From 22210f5042bd7ad8844c2daa8109fbf25c3f6d90 Mon Sep 17 00:00:00 2001 From: daniluk4000 Date: Sat, 7 Dec 2024 12:48:30 +0300 Subject: [PATCH] chore: prod k8s config --- .config/k8s/ingress.yml | 17 +++++ .config/k8s/main/app.yml | 140 ++++++++++++++++++++++++++++++++++++ .config/k8s/main/db.yml | 53 ++++++++++++++ .config/k8s/main/redis.yml | 52 ++++++++++++++ .config/k8s/main/volume.yml | 11 +++ 5 files changed, 273 insertions(+) create mode 100644 .config/k8s/main/app.yml create mode 100644 .config/k8s/main/db.yml create mode 100644 .config/k8s/main/redis.yml create mode 100644 .config/k8s/main/volume.yml diff --git a/.config/k8s/ingress.yml b/.config/k8s/ingress.yml index 2e39409a..e415b216 100644 --- a/.config/k8s/ingress.yml +++ b/.config/k8s/ingress.yml @@ -25,3 +25,20 @@ spec: name: worker-next port: number: 8880 + - host: "vatsim-radar.com" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: app-prod + port: + number: 3000 + - pathType: Prefix + path: "/ws" + backend: + service: + name: worker-prod + port: + number: 8880 diff --git a/.config/k8s/main/app.yml b/.config/k8s/main/app.yml new file mode 100644 index 00000000..b0cbf8e0 --- /dev/null +++ b/.config/k8s/main/app.yml @@ -0,0 +1,140 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: app-prod +spec: + progressDeadlineSeconds: 360 + replicas: 1 + selector: + matchLabels: + app: app-prod + strategy: + type: Recreate + template: + metadata: + labels: + app: app-prod + spec: + containers: + - name: app-prod + image: ghcr.io/vatsim-radar/vatsim-radar/production + imagePullPolicy: Always + ports: + - containerPort: 3000 + volumeMounts: + - name: radar-data + mountPath: /radar/src/data + resources: + requests: + cpu: 300m + memory: 300Mi + limits: + cpu: 950m + memory: 950Mi + readinessProbe: + tcpSocket: + port: 3000 + initialDelaySeconds: 5 + periodSeconds: 15 + successThreshold: 1 + failureThreshold: 10 + timeoutSeconds: 15 + imagePullSecrets: + - name: ghcr-login-secret + nodeSelector: + doks.digitalocean.com/node-pool: premium-amd + volumes: + - name: radar-data + hostPath: + path: /opt/prod/data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: worker-prod +spec: + progressDeadlineSeconds: 360 + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: worker-prod + template: + metadata: + labels: + app: worker-prod + spec: + imagePullSecrets: + - name: ghcr-login-secret + nodeSelector: + doks.digitalocean.com/node-pool: premium-amd + containers: + - name: worker + image: ghcr.io/vatsim-radar/vatsim-radar/production + imagePullPolicy: Always + command: ["/radar/.config/worker-prod.sh"] + ports: + - containerPort: 8880 + volumeMounts: + - name: radar-data + mountPath: /radar/src/data + resources: + requests: + cpu: 300m + memory: 300Mi + limits: + cpu: 1000m + memory: 1Gi + readinessProbe: + tcpSocket: + port: 8880 + initialDelaySeconds: 5 + periodSeconds: 15 + successThreshold: 1 + failureThreshold: 10 + timeoutSeconds: 15 + volumes: + - name: radar-data + hostPath: + path: /opt/prod/data +--- +apiVersion: v1 +kind: Service +metadata: + name: worker-prod +spec: + ports: + - port: 8880 + selector: + app: worker-prod +--- +apiVersion: v1 +kind: Service +metadata: + name: app-prod +spec: + ports: + - port: 3000 + selector: + app: app-prod +--- +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: app-prod-hpa +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: app-prod + minReplicas: 1 + maxReplicas: 12 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 80 diff --git a/.config/k8s/main/db.yml b/.config/k8s/main/db.yml new file mode 100644 index 00000000..bb1dcc5d --- /dev/null +++ b/.config/k8s/main/db.yml @@ -0,0 +1,53 @@ +apiVersion: v1 +kind: Service +metadata: + name: db +spec: + ports: + - port: 3306 + selector: + app: db +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: db +spec: + progressDeadlineSeconds: 360 + strategy: + type: Recreate + replicas: 1 + selector: + matchLabels: + app: db + template: + metadata: + labels: + app: db + spec: + nodeSelector: + doks.digitalocean.com/node-pool: basic + containers: + - name: db + image: mysql + env: + - name: MYSQL_ALLOW_EMPTY_PASSWORD + value: "yes" + - name: MYSQL_DATABASE + value: "radar" + - name: MYSQL_ROOT_PASSWORD + value: "localhost" + ports: + - containerPort: 3306 + volumeMounts: + - name: radar-data + mountPath: /var/lib/mysql + readinessProbe: + exec: + command: ["mysqladmin", "ping", "-h", "localhost"] + initialDelaySeconds: 5 + periodSeconds: 10 + volumes: + - name: radar-data + persistentVolumeClaim: + claimName: radar-db-prod diff --git a/.config/k8s/main/redis.yml b/.config/k8s/main/redis.yml new file mode 100644 index 00000000..12716599 --- /dev/null +++ b/.config/k8s/main/redis.yml @@ -0,0 +1,52 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis +spec: + ports: + - port: 6379 + selector: + app: redis +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis +spec: + progressDeadlineSeconds: 60 + strategy: + type: Recreate + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + nodeSelector: + doks.digitalocean.com/node-pool: basic + containers: + - name: redis + image: redis + args: ["redis-server", "/usr/local/etc/redis/redis.conf", "--requirepass", "RADAR"] + ports: + - containerPort: 6379 + volumeMounts: + - name: redis-config + mountPath: /usr/local/etc/redis + volumes: + - name: redis-config + configMap: + name: redis-config +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: redis-config +data: + redis.conf: | + client-output-buffer-limit normal 836870912 836870912 0 + client-output-buffer-limit slave 836870912 836870912 0 + client-output-buffer-limit pubsub 836870912 836870912 0 diff --git a/.config/k8s/main/volume.yml b/.config/k8s/main/volume.yml new file mode 100644 index 00000000..8284809f --- /dev/null +++ b/.config/k8s/main/volume.yml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: radar-db-prod +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: do-block-storage