mini nginx to host static content

hl7au · Nov 20, 2024 · a0ddf01 · a0ddf01
1 parent 9f710c4
commit a0ddf01
Show file tree

Hide file tree

Showing 10 changed files with 444 additions and 7 deletions.
diff --git a/backup/configs.yaml b/backup/configs.yaml
@@ -0,0 +1,74 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: inferno
+  namespace: {{ .Values.namespace }}
+data:
+  FHIR_RESOURCE_VALIDATOR_URL: {{ default "http://validator-api:3500" .Values.inferno.externalValidatorUrl | quote }}
+  REDIS_URL: {{ default "redis://inferno-redis:6379" .Values.inferno.redisUrl | quote }}
+  RAILS_ENV: {{ default "production" .Values.inferno.railsEnv | quote }}
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: inferno-ingress
+  namespace: {{ .Values.namespace }}
+  annotations:
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/allow-snippet-annotations: "true"
+spec:
+  ingressClassName: {{ .Values.controller.ingressClass }}
+  tls:
+    - hosts:
+        -  {{ .Values.externalDomain }}
+      secretName: inferno-tls
+  rules:
+    - host: {{ .Values.externalDomain }}
+      http:
+        paths:
+          - path: /hl7validatorapi
+            pathType: Prefix
+            backend:
+              service:
+                name: validator-api
+                port:
+                  number: 3500
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: inferno
+                port:
+                  number: 4567
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: postgresql-configmap
+  namespace: {{ .Values.namespace }}
+data:
+  POSTGRES_HOST: {{ default (printf "%s-postgresql" .Release.Name | quote) (index .Values.postgresql "externaldbhost") | quote }} # Use the release name as the default host if no external db override is given
+  POSTGRES_USER: {{ .Values.postgresql.global.postgresql.auth.username | quote }}
+  POSTGRES_PORT: {{ .Values.postgresql.containerPorts.postgresql | quote }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgresql-secret
+stringData:
+  POSTGRES_DB: {{ .Values.postgresql.global.postgresql.auth.database | quote }}
+  POSTGRES_PASSWORD: {{ .Values.postgresql.global.postgresql.auth.password | quote }}
+type: Opaque
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: redis-data
+  namespace: {{ .Values.namespace }}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
diff --git a/backup/deployments.yaml b/backup/deployments.yaml
@@ -0,0 +1,159 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: inferno-worker
+  namespace: {{ .Values.namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: inferno-worker
+  template:
+    metadata:
+      labels:
+        app: inferno-worker
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: amd64
+      containers:
+      - name: inferno-worker
+        image: {{ .Values.inferno.imageUrl }}
+        command: ["bundle", "exec", "sidekiq", "-r", "./worker.rb"]
+        imagePullPolicy: Always
+        envFrom:
+        - configMapRef:
+            name: inferno
+        - configMapRef:
+            name: postgresql-configmap
+        - secretRef:
+            name: postgresql-secret
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: inferno-app
+  namespace: {{ .Values.namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: inferno-app
+  template:
+    metadata:
+      labels:
+        app: inferno-app
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: amd64
+      initContainers:
+      - name: generate-static-files
+        image: {{ .Values.inferno.imageUrl }}
+        command: ["bundle", "exec", "rake", "web:generate"]
+        env:
+          - name: TX_SERVER_URL
+            value: {{ .Values.inferno.terminologyServer }}
+      - name: run-migrations
+        image: {{ .Values.inferno.imageUrl }}
+        imagePullPolicy: Always
+        command: ["bundle", "exec", "rake", "db:migrate"]
+        env:
+          - name: TX_SERVER_URL
+            value: {{ .Values.inferno.terminologyServer }}
+        envFrom:
+        - configMapRef:
+            name: inferno
+        - configMapRef:
+            name: postgresql-configmap
+        - secretRef:
+            name: postgresql-secret
+      containers:
+      - name: inferno-app
+        image: {{ .Values.inferno.imageUrl }}
+        imagePullPolicy: Always
+        ports:
+          - containerPort: 4567
+        env:
+          - name: TX_SERVER_URL
+            value: {{ .Values.inferno.terminologyServer }}
+        envFrom:
+        - configMapRef:
+            name: inferno
+        - configMapRef:
+            name: postgresql-configmap
+        - secretRef:
+            name: postgresql-secret
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: inferno-redis
+  namespace: {{ .Values.namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: inferno-redis
+  template:
+    metadata:
+      labels:
+        app: inferno-redis
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: amd64
+      containers:
+      - name: redis
+        image: redis:7.0.5-bullseye
+        imagePullPolicy: Always
+        ports:
+          - containerPort: 6379
+        env:
+          - name: MASTER
+            value: "true"
+        volumeMounts:
+          - mountPath: "/data"
+            name: redis-data
+      volumes:
+        - name: redis-data
+          persistentVolumeClaim:
+            claimName: redis-data
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: validator-api
+  namespace: {{ .Values.namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: validator-api
+  template:
+    metadata:
+      labels:
+        app: validator-api
+    spec:
+      nodeSelector:
+        kubernetes.io/arch: amd64
+      volumes:
+      - name: igs
+        emptyDir:
+          sizeLimit: "10M"
+      initContainers:
+      - name: copy-ig
+        image: {{ .Values.inferno.imageUrl }}
+        imagePullPolicy: Always
+        command: ["bash", "-c", "cp /opt/inferno/lib/inferno_platform_template/igs/*.tgz /home/igs"] # for dev/non core image
+        # command: ["bash", "-c", "cp /opt/inferno/lib/au_core_test_kit/igs/*.tgz /home/igs"] #for prod / core image
+        volumeMounts:
+        - name: igs
+          mountPath: /home/igs
+      containers:
+      - name: validator-api
+        image: pavelrozhkov/wrapper:6.3.11
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 3500
+        volumeMounts:
+        - name: igs
+          mountPath: /home/igs
+          readOnly: true
diff --git a/backup/services.yaml b/backup/services.yaml
@@ -0,0 +1,41 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: inferno
+  namespace: {{ .Values.namespace }}
+spec:
+  type: NodePort
+  ports:
+    - port: 4567
+      protocol: TCP
+      targetPort: 4567
+  selector:
+    app: inferno-app
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: inferno-redis
+  namespace: {{ .Values.namespace }}
+spec:
+  type: NodePort
+  ports:
+    - port: 6379
+      protocol: TCP
+      targetPort: 6379
+  selector:
+    app: inferno-redis
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: validator-api
+  namespace: {{ .Values.namespace }}
+spec:
+  type: NodePort
+  ports:
+    - port: 3500
+      protocol: TCP
+      targetPort: 3500
+  selector:
+    app: validator-api
diff --git a/infra/aws-impl/main.tf b/infra/aws-impl/main.tf
@@ -17,6 +17,7 @@ resource "helm_release" "inferno" {
   chart            = "../helm/inferno"
   namespace        = local.env_name
   create_namespace = true
+  reset_values = true
 
   values = [
     file("../helm/inferno/values.yaml"),

diff --git a/infra/aws-impl/variables.tf b/infra/aws-impl/variables.tf
@@ -35,5 +35,4 @@ variable "name" {
 variable "imageUrl" {
   description = "Image URL"
   type        = string
-  default     = "ghcr.io/hl7au/au-fhir-inferno:68270162fcc1997a9ffac63c78530921bf0f32cf"
 }
diff --git a/infra/helm/inferno/templates/configs/inferno-ingress.yaml b/infra/helm/inferno/templates/configs/inferno-ingress.yaml
@@ -11,7 +11,7 @@ spec:
   ingressClassName: {{ .Values.controller.ingressClass }}
   tls:
     - hosts:
-        -  {{ .Values.externalDomain }}
+        - {{ .Values.externalDomain }}
       secretName: inferno-tls
   rules:
     - host: {{ .Values.externalDomain }}
@@ -30,4 +30,4 @@ spec:
               service:
                 name: inferno
                 port:
-                  number: 4567
+                  name: nginx