB_STARTED_AT" - --label "org.opencontainers.image.revision=$CI_COMMIT_SHA" - --label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME" - --tag $CI_REGISTRY_IMAGE:$IMAGE_TAG . - # Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)... - - echo "Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)..." - - docker push $CI_REGISTRY_IMAGE:$IMAGE_TAG - -build_image: - tags: - - workers-dind - stage: build - variables: - DOCKER_TLS_CERTDIR: /certs - image: docker:25.0.1 - services: - - docker:25.0.1-dind - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - variables: - IMAGE_TAG: latest - - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH - variables: - IMAGE_TAG: $CI_COMMIT_BRANCH - before_script: - - echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin - - echo "tag=$IMAGE_TAG" - script: - # Building Docker image (tag $IMAGE_TAG)... - - echo "Building Docker image (tag $IMAGE_TAG)..." - - docker build - --pull - --build-arg FRONT_URL=$FRONT_URL - --build-arg DB_HOST=$DB_HOST - --build-arg DB_PORT=$DB_PORT - --build-arg DB_DATABASE=$DB_DATABASE - --build-arg DB_USERNAME=$DB_USERNAME - --build-arg DB_PASSWORD=$DB_PASSWORD - --cache-from $CI_REGISTRY_IMAGE:$IMAGE_TAG - --label "org.opencontainers.image.title=$CI_PROJECT_TITLE" - --label "org.opencontainers.image.url=$CI_PROJECT_URL" - --label "org.opencontainers.image.created=$CI_JOB_STARTED_AT" - --label "org.opencontainers.image.revision=$CI_COMMIT_SHA" - --label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME" - --tag $CI_REGISTRY_IMAGE:$IMAGE_TAG . - # Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)... - - echo "Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)..." - - docker push $CI_REGISTRY_IMAGE:$IMAGE_TAG - diff --git a/k8s/doctl-kubernetes.sh b/k8s/doctl-kubernetes.sh new file mode 100644 index 0000000..91c30a4 --- /dev/null +++ b/k8s/doctl-kubernetes.sh @@ -0,0 +1,2 @@ +doctl kubernetes cluster create mind-cluster --region=nyc3 --auto-upgrade=true --node-pool="name=mind;size=s-4vcpu-8gb-amd;count=1;auto-scale=true;min-nodes=1;max-nodes=6" --vpc-uuid="07c765e8-961b-4ee6-90da-b1380a001f8c" + diff --git a/k8s/fluentd/1 - cluster-role.yaml b/k8s/fluentd/1 - cluster-role.yaml new file mode 100644 index 0000000..592f341 --- /dev/null +++ b/k8s/fluentd/1 - cluster-role.yaml @@ -0,0 +1,8 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: fluentd-cluster-role +rules: +- apiGroups: [""] + resources: ["pods", "namespaces"] + verbs: ["get", "list", "watch"] diff --git a/k8s/fluentd/2 - cluster-role-binding.yaml b/k8s/fluentd/2 - cluster-role-binding.yaml new file mode 100644 index 0000000..0084514 --- /dev/null +++ b/k8s/fluentd/2 - cluster-role-binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: fluentd-cluster-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: fluentd-cluster-role +subjects: +- kind: ServiceAccount + name: default + namespace: kube-system diff --git a/k8s/fluentd/3 - config-map.yaml b/k8s/fluentd/3 - config-map.yaml new file mode 100644 index 0000000..f7f913c --- /dev/null +++ b/k8s/fluentd/3 - config-map.yaml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: fluent-conf + namespace: kube-system +data: + fluent.conf: | + + @type tail + path /var/log/containers/*.log + pos_file /var/log/containers.log.pos + tag kubernetes.* + format /^(?