Развертывание API
Обновлено: 05.03.2024
API — публичный веб-сервис. Обязательно использование TLS.
Деплоймент:
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-deployment
namespace: timetta
labels:
appName: api-deployment
spec:
replicas: 1
selector:
matchLabels:
appName: api-app
template:
metadata:
labels:
appName: api-app
spec:
containers:
- name: api
image:cr.yandex/crpr8bvek949tq2fuqkf/api:latest
imagePullPolicy: "Always"
ports:
- protocol: TCP
containerPort: 5400
env:
- name: "ASPNETCORE_URLS"
value: "http://*:5400"
volumeMounts:
- mountPath: /app/secrets
name: app-settings-secret
readOnly: true
volumes:
- name: app-settings-secret
projected:
sources:
- secret:
name: app-settings
- secret:
name: kafka-cert
imagePullSecrets:
- name: service-settings
Сервис и ingress-контроллер:
---
apiVersion: v1
kind: Service
metadata:
name: api-service
namespace: timetta
spec:
selector:
appName: api-app
ports:
- protocol: TCP
port: 80
targetPort: 5400
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: api-ingress
namespace: timetta
annotations:
cert-manager.io/cluster-issuer: "letsencrypt"
nginx.ingress.kubernetes.io/proxy-body-size: 16m
nginx.ingress.kubernetes.io/proxy-buffer-size: "64k"
nginx.ingress.kubernetes.io/proxy-buffers-number: "8"
nginx.ingress.kubernetes.io/proxy-read-timeout: "360"
nginx.ingress.kubernetes.io/proxy-send-timeout: "360"
spec:
ingressClassName: "nginx"
tls:
- hosts:
- api.your-domain.com
secretName: api-timetta-tls
rules:
- host: api.your-domain.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: api-service
port:
number: 80