From 68b9b45ee78de9345667580177018e967aee12e0 Mon Sep 17 00:00:00 2001 From: Manik2708 Date: Sat, 29 Jun 2024 01:07:07 +0530 Subject: [PATCH] kubernetes deployment --- Dockerfile | 1 - .../cassandra-client-service-definition.yaml | 17 +++ ...cassandra-headless-service-definition.yaml | 14 ++ .../cassandra-namespace-definition.yaml | 4 + .../cassandra-statefulset-definition.yaml | 101 ++++++++++++++ .../ingress-controller-definition.yaml | 33 +++++ k8s/ingress/ingress-resources-definition.yaml | 19 +++ k8s/ingress/ingress-service-definition.yaml | 20 +++ .../ingress-serviceaccount-definition.yaml | 4 + .../rabbitmq-client-service-definition.yaml | 22 +++ .../rabbitmq-configmap-definition.yaml | 22 +++ k8s/rabbitmq/rabbitmq-headless-service.yaml | 21 +++ .../rabbitmq-namespace-definition.yaml | 4 + k8s/rabbitmq/rabbitmq-rbac-definition.yaml | 32 +++++ k8s/rabbitmq/rabbitmq-secrets-definition.yaml | 14 ++ k8s/rabbitmq/rabbitmq-secrets.yaml | 16 +++ .../rabbitmq-stateful-master-definition.yaml | 132 ++++++++++++++++++ k8s/web-server/web-configmap-definition.yaml | 6 + k8s/web-server/web-deployment-definition.yaml | 27 ++++ k8s/web-server/web-service-definition.yaml | 11 ++ 20 files changed, 519 insertions(+), 1 deletion(-) create mode 100644 k8s/cassandra/cassandra-client-service-definition.yaml create mode 100644 k8s/cassandra/cassandra-headless-service-definition.yaml create mode 100644 k8s/cassandra/cassandra-namespace-definition.yaml create mode 100644 k8s/cassandra/cassandra-statefulset-definition.yaml create mode 100644 k8s/ingress/ingress-controller-definition.yaml create mode 100644 k8s/ingress/ingress-resources-definition.yaml create mode 100644 k8s/ingress/ingress-service-definition.yaml create mode 100644 k8s/ingress/ingress-serviceaccount-definition.yaml create mode 100644 k8s/rabbitmq/rabbitmq-client-service-definition.yaml create mode 100644 k8s/rabbitmq/rabbitmq-configmap-definition.yaml create mode 100644 k8s/rabbitmq/rabbitmq-headless-service.yaml create mode 100644 k8s/rabbitmq/rabbitmq-namespace-definition.yaml create mode 100644 k8s/rabbitmq/rabbitmq-rbac-definition.yaml create mode 100644 k8s/rabbitmq/rabbitmq-secrets-definition.yaml create mode 100644 k8s/rabbitmq/rabbitmq-secrets.yaml create mode 100644 k8s/rabbitmq/rabbitmq-stateful-master-definition.yaml create mode 100644 k8s/web-server/web-configmap-definition.yaml create mode 100644 k8s/web-server/web-deployment-definition.yaml create mode 100644 k8s/web-server/web-service-definition.yaml diff --git a/Dockerfile b/Dockerfile index f5338ba..bdb5b91 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,6 @@ RUN apk update && apk add curl RUN npm install -g @nestjs/cli WORKDIR /usr/src/app COPY . . -RUN sed -i 's/RUNNING_ON_DOCKER=false/RUNNING_ON_DOCKER=true/g' .env RUN npm install RUN npm run build CMD ["node","dist/main.js"] diff --git a/k8s/cassandra/cassandra-client-service-definition.yaml b/k8s/cassandra/cassandra-client-service-definition.yaml new file mode 100644 index 0000000..7912ba7 --- /dev/null +++ b/k8s/cassandra/cassandra-client-service-definition.yaml @@ -0,0 +1,17 @@ +kind: Service +apiVersion: v1 +metadata: + namespace: hi-cassandra + name: cassandra-client + labels: + app: cassandra + type: LoadBalancer +spec: + type: LoadBalancer + ports: + - name: cql + protocol: TCP + port: 9042 + targetPort: 9042 + selector: + app: cassandra \ No newline at end of file diff --git a/k8s/cassandra/cassandra-headless-service-definition.yaml b/k8s/cassandra/cassandra-headless-service-definition.yaml new file mode 100644 index 0000000..46a94ea --- /dev/null +++ b/k8s/cassandra/cassandra-headless-service-definition.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + namespace: hi-cassandra + labels: + app: cassandra + name: cassandra-headless +spec: + publishNotReadyAddresses: true + clusterIP: None + ports: + - port: 9042 + selector: + app: cassandra \ No newline at end of file diff --git a/k8s/cassandra/cassandra-namespace-definition.yaml b/k8s/cassandra/cassandra-namespace-definition.yaml new file mode 100644 index 0000000..5b8b173 --- /dev/null +++ b/k8s/cassandra/cassandra-namespace-definition.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: hi-cassandra \ No newline at end of file diff --git a/k8s/cassandra/cassandra-statefulset-definition.yaml b/k8s/cassandra/cassandra-statefulset-definition.yaml new file mode 100644 index 0000000..194ccf2 --- /dev/null +++ b/k8s/cassandra/cassandra-statefulset-definition.yaml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: cassandra-nodes + namespace: hi-cassandra + labels: + app: cassandra +spec: + serviceName: cassandra + podManagementPolicy: Parallel + replicas: 2 + selector: + matchLabels: + app: cassandra + template: + metadata: + labels: + app: cassandra + spec: + volumes: + - name: cassandra-data + persistentVolumeClaim: + claimName: cassandra-data + terminationGracePeriodSeconds: 1800 + containers: + - name: cassandra + image: cassandra + imagePullPolicy: Always + ports: + - containerPort: 7000 + name: intra-node + - containerPort: 7001 + name: tls-intra-node + - containerPort: 7199 + name: jmx + - containerPort: 9042 + name: cql + resources: + limits: + cpu: "500m" + memory: 1Gi + requests: + cpu: "500m" + memory: 1Gi + securityContext: + capabilities: + add: + - IPC_LOCK + lifecycle: + preStop: + exec: + command: + - /bin/sh + - -c + - nodetool drain + env: + - name: MAX_HEAP_SIZE + value: 512M + - name: HEAP_NEWSIZE + value: 100M + # - name: CASSANDRA_SEEDS + # value: "hi-cassandra.svc.cluster.local" + - name: CASSANDRA_CLUSTER_NAME + value: "hi-cassandra-cluster" + - name: CASSANDRA_DC + value: "DC1" + - name: CASSANDRA_RACK + value: "Rack1" + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + readinessProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status + initialDelaySeconds: 30 + timeoutSeconds: 30 + livenessProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status + initialDelaySeconds: 30 + timeoutSeconds: 30 + volumeMounts: + - name: cassandra-data + mountPath: /var/lib/cassandra + volumeClaimTemplates: + - metadata: + name: cassandra-data + namespace: hi-cassandra + spec: + accessModes: [ "ReadWriteOnce" ] + storageClassName: standard + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/k8s/ingress/ingress-controller-definition.yaml b/k8s/ingress/ingress-controller-definition.yaml new file mode 100644 index 0000000..3a7f70c --- /dev/null +++ b/k8s/ingress/ingress-controller-definition.yaml @@ -0,0 +1,33 @@ +apiVersion: extensions/vibetal +kind: Deployment +metadata: + name: hi-ingress-controller +spec: + replicas: 1 + selector: + matchLabels: + name: nginix-ingress + template: + metadata: + labels: + name: nginix-ingress + spec: + containers: + - name: nginix-ingress-controller + image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller + args: + - /nginix-ingress-controller + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: PODE_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 80 + name: http + - containerPort: 443 + name: https \ No newline at end of file diff --git a/k8s/ingress/ingress-resources-definition.yaml b/k8s/ingress/ingress-resources-definition.yaml new file mode 100644 index 0000000..184f27f --- /dev/null +++ b/k8s/ingress/ingress-resources-definition.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: hi-ingress + annotations: + nginx.ingress.kubernetes.io/rewrite-target: / +spec: + ingressClassName: nginx-class + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: hi-web-service + port: + number: 80 + \ No newline at end of file diff --git a/k8s/ingress/ingress-service-definition.yaml b/k8s/ingress/ingress-service-definition.yaml new file mode 100644 index 0000000..fd4395f --- /dev/null +++ b/k8s/ingress/ingress-service-definition.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: hi-nginx-service +spec: + type: NodePort + ports: + - port: 80 + targetPort: 80 + protocol: TCP + name: http + - port: 443 + targetPort: 443 + protocol: TCP + name: https + selector: + name: nginix-ingress + + + \ No newline at end of file diff --git a/k8s/ingress/ingress-serviceaccount-definition.yaml b/k8s/ingress/ingress-serviceaccount-definition.yaml new file mode 100644 index 0000000..a0ff91a --- /dev/null +++ b/k8s/ingress/ingress-serviceaccount-definition.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: hi-service-account \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-client-service-definition.yaml b/k8s/rabbitmq/rabbitmq-client-service-definition.yaml new file mode 100644 index 0000000..048f843 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-client-service-definition.yaml @@ -0,0 +1,22 @@ +kind: Service +apiVersion: v1 +metadata: + namespace: hi-rabbitmq + name: rabbitmq-client + labels: + app: rabbitmq + type: LoadBalancer +spec: + type: LoadBalancer + ports: + - name: http + protocol: TCP + port: 15672 + - name: prometheus + protocol: TCP + port: 15692 + - name: amqp + protocol: TCP + port: 5672 + selector: + app: rabbitmq \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-configmap-definition.yaml b/k8s/rabbitmq/rabbitmq-configmap-definition.yaml new file mode 100644 index 0000000..8352884 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-configmap-definition.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: rabbitmq-config + namespace: hi-rabbitmq +data: + enabled_plugins: | + [rabbitmq_peer_discovery_k8s, rabbitmq_management, rabbitmq_prometheus]. + rabbitmq.conf: | + ## Clustering + cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s + cluster_formation.k8s.host = kubernetes.default.svc.cluster.local + cluster_formation.k8s.port = 6443 + cluster_formation.k8s.address_type = hostname + cluster_formation.node_cleanup.interval = 10 + cluster_formation.node_cleanup.only_log_warning = true + cluster_partition_handling = autoheal + cluster_formation.k8s.service_name = rabbitmq-headless + # queue master locator + queue_master_locator=min-masters + # enable guest user + loopback_users.guest = false \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-headless-service.yaml b/k8s/rabbitmq/rabbitmq-headless-service.yaml new file mode 100644 index 0000000..56438a2 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-headless-service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: rabbitmq-headless + namespace: hi-rabbitmq +spec: + clusterIP: None + ports: + - name: epmd + port: 4369 + protocol: TCP + targetPort: 4369 + - name: cluster-rpc + port: 25672 + protocol: TCP + targetPort: 25672 + selector: + app: rabbitmq + type: ClusterIP + sessionAffinity: None + publishNotReadyAddresses: true \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-namespace-definition.yaml b/k8s/rabbitmq/rabbitmq-namespace-definition.yaml new file mode 100644 index 0000000..aabe973 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-namespace-definition.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: hi-rabbitmq \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-rbac-definition.yaml b/k8s/rabbitmq/rabbitmq-rbac-definition.yaml new file mode 100644 index 0000000..e8e34a2 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-rbac-definition.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: rabbitmq + namespace: hi-rabbitmq +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: rabbitmq + namespace: hi-rabbitmq +rules: +- apiGroups: [""] + resources: ["endpoints"] + verbs: ["get"] +- apiGroups: [""] + resources: ["events"] + verbs: ["create"] +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: rabbitmq + namespace: hi-rabbitmq +subjects: +- kind: ServiceAccount + name: rabbitmq +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: rabbitmq \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-secrets-definition.yaml b/k8s/rabbitmq/rabbitmq-secrets-definition.yaml new file mode 100644 index 0000000..2812185 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-secrets-definition.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: erlang-cookie +data: + cookie: PUT_YOUR_COOKIE_HERE +--- +apiVersion: v1 +kind: Secret +metadata: + name: rabbitmq-admin +data: + user: PUT_THE_USERNAME_HERE + pass: PUT_THE_PASSWORD_HERE \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-secrets.yaml b/k8s/rabbitmq/rabbitmq-secrets.yaml new file mode 100644 index 0000000..c895059 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-secrets.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: erlang-cookie + namespace: hi-rabbitmq +data: + .erlang.cookie: UE5JUkRNSFVBV0tDT1hPU1dEU1A= +--- +apiVersion: v1 +kind: Secret +metadata: + name: rabbitmq-admin + namespace: hi-rabbitmq +data: + user: bWFuaWsyNzA4 + pass: RG1hbmlrYUAyNzI3 \ No newline at end of file diff --git a/k8s/rabbitmq/rabbitmq-stateful-master-definition.yaml b/k8s/rabbitmq/rabbitmq-stateful-master-definition.yaml new file mode 100644 index 0000000..635b635 --- /dev/null +++ b/k8s/rabbitmq/rabbitmq-stateful-master-definition.yaml @@ -0,0 +1,132 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: rabbitmq-master + namespace: hi-rabbitmq +spec: + podManagementPolicy: Parallel + selector: + matchLabels: + app: "rabbitmq" + serviceName: rabbitmq-headless + replicas: 3 + volumeClaimTemplates: + - metadata: + name: rabbitmq-data + namespace: hi-rabbitmq + spec: + storageClassName: standard + accessModes: + - ReadWriteOnce + resources: + requests: + storage: "3Gi" + template: + metadata: + name: rabbitmq + namespace: hi-rabbitmq + labels: + app: rabbitmq + spec: + initContainers: + - name: "rabbitmq-config" + image: busybox:1.32.0 + volumeMounts: + - name: rabbitmq-config + mountPath: /tmp/rabbitmq + - name: rabbitmq-config-rw + mountPath: /etc/rabbitmq + - name: rabbitmq-cookie + mountPath: /var/lib/rabbitmq + - name: rabbitmq-cookie-perm + mountPath: /tmp/rabbitmq-cookie + command: + - sh + - -c + args: + - | + cp /tmp/rabbitmq/rabbitmq.conf /etc/rabbitmq/rabbitmq.conf + cp /tmp/rabbitmq/enabled_plugins /etc/rabbitmq/enabled_plugins + cp /tmp/rabbitmq-cookie/.erlang.cookie /var/lib/rabbitmq + chmod 400 /var/lib/rabbitmq/.erlang.cookie + chown 999:999 /var/lib/rabbitmq/.erlang.cookie + volumes: + - name: rabbitmq-config + configMap: + name: rabbitmq-config + optional: false + items: + - key: enabled_plugins + path: "enabled_plugins" + - key: rabbitmq.conf + path: "rabbitmq.conf" + - name: rabbitmq-cookie-perm + secret: + secretName: erlang-cookie + - name: rabbitmq-config-rw + emptyDir: {} + - name: rabbitmq-cookie + emptyDir: {} + - name: rabbitmq-data + persistentVolumeClaim: + claimName: rabbitmq-data + serviceAccount: rabbitmq + securityContext: + fsGroup: 999 + runAsUser: 999 + runAsGroup: 999 + containers: + - name: rabbitmq + image: rabbitmq:latest + volumeMounts: + - name: rabbitmq-config-rw + mountPath: "/etc/rabbitmq" + - name: rabbitmq-data + mountPath: "/var/lib/rabbitmq/mnesia" + - name: rabbitmq-cookie + mountPath: "/var/lib/rabbitmq/.erlang.cookie" + subPath: .erlang.cookie + env: + - name: RABBITMQ_USE_LONGNAME + value: "true" + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: RABBITMQ_NODENAME + value: "rabbit@$(MY_POD_NAME).rabbitmq-headless.hi-rabbitmq.svc.cluster.local" + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + name: rabbitmq-admin + key: pass + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + name: rabbitmq-admin + key: user + ports: + - name: amqp + containerPort: 5672 + protocol: TCP + - name: management + containerPort: 15672 + protocol: TCP + - name: prometheus + containerPort: 15692 + protocol: TCP + - name: epmd + containerPort: 4369 + protocol: TCP + livenessProbe: + exec: + command: ["rabbitmq-diagnostics", "status"] + initialDelaySeconds: 60 + periodSeconds: 60 + timeoutSeconds: 15 + readinessProbe: + exec: + command: ["rabbitmq-diagnostics", "ping"] + initialDelaySeconds: 20 + periodSeconds: 60 + timeoutSeconds: 10 diff --git a/k8s/web-server/web-configmap-definition.yaml b/k8s/web-server/web-configmap-definition.yaml new file mode 100644 index 0000000..4f9023d --- /dev/null +++ b/k8s/web-server/web-configmap-definition.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: hi-web-configmap +data: + NODE_ENV: PRODUCTION \ No newline at end of file diff --git a/k8s/web-server/web-deployment-definition.yaml b/k8s/web-server/web-deployment-definition.yaml new file mode 100644 index 0000000..69d8019 --- /dev/null +++ b/k8s/web-server/web-deployment-definition.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: hi-web-deployment + labels: + app: hi-web-server +spec: + replicas: 3 + selector: + matchLabels: + app: hi-web-server + template: + metadata: + labels: + app: hi-web-server + spec: + containers: + - name: hi-web-container + image: manik2708/hi-server:latest + ports: + - containerPort: 3000 + env: + - name: NODE_ENV + valueFrom: + configMapKeyRef: + key: NODE_ENV + name: hi-web-configmap \ No newline at end of file diff --git a/k8s/web-server/web-service-definition.yaml b/k8s/web-server/web-service-definition.yaml new file mode 100644 index 0000000..5bd0810 --- /dev/null +++ b/k8s/web-server/web-service-definition.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: hi-web-service +spec: + selector: + app.kubernetes.io/name: MyApp + ports: + - protocol: TCP + port: 3000 + targetPort: 3000 \ No newline at end of file