Verified Commit eda7efe4 authored by Hugo's avatar Hugo
Browse files

extreme kustomize

parent dc53d6bb
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: app
annotations:
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
rules:
- host: ""
http:
paths:
- backend:
serviceName: app
servicePort: https
path: /
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
app.kubernetes.io/instance: id-beta-liiib-re
app.kubernetes.io/name: keycloak
app.kubernetes.io/part-of: keycloak
app.kubernetes.io/component: app
resources:
- pg.yaml
- statefulset.yaml
- service.yaml
- service-discovery.yaml
- ingress.yaml
apiVersion: v1
kind: Service
metadata:
name: keycloak-discovery
name: app-discovery
spec:
clusterIP: None
selector:
app: keycloak
ports:
- port: 8080
protocol: TCP
targetPort: 8080
targetPort: http
\ No newline at end of file
apiVersion: v1
kind: Service
metadata:
name: keycloak
name: app
spec:
selector:
app: keycloak
ports:
- name: keycloak
- name: https
port: 8443
protocol: TCP
targetPort: 8443
targetPort: https
\ No newline at end of file
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: keycloak
labels:
app: keycloak
name: app
spec:
replicas: 2
selector:
matchLabels:
app: keycloak
serviceName: keycloak-discovery
selector: {}
serviceName: app-discovery
template:
metadata:
name: keycloak
labels:
app: keycloak
name: app
spec:
containers:
- name: keycloak
image: libresh/keycloak
image: libresh/keycloak:v15
env:
- name: DB_VENDOR
value: POSTGRES
......@@ -34,12 +28,12 @@ spec:
valueFrom:
secretKeyRef:
key: username
name: keycloak.pg-keycloak.credentials.postgresql.acid.zalan.do
name: keycloak.db.credentials.postgresql.acid.zalan.do
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: keycloak.pg-keycloak.credentials.postgresql.acid.zalan.do
name: keycloak.db.credentials.postgresql.acid.zalan.do
- name: NAMESPACE
valueFrom:
fieldRef:
......@@ -58,6 +52,9 @@ spec:
value: "true"
- name: KEYCLOAK_STATISTICS
value: all
# envFrom:
# - secretRef:
# name: app
ports:
- name: http
containerPort: 8080
......@@ -85,4 +82,4 @@ spec:
initialDelaySeconds: 40
timeoutSeconds: 22
periodSeconds: 30
failureThreshold: 10
failureThreshold: 10
\ No newline at end of file
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
commonLabels:
app.kubernetes.io/name: keycloak
app.kubernetes.io/part-of: keycloak
app.kubernetes.io/component: db
resources:
- postgresql.yaml
apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:
name: pg-keycloak
name: db
spec:
teamId: "pg"
teamId: "db"
volume:
size: 2Gi
numberOfInstances: 2
......
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namePrefix: ${FQDN}-
commonLabels:
app.kubernetes.io/instance: ${FQDN}
resources:
- ./db
- ./app
images:
- name: keycloak
newTag: ${KEYCLOAK_TAG}
patches:
- target:
kind: postgresql
patch: |-
- op: replace
path: /spec/teamId
value: ${FQDN}
- target:
kind: Ingress
patch: |-
- op: replace
path: /spec/rules/0/host
value: ${FQDN_DOTS}
- patch: |-
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: app
spec:
tls:
- hosts:
- ${FQDN_DOTS}
secretName: ${FQDN}-tls
replacements:
- path: replacement-db.yaml
- path: replacement-svc.yaml
gen:
envsubst < kustomization.tpl.yaml > kustomization.yaml
build: gen
kustomize build > deploy.yaml
apply: build
kubectl apply -f deploy.yaml
diff: build
kubectl diff -f deploy.yaml
\ No newline at end of file
source:
kind: postgresql
fieldPath: metadata.name
targets:
- select:
kind: StatefulSet
fieldPaths:
- spec.template.spec.containers.[name=keycloak].env.[name=DB_USER].valueFrom.secretKeyRef.name
- spec.template.spec.containers.[name=keycloak].env.[name=DB_PASSWORD].valueFrom.secretKeyRef.name
options:
delimiter: "."
index: 1
- select:
kind: StatefulSet
fieldPaths:
- spec.template.spec.containers.[name=keycloak].env.[name=DB_ADDR].value
source:
kind: Service
name: app-discovery
fieldPath: metadata.name
targets:
- select:
kind: StatefulSet
fieldPaths:
- spec.template.spec.containers.[name=keycloak].env.[name=JGROUPS_DISCOVERY_PROPERTIES].value
options:
delimiter: "="
index: 1
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment