- Definition and Improvements to job-system
- Definition of k8s pods for application services
This commit is contained in:
Josako
@@ -5,4 +5,3 @@ resources:
|
||||
- verification/
|
||||
- frontend/
|
||||
- backend/
|
||||
- ops/jobs/
|
||||
|
||||
@@ -18,12 +18,38 @@ spec:
|
||||
job-type: env-check
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
imagePullSecrets:
|
||||
- name: scaleway-registry-cred
|
||||
containers:
|
||||
- name: dbops
|
||||
image: josakola/eveai_ops:latest
|
||||
image: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops:staging
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: eveai-secrets
|
||||
env:
|
||||
- name: FLASK_APP
|
||||
value: "/app/scripts/run.py"
|
||||
- name: COMPONENT_NAME
|
||||
value: "eveai_ops"
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "1"
|
||||
- name: LOGLEVEL
|
||||
value: "debug"
|
||||
- name: ROLE
|
||||
value: "web"
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: WORKERS
|
||||
value: "1"
|
||||
- name: WORKER_CLASS
|
||||
value: "gevent"
|
||||
- name: WORKER_CONN
|
||||
value: "100"
|
||||
- name: MAX_REQUESTS
|
||||
value: "1000"
|
||||
- name: MAX_REQUESTS_JITTER
|
||||
value: "100"
|
||||
command: ["/bin/bash","-lc","/app/scripts/dbops/00-env-check.sh"]
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -19,12 +19,38 @@ spec:
|
||||
job-type: db-bootstrap-ext
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
imagePullSecrets:
|
||||
- name: scaleway-registry-cred
|
||||
containers:
|
||||
- name: dbops
|
||||
image: josakola/eveai_ops:latest
|
||||
image: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops:staging
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: eveai-secrets
|
||||
env:
|
||||
- name: FLASK_APP
|
||||
value: "/app/scripts/run.py"
|
||||
- name: COMPONENT_NAME
|
||||
value: "eveai_ops"
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "1"
|
||||
- name: LOGLEVEL
|
||||
value: "debug"
|
||||
- name: ROLE
|
||||
value: "web"
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: WORKERS
|
||||
value: "1"
|
||||
- name: WORKER_CLASS
|
||||
value: "gevent"
|
||||
- name: WORKER_CONN
|
||||
value: "100"
|
||||
- name: MAX_REQUESTS
|
||||
value: "1000"
|
||||
- name: MAX_REQUESTS_JITTER
|
||||
value: "100"
|
||||
command: ["/bin/bash","-lc","/app/scripts/dbops/02-db-bootstrap-ext.sh"]
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -19,12 +19,38 @@ spec:
|
||||
job-type: db-migrate-public
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
imagePullSecrets:
|
||||
- name: scaleway-registry-cred
|
||||
containers:
|
||||
- name: dbops
|
||||
image: josakola/eveai_ops:latest
|
||||
image: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops:staging
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: eveai-secrets
|
||||
env:
|
||||
- name: FLASK_APP
|
||||
value: "/app/scripts/run.py"
|
||||
- name: COMPONENT_NAME
|
||||
value: "eveai_ops"
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "1"
|
||||
- name: LOGLEVEL
|
||||
value: "debug"
|
||||
- name: ROLE
|
||||
value: "web"
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: WORKERS
|
||||
value: "1"
|
||||
- name: WORKER_CLASS
|
||||
value: "gevent"
|
||||
- name: WORKER_CONN
|
||||
value: "100"
|
||||
- name: MAX_REQUESTS
|
||||
value: "1000"
|
||||
- name: MAX_REQUESTS_JITTER
|
||||
value: "100"
|
||||
command: ["/bin/bash","-lc","/app/scripts/dbops/03-db-migrate-public.sh"]
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -19,12 +19,38 @@ spec:
|
||||
job-type: db-migrate-tenant
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
imagePullSecrets:
|
||||
- name: scaleway-registry-cred
|
||||
containers:
|
||||
- name: dbops
|
||||
image: josakola/eveai_ops:latest
|
||||
image: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops:staging
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: eveai-secrets
|
||||
env:
|
||||
- name: FLASK_APP
|
||||
value: "/app/scripts/run.py"
|
||||
- name: COMPONENT_NAME
|
||||
value: "eveai_ops"
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "1"
|
||||
- name: LOGLEVEL
|
||||
value: "debug"
|
||||
- name: ROLE
|
||||
value: "web"
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: WORKERS
|
||||
value: "1"
|
||||
- name: WORKER_CLASS
|
||||
value: "gevent"
|
||||
- name: WORKER_CONN
|
||||
value: "100"
|
||||
- name: MAX_REQUESTS
|
||||
value: "1000"
|
||||
- name: MAX_REQUESTS_JITTER
|
||||
value: "100"
|
||||
command: ["/bin/bash","-lc","/app/scripts/dbops/04-db-migrate-tenant.sh"]
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -19,12 +19,38 @@ spec:
|
||||
job-type: db-seed-or-init
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
imagePullSecrets:
|
||||
- name: scaleway-registry-cred
|
||||
containers:
|
||||
- name: dbops
|
||||
image: josakola/eveai_ops:latest
|
||||
image: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops:staging
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: eveai-secrets
|
||||
env:
|
||||
- name: FLASK_APP
|
||||
value: "/app/scripts/run.py"
|
||||
- name: COMPONENT_NAME
|
||||
value: "eveai_ops"
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "1"
|
||||
- name: LOGLEVEL
|
||||
value: "debug"
|
||||
- name: ROLE
|
||||
value: "web"
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: WORKERS
|
||||
value: "1"
|
||||
- name: WORKER_CLASS
|
||||
value: "gevent"
|
||||
- name: WORKER_CONN
|
||||
value: "100"
|
||||
- name: MAX_REQUESTS
|
||||
value: "1000"
|
||||
- name: MAX_REQUESTS_JITTER
|
||||
value: "100"
|
||||
command: ["/bin/bash","-lc","/app/scripts/dbops/05-seed-or-init-data.sh"]
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -19,12 +19,38 @@ spec:
|
||||
job-type: db-verify-minimal
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
imagePullSecrets:
|
||||
- name: scaleway-registry-cred
|
||||
containers:
|
||||
- name: dbops
|
||||
image: josakola/eveai_ops:latest
|
||||
image: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops:staging
|
||||
imagePullPolicy: Always
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: eveai-secrets
|
||||
env:
|
||||
- name: FLASK_APP
|
||||
value: "/app/scripts/run.py"
|
||||
- name: COMPONENT_NAME
|
||||
value: "eveai_ops"
|
||||
- name: PYTHONUNBUFFERED
|
||||
value: "1"
|
||||
- name: LOGLEVEL
|
||||
value: "debug"
|
||||
- name: ROLE
|
||||
value: "web"
|
||||
- name: PORT
|
||||
value: "8080"
|
||||
- name: WORKERS
|
||||
value: "1"
|
||||
- name: WORKER_CLASS
|
||||
value: "gevent"
|
||||
- name: WORKER_CONN
|
||||
value: "100"
|
||||
- name: MAX_REQUESTS
|
||||
value: "1000"
|
||||
- name: MAX_REQUESTS_JITTER
|
||||
value: "100"
|
||||
command: ["/bin/bash","-lc","/app/scripts/dbops/06-verify-minimal.sh"]
|
||||
resources:
|
||||
requests:
|
||||
|
||||
@@ -0,0 +1,35 @@
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: scaleway-registry-secret
|
||||
namespace: eveai-staging
|
||||
spec:
|
||||
refreshInterval: 1h
|
||||
secretStoreRef:
|
||||
name: scaleway-cluster-secret-store
|
||||
kind: ClusterSecretStore
|
||||
target:
|
||||
name: scaleway-registry-cred
|
||||
creationPolicy: Owner
|
||||
template:
|
||||
type: kubernetes.io/dockerconfigjson
|
||||
data:
|
||||
.dockerconfigjson: |
|
||||
{"auths":{ "{{ .SCW_REGISTRY_URL }}": {
|
||||
"username":"{{ .SCW_REGISTRY_ACCESS_KEY }}",
|
||||
"password":"{{ .SCW_REGISTRY_SECRET_KEY }}",
|
||||
"auth":"{{ printf "%s:%s" .SCW_REGISTRY_ACCESS_KEY .SCW_REGISTRY_SECRET_KEY | b64enc }}"
|
||||
}}}
|
||||
data:
|
||||
- secretKey: SCW_REGISTRY_URL
|
||||
remoteRef:
|
||||
key: name:eveai-registry
|
||||
property: SCW_REGISTRY_URL
|
||||
- secretKey: SCW_REGISTRY_ACCESS_KEY
|
||||
remoteRef:
|
||||
key: name:eveai-registry
|
||||
property: SCW_REGISTRY_ACCESS_KEY
|
||||
- secretKey: SCW_REGISTRY_SECRET_KEY
|
||||
remoteRef:
|
||||
key: name:eveai-registry
|
||||
property: SCW_REGISTRY_SECRET_KEY
|
||||
@@ -1,29 +1,43 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: eveai-staging
|
||||
|
||||
# Reference base components
|
||||
resources:
|
||||
- ../../base/
|
||||
- ../../base/applications/frontend
|
||||
- ../../base/applications/backend
|
||||
|
||||
# Staging-specific configuration
|
||||
namePrefix: ""
|
||||
nameSuffix: ""
|
||||
|
||||
commonLabels:
|
||||
environment: staging
|
||||
managed-by: kustomize
|
||||
|
||||
# Images (can be overridden for staging-specific versions)
|
||||
images:
|
||||
- name: nginx
|
||||
newTag: alpine
|
||||
- name: josakola/eveai_ops
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_ops
|
||||
newTag: staging
|
||||
- name: josakola/eveai_app
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_app
|
||||
newTag: staging
|
||||
- name: josakola/eveai_api
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_api
|
||||
newTag: staging
|
||||
- name: josakola/eveai_chat_client
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_chat_client
|
||||
newTag: staging
|
||||
- name: josakola/eveai_workers
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_workers
|
||||
newTag: staging
|
||||
- name: josakola/eveai_chat_workers
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_chat_workers
|
||||
newTag: staging
|
||||
- name: josakola/eveai_entitlements
|
||||
newName: rg.fr-par.scw.cloud/eveai-staging/josakola/eveai_entitlements
|
||||
newTag: staging
|
||||
|
||||
# ConfigMap and Secret generators for staging-specific values
|
||||
configMapGenerator:
|
||||
- name: staging-config
|
||||
literals:
|
||||
- ENVIRONMENT=staging
|
||||
- LOG_LEVEL=INFO
|
||||
- DEBUG=false
|
||||
|
||||
# Note: Namespace is handled per resource to avoid conflicts
|
||||
patches:
|
||||
- target:
|
||||
kind: Deployment
|
||||
namespace: eveai-staging
|
||||
patch: |-
|
||||
- op: add
|
||||
path: /spec/template/spec/imagePullSecrets
|
||||
value:
|
||||
- name: scaleway-registry-cred
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/imagePullPolicy
|
||||
value: Always
|
||||
|
||||
Reference in New Issue
Block a user