Blame - appmanager/install.yaml - pcloud

blob: b6ea5f644f0ef6e7865d3e98f670151fafb04a4c [file] [log] [blame]

giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	1	---
				2	apiVersion: v1
				3	kind: Namespace
				4	metadata:
				5	name: pcloud-app-manager
				6	---
giolekva	d6cbd8f	2020-05-16 13:52:01 +0400	[diff] [blame]	7	# TODO(giolekva): use default service account
giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	8	apiVersion: v1
				9	kind: ServiceAccount
				10	metadata:
				11	name: app-manager
				12	namespace: pcloud-app-manager
				13	---
				14	apiVersion: rbac.authorization.k8s.io/v1
				15	kind: ClusterRole
				16	metadata:
				17	name: deploy-apps
				18	rules:
				19	- apiGroups: [""]
giolekva	1c0372c	2020-05-16 21:18:59 +0400	[diff] [blame]	20	resources: ["namespaces", "services", "pods", "secrets", "serviceaccounts", "configmaps", "persistentvolumeclaims"]
giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	21	verbs: ["*"]
				22	- apiGroups: ["apps"]
				23	resources: ["deployments", "statefulsets"]
				24	verbs: ["*"]
				25	- apiGroups: ["traefik.containo.us"]
				26	resources: ["ingressroutes"]
giolekva	1c0372c	2020-05-16 21:18:59 +0400	[diff] [blame]	27	verbs: ["*"]
				28	- apiGroups: ["rbac.authorization.k8s.io"]
				29	resources: ["roles", "rolebindings"]
				30	verbs: ["*"]
giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	31	---
				32	apiVersion: rbac.authorization.k8s.io/v1
				33	kind: ClusterRoleBinding
				34	metadata:
				35	name: deploy-apps-to-sa
				36	subjects:
				37	- kind: ServiceAccount
				38	name: app-manager
				39	namespace: pcloud-app-manager
				40	roleRef:
				41	kind: ClusterRole
				42	name: deploy-apps
				43	apiGroup: rbac.authorization.k8s.io
				44	---
				45	kind: Service
				46	apiVersion: v1
				47	metadata:
				48	name: app-manager
				49	namespace: pcloud-app-manager
				50	spec:
				51	type: ClusterIP
				52	selector:
				53	app: app-manager
				54	ports:
				55	- nodePort:
				56	port: 80
				57	targetPort: 1234
				58	---
				59	apiVersion: traefik.containo.us/v1alpha1
				60	kind: IngressRoute
				61	metadata:
				62	name: ingress
				63	namespace: pcloud-app-manager
				64	spec:
				65	entryPoints:
				66	- web
				67	routes:
				68	- kind: Rule
				69	match: PathPrefix(`/app-manager`)
				70	services:
				71	- kind: Service
				72	name: app-manager
				73	namespace: pcloud-app-manager
				74	passHostHeader: true
				75	port: 80
				76	---
				77	apiVersion: apps/v1
giolekva	65c4326	2020-05-13 21:58:39 +0400	[diff] [blame]	78	kind: StatefulSet
giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	79	metadata:
				80	name: app-manager
				81	namespace: pcloud-app-manager
				82	spec:
				83	selector:
				84	matchLabels:
				85	app: app-manager
giolekva	65c4326	2020-05-13 21:58:39 +0400	[diff] [blame]	86	serviceName: app-manager
giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	87	replicas: 1
				88	template:
				89	metadata:
				90	labels:
				91	app: app-manager
				92	spec:
				93	serviceAccountName: app-manager
				94	containers:
				95	- name: app-manager
				96	image: giolekva/pcloud-app-manager:latest
				97	imagePullPolicy: Always
giolekva	65c4326	2020-05-13 21:58:39 +0400	[diff] [blame]	98	volumeMounts:
				99	- name: state
				100	mountPath: /pcloud/app-manager
giolekva	b22550e	2020-05-12 22:09:03 +0400	[diff] [blame]	101	ports:
				102	- containerPort: 1234
giolekva	65c4326	2020-05-13 21:58:39 +0400	[diff] [blame]	103	command: ["app-manager", "--logtostderr", "--port=1234", "--api_addr=http://api.pcloud.svc:1111/add_schema", "--helm_bin=/usr/bin/helm", "--manager_store_file=/pcloud/app-manager/manager-state"]
				104	volumeClaimTemplates:
				105	- metadata:
				106	name: state
				107	spec:
				108	accessModes: [ "ReadWriteOnce" ]
				109	storageClassName: "local-path"
				110	resources:
				111	requests:
				112	storage: 10Mi