Commit 445d1f15 authored by Matthias's avatar Matthias
Browse files

remove k8s manifests

parent 64c6a845
Pipeline #25043 passed with stages
in 2 minutes and 2 seconds
#create service account so that this pod can manage the other pods
apiVersion: v1
kind: ServiceAccount
metadata:
name: import-api-service-account
---
#necessary role so that the service account can access the kubernetes api to list pods
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
namespace: memobase
name: import-api-roles
rules:
- apiGroups: ["", "batch"] # "" indicates the core API group
resources: ["pods", "secrets", "configmaps", "jobs"]
verbs: ["get", "list", "create", "watch", "create", "update", "patch", "delete"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: import-api-roles
namespace: memobase
subjects:
- kind: ServiceAccount
name: import-api-service-account
namespace: memobase
roleRef:
kind: Role
name: import-api-roles
apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
apiVersion: v1
kind: ConfigMap
metadata:
name: import-api-prod-config
namespace: memobase
data:
IMPORT_API_URL: 'https://import.memobase.k8s.unibas.ch'
DRUPAL_API_URL: 'https://memobase-customer-live.outermedia.net'
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-import-prod
namespace: memobase
labels:
app: import-api-prod-app
spec:
selector:
matchLabels:
app: import-api-prod-app
replicas: 1
template:
metadata:
labels:
app: import-api-prod-app
tier: web
spec:
serviceAccountName: import-api-service-account #to be able to manage other pods inside the cluster
containers:
- name: import-api-prod-container
image: cr.gitlab.switch.ch/memoriav/memobase-2020/services/import-process/import-api:latest
envFrom:
- secretRef:
name: drupal-live-api-credentials
- secretRef:
name: internal-sftp-config
- configMapRef:
name: "prod-kafka-bootstrap-servers"
- configMapRef:
name: "import-api-prod-config"
ports:
- containerPort: 5000
name: http
protocol: TCP
imagePullPolicy: Always
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: memobase
name: memobase-import-prod-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- import.memobase.k8s.unibas.ch
secretName: import.memobase.k8s.unibas.ch-tls
rules:
- host: import.memobase.k8s.unibas.ch
http:
paths:
- path: /
backend:
serviceName: import-api-prod-service
servicePort: 5000
\ No newline at end of file
apiVersion: v1
kind: Service
metadata:
namespace: memobase
name: import-api-prod-service
labels:
app: import-api-prod-app
spec:
ports:
- port: 5000
selector:
app: import-api-prod-app
tier: web
clusterIP: None
\ No newline at end of file
apiVersion: v1
kind: ConfigMap
metadata:
name: import-api-test-config
namespace: memobase
data:
IMPORT_API_URL: 'https://test.import.memobase.k8s.unibas.ch'
DRUPAL_API_URL: 'https://memobase-customer-live.outermedia.net'
apiVersion: apps/v1
kind: Deployment
metadata:
name: import-api-deployment
namespace: memobase
labels:
app: import-api-test-app
spec:
selector:
matchLabels:
app: import-api-test-app
replicas: 1
template:
metadata:
labels:
app: import-api-test-app
tier: web
spec:
serviceAccountName: import-api-service-account #to be able to manage other pods inside the cluster
containers:
- name: import-api-test-container
image: cr.gitlab.switch.ch/memoriav/memobase-2020/services/import-process/import-api:latest
envFrom:
- secretRef:
name: drupal-api-credentials
- secretRef:
name: internal-sftp-config
- configMapRef:
name: "prod-kafka-bootstrap-servers"
- configMapRef:
name: "import-api-test-config"
ports:
- containerPort: 5000
name: http
protocol: TCP
imagePullPolicy: Always
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: memobase
name: memobase-import-test-ingress
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
tls:
- hosts:
- test.import.memobase.k8s.unibas.ch
secretName: test.import.memobase.k8s.unibas.ch-tls
rules:
- host: test.import.memobase.k8s.unibas.ch
http:
paths:
- path: /
backend:
serviceName: import-api-test-service
servicePort: 5000
\ No newline at end of file
apiVersion: v1
kind: Service
metadata:
namespace: memobase
name: import-api-test-service
labels:
app: import-api-test-app
spec:
ports:
- port: 5000
selector:
app: import-api-test-app
tier: web
clusterIP: None
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment