diff --git a/apps/django/base/frontend-deployment.yaml b/apps/django/base/frontend-deployment.yaml index 713eaa7..a201e4b 100644 --- a/apps/django/base/frontend-deployment.yaml +++ b/apps/django/base/frontend-deployment.yaml @@ -16,6 +16,14 @@ spec: labels: app: frontend spec: + volumes: + - name: nginx-configmap + configMap: + name: nginx-configmap + items: + - key: nginx.conf + path: nginx.conf + defaultMode: 420 containers: - name: frontend image: cr.yandex/crp3ccidau046kdj8g9q/sarex-frontend-dev:contour_0b579274 @@ -28,5 +36,9 @@ spec: requests: cpu: 100m memory: 100Mi + volumeMounts: + - name: nginx-configmap + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf imagePullSecrets: - name: regcred diff --git a/apps/django/base/frontend-service.yaml b/apps/django/base/frontend-service.yaml index ab9f927..f2c3ba6 100644 --- a/apps/django/base/frontend-service.yaml +++ b/apps/django/base/frontend-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: frontend-service + name: frontend-svc namespace: django spec: type: ClusterIP diff --git a/apps/django/base/kustomization.yaml b/apps/django/base/kustomization.yaml index 9bebc20..80faec9 100644 --- a/apps/django/base/kustomization.yaml +++ b/apps/django/base/kustomization.yaml @@ -11,3 +11,6 @@ resources: - backend-service.yaml - frontend-service.yaml - django-configmap.yaml + - srx-admin-deployment.yaml + - srx-admin-service.yaml + - nginx-configmap.yaml diff --git a/apps/django/base/nginx-configmap.yaml b/apps/django/base/nginx-configmap.yaml new file mode 100644 index 0000000..15b9bcc --- /dev/null +++ b/apps/django/base/nginx-configmap.yaml @@ -0,0 +1,107 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-configmap + namespace: django +data: + nginx.conf: | + worker_processes auto; + + pid /var/run/nginx.pid; + + events { + use epoll; + worker_connections 1024; + } + + http { + + # Basic Settings + large_client_header_buffers 8 128k; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 300; + types_hash_max_size 2048; + client_max_body_size 5000M; + client_header_buffer_size 5M; + # server_tokens off; + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Logging Settings + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + # GZIP Settings + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + server { + listen 80; + listen [::]:80; + root /opt/react_client/; + + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' '*' always; + add_header 'Access-Control-Allow-Headers' '*' always; + + location = /static/index.bundle.js { + add_header Cache-Control 'no-store no-cache, must-revalidate, proxy-revalidate, max-age=0'; + if_modified_since off; + expires off; + } + location ~^/api/pm/ { + #rewrite /api/(.+) /$1 break; + proxy_set_header Host $host; + proxy_pass http://backend-svc.pm.svc.cluster.local:8000; + } + + location ~^/api/v1/documents/ { + #rewrite /api/(.+) /$1 break; + proxy_set_header Host $host; + proxy_pass http://backend-filestream-svc.documentations.svc.cluster.local:80; + } + + # location ~^/(api|admin)/ { + # proxy_set_header Host $host; + # proxy_pass http://backend-svc.django.svc.cluster.local:80; + # } + + location ~^/workspaces-v2/(.+).js { + rewrite /workspaces-v2/(.+) /$1 break; + proxy_pass http://frontend-svc.workspaces.svc.cluster.local:80; + } + + location @index { + add_header Cache-Control 'no-cache, must-revalidate, proxy-revalidate, max-age=0'; + if_modified_since off; + expires off; + try_files /static/index.html =404; + } + + location ~^/workflows/(.+).js { + rewrite /workflows/(.+) /$1 break; + proxy_pass http://frontend-svc.processing.svc.cluster.local:80; + } + location /service-worker.js { + try_files /static/$uri @index; + } + + location / { + try_files $uri @index; + } + } + } + diff --git a/apps/django/base/srx-admin-deployment.yaml b/apps/django/base/srx-admin-deployment.yaml new file mode 100644 index 0000000..0382474 --- /dev/null +++ b/apps/django/base/srx-admin-deployment.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: srx-admin-frontend + namespace: django + labels: + app: srx-admin-frontend +spec: + replicas: 1 + selector: + matchLabels: + app: srx-admin-frontend + template: + metadata: + labels: + app: srx-admin-frontend + spec: + containers: + - name: srx-admin-frontend + image: cr.yandex/crp3ccidau046kdj8g9q/srx-admin:prod_3b9cb250 + imagePullPolicy: IfNotPresent + ports: + - name: http + containerPort: 80 + protocol: TCP + resources: + requests: + cpu: 100m + memory: 100Mi + imagePullSecrets: + - name: regcred diff --git a/apps/django/base/srx-admin-service.yaml b/apps/django/base/srx-admin-service.yaml new file mode 100644 index 0000000..0d1b912 --- /dev/null +++ b/apps/django/base/srx-admin-service.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: srx-admin-svc + namespace: django +spec: + type: ClusterIP + selector: + app: srx-admin + ports: + - name: http + port: 80 + targetPort: 80 + protocol: TCP diff --git a/apps/pm/base/backend-service.yaml b/apps/pm/base/backend-service.yaml index 69f6c27..55abdc2 100644 --- a/apps/pm/base/backend-service.yaml +++ b/apps/pm/base/backend-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: backend-service + name: backend-svc namespace: pm spec: type: ClusterIP diff --git a/apps/processing/base/frontend-service.yaml b/apps/processing/base/frontend-service.yaml index 024ea55..14a2a63 100644 --- a/apps/processing/base/frontend-service.yaml +++ b/apps/processing/base/frontend-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: frontend-service + name: frontend-svc namespace: processing spec: type: ClusterIP diff --git a/apps/workspaces/base/frontend-service.yaml b/apps/workspaces/base/frontend-service.yaml index b09b11e..9d8cfdd 100644 --- a/apps/workspaces/base/frontend-service.yaml +++ b/apps/workspaces/base/frontend-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: frontend-service + name: frontend-svc namespace: workspaces spec: type: ClusterIP diff --git a/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml b/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml index 8f62d89..612b6bf 100644 --- a/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml +++ b/clusters/yc-k8s-test/infrastructure/patches/istio-config.yaml @@ -168,7 +168,7 @@ spec: tls: credentialName: camunda-optimize-tls virtualServices: - platform: + platform-frontend: name: sarex-frontend-virt-service namespace: gateway hosts: @@ -178,7 +178,19 @@ spec: routes: - path: prefix: / - service: frontend-service.django.svc.cluster.local + service: frontend-svc.django.svc.cluster.local + port: 80 + platform-api: + name: sarex-backend-virt-service + namespace: gateway + hosts: + - sarex.contour.infra.sarex.tech + gateways: + - gateway/platform-gateway + routes: + - path: + prefix: /api/ + service: backend-svc.django.svc.cluster.local port: 80 vault: name: vault-virt-service