From 21e882148729e9489060aa0fbc0c5c25c114ca6d Mon Sep 17 00:00:00 2001
From: Laszlo Rafael <rlacko99@gmail.com>
Date: Sun, 5 Mar 2023 13:54:33 +0100
Subject: [PATCH] Remove hacky k8s deployment, serve media and static files
together
---
k8s/deployment.yml | 117 ++++++++++++++++++++-------------------------
k8s/ingress.yaml | 84 ++++++++++++++++----------------
k8s/service.yml | 21 ++------
3 files changed, 98 insertions(+), 124 deletions(-)
diff --git a/k8s/deployment.yml b/k8s/deployment.yml
index 7cf531b..b979cc6 100644
--- a/k8s/deployment.yml
+++ b/k8s/deployment.yml
@@ -1,8 +1,7 @@
----
apiVersion: apps/v1
kind: Deployment
metadata:
- name: apache-static
+ name: kszkepzes-backend
namespace: kszk-kepzes-site
spec:
strategy:
@@ -10,17 +9,24 @@ spec:
replicas: 1
selector:
matchLabels:
- app: apache-kszkepzes
+ app: kszkepzes-backend
template:
metadata:
labels:
- app: apache-kszkepzes
+ app: kszkepzes-backend
spec:
initContainers:
- - name: volume-mount-hack
+ - name: volume-permission-fix
image: busybox
- command: ['sh', '-c', 'chown -R 1000:1000 /staticfiles']
+ command:
+ - "sh"
+ - "-c"
+ - |
+ chown -R 1000:1000 /mediafiles
+ chown -R 1000:1000 /staticfiles
volumeMounts:
+ - name: kszkepzes-media-volume
+ mountPath: /mediafiles
- name: kszkepzes-static-volume
mountPath: /staticfiles
resources:
@@ -28,8 +34,8 @@ spec:
memory: 30Mi
- name: kszkepzes-backend-collectstatic
image: harbor.sch.bme.hu/kszk/kszkepzes-backend:##IMAGETAG##
- imagePullPolicy: 'Always'
- command: ['python', 'manage.py', 'collectstatic', '--noinput']
+ imagePullPolicy: "IfNotPresent"
+ command: ["python", "manage.py", "collectstatic", "--noinput"]
volumeMounts:
- mountPath: /home/app/kszkepzes-backend/staticfiles
name: kszkepzes-static-volume
@@ -41,65 +47,10 @@ spec:
resources:
limits:
memory: 200Mi
- - name: volume-mount-hack-backwards
- image: busybox
- command: ['sh', '-c', 'chown -R 0:0 /staticfiles']
- volumeMounts:
- - name: kszkepzes-static-volume
- mountPath: /staticfiles
- resources:
- limits:
- memory: 30Mi
- containers:
- - name: apache-kszkepzes
- image: httpd:2
- imagePullPolicy: 'Always'
- volumeMounts:
- - mountPath: /usr/local/apache2/htdocs/staticfiles
- name: kszkepzes-static-volume
- ports:
- - containerPort: 80
- resources:
- limits:
- memory: 150Mi
- volumes:
- - name: kszkepzes-static-volume
- persistentVolumeClaim:
- claimName: kszkepzes-static-pv-claim
- imagePullSecrets:
- - name: harbor
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: kszkepzes-backend
- namespace: kszk-kepzes-site
-spec:
- strategy:
- type: Recreate
- replicas: 1
- selector:
- matchLabels:
- app: kszkepzes-backend
- template:
- metadata:
- labels:
- app: kszkepzes-backend
- spec:
- initContainers:
- - name: volume-mount-hack
- image: busybox
- command: ['sh', '-c', 'chown -R 1000:1000 /mediafiles']
- volumeMounts:
- - name: kszkepzes-media-volume
- mountPath: /mediafiles
- resources:
- limits:
- memory: 30Mi
- name: kszkepzes-backend-migrate
image: harbor.sch.bme.hu/kszk/kszkepzes-backend:##IMAGETAG##
- imagePullPolicy: 'Always'
- command: ['python', 'manage.py', 'migrate', '--noinput']
+ imagePullPolicy: "IfNotPresent"
+ command: ["python", "manage.py", "migrate", "--noinput"]
envFrom:
- configMapRef:
name: kszkepzes-config
@@ -111,10 +62,12 @@ spec:
containers:
- name: kszkepzes-backend
image: harbor.sch.bme.hu/kszk/kszkepzes-backend:##IMAGETAG##
- imagePullPolicy: 'Always'
+ imagePullPolicy: "IfNotPresent"
volumeMounts:
- mountPath: /home/app/kszkepzes-backend/mediafiles
name: kszkepzes-media-volume
+ - mountPath: /home/app/kszkepzes-backend/staticfiles
+ name: kszkepzes-static-volume
ports:
- containerPort: 8000
envFrom:
@@ -123,11 +76,43 @@ spec:
- secretRef:
name: kszkepzes-secret-config
resources:
+ requests:
+ cpu: "80m"
limits:
memory: 600Mi
+ cpu: "2"
+ - name: kszkepzes-files-serve
+ securityContext:
+ runAsUser: 1000
+ runAsGroup: 1000
+ image: halverneus/static-file-server:latest
+ imagePullPolicy: "Always"
+ volumeMounts:
+ - mountPath: /var/www/html/mediafiles
+ name: kszkepzes-media-volume
+ - mountPath: /var/www/html/staticfiles
+ name: kszkepzes-static-volume
+ ports:
+ - containerPort: 8080
+ env:
+ - name: PORT
+ value: "8080"
+ - name: SHOW_LISTING
+ value: "false"
+ - name: FOLDER
+ value: "/var/www/html"
+ resources:
+ requests:
+ cpu: "20m"
+ limits:
+ memory: 200Mi
+ cpu: "2"
volumes:
- name: kszkepzes-media-volume
persistentVolumeClaim:
claimName: kszkepzes-media-pv-claim
+ - name: kszkepzes-static-volume
+ persistentVolumeClaim:
+ claimName: kszkepzes-static-pv-claim
imagePullSecrets:
- name: harbor
diff --git a/k8s/ingress.yaml b/k8s/ingress.yaml
index 73a0942..bbde98c 100644
--- a/k8s/ingress.yaml
+++ b/k8s/ingress.yaml
@@ -4,51 +4,51 @@ metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
- kubernetes.io/tls-acme: 'true'
+ kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 20m
name: kszkepzes
namespace: kszk-kepzes-site
spec:
rules:
- - host: ujonc.kszk.bme.hu
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: kszkepzes-frontend
- port:
- number: 3000
- - path: /api
- pathType: Prefix
- backend:
- service:
- name: kszkepzes-backend
- port:
- number: 8000
- - path: /admin
- pathType: Prefix
- backend:
- service:
- name: kszkepzes-backend
- port:
- number: 8000
- - path: /staticfiles
- pathType: Prefix
- backend:
- service:
- name: kszkepzes-static
- port:
- number: 80
- - path: /mediafiles
- pathType: Prefix
- backend:
- service:
- name: kszkepzes-backend
- port:
- number: 8000
+ - host: ujonc.kszk.bme.hu
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: kszkepzes-frontend
+ port:
+ number: 3000
+ - path: /api
+ pathType: Prefix
+ backend:
+ service:
+ name: kszkepzes-backend
+ port:
+ number: 8000
+ - path: /admin
+ pathType: Prefix
+ backend:
+ service:
+ name: kszkepzes-backend
+ port:
+ number: 8000
+ - path: /staticfiles
+ pathType: Prefix
+ backend:
+ service:
+ name: kszkepzes-backend
+ port:
+ number: 8080
+ - path: /mediafiles
+ pathType: Prefix
+ backend:
+ service:
+ name: kszkepzes-backend
+ port:
+ number: 8080
tls:
- - hosts:
- - ujonc.kszk.bme.hu
- secretName: kszkepzes-cert
+ - hosts:
+ - ujonc.kszk.bme.hu
+ secretName: kszkepzes-cert
diff --git a/k8s/service.yml b/k8s/service.yml
index de940f0..f0f2242 100644
--- a/k8s/service.yml
+++ b/k8s/service.yml
@@ -9,22 +9,11 @@ spec:
ports:
- port: 8000
targetPort: 8000
- name: back
+ name: backend
+ protocol: TCP
+ - port: 8080
+ targetPort: 8080
+ name: files
protocol: TCP
selector:
app: kszkepzes-backend
-
----
-apiVersion: v1
-kind: Service
-metadata:
- name: kszkepzes-static
- namespace: kszk-kepzes-site
-spec:
- ports:
- - name: http
- port: 80
- protocol: TCP
- targetPort: 80
- selector:
- app: apache-kszkepzes
--
GitLab