diff --git a/deploy/kubernetes/main.tf b/deploy/kubernetes/main.tf new file mode 100644 index 0000000..f4f53e3 --- /dev/null +++ b/deploy/kubernetes/main.tf @@ -0,0 +1,410 @@ +terraform { + backend "local" {} + required_version = ">= 0.13" + required_providers { + kubernetes = { + source = "hashicorp/kubernetes" + version = "2.3.2" + } + } + experiments = [module_variable_optional_attrs] +} + + +provider "kubernetes" { + config_path = "~/.kube/config" + config_context = "scck8s" +} + + +variable "namespace" { + type = string +} + +variable "name" { + type = string +} + +variable "ingress_domains" { + type = list(string) +} + +variable "image" { + type = string + default = "dockermirror:5000/dpedu/photolib" +} + +variable "replicas" { + type = number + description = "number of web ui server replicas" + default = 1 +} + +variable "requests" { + type = object({ + cpu = optional(string) + memory = optional(string) + }) + description = "per-pod resource request" + default = {} +} + +variable "limits" { + type = object({ + cpu = optional(string) + memory = optional(string) + }) + description = "per-pod resource limit" + default = {} +} + +variable "database_url" { + type = string + description = "database connection uri" +} + +variable "storage_url" { + type = string + description = "uri for storage" +} + +variable "cache_url" { + type = string + description = "uri for cache" +} + + +locals { + requests = defaults(var.requests, + { + cpu = "250m" + memory = "50Mi" + } + ) + limits = defaults(var.limits, + { + cpu = "1" + memory = "512Mi" + } + ) +} + + +resource "kubernetes_deployment" "photolib" { + metadata { + name = var.name + namespace = var.namespace + labels = { + app = var.name + service = "${var.name}-web" + } + } + + spec { + replicas = var.replicas + + selector { + match_labels = { + app = var.name + service = "${var.name}-web" + } + } + + template { + metadata { + labels = { + app = var.name + service = "${var.name}-web" + } + } + + spec { + enable_service_links = false # TODO some of photolib's env vars conflict with these. In a bad way. + + container { + name = "web" + image = var.image + + env { + name = "DATABASE_URL" + value = var.database_url + } + env { + name = "STORAGE_URL" + value = var.storage_url + } + env { + name = "CACHE_URL" + value = var.cache_url + } + env { + name = "THUMB_SERVICE_URL" + value = "http://_thumbservice:xxx@${var.name}-thumbservice.${var.namespace}.svc.cluster.local:8081/thumb" + } + + + resources { + requests = { + cpu = local.requests.cpu + memory = local.requests.memory + } + limits = { + cpu = local.limits.cpu + memory = local.limits.memory + } + } + + readiness_probe { + tcp_socket { + port = 8080 + } + initial_delay_seconds = 15 + period_seconds = 5 + failure_threshold = 1 + success_threshold = 2 + } + liveness_probe { + tcp_socket { + port = 8080 + } + initial_delay_seconds = 15 + period_seconds = 5 + failure_threshold = 1 + success_threshold = 1 + } + + volume_mount { + mount_path = "/mnt/thumbs" + name = "photolib-data" + } + + } + + volume { + name = "photolib-data" + persistent_volume_claim { + claim_name = kubernetes_persistent_volume_claim.photolib_web_thumbs.metadata.0.name + } + } + } + } + } +} + +resource "kubernetes_service" "photolib" { + metadata { + name = var.name + namespace = var.namespace + labels = { + app = var.name + service = "${var.name}-web" + } + } + spec { + selector = { + app = kubernetes_deployment.photolib.metadata.0.labels.app + service = kubernetes_deployment.photolib.metadata.0.labels.service + } + port { + protocol = "TCP" + port = 8080 + target_port = 8080 + } + } +} + +resource "kubernetes_ingress" "photolib" { + metadata { + name = var.name + namespace = var.namespace + labels = { + app = var.name + service = "${var.name}-web" + } + } + spec { + dynamic "rule" { + for_each = var.ingress_domains + content { + host = rule.value + http { + path { + backend { + service_name = kubernetes_service.photolib.metadata.0.name + service_port = 8080 + } + } + } + } + } + } +} + +resource "kubernetes_persistent_volume" "photolib_web_thumbs" { + metadata { + name = "${var.name}-web-thumbs" + labels = { + app = var.name + service = "${var.name}-web" + } + } + spec { + storage_class_name = "manual" + capacity = { + storage = "8Gi" + } + access_modes = ["ReadWriteMany"] + persistent_volume_source { + host_path { + path = "/mnt/k8store1/vols/photolib/thumbs" # LOL + } + } + } +} + +resource "kubernetes_persistent_volume_claim" "photolib_web_thumbs" { + metadata { + name = kubernetes_persistent_volume.photolib_web_thumbs.metadata.0.name + namespace = var.namespace + } + spec { + storage_class_name = "manual" + access_modes = ["ReadWriteMany"] + resources { + requests = { + storage = "8Gi" + } + } + } +} + + +# TODO switch to openebs volume for thumbs + + + +resource "kubernetes_deployment" "thumbservice" { + metadata { + name = "${var.name}-thumbservice" + namespace = var.namespace + labels = { + app = var.name + service = "${var.name}-thumbservice" + } + } + + spec { + replicas = 1 + + selector { + match_labels = { + app = var.name + service = "${var.name}-thumbservice" + } + } + + template { + metadata { + labels = { + app = var.name + service = "${var.name}-thumbservice" + } + } + + spec { + enable_service_links = false # TODO some of photolib's env vars conflict with these. In a bad way. + + container { + name = "thumbservice" + image = var.image + + command = [ + "photothumbd" + ] + + + env { + name = "DATABASE_URL" + value = var.database_url + } + env { + name = "STORAGE_URL" + value = var.storage_url + } + env { + name = "CACHE_URL" + value = var.cache_url + } + + resources { + requests = { + cpu = local.requests.cpu + memory = local.requests.memory + } + limits = { + cpu = local.limits.cpu + memory = local.limits.memory + } + } + + readiness_probe { + tcp_socket { + port = 8081 + } + initial_delay_seconds = 15 + period_seconds = 5 + failure_threshold = 1 + success_threshold = 2 + } + liveness_probe { + tcp_socket { + port = 8081 + } + initial_delay_seconds = 15 + period_seconds = 5 + failure_threshold = 1 + success_threshold = 1 + } + + volume_mount { + mount_path = "/mnt/thumbs" + name = "photolib-data" + } + + } + + volume { + name = "photolib-data" + persistent_volume_claim { + claim_name = kubernetes_persistent_volume_claim.photolib_web_thumbs.metadata.0.name + } + } + } + } + } +} + +resource "kubernetes_service" "thumbservice" { + metadata { + name = "${var.name}-thumbservice" + namespace = var.namespace + labels = { + app = var.name + service = "${var.name}-thumbservice" + } + # annotations = { + # "kube-router.io/service.hairpin" = "" + # } + } + spec { + selector = { + app = kubernetes_deployment.thumbservice.metadata.0.labels.app + service = kubernetes_deployment.thumbservice.metadata.0.labels.service + } + port { + protocol = "TCP" + port = 8081 + target_port = 8081 + } + } +}