Yehowshua/ZIm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Start work on deploying pgAdmin to k8s cluster

Browse source 
Co-authored-by: Mikayla <mikayla@zed.dev>
This commit is contained in:
Max Brunsfeld 2023-09-12 21:06:43 -07:00
parent 54838664ae
commit 94db0be3ec
2 changed files with 116 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

115
crates/collab/k8s/manifest.template.yml
View file

@ -22,6 +22,26 @@ spec:
protocol: TCP protocol: TCP
port: 443 port: 443
targetPort: 8080 targetPort: 8080
---
kind: Service
apiVersion: v1
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: pgadmin
annotations:
service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
service.beta.kubernetes.io/do-loadbalancer-certificate-id: ${ZED_DO_CERTIFICATE_ID}
spec:
type: LoadBalancer
selector:
app: pgadmin
ports:
- name: web
protocol: TCP
port: 443
targetPort: 8080
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@ -118,3 +138,98 @@ spec:
# FIXME - Switch to the more restrictive `PERFMON` capability. # FIXME - Switch to the more restrictive `PERFMON` capability.
# This capability isn't yet available in a stable version of Debian. # This capability isn't yet available in a stable version of Debian.
add: ["SYS_ADMIN"] add: ["SYS_ADMIN"]
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: ${ZED_KUBE_NAMESPACE}
name: pgadmin
spec:
replicas: 1
selector:
matchLabels:
app: pgadmin
template:
metadata:
labels:
app: pgadmin
spec:
securityContext:
runAsUser: 0
containers:
- name: pgadmin
image: "dpage/pgadmin4"
ports:
- containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /misc/ping
port: 8080
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /misc/ping
port: 8080
initialDelaySeconds: 1
periodSeconds: 1
command: ['/bin/sh', '-c']
args:
- |
set -e
python3 - <<EOF
import os
import json
from urllib.parse import urlparse;
url = urlparse(os.environ["ZED_DATABASE_URL"])
db = url.path[1:]
with open("/pgadmin4/servers.json", "w") as f:
f.write(json.dumps({
"Servers": {
"1": {
"Name": "Zed Database",
"Group": "Server Group 1",
"Port": url.port,
"Username": url.username,
"Host": url.hostname,
"SSLMode": "require",
"PassFile": "/pgadmin4/passfile",
"MaintenanceDB": db,
}
}
}))
with open("/pgadmin4/passfile", "w") as f:
f.write(f"{url.hostname}:{url.port}:*:{url.username}:{url.password}\n")
os.chmod("/pgadmin4/passfile", 0o600)
EOF
exec /entrypoint.sh
env:
- name: PGADMIN_LISTEN_PORT
value: "8080"
- name: ZED_DATABASE_URL
valueFrom:
secretKeyRef:
name: database
key: url
- name: PGADMIN_CONFIG_WTF_CSRF_CHECK_DEFAULT
value: "False"
- name: PGADMIN_DEFAULT_EMAIL
valueFrom:
secretKeyRef:
name: pgadmin
key: email
- name: PGADMIN_DEFAULT_PASSWORD
valueFrom:
secretKeyRef:
name: pgadmin
key: password

2
script/deploy
View file

@ -20,4 +20,4 @@ export ZED_IMAGE_ID=${image_id}
target_zed_kube_cluster target_zed_kube_cluster
envsubst < crates/collab/k8s/manifest.template.yml | kubectl apply -f - envsubst < crates/collab/k8s/manifest.template.yml | kubectl apply -f -
echo "deployed collab v${version} to ${environment}" echo "deployed collab v${version} to ${environment}"