From 26c227c06285f0f73b61ebd11e7d93a0b027db83 Mon Sep 17 00:00:00 2001 From: Vargha Csongor Date: Sun, 17 Mar 2024 16:59:09 +0100 Subject: [PATCH] auth service deployment --- deployment/auth-service/certificate.yaml | 29 +++++++++++ deployment/auth-service/deployment.yaml | 50 +++++++++++++++++++ .../auth-service/horizontalPodAutoScaler.yaml | 26 ++++++++++ deployment/auth-service/service.yaml | 17 +++++++ 4 files changed, 122 insertions(+) create mode 100644 deployment/auth-service/certificate.yaml create mode 100644 deployment/auth-service/deployment.yaml create mode 100644 deployment/auth-service/horizontalPodAutoScaler.yaml create mode 100644 deployment/auth-service/service.yaml diff --git a/deployment/auth-service/certificate.yaml b/deployment/auth-service/certificate.yaml new file mode 100644 index 0000000..2e4a060 --- /dev/null +++ b/deployment/auth-service/certificate.yaml @@ -0,0 +1,29 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: gh-auth-service-certificate + annotations: + argocd.argoproj.io/hook: PreSync +spec: + isCA: false + duration: 2160h # 90d + renewBefore: 360h # 15d + dnsNames: + - gh-auth-service.generations-heritage.svc.cluster.local + - gh-auth-service + - localhost + ipAddresses: + - 127.0.0.1 + subject: + organizations: + - GenerationsHeritage + secretName: gh-auth-service-tls + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 2048 + issuerRef: + name: default-cluster-ca-issuer + kind: ClusterIssuer + group: cert-manager.io + \ No newline at end of file diff --git a/deployment/auth-service/deployment.yaml b/deployment/auth-service/deployment.yaml new file mode 100644 index 0000000..7461017 --- /dev/null +++ b/deployment/auth-service/deployment.yaml @@ -0,0 +1,50 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: gh-auth-service + app.kubernetes.io/name: gh-auth-service + annotations: + argocd.argoproj.io/sync-wave: "1" + argocd.argoproj.io/hook: Synce + name: gh-auth-service + namespace: generations-heritage +spec: + podManagementPolicy: OrderedReady + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: gh-auth-service + app.kubernetes.io/name: gh-auth-service + serviceName: gh-auth-service + template: + metadata: + labels: + app.kubernetes.io/instance: gh-auth-service + app.kubernetes.io/name: gh-auth-service + spec: + containers: + - image: vcscsvcscs/gheritage-auth-service:latest + imagePullPolicy: Always + name: gh-auth-service + ports: + - containerPort: 443 + name: gin + securityContext: + runAsUser: 0 + resources: + limits: + cpu: 250m + memory: 200Mi + requests: + cpu: 100m + memory: 50Mi + volumeMounts: + - name: gh-auth-service-certs + mountPath: /etc/gh-auth-service/ssl + volumes: + - name: gh-auth-service-certs + secret: + secretName: gh-auth-service-tls + updateStrategy: + type: RollingUpdate \ No newline at end of file diff --git a/deployment/auth-service/horizontalPodAutoScaler.yaml b/deployment/auth-service/horizontalPodAutoScaler.yaml new file mode 100644 index 0000000..413e418 --- /dev/null +++ b/deployment/auth-service/horizontalPodAutoScaler.yaml @@ -0,0 +1,26 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: gh-auth-service + annotations: + argocd.argoproj.io/hook: PostSync +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: gh-auth-service + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 50 + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: 50 diff --git a/deployment/auth-service/service.yaml b/deployment/auth-service/service.yaml new file mode 100644 index 0000000..8239fec --- /dev/null +++ b/deployment/auth-service/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: gh-auth-service + app.kubernetes.io/name: gh-auth-service + name: gh-auth-service +spec: + ports: + - name: gin + port: 443 + protocol: TCP + targetPort: 443 + selector: + app.kubernetes.io/instance: gh-auth-service + app.kubernetes.io/name: gh-auth-service + type: ClusterIP \ No newline at end of file