Gnous/mattermost
Archived
2
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Switched rc -> deployment and using secret instead of configmap.

Browse Source 
Added README with steps to run postgres.
This commit is contained in:
Justin Garrison 2016-09-18 22:04:44 -07:00
parent 9773fa0ce1
commit c8a5cfa236
7 changed files with 185 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
k8s/README.md Normal file
View File

@ -0,0 +1,105 @@
Mattermost on Kubernetes
=======
You can use these manifests as a starting point to run Mattermost on kubernetes.
If you already have a Kubernetes cluster you can skip this first step.
### Start local Kubernetes cluster
To get started we can use [minikube](https://github.com/kubernetes/minikube/) to run a local kubernetes cluster.
Download and install minikube and any dependancies for your operating system (see minikube readme). You will also need to install [kubectl](http://kubernetes.io/docs/user-guide/prereqs/).
Start the minikube VM
```
minikube start
```
### Start a Postgres database
#### WARNING: The database is not backup up and will lose all data if the pod is restarted. Consider using a [persistent volume](http://kubernetes.io/docs/user-guide/persistent-volumes/) for storing pgdata
This will run a postgres deployment with default values for database name, username, and password.
```
kubectl run postgres --image=postgres:9 \
--env="POSTGRES_PASSWORD=mmuser_password" \
--env="POSTGRES_DB=mattermost" \
--env="POSTGRES_USER=mmuser"
```
Expose the postgres database as a service named "db"
```
kubectl expose deployment postgres \
--name=db \
--port 5432 \
--target-port 5432
```
### Run Mattermost container
The Mattermost application is split into three manifests.
First create the secret which will set the environment varibles for the main application container. If you changed the values for the Postgres container you will also need to set the values in mattermost.secret.yaml using the [manual steps for creating a secret](http://kubernetes.io/docs/user-guide/secrets/#creating-a-secret-manually).
```
kubectl create -f mattermost.secret.yaml
```
Next create the mattermost deployment (main application) with
```
kubectl create -f mattermost.deployment.yaml
```
You should check that the pod started successfully with `kubectl get po -l app=mattermost`
Finally you can expose the application with a service so you can easily access the application from a web browser. The example service is using a `type: NodePort` which means it will be exposed on a random high port on your cluster nodes (or minikube VM if you're using minikube).
```
kubectl create -f mattermost.svc.yaml
```
Now you can get your VM's IP address with
```
minikube ip
192.168.99.100
```
and the exposed port for the application with
```
kubectl describe svc mattermost
Name: mattermost
Namespace: default
Labels: <none>
Selector: app=mattermost,tier=app
Type: NodePort
IP: 10.0.0.194
Port: http 80/TCP
NodePort: http 32283/TCP
Endpoints: 172.17.0.4:80
Session Affinity: None
No events.
```
Make sure the Endpoints shows an IP address. This should correlate to the pod IP started by the deployment.
Now browse to your node IP and exposed NodePort in your browser to view the application or test it with curl
```
curl -L http://192.168.99.100:32283
```
### Optional steps
* If you want your data to be persistent you will need to make persistent volume for Mattermost and Postgres.
* If you want to change advanced settings for the mattermost container you can make a [configMap](http://blog.kubernetes.io/2016/04/configuration-management-with-containers.html) for the /mattermost/config/config.json file
* If you want the application exposed on port 80 you can either specify the port in the service manifest or use an ingress controller and an ingress mapp for the mattermost service. A sample ingress map would be
```
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mattermost
spec:
rules:
- host: mattermost
http:
paths:
- backend:
serviceName: mattermost
servicePort: 80
```

102
k8s/mattermost.configmap.yaml
View File

@ -1,102 +0,0 @@
kind: ConfigMap
apiVersion: v1
metadata:
name: mattermost.config
namespace: default
data:
config.json: |-
{
"ServiceSettings": {
"ListenAddress": ":80",
"MaximumLoginAttempts": 10,
"SegmentDeveloperKey": "",
"GoogleDeveloperKey": "",
"EnableOAuthServiceProvider": false,
"EnableIncomingWebhooks": false,
"EnableOutgoingWebhooks": false,
"EnablePostUsernameOverride": false,
"EnablePostIconOverride": false,
"EnableTesting": false,
"EnableSecurityFixAlert": true
},
"TeamSettings": {
"SiteName": "Mattermost",
"MaxUsersPerTeam": 50,
"EnableTeamCreation": true,
"EnableUserCreation": true,
"RestrictCreationToDomains": "",
"RestrictTeamNames": true,
"EnableTeamListing": false
},
"SqlSettings": {
"DriverName": "postgres",
"DataSource": "postgres://mmuser:mmuser_password@mattermost-db:5432/mattermost?sslmode=disable&connect_timeout=10",
"DataSourceReplicas": [],
"MaxIdleConns": 10,
"MaxOpenConns": 10,
"Trace": false,
"AtRestEncryptKey": "7rAh6iwQCkV4cA1Gsg3fgGOXJAQ43QVg"
},
"LogSettings": {
"EnableConsole": false,
"ConsoleLevel": "INFO",
"EnableFile": true,
"FileLevel": "INFO",
"FileFormat": "",
"FileLocation": ""
},
"FileSettings": {
"DriverName": "local",
"Directory": "/mattermost/data/",
"EnablePublicLink": true,
"PublicLinkSalt": "A705AklYF8MFDOfcwh3I488G8vtLlVip",
"ThumbnailWidth": 120,
"ThumbnailHeight": 100,
"PreviewWidth": 1024,
"PreviewHeight": 0,
"ProfileWidth": 128,
"ProfileHeight": 128,
"InitialFont": "luximbi.ttf",
"AmazonS3AccessKeyId": "",
"AmazonS3SecretAccessKey": "",
"AmazonS3Bucket": "",
"AmazonS3Region": ""
},
"EmailSettings": {
"EnableSignUpWithEmail": true,
"SendEmailNotifications": false,
"RequireEmailVerification": false,
"FeedbackName": "",
"FeedbackEmail": "",
"SMTPUsername": "",
"SMTPPassword": "",
"SMTPServer": "",
"SMTPPort": "",
"ConnectionSecurity": "",
"InviteSalt": "bjlSR4QqkXFBr7TP4oDzlfZmcNuH9YoS",
"PasswordResetSalt": "vZ4DcKyVVRlKHHJpexcuXzojkE5PZ5eL",
"ApplePushServer": "",
"ApplePushCertPublic": "",
"ApplePushCertPrivate": ""
},
"RateLimitSettings": {
"EnableRateLimiter": true,
"PerSec": 10,
"MemoryStoreSize": 10000,
"VaryByRemoteAddr": true,
"VaryByHeader": ""
},
"PrivacySettings": {
"ShowEmailAddress": true,
"ShowFullName": true
},
"GitLabSettings": {
"Enable": false,
"Secret": "",
"Id": "",
"Scope": "",
"AuthEndpoint": "",
"TokenEndpoint": "",
"UserApiEndpoint": ""
}
}

61
k8s/mattermost.deployment.yaml Normal file
View File

@ -0,0 +1,61 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: mattermost-app
labels:
app: mattermost
tier: app
namespace: default
spec:
replicas: 1
template:
metadata:
name: mattermost-app
labels:
app: mattermost
tier: app
spec:
containers:
- name: mattermost-app
image: "mattermost/mattermost-prod-app:3"
env:
- name: DB_HOST
valueFrom:
secretKeyRef:
name: mattermost.env
key: db-host
- name: DB_PORT
valueFrom:
secretKeyRef:
name: mattermost.env
key: db-port
- name: MM_USERNAME
valueFrom:
secretKeyRef:
name: mattermost.env
key: mm-username
- name: MM_PASSWORD
valueFrom:
secretKeyRef:
name: mattermost.env
key: mm-password
- name: MM_DBNAME
valueFrom:
secretKeyRef:
name: mattermost.env
key: mm-dbname
volumeMounts:
# optional persistant storage
#- name: appdata
#mountPath: /mattermost/data
- name: etclocaltime
mountPath: /etc/localtime
readOnly: true
volumes:
# optional persistant storage
#- name: appdata
#persistentVolumeClaim:
# claimName: mattermost-app
- name: etclocaltime
hostPath:
path: /etc/localtime

13
k8s/mattermost.ing.yaml
View File

@ -1,13 +0,0 @@
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mattermost
spec:
rules:
- host: mattermost
http:
paths:
- backend:
serviceName: mattermost
servicePort: 80

44
k8s/mattermost.rc.yml
View File

@ -1,44 +0,0 @@
apiVersion: v1
kind: ReplicationController
metadata:
name: mattermost-app
labels:
app: mattermost
tier: app
namespace: default
spec:
replicas: 1
selector:
app: mattermost
tier: app
template:
metadata:
name: mattermost-app
labels:
app: mattermost
tier: app
spec:
containers:
- name: mattermost-app
image: "mattermost/mattermost-prod-app"
env:
- name: DB_HOST
value: "mattermost-db"
volumeMounts:
- name: appconfig
mountPath: /mattermost/config
- name: appdata
mountPath: /mattermost/data
- name: etclocaltime
mountPath: /etc/localtime
readOnly: true
volumes:
- name: appconfig
configMap:
name: mattermost.config
- name: appdata
persistentVolumeClaim:
claimName: mattermost-app
- name: etclocaltime
hostPath:
path: /etc/localtime

19
k8s/mattermost.secret.yaml Normal file
View File

@ -0,0 +1,19 @@
kind: Secret
apiVersion: v1
metadata:
name: mattermost.env
namespace: default
type: Opaque
data:
# see http://kubernetes.io/docs/user-guide/secrets/#creating-a-secret-using-kubectl-create-secret
# for creating secrets manually
# db
db-host: ZGI=
# 5432
db-port: NTQzMg==
# mmuser
mm-username: bW11c2Vy
# mmuser_password
mm-password: bW11c2VyX3Bhc3N3b3Jk
# mattermost
mm-dbname: bWF0dGVybW9zdA==

0
k8s/mattermost.svc.yml → k8s/mattermost.svc.yaml
View File