k8s-manifests/customers/base/nextcloud-deployment.yml
Micke 5763665c72
author Micke <kano@sunet.se> 1679915017 +0000
committer Micke Nordin <kano@sunet.se> 1680110378 +0200
gpgsig -----BEGIN PGP SIGNATURE-----

 iQIzBAABCgAdFiEEIpL7dwHsMfazpY3ODaCnpXCP4lcFAmQkcyoACgkQDaCnpXCP
 4ld8Rg/7BSPA3rrDV9JbfQYtuE1/wpMy+hfYC/jIiD3VpwPKZ27r8/LzIsrquL6o
 nOfQT5cj/Jm2WrZoS+6pRlmWxzbBN6Oc6XJMxrUu+JVHSyCYNSFU+j074/4B3mNW
 +YDw2415/sEBJbhBcCmNOfWVZuOq1+AsfBkZ1vhUT0GzKahGIBMzgK8P+5IBsXCp
 7t/N5EmvFy6mzubkT8LN9ZQ0WMd2OxBeBDPUcrwlrT6kxA/1JQfaZ4PWtSb7QD0G
 IQAeUAy3p9JxXRQyWmunEYrxp0maO6EPyp6O656C75JKn7lOhMGMR2S5FT3jPK5d
 KrbewbCsRiq3O94STxytBdDjT/Ez2vk0/tj7cW5r0hb2Pd1cVgHlcRP53r8dzSn9
 RIRycGKB49k2MYByNGJN3oM9KYB2vpIhqmy9vyFn3HinhD8nyj0VDAo0LWDCKnbh
 dt7jTKAsr1y9bXPK+3YM/2QiCdPMDz1xYd1BhbFgQ5B5Eb8iB0iQn9UHPe884wNN
 Zs+yPAGRyPrAVvCnopV2IZJpGI7oKjnmcgBanbTJK+UKkfmb0a4S/fbCezjhT6Qc
 105jvtmZgj44aSqtBSkXvV9UoCtjePEBifhcQznzpi8eudbo1Hhg5UjO5rwwhl2P
 lUQgs75Rsfd549YBV/Rq1szlVODTsMhU2oDr83t8Vf/TF9GdhEg=
 =Hnvm
 -----END PGP SIGNATURE-----

Nextcloud in K8s: MVP

This is the minumum needed to run a multinode customer in kubernetes.
Each customer will run in their own namespace with a nextcloud
container and a redis container. There is a proxysql cluster running in
its own namespace, used by all customer.

This is a monorepo that uses kustomize to allow using this repo for both
prod and test (and other things we can think of in the future).
2023-03-29 19:21:13 +02:00

181 lines
5.7 KiB
YAML

kind: StatefulSet
apiVersion: apps/v1
metadata:
name: customer-node
labels:
app: customer-node
spec:
replicas: 1
selector:
matchLabels:
app: customer-node
updateStrategy:
type: RollingUpdate
volumeClaimTemplates:
- metadata:
name: nextcloud-data
spec:
storageClassName: mayastor-3
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
template:
metadata:
labels:
app: customer-node
spec:
restartPolicy: Always
containers:
- name: customer
image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/html/config
subPath: config
- name: default-config
mountPath: /etc/apache2/sites-enabled/000-default.conf
subPath: 000-default.conf
- name: hugepage
mountPath: /dev/hugepages
resources:
limits:
cpu: 1500m
hugepages-2Mi: 2048Mi
memory: 2048Mi
requests:
cpu: 500m
hugepages-2Mi: 2048Mi
memory: 256Mi
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 10
periodSeconds: 60
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 20
periodSeconds: 180
ports:
- containerPort: 80
name: nextcloud-http
command: ["/bin/bash"]
args: ["-c", "apachectl -D FOREGROUND"]
initContainers:
- image: docker.sunet.se/sunet/docker-jinja:latest
name: init-config
volumeMounts:
- name: nextcloud-config-template
mountPath: /tmp/config.php.template
subPath: config.php
- name: nextcloud-data
mountPath: /var/www/html/config
subPath: config
env:
- name: GSS_MASTER_URL
value: "https://drive.test.sunet.se"
- name: GSS_JWT_KEY
valueFrom:
secretKeyRef:
name: gss-secret
key: "jwt_key"
- name: LOOKUP_SERVER
value: "https://lookup.drive.test.sunet.se"
- name: MAIL_DOMAIN
value: "drive.test.sunet.se"
- name: MAIL_FROM_ADDRESS
value: "noreply"
- name: MAIL_SMTPHOST
value: "smtp.sunet.se"
- name: MAIL_SMTPNAME
value: "noreply@drive.test.sunet.se"
- name: MAIL_SMTPPASSWORD
valueFrom:
secretKeyRef:
name: mail-secret
key: "smtp_password"
- name: MYSQL_DATABASE
value: "nextcloud_customer"
- name: MYSQL_USER
value: "nextcloud_customer"
- name: MYSQL_HOST
value: "proxysqlcluster.proxysql"
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: db-secret
key: "db_password"
- name: MYSQL_PORT
value: "6033"
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: "customer.drive.test.sunet.se"
- name: NEXTCLOUD_ADMIN_USER
value: admin
- name: NEXTCLOUD_VERSION_STRING
value: "25.0.3.3"
- name: NEXTCLOUD_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_admin_password"
- name: NEXTCLOUD_PASSWORDSALT
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_passwordsalt"
- name: NEXTCLOUD_INSTANCEID
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_instanceid"
- name: NEXTCLOUD_SECRET
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_secret"
- name: OBJECTSTORE_S3_REGION
value: "us-east-1"
- name: OBJECTSTORE_S3_HOST
value: "s3.sto4.safedc.net"
- name: OBJECTSTORE_S3_BUCKET
value: "primary-customer-drive-test.sunet.se"
- name: OBJECTSTORE_S3_KEY
valueFrom:
secretKeyRef:
name: s3-secret
key: "s3_key"
- name: OBJECTSTORE_S3_SECRET
valueFrom:
secretKeyRef:
name: s3-secret
key: "s3_secret"
- name: OBJECTSTORE_S3_USEPATH_STYLE
value: "true"
- name: OBJECTSTORE_S3_AUTOCREATE
value: "true"
- name: OBJECTSTORE_S3_SSL
value: "true"
- name: REDIS_HOST
value: "redis"
- name: SITE_NAME
value: "customer.drive.test.sunet.se"
command: ["/bin/bash", "-c", "/usr/bin/j2 -f env -o /var/www/html/config/config.php /tmp/config.php.template"]
volumes:
- name: nextcloud-config-template
configMap:
name: nextcloud-configmap
items:
- key: "config.php"
path: "config.php"
- name: default-config
configMap:
name: nextcloud-configmap
items:
- key: "000-default.conf"
path: "000-default.conf"
- name: hugepage
emptyDir:
medium: HugePages