diff --git a/charts/et-dot-com-server/.helmignore b/charts/et-dot-com-server/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/et-dot-com-server/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/et-dot-com-server/Chart.yaml b/charts/et-dot-com-server/Chart.yaml new file mode 100644 index 0000000..b00023c --- /dev/null +++ b/charts/et-dot-com-server/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +description: Elegant Themes Website +icon: https://www.elegantthemes.com/images/logo.svg +maintainers: + - email: dustin@elegantthemes.com + name: Elegant Themes +name: et-dot-com-server +version: 1.0.0 diff --git a/charts/et-dot-com-server/app-readme.md b/charts/et-dot-com-server/app-readme.md new file mode 100644 index 0000000..ff831ea --- /dev/null +++ b/charts/et-dot-com-server/app-readme.md @@ -0,0 +1 @@ +Elegant Themes Website diff --git a/charts/et-dot-com-server/questions.yml b/charts/et-dot-com-server/questions.yml new file mode 100644 index 0000000..660bb88 --- /dev/null +++ b/charts/et-dot-com-server/questions.yml @@ -0,0 +1,3 @@ +questions: +# - variable: s3_bucket_name +# label: S3 Bucket Name diff --git a/charts/et-dot-com-server/templates/et-dot-com-server.yml b/charts/et-dot-com-server/templates/et-dot-com-server.yml new file mode 100644 index 0000000..d69dc09 --- /dev/null +++ b/charts/et-dot-com-server/templates/et-dot-com-server.yml @@ -0,0 +1,152 @@ +# Cloud Server Service +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} +spec: + selector: + app: {{ .Release.Name }} + ports: + - port: {{ .Values.ET_PORT }} + targetPort: {{ .Values.ET_PORT }} + name: fastcgi +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Release.Name }} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + selector: + matchLabels: + app: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ .Release.Name }} + redis-cluster-client: 'true' + spec: + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - ingress-nginx + namespaces: + - ingress-nginx + topologyKey: kubernetes.io/hostname + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - {{ .Release.Name }} + namespaces: + - {{ .Release.Namespace }} + topologyKey: kubernetes.io/hostname + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - cloud-screenshot + namespaces: + - dc-screenshot + topologyKey: kubernetes.io/hostname + containers: + - name: {{ .Release.Name }} + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: INSTALL_PATH + value: {{ .Values.INSTALL_PATH | squote }} + - name: VIRTUAL_HOST + value: {{ .Values.VIRTUAL_HOST | squote }} + - name: PHP_MEMORY_LIMIT + value: {{ .Values.PHP_MEMORY_LIMIT | squote }} + - name: PHP_OPCACHE_FILE_CACHE + value: "" + - name: PHP_OPCACHE_VALIDATE_TIMESTAMPS + value: "true" + + image: {{ .Values.ET_IMAGE | squote }} + livenessProbe: + exec: + command: + - 'bash' + - '-c' + - 'SCRIPT_NAME=/healthz' + - 'SCRIPT_FILENAME={{ .Values.INSTALL_PATH }}/public/healthz.php' + - 'REQUEST_METHOD=GET' + - 'cgi-fcgi' + - '-bind' + - '-connect' + - '127.0.0.1:9000' + periodSeconds: 30 + ports: + - name: fastcgi + containerPort: 9000 + readinessProbe: + exec: + command: + - 'bash' + - '-c' + - 'SCRIPT_NAME=/healthz' + - 'SCRIPT_FILENAME={{ .Values.INSTALL_PATH }}/public/healthz.php' + - 'REQUEST_METHOD=GET' + - 'cgi-fcgi' + - '-bind' + - '-connect' + - '127.0.0.1:9000' + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 4000m + memory: 3G + startupProbe: + exec: + command: + - cat + - {{ .Values.INSTALL_PATH }}/public/healthz.php + failureThreshold: 30 + periodSeconds: 10 + volumeMounts: + - name: wordpress + mountPath: /srv + - name: config + mountPath: /config + readOnly: true + tolerations: + - key: node.kubernetes.io/disk-pressure + operator: Exists + - key: node.kubernetes.io/memory-pressure + operator: Exists + - key: node.kubernetes.io/pid-pressure + operator: Exists + volumes: + - name: wordpress + hostPath: + path: /srv + type: DirectoryOrCreate + - name: config + secret: + secretName: secrets diff --git a/charts/et-dot-com-server/templates/ingress.yml b/charts/et-dot-com-server/templates/ingress.yml new file mode 100644 index 0000000..05c0d12 --- /dev/null +++ b/charts/et-dot-com-server/templates/ingress.yml @@ -0,0 +1,45 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: ingress-fcgi-params + namespace: {{ .Release.Namespace }} +data: + SCRIPT_FILENAME: $document_root$fastcgi_script_name +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + annotations: + cert-manager.io/cluster-issuer: letsencrypt + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/backend-protocol: FCGI + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/fastcgi-index: index.php + nginx.ingress.kubernetes.io/fastcgi-params-configmap: {{ .Release.Namespace }}/ingress-fcgi-params + nginx.ingress.kubernetes.io/limit-connections: "8" + nginx.ingress.kubernetes.io/limit-rps: "8" + nginx.ingress.kubernetes.io/limit-burst-multiplier: "3" + nginx.ingress.kubernetes.io/limit-req-status-code: "429" + nginx.ingress.kubernetes.io/limit-conn-status-code: "429" + nginx.ingress.kubernetes.io/use-regex: "false" + nginx.ingress.kubernetes.io/enable-rewrite-log: "false" + nginx.ingress.kubernetes.io/use-forwarded-headers: "true" +spec: + tls: + - hosts: + - {{ .Values.VIRTUAL_HOST }} + secretName: {{ .Release.Name }}-tls + rules: + - host: {{ .Values.VIRTUAL_HOST }} + http: + paths: + - path: / + pathType: ImplementationSpecific + backend: + service: + name: {{ .Release.Name }} + port: + name: fastcgi diff --git a/charts/et-dot-com-server/values.yaml b/charts/et-dot-com-server/values.yaml new file mode 100644 index 0000000..9e4607e --- /dev/null +++ b/charts/et-dot-com-server/values.yaml @@ -0,0 +1,9 @@ + +ET_IMAGE: +ET_PORT: + +INSTALL_PATH: + +PHP_MEMORY_LIMIT: + +VIRTUAL_HOST: