From 486b8f6f03e9520fe8f0a0b1f1048e6d5d95f7af Mon Sep 17 00:00:00 2001 From: JP Gouigoux Date: Sat, 27 Aug 2022 02:18:45 +0200 Subject: [PATCH] =?UTF-8?q?Fichiers=20descriptifs=20YAML=20pour=20d=C3=A9p?= =?UTF-8?q?loiement=20Kubernetes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- TestOIDCBlazorWASM.sln | 16 ++++++++++- k8s/api.yaml | 61 ++++++++++++++++++++++++++++++++++++++++++ k8s/configmap.yaml | 8 ++++++ k8s/db.yaml | 54 +++++++++++++++++++++++++++++++++++++ k8s/ged.yaml | 42 +++++++++++++++++++++++++++++ k8s/ingress.yaml | 24 +++++++++++++++++ k8s/mom.yaml | 53 ++++++++++++++++++++++++++++++++++++ k8s/namespace.yaml | 4 +++ k8s/recep.yaml | 51 +++++++++++++++++++++++++++++++++++ k8s/server.yaml | 47 ++++++++++++++++++++++++++++++++ 10 files changed, 359 insertions(+), 1 deletion(-) create mode 100644 k8s/api.yaml create mode 100644 k8s/configmap.yaml create mode 100644 k8s/db.yaml create mode 100644 k8s/ged.yaml create mode 100644 k8s/ingress.yaml create mode 100644 k8s/mom.yaml create mode 100644 k8s/namespace.yaml create mode 100644 k8s/recep.yaml create mode 100644 k8s/server.yaml diff --git a/TestOIDCBlazorWASM.sln b/TestOIDCBlazorWASM.sln index 7855f4b..b45a8f0 100644 --- a/TestOIDCBlazorWASM.sln +++ b/TestOIDCBlazorWASM.sln @@ -18,8 +18,8 @@ EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Éléments de solution", "Éléments de solution", "{6F8A051C-1D13-480B-BCFD-1ABABF1F5C8D}" ProjectSection(SolutionItems) = preProject Caddyfile = Caddyfile - docker-compose-iam.yml = docker-compose-iam.yml docker-compose-full.yml = docker-compose-full.yml + docker-compose-iam.yml = docker-compose-iam.yml docker-compose.yml = docker-compose.yml iam.service = iam.service MotDePasseCertificatClient.secret = MotDePasseCertificatClient.secret @@ -43,6 +43,19 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "images", "images", "{DBA339 images\welcomechemistry.png = images\welcomechemistry.png EndProjectSection EndProject +Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "k8s", "k8s", "{F00792F2-CCB6-44D1-837B-991823149B05}" + ProjectSection(SolutionItems) = preProject + k8s\api.yaml = k8s\api.yaml + k8s\configmap.yaml = k8s\configmap.yaml + k8s\db.yaml = k8s\db.yaml + k8s\ged.yaml = k8s\ged.yaml + k8s\ingress.yaml = k8s\ingress.yaml + k8s\mom.yaml = k8s\mom.yaml + k8s\namespace.yaml = k8s\namespace.yaml + k8s\recep.yaml = k8s\recep.yaml + k8s\server.yaml = k8s\server.yaml + EndProjectSection +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU @@ -79,6 +92,7 @@ Global EndGlobalSection GlobalSection(NestedProjects) = preSolution {DBA33922-0DE1-47AB-BC17-9F2EF2545E5D} = {6F8A051C-1D13-480B-BCFD-1ABABF1F5C8D} + {F00792F2-CCB6-44D1-837B-991823149B05} = {6F8A051C-1D13-480B-BCFD-1ABABF1F5C8D} EndGlobalSection GlobalSection(ExtensibilityGlobals) = postSolution SolutionGuid = {2D65A552-56A9-4CCB-84F3-CCC7D07B0AD9} diff --git a/k8s/api.yaml b/k8s/api.yaml new file mode 100644 index 0000000..ce249a3 --- /dev/null +++ b/k8s/api.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: tobw + name: api-deploy + labels: + app: api +spec: + selector: + matchLabels: + app: api + template: + metadata: + labels: + app: api + spec: + volumes: + - name: secret-volume + secret: + secretName: certifclient + containers: + - name: api + image: registreakseni.azurecr.io/testoidcblazorwasmapi:1.4 + imagePullPolicy: Always + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 443 + env: + - name: Securite__CheminFichierCertificatClient + value: /etc/secret-volume/fichier + - name: Securite__MotDePasseCertificatClient + valueFrom: + secretKeyRef: + name: certifclient + key: motdepasse + optional: false + args: ["--PersistanceNoSQL__PersonnesConnectionString=mongodb://db:27017", "--PersistanceNoSQL__PersonnesDatabaseName=personnes", "--PersistanceNoSQL__PersonnesCollectionName=personnes", "--Securite__EmpreinteCertificatClient=41E81F27F42F381B7406129DAAB055802F9A64B9"] + volumeMounts: + - name: secret-volume + readOnly: true + mountPath: "/etc/secret-volume" +--- +apiVersion: v1 +kind: Service +metadata: + namespace: tobw + name: api-service +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 443 + targetPort: 443 + selector: + app: api \ No newline at end of file diff --git a/k8s/configmap.yaml b/k8s/configmap.yaml new file mode 100644 index 0000000..699807c --- /dev/null +++ b/k8s/configmap.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: tobw + name: tobw-params +data: + ASPNETCORE_ENVIRONMENT: "Development" + URLBaseServiceAPI: "https://api" \ No newline at end of file diff --git a/k8s/db.yaml b/k8s/db.yaml new file mode 100644 index 0000000..4cf2876 --- /dev/null +++ b/k8s/db.yaml @@ -0,0 +1,54 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: tobw + name: db-deploy + labels: + app: db +spec: + selector: + matchLabels: + app: db + template: + metadata: + labels: + app: db + spec: + containers: + - name: db + image: mongo:4.4 + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 250m + memory: 512Mi + ports: + - containerPort: 27017 + readinessProbe: + exec: + command: + - mongo + - --eval + - "'db.runCommand(\"ping\").ok'" + - localhost:27017/personnes + - --quiet + initialDelaySeconds: 1 + periodSeconds: 3 + timeoutSeconds: 1 + failureThreshold: 10 +--- +apiVersion: v1 +kind: Service +metadata: + namespace: tobw + name: db-service +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 27017 + targetPort: 27017 + selector: + app: db \ No newline at end of file diff --git a/k8s/ged.yaml b/k8s/ged.yaml new file mode 100644 index 0000000..de4877c --- /dev/null +++ b/k8s/ged.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: tobw + name: ged-deploy + labels: + app: ged +spec: + selector: + matchLabels: + app: ged + template: + metadata: + labels: + app: ged + spec: + containers: + - name: ged + image: nuxeo:10.10 + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1024Mi + ports: + - containerPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + namespace: tobw + name: ged-service +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 8080 + targetPort: 8080 + selector: + app: ged \ No newline at end of file diff --git a/k8s/ingress.yaml b/k8s/ingress.yaml new file mode 100644 index 0000000..787a619 --- /dev/null +++ b/k8s/ingress.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + namespace: tobw + name: ingress + annotations: + kubernetes.io/ingress.class: addon-http-application-routing +spec: + defaultBackend: + service: + name: server-service + port: + number: 5000 + rules: + - host: tobw.d0b4c61afc1e40ceb652.francecentral.aksapp.io + http: + paths: + - path: /nuxeo + pathType: Prefix + backend: + service: + name: ged-service + port: + number: 8080 \ No newline at end of file diff --git a/k8s/mom.yaml b/k8s/mom.yaml new file mode 100644 index 0000000..d636005 --- /dev/null +++ b/k8s/mom.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: tobw + name: mom-deploy + labels: + app: mom +spec: + selector: + matchLabels: + app: mom + template: + metadata: + labels: + app: mom + spec: + containers: + - name: mom + image: rabbitmq:3-management + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1024Mi + env: + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + name: mom-secrets + key: user + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + name: mom-secrets + key: pass + ports: + - containerPort: 5672 +--- +apiVersion: v1 +kind: Service +metadata: + namespace: tobw + name: mom-service +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 5672 + targetPort: 5672 + selector: + app: mom \ No newline at end of file diff --git a/k8s/namespace.yaml b/k8s/namespace.yaml new file mode 100644 index 0000000..fd9da32 --- /dev/null +++ b/k8s/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: tobw diff --git a/k8s/recep.yaml b/k8s/recep.yaml new file mode 100644 index 0000000..92994a5 --- /dev/null +++ b/k8s/recep.yaml @@ -0,0 +1,51 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: tobw + name: recep-deploy + labels: + app: recep +spec: + replicas: 3 + selector: + matchLabels: + app: recep + template: + metadata: + labels: + app: recep + spec: + volumes: + - name: secret-volume + secret: + secretName: certifclient + containers: + - name: recep + image: registreakseni.azurecr.io/recepteurmessages:1.4 + imagePullPolicy: Always + stdin: true + tty: true + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + env: + - name: Securite__CheminFichierCertificatClient + value: /etc/secret-volume/fichier + - name: Securite__MotDePasseCertificatClient + valueFrom: + secretKeyRef: + name: certifclient + key: motdepasse + optional: false + envFrom: + - configMapRef: + name: tobw-params + args: ["--RabbitMQ__HoteServeur=mom-service.tobw.svc", "--RabbitMQ__Utilisateur=rapido", "--RabbitMQ__MotDePasse=k5rXH6wmBhE2bukfXFsz", "--RabbitMQ__NomQueueMessagesCreationPersonnes=personnes", "--GED__URLAtomPub=http://ged:8080/nuxeo/atom/cmis", "--GED__ServiceAccountName=Administrator", "--GED__ServiceAccountPassword=Administrator", "--GED__ModeleURLExpositionDirecteDocuments=https://dockereni.francecentral.cloudapp.azure.com/nuxeo/atom/cmis/default/content/{nomFichier}?id={idDoc}"] + volumeMounts: + - name: secret-volume + readOnly: true + mountPath: "/etc/secret-volume" diff --git a/k8s/server.yaml b/k8s/server.yaml new file mode 100644 index 0000000..fe6c7c4 --- /dev/null +++ b/k8s/server.yaml @@ -0,0 +1,47 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: tobw + name: server-deploy + labels: + app: server +spec: + selector: + matchLabels: + app: server + template: + metadata: + labels: + app: server + spec: + containers: + - name: server + image: registreakseni.azurecr.io/testoidcblazorwasmserver:1.4 + imagePullPolicy: Always + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 256Mi + ports: + - containerPort: 5000 + envFrom: + - configMapRef: + name: tobw-params + args: ["--RabbitMQ__HoteServeur=mom", "--RabbitMQ__Utilisateur=rapido", "--RabbitMQ__MotDePasse=k5rXH6wmBhE2bukfXFsz", "--RabbitMQ__NomQueueMessagesCreationPersonnes=personnes", "--PersistanceNoSQL__PersonnesConnectionString=mongodb://db:27017", "--PersistanceNoSQL__PersonnesDatabaseName=personnes", "--PersistanceNoSQL__PersonnesCollectionName=personnes", "--OIDC__Authority=https://dockereni.francecentral.cloudapp.azure.com:8443/realms/LivreENI/", "--OIDC__ClientId=appli-eni"] +--- +apiVersion: v1 +kind: Service +metadata: + namespace: tobw + name: server-service +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 5000 + targetPort: 5000 + selector: + app: server \ No newline at end of file