Skip to content
Graham Gilbert edited this page May 27, 2021 · 4 revisions

Kubernetes Installation instructions

The following is not a definitive process of adding Sal to Kubernetes but instead an overview of the types of config you can do.

Resources & Assumptions

The following is based on the assumption that you have a compatible database you wish to use and a Kubernetes cluster with relevant tooling setup.

This guide is not complete and is best efforts as API compatibility changes with Version and environment.

Secrets

The provided resource definitions reference secrets that must be added to the Kubernetes cluster before the associated pods can start.

These secrets are

The resource definitions ensure that the secrets are loaded as environment variables (or mounted to the filesystem in the case of the TLS certificate and private key. If the secrets are not defined, containers will not start.

Creating Secrets

The recommended method for creating secrets is to save the secret values into files, and then create the secret resources using the kubectl create secret command.

Deployment.yml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: "sal"
  namespace: "default"
  labels:
    k8s-app: "sal"
spec:
  revisionHistoryLimit: 2
  replicas: 1
  template:
    metadata:
      labels:
        k8s-app: "sal"
        component: "sal"
      annotations:
        poddns/name: "sal"
        poddns/port: "443"
    spec:
      containers:
      - name: sal
        image: macadmins/sal-saml:3.3.16
        imagePullPolicy: Always
        command:
        - "/run.sh"
        ports:
        - containerPort: 8080
          name: sal-server
          protocol: TCP
        env:
        - name: DB_NAME
          value: ""
        - name: DB_USER
          value: ""
        - name: DB_HOST
          value: ""
        - name: DB_PASS
          value: ""
        - name: DB_PORT
          value: "5432"
        - name: MEMCACHED_PORT_11211_TCP_ADDR
          value: "memcached"
        volumeMounts:
      # - mountPath: /home/docker/sal/sal/settings.py
      #   name: cfgmap
      #   subPath: settings.py
      # - mountPath: /home/docker/sal/sal/metadata.xml
      #    name: cfgmap
      #    subPath: metadata.xml
        - mountPath: /home/docker/sal/plugins
          name: sal-plugins
      - name: memcached
        image: memcached:1.4.37
        ports:
        - containerPort: 11211
          name: memcached
          protocol: TCP
      volumes:
        - name: cfgmap
          configMap:
            name: sal"-config
        - name: sal-plugins
          gcePersistentDisk:
            pdName: fooBarDiskName
            fsType: ext4

Service.yml

apiVersion: v1
kind: Service
metadata:
  annotations:
    prometheus.io/scrape: "true"
  labels:
    k8s-app: sal
  name: sal
  namespace: default
spec:
  ports:
  - port: 8080
    name: sal-http
    protocol: TCP
    targetPort: 8080
  selector:
    k8s-app: sal
  type: ClusterIP
Clone this wiki locally