kaffa/cf-bouncer-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add K8s manifests and CD pipeline for K3s deployment

Browse Source 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
kaffa
2026-02-09 12:16:24 +09:00
parent eff0572107
commit 6179454cd8
4 changed files with 108 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
k8s/configmap.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: cfb-manager-config
namespace: default
data:
CFB_BOUNCER_HOST: "10.253.100.131"
CFB_BOUNCER_PORT: "22"
CFB_BOUNCER_USER: "root"
CFB_CROWDSEC_HOST: "10.253.100.240"
CFB_CROWDSEC_PORT: "22"
CFB_CROWDSEC_USER: "root"

55
k8s/deployment.yaml Normal file
View File

@@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: cfb-manager
namespace: default
spec:
replicas: 1
selector:
matchLabels:
app: cfb-manager
template:
metadata:
labels:
app: cfb-manager
spec:
imagePullSecrets:
- name: gitea-registry
containers:
- name: cfb-manager
image: gitea.anvil.it.com/kaffa/cf-bouncer-manager:latest
command: ["uv", "run", "uvicorn", "api_server:app", "--host", "0.0.0.0", "--port", "8000"]
ports:
- containerPort: 8000
envFrom:
- configMapRef:
name: cfb-manager-config
volumeMounts:
- name: ssh-key
mountPath: /root/.ssh
readOnly: true
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
readinessProbe:
tcpSocket:
port: 8000
initialDelaySeconds: 10
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 8000
initialDelaySeconds: 60
periodSeconds: 30
volumes:
- name: ssh-key
secret:
secretName: cfb-ssh-key
defaultMode: 0600
items:
- key: id_rsa
path: id_rsa

13
k8s/service.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: cfb-manager
namespace: default
spec:
type: ClusterIP
selector:
app: cfb-manager
ports:
- port: 8000
targetPort: 8000
protocol: TCP