Skip to content

Instantly share code, notes, and snippets.

@jahio

jahio/eval.yml

Created February 12, 2021 21:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jahio/dd22bb43efb22625f36b6e282d31a753 to your computer and use it in GitHub Desktop.
Save jahio/dd22bb43efb22625f36b6e282d31a753 to your computer and use it in GitHub Desktop.
Download ZIP
Tweed Setup File (eval.yml)
Raw
eval.yml
---
apiVersion: v1
kind: ServiceAccount
metadata:
namespace: tweed
name: broker
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
namespace: tweed
name: broker
rules:
- apiGroups: ["", "batch", "extensions", "apps", "autoscaling"]
resources: ["*"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
namespace: tweed
name: broker
subjects:
- kind: ServiceAccount
namespace: tweed
name: broker
roleRef:
kind: ClusterRole
name: broker
apiGroup: rbac.authorization.k8s.io
---
apiVersion: v1
kind: Secret
metadata:
name: tweed
namespace: tweed
stringData:
username: tweed
password: tweed
---
apiVersion: v1
kind: ConfigMap
metadata:
name: vault
namespace: tweed
data:
local.json: |
{
"disable_mlock": 1,
"backend": {
"file": {
"path": "/vault/file"
}
},
"listener": {
"tcp": {
"address": "0.0.0.0:8200",
"tls_disable": 1
},
},
"default_lease_ttl": "168h",
"max_lease_ttl": "720h"
}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: tweed
namespace: tweed
data:
tweed.yml: |
prefix: ''
catalog.yml: |
catalog:
services:
- name: PostgreSQL
id: postgres
description: |
A standalone, single-node PostgreSQL RDBMS
metadata: {}
tags: [postgres, psql, pg, shared]
bindings_retrievable: true
instances_retrievable: true
plans:
- name: v9
id: v9
bindable: true
description: |
PostgreSQL version 9.x
tweed:
infrastructure: k8s
stencil: postgres/standalone
limit: 2
config:
version: '9'
credentials:
version: 9
tryit: (( concat "PGPASSWORD=" credentials.password " psql -h " credentials.host " -p " credentials.port " -U " credentials.username " " credentials.database ))
- name: v10
id: v10
bindable: true
description: |
PostgreSQL version 10.x
tweed:
infrastructure: k8s
stencil: postgres/standalone
limit: 1
config:
version: '10'
credentials:
version: 10
tryit: (( concat "PGPASSWORD=" credentials.password " psql -h " credentials.host " -p " credentials.port " -U " credentials.username " " credentials.database ))
- name: v11
id: v11
bindable: true
description: |
PostgreSQL version 11.x
tweed:
infrastructure: k8s
stencil: postgres/standalone
limit: 1
config:
version: '11'
credentials:
version: 11
tryit: (( concat "PGPASSWORD=" credentials.password " psql -h " credentials.host " -p " credentials.port " -U " credentials.username " " credentials.database ))
- name: v12
id: v12
bindable: true
description: |
PostgreSQL version 12.x
tweed:
infrastructure: k8s
stencil: postgres/standalone
limit: 1
config:
version: '12'
credentials:
version: 12
tryit: (( concat "PGPASSWORD=" credentials.password " psql -h " credentials.host " -p " credentials.port " -U " credentials.username " " credentials.database ))
- name: v13
id: v13
bindable: true
description: |
PostgreSQL version 13.x
tweed:
infrastructure: k8s
stencil: postgres/standalone
limit: 1
config:
version: '13'
credentials:
version: 13
tryit: (( concat "PGPASSWORD=" credentials.password " psql -h " credentials.host " -p " credentials.port " -U " credentials.username " " credentials.database ))
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: tweed
name: broker
labels:
app: tweed
spec:
replicas: 1
selector:
matchLabels:
app: tweed
template:
metadata:
labels:
app: tweed
spec:
serviceAccountName: broker
containers:
- name: vault
image: vault:latest
imagePullPolicy: Always
ports:
- name: tweed
containerPort: 8080
env:
- name: VAULT_API_ADDR
value: http://127.0.0.1:8200
command:
- vault
- server
- -config
- /vault/config/local.json
volumeMounts:
- name: vault
mountPath: /vault/config
- name: broker
image: jdpahl122/tweed:123
imagePullPolicy: Always
env:
- name: INIT_VAULT
value: http://127.0.0.1:8200
- name: USE_THIS_KUBERNETES
value: 'yes'
- name: TWEED_LISTEN
value: ':8080'
- name: TWEED_URL
value: http://127.0.0.1:8080
- name: TWEED_HTTP_USERNAME
valueFrom:
secretKeyRef:
name: tweed
key: username
- name: TWEED_USERNAME
valueFrom:
secretKeyRef:
name: tweed
key: username
- name: TWEED_HTTP_PASSWORD
valueFrom:
secretKeyRef:
name: tweed
key: password
- name: TWEED_PASSWORD
valueFrom:
secretKeyRef:
name: tweed
key: password
volumeMounts:
- name: tweed
mountPath: /tweed/etc/config.d/provided
volumes:
- name: tweed
configMap:
name: tweed
- name: vault
configMap:
name: vault
---
apiVersion: v1
kind: Service
metadata:
namespace: tweed
name: broker
labels:
app: tweed
spec:
type: ClusterIP
ports:
- name: tweed
port: 80
protocol: TCP
targetPort: tweed
selector:
app: tweed
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
namespace: tweed
name: broker
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
tls:
- hosts:
- tweed.starkandwayne.com
secretName: ingress-tls
rules:
- host: tweed.starkandwayne.com
http:
paths:
- path: /
backend:
serviceName: broker
servicePort: tweed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment