helm/wordyne
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Started creating chart

Browse Source
This commit is contained in:
Lars Scheibling
2023-03-18 23:16:04 +00:00
parent 7b0c0a0950
commit da2afcd24b
20 changed files with 723 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
chart/templates/NOTES.txt
View File

@@ -1,22 +0,0 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "..fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "..fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "..fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "..name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
{{- end }}

53
chart/templates/_helpers.tpl
View File

@@ -1,62 +1,33 @@
{{/*
Expand the name of the chart.
Define the application name and fullname
*/}}
{{- define "..name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- .Values.site.url | trunc 63 | replace "." "-" | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "..fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{ include "..name" . }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
Define the chart name and version
*/}}
{{- define "..chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
Define the chart common labels
*/}}
{{- define "..labels" -}}
helm.sh/chart: {{ include "..chart" . }}
{{ include "..selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "..selectorLabels" -}}
app.kubernetes.io/name: {{ include "..name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "..serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "..fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
cloudyne.systems/package: {{ .Values.customer.package.size }}
{{- end }}

14
chart/templates/certificate.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "..fullname" . }}-cert
labels:
{{- include "..labels" . | nindent 8 }}
spec:
issuerRef:
name: cloudyne-internal-root-v2
kind: ClusterIssuer
secretName: {{ include "..fullname" . }}-cert-secret
commonName: {{ .Values.site.url }}
dnsNames: {{ range .Values.site.ingressNames }}
- {{ . }}{{end}}

263
chart/templates/configmap.yaml Normal file
View File

@@ -0,0 +1,263 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: {{ include "..fullname" . }}-env
labels:
{{- include "..labels" . | nindent 8 }}
data:
SMTP_PORT: 2525
SMTP_AUTH: "true"
SMTP_FORCE_FROM: "noreply@customer.v3.nu"
SMTP_FROM_NAME: "Gunnar Nilsson Maskin AB"
WP_ENV: "production"
WP_HOME: {{ .Values.site.url }}
WP_SITEURL: {{ .Values.site.url }}/wp
{{- if and .values.Site.init .Values.site.init.composerPackage }}
RUN_COMPOSER: "true"
INSTALL_SITE: {{ .Values.site.init.composerPackage }}
SET_THEME: {{ .Values.site.init.themeName | default "" }}
{{- end }}
{{- if and .values.Site.init .Values.site.init.content .Values.site.init.content.import }}
RUN_IMPORTS: "true"
IMPORT_CONTENT: {{ .Values.site.init.content.url }}
{{- end }}
{{- if and .values.Site.init .Values.site.init.database .Values.site.init.database.import }}
RUN_DATABASEIMPORTS: "true"
IMPORT_DATABASE: {{ .Values.site.init.database.url }}
FORCE_IMPORT_DB: {{ .Values.site.init.database.force | default "false" }}
{{- end }}
---
kind: ConfigMap
apiVersion: v1
metadata:
name: {{ include "..fullname" . }}-configfiles
labels:
{{- include "..labels" . | nindent 8 }}
data:
www.conf: |-
[www]
{{- if and .Values.global .Values.global.php }}
listen = {{ .Values.global.php.listenAddress | default "127.0.0.1:8123" }}
listen.backlog = {{ .Values.global.php.listenBacklog | default "511" }}
pm = {{ .Values.global.php.pmMode | default "ondemand" }}
pm.max_children = {{ .Values.global.php.pmMaxChildren | default "100" }}
pm.process_idle_timeout = {{ .Values.global.php.pmProcessIdle | default "30s" }}
pm.max_requests = {{ .Values.global.php.pmMaxRequests | default "1000" }}
security.limit_extensions = {{ .Values.global.php.limitExtensions | default ".php" }}
php_admin_value[expose_php] = {{ .Values.global.php.exposePHP | default "Off" }}
php_admin_value[short_open_tag] = {{ .Values.global.php.shortOpenTag | default "Off" }}
php_admin_value[disable_functions] = {{ .Values.global.php.disableFunctions | default "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source" }}
php_value[log_errors] = {{ .Values.global.php.logErrors | default "On" }}
php_admin_value[date.timezone] = {{ .Values.customer.timezone | default "Europe/Stockholm" }}
{{- else }}
listen = 127.0.0.1:8123
listen.backlog = 511
pm = ondemand
pm.max_children = 100
pm.process_idle_timeout = 30s
pm.max_requests = 1000
security.limit_extensions = .php
php_admin_value[expose_php] = Off
php_admin_value[short_open_tag] = Off
php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source
php_value[log_errors] = On
{{- end }}
ping.path = /fpm-ping
listen.allowed_clients = 127.0.0.1
catch_workers_output = yes
php_value[error_log] = /dev/stderr
{{- if .Values.global.php.adminValues }}
{{- range $k, $v := .Values.global.php.adminValues }}
php_admin_value[{{ $k }}] = {{ $v }}
{{- end }}
{{- end }}
nginx.conf: |
worker_processes auto;
error_log stderr warn;
pid /run/nginx/nginx.pid;
{{- if and .Values.global .Values.global.nginx }}
{{ .Values.global.nginx.globalAdditions | default "" }}
{{- end }}
events {
{{- if and .Values.global .Values.global.nginx }}}
worker_connections {{ .Values.global.nginx.workerConnections | default "1024" }};
{{ .Values.global.nginx.eventsAdditions | default "" }}
{{- else }}
worker_connections 1024;
{{- end }}
}
http {
include mime.types;
default_type application/octet-stream;
disable_symlinks off;
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$request_time $upstream_response_time $pipe $upstream_cache_status';
access_log /dev/stdout main_timed;
error_log /dev/stderr notice;
{{- if and .Values.global .Values.global.nginx }}}
keepalive_timeout {{ .Values.global.nginx.keepaliveTimeout | default "61" }};
{{- else }}
keepalive_timeout 61;
{{- end }}
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
server {
listen [::]:8080 default_server;
listen 8080 default_server;
server_name _;
{{- if and .Values.global .Values.global.nginx }}}
sendfile {{ .Values.global.nginx.sendfile | default "off" }};
tcp_nodelay {{ .Values.global.nginx.tcpNodelay | default "on" }};
absolute_redirect {{ .Values.global.nginx.absoluteRedirects | default "off" }};
{{- else }}
sendfile off;
tcp_nodelay on;
absolute_redirect off;
{{- end }}
{{- if and .Values.site .Values.site.webroot }}}
root {{ .Values.site.webroot.path | default "/app/web" }};
index {{ .Values.site.webroot.indexes | default "index.php index.html index.htm" }};
{{- else }}
root /app/web;
index {{ .Values.site.webroot.indexes }};
{{- end }}
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
{{- if and .Values.global .Values.global.nginx }}}
{{ .Values.global.nginx.rootLocationAdditions | default "" }}
{{- end }}
}
location ~* /app/web/app/uploads/.*.php$ {
deny all;
}
location ~* /wp-content/uploads/.*.php$ {
deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/lib/nginx/html;
}
location ~ \.php$ {
{{- if and .Values.global .Values.global.nginx }}}
fastcgi_buffer_size {{ .Values.global.nginx.fcgiBufferSize | default "128k" }};
fastcgi_buffers {{ .Values.global.nginx.fcgiBuffers | default "4 256k" }};
fastcgi_busy_buffers_size {{ .Values.global.nginx.fcgiBusyBufferSize | default "256k" }};
fastcgi_read_timeout {{ .Values.global.nginx.fcgiReadTimeout | default "300" }};
{{- else }}
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_read_timeout 300;
{{- end }}
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:8123;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
{{- if and .Values.global .Values.global.nginx }}}
{{ .Values.global.nginx.phpLocationAdditions | default "" }}
{{- end }}
}
location ~* \.(jpg|jpeg|webp|gif|png|css|svg|js|ico|xml)$ {
expires 5d;
}
gzip_comp_level 5;
gzip_min_length 256;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-font-opentype
application/x-font-truetype
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/eot
font/opentype
font/otf
image/svg+xml
image/x-icon
image/vnd.microsoft.icon
text/css
text/plain
text/javascript
text/x-component;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
location ~ /\. {
log_not_found off;
deny all;
}
location ~ ^/(fpm-status|fpm-ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:8123;
}
{{- if and .Values.global .Values.global.nginx }}}
{{ .Values.global.nginx.serverAdditions | default "" }}
{{- end }}
}
proxy_hide_header X-Powered-By;
fastcgi_hide_header X-Powered-By;
server_tokens off;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
{{- if and .Values.global .Values.global.nginx }}}
{{ .Values.global.nginx.httpAdditions }}
{{- end }}
include /etc/nginx/modules/*.conf;
}

20
chart/templates/database.yaml Normal file
View File

@@ -0,0 +1,20 @@
apiVersion: "kci.rocks/v1alpha1"
kind: "Database"
metadata:
name: {{ include "..fullname" . }}-db
labels:
{{- include "..labels" . | nindent 8 }}
spec:
secretName: {{ include "..fullname" . }}-db-auth
instance: {{ .Values.global.dbInstance | default "kincaid" }}
deletionProtected: true
backup:
enable: false
cron: "0 0 * * *"
secretsTemplates:
PMA_HOST:{{` "{{ .DatabaseHost }}" `}}
PMA_PORT:{{` "{{ .DatabasePort }}" `}}
PMA_USER:{{` "{{ .UserName }}" `}}
PMA_PASS:{{` "{{ .Password }}" `}}
PMA_NAME:{{` "{{ .DatabaseName }}" `}}
DATABASE_URL:{{` "{{ .Protocol }}://{{ .UserName }}:{{ .Password }}@{{ .DatabaseHost }}:{{ .DatabasePort }}/{{ .DatabaseName }}" `}}

118
chart/templates/deployment.yaml
View File

@@ -1,61 +1,63 @@
apiVersion: apps/v1
kind: Deployment
kind: Certificate
metadata:
name: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 4 }}
name: {{ include "..fullname" . }}-cert
labels:
{{- include "..labels" . | nindent 8 }}
cloudyne.systems/component: site
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "..selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "..selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "..serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.service.port }}
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if and .Values.customer .Values.customer.package }}
replicas: {{ .Values.customer.package.replicas | default 1 }}
{{- end }}
selector:
matchLabels:
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
template:
metadata:
labels:
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
spec:
securityContext:
fsGroup: 65534
volumes:
- name: cloud
persistentVolumeClaim:
claimName: pvc-{{ include "..fullname" . }}
- name: local
emptyDir: {}
initContainers:
- name: deploy
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0
{{- if .Values.global }}
image: {{ .Values.global.initImage }}:{{ .Values.global.imagetag }}
{{- else }}
image: ghcr.io/cloudynes/php-init:latest
{{- end }}
imagePullPolicy: Always
command: [ "bash", "/init-py/init.sh" ]
volumeMounts:
- name: site
mountPath: /app
{{- if and .Values.site .Values.site.storage .Values.site.storage.cloud .Values.site.storage.cloud.folders }}
{{- range $v := .Values.site.storage.cloud.folders }}
- name: cloud
mountPath: {{ $v.localPath }}
subPath: {{ $v.cloudPath }}
{{- end }}
{{- end }}
envFrom:
- configMapRef:
name: {{ include "..fullname" . }}-env
- secretRef:
name: {{ include "..fullname" . }}-db-auth
containers:
- name: wordpress
securityContext:
runAsUser: 65534

28
chart/templates/externalsecret.yaml Normal file
View File

@@ -0,0 +1,28 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: global-secrets-ext
namespace: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 8 }}
spec:
refreshInterval: 4h
secretStoreRef:
kind: ClusterSecretStore
name: az-cluster-store
target:
name: global-secrets
creationPolicy: Owner
data:
- secretKey: COMPOSER_AUTH
remoteRef:
key: secret/GITLAB-COMPOSER-AUTH
- secretKey: SMTP_USER
remoteRef:
key: secret/SMTP-USER
- secretKey: SMTP_PASS
remoteRef:
key: secret/SMTP-PASSWORD
- secretKey: SMTP_HOST
remoteRef:
key: secret/SMTP-HOST

28
chart/templates/hpa.yaml
View File

@@ -1,28 +0,0 @@
{{- if .Values.autoscaling.enabled }}
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ include "..fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
metrics:
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

61
chart/templates/ingress.yaml
View File

@@ -1,61 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "..fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "..labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

38
chart/templates/persistentvolume.yaml Normal file
View File

@@ -0,0 +1,38 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: pv-{{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 8 }}
spec:
accessModes:
- ReadWriteOnce
capacity:
storage: {{ .Values.customer.package.disk }}
csi:
driver: blob.csi.azure.com
nodeStageSecretRef:
name: cloudyne{{ .Values.site.storage.cloud.class }}-credentials
namespace: blob-csi
volumeAttributes:
containername: {{ .Values.site.storage.cloud.container }}
csi.storage.k8s.io/pv/name: pv-{{ include "..fullname" . }}
csi.storage.k8s.io/pvc/namespace: {{ .Values.customer.name }}
secretnamespace: {{ .Values.customer.name }}
skuName: {{ .Values.site.storage.cloud.type }}
volumeHandle: {{ .Values.site.storage.cloud.class }}-retain_{{ include "..fullname" . }}
mountOptions:
- -o allow_other
- --file-cache-timeout-in-seconds=120
- --use-attr-cache=true
- --cancel-list-on-mount-seconds=10
- -o attr_timeout=120
- -o entry_timeout=120
- -o negative_timeout=120
- --log-level=LOG_WARNING
- --cache-size-mb=3500
- -o uid=65534
persistentVolumeReclaimPolicy: Retain
storageClassName: {{ .Values.site.storage.cloud.class }}-retain
volumeMode: Filesystem
---

19
chart/templates/persistentvolumeclaim.yaml Normal file
View File

@@ -0,0 +1,19 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.beta.kubernetes.io/storage-provisioner: blob.csi.azure.com
volume.kubernetes.io/storage-provisioner: blob.csi.azure.com
labels:
{{- include "..labels" . | nindent 8 }}
name: pvc-{{ include "..fullname" . }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.customer.package.disk }}
storageClassName: {{ .Values.site.storage.cloud.class }}-retain
volumeMode: Filesystem
volumeName: pv-{{ include "..fullname" . }}

12
chart/templates/resourcequota.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: ResourceQuota
metadata:
name: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 4 }}
spec:
hard:
requests.cpu: {{ .Values.customer.package.cpu.avg }}
limits.cpu: {{ .Values.customer.package.cpu.peak }}
requests.memory: {{ .Values.customer.package.mem.avg }}
limits.memory: {{ .Values.customer.package.mem.peak }}

15
chart/templates/service.yaml
View File

@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "..selectorLabels" . | nindent 4 }}

12
chart/templates/serviceaccount.yaml
View File

@@ -1,12 +0,0 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "..serviceAccountName" . }}
labels:
{{- include "..labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

2
chart/templates/tests/test-connection.yaml → chart/templates/tests/site-live.yaml
View File

@@ -11,5 +11,5 @@ spec:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "..fullname" . }}:{{ .Values.service.port }}']
args: ['{{ include "..fullname" . }}:8080']
restartPolicy: Never