From 337f6a120b435147c5c24168bc32ac9695482305 Mon Sep 17 00:00:00 2001 From: avneet Date: Thu, 30 Nov 2017 13:39:42 +0530 Subject: [PATCH] Add yaml files for Flux Deployment --- flux/flux-account.yaml | 37 ++++++++++++++++++++++++++++ flux/flux-deployment.yaml | 51 +++++++++++++++++++++++++++++++++++++++ flux/flux-nodeport.yaml | 20 +++++++++++++++ flux/flux-secret.yaml | 6 +++++ flux/memcache-dep.yaml | 25 +++++++++++++++++++ flux/memcache-svc.yaml | 14 +++++++++++ 6 files changed, 153 insertions(+) create mode 100644 flux/flux-account.yaml create mode 100644 flux/flux-deployment.yaml create mode 100644 flux/flux-nodeport.yaml create mode 100644 flux/flux-secret.yaml create mode 100644 flux/memcache-dep.yaml create mode 100644 flux/memcache-svc.yaml diff --git a/flux/flux-account.yaml b/flux/flux-account.yaml new file mode 100644 index 00000000..4bf7702e --- /dev/null +++ b/flux/flux-account.yaml @@ -0,0 +1,37 @@ +--- +# The service account, cluster roles, and cluster role binding are +# only needed for Kubernetes with role-based access control (RBAC). +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + name: flux + name: flux +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + labels: + name: flux + name: flux +rules: + - apiGroups: ['*'] + resources: ['*'] + verbs: ['*'] + - nonResourceURLs: ['*'] + verbs: ['*'] +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + labels: + name: flux + name: flux +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: flux +subjects: + - kind: ServiceAccount + name: flux + namespace: default diff --git a/flux/flux-deployment.yaml b/flux/flux-deployment.yaml new file mode 100644 index 00000000..d6640213 --- /dev/null +++ b/flux/flux-deployment.yaml @@ -0,0 +1,51 @@ +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: flux +spec: + replicas: 1 + strategy: + type: Recreate + template: + metadata: + labels: + name: flux + spec: + #The serviceAccount is only needed for Kubernetes with RBAC. + # You will also need to create the resources in flux-account.yaml. + serviceAccount: flux + volumes: + - name: git-key + secret: + secretName: flux-git-deploy + containers: + - name: flux + # There are no ":latest" images for flux. Find the most recent + # release or image version at https://quay.io/weaveworks/flux + # and replace the tag here. + image: quay.io/weaveworks/flux:1.1.0 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 3030 # informational + volumeMounts: + - name: git-key + mountPath: /etc/fluxd/ssh + args: + # if you deployed memcached, you can supply these arguments to + # tell fluxd to use it. You may need to change the namespace + # (`default`) if you run fluxd in another namespace. + - --memcached-hostname=memcached.default.svc.cluster.local + - --memcached-timeout=100ms + - --memcached-service=memcached + - --registry-cache-expiry=20m + # replace (at least) the following URL + - --git-url=git@github.com:cloudbytestorage/mayadata-cicd.gitS + - --git-branch=master + # include these next two to connect to an "upstream" service + # (e.g., Weave Cloud). The token is particular to the service. + # - --connect=wss://cloud.weave.works/api/flux + # - --token=abc123abc123abc123abc123 + # override -b and -t arguments to ssh-keygen + # - --ssh-keygen-bits=2048 + - --ssh-keygen-type=ed25519 diff --git a/flux/flux-nodeport.yaml b/flux/flux-nodeport.yaml new file mode 100644 index 00000000..4d6b0d58 --- /dev/null +++ b/flux/flux-nodeport.yaml @@ -0,0 +1,20 @@ +--- +# This defines a Kubernetes service for the Flux daemon, so you can +# access it with `fluxctl`. It defines a NodePort, meaning Kubernetes +# will assign a port to the service, on which it will be available on +# each node (host in the cluster). You can find the assigned port by +# doing something like +# +# kubectl get service flux --template '{{ index .spec.ports 0 "nodePort" }}' +# +apiVersion: v1 +kind: Service +metadata: + name: flux +spec: + type: NodePort + ports: + - port: 80 + targetPort: 3030 + selector: + name: flux diff --git a/flux/flux-secret.yaml b/flux/flux-secret.yaml new file mode 100644 index 00000000..f3c110eb --- /dev/null +++ b/flux/flux-secret.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: flux-git-deploy +type: Opaque diff --git a/flux/memcache-dep.yaml b/flux/memcache-dep.yaml new file mode 100644 index 00000000..f430d55a --- /dev/null +++ b/flux/memcache-dep.yaml @@ -0,0 +1,25 @@ +--- +# You can optionally deploy memcache, for the Flux daemon to cache +# container image metadata. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: memcached +spec: + replicas: 1 + template: + metadata: + labels: + name: memcached + spec: + containers: + - name: memcached + image: memcached:1.4.25 + imagePullPolicy: IfNotPresent + args: + - -m 64 # Maximum memory to use, in megabytes. 64MB is default. + - -p 11211 # Default port, but being explicit is nice. + - -vv # This gets us to the level of request logs. + ports: + - name: clients + containerPort: 11211 diff --git a/flux/memcache-svc.yaml b/flux/memcache-svc.yaml new file mode 100644 index 00000000..284254a3 --- /dev/null +++ b/flux/memcache-svc.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: memcached +spec: + # The memcache client uses DNS to get a list of memcached servers and then + # uses a consistent hash of the key to determine which server to pick. + clusterIP: None + ports: + - name: memcached + port: 11211 + selector: + name: memcached \ No newline at end of file