Last active
February 26, 2022 03:58
-
-
Save adarmanto/8c99ed370dd99215aa5fe11147228b60 to your computer and use it in GitHub Desktop.
How to run a Laravel Application into Kubernetes https://medium.com/@agungdarmanto/how-to-run-a-laravel-application-into-kubernetes-a6d0111dc98d
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stages: | |
- test | |
- build | |
- deploy | |
test: | |
stage: test | |
image: lorisleiva/laravel-docker:8.0 | |
variables: | |
MYSQL_ROOT_PASSWORD: root | |
MYSQL_DATABASE: testing | |
DB_TESTING_HOST: mysql | |
services: | |
- name: mysql:8.0 | |
command: ["--default-authentication-plugin=mysql_native_password"] | |
script: | |
- yarn install --pure-lockfile | |
- yarn prod | |
- composer install --prefer-dist --no-ansi --no-interaction --no-progress | |
- cp .env.example .env | |
- php artisan key:generate | |
- php artisan test --parallel | |
cache: | |
key: $CI_COMMIT_REF_SLUG | |
paths: | |
- vendor/ | |
- node_modules/ | |
build: | |
stage: build | |
image: docker:20.10.8 | |
services: | |
- docker:20.10.8-dind | |
before_script: | |
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY | |
script: | |
# Build base stage | |
- docker build . -t $CI_REGISTRY_IMAGE | |
- docker push $CI_REGISTRY_IMAGE | |
# Build app stage | |
- docker build . -t $CI_REGISTRY_IMAGE/web --target=app | |
- docker push $CI_REGISTRY_IMAGE/web | |
only: | |
- master | |
deploy_k8s: | |
stage: deploy | |
image: yuca/doctl-k8s | |
before_script: | |
- doctl auth init -t $DO_ACCESS_TOKEN | |
- doctl kubernetes cluster kubeconfig save $DO_K8S_CLUSTER_ID | |
script: | |
- kubectl apply -f ./k8s | |
- kubectl rollout restart deployment/laravelapp | |
- kubectl rollout restart deployment/laravelapp-cron | |
- kubectl rollout restart deployment/laravelapp-queue | |
environment: | |
name: production | |
only: | |
- master |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# [BASE STAGE] | |
FROM php:8.1-fpm-alpine | |
# Install the php extension installer from its image | |
COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/local/bin/ | |
# Install dependencies | |
RUN apk add --no-cache \ | |
openssl \ | |
ca-certificates \ | |
libxml2-dev \ | |
oniguruma-dev | |
# Install php extensions | |
RUN install-php-extensions \ | |
bcmath \ | |
ctype \ | |
dom \ | |
fileinfo \ | |
mbstring \ | |
pdo pdo_mysql \ | |
tokenizer \ | |
pcntl \ | |
redis-stable | |
# Install the composer packages using www-data user | |
WORKDIR /app | |
RUN chown www-data:www-data /app | |
COPY --chown=www-data:www-data . . | |
COPY --from=composer:2.2 /usr/bin/composer /usr/bin/composer | |
USER www-data | |
RUN composer install --no-dev --prefer-dist | |
# [END BASE STAGE] | |
# [FRONTEND STAGE] | |
FROM node:14-alpine as frontend | |
WORKDIR /app | |
COPY . . | |
RUN apk add --no-progress --quiet --no-cache git \ | |
&& yarn install \ | |
&& yarn prod | |
# [END FRONTEND STAGE] | |
# [APP STAGE] | |
FROM base as app | |
# Prepare the frontend files & caching | |
COPY --from=frontend --chown=www-data:www-data /app/public /app/public | |
RUN php artisan view:cache | |
# Setup nginx & supervisor as root user | |
USER root | |
RUN apk add --no-progress --quiet --no-cache nginx supervisor | |
COPY docker/nginx-default.conf /etc/nginx/http.d/default.conf | |
COPY docker/supervisord.conf /etc/supervisord.conf | |
# Apply the required changes to run nginx as www-data user | |
RUN chown -R www-data:www-data /run/nginx /var/lib/nginx /var/log/nginx && \ | |
sed -i '/user nginx;/d' /etc/nginx/nginx.conf | |
# Switch to www-user | |
USER www-data | |
EXPOSE 8000 | |
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] | |
# [END APP STAGE] | |
# DEFAULT STAGE | |
FROM base |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: laravelapp-config | |
data: | |
APP_NAME: "Laravel" | |
APP_ENV: production | |
APP_DEBUG: "true" | |
APP_URL: https://exampleapp.com | |
APP_TIMEZONE: America/Los_Angeles | |
CACHE_DRIVER: redis | |
LOG_CHANNEL: stderr | |
REDIS_HOST: <redis-host> # MUST CHANGE IT | |
QUEUE_CONNECTION: redis | |
SESSION_DRIVER: redis |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: laravelapp | |
spec: | |
selector: | |
matchLabels: | |
app: laravelapp | |
template: | |
metadata: | |
labels: | |
app: laravelapp | |
spec: | |
containers: | |
- name: laravelapp | |
image: registry.gitlab.com/your/laravelapp | |
imagePullPolicy: Always | |
command: | |
- php | |
args: | |
- artisan | |
- schedule:work | |
resources: | |
requests: | |
cpu: 100m | |
memory: 128Mi | |
limits: | |
cpu: 200m | |
memory: 400Mi | |
ports: | |
- containerPort: 8000 | |
envFrom: | |
- configMapRef: | |
name: laravelapp-config | |
- secretRef: | |
name: laravelapp-secret | |
imagePullSecrets: | |
- name: gitlab-auth |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: laravelapp | |
spec: | |
selector: | |
matchLabels: | |
app: laravelapp | |
template: | |
metadata: | |
labels: | |
app: laravelapp | |
spec: | |
initContainers: | |
- name: laravelapp-migration | |
image: registry.gitlab.com/your/laravelapp | |
command: | |
- php | |
args: | |
- artisan | |
- migrate | |
- --force | |
envFrom: | |
- configMapRef: | |
name: laravelapp-config | |
- secretRef: | |
name: laravelapp-secret | |
containers: | |
- name: laravelapp | |
image: registry.gitlab.com/your/laravelapp/web | |
imagePullPolicy: Always | |
resources: | |
requests: | |
cpu: 100m | |
memory: 128Mi | |
limits: | |
cpu: 200m | |
memory: 400Mi | |
ports: | |
- containerPort: 8000 | |
envFrom: | |
- configMapRef: | |
name: laravelapp-config | |
- secretRef: | |
name: laravelapp-secret | |
imagePullSecrets: | |
- name: gitlab-auth |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: laravelapp | |
spec: | |
selector: | |
matchLabels: | |
app: laravelapp | |
template: | |
metadata: | |
labels: | |
app: laravelapp | |
spec: | |
containers: | |
- name: laravelapp | |
image: registry.gitlab.com/your/laravelapp | |
imagePullPolicy: Always | |
command: | |
- php | |
args: | |
- artisan | |
- horizon | |
resources: | |
requests: | |
cpu: 100m | |
memory: 128Mi | |
limits: | |
cpu: 200m | |
memory: 400Mi | |
ports: | |
- containerPort: 8000 | |
envFrom: | |
- configMapRef: | |
name: laravelapp-config | |
- secretRef: | |
name: laravelapp-secret | |
imagePullSecrets: | |
- name: gitlab-auth |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apiVersion: v1 | |
kind: Secret | |
type: Opaque | |
metadata: | |
name: laravelapp-secret | |
data: | |
APP_KEY: <base64 string> | |
DB_HOST: <base64 string> | |
DB_DATABASE: <base64 string> | |
DB_USERNAME: <base64 string> | |
DB_PASSWORD: <base64 string> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 8000; | |
root /app/public; | |
index index.php index.html; | |
server_name _; | |
location / { | |
try_files $uri $uri/ /index.php?$query_string; | |
} | |
location = /favicon.ico { access_log off; log_not_found off; } | |
location = /robots.txt { access_log off; log_not_found off; } | |
error_page 404 /index.php; | |
location ~ \.php$ { | |
include fastcgi_params; | |
fastcgi_intercept_errors on; | |
fastcgi_pass 127.0.0.1:9000; | |
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; | |
} | |
location ~ /\.ht { | |
deny all; | |
} | |
location ~ /\.(?!well-known).* { | |
deny all; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[supervisord] | |
nodaemon=true | |
user=www-data | |
[program:php-fpm] | |
command=/usr/local/sbin/php-fpm -F | |
user=www-data | |
stdout_logfile=/dev/stdout | |
stdout_logfile_maxbytes=0 | |
stderr_logfile=/dev/stderr | |
stderr_logfile_maxbytes=0 | |
autorestart=false | |
startretries=0 | |
[program:nginx] | |
command=/usr/sbin/nginx -g "daemon off;" | |
user=www-data | |
stdout_logfile=/dev/stdout | |
stdout_logfile_maxbytes=0 | |
stderr_logfile=/dev/stderr | |
stderr_logfile_maxbytes=0 | |
autorestart=false | |
startretries=0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment