Added readme
This commit is contained in:
parent
e32a4436af
commit
562249e9f4
75
README.md
Normal file
75
README.md
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
# ops-deployment
|
||||||
|
|
||||||
|
This repository contains declarative Kubernetes configurations (deployments, services, persistent volumes) for all application services. Changes are automatically synchronized to the cluster by Flux.
|
||||||
|
|
||||||
|
## Structure
|
||||||
|
|
||||||
|
Each service directory contains:
|
||||||
|
- `deployment.yaml` - Pod specifications, container images, environment variables, volume mounts
|
||||||
|
- `service.yaml` - Service exposure (ClusterIP, NodePort)
|
||||||
|
- Additional resources as needed (PVCs, ConfigMaps, etc.)
|
||||||
|
|
||||||
|
## Workflow
|
||||||
|
|
||||||
|
1. **CI/CD Pipeline**: Build process generates new container image
|
||||||
|
2. **Automatic Update**: Pipeline commits updated image tag to this repository
|
||||||
|
3. **Flux Synchronization**: Flux detects changes and applies to cluster
|
||||||
|
4. **Rolling Deployment**: Kubernetes performs rolling update
|
||||||
|
|
||||||
|
## Secrets Management
|
||||||
|
|
||||||
|
Secrets are managed directly in Kubernetes using `kubectl` or sealed-secrets:
|
||||||
|
- Never committed to this repository
|
||||||
|
- Mounted as volumes at `/etc/secrets` in containers
|
||||||
|
- Referenced via `secretName` in deployment manifests
|
||||||
|
|
||||||
|
## Persistent Storage
|
||||||
|
|
||||||
|
Services requiring data persistence (MySQL, RabbitMQ) use PersistentVolumeClaims:
|
||||||
|
- Storage classes define volume provisioning
|
||||||
|
- Data survives pod restarts and redeployments
|
||||||
|
- Backups handled separately
|
||||||
|
|
||||||
|
## Example Service
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: backend-push-notifications
|
||||||
|
namespace: app-notifications
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: backend-push-notifications
|
||||||
|
image: ghcr.io/user/service:2
|
||||||
|
ports:
|
||||||
|
- containerPort: 9000
|
||||||
|
volumeMounts:
|
||||||
|
- name: secrets
|
||||||
|
mountPath: /etc/secrets
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: secrets
|
||||||
|
secret:
|
||||||
|
secretName: backend-push-notifications
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: backend-push-notifications
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
app: backend-push-notifications
|
||||||
|
ports:
|
||||||
|
- port: 9000
|
||||||
|
targetPort: 9000
|
||||||
|
nodePort: 30904
|
||||||
|
type: NodePort
|
||||||
|
```
|
||||||
|
|
||||||
|
## Monitoring
|
||||||
|
|
||||||
|
Services expose Prometheus metrics endpoints where applicable, on port 9000 and exposed via NodePort.
|
||||||
Loading…
x
Reference in New Issue
Block a user