From 6e87b855eff48cb21562b781fd9fc4dd2bef4c0e Mon Sep 17 00:00:00 2001 From: James Kunstle Date: Fri, 25 Aug 2023 15:54:40 -0400 Subject: [PATCH] add openshift definitions Huge thanks to Cory Latschkowski for helping me gitops-ify our app. Signed-off-by: James Kunstle --- .pre-commit-config.yaml | 1 + openshift/8k-app-server.yaml | 109 ++++++++++++++++++++++++++++++ openshift/8k-bc.yaml | 57 ++++++++++++++++ openshift/8k-redis.yaml | 87 ++++++++++++++++++++++++ openshift/8k-worker-callback.yaml | 45 ++++++++++++ openshift/8k-worker-query.yaml | 45 ++++++++++++ openshift/namespace.yaml | 10 +++ 7 files changed, 354 insertions(+) create mode 100644 openshift/8k-app-server.yaml create mode 100644 openshift/8k-bc.yaml create mode 100644 openshift/8k-redis.yaml create mode 100644 openshift/8k-worker-callback.yaml create mode 100644 openshift/8k-worker-query.yaml create mode 100644 openshift/namespace.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e16dd98c..3e02ee14 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -27,6 +27,7 @@ repos: hooks: - id: check-toml - id: check-yaml + args: [--allow-multiple-documents] - id: end-of-file-fixer - id: trailing-whitespace diff --git a/openshift/8k-app-server.yaml b/openshift/8k-app-server.yaml new file mode 100644 index 00000000..f8150a25 --- /dev/null +++ b/openshift/8k-app-server.yaml @@ -0,0 +1,109 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + alpha.image.policy.openshift.io/resolve-names: "*" + app.openshift.io/route-disabled: "false" + app.openshift.io/vcs-ref: main + app.openshift.io/vcs-uri: https://github.com/oss-aspen/8Knot.git + image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"eightknot-app:latest"},"fieldPath":"spec.template.spec.containers[?(@.name==\"eightknot-app\")].image","pause":"false"}]' + labels: + app: eightknot-app-server + app.kubernetes.io/component: eightknot-app-server + app.kubernetes.io/instance: eightknot-app-server + app.kubernetes.io/name: eightknot-app-server + app.kubernetes.io/part-of: eightknot-app + app.openshift.io/runtime: python + app.openshift.io/runtime-version: 3.9-ubi8 + name: eightknot-app-server +spec: + replicas: 1 + selector: + matchLabels: + app: eightknot-app-server + strategy: + type: RollingUpdate + template: + metadata: + labels: + app: eightknot-app-server + spec: + containers: + - command: + [ + "gunicorn", + "--bind", + ":8080", + "app:server", + "--workers", + "1", + "--threads", + "2", + ] + envFrom: + - secretRef: + name: augur-config + - secretRef: + name: eightknot-redis + image: eightknot-app:latest + imagePullPolicy: Always + name: eightknot-app + ports: + - containerPort: 8080 + protocol: TCP + readinessProbe: + httpGet: + path: / + port: 8080 + scheme: HTTP + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + livenessProbe: + httpGet: + path: / + port: 8080 + scheme: HTTP + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + resources: + limits: + cpu: 200m + # memory: 1Gi + requests: + cpu: 100m + # memory: 512Mi +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/part-of: eightknot-app + name: eightknot-app-server +spec: + ports: + - name: web + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: eightknot-app-server +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + labels: + app.kubernetes.io/part-of: eightknot-app + name: eightknot-app-server +spec: + port: + targetPort: web + to: + kind: "" + name: eightknot-app-server + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge diff --git a/openshift/8k-bc.yaml b/openshift/8k-bc.yaml new file mode 100644 index 00000000..b263eacd --- /dev/null +++ b/openshift/8k-bc.yaml @@ -0,0 +1,57 @@ +--- +kind: ImageStream +apiVersion: image.openshift.io/v1 +metadata: + annotations: + app.openshift.io/vcs-ref: main + app.openshift.io/vcs-uri: https://github.com/oss-aspen/8Knot.git + name: eightknot-app + labels: + app: eightknot-app + app.kubernetes.io/component: eightknot-app + app.kubernetes.io/instance: eightknot-app + app.kubernetes.io/name: eightknot-app + app.kubernetes.io/part-of: eightknot-app +--- +apiVersion: build.openshift.io/v1 +kind: BuildConfig +metadata: + annotations: + app.openshift.io/vcs-ref: main + app.openshift.io/vcs-uri: https://github.com/oss-aspen/8Knot.git + labels: + app: eightknot-app + app.kubernetes.io/component: eightknot-app + app.kubernetes.io/instance: eightknot-app + app.kubernetes.io/name: eightknot-app + app.kubernetes.io/part-of: eightknot-app + app.openshift.io/runtime: python + app.openshift.io/runtime-version: 3.9-ubi8 + name: eightknot-app +spec: + output: + to: + kind: ImageStreamTag + name: eightknot-app:latest + runPolicy: Serial + source: + contextDir: / + git: + ref: main + uri: https://github.com/oss-aspen/8Knot.git + type: Git + strategy: + dockerStrategy: + dockerfilePath: docker/Dockerfile.worker + type: Docker + triggers: + - generic: + secretReference: + name: eightknot-app-generic-webhook-secret + type: Generic + - github: + secretReference: + name: eightknot-app-github-webhook-secret + type: GitHub + - type: ConfigChange + - type: ImageChange diff --git a/openshift/8k-redis.yaml b/openshift/8k-redis.yaml new file mode 100644 index 00000000..d428492a --- /dev/null +++ b/openshift/8k-redis.yaml @@ -0,0 +1,87 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"redis:6-el8","namespace":"openshift"},"fieldPath":"spec.template.spec.containers[?(@.name==\"redis\")].image","pause":"false"}]' + labels: + app.kubernetes.io/part-of: eightknot-app + name: eightknot-redis +spec: + replicas: 1 + selector: + matchLabels: + name: eightknot-redis + strategy: + type: Recreate + template: + metadata: + labels: + name: eightknot-redis + spec: + containers: + - envFrom: + - secretRef: + name: eightknot-redis + image: image-registry.openshift-image-registry.svc:5000/openshift/redis:6-el8 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 6379 + timeoutSeconds: 1 + name: eightknot-redis + ports: + - containerPort: 6379 + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -i + - -c + - test "$(redis-cli -h 127.0.0.1 -a $REDIS_PASSWORD ping)" == "PONG" + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + memory: 4Gi + volumeMounts: + - mountPath: /var/lib/redis/data + name: eightknot-redis-data + restartPolicy: Always + volumes: + - emptyDir: {} + name: eightknot-redis-data + triggers: + - imageChangeParams: + automatic: true + containerNames: + - redis + from: + kind: ImageStreamTag + name: redis:6-el8 + namespace: openshift + type: ImageChange + - type: ConfigChange +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/part-of: eightknot-app + name: eightknot-redis +spec: + ports: + - name: redis + port: 6379 + protocol: TCP + targetPort: 6379 + selector: + name: eightknot-redis diff --git a/openshift/8k-worker-callback.yaml b/openshift/8k-worker-callback.yaml new file mode 100644 index 00000000..523a2e8c --- /dev/null +++ b/openshift/8k-worker-callback.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + alpha.image.policy.openshift.io/resolve-names: '*' + app.openshift.io/route-disabled: "false" + app.openshift.io/vcs-ref: main + app.openshift.io/vcs-uri: https://github.com/oss-aspen/8Knot.git + image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"eightknot-app:latest"},"fieldPath":"spec.template.spec.containers[?(@.name==\"eightknot-app\")].image","pause":"false"}]' + labels: + app: eightknot-worker-callback + app.kubernetes.io/component: eightknot-worker-callback + app.kubernetes.io/instance: eightknot-worker-callback + app.kubernetes.io/name: eightknot-worker-callback + app.kubernetes.io/part-of: eightknot-app + app.openshift.io/runtime: python + app.openshift.io/runtime-version: 3.9-ubi8 + name: eightknot-worker-callback +spec: + replicas: 1 + selector: + matchLabels: + app: eightknot-worker-callback + strategy: + type: RollingUpdate + template: + metadata: + labels: + app: eightknot-worker-callback + spec: + containers: + - command: + [ "celery", "-A", "app:celery_app", "worker", "--loglevel=INFO", "-c", "4" ] + envFrom: + - secretRef: + name: augur-config + - secretRef: + name: eightknot-redis + image: eightknot-app:latest + imagePullPolicy: Always + name: eightknot-app + ports: + - containerPort: 8080 + protocol: TCP + resources: {} diff --git a/openshift/8k-worker-query.yaml b/openshift/8k-worker-query.yaml new file mode 100644 index 00000000..c4809cfb --- /dev/null +++ b/openshift/8k-worker-query.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + alpha.image.policy.openshift.io/resolve-names: '*' + app.openshift.io/route-disabled: "false" + app.openshift.io/vcs-ref: main + app.openshift.io/vcs-uri: https://github.com/oss-aspen/8Knot.git + image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"eightknot-app:latest"},"fieldPath":"spec.template.spec.containers[?(@.name==\"eightknot-app\")].image","pause":"false"}]' + labels: + app: eightknot-worker-query + app.kubernetes.io/component: eightknot-worker-query + app.kubernetes.io/instance: eightknot-worker-query + app.kubernetes.io/name: eightknot-worker-query + app.kubernetes.io/part-of: eightknot-app + app.openshift.io/runtime: python + app.openshift.io/runtime-version: 3.9-ubi8 + name: eightknot-worker-query +spec: + replicas: 1 + selector: + matchLabels: + app: eightknot-worker-query + strategy: + type: RollingUpdate + template: + metadata: + labels: + app: eightknot-worker-query + spec: + containers: + - command: + [ "celery", "-A", "app:celery_app", "worker", "--loglevel=INFO", "-Q", "data", "-c", "4" ] + envFrom: + - secretRef: + name: augur-config + - secretRef: + name: eightknot-redis + image: eightknot-app:latest + imagePullPolicy: Always + name: eightknot-app + ports: + - containerPort: 8080 + protocol: TCP + resources: {} diff --git a/openshift/namespace.yaml b/openshift/namespace.yaml new file mode 100644 index 00000000..ede9c177 --- /dev/null +++ b/openshift/namespace.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: + openshift.io/description: "8Knot Production Config" + openshift.io/display-name: "Production 8Knot" + labels: + kubernetes.io/metadata.name: prod-sandiego-explorer-osci-io + # security.openshift.io/scc.podSecurityLabelSync: 'true' + name: prod-sandiego-explorer-osci-io