mirror of
https://github.com/bigchaindb/bigchaindb.git
synced 2024-10-13 13:34:05 +00:00
cc66d5aaa5
* Add more tools to the toolbox container * Add mongodb monitoring agent * Add a bigchaindb/mongodb-monitoring-agent container that includes the monitoring agent. * It makes use of an api key provided by MongoDB Cloud Manager. This is included in the configuration/config-map.yaml file. * Changes to mongodb StatefulSet configuration Changes to bump up mongodb version to v3.4.3. Add configuration settings for mongodb instance name in ConfigMap. Split the mongodb service to a new configuration file. * Modify bigchaindb deployment config * Bugfix to remove keyring field for the first node. * Split the mongodb service to a new configuration file. * Add mongodb backup agent * Add a bigchaindb/mongodb-backup-agent container that includes the backup agent. * It makes use of an api key provided by MongoDB Cloud Manager. This is included in the configuration/config-map.yaml file. * Changes to nginx deployment config * Allow 'all' by default for now. This is included in the configuration/config-map.yaml file. * Dynamically resolve DNS addresses of our backend services; cache DNS resolution for 20s. * Configure DNS based on user provided resolver. This helps in user deciding to provide 8.8.8.8 or a custom DNS for name resolution. For k8s deployments, we use the hardcoded k8s DNS IP of 10.0.0.10. * Changes to nginx-3scale deployment config * Use the common ConfigMap in configuration/config-map.yaml file. * Removing prefix `v` from the docker tag for mongodb-monitoring-agent and mongodb containers * Bumping up version for nginx-3scale container * Add small helper scripts for docker build and push of mongodb monitoring and backup agents * Documentation for setting up the first node with monitoring and backup agents
99 lines
3.1 KiB
YAML
99 lines
3.1 KiB
YAML
###############################################################
|
|
# This config file runs nginx as a k8s deployment and exposes #
|
|
# it using an external load balancer. #
|
|
# This deployment is used as a front end to both BigchainDB #
|
|
# and MongoDB. #
|
|
###############################################################
|
|
|
|
apiVersion: extensions/v1beta1
|
|
kind: Deployment
|
|
metadata:
|
|
name: ngx-instance-0-dep
|
|
spec:
|
|
replicas: 1
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ngx-instance-0-dep
|
|
spec:
|
|
terminationGracePeriodSeconds: 10
|
|
containers:
|
|
- name: nginx-3scale
|
|
image: bigchaindb/nginx_3scale:1.0
|
|
# TODO(Krish): Change later to IfNotPresent
|
|
imagePullPolicy: Always
|
|
env:
|
|
- name: MONGODB_FRONTEND_PORT
|
|
value: $(NGX_INSTANCE_0_SERVICE_PORT_NGX_PUBLIC_MDB_PORT)
|
|
- name: MONGODB_BACKEND_HOST
|
|
# NGINX requires FQDN to resolve names
|
|
value: mdb-instance-0.default.svc.cluster.local
|
|
- name: MONGODB_BACKEND_PORT
|
|
value: "27017"
|
|
- name: BIGCHAINDB_FRONTEND_PORT
|
|
value: $(NGX_INSTANCE_0_SERVICE_PORT_NGX_PUBLIC_BDB_PORT)
|
|
- name: BIGCHAINDB_BACKEND_HOST
|
|
# NGINX requires FQDN to resolve names
|
|
value: bdb-instance-0.default.svc.cluster.local
|
|
- name: BIGCHAINDB_BACKEND_PORT
|
|
value: "9984"
|
|
- name: MONGODB_WHITELIST
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: mongodb-whitelist
|
|
key: allowed-hosts
|
|
- name: DNS_SERVER
|
|
value: "10.0.0.10"
|
|
- name: NGINX_HEALTH_CHECK_PORT
|
|
value: "8888"
|
|
# TODO(Krish): use secrets for sensitive info
|
|
- name: THREESCALE_SECRET_TOKEN
|
|
value: "<Secret Token Here>"
|
|
- name: THREESCALE_SERVICE_ID
|
|
value: "<Service ID Here>"
|
|
- name: THREESCALE_VERSION_HEADER
|
|
value: "<Version Header Here>"
|
|
- name: THREESCALE_PROVIDER_KEY
|
|
value: "<Provider Key Here>"
|
|
- name: THREESCALE_FRONTEND_API_DNS_NAME
|
|
value: "<Frontend API FQDN Here>"
|
|
- name: THREESCALE_UPSTREAM_API_PORT
|
|
value: "<Upstream API Port Here>"
|
|
ports:
|
|
- containerPort: 27017
|
|
hostPort: 27017
|
|
name: public-mdb-port
|
|
protocol: TCP
|
|
- containerPort: 443
|
|
hostPort: 443
|
|
name: public-bdb-port
|
|
protocol: TCP
|
|
- containerPort: 8888
|
|
hostPort: 8888
|
|
name: health-check
|
|
protocol: TCP
|
|
- containerPort: 8080
|
|
hostPort: 8080
|
|
name: public-api-port
|
|
protocol: TCP
|
|
volumeMounts:
|
|
- name: https
|
|
mountPath: /usr/local/openresty/nginx/conf/ssl/
|
|
readOnly: true
|
|
resources:
|
|
limits:
|
|
cpu: 200m
|
|
memory: 768Mi
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 8888
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 10
|
|
restartPolicy: Always
|
|
volumes:
|
|
- name: https
|
|
secret:
|
|
secretName: certs
|
|
defaultMode: 0400
|