just go for it

2020-06-08 08:42:42 -04:00
parent b9b948a8b5
commit 8c9389ba1f
22 changed files with 325 additions and 165 deletions
--- a/helm/.helmignore
+++ b/helm/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -0,0 +1,23 @@
+apiVersion: v2
+name: helm
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 1.16.0
--- a/helm/templates/configmap.yaml
+++ b/helm/templates/configmap.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+data:
+  ALLOWED_HOSTS: {{ .Release.Name }}.ducoterra.net
--- a/helm/templates/deploy.yaml
+++ b/helm/templates/deploy.yaml
@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name }}
+    spec:
+      containers:
+        - image: {{ required "A valid .Values.image entry required!" .Values.image }}:{{ required "A valid .Values.tag entry required!" .Values.tag }}
+          name: {{ .Release.Name }}
+          ports:
+            - containerPort: 8080
+          envFrom:
+            - configMapRef:
+                name: {{ .Release.Name }}
+            - secretRef:
+                name: {{ .Release.Name }}
+            - secretRef:
+                name: postgres
+          resources:
+            limits:
+              memory: "500Mi"
+              cpu: "250m"
+            requests:
+              memory: "1Mi"
+              cpu: "100m"
--- a/helm/templates/hpa.yaml
+++ b/helm/templates/hpa.yaml
@@ -0,0 +1,18 @@
+apiVersion: autoscaling/v2beta2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ .Release.Name }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ .Release.Name }}
+  minReplicas: 1
+  maxReplicas: 4
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      target:
+        type: Utilization
+        averageUtilization: 50
--- a/helm/templates/ingress.yaml
+++ b/helm/templates/ingress.yaml
@@ -0,0 +1,78 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ .Release.Name }}-internal-tls
+  annotations:
+    kubernetes.io/ingress.class: traefik-internal
+spec:
+  entryPoints:
+    - websecure
+  tls:
+    certResolver: myresolver
+    domains:
+    - main: "*.ducoterra.net"
+  routes:
+  - match: Host(`{{ .Release.Name }}.ducoterra.net`)
+    kind: Rule
+    services:
+    - name: {{ .Release.Name }}
+      port: 8000
+
+---
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ .Release.Name }}-internal-web
+  annotations:
+    kubernetes.io/ingress.class: traefik-internal
+spec:
+  entryPoints:
+    - web
+  routes:
+  - match: Host(`{{ .Release.Name }}.ducoterra.net`)
+    kind: Rule
+    services:
+    - name: {{ .Release.Name }}
+      port: 8000
+    middlewares:
+      - name: httpsredirect
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ .Release.Name }}-external-tls
+  annotations:
+    kubernetes.io/ingress.class: traefik-external
+spec:
+  entryPoints:
+    - websecure
+  tls:
+    certResolver: myresolver
+  routes:
+  - match: Host(`{{ .Release.Name }}.ducoterra.net`)
+    kind: Rule
+    services:
+    - name: {{ .Release.Name }}
+      port: 8000
+
+---
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ .Release.Name }}-external-web
+  annotations:
+    kubernetes.io/ingress.class: traefik-external
+spec:
+  entryPoints:
+    - web
+  routes:
+  - match: Host(`{{ .Release.Name }}.ducoterra.net`)
+    kind: Rule
+    services:
+    - name: {{ .Release.Name }}
+      port: 8000
+    middlewares:
+      - name: httpsredirect
--- a/helm/templates/secret.yaml
+++ b/helm/templates/secret.yaml
@@ -0,0 +1,10 @@
+{{ if and .Values.secret .Release.IsInstall }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+type: generic
+data:
+  SECRET_KEY: {{ randAlphaNum 64 | b64enc | quote }}
+  DJANGO_SUPERUSER_PASSWORD: {{ randAlphaNum 64 | b64enc | quote }}
+{{ end }}
--- a/helm/templates/service.yaml
+++ b/helm/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: {{ .Release.Name }}
+  name: {{ .Release.Name }}
+spec:
+  ports:
+  - port: 8000
+    protocol: TCP
+    name: {{ .Release.Name }}-web
+    targetPort: 8000
+  selector:
+    app: {{ .Release.Name }} # This selects the pod(s) that match the selector
+  type: ClusterIP
--- a/helm/values.yaml
+++ b/helm/values.yaml