init helm resources

Chart.yaml

+apiVersion: v2
+name: cdb
+description: All applications in the cdb ecosystem
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: snapshot
+maintainers:
+- name: takiformation
+  email: takiformation@takima.school

templates/api-config.yaml

+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: api-config
+data:
+  DB_ENDPOINT: "postgres:5432"
+  DB_NAME: "cdb-db"

templates/api-deployment.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: api
+  labels:
+    app: api
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: api
+  template:
+    metadata:
+      labels:
+        app: api
+    spec:
+      securityContext:
+        runAsUser: 1001
+        runAsGroup: 1001
+      imagePullSecrets:
+        - name: takima-school-registry
+      containers:
+      - name: api
+        image: registry.gitlab.com/takima-school/images/cdb/api:latest
+        resources:
+          requests:
+            memory: "192M"
+            cpu: "0.2"
+          limits:
+            memory: "256M"
+            cpu: "1"
+        startupProbe:
+          httpGet:
+            path: /actuator/health
+            port: 8080
+          initialDelaySeconds: 15
+          periodSeconds: 3
+          successThreshold: 1
+          failureThreshold: 5
+        livenessProbe:
+          httpGet:
+            path: /actuator/health/liveness
+            port: 8080
+          periodSeconds: 3
+          successThreshold: 1
+          failureThreshold: 3
+        readinessProbe:
+          httpGet:
+            path: /actuator/health/readiness
+            port: 8080
+          periodSeconds: 1
+          successThreshold: 1
+          failureThreshold: 3        
+        securityContext:
+          allowPrivilegeEscalation: false
+        ports:
+        - containerPort: 8080
+        env: 
+          - name: DB_ENDPOINT
+            valueFrom:
+              configMapKeyRef:
+                name: api-config
+                key: DB_ENDPOINT
+          - name: POSTGRES_DB
+            valueFrom:
+              configMapKeyRef:
+                name: api-config
+                key: DB_NAME
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: pg-credentials  # Nom du secret
+                key: pg_username     # nom de la clef dans le config map
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: pg-credentials  # Nom du secret
+                key: pg_password 

templates/api-ingress.yaml

+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ annotations:
+   kubernetes.io/ingress.class: nginx
+ name: api
+spec:
+  rules:
+  - host: api.lortola.takima.school
+    http:
+      paths:
+      - backend:
+          service:
+            name: api
+            port:
+              number: 80
+        path: /
+        pathType: Prefix
+  tls:
+  - hosts:
+     - api.lortola.takima.school
+    secretName: app-wildcard
\ No newline at end of file

templates/api-service.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  name: api
+spec:
+  selector:
+    app: api
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
\ No newline at end of file

templates/front-config.yaml

+{{- if .Values.front.enabled }}  
+  {{- $apiUrl := "" }}  
+  {{- if .Values.api.ingress.tls.enabled }}  
+    {{- $apiUrl = printf "https://%s" .Values.api.ingress.host | quote }}  
+  {{- else }}  
+    {{- $apiUrl = printf "http://%s" .Values.api.ingress.host | quote }}  
+  {{- end }}  
+apiVersion: v1  
+kind: ConfigMap  
+metadata:  
+  name: front-config  
+data:  
+  API_URL: {{ $apiUrl }}  
+{{- end }}

templates/front-deployment.yaml

+{{- if .Values.front.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: front
+  labels:
+    app: front
+spec:
+  replicas: {{ .Values.front.replicaCount }}
+  selector:
+    matchLabels:
+      app: front
+  template:
+    metadata:
+      labels:
+        app: front
+    spec:
+      imagePullSecrets:
+        - name: auth-master3-registry
+      containers:
+      - name: front
+        image: {{ .Values.front.image.repository }}:{{ .Values.front.image.tag }}
+        ports:
+        - containerPort: 80
+        resources:
+          requests:
+            memory: "100Mi"
+            cpu: "0.1"
+          limits:
+            memory: "300Mi"
+            cpu: "0.5"
+        env:
+          - name: API_URL
+            valueFrom:
+              configMapKeyRef:
+                name: front-config
+                key: API_URL
+{{- end }}
\ No newline at end of file

templates/front-ingress.yaml

+{{- if .Values.front.enabled }}
+{{- if .Values.front.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    kubernetes.io/ingress.class: nginx
+{{- if .Values.front.ingress.tls.enabled }}
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+{{- end }}
+  name: front
+spec:
+  rules:
+  - host: {{ .Values.front.ingress.host }}
+    http:
+      paths:
+      - backend:
+          service:
+            name: {{ .Values.front.serviceName }}
+            port:
+              number: {{ .Values.front.servicePort }}
+        path: /
+        pathType: Prefix
+{{- if .Values.front.ingress.tls.enabled }}
+  tls:
+  - hosts:
+      - {{ .Values.front.ingress.host }}
+    secretName: front-tls
+    {{- end }} 
+{{- end }}
+{{- end }}
\ No newline at end of file

templates/front-service.yaml

+{{- if .Values.front.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.front.serviceName }}
+spec:
+  selector:
+    app: front
+  ports:
+    - protocol: TCP
+      port: {{ .Values.front.servicePort }}
+      targetPort: 80
+{{- end }}
\ No newline at end of file

templates/pg-config.yaml

+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: pg-config
+data:
+  db_name: "cdb-db"
+  db_path: "/var/lib/postgresql/data/pgdata"

templates/pg-credentials.yaml

+apiVersion: v1
+kind: Secret
+metadata:
+  name: pg-credentials
+type: Opaque
+data:
+  pg_username: YWRtaW4=   # user: admin
+  pg_password: dGVzdDEyMyo=  # pwd: test123*

templates/pg-deployment.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: pg-database
+  labels:
+    app: pg
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: pg
+  template:
+    metadata:
+      labels:
+        app: pg
+    spec:
+      containers:
+      - name: postgres
+        image: registry.takima.io/school/proxy/postgres:latest
+        ports:
+        - containerPort: 80
+        env:
+          - name: POSTGRES_DB
+            valueFrom:
+              configMapKeyRef:
+                name: pg-config  # Nom du configmap
+                key: db_name     # nom de la clef dans le config map contenant le nom de la DB
+          - name: PGDATA
+            valueFrom:
+              configMapKeyRef:
+                name: pg-config  # Nom du configmap
+                key: db_path     # nom de la clef dans le configMap contenant path ou installer la db dans le volume persistant
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: pg-credentials  # Nom du secret
+                key: pg_username     # nom de la clef dans le secret
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: pg-credentials  # Nom du secret
+                key: pg_password     # nom de la clef dans le secret contenant le password
+      imagePullSecrets:
+      - name: takima-school-registry

templates/pg-service.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres
+  labels:
+    app: pg
+spec:
+  type: ClusterIP
+  ports:
+   - port: 5432
+  selector:
+   app: pg
\ No newline at end of file

values.yaml

+# Default values for CDB app.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+## The global properties are used to configure multiple charts at once.
+## Extended documentation at doc/charts/globals.md
+
+api:
+  enabled: true
+  ingress:
+    tls:
+      enable: false
+    host: api.to-replace.takima.school
+
+front:
+  enabled: true
+  image:
+    repository: registry.master3.takima.io/guide/kubernetes-resources/front
+    tag: latest
+  serviceName: front
+  servicePort: 80
+  replicaCount: 3
+  ingress:
+    enabled: true
+    host: www.to-replace.takima.school
+    tls:
+      enabled: false
+
+db:
+  enabled: true
+  image:
+    repository: registry.master3.takima.io/guide/kubernetes-resources/db
+    tag: latest
+  name: "cdb-db"
+  path: "/var/lib/postgresql/data/pgdata"
+  serviceName: db
+  servicePort: 5432
+  pvc:
+    storageClass: gp2
+    size: 512Mi
+  credentials:
+    user: cdb
+    pwd: cdb123
+