diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 861e888..8b0f029 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -32,25 +32,25 @@ jobs: ghcr.io/islamic-network/api.aladhan.com:latest ghcr.io/islamic-network/api.aladhan.com:${{ github.ref_name }} - - deploy-dubai: + deploy-london: needs: docker-build-and-push runs-on: ubuntu-latest + container: + image: meezaan/kubectl:latest steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Install Env Substring - run: sudo apt-get update && sudo apt-get -y install gettext-base - - name: Install Kubectl - run: | - curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl - chmod u+x ./kubectl - - name: Deploy + - name: Check out repository code + uses: actions/checkout@v3 + - name: Update Consumer and Keys run: | - curl -o ./.k8s/deploy.sh https://raw.githubusercontent.com/islamic-network/k8s-deployment/master/deploy.sh - chmod u+x ./.k8s/deploy.sh + export K8S_URL=${{ secrets.K8S_LONDON_URL }} + export K8S_TOKEN=${{ secrets.K8S_LONDON_TOKEN }} + export K8S_CA=${{ secrets.K8S_LONDON_CA }} + echo "$K8S_CA" | base64 --decode > cert.crt export REF_NAME=${{ github.ref_name }} - export K8S_URL=${{ secrets.K8S_DUBAI_URL }} - export K8S_TOKEN=${{ secrets.K8S_DUBAI_TOKEN }} - export K8S_CA=${{ secrets.K8S_DUBAI_CA }} - sh ./.k8s/deploy.sh + COMMIT_TAG=$REF_NAME + export COMMIT_TAG=$REF_NAME + envsubst <./.k8s/manifest-london.yml >./.k8s/manifest-london.yml.out + mv ./.k8s/manifest-london.yml.out ./.k8s/manifest-london.yml + kubectl apply -f .k8s/manifest-london.yml --kubeconfig=/dev/null --server=$K8S_URL --certificate-authority=cert.crt --token=$K8S_TOKEN + + diff --git a/.k8s/manifest-london.yml b/.k8s/manifest-london.yml new file mode 100644 index 0000000..80241ca --- /dev/null +++ b/.k8s/manifest-london.yml @@ -0,0 +1,251 @@ +# Deployment +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: aladhan-com-api + namespace: aladhan-com +spec: + replicas: 2 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 2 + maxUnavailable: 0 + selector: + matchLabels: + app: aladhan-com-api + template: + metadata: + labels: + app: aladhan-com-api + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + containers: + - name: aladhan-com-api + image: ghcr.io/islamic-network/api.aladhan.com:$COMMIT_TAG + env: + - name: X7X_GEOCODE_BASEURL + value: "http://geocode.7x" + - name: X7X_TIMEZONE_BASEURL + value: "http://timezone.7x" + - name: MEMCACHED_HOST + value: "aladhan-com-api-memcached" + - name: MEMCACHED_PORT + value: "11211" + - name: X7X_API_KEY + valueFrom: + secretKeyRef: + name: aladhan-com-api-7x-creds + key: apikey + livenessProbe: + httpGet: + path: /status + port: 8080 + initialDelaySeconds: 3 + periodSeconds: 7 + timeoutSeconds: 7 + failureThreshold: 7 + startupProbe: + httpGet: + path: /status + port: 8080 + periodSeconds: 3 + failureThreshold: 3 + resources: + requests: + cpu: "400m" + memory: 250Mi + limits: + cpu: "750m" + memory: 600Mi + ports: + - containerPort: 8080 + protocol: TCP +--- +# HPA +apiVersion: autoscaling/v1 +kind: HorizontalPodAutoscaler +metadata: + name: aladhan-com-api + namespace: aladhan-com +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: aladhan-com-api + minReplicas: 2 + maxReplicas: 30 + targetCPUUtilizationPercentage: 75 +--- +# Memcached +apiVersion: apps/v1 +kind: Deployment +metadata: + name: aladhan-com-api-memcached + namespace: aladhan-com +spec: + replicas: 2 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + selector: + matchLabels: + app: aladhan-com-api-memcached + template: + metadata: + labels: + app: aladhan-com-api-memcached + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + containers: + - name: aladhan-com-api-memcached + image: memcached:1.6 + args: + - "memcached" + - "-m" + - "256" + resources: + requests: + memory: 288Mi + limits: + memory: 288Mi + ports: + - containerPort: 11211 + protocol: TCP +--- +# Service +apiVersion: v1 +kind: Service +metadata: + name: aladhan-com-api + namespace: aladhan-com + annotations: + konghq.com/plugins: rate-limiting-aladhan-api, proxy-cache-redis-aladhan-api +spec: + ports: + - port: 80 + targetPort: 8080 + selector: + app: aladhan-com-api +--- +apiVersion: v1 +kind: Service +metadata: + name: aladhan-com-api-memcached + namespace: aladhan-com +spec: + ports: + - port: 11211 + targetPort: 11211 + selector: + app: aladhan-com-api-memcached +--- +apiVersion: configuration.konghq.com/v1 +kind: KongPlugin +metadata: + name: rate-limiting-aladhan-api + namespace: aladhan-com +config: + second: 24 + policy: redis + redis_host: redis-ratelimit-master + redis_port: 6379 + limit_by: ip +plugin: rate-limiting +--- +apiVersion: configuration.konghq.com/v1 +kind: KongPlugin +metadata: + name: proxy-cache-redis-aladhan-api + namespace: aladhan-com +config: + response_code: + - 200 + - 400 + - 301 + request_method: + - GET + - HEAD + content_type: + - application/json + - text/html; charset=UTF-8 + - text/hml + cache_ttl: 3600 + cache_control: false + storage_ttl: 3600 + redis_port: 6379 + redis_host: redis-cache-aladhan-master +plugin: proxy-cache-redis +--- +apiVersion: configuration.konghq.com/v1 +kind: KongPlugin +metadata: + name: bot-detection-aladhan-api + namespace: aladhan-com +plugin: bot-detection +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: aladhan-com-api-ingress + namespace: aladhan-com + annotations: + kubernetes.io/tls-acme: "true" + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: kong +spec: + tls: + - hosts: + - "api.aladhan.com" + - "london.api.aladhan.com" + secretName: "aladhan-com-api-tls" + rules: + - host: api.aladhan.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: aladhan-com-api + port: + number: 80 + - host: london.api.aladhan.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: aladhan-com-api + port: + number: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: aladhan-com-geo-ingress + namespace: aladhan-com + annotations: + kubernetes.io/ingress.class: kong +spec: + rules: + - host: geo.aladhan.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: aladhan-com-api + port: + number: 80