├── services ├── redis_svc.yaml ├── rails_svc.yaml └── postgres_svc.yaml ├── ingresses └── ingress.yaml ├── web-autoscaler.yml ├── volumes ├── redis_volumes.yaml └── postgres_volumes.yaml ├── deployments ├── redis_deploy.yaml ├── postgres_deploy.yaml ├── worker_deploy.yaml └── rails_deploy.yaml ├── README.md ├── jobs └── setup.yaml └── deploy.sh /services/redis_svc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: redis 6 | labels: 7 | app: foreman 8 | spec: 9 | ports: 10 | - port: 6379 11 | selector: 12 | app: foreman 13 | tier: cache -------------------------------------------------------------------------------- /services/rails_svc.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: rails 7 | labels: 8 | app: foreman 9 | spec: 10 | ports: 11 | - port: 3000 12 | selector: 13 | app: foreman 14 | tier: app 15 | -------------------------------------------------------------------------------- /services/postgres_svc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: postgres 6 | labels: 7 | app: foreman 8 | spec: 9 | ports: 10 | - port: 5432 11 | selector: 12 | app: foreman 13 | tier: database 14 | -------------------------------------------------------------------------------- /ingresses/ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: Ingress 3 | metadata: 4 | name: foreman 5 | spec: 6 | rules: 7 | - host: foreman-prod.local 8 | http: 9 | paths: 10 | - pathType: Prefix 11 | path: "/" 12 | backend: 13 | service: 14 | name: rails 15 | port: 16 | number: 3000 17 | 18 | -------------------------------------------------------------------------------- /web-autoscaler.yml: -------------------------------------------------------------------------------- 1 | kind: HorizontalPodAutoscaler 2 | apiVersion: autoscaling/v2beta2 3 | metadata: 4 | name: rails-deployment 5 | spec: 6 | scaleTargetRef: 7 | kind: Deployment 8 | name: rails-deployment 9 | apiVersion: extensions/v1beta1 10 | minReplicas: 1 11 | maxReplicas: 10 12 | metrics: 13 | - type: Resource 14 | resource: 15 | name: cpu 16 | target: 17 | type: Utilization 18 | averageUtilization: 50 19 | -------------------------------------------------------------------------------- /volumes/redis_volumes.yaml: -------------------------------------------------------------------------------- 1 | #--- 2 | #kind: PersistentVolume 3 | #apiVersion: v1 4 | #metadata: 5 | # name: redis-pv 6 | # labels: 7 | # type: local 8 | #spec: 9 | # capacity: 10 | # storage: 1Gi 11 | # accessModes: 12 | # - ReadWriteOnce 13 | # hostPath: 14 | # path: "/tmp/data" 15 | --- 16 | kind: PersistentVolumeClaim 17 | apiVersion: v1 18 | metadata: 19 | name: redis-pvc 20 | spec: 21 | accessModes: 22 | - ReadWriteOnce 23 | resources: 24 | requests: 25 | storage: 1Gi 26 | -------------------------------------------------------------------------------- /volumes/postgres_volumes.yaml: -------------------------------------------------------------------------------- 1 | #--- 2 | #kind: PersistentVolume 3 | #apiVersion: v1 4 | #metadata: 5 | # name: postgres-pv 6 | # labels: 7 | # type: local 8 | #spec: 9 | # capacity: 10 | # storage: 1Gi 11 | # accessModes: 12 | # - ReadWriteOnce 13 | # hostPath: 14 | # path: "/tmp/data" 15 | --- 16 | kind: PersistentVolumeClaim 17 | apiVersion: v1 18 | metadata: 19 | name: postgres-pvc 20 | spec: 21 | accessModes: 22 | - ReadWriteOnce 23 | resources: 24 | requests: 25 | storage: 1Gi 26 | -------------------------------------------------------------------------------- /deployments/redis_deploy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: redis-deployment 6 | labels: 7 | app: foreman 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: foreman 13 | tier: cache 14 | template: 15 | metadata: 16 | name: redis 17 | labels: 18 | app: foreman 19 | tier: cache 20 | spec: 21 | volumes: 22 | - name: redis-pv 23 | persistentVolumeClaim: 24 | claimName: redis-pvc 25 | containers: 26 | - name: redis 27 | image: redis 28 | ports: 29 | - containerPort: 6379 30 | volumeMounts: 31 | - mountPath: "/data" 32 | name: redis-pv 33 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Experimental Kubernetes support for [Foreman](https://theforeman.org) project. 2 | 3 | by default, this deployment uses the published foreman image at https://quay.io/repository/foreman/foreman, and it does not include any additional plugins, if you require more plugins, please rebuild the image yourself. 4 | 5 | This by no means is a replacement to the installer or should effect users besides the purpose of getting up an environment quickly 6 | 7 | to use this repository 8 | ```sh 9 | git clone git@github.com:ohadlevy/foreman-kube.git 10 | cd foreman-kube 11 | ./deploy.sh 12 | ``` 13 | 14 | Your foreman instance should be available under https://foreman-prod.local (feel free to change the ingress) 15 | default user admin, password changeme 16 | -------------------------------------------------------------------------------- /jobs/setup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: setup 5 | spec: 6 | template: 7 | metadata: 8 | name: setup 9 | spec: 10 | containers: 11 | - name: setup 12 | image: quay.io/foreman/foreman:develop 13 | args: 14 | - bundle 15 | - exec 16 | - rake 17 | - db:create 18 | - db:migrate 19 | - db:seed 20 | env: 21 | - name: DATABASE_URL 22 | valueFrom: 23 | secretKeyRef: 24 | name: "db-url" 25 | key: "url" 26 | - name: RAILS_ENV 27 | value: "production" 28 | - name: SEED_ADMIN_PASSWORD 29 | value: "changeme" 30 | - name: SECRET_KEY_BASE 31 | valueFrom: 32 | secretKeyRef: 33 | name: "secret-key-base" 34 | key: "secret-key-base" 35 | restartPolicy: Never 36 | -------------------------------------------------------------------------------- /deploy.sh: -------------------------------------------------------------------------------- 1 | #! /bin/sh 2 | 3 | k="kubectl" 4 | set -e 5 | export DB_USER_PASS=`uuidgen` 6 | export DB_USERNAME='postgres' 7 | export DB_NAME='foreman' 8 | export RAILS_SECRET=`uuidgen` 9 | 10 | $k create namespace foreman 11 | 12 | $k config set-context $(kubectl config current-context) --namespace=foreman 13 | 14 | $k create secret generic db-user-pass --from-literal=password=${DB_USER_PASS} 15 | $k create secret generic db-user --from-literal=username=${DB_USERNAME} 16 | $k create secret generic db-url --from-literal=url=postgres://${DB_USERNAME}:${DB_USER_PASS}@postgres/${DB_NAME}?pool=5 17 | $k create secret generic secret-key-base --from-literal=secret-key-base=${RAILS_SECRET} 18 | 19 | $k create -f volumes/postgres_volumes.yaml 20 | $k create -f volumes/redis_volumes.yaml 21 | $k create -f services/postgres_svc.yaml 22 | $k create -f services/redis_svc.yaml 23 | $k create -f services/rails_svc.yaml 24 | $k create -f deployments/postgres_deploy.yaml 25 | $k create -f deployments/redis_deploy.yaml 26 | $k create -f jobs/setup.yaml 27 | $k create -f deployments/rails_deploy.yaml 28 | $k create -f deployments/worker_deploy.yaml 29 | $k create -f ingresses/ingress.yaml 30 | $k create -f web-autoscaler.yml 31 | -------------------------------------------------------------------------------- /deployments/postgres_deploy.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: postgres 6 | labels: 7 | app: foreman 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: foreman 13 | tier: database 14 | template: 15 | metadata: 16 | name: postgres 17 | labels: 18 | app: foreman 19 | tier: database 20 | spec: 21 | volumes: 22 | - name: postgres-pv 23 | persistentVolumeClaim: 24 | claimName: postgres-pvc 25 | containers: 26 | - name: postgres 27 | image: postgres:12 28 | env: 29 | - name: POSTGRES_USER 30 | valueFrom: 31 | secretKeyRef: 32 | name: "db-user" 33 | key: "username" 34 | - name: POSTGRES_PASSWORD 35 | valueFrom: 36 | secretKeyRef: 37 | name: "db-user-pass" 38 | key: "password" 39 | - name: POSTGRES_DATABASE 40 | value: "foreman_production" 41 | - name: PGDATA 42 | value: "/var/lib/postgresql/data/pgdata" 43 | ports: 44 | - containerPort: 5432 45 | volumeMounts: 46 | - mountPath: "/var/lib/postgresql/data" 47 | name: postgres-pv 48 | -------------------------------------------------------------------------------- /deployments/worker_deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | app: foreman 6 | name: worker-deployment 7 | namespace: foreman 8 | spec: 9 | minReadySeconds: 10 10 | progressDeadlineSeconds: 600 11 | replicas: 1 12 | revisionHistoryLimit: 10 13 | selector: 14 | matchLabels: 15 | app: foreman 16 | tier: worker 17 | strategy: 18 | rollingUpdate: 19 | maxSurge: 1 20 | maxUnavailable: 1 21 | type: RollingUpdate 22 | template: 23 | metadata: 24 | labels: 25 | app: foreman 26 | tier: worker 27 | name: worker 28 | spec: 29 | containers: 30 | - args: 31 | - bundle 32 | - exec 33 | - rake 34 | - dynflow:executor 35 | env: 36 | - name: RAILS_LOG_TO_STDOUT 37 | value: "true" 38 | - name: DATABASE_URL 39 | valueFrom: 40 | secretKeyRef: 41 | key: url 42 | name: db-url 43 | - name: RAILS_ENV 44 | value: production 45 | - name: SECRET_KEY_BASE 46 | valueFrom: 47 | secretKeyRef: 48 | key: secret-key-base 49 | name: secret-key-base 50 | - name: FOREMAN_FQDN 51 | value: foreman.example.com 52 | - name: FOREMAN_RAILS_CACHE_STORE_TYPE 53 | value: redis 54 | - name: FOREMAN_RAILS_CACHE_STORE_URLS 55 | value: redis://$(REDIS_SERVICE_HOST):$(REDIS_SERVICE_PORT)/0 56 | image: quay.io/foreman/foreman:develop 57 | imagePullPolicy: Always 58 | name: worker 59 | resources: {} 60 | dnsPolicy: ClusterFirst 61 | restartPolicy: Always 62 | schedulerName: default-scheduler 63 | securityContext: {} 64 | terminationGracePeriodSeconds: 30 65 | -------------------------------------------------------------------------------- /deployments/rails_deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | labels: 5 | app: foreman 6 | tier: app 7 | name: rails-deployment 8 | namespace: foreman 9 | spec: 10 | minReadySeconds: 10 11 | progressDeadlineSeconds: 600 12 | replicas: 2 13 | revisionHistoryLimit: 10 14 | selector: 15 | matchLabels: 16 | app: foreman 17 | tier: app 18 | strategy: 19 | rollingUpdate: 20 | maxSurge: 1 21 | maxUnavailable: 1 22 | type: RollingUpdate 23 | template: 24 | metadata: 25 | labels: 26 | app: foreman 27 | tier: app 28 | name: rails 29 | spec: 30 | containers: 31 | - args: 32 | - bundle 33 | - exec 34 | - rails 35 | - server 36 | env: 37 | - name: RAILS_LOG_TO_STDOUT 38 | value: "true" 39 | - name: RAILS_SERVE_STATIC_FILES 40 | value: "true" 41 | - name: DATABASE_URL 42 | valueFrom: 43 | secretKeyRef: 44 | key: url 45 | name: db-url 46 | - name: RAILS_ENV 47 | value: production 48 | - name: SECRET_KEY_BASE 49 | valueFrom: 50 | secretKeyRef: 51 | key: secret-key-base 52 | name: secret-key-base 53 | - name: FOREMAN_FQDN 54 | value: foreman.example.com 55 | - name: FOREMAN_RAILS_CACHE_STORE_TYPE 56 | value: redis 57 | - name: FOREMAN_RAILS_CACHE_STORE_URLS 58 | value: redis://$(REDIS_SERVICE_HOST):$(REDIS_SERVICE_PORT)/0 59 | image: quay.io/foreman/foreman:develop 60 | imagePullPolicy: Always 61 | name: rails 62 | ports: 63 | - containerPort: 3000 64 | protocol: TCP 65 | resources: {} 66 | dnsPolicy: ClusterFirst 67 | restartPolicy: Always 68 | schedulerName: default-scheduler 69 | securityContext: {} 70 | terminationGracePeriodSeconds: 30 71 | --------------------------------------------------------------------------------