Description
Describe the bug
I can't configure it correctly
To Reproduce
I apologize in advance but I'm still new to k8s. I had help to configure k8s, and I can't adapt my configuration So I have several questions:
- Should we clone the entire folder from github?
- If I try to deploy without modifying a file I cannot access the pod
- Here is a model of how I deploy a pod. My folders on private github are built like this:
Base: podnam.yaml
`apiVersion: apps/v1
kind: Deployment
metadata:
name: APP
namespace: NameSpace
labels:
app: APP
spec:
replicas: 1
selector:
matchLabels:
app: APP
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
template:
metadata:
labels:
app: APP
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Obtenir l'image (Helm)
spec:
containers:
- name: APP
image: ghcr.io/APP adresse
imagePullPolicy: IfNotPresent
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Demande de ressources
resources:
requests:
cpu: CPU
memory: Ram
limits:
cpu: CPU
memory: RAM
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Santé des conteneurs
livenessProbe:
tcpSocket:
port: Port
initialDelaySeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: Port
initialDelaySeconds: 5
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 3
periodSeconds: 10
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Base de données
env:
- name: DB_URL
valueFrom:
secretKeyRef:
name: APP-pg-app
key: uri
- name: TZ
value: "Europe/Paris"
ports:
- containerPort: Port
name: APP
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Monter les volumes
volumeMounts:
- name: APP
mountPath: /config #Ou monter dans le pod
volumes:
configMap:
name: configuration
- name: APP
persistentVolumeClaim:
claimName: APP
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Demande de services
apiVersion: v1
kind: Service
metadata:
name: APP
namespace: NameSpace
spec:
selector:
app: APP
type: ClusterIP
ports:
- name: APP
protocol: TCP
port: Port
targetPort: Port
♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯♯Demande de PVC
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: APP
namespace: NameSpace
labels:
app: APP
spec:
storageClassName: ceph-filesystem
accessModes:
- ReadWriteMany
resources:
requests:
storage: Stockage`
In a PODNAME subfolder Gateway.yaml:
`apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: APP
namespace: istio-system
spec:
secretName: APP-tls
duration: 2160h # 90d
renewBefore: 360h # 15d
isCA: false
privateKey:
algorithm: RSA
encoding: PKCS1
size: 4096
usages:
- server auth
- client auth
dnsNames:
- "APP.###.me"
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
group: cert-manager.io
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: APP-gateway
namespace: APP
spec:
selector:
istio: ingressgateway
servers:
- port:
number: 80
name: http-APP
protocol: HTTP
hosts:
- "APP.###.me"
- port:
number: 443
name: https
protocol: HTTPS
hosts:
- "APP.###.me"
tls:
mode: SIMPLE
credentialName: APP-tls
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: APP-vs
namespace: NameSpace
spec:
hosts:
- "APP.###.me"
gateways:
- APP-gateway
http:
- match:
- uri:
prefix: /
route:
- destination:
host: APP
port:
number: Port
headers:
response:
set:
Strict-Transport-Security: max-age=31536000; includeSubDomains`
Environment:
- K8s version: last
- CNI Plugin: flux
- CSI Type: