├── README.md ├── argo-cd-dev.yaml ├── argo-cd-prprod.yaml ├── argo-cd.yaml ├── dev ├── Chart.yaml ├── templates │ ├── apm-configmap.yaml │ ├── apm-secret.yaml │ ├── database-deployment.yaml │ ├── database-pvc.yaml │ ├── database-secret.yaml │ ├── database-service.yaml │ ├── microservice-autoscaler.yaml │ ├── microservice-configMap.yaml │ ├── microservice-deployment.yaml │ ├── microservice-eventstore-secret.yaml │ ├── microservice-ingress.yaml │ ├── microservice-networkpolicy.yaml │ ├── microservice-service.yaml │ └── regcred.yaml └── values.yaml ├── preprod ├── Chart.yaml ├── templates │ ├── apm-configmap.yaml │ ├── apm-secret.yaml │ ├── database-deployment.yaml │ ├── database-pvc.yaml │ ├── database-secret.yaml │ ├── database-service.yaml │ ├── microservice-autoscaler.yaml │ ├── microservice-configMap.yaml │ ├── microservice-deployment.yaml │ ├── microservice-eventstore-secret.yaml │ ├── microservice-ingress.yaml │ ├── microservice-networkpolicy.yaml │ ├── microservice-service.yaml │ └── regcred.yaml └── values.yaml └── prod ├── Chart.yaml ├── templates ├── apm-configmap.yaml ├── apm-secret.yaml ├── database-deployment.yaml ├── database-pvc.yaml ├── database-secret.yaml ├── database-service.yaml ├── microservice-autoscaler.yaml ├── microservice-configMap.yaml ├── microservice-deployment.yaml ├── microservice-eventstore-secret.yaml ├── microservice-ingress.yaml ├── microservice-networkpolicy.yaml ├── microservice-service.yaml └── regcred.yaml └── values.yaml /README.md: -------------------------------------------------------------------------------- 1 | # Kubernetes-nestjs-microservice-application-boilerplate 2 | kubernetes application boilerplate for https://github.com/0xb4lamx/nestjs-boilerplate-microservice . 3 | 4 | ## Getting Started 5 | 6 | These instructions will get you a copy of the project up and running on your kubernetes cluster. 7 | 8 | ### Prerequisites 9 | * Tiller deployed on the kubernetes cluster. 10 | * Ingress controller (Nginx,Traefik..). 11 | * Storage Class. 12 | * ssh connection to git. 13 | 14 | ## Installation 15 | 16 | ### Environment Setup 17 | 18 | In Values.yaml: 19 | 20 | * Configure needed secrets for: 21 | * MYSQL Database. 22 | * Eventstore. 23 | * Credentials for private dockerhub. 24 | * create needed namespaces. for this example you can type: 25 | ```shell 26 | kubectl create ns dev-microservice-template 27 | kubectl create ns preprod-microservice-template 28 | kubectl create ns prod-microservice-template 29 | ``` 30 | 31 | ### Deployment 32 | #### ArgoCD 33 | 34 | If using ArgoCD apply argocd yaml files representing each an environment. 35 | ```shell 36 | kubectl apply -f argo-cd-dev.yaml 37 | ``` 38 | 39 | #### helm3 40 | 41 | ```shell 42 | 43 | helm install dev/ dev-microservice-boilerplate --namespace dev-microservice-template --name dev-microservice-template 44 | 45 | ``` 46 | 47 | ### Description 48 | This kuberntes application will deploy: 49 | * MySQL deployment. 50 | * Expose MySQL as A clusterIp Service. 51 | * Expose EventStore Gui as Ingress. 52 | * Microservice deployment. 53 | * Expose Microservice as Ingress. 54 | * It supports out of the box multi development environement deployment [dev,preprod,prod] following the follwoing naming convention: 55 | * production environement namespace strictly start with prod. 56 | * development environement namespace strictly start with dev. 57 | * preprod environement namespace strictly start with preprod. 58 | -------------------------------------------------------------------------------- /argo-cd-dev.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: dev-microservice-template 5 | spec: 6 | destination: 7 | namespace: dev-microservice-template 8 | server: 'https://kubernetes.default.svc' 9 | source: 10 | path: dev 11 | repoURL: 'https://github.com/itninja-hue/nestjs-k8s-boilerplate-microservice' 12 | targetRevision: master 13 | helm: 14 | valueFiles: 15 | - values.yaml 16 | project: default 17 | syncPolicy: 18 | automated: 19 | prune: true 20 | selfHeal: true -------------------------------------------------------------------------------- /argo-cd-prprod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: preprod-microservice-template 5 | spec: 6 | destination: 7 | namespace: preprod-microservice-template 8 | server: 'https://kubernetes.default.svc' 9 | source: 10 | path: preprod 11 | repoURL: 'https://github.com/itninja-hue/nestjs-k8s-boilerplate-microservice' 12 | targetRevision: master 13 | helm: 14 | valueFiles: 15 | - values.yaml 16 | project: default 17 | syncPolicy: 18 | automated: 19 | prune: true 20 | selfHeal: true -------------------------------------------------------------------------------- /argo-cd.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: argoproj.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: prod-microservice-template 5 | spec: 6 | destination: 7 | namespace: prod-microservice-template 8 | server: 'https://kubernetes.default.svc' 9 | source: 10 | path: prod 11 | repoURL: 'https://github.com/itninja-hue/nestjs-k8s-boilerplate-microservice' 12 | targetRevision: master 13 | helm: 14 | valueFiles: 15 | - values.yaml 16 | project: default 17 | syncPolicy: 18 | automated: 19 | prune: true 20 | selfHeal: true -------------------------------------------------------------------------------- /dev/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | appVersion: "1.0" 4 | description: A Helm chart microservice boilerplate 5 | name: microserviceboilerplate 6 | version: 0.1.0 7 | ... -------------------------------------------------------------------------------- /dev/templates/apm-configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{.Values.apm.configmap.name}} 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | apm-server-host: {{.Values.apm.configmap.host}} 9 | apm-service-name: {{.Values.general.namespace}} 10 | apm-log-level: {{.Values.apm.configmap.logLevel}} 11 | ... -------------------------------------------------------------------------------- /dev/templates/apm-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.apm.secrets.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | apm-secret-token: {{.Values.apm.secrets.token}} 10 | ... -------------------------------------------------------------------------------- /dev/templates/database-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{.Values.database.deployment.name}} 6 | namespace: {{.Values.general.namespace}} 7 | labels: 8 | app: {{.Values.general.microserviceName}} 9 | type: database 10 | spec: 11 | replicas: {{.Values.database.deployment.scale}} 12 | selector: 13 | matchLabels: 14 | app: {{.Values.general.microserviceName}} 15 | type: database 16 | template: 17 | metadata: 18 | labels: 19 | app: {{.Values.general.microserviceName}} 20 | type: database 21 | spec: 22 | containers: 23 | - name: {{.Values.database.deployment.containerName}} 24 | image: {{.Values.database.deployment.image}} 25 | env: 26 | - name: MYSQL_ROOT_PASSWORD 27 | valueFrom: 28 | secretKeyRef: 29 | name: database-credentials 30 | key: database-password 31 | - name: MYSQL_DATABASE 32 | valueFrom: 33 | configMapKeyRef: 34 | name: {{.Values.configMap.name}} 35 | key: database-db 36 | volumeMounts: 37 | - name: mysql-persistent-storage 38 | mountPath: /var/lib/mysql 39 | subPath: mysqldata 40 | volumes: 41 | - name: mysql-persistent-storage 42 | persistentVolumeClaim: 43 | claimName: mysql-pv-claim 44 | ... -------------------------------------------------------------------------------- /dev/templates/database-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: {{.Values.database.pvc.name}} 6 | namespace: {{.Values.general.namespace}} 7 | annotations: 8 | volume.beta.kubernetes.io/storage-class: "aws-efs" 9 | spec: 10 | accessModes: 11 | - ReadWriteMany 12 | storageClassName: 13 | resources: 14 | requests: 15 | storage: {{.Values.database.pvc.storage}} 16 | ... -------------------------------------------------------------------------------- /dev/templates/database-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.database.secret.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | database-user: {{ .Values.database.secret.username | b64enc }} 10 | database-password: {{ .Values.database.secret.password | b64enc }} 11 | ... -------------------------------------------------------------------------------- /dev/templates/database-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{.Values.database.service.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | selector: 9 | app: {{.Values.general.microserviceName}} 10 | type: database 11 | ports: 12 | - protocol: TCP 13 | port: {{.Values.database.service.port}} 14 | targetPort: {{.Values.database.service.port}} 15 | ... -------------------------------------------------------------------------------- /dev/templates/microservice-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: autoscaling/v1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{.Values.microservice.autoscaler.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | scaleTargetRef: 9 | apiVersion: apps/v1 10 | kind: Deployment 11 | name: {{.Values.microservice.deployment.name}} 12 | minReplicas: {{.Values.microservice.autoscaler.minReplicas}} 13 | maxReplicas: {{.Values.microservice.autoscaler.maxReplicas}} 14 | targetCPUUtilizationPercentage: {{.Values.microservice.autoscaler.targetCPUUtilizationPercentage}} 15 | ... -------------------------------------------------------------------------------- /dev/templates/microservice-configMap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{.Values.configMap.name}} 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | eventstore-host: {{.Values.eventstore.serviceDatabase.name}} 9 | eventstore-tcp-port: "{{.Values.eventstore.serviceDatabase.port}}" 10 | database-port: "{{.Values.database.configmap.port}}" 11 | database-db: {{.Values.database.configmap.databaseName}} 12 | database-host: "{{.Values.database.configmap.host}}" 13 | microservice-host: "{{.Values.general.host}}" 14 | microservice-port: "{{.Values.general.port}}" 15 | ... -------------------------------------------------------------------------------- /dev/templates/microservice-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | labels: 6 | app: {{.Values.general.microserviceName}} 7 | type: {{.Values.general.type}} 8 | name: {{.Values.microservice.deployment.name}} 9 | namespace: {{.Values.general.namespace}} 10 | spec: 11 | replicas: {{.Values.microservice.deployment.scale}} 12 | selector: 13 | matchLabels: 14 | app: {{.Values.general.microserviceName}} 15 | type: {{.Values.general.type}} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{.Values.general.microserviceName}} 20 | type: {{.Values.general.type}} 21 | spec: 22 | containers: 23 | - image: itninjahue/box:{{.Values.microservice.deployment.tag}} 24 | name: {{.Values.microservice.deployment.containerName}} 25 | resources: 26 | requests: 27 | memory: "100Mi" 28 | cpu: 0.1 29 | limits: 30 | memory: "150Mi" 31 | cpu: 0.2 32 | env: 33 | - name: HOST 34 | valueFrom: 35 | configMapKeyRef: 36 | name: {{.Values.configMap.name}} 37 | key: microservice-host 38 | - name: MYSQL_HOST 39 | valueFrom: 40 | configMapKeyRef: 41 | name: {{.Values.configMap.name}} 42 | key: database-host 43 | - name: MYSQL_USERNAME 44 | valueFrom: 45 | secretKeyRef: 46 | name: {{.Values.database.secret.name}} 47 | key: database-user 48 | - name: MYSQL_PASSWORD 49 | valueFrom: 50 | secretKeyRef: 51 | name: {{.Values.database.secret.name}} 52 | key: database-password 53 | - name: MYSQL_PORT 54 | valueFrom: 55 | configMapKeyRef: 56 | name: {{.Values.configMap.name}} 57 | key: database-port 58 | - name: MYSQL_DATABASE 59 | valueFrom: 60 | configMapKeyRef: 61 | name: {{.Values.configMap.name}} 62 | key: database-db 63 | - name: EVENT_STORE_HOSTNAME 64 | valueFrom: 65 | configMapKeyRef: 66 | name: {{.Values.configMap.name}} 67 | key: eventstore-host 68 | - name : EVENT_STORE_CREDENTIALS_USERNAME 69 | valueFrom: 70 | secretKeyRef: 71 | name: {{.Values.eventstore.secret.name}} 72 | key: eventstore-user 73 | - name: EVENT_STORE_CREDENTIALS_PASSWORD 74 | valueFrom: 75 | secretKeyRef: 76 | name: {{.Values.eventstore.secret.name}} 77 | key: eventstore-password 78 | - name: SWAGGER_SCHEME 79 | value: https 80 | - name: SWAGGER_VERSION 81 | value: {{.Values.microservice.deployment.tag}} 82 | - name: SWAGGER_TITLE 83 | value: {{.Values.general.microserviceName}} 84 | - name: ELASTIC_APM_SERVER_URL 85 | valueFrom: 86 | configMapKeyRef: 87 | name: {{.Values.apm.configmap.name}} 88 | key: apm-server-host 89 | - name: ELASTIC_APM_SERVICE_NAME 90 | valueFrom: 91 | configMapKeyRef: 92 | name: {{.Values.apm.configmap.name}} 93 | key: apm-service-name 94 | - name: ELASTIC_APM_LOG_LEVEL 95 | valueFrom: 96 | configMapKeyRef: 97 | name: {{.Values.apm.configmap.name}} 98 | key: apm-log-level 99 | - name: ELASTIC_APM_SECRET_TOKEN 100 | valueFrom: 101 | secretKeyRef: 102 | name: {{.Values.apm.secrets.name}} 103 | key: apm-secret-token 104 | imagePullSecrets: 105 | - name: regcred 106 | ... -------------------------------------------------------------------------------- /dev/templates/microservice-eventstore-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.eventstore.secret.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | eventstore-user: {{ .Values.eventstore.user | b64enc }} 10 | eventstore-password: {{ .Values.eventstore.password | b64enc }} 11 | ... -------------------------------------------------------------------------------- /dev/templates/microservice-ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: extensions/v1beta1 3 | kind: Ingress 4 | metadata: 5 | name: {{.Values.microservice.ingress.ingressName}} 6 | namespace: {{.Values.general.namespace}} 7 | annotations: 8 | kubernetes.io/ingress.class: "nginx" 9 | nginx.ingress.kubernetes.io/ssl-redirect: "false" 10 | nginx.ingress.kubernetes.io/force-ssl-redirect: "false" 11 | nginx.ingress.kubernetes.io/secure-backends: "false" 12 | spec: 13 | rules: 14 | - host: {{.Values.microservice.ingress.host}} 15 | http: 16 | paths: 17 | - backend: 18 | serviceName: {{.Values.microservice.service.name}} 19 | servicePort: {{.Values.microservice.service.servicePort}} 20 | ... -------------------------------------------------------------------------------- /dev/templates/microservice-networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: microservice-allow-in-3000 5 | namespace: {{.Values.general.namespace}} 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: {{.Values.general.microserviceName}} 10 | type: {{.Values.general.type}} 11 | policyTypes: 12 | - Ingress 13 | ingress: 14 | - from: 15 | - namespaceSelector: 16 | matchLabels: 17 | app.kubernetes.io/name: ingress-nginx 18 | app.kubernetes.io/part-of: ingress-nginx 19 | podSelector: 20 | matchLabels: 21 | app.kubernetes.io/name: ingress-nginx 22 | app.kubernetes.io/part-of: ingress-nginx 23 | ports: 24 | - protocol: TCP 25 | port: {{.Values.microservice.service.serviceTargetPort}} 26 | 27 | --- 28 | apiVersion: networking.k8s.io/v1 29 | kind: NetworkPolicy 30 | metadata: 31 | name: microservice-allow-out-3306 32 | namespace: {{.Values.general.namespace}} 33 | spec: 34 | podSelector: 35 | matchLabels: 36 | app: {{.Values.general.microserviceName}} 37 | type: {{.Values.general.type}} 38 | policyTypes: 39 | - Egress 40 | egress: 41 | - to: 42 | - namespaceSelector: 43 | matchLabels: 44 | space: dev-microservice-notification 45 | podSelector: 46 | matchLabels: 47 | app: {{.Values.general.microserviceName}} 48 | type: database 49 | ports: 50 | - protocol: TCP 51 | port: {{.Values.database.service.port}} 52 | --- 53 | apiVersion: networking.k8s.io/v1 54 | kind: NetworkPolicy 55 | metadata: 56 | name: microservice-allow-out-53 57 | namespace: {{.Values.general.namespace}} 58 | spec: 59 | podSelector: 60 | matchLabels: 61 | app: {{.Values.general.microserviceName}} 62 | type: {{.Values.general.type}} 63 | policyTypes: 64 | - Egress 65 | egress: 66 | - to: 67 | ports: 68 | - protocol: UDP 69 | port: 53 70 | 71 | --- 72 | apiVersion: networking.k8s.io/v1 73 | kind: NetworkPolicy 74 | metadata: 75 | name: database-allow-in-3306 76 | namespace: {{.Values.general.namespace}} 77 | spec: 78 | podSelector: 79 | matchLabels: 80 | app: {{.Values.general.microserviceName}} 81 | type: database 82 | policyTypes: 83 | - Ingress 84 | ingress: 85 | - from: 86 | - namespaceSelector: 87 | matchLabels: 88 | space: dev-microservice-notification 89 | podSelector: 90 | matchLabels: 91 | app: {{.Values.general.microserviceName}} 92 | type: {{.Values.general.type}} 93 | ports: 94 | - protocol: TCP 95 | port: {{.Values.database.service.port}} 96 | --- 97 | apiVersion: networking.k8s.io/v1 98 | kind: NetworkPolicy 99 | metadata: 100 | name: microservice-allow-out-1113 101 | namespace: {{.Values.general.namespace}} 102 | spec: 103 | podSelector: 104 | matchLabels: 105 | app: {{.Values.general.microserviceName}} 106 | type: {{.Values.general.type}} 107 | policyTypes: 108 | - Egress 109 | egress: 110 | - to: 111 | ports: 112 | - protocol: TCP 113 | port: 1113 114 | -------------------------------------------------------------------------------- /dev/templates/microservice-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{.Values.benjamin.service.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | selector: 9 | app: {{.Values.general.microserviceName}} 10 | type: {{.Values.general.type}} 11 | ports: 12 | - protocol: TCP 13 | port: {{.Values.benjamin.service.servicePort}} 14 | targetPort: {{.Values.benjamin.service.serviceTargetPort}} 15 | ... -------------------------------------------------------------------------------- /dev/templates/regcred.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: regcred 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | .dockerconfigjson: {{.Values.privateDockerRegistry.dockerconfigjson}} 9 | type: kubernetes.io/dockerconfigjson 10 | ... -------------------------------------------------------------------------------- /dev/values.yaml: -------------------------------------------------------------------------------- 1 | configMap: 2 | name: microservice-template-configmap 3 | database: 4 | deployment: 5 | containerName: database 6 | database: b2h-db 7 | image: mysql:5.7 8 | name: database 9 | scale: 1 10 | pvc: 11 | name: mysql-pv-claim 12 | storage: 5Gi 13 | secret: 14 | name: database-credentials 15 | username: MYSQL_USERNAME 16 | password: MYSQL_PASSWORD 17 | service: 18 | name: database-microservice-rating 19 | port: 3306 20 | eventstore: 21 | user: EVENTSTORE_USER 22 | password: EVENTSTORE_PASSWORD 23 | secret: 24 | name: eventstore-credentials 25 | serviceDatabase: 26 | name: dev-eventstore-db-svc.dev-eventstore.svc.cluster.local 27 | port: 1113 28 | general: 29 | microserviceName: microservice-template 30 | namespace: dev-microservice-template 31 | type: microservice 32 | port: 3000 33 | microservice: 34 | deployment: 35 | containerName: microservice-template 36 | name: microservice-template 37 | tag: v1.0.0 38 | ingress: 39 | host: dev-template.example.com 40 | ingressName: ingress-microservice-template 41 | service: 42 | name: service-microservice-template 43 | servicePort: 80 44 | serviceTargetPort: 3000 45 | autoscaler: 46 | name: autoscaler-microservice-microservice 47 | minReplicas: 1 48 | maxReplicas: 3 49 | targetCPUUtilizationPercentage: 80 50 | apm: 51 | secrets: 52 | name: apm-secret-token 53 | token: APM-TOKEN-BASE64ENCODED 54 | configmap: 55 | name: apm-configmap 56 | host: APM-HOST 57 | logLevel: error 58 | privateDockerRegistry: 59 | dockerconfigjson: 60 | -------------------------------------------------------------------------------- /preprod/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | appVersion: "1.0" 4 | description: A Helm chart microservice boilerplate 5 | name: microserviceboilerplate 6 | version: 0.1.0 7 | ... -------------------------------------------------------------------------------- /preprod/templates/apm-configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{.Values.apm.configmap.name}} 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | apm-server-host: {{.Values.apm.configmap.host}} 9 | apm-service-name: {{.Values.general.namespace}} 10 | apm-log-level: {{.Values.apm.configmap.logLevel}} 11 | ... -------------------------------------------------------------------------------- /preprod/templates/apm-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.apm.secrets.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | apm-secret-token: {{.Values.apm.secrets.token}} 10 | ... -------------------------------------------------------------------------------- /preprod/templates/database-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{.Values.database.deployment.name}} 6 | namespace: {{.Values.general.namespace}} 7 | labels: 8 | app: {{.Values.general.microserviceName}} 9 | type: database 10 | spec: 11 | replicas: {{.Values.database.deployment.scale}} 12 | selector: 13 | matchLabels: 14 | app: {{.Values.general.microserviceName}} 15 | type: database 16 | template: 17 | metadata: 18 | labels: 19 | app: {{.Values.general.microserviceName}} 20 | type: database 21 | spec: 22 | containers: 23 | - name: {{.Values.database.deployment.containerName}} 24 | image: {{.Values.database.deployment.image}} 25 | env: 26 | - name: MYSQL_ROOT_PASSWORD 27 | valueFrom: 28 | secretKeyRef: 29 | name: database-credentials 30 | key: database-password 31 | - name: MYSQL_DATABASE 32 | valueFrom: 33 | configMapKeyRef: 34 | name: {{.Values.configMap.name}} 35 | key: database-db 36 | volumeMounts: 37 | - name: mysql-persistent-storage 38 | mountPath: /var/lib/mysql 39 | subPath: mysqldata 40 | volumes: 41 | - name: mysql-persistent-storage 42 | persistentVolumeClaim: 43 | claimName: mysql-pv-claim 44 | ... -------------------------------------------------------------------------------- /preprod/templates/database-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: {{.Values.database.pvc.name}} 6 | namespace: {{.Values.general.namespace}} 7 | annotations: 8 | volume.beta.kubernetes.io/storage-class: "aws-efs" 9 | spec: 10 | accessModes: 11 | - ReadWriteMany 12 | storageClassName: 13 | resources: 14 | requests: 15 | storage: {{.Values.database.pvc.storage}} 16 | ... -------------------------------------------------------------------------------- /preprod/templates/database-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.database.secret.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | database-user: {{ .Values.database.secret.username | b64enc }} 10 | database-password: {{ .Values.database.secret.password | b64enc }} 11 | ... -------------------------------------------------------------------------------- /preprod/templates/database-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{.Values.database.service.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | selector: 9 | app: {{.Values.general.microserviceName}} 10 | type: database 11 | ports: 12 | - protocol: TCP 13 | port: {{.Values.database.service.port}} 14 | targetPort: {{.Values.database.service.port}} 15 | ... -------------------------------------------------------------------------------- /preprod/templates/microservice-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: autoscaling/v1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{.Values.microservice.autoscaler.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | scaleTargetRef: 9 | apiVersion: apps/v1 10 | kind: Deployment 11 | name: {{.Values.microservice.deployment.name}} 12 | minReplicas: {{.Values.microservice.autoscaler.minReplicas}} 13 | maxReplicas: {{.Values.microservice.autoscaler.maxReplicas}} 14 | targetCPUUtilizationPercentage: {{.Values.microservice.autoscaler.targetCPUUtilizationPercentage}} 15 | ... -------------------------------------------------------------------------------- /preprod/templates/microservice-configMap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{.Values.configMap.name}} 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | eventstore-host: {{.Values.eventstore.serviceDatabase.name}} 9 | eventstore-tcp-port: "{{.Values.eventstore.serviceDatabase.port}}" 10 | database-port: "{{.Values.database.configmap.port}}" 11 | database-db: {{.Values.database.configmap.databaseName}} 12 | database-host: "{{.Values.database.configmap.host}}" 13 | microservice-host: "{{.Values.general.host}}" 14 | microservice-port: "{{.Values.general.port}}" 15 | ... -------------------------------------------------------------------------------- /preprod/templates/microservice-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | labels: 6 | app: {{.Values.general.microserviceName}} 7 | type: {{.Values.general.type}} 8 | name: {{.Values.microservice.deployment.name}} 9 | namespace: {{.Values.general.namespace}} 10 | spec: 11 | replicas: {{.Values.microservice.deployment.scale}} 12 | selector: 13 | matchLabels: 14 | app: {{.Values.general.microserviceName}} 15 | type: {{.Values.general.type}} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{.Values.general.microserviceName}} 20 | type: {{.Values.general.type}} 21 | spec: 22 | containers: 23 | - image: itninjahue/box:{{.Values.microservice.deployment.tag}} 24 | name: {{.Values.microservice.deployment.containerName}} 25 | resources: 26 | requests: 27 | memory: "100Mi" 28 | cpu: 0.1 29 | limits: 30 | memory: "150Mi" 31 | cpu: 0.2 32 | env: 33 | - name: HOST 34 | valueFrom: 35 | configMapKeyRef: 36 | name: {{.Values.configMap.name}} 37 | key: microservice-host 38 | - name: MYSQL_HOST 39 | valueFrom: 40 | configMapKeyRef: 41 | name: {{.Values.configMap.name}} 42 | key: database-host 43 | - name: MYSQL_USERNAME 44 | valueFrom: 45 | secretKeyRef: 46 | name: {{.Values.database.secret.name}} 47 | key: database-user 48 | - name: MYSQL_PASSWORD 49 | valueFrom: 50 | secretKeyRef: 51 | name: {{.Values.database.secret.name}} 52 | key: database-password 53 | - name: MYSQL_PORT 54 | valueFrom: 55 | configMapKeyRef: 56 | name: {{.Values.configMap.name}} 57 | key: database-port 58 | - name: MYSQL_DATABASE 59 | valueFrom: 60 | configMapKeyRef: 61 | name: {{.Values.configMap.name}} 62 | key: database-db 63 | - name: EVENT_STORE_HOSTNAME 64 | valueFrom: 65 | configMapKeyRef: 66 | name: {{.Values.configMap.name}} 67 | key: eventstore-host 68 | - name : EVENT_STORE_CREDENTIALS_USERNAME 69 | valueFrom: 70 | secretKeyRef: 71 | name: {{.Values.eventstore.secret.name}} 72 | key: eventstore-user 73 | - name: EVENT_STORE_CREDENTIALS_PASSWORD 74 | valueFrom: 75 | secretKeyRef: 76 | name: {{.Values.eventstore.secret.name}} 77 | key: eventstore-password 78 | - name: SWAGGER_SCHEME 79 | value: https 80 | - name: SWAGGER_VERSION 81 | value: {{.Values.microservice.deployment.tag}} 82 | - name: SWAGGER_TITLE 83 | value: {{.Values.general.microserviceName}} 84 | - name: ELASTIC_APM_SERVER_URL 85 | valueFrom: 86 | configMapKeyRef: 87 | name: {{.Values.apm.configmap.name}} 88 | key: apm-server-host 89 | - name: ELASTIC_APM_SERVICE_NAME 90 | valueFrom: 91 | configMapKeyRef: 92 | name: {{.Values.apm.configmap.name}} 93 | key: apm-service-name 94 | - name: ELASTIC_APM_LOG_LEVEL 95 | valueFrom: 96 | configMapKeyRef: 97 | name: {{.Values.apm.configmap.name}} 98 | key: apm-log-level 99 | - name: ELASTIC_APM_SECRET_TOKEN 100 | valueFrom: 101 | secretKeyRef: 102 | name: {{.Values.apm.secrets.name}} 103 | key: apm-secret-token 104 | imagePullSecrets: 105 | - name: regcred 106 | ... -------------------------------------------------------------------------------- /preprod/templates/microservice-eventstore-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.eventstore.secret.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | eventstore-user: {{ .Values.eventstore.user | b64enc }} 10 | eventstore-password: {{ .Values.eventstore.password | b64enc }} 11 | ... -------------------------------------------------------------------------------- /preprod/templates/microservice-ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: extensions/v1beta1 3 | kind: Ingress 4 | metadata: 5 | name: {{.Values.microservice.ingress.ingressName}} 6 | namespace: {{.Values.general.namespace}} 7 | annotations: 8 | kubernetes.io/ingress.class: "nginx" 9 | nginx.ingress.kubernetes.io/ssl-redirect: "false" 10 | nginx.ingress.kubernetes.io/force-ssl-redirect: "false" 11 | nginx.ingress.kubernetes.io/secure-backends: "false" 12 | spec: 13 | rules: 14 | - host: {{.Values.microservice.ingress.host}} 15 | http: 16 | paths: 17 | - backend: 18 | serviceName: {{.Values.microservice.service.name}} 19 | servicePort: {{.Values.microservice.service.servicePort}} 20 | ... -------------------------------------------------------------------------------- /preprod/templates/microservice-networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: microservice-allow-in-3000 5 | namespace: {{.Values.general.namespace}} 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: {{.Values.general.microserviceName}} 10 | type: {{.Values.general.type}} 11 | policyTypes: 12 | - Ingress 13 | ingress: 14 | - from: 15 | - namespaceSelector: 16 | matchLabels: 17 | app.kubernetes.io/name: ingress-nginx 18 | app.kubernetes.io/part-of: ingress-nginx 19 | podSelector: 20 | matchLabels: 21 | app.kubernetes.io/name: ingress-nginx 22 | app.kubernetes.io/part-of: ingress-nginx 23 | ports: 24 | - protocol: TCP 25 | port: {{.Values.microservice.service.serviceTargetPort}} 26 | 27 | --- 28 | apiVersion: networking.k8s.io/v1 29 | kind: NetworkPolicy 30 | metadata: 31 | name: microservice-allow-out-3306 32 | namespace: {{.Values.general.namespace}} 33 | spec: 34 | podSelector: 35 | matchLabels: 36 | app: {{.Values.general.microserviceName}} 37 | type: {{.Values.general.type}} 38 | policyTypes: 39 | - Egress 40 | egress: 41 | - to: 42 | - namespaceSelector: 43 | matchLabels: 44 | space: dev-microservice-notification 45 | podSelector: 46 | matchLabels: 47 | app: {{.Values.general.microserviceName}} 48 | type: database 49 | ports: 50 | - protocol: TCP 51 | port: {{.Values.database.service.port}} 52 | --- 53 | apiVersion: networking.k8s.io/v1 54 | kind: NetworkPolicy 55 | metadata: 56 | name: microservice-allow-out-53 57 | namespace: {{.Values.general.namespace}} 58 | spec: 59 | podSelector: 60 | matchLabels: 61 | app: {{.Values.general.microserviceName}} 62 | type: {{.Values.general.type}} 63 | policyTypes: 64 | - Egress 65 | egress: 66 | - to: 67 | ports: 68 | - protocol: UDP 69 | port: 53 70 | 71 | --- 72 | apiVersion: networking.k8s.io/v1 73 | kind: NetworkPolicy 74 | metadata: 75 | name: database-allow-in-3306 76 | namespace: {{.Values.general.namespace}} 77 | spec: 78 | podSelector: 79 | matchLabels: 80 | app: {{.Values.general.microserviceName}} 81 | type: database 82 | policyTypes: 83 | - Ingress 84 | ingress: 85 | - from: 86 | - namespaceSelector: 87 | matchLabels: 88 | space: dev-microservice-notification 89 | podSelector: 90 | matchLabels: 91 | app: {{.Values.general.microserviceName}} 92 | type: {{.Values.general.type}} 93 | ports: 94 | - protocol: TCP 95 | port: {{.Values.database.service.port}} 96 | --- 97 | apiVersion: networking.k8s.io/v1 98 | kind: NetworkPolicy 99 | metadata: 100 | name: microservice-allow-out-1113 101 | namespace: {{.Values.general.namespace}} 102 | spec: 103 | podSelector: 104 | matchLabels: 105 | app: {{.Values.general.microserviceName}} 106 | type: {{.Values.general.type}} 107 | policyTypes: 108 | - Egress 109 | egress: 110 | - to: 111 | ports: 112 | - protocol: TCP 113 | port: 1113 114 | -------------------------------------------------------------------------------- /preprod/templates/microservice-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{.Values.benjamin.service.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | selector: 9 | app: {{.Values.general.microserviceName}} 10 | type: {{.Values.general.type}} 11 | ports: 12 | - protocol: TCP 13 | port: {{.Values.benjamin.service.servicePort}} 14 | targetPort: {{.Values.benjamin.service.serviceTargetPort}} 15 | ... -------------------------------------------------------------------------------- /preprod/templates/regcred.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: regcred 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | .dockerconfigjson: {{.Values.privateDockerRegistry.dockerconfigjson}} 9 | type: kubernetes.io/dockerconfigjson 10 | ... -------------------------------------------------------------------------------- /preprod/values.yaml: -------------------------------------------------------------------------------- 1 | configMap: 2 | name: microservice-template-configmap 3 | database: 4 | deployment: 5 | containerName: database 6 | database: b2h-db 7 | image: mysql:5.7 8 | name: database 9 | scale: 1 10 | pvc: 11 | name: mysql-pv-claim 12 | storage: 5Gi 13 | secret: 14 | name: database-credentials 15 | username: MYSQL_USERNAME 16 | password: MYSQL_PASSWORD 17 | service: 18 | name: database-microservice-rating 19 | port: 3306 20 | eventstore: 21 | user: EVENTSTORE_USER 22 | password: EVENTSTORE_PASSWORD 23 | secret: 24 | name: eventstore-credentials 25 | serviceDatabase: 26 | name: preprod-eventstore-db-svc.preprod-eventstore.svc.cluster.local 27 | port: 1113 28 | general: 29 | microserviceName: microservice-template 30 | namespace: preprod-microservice-template 31 | type: microservice 32 | port: 3000 33 | microservice: 34 | deployment: 35 | containerName: microservice-template 36 | name: microservice-template 37 | tag: v1.0.0 38 | ingress: 39 | host: preprod-template.example.com 40 | ingressName: ingress-microservice-template 41 | service: 42 | name: service-microservice-template 43 | servicePort: 80 44 | serviceTargetPort: 3000 45 | autoscaler: 46 | name: autoscaler-microservice-microservice 47 | minReplicas: 1 48 | maxReplicas: 3 49 | targetCPUUtilizationPercentage: 80 50 | apm: 51 | secrets: 52 | name: apm-secret-token 53 | token: APM-TOKEN-BASE64ENCODED 54 | configmap: 55 | name: apm-configmap 56 | host: APM-HOST 57 | logLevel: error 58 | privateDockerRegistry: 59 | dockerconfigjson: 60 | -------------------------------------------------------------------------------- /prod/Chart.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | appVersion: "1.0" 4 | description: A Helm chart microservice boilerplate 5 | name: microserviceboilerplate 6 | version: 0.1.0 7 | ... -------------------------------------------------------------------------------- /prod/templates/apm-configmap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{.Values.apm.configmap.name}} 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | apm-server-host: {{.Values.apm.configmap.host}} 9 | apm-service-name: {{.Values.general.namespace}} 10 | apm-log-level: {{.Values.apm.configmap.logLevel}} 11 | ... -------------------------------------------------------------------------------- /prod/templates/apm-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.apm.secrets.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | apm-secret-token: {{.Values.apm.secrets.token}} 10 | ... -------------------------------------------------------------------------------- /prod/templates/database-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: {{.Values.database.deployment.name}} 6 | namespace: {{.Values.general.namespace}} 7 | labels: 8 | app: {{.Values.general.microserviceName}} 9 | type: database 10 | spec: 11 | replicas: {{.Values.database.deployment.scale}} 12 | selector: 13 | matchLabels: 14 | app: {{.Values.general.microserviceName}} 15 | type: database 16 | template: 17 | metadata: 18 | labels: 19 | app: {{.Values.general.microserviceName}} 20 | type: database 21 | spec: 22 | containers: 23 | - name: {{.Values.database.deployment.containerName}} 24 | image: {{.Values.database.deployment.image}} 25 | env: 26 | - name: MYSQL_ROOT_PASSWORD 27 | valueFrom: 28 | secretKeyRef: 29 | name: database-credentials 30 | key: database-password 31 | - name: MYSQL_DATABASE 32 | valueFrom: 33 | configMapKeyRef: 34 | name: {{.Values.configMap.name}} 35 | key: database-db 36 | volumeMounts: 37 | - name: mysql-persistent-storage 38 | mountPath: /var/lib/mysql 39 | subPath: mysqldata 40 | volumes: 41 | - name: mysql-persistent-storage 42 | persistentVolumeClaim: 43 | claimName: mysql-pv-claim 44 | ... -------------------------------------------------------------------------------- /prod/templates/database-pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: {{.Values.database.pvc.name}} 6 | namespace: {{.Values.general.namespace}} 7 | annotations: 8 | volume.beta.kubernetes.io/storage-class: "aws-efs" 9 | spec: 10 | accessModes: 11 | - ReadWriteMany 12 | storageClassName: 13 | resources: 14 | requests: 15 | storage: {{.Values.database.pvc.storage}} 16 | ... -------------------------------------------------------------------------------- /prod/templates/database-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.database.secret.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | database-user: {{ .Values.database.secret.username | b64enc }} 10 | database-password: {{ .Values.database.secret.password | b64enc }} 11 | ... -------------------------------------------------------------------------------- /prod/templates/database-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{.Values.database.service.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | selector: 9 | app: {{.Values.general.microserviceName}} 10 | type: database 11 | ports: 12 | - protocol: TCP 13 | port: {{.Values.database.service.port}} 14 | targetPort: {{.Values.database.service.port}} 15 | ... -------------------------------------------------------------------------------- /prod/templates/microservice-autoscaler.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: autoscaling/v1 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{.Values.microservice.autoscaler.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | scaleTargetRef: 9 | apiVersion: apps/v1 10 | kind: Deployment 11 | name: {{.Values.microservice.deployment.name}} 12 | minReplicas: {{.Values.microservice.autoscaler.minReplicas}} 13 | maxReplicas: {{.Values.microservice.autoscaler.maxReplicas}} 14 | targetCPUUtilizationPercentage: {{.Values.microservice.autoscaler.targetCPUUtilizationPercentage}} 15 | ... -------------------------------------------------------------------------------- /prod/templates/microservice-configMap.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{.Values.configMap.name}} 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | eventstore-host: {{.Values.eventstore.serviceDatabase.name}} 9 | eventstore-tcp-port: "{{.Values.eventstore.serviceDatabase.port}}" 10 | database-port: "{{.Values.database.configmap.port}}" 11 | database-db: {{.Values.database.configmap.databaseName}} 12 | database-host: "{{.Values.database.configmap.host}}" 13 | microservice-host: "{{.Values.general.host}}" 14 | microservice-port: "{{.Values.general.port}}" 15 | ... -------------------------------------------------------------------------------- /prod/templates/microservice-deployment.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | labels: 6 | app: {{.Values.general.microserviceName}} 7 | type: {{.Values.general.type}} 8 | name: {{.Values.microservice.deployment.name}} 9 | namespace: {{.Values.general.namespace}} 10 | spec: 11 | replicas: {{.Values.microservice.deployment.scale}} 12 | selector: 13 | matchLabels: 14 | app: {{.Values.general.microserviceName}} 15 | type: {{.Values.general.type}} 16 | template: 17 | metadata: 18 | labels: 19 | app: {{.Values.general.microserviceName}} 20 | type: {{.Values.general.type}} 21 | spec: 22 | containers: 23 | - image: itninjahue/box:{{.Values.microservice.deployment.tag}} 24 | name: {{.Values.microservice.deployment.containerName}} 25 | resources: 26 | requests: 27 | memory: "100Mi" 28 | cpu: 0.1 29 | limits: 30 | memory: "150Mi" 31 | cpu: 0.2 32 | env: 33 | - name: HOST 34 | valueFrom: 35 | configMapKeyRef: 36 | name: {{.Values.configMap.name}} 37 | key: microservice-host 38 | - name: MYSQL_HOST 39 | valueFrom: 40 | configMapKeyRef: 41 | name: {{.Values.configMap.name}} 42 | key: database-host 43 | - name: MYSQL_USERNAME 44 | valueFrom: 45 | secretKeyRef: 46 | name: {{.Values.database.secret.name}} 47 | key: database-user 48 | - name: MYSQL_PASSWORD 49 | valueFrom: 50 | secretKeyRef: 51 | name: {{.Values.database.secret.name}} 52 | key: database-password 53 | - name: MYSQL_PORT 54 | valueFrom: 55 | configMapKeyRef: 56 | name: {{.Values.configMap.name}} 57 | key: database-port 58 | - name: MYSQL_DATABASE 59 | valueFrom: 60 | configMapKeyRef: 61 | name: {{.Values.configMap.name}} 62 | key: database-db 63 | - name: EVENT_STORE_HOSTNAME 64 | valueFrom: 65 | configMapKeyRef: 66 | name: {{.Values.configMap.name}} 67 | key: eventstore-host 68 | - name : EVENT_STORE_CREDENTIALS_USERNAME 69 | valueFrom: 70 | secretKeyRef: 71 | name: {{.Values.eventstore.secret.name}} 72 | key: eventstore-user 73 | - name: EVENT_STORE_CREDENTIALS_PASSWORD 74 | valueFrom: 75 | secretKeyRef: 76 | name: {{.Values.eventstore.secret.name}} 77 | key: eventstore-password 78 | - name: SWAGGER_SCHEME 79 | value: https 80 | - name: SWAGGER_VERSION 81 | value: {{.Values.microservice.deployment.tag}} 82 | - name: SWAGGER_TITLE 83 | value: {{.Values.general.microserviceName}} 84 | - name: ELASTIC_APM_SERVER_URL 85 | valueFrom: 86 | configMapKeyRef: 87 | name: {{.Values.apm.configmap.name}} 88 | key: apm-server-host 89 | - name: ELASTIC_APM_SERVICE_NAME 90 | valueFrom: 91 | configMapKeyRef: 92 | name: {{.Values.apm.configmap.name}} 93 | key: apm-service-name 94 | - name: ELASTIC_APM_LOG_LEVEL 95 | valueFrom: 96 | configMapKeyRef: 97 | name: {{.Values.apm.configmap.name}} 98 | key: apm-log-level 99 | - name: ELASTIC_APM_SECRET_TOKEN 100 | valueFrom: 101 | secretKeyRef: 102 | name: {{.Values.apm.secrets.name}} 103 | key: apm-secret-token 104 | imagePullSecrets: 105 | - name: regcred 106 | ... -------------------------------------------------------------------------------- /prod/templates/microservice-eventstore-secret.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{.Values.eventstore.secret.name}} 6 | namespace: {{.Values.general.namespace}} 7 | type: Opaque 8 | data: 9 | eventstore-user: {{ .Values.eventstore.user | b64enc }} 10 | eventstore-password: {{ .Values.eventstore.password | b64enc }} 11 | ... -------------------------------------------------------------------------------- /prod/templates/microservice-ingress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: extensions/v1beta1 3 | kind: Ingress 4 | metadata: 5 | name: {{.Values.microservice.ingress.ingressName}} 6 | namespace: {{.Values.general.namespace}} 7 | annotations: 8 | kubernetes.io/ingress.class: "nginx" 9 | nginx.ingress.kubernetes.io/ssl-redirect: "false" 10 | nginx.ingress.kubernetes.io/force-ssl-redirect: "false" 11 | nginx.ingress.kubernetes.io/secure-backends: "false" 12 | spec: 13 | rules: 14 | - host: {{.Values.microservice.ingress.host}} 15 | http: 16 | paths: 17 | - backend: 18 | serviceName: {{.Values.microservice.service.name}} 19 | servicePort: {{.Values.microservice.service.servicePort}} 20 | ... -------------------------------------------------------------------------------- /prod/templates/microservice-networkpolicy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: microservice-allow-in-3000 5 | namespace: {{.Values.general.namespace}} 6 | spec: 7 | podSelector: 8 | matchLabels: 9 | app: {{.Values.general.microserviceName}} 10 | type: {{.Values.general.type}} 11 | policyTypes: 12 | - Ingress 13 | ingress: 14 | - from: 15 | - namespaceSelector: 16 | matchLabels: 17 | app.kubernetes.io/name: ingress-nginx 18 | app.kubernetes.io/part-of: ingress-nginx 19 | podSelector: 20 | matchLabels: 21 | app.kubernetes.io/name: ingress-nginx 22 | app.kubernetes.io/part-of: ingress-nginx 23 | ports: 24 | - protocol: TCP 25 | port: {{.Values.microservice.service.serviceTargetPort}} 26 | 27 | --- 28 | apiVersion: networking.k8s.io/v1 29 | kind: NetworkPolicy 30 | metadata: 31 | name: microservice-allow-out-3306 32 | namespace: {{.Values.general.namespace}} 33 | spec: 34 | podSelector: 35 | matchLabels: 36 | app: {{.Values.general.microserviceName}} 37 | type: {{.Values.general.type}} 38 | policyTypes: 39 | - Egress 40 | egress: 41 | - to: 42 | - namespaceSelector: 43 | matchLabels: 44 | space: dev-microservice-notification 45 | podSelector: 46 | matchLabels: 47 | app: {{.Values.general.microserviceName}} 48 | type: database 49 | ports: 50 | - protocol: TCP 51 | port: {{.Values.database.service.port}} 52 | --- 53 | apiVersion: networking.k8s.io/v1 54 | kind: NetworkPolicy 55 | metadata: 56 | name: microservice-allow-out-53 57 | namespace: {{.Values.general.namespace}} 58 | spec: 59 | podSelector: 60 | matchLabels: 61 | app: {{.Values.general.microserviceName}} 62 | type: {{.Values.general.type}} 63 | policyTypes: 64 | - Egress 65 | egress: 66 | - to: 67 | ports: 68 | - protocol: UDP 69 | port: 53 70 | 71 | --- 72 | apiVersion: networking.k8s.io/v1 73 | kind: NetworkPolicy 74 | metadata: 75 | name: database-allow-in-3306 76 | namespace: {{.Values.general.namespace}} 77 | spec: 78 | podSelector: 79 | matchLabels: 80 | app: {{.Values.general.microserviceName}} 81 | type: database 82 | policyTypes: 83 | - Ingress 84 | ingress: 85 | - from: 86 | - namespaceSelector: 87 | matchLabels: 88 | space: dev-microservice-notification 89 | podSelector: 90 | matchLabels: 91 | app: {{.Values.general.microserviceName}} 92 | type: {{.Values.general.type}} 93 | ports: 94 | - protocol: TCP 95 | port: {{.Values.database.service.port}} 96 | --- 97 | apiVersion: networking.k8s.io/v1 98 | kind: NetworkPolicy 99 | metadata: 100 | name: microservice-allow-out-1113 101 | namespace: {{.Values.general.namespace}} 102 | spec: 103 | podSelector: 104 | matchLabels: 105 | app: {{.Values.general.microserviceName}} 106 | type: {{.Values.general.type}} 107 | policyTypes: 108 | - Egress 109 | egress: 110 | - to: 111 | ports: 112 | - protocol: TCP 113 | port: 1113 114 | -------------------------------------------------------------------------------- /prod/templates/microservice-service.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{.Values.benjamin.service.name}} 6 | namespace: {{.Values.general.namespace}} 7 | spec: 8 | selector: 9 | app: {{.Values.general.microserviceName}} 10 | type: {{.Values.general.type}} 11 | ports: 12 | - protocol: TCP 13 | port: {{.Values.benjamin.service.servicePort}} 14 | targetPort: {{.Values.benjamin.service.serviceTargetPort}} 15 | ... -------------------------------------------------------------------------------- /prod/templates/regcred.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: regcred 6 | namespace: {{.Values.general.namespace}} 7 | data: 8 | .dockerconfigjson: {{.Values.privateDockerRegistry.dockerconfigjson}} 9 | type: kubernetes.io/dockerconfigjson 10 | ... -------------------------------------------------------------------------------- /prod/values.yaml: -------------------------------------------------------------------------------- 1 | configMap: 2 | name: microservice-template-configmap 3 | database: 4 | deployment: 5 | containerName: database 6 | database: b2h-db 7 | image: mysql:5.7 8 | name: database 9 | scale: 1 10 | pvc: 11 | name: mysql-pv-claim 12 | storage: 5Gi 13 | secret: 14 | name: database-credentials 15 | username: MYSQL_USERNAME 16 | password: MYSQL_PASSWORD 17 | service: 18 | name: database-microservice-rating 19 | port: 3306 20 | eventstore: 21 | user: EVENTSTORE_USER 22 | password: EVENTSTORE_PASSWORD 23 | secret: 24 | name: eventstore-credentials 25 | serviceDatabase: 26 | name: prod-eventstore-db-svc.prod-eventstore.svc.cluster.local 27 | port: 1113 28 | general: 29 | microserviceName: microservice-template 30 | namespace: prod-microservice-template 31 | type: microservice 32 | port: 3000 33 | microservice: 34 | deployment: 35 | containerName: microservice-template 36 | name: microservice-template 37 | tag: v1.0.0 38 | ingress: 39 | host: preprod-template.example.com 40 | ingressName: ingress-microservice-template 41 | service: 42 | name: service-microservice-template 43 | servicePort: 80 44 | serviceTargetPort: 3000 45 | autoscaler: 46 | name: autoscaler-microservice-microservice 47 | minReplicas: 1 48 | maxReplicas: 3 49 | targetCPUUtilizationPercentage: 80 50 | apm: 51 | secrets: 52 | name: apm-secret-token 53 | token: APM-TOKEN-BASE64ENCODED 54 | configmap: 55 | name: apm-configmap 56 | host: APM-HOST 57 | logLevel: error 58 | privateDockerRegistry: 59 | dockerconfigjson: 60 | --------------------------------------------------------------------------------