hlaeja-old/hlaeja-development
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rename kube to kubectl and add README.md

Browse Source
This commit is contained in:
Mr. Swordsteel
2025-07-28 11:34:01 +02:00
committed by swordsteel
parent c91bafd272
commit fe01ad9125
46 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
kubectl/01-initialize/01-namespace.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: hlaeja
labels:
environment: testing

11
kubectl/01-initialize/02-registry-secret.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: Secret
metadata:
name: github
namespace: hlaeja
labels:
environment: testing
type: kubernetes.io/dockerconfigjson
data:
# Look at /doc/k8s-docker-registry.md to this value
.dockerconfigjson: DockerRegistryBase64==

15
kubectl/01-initialize/03-account-jwt-private-key-secret.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: Secret
metadata:
name: account-jwt-private-key
namespace: hlaeja
labels:
app: account-register
environment: testing
tier: backend
type: Opaque
data:
# Look at /doc/rsa_key.md, for how to make real values
private_key.pem: AccountJwtPrivateKeyFileBase64==

13
kubectl/01-initialize/04-account-jwt-public-key-secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: account-jwt-public-key
namespace: hlaeja
labels:
app: account-register
environment: testing
tier: frontend
type: Opaque
data:
# Look at /doc/rsa_key.md, for how to make real values
public_key.pem: AccountJwtPublicKeyFileBase64==

13
kubectl/01-initialize/05-device-jwt-private-key-secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: device-jwt-private-key
namespace: hlaeja
labels:
app: device-register
environment: testing
tier: backend
type: Opaque
data:
# Look at /doc/rsa_key.md, for how to make real values
private_key.pem: DeviceJwtPrivateKeyFileBase64==

13
kubectl/01-initialize/06-device-jwt-public-key-secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: device-jwt-public-key
namespace: hlaeja
labels:
app: device-register
environment: testing
tier: frontend
type: Opaque
data:
# Look at /doc/rsa_key.md, for how to make real values
public_key.pem: DeviceJwtPublicKeyFileBase64==

12
kubectl/01-initialize/07-device-api-keystore.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: device-api-keystore
namespace: hlaeja
labels:
environment: testing
type: Opaque
data:
# Look at /doc/keystore.md, for how to make real values
keystore.p12: DeviceApiKeystoreFileBase64==
keystore-password: DeviceApiKeystorePasswordBase64==

12
kubectl/01-initialize/08-register-api-keystore.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: registry-api-keystore
namespace: hlaeja
labels:
environment: testing
type: Opaque
data:
# Look at /doc/keystore.md, for how to make real values
keystore.p12: RegistryApiKeystoreFileBase64==
keystore-password: RegistryApiKeystorePasswordBase64==

12
kubectl/02-databases/01-postgres/01-secret.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: postgres
namespace: hlaeja
labels:
app: postgres
environment: testing
tier: database
type: Opaque
stringData:
POSTGRES_PASSWORD: "password"

11
kubectl/02-databases/01-postgres/02-configmap.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: postgres
namespace: hlaeja
labels:
app: postgres
environment: testing
tier: database
data:
POSTGRES_USER: "postgres"

42
kubectl/02-databases/01-postgres/03-statefulset.yaml Normal file
View File

@@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgres
namespace: hlaeja
labels:
app: postgres
environment: testing
tier: database
spec:
serviceName: postgres
replicas: 1
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
containers:
- name: postgres
image: postgres:17
ports:
- containerPort: 5432
envFrom:
- configMapRef:
name: postgres
- secretRef:
name: postgres
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
volumeClaimTemplates:
- metadata:
name: postgres-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

21
kubectl/02-databases/01-postgres/04-service.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: postgres
namespace: hlaeja
labels:
app: postgres
environment: testing
tier: database
annotations:
metallb.universe.tf/address-pool: default
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.141
selector:
app: postgres
ports:
- port: 5432
targetPort: 5432
protocol: TCP
name: postgres

38
kubectl/02-databases/02-cassandra/01-statefulset.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: cassandra
namespace: hlaeja
labels:
app: cassandra
environment: testing
tier: database
spec:
serviceName: cassandra
replicas: 1
selector:
matchLabels:
app: cassandra
template:
metadata:
labels:
app: cassandra
spec:
terminationGracePeriodSeconds: 1800
containers:
- name: cassandra
image: cassandra:5.0.4
ports:
- containerPort: 9042
volumeMounts:
- name: cassandra-data
mountPath: /var/lib/cassandra
volumeClaimTemplates:
- metadata:
name: cassandra-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi

21
kubectl/02-databases/02-cassandra/02-service.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: cassandra
namespace: hlaeja
labels:
app: cassandra
environment: testing
tier: database
annotations:
metallb.universe.tf/address-pool: default
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.142
selector:
app: cassandra
ports:
- port: 9042
targetPort: 9042
protocol: TCP
name: cql

13
kubectl/02-databases/03-influxdb/01-secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: influxdb
namespace: hlaeja
labels:
app: influxdb
environment: testing
tier: database
type: Opaque
stringData:
DOCKER_INFLUXDB_INIT_PASSWORD: "password"
DOCKER_INFLUXDB_INIT_ADMIN_TOKEN: "influxdbToken=="

14
kubectl/02-databases/03-influxdb/02-configmap.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: influxdb
namespace: hlaeja
labels:
app: influxdb
environment: testing
tier: database
data:
DOCKER_INFLUXDB_INIT_MODE: "setup"
DOCKER_INFLUXDB_INIT_USERNAME: "influx"
DOCKER_INFLUXDB_INIT_ORG: "hlaeja_ltd"
DOCKER_INFLUXDB_INIT_BUCKET: "device-data"

41
kubectl/02-databases/03-influxdb/03-statefulset.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: influxdb
namespace: hlaeja
labels:
app: influxdb
environment: testing
tier: database
spec:
serviceName: influxdb
replicas: 1
selector:
matchLabels:
app: influxdb
template:
metadata:
labels:
app: influxdb
spec:
containers:
- name: influxdb
image: influxdb:2.7.12
ports:
- containerPort: 8086
envFrom:
- configMapRef:
name: influxdb
- secretRef:
name: influxdb
volumeMounts:
- name: influxdb-data
mountPath: /var/lib/influxdb2
volumeClaimTemplates:
- metadata:
name: influxdb-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 10Gi

21
kubectl/02-databases/03-influxdb/04-service.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: influxdb
namespace: hlaeja
labels:
app: influxdb
environment: testing
tier: database
annotations:
metallb.universe.tf/address-pool: default
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.143
selector:
app: influxdb
ports:
- port: 80
targetPort: 8086
protocol: TCP
name: influxdb

43
kubectl/02-databases/04-redis/01-statefulset.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
namespace: hlaeja
labels:
app: redis
environment: testing
tier: database
spec:
serviceName: redis
replicas: 1
selector:
matchLabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- name: redis
image: redis:8.0.3-alpine
ports:
- containerPort: 6379
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
volumeMounts:
- name: redis-data
mountPath: /data
volumeClaimTemplates:
- metadata:
name: redis-data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 1Gi

21
kubectl/02-databases/04-redis/02-service.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: hlaeja
labels:
app: redis
environment: testing
tier: database
annotations:
metallb.universe.tf/address-pool: default
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.144
selector:
app: redis
ports:
- port: 6379
targetPort: 6379
protocol: TCP
name: cql

12
kubectl/03-hlaeja/01-account-registry/01-secret.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: account-register
namespace: hlaeja
labels:
app: account-register
environment: testing
tier: backend
type: Opaque
stringData:
SPRING_R2DBC_PASSWORD: "password"

14
kubectl/03-hlaeja/01-account-registry/02-configmap.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: account-register
namespace: hlaeja
labels:
app: account-register
environment: testing
tier: backend
data:
SPRING_PROFILES_ACTIVE: "testing"
SPRING_R2DBC_URL: "r2dbc:postgresql://postgres:5432/account_registry"
SPRING_R2DBC_USERNAME: "services"
JWT_PRIVATE_KEY: "cert/private_key.pem"

43
kubectl/03-hlaeja/01-account-registry/03-deployment.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: account-register
namespace: hlaeja
labels:
app: account-register
environment: testing
tier: backend
spec:
replicas: 1
selector:
matchLabels:
app: account-register
template:
metadata:
labels:
app: account-register
spec:
imagePullSecrets:
- name: github
containers:
- name: account-register-app
image: ghcr.io/swordsteel/hlaeja-account-registry:0.2.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: account-register
- secretRef:
name: account-register
volumeMounts:
- name: jwt-key-volume
mountPath: /app/resources/cert
readOnly: true
ports:
- containerPort: 8080
volumes:
- name: jwt-key-volume
secret:
secretName: account-jwt-private-key
items:
- key: private_key.pem
path: private_key.pem

20
kubectl/03-hlaeja/01-account-registry/04-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: account-register
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: account-register
environment: testing
tier: backend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.111
selector:
app: account-register
ports:
- protocol: TCP
port: 80
targetPort: 8080

12
kubectl/03-hlaeja/02-device-registry/01-secret.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: device-register
namespace: hlaeja
labels:
app: device-register
environment: testing
tier: backend
type: Opaque
stringData:
SPRING_R2DBC_PASSWORD: "password"

14
kubectl/03-hlaeja/02-device-registry/02-configmap.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: device-register
namespace: hlaeja
labels:
app: device-register
environment: testing
tier: backend
data:
SPRING_PROFILES_ACTIVE: "testing"
SPRING_R2DBC_URL: "r2dbc:postgresql://postgres:5432/device_registry"
SPRING_R2DBC_USERNAME: "services"
JWT_PRIVATE_KEY: "cert/private_key.pem"

43
kubectl/03-hlaeja/02-device-registry/03-deployment.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: device-register
namespace: hlaeja
labels:
app: device-register
environment: testing
tier: backend
spec:
replicas: 1
selector:
matchLabels:
app: device-register
template:
metadata:
labels:
app: device-register
spec:
imagePullSecrets:
- name: github
containers:
- name: device-register-app
image: ghcr.io/swordsteel/hlaeja-device-registry:0.5.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: device-register
- secretRef:
name: device-register
volumeMounts:
- name: jwt-key-volume
mountPath: /app/resources/cert
readOnly: true
ports:
- containerPort: 8080
volumes:
- name: jwt-key-volume
secret:
secretName: device-jwt-private-key
items:
- key: private_key.pem
path: private_key.pem

20
kubectl/03-hlaeja/02-device-registry/04-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: device-register
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: device-register
environment: testing
tier: backend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.112
selector:
app: device-register
ports:
- protocol: TCP
port: 80
targetPort: 8080

12
kubectl/03-hlaeja/03-device-configuration/01-secret.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: device-configuration
namespace: hlaeja
labels:
app: device-configuration
environment: testing
tier: backend
type: Opaque
stringData:
SPRING_CASSANDRA_PASSWORD: "password"

13
kubectl/03-hlaeja/03-device-configuration/02-configmap.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: device-configuration
namespace: hlaeja
labels:
app: device-configuration
environment: testing
tier: backend
data:
SPRING_PROFILES_ACTIVE: "testing"
SPRING_CASSANDRA_USERNAME: "cassandra"
SPRING_CASSANDRA_CONTACT_POINTS: "cassandra"

32
kubectl/03-hlaeja/03-device-configuration/03-deployment.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: device-configuration
namespace: hlaeja
labels:
app: device-configuration
environment: testing
tier: backend
spec:
replicas: 1
selector:
matchLabels:
app: device-configuration
template:
metadata:
labels:
app: device-configuration
spec:
imagePullSecrets:
- name: github
containers:
- name: device-configuration-app
image: ghcr.io/swordsteel/hlaeja-device-configuration:0.1.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: device-configuration
- secretRef:
name: device-configuration
ports:
- containerPort: 8080

20
kubectl/03-hlaeja/03-device-configuration/04-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: device-configuration
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: device-configuration
environment: testing
tier: backend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.113
selector:
app: device-configuration
ports:
- protocol: TCP
port: 80
targetPort: 8080

12
kubectl/03-hlaeja/04-device-data/01-secret.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
name: device-data
namespace: hlaeja
labels:
app: device-data
environment: testing
tier: backend
type: Opaque
stringData:
INFLUXDB_TOKEN: "influxdbToken=="

12
kubectl/03-hlaeja/04-device-data/02-configmap.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: device-data
namespace: hlaeja
labels:
app: device-data
environment: testing
tier: backend
data:
SPRING_PROFILES_ACTIVE: "testing"
INFLUXDB_URL: "http://influxdb"

32
kubectl/03-hlaeja/04-device-data/03-deployment.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: device-data
namespace: hlaeja
labels:
app: device-data
environment: testing
tier: backend
spec:
replicas: 1
selector:
matchLabels:
app: device-data
template:
metadata:
labels:
app: device-data
spec:
imagePullSecrets:
- name: github
containers:
- name: device-data-app
image: ghcr.io/swordsteel/hlaeja-device-data:0.1.1
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: device-data
- secretRef:
name: device-data
ports:
- containerPort: 8080

20
kubectl/03-hlaeja/04-device-data/04-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: device-data
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: device-data
environment: testing
tier: backend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.114
selector:
app: device-data
ports:
- protocol: TCP
port: 80
targetPort: 8080

32
kubectl/03-hlaeja/05-device-api/01-configmap.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: device-api
namespace: hlaeja
labels:
app: device-api
environment: testing
tier: frontend
data:
SPRING_PROFILES_ACTIVE: "testing"
SPRING_DATA_REDIS_DATABASE: "1"
SPRING_DATA_REDIS_HOST: "redis"
DEVICE_CONFIGURATION_URL: "http://device-configuration"
DEVICE_DATA_URL: "http://device-data"
DEVICE_REGISTRY_URL: "http://device-register"
# all of this should be preset in application.yaml
SERVER_PORT: "8443"
SERVER_SSL_ENABLED: "true"
SERVER_SSL_KEY_STORE: "/app/resources/cert/keystore.p12"
SERVER_SSL_KEY_STORE_TYPE: "PKCS12"
# This was experimental and should be removed in later versions
MANAGEMENT_METRICS_TAGS_APPLICATION: "device-api"
MANAGEMENT_INFLUX_METRICS_EXPORT_ENABLED: "false"
MANAGEMENT_INFLUX_METRICS_EXPORT_URL: "http://influxdb"
# adding this here as it's going to be deleted and is not sued internally
MANAGEMENT_INFLUX_METRICS_EXPORT_TOKEN: "invalidInfluxDbToken=="

58
kubectl/03-hlaeja/05-device-api/02-deployment.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: device-api
namespace: hlaeja
labels:
app: device-api
environment: testing
tier: frontend
spec:
replicas: 1
selector:
matchLabels:
app: device-api
template:
metadata:
labels:
app: device-api
spec:
imagePullSecrets:
- name: github
containers:
- name: device-api-app
image: ghcr.io/swordsteel/hlaeja-device-api:0.4.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8443
envFrom:
- configMapRef:
name: device-api
env:
- name: SERVER_SSL_KEY_STORE_PASSWORD
valueFrom:
secretKeyRef:
name: device-api-keystore
key: keystore-password
volumeMounts:
- name: keystore-volume
mountPath: /app/resources/cert/keystore.p12
subPath: keystore.p12
readOnly: true
- name: jwt-volume
mountPath: /app/resources/cert/public_key.pem
subPath: public_key.pem
readOnly: true
volumes:
- name: keystore-volume
secret:
secretName: device-api-keystore
items:
- key: keystore.p12
path: keystore.p12
- name: jwt-volume
secret:
secretName: device-jwt-public-key
items:
- key: public_key.pem
path: public_key.pem

20
kubectl/03-hlaeja/05-device-api/03-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: device-api
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: device-api
environment: testing
tier: frontend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.102
selector:
app: device-api
ports:
- protocol: TCP
port: 443
targetPort: 8443

29
kubectl/03-hlaeja/06-registry-api/01-configmap.yaml Normal file
View File

@@ -0,0 +1,29 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: registry-api
namespace: hlaeja
labels:
app: registry-api
environment: testing
tier: frontend
data:
SPRING_PROFILES_ACTIVE: "testing"
ACCOUNT_REGISTRY_URL: "http://account-register"
DEVICE_REGISTRY_URL: "http://device-register"
# all of this should be preset in application.yaml
SERVER_PORT: "8443"
SERVER_SSL_ENABLED: "true"
SERVER_SSL_KEY_STORE: "/app/resources/cert/keystore.p12"
SERVER_SSL_KEY_STORE_TYPE: "PKCS12"
# This was experimental and should be removed in later versions
MANAGEMENT_METRICS_TAGS_APPLICATION: "register-api"
MANAGEMENT_INFLUX_METRICS_EXPORT_ENABLED: "false"
MANAGEMENT_INFLUX_METRICS_EXPORT_URL: "http://influxdb"
# adding this here as it's going to be deleted and is not sued internally
MANAGEMENT_INFLUX_METRICS_EXPORT_TOKEN: "invalidInfluxDbToken=="

58
kubectl/03-hlaeja/06-registry-api/02-deployment.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: registry-api
namespace: hlaeja
labels:
app: registry-api
environment: testing
tier: frontend
spec:
replicas: 1
selector:
matchLabels:
app: registry-api
template:
metadata:
labels:
app: registry-api
spec:
imagePullSecrets:
- name: github
containers:
- name: registry-api-app
image: ghcr.io/swordsteel/hlaeja-registry-api:0.2.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8443
envFrom:
- configMapRef:
name: registry-api
env:
- name: SERVER_SSL_KEY_STORE_PASSWORD
valueFrom:
secretKeyRef:
name: registry-api-keystore
key: keystore-password
volumeMounts:
- name: keystore-volume
mountPath: /app/resources/cert/keystore.p12
subPath: keystore.p12
readOnly: true
- name: jwt-volume
mountPath: /app/resources/cert/public_key.pem
subPath: public_key.pem
readOnly: true
volumes:
- name: keystore-volume
secret:
secretName: registry-api-keystore
items:
- key: keystore.p12
path: keystore.p12
- name: jwt-volume
secret:
secretName: account-jwt-public-key
items:
- key: public_key.pem
path: public_key.pem

20
kubectl/03-hlaeja/06-registry-api/03-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: registry-api
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: registry-api
environment: testing
tier: frontend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.103
selector:
app: registry-api
ports:
- protocol: TCP
port: 443
targetPort: 8443

15
kubectl/03-hlaeja/07-management/01-configmap.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: management
namespace: hlaeja
labels:
app: management
environment: testing
tier: frontend
data:
SPRING_PROFILES_ACTIVE: "testing"
SPRING_DATA_REDIS_DATABASE: "2"
SPRING_DATA_REDIS_HOST: "redis"
ACCOUNT_REGISTRY_URL: "http://account-register"
DEVICE_REGISTRY_URL: "http://device-register"

42
kubectl/03-hlaeja/07-management/02-deployment.yaml Normal file
View File

@@ -0,0 +1,42 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: management
namespace: hlaeja
labels:
app: management
environment: testing
tier: frontend
spec:
replicas: 1
selector:
matchLabels:
app: management
template:
metadata:
labels:
app: management
spec:
imagePullSecrets:
- name: github
containers:
- name: management-app
image: ghcr.io/swordsteel/hlaeja-management:0.2.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
envFrom:
- configMapRef:
name: management
volumeMounts:
- name: jwt-volume
mountPath: /app/resources/cert/public_key.pem
subPath: public_key.pem
readOnly: true
volumes:
- name: jwt-volume
secret:
secretName: account-jwt-public-key
items:
- key: public_key.pem
path: public_key.pem

20
kubectl/03-hlaeja/07-management/03-service.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: management
namespace: hlaeja
annotations:
metallb.universe.tf/address-pool: default
labels:
app: management
environment: testing
tier: frontend
spec:
type: LoadBalancer
loadBalancerIP: 10.0.3.101
selector:
app: management
ports:
- protocol: TCP
port: 80
targetPort: 8080

3
kubectl/README.md Normal file
View File

@@ -0,0 +1,3 @@
# Hlæja kubectl
this folder is not getting updated it's here as en example, look in helm folder