From 4e572c4d871171ef804c363b71fb5b43ff02750e Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Wed, 14 May 2025 17:37:08 +0200 Subject: [PATCH] feat: Initial commit --- README.md | 3 ++ manifests/database-backup.yaml | 10 ++++ manifests/database-local-service.yaml | 17 +++++++ manifests/database-ondemand-backup.yaml | 8 ++++ manifests/database-recovery.yaml | 61 +++++++++++++++++++++++++ manifests/database.yaml | 61 +++++++++++++++++++++++++ manifests/deployment.yaml | 58 +++++++++++++++++++++++ manifests/ingress.yaml | 29 ++++++++++++ manifests/kustomization.yaml | 12 +++++ manifests/namespace.yaml | 4 ++ manifests/secrets.yaml | 24 ++++++++++ manifests/service.yaml | 15 ++++++ 12 files changed, 302 insertions(+) create mode 100644 README.md create mode 100644 manifests/database-backup.yaml create mode 100644 manifests/database-local-service.yaml create mode 100644 manifests/database-ondemand-backup.yaml create mode 100644 manifests/database-recovery.yaml create mode 100644 manifests/database.yaml create mode 100644 manifests/deployment.yaml create mode 100644 manifests/ingress.yaml create mode 100644 manifests/kustomization.yaml create mode 100644 manifests/namespace.yaml create mode 100644 manifests/secrets.yaml create mode 100644 manifests/service.yaml diff --git a/README.md b/README.md new file mode 100644 index 0000000..69116fa --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +# Kener + +Feature complet service uptime dashboard. diff --git a/manifests/database-backup.yaml b/manifests/database-backup.yaml new file mode 100644 index 0000000..a85235c --- /dev/null +++ b/manifests/database-backup.yaml @@ -0,0 +1,10 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: ScheduledBackup +metadata: + name: kener-db-backup + namespace: kener +spec: + schedule: "0 0 0 * * *" + backupOwnerReference: self + cluster: + name: kener-db diff --git a/manifests/database-local-service.yaml b/manifests/database-local-service.yaml new file mode 100644 index 0000000..1f0f450 --- /dev/null +++ b/manifests/database-local-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: kener-db + name: kener-db-local + namespace: kener +spec: + internalTrafficPolicy: Local + ports: + - name: postgres + port: 5432 + protocol: TCP + targetPort: 5432 + selector: + cnpg.io/cluster: kener-db + cnpg.io/instanceRole: primary diff --git a/manifests/database-ondemand-backup.yaml b/manifests/database-ondemand-backup.yaml new file mode 100644 index 0000000..7ce0cf4 --- /dev/null +++ b/manifests/database-ondemand-backup.yaml @@ -0,0 +1,8 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Backup +metadata: + name: kener-db-ondemand-backup-280225 + namespace: kener +spec: + cluster: + name: kener-db diff --git a/manifests/database-recovery.yaml b/manifests/database-recovery.yaml new file mode 100644 index 0000000..0575c1f --- /dev/null +++ b/manifests/database-recovery.yaml @@ -0,0 +1,61 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: kener-db + namespace: kener + +spec: + imageName: ghcr.io/cloudnative-pg/postgresql:17.4 + instances: 1 + + storage: + size: 2Gi + storageClass: local-path + + bootstrap: + recovery: + backup: + name: kener-db-20250429184645 + + postgresql: + pg_hba: + - host all all all md5 + + externalClusters: + - name: kener-db + barmanObjectStore: + serverName: kener-db + destinationPath: "s3://halis/cloudnativepg" + endpointURL: https://s3.halia.dev + s3Credentials: + accessKeyId: + name: s3-secret + key: AWS_ACCESS_KEY_ID + secretAccessKey: + name: s3-secret + key: AWS_SECRET_ACCESS_KEY + region: + name: s3-secret + key: AWS_REGION + wal: + compression: gzip + maxParallel: 8 + + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 500m + memory: 1Gi + + monitoring: + enablePodMonitor: true + + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: zone + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + cnpg.io/cluster: kener-db diff --git a/manifests/database.yaml b/manifests/database.yaml new file mode 100644 index 0000000..feacc4b --- /dev/null +++ b/manifests/database.yaml @@ -0,0 +1,61 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: kener-db + namespace: kener + +spec: + imageName: ghcr.io/cloudnative-pg/postgresql:17.4 + instances: 3 + + storage: + size: 1Gi + storageClass: local-path + + bootstrap: + initdb: + database: kener + owner: kener + secret: + name: kener-db + + postgresql: + pg_hba: + - host all all all md5 + + backup: + barmanObjectStore: + destinationPath: "s3://halis/cloudnativepg" + endpointURL: https://s3.halia.dev + s3Credentials: + accessKeyId: + name: s3-secret + key: AWS_ACCESS_KEY_ID + secretAccessKey: + name: s3-secret + key: AWS_SECRET_ACCESS_KEY + region: + name: s3-secret + key: AWS_REGION + wal: + compression: gzip + maxParallel: 8 + + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 500m + memory: 1Gi + + monitoring: + enablePodMonitor: true + + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: zone + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + cnpg.io/cluster: kener-db diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml new file mode 100644 index 0000000..b6ec960 --- /dev/null +++ b/manifests/deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kener + namespace: kener +spec: + replicas: 1 + selector: + matchLabels: + app: kener + template: + metadata: + labels: + app: kener + spec: + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: cnpg.io/cluster + operator: In + values: + - kener-db + - key: cnpg.io/instanceRole + operator: In + values: + - primary + topologyKey: "kubernetes.io/hostname" + containers: + - name: kener-web + image: rajnandan1/kener:3.2.17 + ports: + - containerPort: 3000 + env: + - name: TZ + value: "Europe/Copenhagen" + - name: ORIGIN + value: "https://status.halis.io" + - name: KENER_DB_USER + valueFrom: + secretKeyRef: + name: kener-db + key: username + - name: KENER_DB_PASSWORD + valueFrom: + secretKeyRef: + name: kener-db + key: password + - name: DATABASE_URL + value: "postgresql://$(KENER_DB_USER):$(KENER_DB_PASSWORD)@kener-db-local.kener.svc.cluster.local:5432/kener" + - name: KENER_SECRET_KEY + valueFrom: + secretKeyRef: + name: kener-secrets + key: key diff --git a/manifests/ingress.yaml b/manifests/ingress.yaml new file mode 100644 index 0000000..c794011 --- /dev/null +++ b/manifests/ingress.yaml @@ -0,0 +1,29 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: kener-ingress + namespace: kener + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + kubernetes.io/ingress.class: nginx-external + acme.cert-manager.io/http01-edit-in-place: "true" + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "600" +spec: + tls: + - hosts: + - status.halis.io + secretName: status-halis-io-tls + ingressClassName: nginx-external + rules: + - host: status.halis.io + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: kener-svc + port: + number: 80 diff --git a/manifests/kustomization.yaml b/manifests/kustomization.yaml new file mode 100644 index 0000000..e34d447 --- /dev/null +++ b/manifests/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + - secrets.yaml + - database.yaml + - database-backup.yaml + - database-local-service.yaml + - deployment.yaml + - service.yaml + - ingress.yaml diff --git a/manifests/namespace.yaml b/manifests/namespace.yaml new file mode 100644 index 0000000..659b4f5 --- /dev/null +++ b/manifests/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: kener diff --git a/manifests/secrets.yaml b/manifests/secrets.yaml new file mode 100644 index 0000000..99935ee --- /dev/null +++ b/manifests/secrets.yaml @@ -0,0 +1,24 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kener-secrets + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: https://git.halis.io/athens-school/k3s-secrets + targetRevision: prod-migration + path: kener + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=false + - ApplyOutOfSyncOnly=true + - PruneLast=true + destination: + server: https://kubernetes.default.svc + namespace: kener diff --git a/manifests/service.yaml b/manifests/service.yaml new file mode 100644 index 0000000..eed1028 --- /dev/null +++ b/manifests/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: kener-svc + namespace: kener + labels: + app.kubernetes.io/name: kener +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 3000 + selector: + app: kener