feat: add chart source
This commit is contained in:
merlin
196
templates/deployment.yaml
Normal file
196
templates/deployment.yaml
Normal file
@@ -0,0 +1,196 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{.Release.Name}}-web
|
||||
namespace: {{.Release.Namespace}}
|
||||
labels:
|
||||
app.kubernetes.io/component: web
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.web.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: web
|
||||
{{- include "chart.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/component: web
|
||||
{{- include "chart.labels" . | nindent 8 }}
|
||||
annotations:
|
||||
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
|
||||
checksum/config-map: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||
spec:
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
containers:
|
||||
- name: {{.Release.Name}}-web
|
||||
{{- with .Values.web.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
image: "{{ .Values.web.image.repository }}:{{ .Values.web.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: "{{ .Values.imagePullPolicy | default "Always" }}"
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: {{ .Values.web.service.port }}
|
||||
protocol: TCP
|
||||
{{- with .Values.web.livenessProbe }}
|
||||
livenessProbe:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.web.readinessProbe }}
|
||||
readinessProbe:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.web.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: web-uploads
|
||||
mountPath: /app/uploads
|
||||
- name: nginx-config
|
||||
mountPath: /etc/nginx/conf.d
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: web-uploads
|
||||
persistentVolumeClaim:
|
||||
claimName: {{.Release.Name}}-uploads
|
||||
- name: nginx-config
|
||||
configMap:
|
||||
name: {{.Release.Name}}-nginx-config
|
||||
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{.Release.Name}}-backend
|
||||
namespace: {{.Release.Namespace}}
|
||||
labels:
|
||||
app.kubernetes.io/component: backend
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: backend
|
||||
{{- include "chart.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
|
||||
checksum/config-map: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||
labels:
|
||||
app.kubernetes.io/component: backend
|
||||
{{- include "chart.labels" . | nindent 8 }}
|
||||
spec:
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
containers:
|
||||
- name: {{.Release.Name}}-backend
|
||||
{{- with .Values.backend.securityContext }}
|
||||
securityContext:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: "{{ .Values.imagePullPolicy | default "Always" }}"
|
||||
env:
|
||||
- name: UPLOAD_DIR
|
||||
value: /app/uploads
|
||||
- name: SPRING_CONFIG_LOCATION
|
||||
value: /app/applicaton.yml
|
||||
- name: JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: JWT_SECRET
|
||||
- name: JWT_ISSUER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: JWT_ISSUER
|
||||
- name: JWT_SUBJECT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: JWT_SUBJECT
|
||||
- name: JWT_EXPIRE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: JWT_EXPIRE
|
||||
- name: DB_USER_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: DB_USER_NAME
|
||||
- name: DB_USER_PWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: DB_USER_PWD
|
||||
- name: MAIL_PORT
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: MAIL_PORT
|
||||
- name: MAIL_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: MAIL_HOST
|
||||
- name: MAIL_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: MAIL_USERNAME
|
||||
- name: MAIL_USER_PWD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: blog-backend
|
||||
key: MAIL_USER_PWD
|
||||
ports:
|
||||
- name: backend
|
||||
containerPort: {{ .Values.backend.service.port }}
|
||||
protocol: TCP
|
||||
{{- with .Values.backend.livenessProbe }}
|
||||
livenessProbe:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.backend.readinessProbe }}
|
||||
readinessProbe:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- with .Values.backend.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: web-uploads
|
||||
mountPath: /app/uploads
|
||||
- name: blog-application
|
||||
mountPath: /app/application.yml
|
||||
subPath: application.yml
|
||||
- name: tmp
|
||||
mountPath: /tmp
|
||||
volumes:
|
||||
- name: web-uploads
|
||||
persistentVolumeClaim:
|
||||
claimName: {{.Release.Name}}-uploads
|
||||
- name: blog-application
|
||||
configMap:
|
||||
name: {{.Release.Name}}-application-config
|
||||
- name: tmp
|
||||
emptyDir: {}
|
||||
|
||||
Reference in New Issue
Block a user