From 515b1d2184979e9f62bc00abd6ed064dbacbc48b Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Tue, 10 Sep 2024 18:40:00 +0200 Subject: [PATCH 01/16] Add K8s base manifest # Conflicts: # Taskfile.yaml --- .k8s/base/api/deployment.yaml | 35 ++++++++++++++ .k8s/base/api/kustomization.yaml | 12 +++++ .k8s/base/api/service.yaml | 9 ++++ .k8s/base/ingress.yaml | 38 +++++++++++++++ .k8s/base/kustomization.yaml | 58 +++++++++++++++++++++++ .k8s/base/mongo/deployment.yaml | 32 +++++++++++++ .k8s/base/mongo/kustomization.yaml | 20 ++++++++ .k8s/base/mongo/pvc.yaml | 10 ++++ .k8s/base/mongo/service.yaml | 9 ++++ .k8s/base/redis/deployment.yaml | 31 ++++++++++++ .k8s/base/redis/kustomization.yaml | 20 ++++++++ .k8s/base/redis/pvc.yaml | 10 ++++ .k8s/base/redis/service.yaml | 9 ++++ .k8s/base/ui/deployment.yaml | 33 +++++++++++++ .k8s/base/ui/kustomization.yaml | 12 +++++ .k8s/base/ui/service.yaml | 9 ++++ .k8s/base/worker/deployment.yaml | 24 ++++++++++ .k8s/base/worker/kustomization.yaml | 11 +++++ .k8s/base/xapi-service/deployment.yaml | 42 ++++++++++++++++ .k8s/base/xapi-service/kustomization.yaml | 13 +++++ .k8s/base/xapi-service/pvc.yaml | 10 ++++ .k8s/base/xapi-service/service.yaml | 9 ++++ 22 files changed, 456 insertions(+) create mode 100644 .k8s/base/api/deployment.yaml create mode 100644 .k8s/base/api/kustomization.yaml create mode 100644 .k8s/base/api/service.yaml create mode 100644 .k8s/base/ingress.yaml create mode 100644 .k8s/base/kustomization.yaml create mode 100644 .k8s/base/mongo/deployment.yaml create mode 100644 .k8s/base/mongo/kustomization.yaml create mode 100644 .k8s/base/mongo/pvc.yaml create mode 100644 .k8s/base/mongo/service.yaml create mode 100644 .k8s/base/redis/deployment.yaml create mode 100644 .k8s/base/redis/kustomization.yaml create mode 100644 .k8s/base/redis/pvc.yaml create mode 100644 .k8s/base/redis/service.yaml create mode 100644 .k8s/base/ui/deployment.yaml create mode 100644 .k8s/base/ui/kustomization.yaml create mode 100644 .k8s/base/ui/service.yaml create mode 100644 .k8s/base/worker/deployment.yaml create mode 100644 .k8s/base/worker/kustomization.yaml create mode 100644 .k8s/base/xapi-service/deployment.yaml create mode 100644 .k8s/base/xapi-service/kustomization.yaml create mode 100644 .k8s/base/xapi-service/pvc.yaml create mode 100644 .k8s/base/xapi-service/service.yaml diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml new file mode 100644 index 000000000..6645d1c96 --- /dev/null +++ b/.k8s/base/api/deployment.yaml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api +spec: + replicas: 1 + template: + spec: + containers: + - name: api + image: learninglocker + args: + - node + - api/dist/server + envFrom: + - configMapRef: + name: config + - secretRef: + name: secret + env: + - name: PATH_PREFIX + value: "/api" + - name: REDIS_HOST + value: $(REDIS_SERVICE) + - name: MONGO_HOST + value: $(MONGO_SERVICE) + ports: + - containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: 8080 + initialDelaySeconds: 15 + periodSeconds: 30 \ No newline at end of file diff --git a/.k8s/base/api/kustomization.yaml b/.k8s/base/api/kustomization.yaml new file mode 100644 index 000000000..6de6a82da --- /dev/null +++ b/.k8s/base/api/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +labels: +- pairs: + app.kubernetes.io/name: api + includeSelectors: true + includeTemplates: true + +resources: +- deployment.yaml +- service.yaml diff --git a/.k8s/base/api/service.yaml b/.k8s/base/api/service.yaml new file mode 100644 index 000000000..e3002db95 --- /dev/null +++ b/.k8s/base/api/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: api +spec: + ports: + - name: http + port: 80 + targetPort: 8080 diff --git a/.k8s/base/ingress.yaml b/.k8s/base/ingress.yaml new file mode 100644 index 000000000..0eaa5112c --- /dev/null +++ b/.k8s/base/ingress.yaml @@ -0,0 +1,38 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: web + annotations: + kubernetes.io/tls-acme: "true" + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/redirect-entry-point: https +spec: + rules: + - host: $(LEARNINGLOCKER_FQDN) + http: + paths: + - pathType: Prefix + path: /api + backend: + service: + name: api + port: + name: http + - pathType: Prefix + path: /data + backend: + service: + name: xapi-service + port: + name: http + - pathType: Prefix + path: / + backend: + service: + name: ui + port: + name: http + tls: + - hosts: + - $(LEARNINGLOCKER_FQDN) + secretName: web-tls-crt diff --git a/.k8s/base/kustomization.yaml b/.k8s/base/kustomization.yaml new file mode 100644 index 000000000..a5c9967cc --- /dev/null +++ b/.k8s/base/kustomization.yaml @@ -0,0 +1,58 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namePrefix: learninglocker- + +resources: +- api +- mongo +- redis +- ui +- worker +- xapi-service +- ingress.yaml + +configMapGenerator: +- name: learninglocker-ingress + literals: + - host=example.org +- name: config + literals: + - LOG_MIN_LEVEL=warning + - QUEUE_PROVIDER=REDIS + - MONGO_DATABASE=learninglocker_v2 + - UI_HOST=ui + - UI_PORT=3000 + - API_HOST=api + - API_PORT=8080 + - SITE_URL=http://127.0.0.1 + - SMTP_HOST="" + - SMTP_PORT="" + - SMTP_SECURED="" + - SMTP_USER="" + +secretGenerator: +- name: secret + literals: + - APP_SECRET="i-am-not-secure-please-change-me" + - SMTP_PASS="" + +images: +- name: learninglocker + newName: ghcr.io/ude-soco/learninglocker + newTag: master +- name: redis + newTag: '7' +- name: mongo + newTag: '6.0' +- name: xapi-service + newName: learninglocker/xapi-service + +vars: +- name: LEARNINGLOCKER_FQDN + objref: + apiVersion: v1 + kind: ConfigMap + name: learninglocker-ingress + fieldref: + fieldpath: data.host diff --git a/.k8s/base/mongo/deployment.yaml b/.k8s/base/mongo/deployment.yaml new file mode 100644 index 000000000..c9c671813 --- /dev/null +++ b/.k8s/base/mongo/deployment.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo +spec: + replicas: 1 + strategy: + type: Recreate + template: + metadata: + spec: + containers: + - name: mongo + image: mongo + command: + - mongod + args: + - --wiredTigerCacheSizeGB + - "0.25" + - --quiet + - --logpath + - /dev/null + ports: + - containerPort: 27017 + protocol: TCP + volumeMounts: + - mountPath: /data/db + name: mongo + volumes: + - name: mongo + persistentVolumeClaim: + claimName: mongo diff --git a/.k8s/base/mongo/kustomization.yaml b/.k8s/base/mongo/kustomization.yaml new file mode 100644 index 000000000..0b1ab700d --- /dev/null +++ b/.k8s/base/mongo/kustomization.yaml @@ -0,0 +1,20 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +labels: +- pairs: + app.kubernetes.io/name: mongo + includeSelectors: true + includeTemplates: true + +resources: +- deployment.yaml +- pvc.yaml +- service.yaml + +vars: +- name: MONGO_SERVICE + objref: + apiVersion: v1 + kind: Service + name: mongo diff --git a/.k8s/base/mongo/pvc.yaml b/.k8s/base/mongo/pvc.yaml new file mode 100644 index 000000000..b9e17fed7 --- /dev/null +++ b/.k8s/base/mongo/pvc.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi diff --git a/.k8s/base/mongo/service.yaml b/.k8s/base/mongo/service.yaml new file mode 100644 index 000000000..a12f484d6 --- /dev/null +++ b/.k8s/base/mongo/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: mongo +spec: + ports: + - name: mongo + port: 27017 + targetPort: 27017 diff --git a/.k8s/base/redis/deployment.yaml b/.k8s/base/redis/deployment.yaml new file mode 100644 index 000000000..bcf709c45 --- /dev/null +++ b/.k8s/base/redis/deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis +spec: + replicas: 1 + template: + spec: + containers: + - name: redis + image: redis + args: + - --loglevel + - warning + livenessProbe: + exec: + command: + - redis-cli + - ping + initialDelaySeconds: 2 + periodSeconds: 10 + ports: + - containerPort: 6379 + protocol: TCP + volumeMounts: + - mountPath: /data + name: redis + volumes: + - name: redis + persistentVolumeClaim: + claimName: redis diff --git a/.k8s/base/redis/kustomization.yaml b/.k8s/base/redis/kustomization.yaml new file mode 100644 index 000000000..13d327d12 --- /dev/null +++ b/.k8s/base/redis/kustomization.yaml @@ -0,0 +1,20 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +labels: +- pairs: + app.kubernetes.io/name: redis + includeSelectors: true + includeTemplates: true + +resources: +- deployment.yaml +- pvc.yaml +- service.yaml + +vars: +- name: REDIS_SERVICE + objref: + apiVersion: v1 + kind: Service + name: redis diff --git a/.k8s/base/redis/pvc.yaml b/.k8s/base/redis/pvc.yaml new file mode 100644 index 000000000..db3fa0d11 --- /dev/null +++ b/.k8s/base/redis/pvc.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: redis +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi diff --git a/.k8s/base/redis/service.yaml b/.k8s/base/redis/service.yaml new file mode 100644 index 000000000..82376d8d9 --- /dev/null +++ b/.k8s/base/redis/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis +spec: + ports: + - name: redis + port: 6379 + targetPort: 6379 diff --git a/.k8s/base/ui/deployment.yaml b/.k8s/base/ui/deployment.yaml new file mode 100644 index 000000000..6daca93dc --- /dev/null +++ b/.k8s/base/ui/deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ui +spec: + replicas: 1 + template: + spec: + containers: + - name: ui + image: learninglocker + args: + - node + - ui/dist/server + envFrom: + - configMapRef: + name: config + - secretRef: + name: secret + env: + - name: REDIS_HOST + value: $(REDIS_SERVICE) + - name: MONGO_HOST + value: $(MONGO_SERVICE) + ports: + - containerPort: 3000 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: 3000 + initialDelaySeconds: 15 + periodSeconds: 30 \ No newline at end of file diff --git a/.k8s/base/ui/kustomization.yaml b/.k8s/base/ui/kustomization.yaml new file mode 100644 index 000000000..92a369b14 --- /dev/null +++ b/.k8s/base/ui/kustomization.yaml @@ -0,0 +1,12 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +labels: +- pairs: + app.kubernetes.io/name: ui + includeSelectors: true + includeTemplates: true + +resources: +- deployment.yaml +- service.yaml diff --git a/.k8s/base/ui/service.yaml b/.k8s/base/ui/service.yaml new file mode 100644 index 000000000..7b3369595 --- /dev/null +++ b/.k8s/base/ui/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: ui +spec: + ports: + - name: http + port: 80 + targetPort: 3000 diff --git a/.k8s/base/worker/deployment.yaml b/.k8s/base/worker/deployment.yaml new file mode 100644 index 000000000..c35b5d1fe --- /dev/null +++ b/.k8s/base/worker/deployment.yaml @@ -0,0 +1,24 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: worker +spec: + replicas: 1 + template: + spec: + containers: + - name: worker + image: learninglocker + args: + - node + - worker/dist/server + envFrom: + - configMapRef: + name: config + - secretRef: + name: secret + env: + - name: REDIS_HOST + value: $(REDIS_SERVICE) + - name: MONGO_HOST + value: $(MONGO_SERVICE) diff --git a/.k8s/base/worker/kustomization.yaml b/.k8s/base/worker/kustomization.yaml new file mode 100644 index 000000000..07133b6ab --- /dev/null +++ b/.k8s/base/worker/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +labels: +- pairs: + app.kubernetes.io/name: worker + includeSelectors: true + includeTemplates: true + +resources: +- deployment.yaml diff --git a/.k8s/base/xapi-service/deployment.yaml b/.k8s/base/xapi-service/deployment.yaml new file mode 100644 index 000000000..efa7bf5b2 --- /dev/null +++ b/.k8s/base/xapi-service/deployment.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xapi-service +spec: + replicas: 1 + template: + spec: + containers: + - name: xapi-service + image: xapi-service + env: + - name: MODELS_REPO + value: mongo + - name: MONGO_URL + value: mongodb://$(MONGO_SERVICE):27017/learninglocker_v2 + - name: REDIS_URL + value: redis://$(REDIS_SERVICE):6379/0 + - name: EXPRESS_PORT + value: "8081" + - name: FS_LOCAL_STORAGE_DIR + value: /var/xapi-service + - name: WINSTON_CONSOLE_LEVEL + value: error + - name: XAPI_PREFIX + value: /data + ports: + - containerPort: 8081 + protocol: TCP + livenessProbe: + httpGet: + path: /data/xAPI/about + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 30 + volumeMounts: + - mountPath: /var/xapi-service + name: xapi-service + volumes: + - name: xapi-service + persistentVolumeClaim: + claimName: xapi-service diff --git a/.k8s/base/xapi-service/kustomization.yaml b/.k8s/base/xapi-service/kustomization.yaml new file mode 100644 index 000000000..27e5d6253 --- /dev/null +++ b/.k8s/base/xapi-service/kustomization.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +labels: +- pairs: + app.kubernetes.io/name: xapi-service + includeSelectors: true + includeTemplates: true + +resources: +- deployment.yaml +- pvc.yaml +- service.yaml diff --git a/.k8s/base/xapi-service/pvc.yaml b/.k8s/base/xapi-service/pvc.yaml new file mode 100644 index 000000000..4f8feae82 --- /dev/null +++ b/.k8s/base/xapi-service/pvc.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: xapi-service +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi diff --git a/.k8s/base/xapi-service/service.yaml b/.k8s/base/xapi-service/service.yaml new file mode 100644 index 000000000..41f84a368 --- /dev/null +++ b/.k8s/base/xapi-service/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: xapi-service +spec: + ports: + - name: http + port: 80 + targetPort: 8081 From dbe5d071b7304919483e072a5ace703a1427a53e Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Wed, 23 Apr 2025 10:48:17 +0200 Subject: [PATCH 02/16] Use binstubs --- .k8s/base/api/deployment.yaml | 3 +-- .k8s/base/ui/deployment.yaml | 3 +-- .k8s/base/worker/deployment.yaml | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml index 6645d1c96..a3e7c61b0 100644 --- a/.k8s/base/api/deployment.yaml +++ b/.k8s/base/api/deployment.yaml @@ -10,8 +10,7 @@ spec: - name: api image: learninglocker args: - - node - - api/dist/server + - api envFrom: - configMapRef: name: config diff --git a/.k8s/base/ui/deployment.yaml b/.k8s/base/ui/deployment.yaml index 6daca93dc..f2e3b76c8 100644 --- a/.k8s/base/ui/deployment.yaml +++ b/.k8s/base/ui/deployment.yaml @@ -10,8 +10,7 @@ spec: - name: ui image: learninglocker args: - - node - - ui/dist/server + - ui envFrom: - configMapRef: name: config diff --git a/.k8s/base/worker/deployment.yaml b/.k8s/base/worker/deployment.yaml index c35b5d1fe..a9b57ea74 100644 --- a/.k8s/base/worker/deployment.yaml +++ b/.k8s/base/worker/deployment.yaml @@ -10,8 +10,7 @@ spec: - name: worker image: learninglocker args: - - node - - worker/dist/server + - worker envFrom: - configMapRef: name: config From 2f1134683d3b8e609b6a8b36da15490f041c25f2 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Sun, 17 Aug 2025 12:02:11 +0200 Subject: [PATCH 03/16] Add initContainers --- .k8s/base/api/deployment.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml index a3e7c61b0..11c77ce50 100644 --- a/.k8s/base/api/deployment.yaml +++ b/.k8s/base/api/deployment.yaml @@ -6,6 +6,25 @@ spec: replicas: 1 template: spec: + initContainers: + - name: migrations + image: learninglocker + args: [migrations] + envFrom: + - configMapRef: + name: config + - secretRef: + name: secret + + - name: seeds + image: learninglocker + args: [seeds] + envFrom: + - configMapRef: + name: config + - secretRef: + name: secret + containers: - name: api image: learninglocker From 67d03f0d6f1e3e03c67eef6bcdf567bf345c464e Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 18 Aug 2025 15:40:55 +0200 Subject: [PATCH 04/16] Pass $MONGO_HOST --- .k8s/base/api/deployment.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml index 11c77ce50..73d304fa3 100644 --- a/.k8s/base/api/deployment.yaml +++ b/.k8s/base/api/deployment.yaml @@ -15,6 +15,9 @@ spec: name: config - secretRef: name: secret + env: + - name: MONGO_HOST + value: $(MONGO_SERVICE) - name: seeds image: learninglocker @@ -24,12 +27,14 @@ spec: name: config - secretRef: name: secret + env: + - name: MONGO_HOST + value: $(MONGO_SERVICE) containers: - name: api image: learninglocker - args: - - api + args: [api] envFrom: - configMapRef: name: config @@ -50,4 +55,4 @@ spec: path: / port: 8080 initialDelaySeconds: 15 - periodSeconds: 30 \ No newline at end of file + periodSeconds: 30 From cd9b66836d4b53b14bb0f12272a5b0dc2fa5a4a1 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 18 Aug 2025 15:46:50 +0200 Subject: [PATCH 05/16] Fail on missing config --- bin/entrypoint | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bin/entrypoint b/bin/entrypoint index 81d1682fc..404f6e722 100755 --- a/bin/entrypoint +++ b/bin/entrypoint @@ -1,9 +1,9 @@ #!/usr/bin/env sh set -eu -MONGO_HOST="${MONGO_HOST:-localhost}" -MONGO_PORT="${MONGO_PORT:-27017}" -MONGO_DATABASE="${MONGO_DATABASE:-learninglocker_v2}" +MONGO_HOST="${MONGO_HOST:?MONGO_HOST missing}" +MONGO_PORT="${MONGO_PORT:?MONGO_PORT missing}" +MONGO_DATABASE="${MONGO_DATABASE:?MONGO_DATABASE missing}" export MONGODB_PATH="mongodb://${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}" export PATH=./bin:$PATH From cefa0fcb22f290ea88cd318a63c51a9ffef6d73d Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 18 Aug 2025 15:50:15 +0200 Subject: [PATCH 06/16] Downgrade mongodb from 6.0 to 4.4 --- .k8s/base/kustomization.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.k8s/base/kustomization.yaml b/.k8s/base/kustomization.yaml index a5c9967cc..259bc7da8 100644 --- a/.k8s/base/kustomization.yaml +++ b/.k8s/base/kustomization.yaml @@ -16,6 +16,7 @@ configMapGenerator: - name: learninglocker-ingress literals: - host=example.org + - name: config literals: - LOG_MIN_LEVEL=warning @@ -30,12 +31,15 @@ configMapGenerator: - SMTP_PORT="" - SMTP_SECURED="" - SMTP_USER="" + - LL_ADMIN_EMAIL="" + - LL_ADMIN_ORG="" secretGenerator: - name: secret literals: - APP_SECRET="i-am-not-secure-please-change-me" - SMTP_PASS="" + - LL_ADMIN_PASSWORD="" images: - name: learninglocker @@ -44,7 +48,7 @@ images: - name: redis newTag: '7' - name: mongo - newTag: '6.0' + newTag: '4.4' - name: xapi-service newName: learninglocker/xapi-service From dce53147377fa32b7e6745c215c0f28b5cc337c5 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Tue, 19 Aug 2025 09:24:24 +0200 Subject: [PATCH 07/16] Make MongoDB listen --- .k8s/base/mongo/deployment.yaml | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/.k8s/base/mongo/deployment.yaml b/.k8s/base/mongo/deployment.yaml index c9c671813..d6ffd18a1 100644 --- a/.k8s/base/mongo/deployment.yaml +++ b/.k8s/base/mongo/deployment.yaml @@ -12,20 +12,25 @@ spec: containers: - name: mongo image: mongo - command: - - mongod args: + - --bind_ip + - "0.0.0.0" - --wiredTigerCacheSizeGB - "0.25" - --quiet - - --logpath - - /dev/null ports: - - containerPort: 27017 - protocol: TCP + - containerPort: 27017 + protocol: TCP volumeMounts: - - mountPath: /data/db - name: mongo + - mountPath: /data/db + name: mongo + livenessProbe: + exec: + command: + - mongo + - --disableImplicitSessions + - --eval + - "db.adminCommand('ping')" volumes: - name: mongo persistentVolumeClaim: From 5f252d266372b43dce780a57950c123ed25bf1de Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Thu, 21 Aug 2025 08:53:33 +0200 Subject: [PATCH 08/16] Add labels/selectors --- .k8s/base/api/deployment.yaml | 13 +++++++------ .k8s/base/api/kustomization.yaml | 2 +- .k8s/base/kustomization.yaml | 22 ++++++++++++++-------- .k8s/base/mongo/kustomization.yaml | 8 +------- .k8s/base/redis/kustomization.yaml | 8 +------- .k8s/base/ui/deployment.yaml | 4 ++-- .k8s/base/ui/kustomization.yaml | 2 +- .k8s/base/worker/deployment.yaml | 4 ++-- .k8s/base/xapi-service/deployment.yaml | 4 ++-- .k8s/base/xapi-service/kustomization.yaml | 2 +- 10 files changed, 32 insertions(+), 37 deletions(-) diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml index 73d304fa3..8c5bec4bc 100644 --- a/.k8s/base/api/deployment.yaml +++ b/.k8s/base/api/deployment.yaml @@ -17,7 +17,7 @@ spec: name: secret env: - name: MONGO_HOST - value: $(MONGO_SERVICE) + value: $(LEARNINGLOCKER_MONGO_SERVICE) - name: seeds image: learninglocker @@ -29,7 +29,7 @@ spec: name: secret env: - name: MONGO_HOST - value: $(MONGO_SERVICE) + value: $(LEARNINGLOCKER_MONGO_SERVICE) containers: - name: api @@ -44,9 +44,9 @@ spec: - name: PATH_PREFIX value: "/api" - name: REDIS_HOST - value: $(REDIS_SERVICE) + value: $(LEARNINGLOCKER_REDIS_SERVICE) - name: MONGO_HOST - value: $(MONGO_SERVICE) + value: $(LEARNINGLOCKER_MONGO_SERVICE) ports: - containerPort: 8080 protocol: TCP @@ -54,5 +54,6 @@ spec: httpGet: path: / port: 8080 - initialDelaySeconds: 15 - periodSeconds: 30 + initialDelaySeconds: 5 + periodSeconds: 15 + timeoutSeconds: 3 diff --git a/.k8s/base/api/kustomization.yaml b/.k8s/base/api/kustomization.yaml index 6de6a82da..44fd42f97 100644 --- a/.k8s/base/api/kustomization.yaml +++ b/.k8s/base/api/kustomization.yaml @@ -3,7 +3,7 @@ kind: Kustomization labels: - pairs: - app.kubernetes.io/name: api + app.kubernetes.io/component: api includeSelectors: true includeTemplates: true diff --git a/.k8s/base/kustomization.yaml b/.k8s/base/kustomization.yaml index 259bc7da8..33ec74b27 100644 --- a/.k8s/base/kustomization.yaml +++ b/.k8s/base/kustomization.yaml @@ -2,6 +2,11 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namePrefix: learninglocker- +labels: +- pairs: + app.kubernetes.io/name: learninglocker + includeSelectors: true + includeTemplates: true resources: - api @@ -41,6 +46,15 @@ secretGenerator: - SMTP_PASS="" - LL_ADMIN_PASSWORD="" +vars: +- name: LEARNINGLOCKER_FQDN + objref: + apiVersion: v1 + kind: ConfigMap + name: learninglocker-ingress + fieldref: + fieldpath: data.host + images: - name: learninglocker newName: ghcr.io/ude-soco/learninglocker @@ -52,11 +66,3 @@ images: - name: xapi-service newName: learninglocker/xapi-service -vars: -- name: LEARNINGLOCKER_FQDN - objref: - apiVersion: v1 - kind: ConfigMap - name: learninglocker-ingress - fieldref: - fieldpath: data.host diff --git a/.k8s/base/mongo/kustomization.yaml b/.k8s/base/mongo/kustomization.yaml index 0b1ab700d..2d90429c3 100644 --- a/.k8s/base/mongo/kustomization.yaml +++ b/.k8s/base/mongo/kustomization.yaml @@ -1,19 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -labels: -- pairs: - app.kubernetes.io/name: mongo - includeSelectors: true - includeTemplates: true - resources: - deployment.yaml - pvc.yaml - service.yaml vars: -- name: MONGO_SERVICE +- name: LEARNINGLOCKER_MONGO_SERVICE objref: apiVersion: v1 kind: Service diff --git a/.k8s/base/redis/kustomization.yaml b/.k8s/base/redis/kustomization.yaml index 13d327d12..f903f3a4a 100644 --- a/.k8s/base/redis/kustomization.yaml +++ b/.k8s/base/redis/kustomization.yaml @@ -1,19 +1,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -labels: -- pairs: - app.kubernetes.io/name: redis - includeSelectors: true - includeTemplates: true - resources: - deployment.yaml - pvc.yaml - service.yaml vars: -- name: REDIS_SERVICE +- name: LEARNINGLOCKER_REDIS_SERVICE objref: apiVersion: v1 kind: Service diff --git a/.k8s/base/ui/deployment.yaml b/.k8s/base/ui/deployment.yaml index f2e3b76c8..a770d09b3 100644 --- a/.k8s/base/ui/deployment.yaml +++ b/.k8s/base/ui/deployment.yaml @@ -18,9 +18,9 @@ spec: name: secret env: - name: REDIS_HOST - value: $(REDIS_SERVICE) + value: $(LEARNINGLOCKER_REDIS_SERVICE) - name: MONGO_HOST - value: $(MONGO_SERVICE) + value: $(LEARNINGLOCKER_MONGO_SERVICE) ports: - containerPort: 3000 protocol: TCP diff --git a/.k8s/base/ui/kustomization.yaml b/.k8s/base/ui/kustomization.yaml index 92a369b14..0644ba44d 100644 --- a/.k8s/base/ui/kustomization.yaml +++ b/.k8s/base/ui/kustomization.yaml @@ -3,7 +3,7 @@ kind: Kustomization labels: - pairs: - app.kubernetes.io/name: ui + app.kubernetes.io/component: ui includeSelectors: true includeTemplates: true diff --git a/.k8s/base/worker/deployment.yaml b/.k8s/base/worker/deployment.yaml index a9b57ea74..c5e827380 100644 --- a/.k8s/base/worker/deployment.yaml +++ b/.k8s/base/worker/deployment.yaml @@ -18,6 +18,6 @@ spec: name: secret env: - name: REDIS_HOST - value: $(REDIS_SERVICE) + value: $(LEARNINGLOCKER_REDIS_SERVICE) - name: MONGO_HOST - value: $(MONGO_SERVICE) + value: $(LEARNINGLOCKER_MONGO_SERVICE) diff --git a/.k8s/base/xapi-service/deployment.yaml b/.k8s/base/xapi-service/deployment.yaml index efa7bf5b2..89977d8e4 100644 --- a/.k8s/base/xapi-service/deployment.yaml +++ b/.k8s/base/xapi-service/deployment.yaml @@ -13,9 +13,9 @@ spec: - name: MODELS_REPO value: mongo - name: MONGO_URL - value: mongodb://$(MONGO_SERVICE):27017/learninglocker_v2 + value: mongodb://$(LEARNINGLOCKER_MONGO_SERVICE):27017/learninglocker_v2 - name: REDIS_URL - value: redis://$(REDIS_SERVICE):6379/0 + value: redis://$(LEARNINGLOCKER_REDIS_SERVICE):6379/0 - name: EXPRESS_PORT value: "8081" - name: FS_LOCAL_STORAGE_DIR diff --git a/.k8s/base/xapi-service/kustomization.yaml b/.k8s/base/xapi-service/kustomization.yaml index 27e5d6253..6beca1687 100644 --- a/.k8s/base/xapi-service/kustomization.yaml +++ b/.k8s/base/xapi-service/kustomization.yaml @@ -3,7 +3,7 @@ kind: Kustomization labels: - pairs: - app.kubernetes.io/name: xapi-service + app.kubernetes.io/component: xapi-service includeSelectors: true includeTemplates: true From 0432561795c990dfc9326ba9facb63e6e53a14cd Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Thu, 21 Aug 2025 08:54:01 +0200 Subject: [PATCH 09/16] Default to default mongo port --- bin/entrypoint | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/entrypoint b/bin/entrypoint index 404f6e722..8389498b2 100755 --- a/bin/entrypoint +++ b/bin/entrypoint @@ -2,7 +2,7 @@ set -eu MONGO_HOST="${MONGO_HOST:?MONGO_HOST missing}" -MONGO_PORT="${MONGO_PORT:?MONGO_PORT missing}" +MONGO_PORT="${MONGO_PORT:-27017}" MONGO_DATABASE="${MONGO_DATABASE:?MONGO_DATABASE missing}" export MONGODB_PATH="mongodb://${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}" From 2104cb4ad017cc287cba3bf4cc4cb75183b535d4 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Fri, 22 Aug 2025 13:16:28 +0200 Subject: [PATCH 10/16] Fix labels --- .k8s/base/mongo/kustomization.yaml | 6 ++++++ .k8s/base/redis/kustomization.yaml | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/.k8s/base/mongo/kustomization.yaml b/.k8s/base/mongo/kustomization.yaml index 2d90429c3..7bf93592b 100644 --- a/.k8s/base/mongo/kustomization.yaml +++ b/.k8s/base/mongo/kustomization.yaml @@ -1,6 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +labels: +- pairs: + service: mongo + includeSelectors: true + includeTemplates: true + resources: - deployment.yaml - pvc.yaml diff --git a/.k8s/base/redis/kustomization.yaml b/.k8s/base/redis/kustomization.yaml index f903f3a4a..a8251d926 100644 --- a/.k8s/base/redis/kustomization.yaml +++ b/.k8s/base/redis/kustomization.yaml @@ -1,6 +1,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization +labels: +- pairs: + service: redis + includeSelectors: true + includeTemplates: true + resources: - deployment.yaml - pvc.yaml From d50599212e982c43631904ed70bba29b9690778d Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 25 Aug 2025 09:52:07 +0200 Subject: [PATCH 11/16] Rename Ingress --- .k8s/base/ingress.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.k8s/base/ingress.yaml b/.k8s/base/ingress.yaml index 0eaa5112c..209f59036 100644 --- a/.k8s/base/ingress.yaml +++ b/.k8s/base/ingress.yaml @@ -1,7 +1,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: web + name: learninglocker annotations: kubernetes.io/tls-acme: "true" cert-manager.io/cluster-issuer: letsencrypt-prod @@ -35,4 +35,4 @@ spec: tls: - hosts: - $(LEARNINGLOCKER_FQDN) - secretName: web-tls-crt + secretName: learninglocker-tls-crt From f5651238efa10b59a65500614e226901783aa93c Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 25 Aug 2025 10:20:00 +0200 Subject: [PATCH 12/16] Use /api prefix for livenessProbe --- .k8s/base/api/deployment.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml index 8c5bec4bc..e46f70ee1 100644 --- a/.k8s/base/api/deployment.yaml +++ b/.k8s/base/api/deployment.yaml @@ -52,8 +52,5 @@ spec: protocol: TCP livenessProbe: httpGet: - path: / + path: /api/ port: 8080 - initialDelaySeconds: 5 - periodSeconds: 15 - timeoutSeconds: 3 From d1512bd38ee92145b1dd66607a2240256d32dd59 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 25 Aug 2025 10:20:28 +0200 Subject: [PATCH 13/16] Remove empty YAML dict --- .k8s/base/mongo/deployment.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.k8s/base/mongo/deployment.yaml b/.k8s/base/mongo/deployment.yaml index d6ffd18a1..210586d90 100644 --- a/.k8s/base/mongo/deployment.yaml +++ b/.k8s/base/mongo/deployment.yaml @@ -7,7 +7,6 @@ spec: strategy: type: Recreate template: - metadata: spec: containers: - name: mongo From 6b4a85f23b23ee67ce217558e3caa56cadb55b57 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 25 Aug 2025 12:04:20 +0200 Subject: [PATCH 14/16] Rename configMap/Secret --- .k8s/base/api/deployment.yaml | 12 ++++++------ .k8s/base/kustomization.yaml | 6 +++--- .k8s/base/ui/deployment.yaml | 4 ++-- .k8s/base/worker/deployment.yaml | 4 ++-- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.k8s/base/api/deployment.yaml b/.k8s/base/api/deployment.yaml index e46f70ee1..f40529865 100644 --- a/.k8s/base/api/deployment.yaml +++ b/.k8s/base/api/deployment.yaml @@ -12,9 +12,9 @@ spec: args: [migrations] envFrom: - configMapRef: - name: config + name: learninglocker-config - secretRef: - name: secret + name: learninglocker-secret env: - name: MONGO_HOST value: $(LEARNINGLOCKER_MONGO_SERVICE) @@ -24,9 +24,9 @@ spec: args: [seeds] envFrom: - configMapRef: - name: config + name: learninglocker-config - secretRef: - name: secret + name: learninglocker-secret env: - name: MONGO_HOST value: $(LEARNINGLOCKER_MONGO_SERVICE) @@ -37,9 +37,9 @@ spec: args: [api] envFrom: - configMapRef: - name: config + name: learninglocker-config - secretRef: - name: secret + name: learninglocker-secret env: - name: PATH_PREFIX value: "/api" diff --git a/.k8s/base/kustomization.yaml b/.k8s/base/kustomization.yaml index 33ec74b27..679ecaa23 100644 --- a/.k8s/base/kustomization.yaml +++ b/.k8s/base/kustomization.yaml @@ -22,7 +22,7 @@ configMapGenerator: literals: - host=example.org -- name: config +- name: learninglocker-config literals: - LOG_MIN_LEVEL=warning - QUEUE_PROVIDER=REDIS @@ -31,7 +31,7 @@ configMapGenerator: - UI_PORT=3000 - API_HOST=api - API_PORT=8080 - - SITE_URL=http://127.0.0.1 + - SITE_URL=http://example.org - SMTP_HOST="" - SMTP_PORT="" - SMTP_SECURED="" @@ -40,7 +40,7 @@ configMapGenerator: - LL_ADMIN_ORG="" secretGenerator: -- name: secret +- name: learninglocker-secret literals: - APP_SECRET="i-am-not-secure-please-change-me" - SMTP_PASS="" diff --git a/.k8s/base/ui/deployment.yaml b/.k8s/base/ui/deployment.yaml index a770d09b3..dd6633c32 100644 --- a/.k8s/base/ui/deployment.yaml +++ b/.k8s/base/ui/deployment.yaml @@ -13,9 +13,9 @@ spec: - ui envFrom: - configMapRef: - name: config + name: learninglocker-config - secretRef: - name: secret + name: learninglocker-secret env: - name: REDIS_HOST value: $(LEARNINGLOCKER_REDIS_SERVICE) diff --git a/.k8s/base/worker/deployment.yaml b/.k8s/base/worker/deployment.yaml index c5e827380..641e9b92f 100644 --- a/.k8s/base/worker/deployment.yaml +++ b/.k8s/base/worker/deployment.yaml @@ -13,9 +13,9 @@ spec: - worker envFrom: - configMapRef: - name: config + name: learninglocker-config - secretRef: - name: secret + name: learninglocker-secret env: - name: REDIS_HOST value: $(LEARNINGLOCKER_REDIS_SERVICE) From e90cbb6aa37818d0fc9f06891a20faf138a2b6cb Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Mon, 25 Aug 2025 15:20:40 +0200 Subject: [PATCH 15/16] Remove unset environment variables in configMap and Secret --- .k8s/base/kustomization.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.k8s/base/kustomization.yaml b/.k8s/base/kustomization.yaml index 679ecaa23..92fa1d959 100644 --- a/.k8s/base/kustomization.yaml +++ b/.k8s/base/kustomization.yaml @@ -31,20 +31,20 @@ configMapGenerator: - UI_PORT=3000 - API_HOST=api - API_PORT=8080 - - SITE_URL=http://example.org - - SMTP_HOST="" - - SMTP_PORT="" - - SMTP_SECURED="" - - SMTP_USER="" - - LL_ADMIN_EMAIL="" - - LL_ADMIN_ORG="" + # - SITE_URL=http://example.org + # - SMTP_HOST="" + # - SMTP_PORT="" + # - SMTP_SECURED="" + # - SMTP_USER="" secretGenerator: - name: learninglocker-secret - literals: - - APP_SECRET="i-am-not-secure-please-change-me" - - SMTP_PASS="" - - LL_ADMIN_PASSWORD="" + literals: [] + # - APP_SECRET="i-am-not-secure-please-change-me" + # - SMTP_PASS="" + # - LL_ADMIN_EMAIL="" + # - LL_ADMIN_ORG="" + # - LL_ADMIN_PASSWORD="" vars: - name: LEARNINGLOCKER_FQDN From 4e962f42bff4bbe6087dcfaa876ae021656f6370 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Thu, 28 Aug 2025 13:58:32 +0200 Subject: [PATCH 16/16] Support MONGO_URL override to allow full URIs without reconstruction Supports auth, replicaSet, options --- bin/entrypoint | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/bin/entrypoint b/bin/entrypoint index 8389498b2..ef08990be 100755 --- a/bin/entrypoint +++ b/bin/entrypoint @@ -1,10 +1,14 @@ #!/usr/bin/env sh set -eu -MONGO_HOST="${MONGO_HOST:?MONGO_HOST missing}" -MONGO_PORT="${MONGO_PORT:-27017}" -MONGO_DATABASE="${MONGO_DATABASE:?MONGO_DATABASE missing}" -export MONGODB_PATH="mongodb://${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}" +if [ -n "${MONGO_URL:-}" ]; then + export MONGODB_PATH="${MONGO_URL}" +else + MONGO_HOST="${MONGO_HOST:?MONGO_HOST missing}" + MONGO_PORT="${MONGO_PORT:-27017}" + MONGO_DATABASE="${MONGO_DATABASE:?MONGO_DATABASE missing}" + export MONGODB_PATH="mongodb://${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}" +fi export PATH=./bin:$PATH exec "$@"