diff --git a/INSTALL.md b/INSTALL.md index fb02ee7..bafd971 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -15,11 +15,14 @@ https://docs.k3s.io/quick-start `kubectl create namespace cityapi` -### 2. Installer Argo-CD +### 2. Installer Argo-CD et Cloudnative-pg ```bash kubectl -n cityapi apply -k kubernetes +kubectl apply --server-side -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.27/releases/cnpg-1.27.0.yaml ``` +Note: CLoudnative-pg ne peut pas être installé via kustomize car ses CRD sont trop longs. + ### 3. Déployer ApplicationSet `kubectl -n cityapi apply -f kubernetes/base/argo-cd.yaml` diff --git a/kubernetes/cluster-secret.yaml b/kubernetes/cluster-secret.yaml new file mode 100644 index 0000000..8ea93c0 --- /dev/null +++ b/kubernetes/cluster-secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: city-api-pg-secret + labels: + app: city-api-pg +type: Opaque +data: + username: Y2l0eV9hcGk= + password: Y2l0eV9hcGk= diff --git a/kubernetes/cluster.yaml b/kubernetes/cluster.yaml new file mode 100644 index 0000000..ad48938 --- /dev/null +++ b/kubernetes/cluster.yaml @@ -0,0 +1,15 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: city-api-pg +spec: + instances: 1 + imageName: postgres:15 + storage: + size: 1Gi + bootstrap: + initdb: + database: city_api + owner: city_api + secret: + name: city-api-pg-secret diff --git a/kubernetes/database-prod.yaml b/kubernetes/database-prod.yaml new file mode 100644 index 0000000..8469d9a --- /dev/null +++ b/kubernetes/database-prod.yaml @@ -0,0 +1,57 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Database +metadata: + name: city-api-prod-db + labels: + app: city-api-app + environment: prod +spec: + databaseReclaimPolicy: retain + name: city_api-prod-pg + cluster: + name: city-api-pg + owner: city_api +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: cnpg-manager-role + namespace: cityapi +rules: + - apiGroups: [""] + resources: ["secrets", "configmaps", "pods", "services", "persistentvolumeclaims", "events"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: cnpg-manager-rolebinding + namespace: cityapi +subjects: + - kind: ServiceAccount + name: cnpg-manager + namespace: cityapi +roleRef: + kind: Role + name: cnpg-manager-role + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: cnpg-controller-manager-config + namespace: cnpg-system +data: + INHERITED_ANNOTATIONS: categories + INHERITED_LABELS: environment, workload, app + ENABLE_INSTANCE_MANAGER_INPLACE_UPDATES: 'true' +--- +apiVersion: v1 +kind: Secret +metadata: + name: cnpg-controller-manager-config + namespace: cnpg-system +type: Opaque +data: + CNPG_PASSWORD: eW91ci1wYXNzd29yZA== + diff --git a/kubernetes/helm/templates/app-deployment.yaml b/kubernetes/helm/templates/app-deployment.yaml index f5cebf9..72e0890 100644 --- a/kubernetes/helm/templates/app-deployment.yaml +++ b/kubernetes/helm/templates/app-deployment.yaml @@ -2,15 +2,20 @@ apiVersion: apps/v1 kind: Deployment metadata: name: city-api-app + labels: + app: city-api-app + environment: {{ .Values.app.env_name }} spec: replicas: 1 selector: matchLabels: app: city-api-app + environment: {{ .Values.app.env_name }} template: metadata: labels: app: city-api-app + environment: {{ .Values.app.env_name }} spec: containers: - name: city-api @@ -23,7 +28,7 @@ spec: - name: CITY_API_PORT value: {{ .Values.app.port | quote }} - name: CITY_API_DB_URL - value: {{ .Values.db.host }} + value: "postgresql://{{ .Values.db.user }}:{{ .Values.db.password }}@{{ .Values.db.host }}:{{ .Values.db.port }}/{{ .Values.db.name }}" - name: CITY_API_DB_USER value: {{ .Values.db.user }} - name: CITY_API_DB_PWD diff --git a/kubernetes/helm/templates/app-pvc.yaml b/kubernetes/helm/templates/app-pvc.yaml index ae3f273..d9a5f69 100644 --- a/kubernetes/helm/templates/app-pvc.yaml +++ b/kubernetes/helm/templates/app-pvc.yaml @@ -2,6 +2,9 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: city-api-pvc + labels: + app: city-api + environment: {{ .Values.app.env_name }} spec: accessModes: - ReadWriteOnce diff --git a/kubernetes/helm/templates/app-service.yaml b/kubernetes/helm/templates/app-service.yaml index b36a391..200d6f4 100644 --- a/kubernetes/helm/templates/app-service.yaml +++ b/kubernetes/helm/templates/app-service.yaml @@ -2,6 +2,9 @@ apiVersion: v1 kind: Service metadata: name: city-api-app + labels: + app: city-api-app + environment: {{ .Values.app.env_name }} spec: type: NodePort selector: diff --git a/kubernetes/helm/templates/db-config.yaml b/kubernetes/helm/templates/db-config.yaml index 61e05c8..46d3860 100644 --- a/kubernetes/helm/templates/db-config.yaml +++ b/kubernetes/helm/templates/db-config.yaml @@ -2,6 +2,9 @@ apiVersion: v1 kind: ConfigMap metadata: name: city-api-init + labels: + app: city-api + environment: {{ .Values.app.env_name }} data: init.sql: | {{ .Values.initSql | indent 4 }} diff --git a/kubernetes/helm/templates/db-deployment.yaml b/kubernetes/helm/templates/db-deployment.yaml index 4ee583d..ac311bf 100644 --- a/kubernetes/helm/templates/db-deployment.yaml +++ b/kubernetes/helm/templates/db-deployment.yaml @@ -2,15 +2,20 @@ apiVersion: apps/v1 kind: Deployment metadata: name: city-api-db + labels: + app: city-api-db + environment: {{ .Values.app.env_name }} spec: replicas: 1 selector: matchLabels: app: city-api-db + environment: {{ .Values.app.env_name }} template: metadata: labels: app: city-api-db + environment: {{ .Values.app.env_name }} spec: containers: - name: postgres diff --git a/kubernetes/helm/templates/db-postgresdatabase.yaml b/kubernetes/helm/templates/db-postgresdatabase.yaml new file mode 100644 index 0000000..8ef4803 --- /dev/null +++ b/kubernetes/helm/templates/db-postgresdatabase.yaml @@ -0,0 +1,15 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Database +metadata: + name: {{ printf "city-api-%s-db" .Values.app.env_name }} + labels: + app: city-api + environment: {{ .Values.app.env_name }} +spec: + databaseReclaimPolicy: delete + name: {{ required "db.name is required" .Values.db.name }} + cluster: + name: {{ .Values.db.clusterName | default "city-api-pg" }} + template: + name: city_api-prod-pg + owner: city_api \ No newline at end of file diff --git a/kubernetes/helm/templates/db-service.yaml b/kubernetes/helm/templates/db-service.yaml index 2ab42be..c88f006 100644 --- a/kubernetes/helm/templates/db-service.yaml +++ b/kubernetes/helm/templates/db-service.yaml @@ -2,9 +2,13 @@ apiVersion: v1 kind: Service metadata: name: city-api-db + labels: + app: city-api-db + environment: {{ .Values.app.env_name }} spec: selector: app: city-api-db + environment: {{ .Values.app.env_name }} ports: - protocol: TCP port: {{ .Values.db.port }} diff --git a/kubernetes/helm/values.yaml b/kubernetes/helm/values.yaml index bead9ef..70e6a06 100644 --- a/kubernetes/helm/values.yaml +++ b/kubernetes/helm/values.yaml @@ -1,15 +1,16 @@ app: image: ghcr.io/aurianecodebien/cityapi + env_name: "prod" tag: "latest" port: 2022 - nodePort: 30022 # FIXME: Also support ClusterIP + Ingress + nodePort: 30022 addr: "0.0.0.0" db: - image: postgres + clusterName: city-api-pg port: 5432 storage: 1Gi - name: city_api + name: city_api-prod-pg user: city_api password: city_api host: city-api-db diff --git a/kubernetes/kustomization.yaml b/kubernetes/kustomization.yaml index 480a7d7..5a062e7 100644 --- a/kubernetes/kustomization.yaml +++ b/kubernetes/kustomization.yaml @@ -3,9 +3,11 @@ kind: Kustomization namespace: cityapi resources: - - namespace.yaml + - cluster.yaml + - database-prod.yaml - https://raw.githubusercontent.com/argoproj/argo-cd/v2.7.2/manifests/install.yaml - argo-cd.yaml + - cluster-secret.yaml patches: - patch: |- - op: replace