diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index 4fbfacc..16a8e3d 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -32,25 +32,24 @@ jobs: ghcr.io/islamic-network/api.alquran.cloud:latest ghcr.io/islamic-network/api.alquran.cloud:${{ github.ref_name }} - - deploy-dubai: + deploy-london: needs: docker-build-and-push runs-on: ubuntu-latest + container: + image: meezaan/kubectl:latest steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Install Env Substring - run: sudo apt-get update && sudo apt-get -y install gettext-base - - name: Install Kubectl - run: | - curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl - chmod u+x ./kubectl - - name: Deploy + - name: Check out repository code + uses: actions/checkout@v3 + - name: Update Consumer and Keys run: | - curl -o ./.k8s/deploy.sh https://raw.githubusercontent.com/islamic-network/k8s-deployment/master/deploy.sh - chmod u+x ./.k8s/deploy.sh + export K8S_URL=${{ secrets.K8S_LONDON_URL }} + export K8S_TOKEN=${{ secrets.K8S_LONDON_TOKEN }} + export K8S_CA=${{ secrets.K8S_LONDON_CA }} + echo "$K8S_CA" | base64 --decode > cert.crt export REF_NAME=${{ github.ref_name }} - export K8S_URL=${{ secrets.K8S_DUBAI_URL }} - export K8S_TOKEN=${{ secrets.K8S_DUBAI_TOKEN }} - export K8S_CA=${{ secrets.K8S_DUBAI_CA }} - sh ./.k8s/deploy.sh + COMMIT_TAG=$REF_NAME + export COMMIT_TAG=$REF_NAME + envsubst <./.k8s/manifest-london.yml >./.k8s/manifest-london.yml.out + mv ./.k8s/manifest-london.yml.out ./.k8s/manifest-london.yml + kubectl apply -f .k8s/manifest-london.yml --kubeconfig=/dev/null --server=$K8S_URL --certificate-authority=cert.crt --token=$K8S_TOKEN + diff --git a/.k8s/manifest-london.yml b/.k8s/manifest-london.yml new file mode 100644 index 0000000..4b7a81e --- /dev/null +++ b/.k8s/manifest-london.yml @@ -0,0 +1,256 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alquran-cloud-api-memcached + namespace: alquran-cloud +spec: + replicas: 2 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + selector: + matchLabels: + app: alquran-cloud-api-memcached + template: + metadata: + labels: + app: alquran-cloud-api-memcached + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + containers: + - name: alquran-cloud-api-memcached + image: memcached:1.6 + args: + - "memcached" + - "-m" + - "220" + resources: + requests: + memory: 256Mi + limits: + memory: 256Mi + ports: + - containerPort: 11211 + protocol: TCP +--- +apiVersion: v1 +kind: Service +metadata: + name: alquran-cloud-api-memcached + namespace: alquran-cloud +spec: + ports: + - port: 11211 + targetPort: 11211 + selector: + app: alquran-cloud-api-memcached +--- +apiVersion: configuration.konghq.com/v1 +kind: KongPlugin +metadata: + name: rate-limiting-alquran-api + namespace: alquran-cloud +config: + second: 10 + policy: redis + redis_host: redis-ratelimit-master + redis_port: 6379 + limit_by: ip +plugin: rate-limiting +--- +apiVersion: configuration.konghq.com/v1 +kind: KongPlugin +metadata: + name: proxy-cache-redis-alquran-api + namespace: alquran-cloud +config: + response_code: + - 200 + - 400 + - 301 + request_method: + - GET + - HEAD + content_type: + - application/json + cache_ttl: 86400 + cache_control: false + storage_ttl: 86400 + redis_port: 6379 + redis_host: redis-cache-alquran-master +plugin: proxy-cache-redis +--- +# Service +apiVersion: v1 +kind: Service +metadata: + name: alquran-cloud-api + namespace: alquran-cloud + annotations: + konghq.com/plugins: rate-limiting-alquran-api, proxy-cache-redis-alquran-api +spec: + ports: + - port: 80 + targetPort: 8080 + selector: + app: alquran-cloud-api +# Deployment +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: alquran-cloud-api + namespace: alquran-cloud +spec: + replicas: 2 # 16 requests each + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + selector: + matchLabels: + app: alquran-cloud-api + template: + metadata: + labels: + app: alquran-cloud-api + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway + containers: + - name: alquran-cloud-api + image: islamicnetwork/api.alquran.cloud:$COMMIT_TAG + env: + - name: DB_USER + valueFrom: + secretKeyRef: + name: alquran-cloud-api-database + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: alquran-cloud-api-database + key: password + - name: DB_NAME + valueFrom: + secretKeyRef: + name: alquran-cloud-api-database + key: database + - name: DB_HOST + value: "mysql" + - name: DB_PORT + value: "3306" + - name: MEMCACHED_HOST + value: "alquran-cloud-api-memcached" + - name: MEMCACHED_PORT + value: "11211" + - name: IMPORTER_KEY + valueFrom: + secretKeyRef: + name: alquran-cloud-api-database + key: importerkey + livenessProbe: + httpGet: + path: /liveness + port: 8080 + initialDelaySeconds: 7 + periodSeconds: 30 + timeoutSeconds: 5 + failureThreshold: 3 + startupProbe: + httpGet: + path: /status + port: 8080 + periodSeconds: 7 + failureThreshold: 3 + resources: + requests: + cpu: "350m" + memory: 250Mi + limits: + cpu: "500m" + memory: 500Mi + ports: + - containerPort: 8080 + protocol: TCP +--- +# HPA +apiVersion: autoscaling/v1 +kind: HorizontalPodAutoscaler +metadata: + name: alquran-cloud-api + namespace: alquran-cloud +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: alquran-cloud-api + minReplicas: 2 + maxReplicas: 10 + targetCPUUtilizationPercentage: 50 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: alquran-cloud-api-ingress + namespace: alquran-cloud + annotations: + kubernetes.io/tls-acme: "true" + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: kong +spec: + tls: + - hosts: + - "api.alquran.cloud" + - "dubai.api.alquran.cloud" + secretName: "alquran-cloud-api-tls" + rules: + - host: api.alquran.cloud + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: alquran-cloud-api + port: + number: 80 + - host: dubai.api.alquran.cloud + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: alquran-cloud-api + port: + number: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: alquran-cloud-geo-ingress + namespace: alquran-cloud + annotations: + kubernetes.io/ingress.class: kong +spec: + rules: + - host: geo.alquran.cloud + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: alquran-cloud-api + port: + number: 80