Add Kubernetes deployment, service, ingress, and namespace configurations

2025-10-02 14:20:05 +08:00
parent cf8ebd01d3
commit a258431020
5 changed files with 381 additions and 0 deletions
--- a/script/k8s/deployment.yaml
+++ b/script/k8s/deployment.yaml
@@ -0,0 +1,75 @@
+# Kubernetes Deployment Configuration
+# Deployment manages a set of identical pods and ensures desired state
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  # Name of the deployment
+  name: ${CONTAINER_IMAGE_NAME}
+  # Namespace where deployment will be created
+  namespace: ${KUBERNETES_NAMESPACE}
+  labels:
+    app: ${CONTAINER_IMAGE_NAME}
+spec:
+  # Number of pod replicas to run
+  replicas: 2
+  
+  # Label selector to identify pods managed by this deployment
+  selector:
+    matchLabels:
+      app: ${CONTAINER_IMAGE_NAME}
+  
+  # Pod template definition
+  template:
+    metadata:
+      labels:
+        app: ${CONTAINER_IMAGE_NAME}
+    spec:
+      # Secret to pull images from private registry
+      imagePullSecrets:
+        - name: regcred
+      
+      # Container specification
+      containers:
+        - name: ${CONTAINER_IMAGE_NAME}
+          # Docker image to use
+          image: ${FULL_IMAGE_NAME}
+          # Always pull the latest version of the image
+          imagePullPolicy: Always
+          
+          # Container port that the app listens on
+          ports:
+            - name: http
+              containerPort: 80
+              protocol: TCP
+          
+          # Health check to know when container is ready to serve traffic
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 5
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 3
+          
+          # Health check to know when to restart container
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 15
+            periodSeconds: 20
+            timeoutSeconds: 5
+            failureThreshold: 3
+          
+          # Resource limits and requests
+          resources:
+            # Minimum resources guaranteed to container
+            requests:
+              memory: "64Mi"
+              cpu: "100m"
+            # Maximum resources container can use
+            limits:
+              memory: "128Mi"
+              cpu: "200m"
--- a/script/k8s/ingress.yaml
+++ b/script/k8s/ingress.yaml
@@ -0,0 +1,45 @@
+# Kubernetes Ingress Configuration for Traefik
+# Ingress exposes HTTP routes from outside the cluster to services within
+
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  # Name of the ingress
+  name: ${CONTAINER_IMAGE_NAME}
+  # Namespace where ingress will be created
+  namespace: ${KUBERNETES_NAMESPACE}
+  
+  # Annotations specific to Traefik ingress controller
+  annotations:
+    # Specify Traefik as the ingress controller
+    kubernetes.io/ingress.class: "traefik"
+    
+    # Traefik router configuration
+    # Entry point for HTTP traffic (not using HTTPS as per requirements)
+    traefik.ingress.kubernetes.io/router.entrypoints: web
+    
+    # Optional: Add middleware for common headers
+    # traefik.ingress.kubernetes.io/router.middlewares: default-headers@kubernetescrd
+    
+  labels:
+    app: ${CONTAINER_IMAGE_NAME}
+
+spec:
+  # Define routing rules
+  rules:
+    # Host-based routing
+    - host: ${KUBERNETES_INGRESS_HOST}
+      http:
+        paths:
+          # Route all paths to the service
+          - path: /
+            # PathType defines how path matching is done
+            # Prefix matches any path starting with /
+            pathType: Prefix
+            backend:
+              service:
+                # Name of the service to route traffic to
+                name: ${CONTAINER_IMAGE_NAME}
+                port:
+                  # Service port to route to
+                  number: 80
--- a/script/k8s/namespace.yaml
+++ b/script/k8s/namespace.yaml
@@ -0,0 +1,10 @@
+# Kubernetes Namespace Configuration
+# A namespace provides a scope for names and is used to divide cluster resources
+
+apiVersion: v1
+kind: Namespace
+metadata:
+  # Name of the namespace where your application will be deployed
+  name: ${KUBERNETES_NAMESPACE}
+  labels:
+    name: ${KUBERNETES_NAMESPACE}
--- a/script/k8s/service.yaml
+++ b/script/k8s/service.yaml
@@ -0,0 +1,29 @@
+# Kubernetes Service Configuration
+# Service exposes pods to network traffic within the cluster
+
+apiVersion: v1
+kind: Service
+metadata:
+  # Name of the service
+  name: ${CONTAINER_IMAGE_NAME}
+  # Namespace where service will be created
+  namespace: ${KUBERNETES_NAMESPACE}
+  labels:
+    app: ${CONTAINER_IMAGE_NAME}
+spec:
+  # Type of service - ClusterIP is internal only
+  type: ClusterIP
+  
+  # Service will route traffic to pods with these labels
+  selector:
+    app: ${CONTAINER_IMAGE_NAME}
+  
+  # Port mapping
+  ports:
+    - name: http
+      # Port that service listens on
+      port: 80
+      # Port on the pod that receives traffic
+      targetPort: http
+      # Protocol to use
+      protocol: TCP