Skip to content

brainfood / k8s-helmfiles

Go to a project
Toggle navigation
Toggle navigation pinning
a742dade by Adam Heath
Options

Add basic registry service, exposed on a NodePort.

1 parent 9bf694f2
Inline Side-by-side
Showing 5 changed files with 177 additions and 0 deletions
---
apiVersion: v1
kind: ConfigMap
metadata:
name: registry-config
data:
---
apiVersion: v1
kind: Secret
metadata:
name: registry-secret
stringData:
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: registry-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
environments:
default:
values:
- namespace: registry
namePrefix: "test-"
restoreFromEmpty:
enabled: true
registry:
jsonPatches: []
strategicMergePatches: []
service:
registry:
nodePort: 32123
images:
debian: "debian:bullseye-20211220"
registry: "registry:2"
---
releases:
- name: {{ .Values.namePrefix }}registry
namespace: {{ .Values.namespace }}
chart: .
values:
- set-common-values.yaml.gotmpl
jsonPatches:
- target:
kind: Service
name: {{ .Values.namePrefix }}registry
namespace: {{ .Values.namespace }}
version: v1
patch:
- op: replace
path: /spec/selector/app
value: {{ .Values.namePrefix }}registry
- op: replace
path: /spec/ports/0/nodePort
value: {{ .Values.registry.service.registry.nodePort }}
{{- if not (empty (.Values.registry.jsonPatches)) }}
{{- .Values.registry.jsonPatches | toYaml | indent 6 }}
{{- end }}
strategicMergePatches:
- apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.namePrefix }}registry
namespace: {{ .Values.namespace }}
spec:
selector:
matchLabels:
app: {{ .Values.namePrefix }}registry
template:
metadata:
labels:
app: {{ .Values.namePrefix }}registry
spec:
volumes:
- name: registry-data
persistentVolumeClaim:
claimName: {{ .Values.namePrefix }}registry-data
- name: registry-config
configMap:
name: {{ .Values.namePrefix }}registry-config
- name: registry-secret
secret:
secretName: {{ .Values.namePrefix }}registry-secret
- apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.namePrefix }}registry-config
namespace: {{ .Values.namespace }}
data:
- apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.namePrefix }}registry-secret
namespace: {{ .Values.namespace }}
stringData:
{{- if not (empty (.Values.registry.strategicMergePatches)) }}
{{- .Values.registry.strategicMergePatches | toYaml | indent 6 }}
{{- end }}
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./config.yaml
- ./registry.yaml
---
apiVersion: v1
kind: Service
metadata:
name: registry
spec:
type: NodePort
selector:
app: registry
ports:
- name: registry
protocol: TCP
port: 5000
targetPort: 5000
nodePort: 5000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: registry
labels:
app: registry
spec:
selector:
matchLabels:
app: registry
template:
metadata:
labels:
app: registry
spec:
restartPolicy: Always
securityContext:
runAsUser: 0
runAsGroup: 0
volumes:
- name: registry-data
persistentVolumeClaim:
claimName: registry-data
- name: registry-config
configMap:
name: registry-config
- name: registry-secret
secret:
secretName: registry-secret
containers:
- name: registry
image: registry:2
volumeMounts:
- name: registry-data
mountPath: /var/lib/registry
namePrefix: {{ .Values.namePrefix }}
namespace: {{ .Values.namespace }}
images:
- name: debian
newName: {{ .Values.images.debian }}
- name: registry
newName: {{ .Values.images.registry }}