Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions
ansible/roles/openshift-apps/badges/templates/deploymentconfig.yml.j2
Ryan Lerch c7d0f64697 badges - rename yaml/yml templates to .j2 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2025-01-14 08:37:30 +10:00

279 lines
7.6 KiB
Django/Jinja
Raw Blame History

---
# Frontend component (Python/Pyramid served by gunicorn)
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: frontend
labels:
app: badges
spec:
replicas: 1
selector:
app: badges
deploymentconfig: frontend
strategy:
type: Rolling
activeDeadlineSeconds: 21600
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
template:
metadata:
creationTimestamp: null
labels:
app: badges
deploymentconfig: frontend
spec:
containers:
- name: frontend
image: tahrir:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
volumeMounts:
- name: etc-badges
mountPath: "/etc/badges"
readOnly: true
- name: rules
mountPath: "/var/lib/badges"
readOnly: true
- name: wsgi-script-volume
mountPath: "/opt/app-root/src/deploy"
readOnly: true
- name: ipa-config-volume
mountPath: /etc/ipa
readOnly: true
- name: keytab-volume
mountPath: /etc/keytabs
readOnly: true
- name: fedora-messaging-ca-volume
mountPath: /etc/pki/fedora-messaging/ca
readOnly: true
- name: tahrir-fedora-messaging-key-volume
mountPath: /etc/pki/fedora-messaging/key
readOnly: true
- name: tahrir-fedora-messaging-crt-volume
mountPath: /etc/pki/fedora-messaging/crt
readOnly: true
env:
- name: FLASK_CONFIG
value: "/etc/badges/tahrir.cfg"
- name: APP_MODULE
value: "deploy.wsgi"
- name: APP_CONFIG
value: "/etc/badges/gunicorn.conf.py"
- name: KRB5_CONFIG
value: /etc/ipa/krb5.conf
- name: KRB5_CLIENT_KTNAME
value: /etc/keytabs/fedbadges.keytab
- name: FEDORA_MESSAGING_CONF
value: /etc/badges/fm-tahrir.toml
readinessProbe:
timeoutSeconds: 10
initialDelaySeconds: 5
periodSeconds: 60
httpGet:
path: "/healthz/ready"
port: 8080
livenessProbe:
timeoutSeconds: 10
initialDelaySeconds: 10
periodSeconds: 60
httpGet:
path: "/healthz/live"
port: 8080
volumes:
- name: etc-badges
configMap:
name: badges
- name: rules
persistentVolumeClaim:
claimName: rules
- name: wsgi-script-volume
configMap:
name: wsgi-script
- name: ipa-config-volume
configMap:
name: ipa-client-config
- name: keytab-volume
secret:
secretName: fedbadges-keytab
- name: fedora-messaging-ca-volume
secret:
secretName: fedora-messaging-ca
- name: tahrir-fedora-messaging-key-volume
secret:
secretName: tahrir-fedora-messaging-key
- name: tahrir-fedora-messaging-crt-volume
secret:
secretName: tahrir-fedora-messaging-crt
triggers:
- type: ConfigChange
- type: ImageChange
imageChangeParams:
automatic: true
containerNames:
- frontend
from:
kind: ImageStreamTag
name: tahrir:latest
---
# Consumer component (Fedora Messaging consume command)
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: consumer
labels:
app: badges
spec:
# There can be as many as necessary
replicas: {{ (env == 'production')|ternary(2, 1) }}
selector:
app: badges
deploymentconfig: consumer
strategy:
type: Recreate
recreateParams:
mid:
execNewPod:
command: [/opt/app-root/bin/tahrir-sync-db, /etc/badges/tahrir.cfg]
containerName: consumer
volumes:
- etc-badges
failurePolicy: Abort
template:
metadata:
creationTimestamp: null
labels:
app: badges
deploymentconfig: consumer
spec:
containers:
- name: consumer
imagePullPolicy: Always
volumeMounts:
- name: etc-badges
mountPath: "/etc/badges"
readOnly: true
- name: rules
mountPath: "/var/lib/badges"
readOnly: true
- name: ipa-config-volume
mountPath: /etc/ipa
readOnly: true
- name: keytab-volume
mountPath: /etc/keytabs
readOnly: true
- name: fedora-messaging-ca-volume
mountPath: /etc/pki/fedora-messaging/ca
readOnly: true
- name: fedora-messaging-key-volume
mountPath: /etc/pki/fedora-messaging/key
readOnly: true
- name: fedora-messaging-crt-volume
mountPath: /etc/pki/fedora-messaging/crt
readOnly: true
env:
- name: KRB5_CONFIG
value: /etc/ipa/krb5.conf
- name: KRB5_CLIENT_KTNAME
value: /etc/keytabs/fedbadges.keytab
volumes:
- name: etc-badges
configMap:
name: badges
- name: rules
persistentVolumeClaim:
claimName: rules
- name: ipa-config-volume
configMap:
name: ipa-client-config
- name: keytab-volume
secret:
secretName: fedbadges-keytab
- name: fedora-messaging-ca-volume
secret:
secretName: fedora-messaging-ca
- name: fedora-messaging-key-volume
secret:
secretName: fedora-messaging-key
- name: fedora-messaging-crt-volume
secret:
secretName: fedora-messaging-crt
triggers:
- type: ConfigChange
- type: ImageChange
imageChangeParams:
automatic: true
containerNames:
- consumer
from:
kind: ImageStreamTag
name: fedbadges:latest
---
# Redis, for caching
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: redis
labels:
app: badges
service: redis
spec:
replicas: 1
selector:
app: badges
deploymentconfig: redis
template:
metadata:
labels:
app: badges
deploymentconfig: redis
spec:
containers:
- name: redis
image: redis:latest
volumeMounts:
- name: data
mountPath: "/bitnami/redis/data"
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: badges
key: redis-password
livenessProbe:
exec:
command: ['redis-cli', 'ping']
failureThreshold: 3
initialDelaySeconds: 15
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
exec:
command: ['redis-cli', 'ping']
failureThreshold: 3
periodSeconds: 60
successThreshold: 1
timeoutSeconds: 1
volumes:
- name: data
persistentVolumeClaim:
claimName: redis
triggers:
- type: ConfigChange
- type: ImageChange
imageChangeParams:
automatic: true
containerNames:
- redis
from:
kind: ImageStreamTag
name: redis:latest
Reference in a new issue View git blame Copy permalink