--- # Role: smartapp # Template: smartapp-api.yml.j2 # Déploiement de l'API backend SmartApp # Variables: # {{ smartapp_namespace }} - Namespace Kubernetes (défaut: smartapp) # {{ smartapp_domain }} - Domaine public (défaut: api-smartapp.digitribe.fr) --- apiVersion: v1 kind: Namespace metadata: name: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" --- apiVersion: v1 kind: ConfigMap metadata: name: smartapp-api-config namespace: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" data: APP_ENV: "production" APP_PORT: "8080" LOG_LEVEL: "info" CORS_ORIGINS: "https://smartapp.digitribe.fr" DATABASE_POOL_SIZE: "10" REDIS_POOL_SIZE: "5" --- apiVersion: v1 kind: Secret metadata: name: smartapp-api-secrets namespace: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" type: Opaque stringData: DATABASE_URL: "postgresql://smartapp:{{ smartapp_db_password | default('changeme') }}@postgres.smartapp.svc.cluster.local:5432/smartapp" REDIS_URL: "redis://redis.smartapp.svc.cluster.local:6379/0" JWT_SECRET: "{{ smartapp_jwt_secret | default('change-this-secret-in-production') }}" --- apiVersion: apps/v1 kind: Deployment metadata: name: smartapp-api namespace: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" spec: replicas: 2 selector: matchLabels: app: smartapp component: api strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: smartapp component: api version: "1.0" spec: containers: - name: api image: digitribe/smartapp-api:{{ smartapp_api_version | default('latest') }} imagePullPolicy: IfNotPresent ports: - name: http containerPort: 8080 protocol: TCP envFrom: - configMapRef: name: smartapp-api-config env: - name: DATABASE_URL valueFrom: secretKeyRef: name: smartapp-api-secrets key: DATABASE_URL - name: REDIS_URL valueFrom: secretKeyRef: name: smartapp-api-secrets key: REDIS_URL - name: JWT_SECRET valueFrom: secretKeyRef: name: smartapp-api-secrets key: JWT_SECRET resources: requests: cpu: "250m" memory: "512Mi" limits: cpu: "1000m" memory: "1Gi" livenessProbe: httpGet: path: /api/v1/health/live port: http initialDelaySeconds: 15 periodSeconds: 20 timeoutSeconds: 5 failureThreshold: 3 readinessProbe: httpGet: path: /api/v1/health/ready port: http initialDelaySeconds: 10 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 startupProbe: httpGet: path: /api/v1/health/live port: http initialDelaySeconds: 5 periodSeconds: 5 failureThreshold: 12 affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: app operator: In values: - smartapp - key: component operator: In values: - api topologyKey: kubernetes.io/hostname --- apiVersion: v1 kind: Service metadata: name: smartapp-api namespace: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" spec: type: ClusterIP selector: app: smartapp component: api ports: - name: http port: 8080 targetPort: 8080 protocol: TCP --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: smartapp-api namespace: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" annotations: nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: "10m" nginx.ingress.kubernetes.io/rate-limit: "100" nginx.ingress.kubernetes.io/rate-limit-window: "1m" cert-manager.io/cluster-issuer: "letsencrypt-prod" spec: ingressClassName: nginx tls: - hosts: - {{ smartapp_domain | default('api-smartapp.digitribe.fr') }} secretName: smartapp-api-tls rules: - host: {{ smartapp_domain | default('api-smartapp.digitribe.fr') }} http: paths: - path: / pathType: Prefix backend: service: name: smartapp-api port: number: 8080 --- apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: smartapp-api namespace: {{ smartapp_namespace | default('smartapp') }} labels: app: smartapp component: api version: "1.0" spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: smartapp-api minReplicas: 2 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 70 - type: Resource resource: name: memory target: type: Utilization averageUtilization: 80 behavior: scaleUp: stabilizationWindowSeconds: 60 policies: - type: Percent value: 50 periodSeconds: 60 scaleDown: stabilizationWindowSeconds: 300 policies: - type: Percent value: 25 periodSeconds: 120