From c3a8ca03daa6bc74ca762b7b699b22bd4c4b1ab8 Mon Sep 17 00:00:00 2001 From: Marcus Noble Date: Sat, 14 May 2022 09:47:19 +0000 Subject: [PATCH] Added k8s.social --- manifests/_apps/mastodon.yaml | 28 ++++ manifests/mastodon/config.yaml | 33 +++++ manifests/mastodon/hpa.yaml | 73 ++++++++++ manifests/mastodon/ingess.yaml | 38 +++++ manifests/mastodon/mastodon.yaml | 234 +++++++++++++++++++++++++++++++ manifests/mastodon/utils.yaml | 129 +++++++++++++++++ 6 files changed, 535 insertions(+) create mode 100644 manifests/_apps/mastodon.yaml create mode 100644 manifests/mastodon/config.yaml create mode 100644 manifests/mastodon/hpa.yaml create mode 100644 manifests/mastodon/ingess.yaml create mode 100644 manifests/mastodon/mastodon.yaml create mode 100644 manifests/mastodon/utils.yaml diff --git a/manifests/_apps/mastodon.yaml b/manifests/_apps/mastodon.yaml new file mode 100644 index 0000000..9e5adeb --- /dev/null +++ b/manifests/_apps/mastodon.yaml @@ -0,0 +1,28 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: mastodon + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: cluster.fun + destination: + namespace: mastodon + name: cluster-fun (scaleway) + source: + path: manifests/mastodon + repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" + targetRevision: HEAD + syncPolicy: + automated: {} + syncOptions: + - CreateNamespace=true + ignoreDifferences: + - kind: Secret + jsonPointers: + - /data + - group: apps + kind: Deployment + jqPathExpressions: + - .spec.template.spec.containers[]?.image diff --git a/manifests/mastodon/config.yaml b/manifests/mastodon/config.yaml new file mode 100644 index 0000000..c962565 --- /dev/null +++ b/manifests/mastodon/config.yaml @@ -0,0 +1,33 @@ + +apiVersion: v1 +kind: Secret +metadata: + name: mastodon + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: mastodon + annotations: + kube-1password: wjhd3mxtyqslcu7sc4tfihm2dy + kube-1password/vault: Kubernetes + kube-1password/secret-text-parse: "true" +type: Opaque + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: mastodon-env + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: mastodon +data: + DEFAULT_LOCALE: en + LOCAL_DOMAIN: k8s.social + MALLOC_ARENA_MAX: "2" + NODE_ENV: "production" + RAILS_ENV: "production" + STREAMING_CLUSTER_NUM: "2" + WEB_CONCURRENCY: "2" +--- \ No newline at end of file diff --git a/manifests/mastodon/hpa.yaml b/manifests/mastodon/hpa.yaml new file mode 100644 index 0000000..402a083 --- /dev/null +++ b/manifests/mastodon/hpa.yaml @@ -0,0 +1,73 @@ + +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: mastodon-web + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: web +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: mastodon-web + minReplicas: 2 + maxReplicas: 4 + metrics: + - type: Resource + resource: + name: cpu + target: + averageUtilization: 80 + type: Utilization +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: mastodon-sidekiq + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: sidekiq +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: mastodon-sidekiq + minReplicas: 2 + maxReplicas: 6 + metrics: + - type: Resource + resource: + name: cpu + target: + averageUtilization: 80 + type: Utilization +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: mastodon-streaming + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: streaming +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: mastodon-streaming + minReplicas: 2 + maxReplicas: 6 + metrics: + - type: Resource + resource: + name: cpu + target: + averageUtilization: 80 + type: Utilization +--- diff --git a/manifests/mastodon/ingess.yaml b/manifests/mastodon/ingess.yaml new file mode 100644 index 0000000..f83bb88 --- /dev/null +++ b/manifests/mastodon/ingess.yaml @@ -0,0 +1,38 @@ + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: mastodon + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + annotations: + cert-manager.io/cluster-issuer: letsencrypt + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/proxy-body-size: 40m +spec: + tls: + - hosts: + - "k8s.social" + - "streaming.k8s.social" + secretName: mastodon-tls + rules: + - host: "k8s.social" + http: + paths: + - path: / + backend: + service: + name: mastodon-web + port: + number: 3000 + pathType: ImplementationSpecific + - path: /api/v1/streaming + backend: + service: + name: mastodon-streaming + port: + number: 4000 + pathType: ImplementationSpecific +--- diff --git a/manifests/mastodon/mastodon.yaml b/manifests/mastodon/mastodon.yaml new file mode 100644 index 0000000..82054a5 --- /dev/null +++ b/manifests/mastodon/mastodon.yaml @@ -0,0 +1,234 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mastodon + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" +--- + +apiVersion: v1 +kind: Service +metadata: + name: mastodon-streaming + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: streaming +spec: + type: ClusterIP + ports: + - port: 4000 + targetPort: streaming + protocol: TCP + name: streaming + selector: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: streaming + +--- + +apiVersion: v1 +kind: Service +metadata: + name: mastodon-web + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: web +spec: + type: ClusterIP + ports: + - port: 3000 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: web + +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mastodon-sidekiq + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: sidekiq + annotations: + configmap.reloader.stakater.com/reload: "mastodon-env" + secret.reloader.stakater.com/reload: "mastodon" +spec: + selector: + matchLabels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: sidekiq + template: + metadata: + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: sidekiq + spec: + serviceAccountName: mastodon + securityContext: + fsGroup: 991 + runAsGroup: 991 + runAsUser: 991 + containers: + - name: mastodon + image: "tootsuite/mastodon:v3.5.2" + imagePullPolicy: IfNotPresent + command: + - bundle + - exec + - sidekiq + - -c + - "25" + envFrom: + - configMapRef: + name: mastodon-env + - secretRef: + name: mastodon + resources: + requests: + memory: 350Mi + cpu: 25m +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mastodon-streaming + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: streaming + annotations: + configmap.reloader.stakater.com/reload: "mastodon-env" + secret.reloader.stakater.com/reload: "mastodon" +spec: + selector: + matchLabels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: streaming + template: + metadata: + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: streaming + spec: + serviceAccountName: mastodon + securityContext: + fsGroup: 991 + runAsGroup: 991 + runAsUser: 991 + containers: + - name: mastodon + image: "tootsuite/mastodon:v3.5.2" + imagePullPolicy: IfNotPresent + command: + - node + - ./streaming + envFrom: + - configMapRef: + name: mastodon-env + - secretRef: + name: mastodon + env: + - name: "PORT" + value: "4000" + ports: + - name: streaming + containerPort: 4000 + protocol: TCP + livenessProbe: + httpGet: + path: /api/v1/streaming/health + port: streaming + readinessProbe: + httpGet: + path: /api/v1/streaming/health + port: streaming + resources: + requests: + memory: 500Mi + cpu: 8m +--- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mastodon-web + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: web + annotations: + configmap.reloader.stakater.com/reload: "mastodon-env" + secret.reloader.stakater.com/reload: "mastodon" +spec: + selector: + matchLabels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: web + template: + metadata: + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: web + spec: + serviceAccountName: mastodon + securityContext: + fsGroup: 991 + runAsGroup: 991 + runAsUser: 991 + containers: + - name: mastodon + image: "tootsuite/mastodon:v3.5.2" + imagePullPolicy: IfNotPresent + command: + - bundle + - exec + - puma + - -C + - config/puma.rb + envFrom: + - configMapRef: + name: mastodon-env + - secretRef: + name: mastodon + env: + - name: "PORT" + value: "3000" + ports: + - name: http + containerPort: 3000 + protocol: TCP + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 30 + periodSeconds: 10 + resources: + requests: + memory: 600Mi + cpu: 8m +--- diff --git a/manifests/mastodon/utils.yaml b/manifests/mastodon/utils.yaml new file mode 100644 index 0000000..60c84da --- /dev/null +++ b/manifests/mastodon/utils.yaml @@ -0,0 +1,129 @@ +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: mastodon-media-remove + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: utils + annotations: + description: | + Runs weekly to remove old media +spec: + schedule: 0 0 * * 0 + jobTemplate: + spec: + backoffLimit: 3 + ttlSecondsAfterFinished: 86400 + template: + metadata: + name: mastodon-media-remove + spec: + restartPolicy: OnFailure + containers: + - name: mastodon-media-remove + image: "tootsuite/mastodon:v3.5.2" + imagePullPolicy: IfNotPresent + command: + - bash + - -c + - | + bin/tootctl media remove + bin/tootctl preview_cards remove + envFrom: + - configMapRef: + name: mastodon-env + - secretRef: + name: mastodon + env: + - name: "PORT" + value: "3000" +--- + + +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: mastodon-assets-precompile + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: utils + annotations: + description: | + Manually trigger post-install to pre-compile the assets +spec: + schedule: 0 0 * * 0 + suspend: true + jobTemplate: + spec: + backoffLimit: 3 + ttlSecondsAfterFinished: 86400 + template: + metadata: + name: mastodon-assets-precompile + spec: + restartPolicy: OnFailure + containers: + - name: mastodon-assets-precompile + image: "tootsuite/mastodon:v3.5.2" + imagePullPolicy: IfNotPresent + command: + - bash + - -c + - | + bundle exec rake assets:precompile && yarn cache clean + envFrom: + - configMapRef: + name: mastodon-env + - secretRef: + name: mastodon + env: + - name: "PORT" + value: "3000" +--- + +apiVersion: batch/v1beta1 +kind: CronJob +metadata: + name: mastodon-db-migrate + namespace: mastodon + labels: + app.kubernetes.io/name: mastodon + app.kubernetes.io/instance: "k8s.social" + app.kubernetes.io/component: utils + annotations: + description: | + Manually trigger post-install/upgrade to migrate the database schema +spec: + schedule: 0 0 * * 0 + suspend: true + jobTemplate: + spec: + backoffLimit: 3 + ttlSecondsAfterFinished: 86400 + template: + metadata: + name: mastodon-db-migrate + spec: + restartPolicy: OnFailure + containers: + - name: mastodon-db-migrate + image: "tootsuite/mastodon:v3.5.2" + imagePullPolicy: IfNotPresent + command: + - bundle + - exec + - rake + - db:migrate + envFrom: + - configMapRef: + name: mastodon-env + - secretRef: + name: mastodon + env: + - name: "PORT" + value: "3000" +---