apunkt/trustgraph
1
0
Fork 0
mirror of https://github.com/trustgraph-ai/trustgraph.git synced 2026-04-26 17:06:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
trustgraph/templates/k8s.jsonnet
cybermaggedon f661791bbf
K8s (#58) 
Added templates which produce K8s resources.  With the provided GCP wrapper, it works on GCP K8s cluster.  This isn't stable enough for other folks to use so will need more piloting before it can be documented and released.
2024-09-07 18:59:38 +01:00

330 lines
9.5 KiB
Jsonnet
Raw Blame History

{
container:: function(name)
{
local container = self,
name: name,
limits: {},
reservations: {},
ports: [],
volumes: [],
with_image:: function(x) self + { image: x },
with_command:: function(x) self + { command: x },
with_environment:: function(x) self + { environment: x },
with_limits:: function(c, m) self + { limits: { cpu: c, memory: m } },
with_reservations::
function(c, m) self + { reservations: { cpu: c, memory: m } },
with_volume_mount::
function(vol, mnt)
self + {
volumes: super.volumes + [{
volume: vol, mount: mnt
}]
},
with_port::
function(src, dest, name) self + {
ports: super.ports + [
{ src: src, dest: dest, name : name }
]
},
add:: function() [
{
apiVersion: "apps/v1",
kind: "Deployment",
metadata: {
name: container.name,
namespace: "trustgraph",
labels: {
app: container.name
}
},
spec: {
replicas: 1,
selector: {
matchLabels: {
app: container.name,
}
},
template: {
metadata: {
labels: {
app: container.name,
}
},
spec: {
containers: [
{
name: container.name,
image: container.image,
securityContext: {
// fsGroup: 1234
// runAsUser: 65534
// runAsGroup: 65534
// runAsNonRoot: true
runAsUser: 0,
runAsGroup: 0,
// runAsNonRoot: true,
// readOnlyRootFilesystem: true,
},
resources: {
requests: container.reservations,
limits: container.limits
},
} + (
if std.length(container.ports) > 0 then
{
ports: [
{
hostPort: port.src,
containerPort: port.dest,
}
for port in container.ports
]
} else
{}) +
(if std.objectHas(container, "command") then
{ command: container.command }
else {}) +
(if std.objectHas(container, "environment") then
{ env: [ {
name: e.key, value: e.value
}
for e in
std.objectKeysValues(
container.environment
)
]
}
else {}) +
(if std.length(container.volumes) > 0 then
{
volumeMounts: [
{
mountPath: vol.mount,
name: vol.volume.name,
}
for vol in container.volumes
]
}
else
{}
)
],
volumes: [
vol.volume.volRef()
for vol in container.volumes
]
}
},
} + {}
}
]
},
// Just an alias
internalService:: self.service,
service:: function(containers)
{
local service = self,
name: containers.name,
ports: [],
with_port::
function(src, dest, name)
self + {
ports: super.ports + [
{ src: src, dest: dest, name: name }
]
},
add:: function() [
{
apiVersion: "v1",
kind: "Service",
metadata: {
name: service.name,
namespace: "trustgraph",
},
spec: {
selector: {
app: service.name,
},
ports: [
{
port: port.src,
targetPort: port.dest,
name: port.name,
}
for port in service.ports
],
}
}
],
},
volume:: function(name)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
/*
{
apiVersion: "v1",
kind: "PersistentVolume",
metadata: {
name: volume.name,
labels: {
type: "local",
}
},
spec: {
storageClassName: "tg",
volumeMode: "Filesystem",
capacity: {
storage: volume.size,
},
accessModes: [ "ReadWriteOnce" ],
persistentVolumeReclaimPolicy: "Delete",
}
},
*/
{
apiVersion: "v1",
kind: "PersistentVolumeClaim",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
spec: {
storageClassName: "tg",
accessModes: [ "ReadWriteOnce" ],
resources: {
requests: {
storage: volume.size,
}
},
// volumeName: volume.name,
}
}
],
volRef:: function() {
name: volume.name,
persistentVolumeClaim: { claimName: volume.name },
}
},
configVolume:: function(name, dir, parts)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
{
apiVersion: "v1",
kind: "ConfigMap",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
data: parts
},
],
volRef:: function() {
name: volume.name,
configMap: { name: volume.name },
}
},
secretVolume:: function(name, dir, parts)
{
local volume = self,
name: name,
with_size:: function(size) self + { size: size },
add:: function() [
{
apiVersion: "v1",
kind: "Secret",
metadata: {
name: volume.name,
namespace: "trustgraph",
},
data: {
[item.key]: std.base64(item.value)
for item in std.objectKeysValues(parts)
}
},
],
volRef:: function() {
name: volume.name,
secret: { secretName: volume.name },
}
},
containers:: function(name, containers)
{
local cont = self,
name: name,
containers: containers,
add:: function() std.flattenArrays(
[ c.add() for c in cont.containers ]
),
},
resources:: function(res)
std.flattenArrays(
[ c.add() for c in res ]
),
}
Reference in a new issue View git blame Copy permalink