Skip to content

Instantly share code, notes, and snippets.

@jcollie
Last active July 28, 2021 12:05
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jcollie/bb27ae15e6dc241dba6cf71f19b4124e to your computer and use it in GitHub Desktop.
Save jcollie/bb27ae15e6dc241dba6cf71f19b4124e to your computer and use it in GitHub Desktop.
Mayan EDMS deployment on Kubernetes
apiVersion: apps/v1
kind: Deployment
metadata:
name: celery-broker
namespace: mayan
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: celery-broker
template:
metadata:
labels:
app: celery-broker
spec:
containers:
- name: celery-broker
image: redis:5.0.7-alpine
command:
- "redis-server"
args:
- "--databases"
- "1"
- "--maxmemory-policy"
- "allkeys-lru"
- "--save"
- ""
- "--requirepass"
- "$(MAYAN_CELERY_BROKER_PASSWORD)"
env:
- name: MAYAN_CELERY_BROKER_PASSWORD
valueFrom:
secretKeyRef:
name: mayan
key: MAYAN_CELERY_BROKER_PASSWORD
ports:
- name: redis
containerPort: 6379
protocol: TCP
volumeMounts:
- name: redis-data
mountPath: /data
resources:
limits:
cpu: "500m"
memory: "512Mi"
volumes:
- name: redis-data
hostPath:
path: /mnt/mayan/redis/celery-broker
kind: Service
apiVersion: v1
metadata:
name: celery-broker
namespace: mayan
spec:
selector:
app: celery-broker
ports:
- name: redis
port: 6379
targetPort: redis
protocol: TCP
apiVersion: apps/v1
kind: Deployment
metadata:
name: celery-results
namespace: mayan
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: celery-results
template:
metadata:
labels:
app: celery-results
spec:
containers:
- name: celery-results
image: redis:5.0.7-alpine
command:
- "redis-server"
args:
- "--databases"
- "1"
- "--maxmemory-policy"
- "allkeys-lru"
- "--save"
- ""
- "--requirepass"
- "$(MAYAN_CELERY_RESULT_PASSWORD)"
env:
- name: MAYAN_CELERY_RESULT_PASSWORD
valueFrom:
secretKeyRef:
name: mayan
key: MAYAN_CELERY_RESULT_PASSWORD
ports:
- name: redis
containerPort: 6379
protocol: TCP
volumeMounts:
- name: redis-data
mountPath: /data
resources:
limits:
cpu: "500m"
memory: "512Mi"
volumes:
- name: redis-data
hostPath:
path: /mnt/mayan/redis/celery-results
kind: Service
apiVersion: v1
metadata:
name: celery-results
namespace: mayan
spec:
selector:
app: celery-results
ports:
- name: redis
port: 6379
targetPort: redis
protocol: TCP
apiVersion: v1
kind: ConfigMap
metadata:
name: mayan
namespace: mayan
data:
TZ: America/Chicago
MAYAN_TIME_ZONE: America/Chicago
MAYAN_PIP_INSTALLS: django-storages boto3
MAYAN_DEFAULT_FROM_EMAIL: mayan@example.org
MAYAN_EMAIL_HOST: smtp.example.org
MAYAN_EMAIL_HOST_USER: postmaster@example.org
MAYAN_EMAIL_PORT: "465"
MAYAN_EMAIL_USE_SSL: "true"
MAYAN_EMAIL_USE_TLS: "true"
MAYAN_DOCUMENTS_STORAGE_BACKEND: storages.backends.s3boto3.S3Boto3Storage
apiVersion: apps/v1
kind: Deployment
metadata:
name: mayan
namespace: mayan
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: mayan
template:
metadata:
labels:
app: mayan
spec:
containers:
- name: mayan
image: mayanedms/mayanedms:3.3.14
ports:
- name: http
containerPort: 8000
protocol: TCP
envFrom:
- secretRef:
name: mayan
- configMapRef:
name: mayan
volumeMounts:
- name: mayan-data
mountPath: /var/lib/mayan
- name: mayan-config
mountPath: /etc/mayan
- name: mayan-watch
mountPath: /watch
resources:
limits:
cpu: "1000m"
memory: "4Gi"
volumes:
- name: mayan-data
hostPath:
path: /mnt/mayan/mayan/data
- name: mayan-config
hostPath:
path: /mnt/mayan/mayan/config
- name: mayan-watch
hostPath:
path: /mnt/mayan/watch
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mayan
namespace: mayan
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/configuration-snippet: |
# https://gitlab.com/mayan-edms/mayan-edms/issues/500
proxy_set_header X-Alt-Referer https://$host$http_x_alt_referer;
proxy_set_header l5d-dst-override $service_name.$namespace.svc.k8s.example.org:$service_port;
grpc_set_header l5d-dst-override $service_name.$namespace.svc.k8s.example.org:$service_port;
proxy_hide_header l5d-remote-ip;
proxy_hide_header l5d-server-id;
spec:
tls:
- hosts:
- mayan.example.org
secretName: mayan.example.org
rules:
- host: mayan.example.org
http:
paths:
- path: /
backend:
serviceName: mayan
servicePort: 8000
apiVersion: v1
kind: Namespace
metadata:
name: mayan
annotations:
linkerd.io/inject: enabled
apiVersion: v1
kind: Secret
metadata:
name: mayan
namespace: mayan
type: Opaque
stringData:
MAYAN_CELERY_BROKER_PASSWORD: aaaaaaaaaaaaaaaa
MAYAN_CELERY_BROKER_URL: redis://:aaaaaaaaaaaaaaaa@celery-broker.mayan.svc:6379/0
MAYAN_CELERY_RESULT_PASSWORD: bbbbbbbbbbbbbbbb
MAYAN_CELERY_RESULT_BACKEND: redis://:bbbbbbbbbbbbbbbb@celery-results.mayan.svc:6379/0
MAYAN_DATABASE_PASSWORD: cccccccccccccccc
MAYAN_DATABASES: |
{'default': {'ENGINE': 'django.db.backends.postgresql',
'NAME': 'mayan',
'USER': 'mayan',
'PASSWORD': 'cccccccccccccccc',
'HOST': 'postgresql.postgresql.svc'}}
MAYAN_DOCUMENTS_STORAGE_BACKEND_ARGUMENTS: |
{'access_key': 'xxxxxxxxxxx',
'secret_key': 'yyyyyyyyyyyyyyyyyyy',
'bucket_name':'mayan',
'default_acl': 'private',
'endpoint_url':'http://minio01.minio.svc:9000',
'verify':'False'}
MAYAN_EMAIL_HOST_PASSWORD: zzzzzzzzzzzzzzzzz
kind: Service
apiVersion: v1
metadata:
name: mayan
namespace: mayan
spec:
selector:
app: mayan
ports:
- name: http
port: 8000
targetPort: http
protocol: TCP
Copy link

ghost commented May 21, 2020

thanks a lot
About the PostgreSQL do i need to create one (if yes do you still have your yaml) or not?

@jcollie
Copy link
Author

jcollie commented May 21, 2020

You'll need to create your own PostgreSQL config.

@di-uni
Copy link

di-uni commented May 25, 2020

Hello, I tried to deploy Mayan and I think you are the only one who has already done it. So I want to ask you something!
With my worker node, i can use only 512Mi of memory so I changed the memory from 4Gi to 512Mi in mayan-deployment.yaml. Is it enough to run the mayan container? (Actually I encountered an error but I really cannot figure out why it happened so I assume that is the reason...)
Thank you !!

@R3dian
Copy link

R3dian commented Jul 28, 2021

Is anyone able to deploy it with PostgreSQL or have any sample deployment file for PostgreSQL?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment