first sync

2025-03-04 07:59:21 +01:00
parent 9cdcf486b6
commit 506716e703
1450 changed files with 577316 additions and 62 deletions
--- a/iris-web/deploy/eks_manifest/app/configmap.yml
+++ b/iris-web/deploy/eks_manifest/app/configmap.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: iris-web
+  name: app-data
+data:
+  POSTGRES_SERVER: iris-psql-service
--- a/iris-web/deploy/eks_manifest/app/deployment.yml
+++ b/iris-web/deploy/eks_manifest/app/deployment.yml
@@ -0,0 +1,86 @@
+# deployment
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: iris-web
+  name: iris-app-deployment
+  labels:
+    site: iris
+    app: iris-app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: iris-app
+  template:
+    metadata:
+      labels:
+        app: iris-app
+    spec:
+      containers:
+      - name: iris-app
+        image: iriswebapp_app:v2.2.2
+        ports:
+        - containerPort: 8000
+        command: ['nohup', './iris-entrypoint.sh', 'iriswebapp'] 
+        env:
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: POSTGRES_PASSWORD
+          - name: POSTGRES_ADMIN_USER
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: POSTGRES_ADMIN_USER
+          - name: POSTGRES_ADMIN_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: POSTGRES_ADMIN_PASSWORD
+          - name: POSTGRES_PORT
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: POSTGRES_PORT
+          - name: DOCKERIZED
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: DOCKERIZED
+          - name: IRIS_SECRET_KEY
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: IRIS_SECRET_KEY
+          - name: IRIS_SECURITY_PASSWORD_SALT
+            valueFrom:
+              secretKeyRef:
+                name: iris-app-secrets
+                key: IRIS_SECURITY_PASSWORD_SALT
+
+          - name: POSTGRES_SERVER
+            valueFrom:
+              configMapKeyRef:
+                name: app-data
+                key: POSTGRES_SERVER
+        volumeMounts:
+        - name: iris-pcv
+          mountPath: /home/iris/downloads
+          subPath: downloads
+        - name: iris-pcv
+          mountPath: /home/iris/user_templates
+          subPath: user_templates
+        - name: iris-pcv
+          mountPath: /home/iris/server_data
+          subPath: server_data
+      volumes:
+      - name: iris-pcv
+        persistentVolumeClaim:
+          claimName: iris-psql-claim
--- a/iris-web/deploy/eks_manifest/app/ingress.yml
+++ b/iris-web/deploy/eks_manifest/app/ingress.yml
@@ -0,0 +1,29 @@
+apiVersion: networking.k8s.io/v1 #extensions/v1beta1
+kind: Ingress
+metadata:
+  name: "iris-ingress"
+  namespace: "iris-web"
+  annotations:
+    alb.ingress.kubernetes.io/scheme: 'internet-facing'
+    alb.ingress.kubernetes.io/target-type: 'ip'
+    alb.ingress.kubernetes.io/group.name: 'iris-alb-group'
+    alb.ingress.kubernetes.io/load-balancer-name: 'iris-alb'
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
+    alb.ingress.kubernetes.io/certificate-arn: 'arn:aws:acm:us-east-1:650601597349:certificate/4915ba65-ec07-44c7-8f42-897cfe1574bb'
+    alb.ingress.kubernetes.io/ssl-policy: 'ELBSecurityPolicy-TLS13-1-2-2021-06'
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+  labels:
+    app: 'iris'
+spec:
+  ingressClassName: 'alb'
+  rules:
+  - host: 'test.cmcloudlab1727.info'
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service: 
+            name: "iris-app-service"
+            port: 
+              number: 80
--- a/iris-web/deploy/eks_manifest/app/kustomization.yml
+++ b/iris-web/deploy/eks_manifest/app/kustomization.yml
@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+metadata:  
+  labels:
+    site: iris
+resources:
+  - secrets.yml
+  - configmap.yml
+  - deployment.yml
+  - service.yml
+  - ingress.yml
--- a/iris-web/deploy/eks_manifest/app/secrets.yml
+++ b/iris-web/deploy/eks_manifest/app/secrets.yml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: iris-app-secrets
+  namespace: iris-web
+  labels:
+    site: iris
+type: Opaque
+data:
+  POSTGRES_USER: cmFwdG9y
+  POSTGRES_PASSWORD: YWRtaW4=
+  POSTGRES_ADMIN_USER: cmFwdG9y
+  POSTGRES_ADMIN_PASSWORD: YWRtaW4=
+  POSTGRES_PORT: NTQzMg==
+  DOCKERIZED: MQ==
+  IRIS_SECRET_KEY: QVZlcnlTdXBlclNlY3JldEtleS1Tb05vdFRoaXNPbmU=
+  IRIS_SECURITY_PASSWORD_SALT: QVJhbmRvbVNhbHQtTm90VGhpc09uZUVpdGhlcg==
--- a/iris-web/deploy/eks_manifest/app/service.yml
+++ b/iris-web/deploy/eks_manifest/app/service.yml
@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: iris-web
+  name: iris-app-service
+  labels:
+    site: iris
+  annotations:
+    alb.ingress.kubernetes.io/healthcheck-path: '/login'
+spec:
+  selector:
+    app: iris-app
+  ports:
+  - protocol: TCP
+    port: 80
+    targetPort: 8000
+  type: ClusterIP