From 7b61a077a512694028425c8fd43884b318578f8a Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Mon, 26 Aug 2024 18:45:51 -0400 Subject: [PATCH] ci: add pod affinity + remove kustomize prefix (#503) --- k8s/iabweb/cron.yaml | 4 ++-- k8s/iabweb/kustomization.yaml | 3 +-- k8s/iabweb/memcached.yaml | 24 +++++++++++++++++------- k8s/iabweb/secrets.yaml | 2 +- k8s/iabweb/wagtail.yaml | 22 ++++++++++++++++------ k8s/ietfweb/kustomization.yaml | 3 +-- k8s/ietfweb/memcached.yaml | 24 +++++++++++++++++------- k8s/ietfweb/secrets.yaml | 2 +- k8s/ietfweb/wagtail.yaml | 22 ++++++++++++++++------ 9 files changed, 72 insertions(+), 34 deletions(-) diff --git a/k8s/iabweb/cron.yaml b/k8s/iabweb/cron.yaml index e1434e09..da06f912 100644 --- a/k8s/iabweb/cron.yaml +++ b/k8s/iabweb/cron.yaml @@ -1,7 +1,7 @@ apiVersion: batch/v1 kind: CronJob metadata: - name: cron-weekly + name: iabwww-cron-weekly spec: schedule: "30 0 * * 0" # "At 00:30 on Sunday." timeZone: "Etc/UTC" @@ -13,7 +13,7 @@ spec: spec: restartPolicy: Never containers: - - name: cron-weekly + - name: iabwww-cron-weekly image: "ghcr.io/ietf-tools/www:$APP_IMAGE_TAG" imagePullPolicy: Always volumeMounts: diff --git a/k8s/iabweb/kustomization.yaml b/k8s/iabweb/kustomization.yaml index e895f7ff..d611874d 100644 --- a/k8s/iabweb/kustomization.yaml +++ b/k8s/iabweb/kustomization.yaml @@ -1,7 +1,6 @@ namespace: iabwww -namePrefix: iabwww- configMapGenerator: - - name: files-cfgmap + - name: iabwww-files-cfgmap files: - local.py - supervisord.conf diff --git a/k8s/iabweb/memcached.yaml b/k8s/iabweb/memcached.yaml index 8ad91ca1..0eba3c54 100644 --- a/k8s/iabweb/memcached.yaml +++ b/k8s/iabweb/memcached.yaml @@ -1,24 +1,24 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: memcached + name: iabwww-memcached spec: replicas: 1 revisionHistoryLimit: 2 selector: matchLabels: - app: memcached + app: iabwww-memcached template: metadata: labels: - app: memcached + app: iabwww-memcached spec: securityContext: runAsNonRoot: true containers: - image: "quay.io/prometheus/memcached-exporter:v0.14.3" imagePullPolicy: IfNotPresent - name: memcached-exporter + name: iabwww-memcached-exporter ports: - name: metrics containerPort: 9150 @@ -34,7 +34,7 @@ spec: - image: "memcached:1.6-alpine" imagePullPolicy: IfNotPresent args: ["-m", "256"] - name: memcached + name: iabwww-memcached ports: - name: memcached containerPort: 11211 @@ -51,11 +51,21 @@ spec: dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - iabwww-wagtail + topologyKey: "kubernetes.io/hostname" --- apiVersion: v1 kind: Service metadata: - name: memcached + name: iabwww-memcached annotations: k8s.grafana.com/scrape: "true" # this is not a bool k8s.grafana.com/metrics.portName: "metrics" @@ -71,4 +81,4 @@ spec: protocol: TCP name: metrics selector: - app: memcached + app: iabwww-memcached diff --git a/k8s/iabweb/secrets.yaml b/k8s/iabweb/secrets.yaml index e765b447..5078201a 100644 --- a/k8s/iabweb/secrets.yaml +++ b/k8s/iabweb/secrets.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Secret metadata: - name: secrets-env + name: iabwww-secrets-env type: Opaque stringData: IABWWW_ADMINS: null diff --git a/k8s/iabweb/wagtail.yaml b/k8s/iabweb/wagtail.yaml index f065e03a..cf409b59 100644 --- a/k8s/iabweb/wagtail.yaml +++ b/k8s/iabweb/wagtail.yaml @@ -1,17 +1,17 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - name: wagtail + name: iabwww-wagtail spec: replicas: 1 revisionHistoryLimit: 2 selector: matchLabels: - app: wagtail + app: iabwww-wagtail template: metadata: labels: - app: wagtail + app: iabwww-wagtail spec: securityContext: fsGroup: 1000 @@ -20,7 +20,7 @@ spec: # ----------------------------------------------------- # wagtail Container # ----------------------------------------------------- - - name: wagtail + - name: iabwww-wagtail image: "ghcr.io/ietf-tools/www:$APP_IMAGE_TAG" imagePullPolicy: Always ports: @@ -78,6 +78,16 @@ spec: dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - ietfwww-wagtail + topologyKey: "kubernetes.io/hostname" volumeClaimTemplates: - metadata: name: iabwww-media @@ -92,7 +102,7 @@ spec: apiVersion: v1 kind: Service metadata: - name: wagtail + name: iabwww-wagtail spec: type: ClusterIP ports: @@ -101,4 +111,4 @@ spec: protocol: TCP name: http selector: - app: wagtail + app: iabwww-wagtail diff --git a/k8s/ietfweb/kustomization.yaml b/k8s/ietfweb/kustomization.yaml index ebcf34f4..1024933b 100644 --- a/k8s/ietfweb/kustomization.yaml +++ b/k8s/ietfweb/kustomization.yaml @@ -1,7 +1,6 @@ namespace: ietfwww -namePrefix: ietfwww- configMapGenerator: - - name: files-cfgmap + - name: ietfwww-files-cfgmap files: - local.py - supervisord.conf diff --git a/k8s/ietfweb/memcached.yaml b/k8s/ietfweb/memcached.yaml index bfd1093b..d44189e0 100644 --- a/k8s/ietfweb/memcached.yaml +++ b/k8s/ietfweb/memcached.yaml @@ -1,24 +1,24 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: memcached + name: ietfwww-memcached spec: replicas: 1 revisionHistoryLimit: 2 selector: matchLabels: - app: memcached + app: ietfwww-memcached template: metadata: labels: - app: memcached + app: ietfwww-memcached spec: securityContext: runAsNonRoot: true containers: - image: "quay.io/prometheus/memcached-exporter:v0.14.3" imagePullPolicy: IfNotPresent - name: memcached-exporter + name: ietfwww-memcached-exporter ports: - name: metrics containerPort: 9150 @@ -34,7 +34,7 @@ spec: - image: "memcached:1.6-alpine" imagePullPolicy: IfNotPresent args: ["-m", "1024"] - name: memcached + name: ietfwww-memcached ports: - name: memcached containerPort: 11211 @@ -51,11 +51,21 @@ spec: dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - ietfwww-wagtail + topologyKey: "kubernetes.io/hostname" --- apiVersion: v1 kind: Service metadata: - name: memcached + name: ietfwww-memcached annotations: k8s.grafana.com/scrape: "true" # this is not a bool k8s.grafana.com/metrics.portName: "metrics" @@ -71,4 +81,4 @@ spec: protocol: TCP name: metrics selector: - app: memcached + app: ietfwww-memcached diff --git a/k8s/ietfweb/secrets.yaml b/k8s/ietfweb/secrets.yaml index f3fcd713..c08a8ea3 100644 --- a/k8s/ietfweb/secrets.yaml +++ b/k8s/ietfweb/secrets.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Secret metadata: - name: secrets-env + name: ietfwww-secrets-env type: Opaque stringData: IETFWWW_ADMINS: null diff --git a/k8s/ietfweb/wagtail.yaml b/k8s/ietfweb/wagtail.yaml index 54b92fa0..7b36af3c 100644 --- a/k8s/ietfweb/wagtail.yaml +++ b/k8s/ietfweb/wagtail.yaml @@ -1,17 +1,17 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - name: wagtail + name: ietfwww-wagtail spec: replicas: 1 revisionHistoryLimit: 2 selector: matchLabels: - app: wagtail + app: ietfwww-wagtail template: metadata: labels: - app: wagtail + app: ietfwww-wagtail spec: securityContext: fsGroup: 1000 @@ -20,7 +20,7 @@ spec: # ----------------------------------------------------- # wagtail Container # ----------------------------------------------------- - - name: wagtail + - name: ietfwww-wagtail image: "ghcr.io/ietf-tools/www:$APP_IMAGE_TAG" imagePullPolicy: Always ports: @@ -83,6 +83,16 @@ spec: dnsPolicy: ClusterFirst restartPolicy: Always terminationGracePeriodSeconds: 30 + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - iabwww-wagtail + topologyKey: "kubernetes.io/hostname" volumeClaimTemplates: - metadata: name: www-media @@ -97,7 +107,7 @@ spec: apiVersion: v1 kind: Service metadata: - name: wagtail + name: ietfwww-wagtail spec: type: ClusterIP ports: @@ -106,4 +116,4 @@ spec: protocol: TCP name: http selector: - app: wagtail + app: ietfwww-wagtail