Merge pull request #3237 from quay/qe-readiness

Add all kube templates
This commit is contained in:
Joseph Schorr 2018-09-04 16:35:48 -04:00 committed by GitHub
commit db5b8e68f0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 158 additions and 8 deletions

View file

@ -0,0 +1,40 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
namespace: quay-enterprise
name: quay-enterprise-app
labels:
quay-enterprise-component: app
spec:
replicas: 1
selector:
matchLabels:
quay-enterprise-component: app
template:
metadata:
namespace: quay-enterprise
labels:
quay-enterprise-component: app
spec:
volumes:
- name: configvolume
secret:
secretName: quay-enterprise-config-secret
containers:
- name: quay-enterprise-app
image: quay.io/coreos/quay:v2.9.3
ports:
- containerPort: 80
readinessProbe:
failureThreshold: 3
httpGet:
path: /health
port: 80
initialDelaySeconds: 10
periodSeconds: 5
volumeMounts:
- name: configvolume
readOnly: false
mountPath: /conf/stack
imagePullSecrets:
- name: coreos-pull-secret

View file

@ -0,0 +1,5 @@
apiVersion: v1
kind: Secret
metadata:
namespace: quay-enterprise
name: quay-enterprise-config-secret

View file

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: quay-enterprise

View file

@ -0,0 +1,36 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
namespace: quay-enterprise
name: quay-enterprise-redis
labels:
quay-enterprise-component: redis
spec:
replicas: 1
selector:
matchLabels:
quay-enterprise-component: redis
template:
metadata:
namespace: quay-enterprise
labels:
quay-enterprise-component: redis
spec:
containers:
- name: redis-master
image: quay.io/quay/redis
ports:
- containerPort: 6379
---
apiVersion: v1
kind: Service
metadata:
namespace: quay-enterprise
name: quay-enterprise-redis
labels:
quay-enterprise-component: redis
spec:
ports:
- port: 6379
selector:
quay-enterprise-component: redis

View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
namespace: quay-enterprise
name: quay-enterprise
spec:
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
name: http
- protocol: TCP
port: 443
targetPort: 443
name: https
selector:
quay-enterprise-component: app

View file

@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
namespace: quay-enterprise
name: quay-enterprise
spec:
type: NodePort
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30080
selector:
quay-enterprise-component: app

View file

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: quay-enterprise-secret-writer
namespace: quay-enterprise
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: quay-enterprise-serviceaccount
subjects:
- kind: ServiceAccount
name: default

View file

@ -0,0 +1,21 @@
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: quay-enterprise-serviceaccount
namespace: quay-enterprise
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- put
- patch
- update
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get

View file

@ -20,12 +20,12 @@ This will be used later in the guide.
Next, download each of the following files to your workstation, placing them alongside your pull secret:
- [quay-enterprise-namespace.yml](files/quay-enterprise-namespace.yml)
- [quay-enterprise-config-secret.yml](files/quay-enterprise-config-secret.yml)
- [quay-enterprise-redis.yml](files/quay-enterprise-redis.yml)
- [quay-enterprise-app-rc.yml](files/quay-enterprise-app-rc.yml)
- [quay-enterprise-service-nodeport.yml](files/quay-enterprise-service-nodeport.yml)
- [quay-enterprise-service-loadbalancer.yml](files/quay-enterprise-service-loadbalancer.yml)
- [quay-enterprise-namespace.yml](k8s_templates/quay-enterprise-namespace.yml)
- [quay-enterprise-config-secret.yml](k8s_templates/quay-enterprise-config-secret.yml)
- [quay-enterprise-redis.yml](k8s_templates/quay-enterprise-redis.yml)
- [quay-enterprise-app-rc.yml](k8s_templates/quay-enterprise-app-rc.yml)
- [quay-enterprise-service-nodeport.yml](k8s_templates/quay-enterprise-service-nodeport.yml)
- [quay-enterprise-service-loadbalancer.yml](k8s_templates/quay-enterprise-service-loadbalancer.yml)
## Role Based Access Control
@ -35,8 +35,8 @@ Kubernetes API has minor changes between versions 1.4 and 1.5, Download appropia
### Kubernetes v1.6.x and later RBAC Policies
- [quay-servicetoken-role.yaml](files/quay-servicetoken-role-k8s1-6.yaml)
- [quay-servicetoken-role-binding.yaml](files/quay-servicetoken-role-binding-k8s1-6.yaml)
- [quay-servicetoken-role.yaml](k8s_templates/quay-servicetoken-role-k8s1-6.yaml)
- [quay-servicetoken-role-binding.yaml](k8s_templates/quay-servicetoken-role-binding-k8s1-6.yaml)
## Deploy to Kubernetes