FluxCD Kustomization
FluxCD Kustomization¶
Folder: ./apps/vm-tracker/base¶
cat <<EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: vm-tracker-api
labels:
app: vm-tracker-api
spec:
replicas: 1
selector:
matchLabels:
app: vm-tracker-api
template:
metadata:
labels:
app: vm-tracker-api
spec:
containers:
- env:
- name: API_BASE_URL
value: "https://${ingress_host}"
- name: BASE_URL
value: "https://${ingress_host}"
- name: LIST_URL
value: "/api/vms"
- name: REGISTER_URL
value: "/api/register"
- name: DELETE_BASE_URL
value: "/api/vms/"
name: vm-tracker-api
image: ghcr.io/9it-full-service/vm-tracker-api:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
protocol: TCP
name: http
resources:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "256Mi"
cpu: "500m"
EOF
cat <<EOF > service.yaml
apiVersion: v1
kind: Service
metadata:
name: vm-tracker-api-service
labels:
app: vm-tracker-api
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
protocol: TCP
name: http
selector:
app: vm-tracker-api
EOF
cat <<EOF > ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: cf-letsencrypt-prod
traefik.ingress.kubernetes.io/router.middlewares: ${middlewares}
name: vm-tracker-ingress
spec:
ingressClassName: traefik
rules:
- host: ${ingress_host}
http:
paths:
- backend:
service:
name: vm-tracker-api-service
port:
number: 8080
path: /
pathType: Prefix
tls:
- hosts:
- ${ingress_host}
secretName: ${tls_secret_name}
EOF
kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
namespace: vm-tracker
Folder: ./apps/vm-tracker/prod¶
kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../base
File: ./clusters/production/flux-system/kustomizations/vm-tracker.yaml¶
vm-tracker.yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: vm-tracker
namespace: flux-system
spec:
interval: 10m
prune: true
path: ./apps/vm-tracker/prod
sourceRef:
kind: GitRepository
name: flux-system
targetNamespace: vm-tracker
decryption:
provider: sops
secretRef:
name: sops-age
postBuild:
substitute:
ingress_host: vm-tracker.example.com
tls_secret_name: vm-tracker.example.com-tls
middlewares: "kube-system-redirect-scheme@kubernetescrd"
File: ./clusters/production/flux-system/kustomizations/kustomization.yaml¶
kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- tools/vm-tracker.yaml
- tools/yopass.yaml