Commit d344d931 authored by Jonas Waeber's avatar Jonas Waeber
Browse files

Merge branch 'gunicorn_configs'

parents cacb4484 c3acc880
Pipeline #37171 failed with stages
in 2 minutes and 1 second
FROM index.docker.io/library/python:3.8 FROM index.docker.io/library/python:3.8-alpine
ARG K8S_VERSION=v1.20.4 ARG K8S_VERSION=v1.20.4
ARG HELM_VERSION=v3.6.3 ARG HELM_VERSION=v3.6.3
...@@ -7,7 +7,7 @@ ENV FLASK_APP import_api_app ...@@ -7,7 +7,7 @@ ENV FLASK_APP import_api_app
EXPOSE 5000 EXPOSE 5000
ENTRYPOINT ["gunicorn"] ENTRYPOINT ["gunicorn"]
CMD ["--bind", "0.0.0.0:5000", "wsgi:app", "--log-level", "info", "--log-file", "/dev/stdout", "--access-logfile", "/dev/stdout"] CMD [ "wsgi:app", "--config", "/configs/gunicorn.conf.py"]
RUN cd /usr/bin \ RUN cd /usr/bin \
&& wget -q https://storage.googleapis.com/kubernetes-release/release/${K8S_VERSION}/bin/linux/amd64/kubectl \ && wget -q https://storage.googleapis.com/kubernetes-release/release/${K8S_VERSION}/bin/linux/amd64/kubectl \
......
bind = "0.0.0.0:5000"
reload = True
accesslog = "/dev/stdout"
access_log_format = '%(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"'
disable_redirect_access_to_syslog = True
errorlog = "/dev/stderr"
loglevel = 'info'
workers = 1
logconfig_dict = dict(
version=1,
disable_existing_loggers=True,
loggers={
"gunicorn.error": {
"level": "INFO",
"handlers": ["error_console"],
"propagate": False,
"qualname": "gunicorn.error"
}
},
formatters={
"generic": {
"format": "[%(levelname)s] [%(name)s] %(message)s",
"datefmt": "[%Y-%m-%d %H:%M:%S %z]",
"class": "logging.Formatter"
}
}
)
bind = "0.0.0.0:5000"
reload = True
accesslog = "/dev/stdout"
access_log_format = '%(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"'
disable_redirect_access_to_syslog = True
errorlog = "/dev/stderr"
loglevel = 'debug'
workers = 1
logconfig_dict = dict(
version=1,
disable_existing_loggers=True,
loggers={
"gunicorn.error": {
"level": "DEBUG",
"handlers": ["error_console"],
"propagate": False,
"qualname": "gunicorn.error"
}
},
formatters={
"generic": {
"format": "[%(levelname)s] [%(name)s] %(message)s",
"datefmt": "[%Y-%m-%d %H:%M:%S %z]",
"class": "logging.Formatter"
}
}
)
...@@ -8,7 +8,6 @@ k8sRequestsMemory: "128Mi" ...@@ -8,7 +8,6 @@ k8sRequestsMemory: "128Mi"
k8sLimitsCpu: "0.4" k8sLimitsCpu: "0.4"
k8sLimitsMemory: "256Mi" k8sLimitsMemory: "256Mi"
logLevel: INFO
sftpBasePath: "/swissbib_index/mb_sftp" sftpBasePath: "/swissbib_index/mb_sftp"
drupalApiCredentials: drupal-api-credentials-prod drupalApiCredentials: drupal-api-credentials-prod
......
...@@ -8,7 +8,6 @@ k8sRequestsMemory: "128Mi" ...@@ -8,7 +8,6 @@ k8sRequestsMemory: "128Mi"
k8sLimitsCpu: "0.4" k8sLimitsCpu: "0.4"
k8sLimitsMemory: "256Mi" k8sLimitsMemory: "256Mi"
logLevel: DEBUG
sftpBasePath: "/swissbib_index/mb_sftp/stage" sftpBasePath: "/swissbib_index/mb_sftp/stage"
drupalApiCredentials: drupal-api-credentials-stage drupalApiCredentials: drupal-api-credentials-stage
......
...@@ -8,7 +8,6 @@ k8sRequestsMemory: "128Mi" ...@@ -8,7 +8,6 @@ k8sRequestsMemory: "128Mi"
k8sLimitsCpu: "0.4" k8sLimitsCpu: "0.4"
k8sLimitsMemory: "256Mi" k8sLimitsMemory: "256Mi"
logLevel: DEBUG
sftpBasePath: "/swissbib_index/mb_sftp/test" sftpBasePath: "/swissbib_index/mb_sftp/test"
drupalApiCredentials: drupal-api-credentials-test drupalApiCredentials: drupal-api-credentials-test
......
...@@ -3,6 +3,10 @@ kind: ConfigMap ...@@ -3,6 +3,10 @@ kind: ConfigMap
metadata: metadata:
name: {{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-config name: {{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-config
namespace: memobase namespace: memobase
labels:
app: "{{ .Values.k8sName }}"
group: "{{ .Values.k8sGroupName }}"
environment: "{{ .Values.k8sEnvironment }}"
data: data:
ENV: {{ .Values.k8sEnvironment }} ENV: {{ .Values.k8sEnvironment }}
TFV_KAFKA_SERVER_CONFIGS: {{ .Values.kafkaConfigs }} TFV_KAFKA_SERVER_CONFIGS: {{ .Values.kafkaConfigs }}
...@@ -14,6 +18,5 @@ data: ...@@ -14,6 +18,5 @@ data:
TOPIC_CONFIGS: {{ .Values.topicConfigs }} TOPIC_CONFIGS: {{ .Values.topicConfigs }}
TOPIC_DRUPAL_EXPORT: {{ .Values.topicDrupalExport }} TOPIC_DRUPAL_EXPORT: {{ .Values.topicDrupalExport }}
CLEAR_CACHE_URL: {{ .Values.clearCacheUrl }} CLEAR_CACHE_URL: {{ .Values.clearCacheUrl }}
LOG_LEVEL: "{{ .Values.logLevel }}"
NAMESPACE: "{{ .Values.namespace }}" NAMESPACE: "{{ .Values.namespace }}"
SFTP_BASE_PATH: "{{ .Values.sftpBasePath }}" SFTP_BASE_PATH: "{{ .Values.sftpBasePath }}"
...@@ -4,24 +4,24 @@ metadata: ...@@ -4,24 +4,24 @@ metadata:
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}" name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}"
namespace: "{{ .Values.k8sNamespace }}" namespace: "{{ .Values.k8sNamespace }}"
labels: labels:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-app" app: "{{ .Values.k8sName }}"
group: "{{ .Values.k8sGroupName }}" group: "{{ .Values.k8sGroupName }}"
environment: "{{ .Values.k8sEnvironment }}" environment: "{{ .Values.k8sEnvironment }}"
spec: spec:
selector: selector:
matchLabels: matchLabels:
app: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-app" app: "{{ .Values.k8sName }}"
group: "{{ .Values.k8sGroupName }}" group: "{{ .Values.k8sGroupName }}"
environment: "{{ .Values.k8sEnvironment }}" environment: "{{ .Values.k8sEnvironment }}"
replicas: {{ .Values.k8sReplicas }} replicas: {{ .Values.k8sReplicas }}
template: template:
metadata: metadata:
labels: labels:
app: {{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-app app: "{{ .Values.k8sName }}"
group: {{ .Values.k8sGroupName }} group: "{{ .Values.k8sGroupName }}"
environment: {{ .Values.k8sEnvironment }} environment: "{{ .Values.k8sEnvironment }}"
spec: spec:
serviceAccountName: {{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-service-account #to be able to manage other pods inside the cluster serviceAccountName: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-service-account"
containers: containers:
- name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-container" - name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-container"
image: "{{ .Values.registry }}/{{ .Values.image }}:{{ .Values.tag }}" image: "{{ .Values.registry }}/{{ .Values.image }}:{{ .Values.tag }}"
...@@ -34,6 +34,9 @@ spec: ...@@ -34,6 +34,9 @@ spec:
name: "{{ .Values.kafkaConfigs }}" name: "{{ .Values.kafkaConfigs }}"
- configMapRef: - configMapRef:
name: "{{ .Values.importApiConfig }}" name: "{{ .Values.importApiConfig }}"
volumeMounts:
- name: gunicorn-conf
mountPath: "/configs"
ports: ports:
- containerPort: 5000 - containerPort: 5000
name: http name: http
...@@ -46,3 +49,7 @@ spec: ...@@ -46,3 +49,7 @@ spec:
limits: limits:
cpu: "{{ .Values.k8sLimitsCpu }}" cpu: "{{ .Values.k8sLimitsCpu }}"
memory: "{{ .Values.k8sLimitsMemory }}" memory: "{{ .Values.k8sLimitsMemory }}"
volumes:
- name: gunicorn-conf
configMap:
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-gunicorn-config-map"
\ No newline at end of file
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment }}-gunicorn-config-map"
namespace: "{{ .Values.k8sNamespace }}"
labels:
app: "{{ .Values.k8sName }}"
group: "{{ .Values.k8sGroupName }}"
environment: "{{ .Values.k8sEnvironment }}"
data:
{{- if eq .Values.k8sEnvironment "test" }}
{{- (.Files.Glob "configmap/test/gunicorn.conf.py").AsConfig | nindent 2 }}
{{- else }}
{{- (.Files.Glob "configmap/prod/gunicorn.conf.py").AsConfig | nindent 2 }}
{{- end }}
\ No newline at end of file
#create service account so that this pod can manage the other pods
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-service-account name: {{ .Values.k8sGroupId }}-{{ .Values.k8sName }}-{{ .Values.k8sEnvironment}}-service-account
--- ---
#necessary role so that the service account can access the kubernetes api to list pods
kind: Role kind: Role
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
metadata: metadata:
namespace: {{ .Values.k8sNamespace }} namespace: {{ .Values.k8sNamespace }}
name: import-api-roles-{{ .Values.k8sEnvironment }} name: import-api-roles-{{ .Values.k8sEnvironment }}
rules: rules:
- apiGroups: ["", "batch"] # "" indicates the core API group - apiGroups: ["", "batch"]
resources: ["pods", "secrets", "configmaps", "jobs"] resources: ["pods", "secrets", "configmaps", "jobs"]
verbs: ["get", "list", "create", "watch", "create", "update", "patch", "delete"] verbs: ["get", "list", "create", "watch", "create", "update", "patch", "delete"]
--- ---
......
...@@ -13,7 +13,6 @@ k8sRequestsMemory: placeholder ...@@ -13,7 +13,6 @@ k8sRequestsMemory: placeholder
k8sLimitsCpu: placeholder k8sLimitsCpu: placeholder
k8sLimitsMemory: placeholder k8sLimitsMemory: placeholder
logLevel: placeholder
sftpBasePath: placeholder sftpBasePath: placeholder
namespace: memobase namespace: memobase
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment