terraform { backend "local" {} required_version = ">= 0.13" required_providers { kubernetes = { source = "hashicorp/kubernetes" version = "2.3.2" } } experiments = [module_variable_optional_attrs] } provider "kubernetes" { config_path = "~/.kube/config" config_context = "scck8s" } variable "namespace" { type = string } variable "name" { type = string } variable "ingress_domains" { type = list(string) } variable "image" { type = string default = "dockermirror:5000/dpedu/photolib" } variable "replicas" { type = number description = "number of web ui server replicas" default = 1 } variable "requests" { type = object({ cpu = optional(string) memory = optional(string) }) description = "per-pod resource request" default = {} } variable "limits" { type = object({ cpu = optional(string) memory = optional(string) }) description = "per-pod resource limit" default = {} } variable "database_url" { type = string description = "database connection uri" } variable "storage_url" { type = string description = "uri for storage" } variable "cache_url" { type = string description = "uri for cache" } variable "thumbservice_password" { type = string } locals { requests = defaults(var.requests, { cpu = "250m" memory = "50Mi" } ) limits = defaults(var.limits, { cpu = "1" memory = "512Mi" } ) } resource "kubernetes_deployment" "photolib" { metadata { name = var.name namespace = var.namespace labels = { app = var.name service = "${var.name}-web" } } spec { replicas = var.replicas selector { match_labels = { app = var.name service = "${var.name}-web" } } template { metadata { labels = { app = var.name service = "${var.name}-web" } } spec { enable_service_links = false # TODO some of photolib's env vars conflict with these. In a bad way. container { name = "web" image = var.image env { name = "DATABASE_URL" value = var.database_url } env { name = "STORAGE_URL" value = var.storage_url } env { name = "CACHE_URL" value = var.cache_url } env { name = "THUMB_SERVICE_URL" value = "http://_thumbservice:${var.thumbservice_password}@${var.name}-thumbservice.${var.namespace}.svc.cluster.local:8081/thumb" } resources { requests = { cpu = local.requests.cpu memory = local.requests.memory } limits = { cpu = local.limits.cpu memory = local.limits.memory } } readiness_probe { tcp_socket { port = 8080 } initial_delay_seconds = 15 period_seconds = 5 failure_threshold = 1 success_threshold = 2 } liveness_probe { tcp_socket { port = 8080 } initial_delay_seconds = 15 period_seconds = 5 failure_threshold = 1 success_threshold = 1 } volume_mount { mount_path = "/mnt/thumbs" name = "photolib-data" } } volume { name = "photolib-data" persistent_volume_claim { claim_name = kubernetes_persistent_volume_claim.photolib_web_thumbs.metadata.0.name } } } } } } resource "kubernetes_service" "photolib" { metadata { name = var.name namespace = var.namespace labels = { app = var.name service = "${var.name}-web" } } spec { selector = { app = kubernetes_deployment.photolib.metadata.0.labels.app service = kubernetes_deployment.photolib.metadata.0.labels.service } port { protocol = "TCP" port = 8080 target_port = 8080 } } } resource "kubernetes_ingress" "photolib" { metadata { name = var.name namespace = var.namespace labels = { app = var.name service = "${var.name}-web" } } spec { dynamic "rule" { for_each = var.ingress_domains content { host = rule.value http { path { backend { service_name = kubernetes_service.photolib.metadata.0.name service_port = 8080 } } } } } } } resource "kubernetes_persistent_volume" "photolib_web_thumbs" { metadata { name = "${var.name}-web-thumbs" labels = { app = var.name service = "${var.name}-web" } } spec { storage_class_name = "manual" capacity = { storage = "8Gi" } access_modes = ["ReadWriteMany"] persistent_volume_source { host_path { path = "/mnt/k8store1/vols/photolib/thumbs" # LOL } } } } resource "kubernetes_persistent_volume_claim" "photolib_web_thumbs" { metadata { name = kubernetes_persistent_volume.photolib_web_thumbs.metadata.0.name namespace = var.namespace } spec { storage_class_name = "manual" access_modes = ["ReadWriteMany"] resources { requests = { storage = "8Gi" } } } } # TODO switch to openebs volume for thumbs resource "kubernetes_deployment" "thumbservice" { metadata { name = "${var.name}-thumbservice" namespace = var.namespace labels = { app = var.name service = "${var.name}-thumbservice" } } spec { replicas = 1 selector { match_labels = { app = var.name service = "${var.name}-thumbservice" } } template { metadata { labels = { app = var.name service = "${var.name}-thumbservice" } } spec { enable_service_links = false # TODO some of photolib's env vars conflict with these. In a bad way. container { name = "thumbservice" image = var.image command = [ "photothumbd" ] env { name = "DATABASE_URL" value = var.database_url } env { name = "STORAGE_URL" value = var.storage_url } env { name = "CACHE_URL" value = var.cache_url } resources { requests = { cpu = local.requests.cpu memory = local.requests.memory } limits = { cpu = local.limits.cpu memory = local.limits.memory } } readiness_probe { tcp_socket { port = 8081 } initial_delay_seconds = 15 period_seconds = 5 failure_threshold = 1 success_threshold = 2 } liveness_probe { tcp_socket { port = 8081 } initial_delay_seconds = 15 period_seconds = 5 failure_threshold = 1 success_threshold = 1 } volume_mount { mount_path = "/mnt/thumbs" name = "photolib-data" } } volume { name = "photolib-data" persistent_volume_claim { claim_name = kubernetes_persistent_volume_claim.photolib_web_thumbs.metadata.0.name } } } } } } resource "kubernetes_service" "thumbservice" { metadata { name = "${var.name}-thumbservice" namespace = var.namespace labels = { app = var.name service = "${var.name}-thumbservice" } # annotations = { # "kube-router.io/service.hairpin" = "" # } } spec { selector = { app = kubernetes_deployment.thumbservice.metadata.0.labels.app service = kubernetes_deployment.thumbservice.metadata.0.labels.service } port { protocol = "TCP" port = 8081 target_port = 8081 } } }