In order to mitigate against the brute force attacks against Gitlab accounts, we are moving to all edu-ID Logins. We would like to remind you to link your account with your edu-id. Login will be possible only by edu-ID after November 30, 2021. Here you can find the instructions for linking your account.

If you don't have a SWITCH edu-ID, you can create one with this guide here

kind regards

Unverified Commit 6fc1813b authored by Sebastian Schüpbach's avatar Sebastian Schüpbach
Browse files

move to helm

parent 206db7de
Pipeline #24574 passed with stages
in 5 minutes and 12 seconds
......@@ -2,8 +2,13 @@ variables:
DOCKER_TLS_CERTDIR: ""
stages:
- test
- publish
include:
- project: 'memoriav/memobase-2020/utilities/ci-templates'
file: 'helm-chart/helm-chart.yml'
.build-image:
stage: publish
image:
......
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
\ No newline at end of file
apiVersion: v2
name: image-server
description: A helm chart for the Cantaloupe Image Server
type: application
version: 0.0.0
appVersion: 0.0.0
maintainers:
- name: Sebastian Schüpbach
email: sebastian.schuepbach@unibas.ch
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-config"
namespace: "{{ .Values.k8sNamespace }}"
data:
CACHE_SERVER_DERIVATIVE_ENABLED: "{{ .Values.cacheServerDerivativeEnabled }}"
CACHE_SERVER_DERIVATIVE: "{{ .Values.cacheServerDerivative }}"
CACHE_SERVER_DERIVATIVE_TTL_SECONDS: "{{ .Values.cacheServerDerivativeTtlSeconds }}"
CACHE_SERVER_INFO_ENABLED: "{{ .Values.cacheServerInfoEnabled }}"
CACHE_SERVER_PURGE_MISSING: "{{ .Values.cacheServerPurgeMissing }}"
CACHE_SERVER_RESOLVE_FIRST: "{{ .Values.cacheServerResolveFirst }}"
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}"
namespace: "{{ .Values.k8sNamespace }}"
labels:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-app"
spec:
selector:
matchLabels:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-app"
replicas: {{ .Values.k8sReplicas }}
template:
metadata:
labels:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-app"
group: "{{ .Values.k8sGroupName }}"
environment: "{{ .Values.k8sEnvironment }}"
spec:
containers:
- name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-container"
image: "{{ .Values.registry }}/{{ .Values.image }}:{{ .Values.tag }}"
resources:
requests:
cpu: "{{ .Values.k8sRequestsCpu }}"
memory: "{{ .Values.k8sRequestsMemory }}"
limits:
cpu: "{{ .Values.k8sLimitsCpu }}"
memory: "{{ .Values.k8sLimitsMemory }}"
envFrom:
- configMapRef:
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-config"
ports:
- containerPort: {{ .Values.k8sPort }}
name: http
protocol: TCP
imagePullPolicy: Always
volumeMounts:
- name: media-volume
mountPath: "{{ .Values.mediaFolderRootPath }}"
restartPolicy: Always
volumes:
- name: media-volume
persistentVolumeClaim:
claimName: "{{ .Values.mediaVolumeClaimName }}"
apiVersion: v1
kind: Service
metadata:
namespace: "{{ .Values.k8sNamespace }}"
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-service"
labels:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-app"
spec:
ports:
- port: {{ .Values.k8sPort }}
selector:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-app"
group: "{{ .Values.k8sGroupName }}"
environment: "{{ .Values.k8sEnvironment }}"
clusterIP: None
registry: "cr.gitlab.switch.ch"
image: "memoriav/memobase-2020/services/cantaloupe-docker"
tag: "4.x-jp2"
k8sName: image-server
k8sNamespace: memobase
k8sGroupId: api
k8sGroupName: api
k8sEnvironment: prod
k8sReplicas: 2
k8sRequestsCpu: "0.5"
k8sRequestsMemory: "1Gi"
k8sLimitsCpu: "2"
k8sLimitsMemory: "4Gi"
k8sPort: 8182
mediaVolumeClaimName: "media-volume-claim"
mediaFolderRootPath: "/home/cantaloupe/images"
cacheServerDerivativeEnabled: "true"
cacheServerDerivative: FilesystemCache
cacheServerDerivativeTtlSeconds: "172800"
cacheServerInfoEnabled: "false"
cacheServerPurgeMissing: "false"
cacheServerResolveFirst: "false"
registry: "cr.gitlab.switch.ch"
image: "memoriav/memobase-2020/services/cantaloupe-docker"
tag: "4.x-jp2"
k8sName: image-server
k8sNamespace: memobase
k8sGroupId: api
k8sGroupName: api
k8sEnvironment: stage
k8sReplicas: 1
k8sRequestsCpu: "0.5"
k8sRequestsMemory: "1Gi"
k8sLimitsCpu: "1.5"
k8sLimitsMemory: "2Gi"
k8sPort: 8182
mediaVolumeClaimName: "stage-media-volume-claim"
mediaFolderRootPath: "/home/cantaloupe/images"
cacheServerDerivativeEnabled: "true"
cacheServerDerivative: FilesystemCache
cacheServerDerivativeTtlSeconds: "172800"
cacheServerInfoEnabled: "false"
cacheServerPurgeMissing: "false"
cacheServerResolveFirst: "false"
registry: "cr.gitlab.switch.ch"
image: "memoriav/memobase-2020/services/cantaloupe-docker"
tag: "4.x-jp2"
k8sName: image-server
k8sNamespace: memobase
k8sGroupId: api
k8sGroupName: api
k8sEnvironment: test
k8sReplicas: 1
k8sRequestsCpu: "0.5"
k8sRequestsMemory: "1Gi"
k8sLimitsCpu: "1.5"
k8sLimitsMemory: "2Gi"
k8sPort: 8182
mediaVolumeClaimName: "test-media-volume-claim"
mediaFolderRootPath: "/home/cantaloupe/images"
cacheServerDerivativeEnabled: "true"
cacheServerDerivative: FilesystemCache
cacheServerDerivativeTtlSeconds: "172800"
cacheServerInfoEnabled: "false"
cacheServerPurgeMissing: "false"
cacheServerResolveFirst: "false"
apiVersion: apps/v1
kind: Deployment
metadata:
name: cantaloupe-deployment
namespace: memobase
labels:
app: imageserver-app
spec:
selector:
matchLabels:
app: imageserver-app
replicas: 1
template:
metadata:
labels:
app: imageserver-app
tier: web
spec:
containers:
- name: cantaloupe-container
image: cr.gitlab.switch.ch/memoriav/memobase-2020/services/cantaloupe-docker:4.x-jp2
ports:
- containerPort: 8182
name: http
protocol: TCP
resources:
requests:
cpu: "0.5"
memory: "1Gi"
limits:
cpu: "2"
memory: "4Gi"
imagePullPolicy: Always
volumeMounts:
- name: media-volume
mountPath: /home/cantaloupe/images
env:
- name: CACHE_SERVER_DERIVATIVE_ENABLED
value: 'true'
- name: CACHE_SERVER_DERIVATIVE
value: 'HeapCache'
- name: HEAPCACHE_TARGET_SIZE
value: '3g'
restartPolicy: Always
volumes:
- name: media-volume
persistentVolumeClaim:
claimName: media-volume-claim
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: memobase
name: imageserver-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
labels:
app: imageserver-app
spec:
tls:
- hosts:
- images.memobase.k8s.unibas.ch
secretName: images.memobase.k8s.unibas.ch-tls
rules:
- host: images.memobase.k8s.unibas.ch
http:
paths:
- path: /
backend:
serviceName: imageserver-service
servicePort: 8182
apiVersion: v1
kind: Service
metadata:
namespace: memobase
name: imageserver-service
labels:
app: imageserver-app
spec:
ports:
- port: 8182
selector:
app: imageserver-app
tier: web
clusterIP: None
apiVersion: apps/v1
kind: Deployment
metadata:
name: cantaloupe-test-deployment
namespace: memobase
labels:
app: imageserver-test-app
spec:
selector:
matchLabels:
app: imageserver-test-app
replicas: 1
template:
metadata:
labels:
app: imageserver-test-app
tier: web
spec:
containers:
- name: cantaloupe-test-container
image: cr.gitlab.switch.ch/memoriav/memobase-2020/services/cantaloupe-docker:4.1.7-http-jp2
ports:
- containerPort: 8182
name: http
protocol: TCP
resources:
requests:
cpu: "0.5"
memory: "1Gi"
limits:
cpu: "2"
memory: "4Gi"
imagePullPolicy: Always
volumeMounts:
- name: media-volume
mountPath: /home/cantaloupe/images
env:
- name: CACHE_SERVER_DERIVATIVE_ENABLED
value: 'true'
- name: CACHE_SERVER_DERIVATIVE
value: 'RedisCache'
- name: REDISCACHE_HOST
value: 'redis-test-service'
restartPolicy: Always
volumes:
- name: media-volume
persistentVolumeClaim:
claimName: media-volume-claim
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: memobase
name: imageserver-test-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
labels:
app: imageserver-test-app
spec:
tls:
- hosts:
- images-test.memobase.k8s.unibas.ch
secretName: images-test.memobase.k8s.unibas.ch-tls
rules:
- host: images-test.memobase.k8s.unibas.ch
http:
paths:
- path: /
backend:
serviceName: imageserver-test-service
servicePort: 8182
apiVersion: v1
kind: Service
metadata:
namespace: memobase
name: imageserver-test-service
labels:
app: imageserver-test-app
spec:
ports:
- port: 8182
selector:
app: imageserver-test-app
tier: web
clusterIP: None
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis-deployment
namespace: memobase
labels:
app: redis-app
spec:
selector:
matchLabels:
app: redis-app
replicas: 1
template:
metadata:
labels:
app: redis-app
tier: web
spec:
containers:
- name: redis-container
image: redis:5-buster
resources:
requests:
cpu: "0.2"
memory: "2Gi"
limits:
cpu: "1.0"
memory: "8Gi"
imagePullPolicy: Always
ports:
- containerPort: 6379
name: http
protocol: TCP
restartPolicy: Always
apiVersion: v1
kind: Service
metadata:
namespace: memobase
name: redis-service
labels:
app: redis-app
spec:
ports:
- port: 6379
selector:
app: redis-app
tier: web
clusterIP: None
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis-test-deployment
namespace: memobase
labels:
app: redis-test-app
spec:
selector:
matchLabels:
app: redis-test-app
replicas: 1
template:
metadata:
labels:
app: redis-test-app
tier: web
spec:
containers:
- name: redis-test-container
image: redis:5-buster
resources:
requests:
cpu: "0.2"
memory: "2Gi"
limits:
cpu: "1.0"
memory: "8Gi"
imagePullPolicy: Always
ports:
- containerPort: 6379
name: http
protocol: TCP
restartPolicy: Always
apiVersion: v1
kind: Service
metadata:
namespace: memobase
name: redis-test-service
labels:
app: redis-test-app
spec:
ports:
- port: 6379
selector:
app: redis-test-app
tier: web
clusterIP: None
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment