-
-
Save bpmct/e3f4195fb54d028b2b66ba5847a125c6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# resource "kubernetes_job" "prepare-home" { | |
# metadata { | |
# name = "coder-${local.basename}-pre" | |
# namespace = var.namespace | |
# labels = { | |
# k8s-app = "coder-workspace" | |
# workspace_name = local.name | |
# workspace_owner = local.owner | |
# workspace_type = "nodejs" | |
# } | |
# } | |
# spec { | |
# template { | |
# metadata { | |
# labels = { | |
# k8s-app = "coder-workspace" | |
# workspace_name = local.name | |
# workspace_owner = local.owner | |
# workspace_type = "nodejs" | |
# } | |
# } | |
# spec { | |
# security_context { | |
# run_as_user = "1000" | |
# fs_group = "1000" | |
# } | |
# container { | |
# name = "prepare-home" | |
# image = "codercom/enterprise-base:ubuntu" | |
# image_pull_policy = "Always" | |
# command = ["bash", "/usr/share/prepare-home.sh"] | |
# volume_mount { | |
# mount_path = "/home/coder" | |
# name = "home" | |
# read_only = false | |
# } | |
# resources { | |
# limits = { | |
# cpu = "1" | |
# memory = "1Gi" | |
# } | |
# requests = { | |
# cpu = "100m" | |
# memory = "128m" | |
# } | |
# } | |
# } | |
# restart_policy = "Never" | |
# volume { | |
# name = "home" | |
# persistent_volume_claim { | |
# claim_name = kubernetes_persistent_volume_claim.home.metadata.0.name | |
# read_only = false | |
# } | |
# } | |
# } | |
# } | |
# backoff_limit = 4 | |
# } | |
# wait_for_completion = true | |
# # Pulling image can take ~1mn | |
# timeouts { | |
# create = "5m" | |
# update = "5m" | |
# } | |
# lifecycle { | |
# ignore_changes = [ | |
# spec, | |
# ] | |
# } | |
# } | |
resource "kubernetes_deployment" "main" { | |
metadata { | |
name = "coder-${local.basename}" | |
namespace = var.namespace | |
labels = { | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
} | |
spec { | |
strategy { | |
type = "Recreate" | |
} | |
replicas = data.coder_workspace.me.start_count | |
selector { | |
match_labels = { | |
k8s-app = "coder-workspace" | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
} | |
template { | |
metadata { | |
labels = { | |
k8s-app = "coder-workspace" | |
workspace_name = local.name | |
workspace_owner = local.owner | |
workspace_type = "ruby" | |
} | |
annotations = {} | |
} | |
spec { | |
security_context { | |
run_as_user = "1000" | |
fs_group = "1000" | |
} | |
init_container { | |
name = "setup" | |
image = "codercom/enterprise-base:ubuntu" | |
command = ["/usr/bin/sleep", "2"] | |
security_context { | |
run_as_user = "1000" | |
} | |
env { | |
name = "CODER_AGENT_TOKEN" | |
value = coder_agent.main.token | |
} | |
volume_mount { | |
mount_path = "/home/coder" | |
name = "home" | |
read_only = false | |
} | |
resources { | |
limits = { | |
cpu = "1" | |
memory = "1Gi" | |
} | |
requests = { | |
cpu = "100m" | |
memory = "128m" | |
} | |
} | |
} | |
container { | |
name = "coder" | |
image = "codercom/enterprise-base:ubuntu" | |
image_pull_policy = "Always" # default with "latest" tag, but we're not using it | |
command = [ | |
"sh", | |
"-c", | |
coder_agent.main.init_script | |
] | |
security_context { | |
run_as_user = "1000" | |
} | |
env { | |
name = "CODER_AGENT_TOKEN" | |
value = coder_agent.main.token | |
} | |
env { | |
name = "DATABASE_URL" | |
value = "postgres://coder:coder@postgres-${local.basename}.${var.namespace}.svc/coder" | |
} | |
volume_mount { | |
mount_path = "/home/coder" | |
name = "home" | |
read_only = false | |
} | |
resources { | |
limits = { | |
cpu = "4" | |
memory = "4Gi" | |
} | |
requests = { | |
cpu = "250m" | |
memory = "1Gi" | |
} | |
} | |
} | |
container { | |
name = "localstack" | |
image = "localstack/localstack:1.1.0" | |
security_context { | |
run_as_user = "1000" | |
} | |
port { | |
name = "edgeservices" | |
container_port = 4566 | |
protocol = "TCP" | |
} | |
port { | |
name = "apiservices" | |
container_port = 4571 | |
protocol = "TCP" | |
} | |
env { | |
name = "PERSISTENCE" | |
value = "1" | |
} | |
env { | |
name = "LOCALSTACK_VOLUME_DIR" | |
value = "/var/lib/localstack" | |
} | |
resources { | |
limits = { | |
cpu = "1" | |
memory = "1Gi" | |
} | |
requests = { | |
cpu = "100m" | |
memory = "256Mi" | |
} | |
} | |
volume_mount { | |
mount_path = "/var/lib/localstack" | |
name = "localstack" | |
read_only = false | |
} | |
} | |
container { | |
name = "redis" | |
image = "redis:6" | |
image_pull_policy = "Always" | |
security_context { | |
run_as_user = "1000" | |
} | |
port { | |
name = "redis" | |
container_port = 6379 | |
protocol = "TCP" | |
} | |
resources { | |
limits = { | |
cpu = "500m" | |
memory = "512Mi" | |
} | |
requests = { | |
cpu = "100m" | |
memory = "128Mi" | |
} | |
} | |
} | |
volume { | |
name = "home" | |
persistent_volume_claim { | |
claim_name = kubernetes_persistent_volume_claim.home.metadata.0.name | |
read_only = false | |
} | |
} | |
volume { | |
name = "localstack" | |
persistent_volume_claim { | |
claim_name = kubernetes_persistent_volume_claim.localstack.metadata.0.name | |
read_only = false | |
} | |
} | |
} | |
} | |
} | |
# depends_on = [kubernetes_job.prepare-home] | |
} | |
resource "kubernetes_deployment" "postgres" { | |
metadata { | |
name = "postgres-${local.basename}" | |
namespace = var.namespace | |
labels = { | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
} | |
spec { | |
strategy { | |
type = "Recreate" | |
} | |
replicas = data.coder_workspace.me.start_count | |
selector { | |
match_labels = { | |
k8s-app = "postgresql" | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
} | |
template { | |
metadata { | |
labels = { | |
k8s-app = "postgresql" | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
annotations = {} | |
} | |
spec { | |
container { | |
name = "postgres" | |
image = "postgres:13-bullseye" | |
image_pull_policy = "Always" | |
env { | |
name = "POSTGRES_USER" | |
value = "coder" | |
} | |
env { | |
name = "POSTGRES_PASSWORD" | |
value = "coder" | |
} | |
env { | |
name = "POSTGRES_DB" | |
value = "coder" | |
} | |
port { | |
name = "postgres" | |
container_port = 5432 | |
protocol = "TCP" | |
} | |
resources { | |
limits = { | |
cpu = "1" | |
memory = "512Mi" | |
} | |
requests = { | |
cpu = "100m" | |
memory = "128Mi" | |
} | |
} | |
volume_mount { | |
mount_path = "/var/lib/postgresql" | |
name = "postgres" | |
read_only = false | |
} | |
} | |
volume { | |
name = "postgres" | |
persistent_volume_claim { | |
claim_name = kubernetes_persistent_volume_claim.postgres.metadata.0.name | |
read_only = false | |
} | |
} | |
} | |
} | |
} | |
# depends_on = [kubernetes_job.prepare-home] | |
} | |
resource "kubernetes_service" "postgres" { | |
metadata { | |
name = "postgres-${local.basename}" | |
namespace = var.namespace | |
labels = { | |
k8s-app = "postgresql" | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
} | |
spec { | |
selector = { | |
k8s-app = "postgresql" | |
workspace_name = local.name | |
workspace_owner = local.owner | |
} | |
port { | |
port = 5432 | |
} | |
type = "ClusterIP" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment