Merge pull request #10 from WanderaOrg/deployment-examples

Deployment examples

README.md

@@ -1,22 +1,34 @@
-# git2kube - Git to K8s ConfigMap
+# git2kube - From Git to Kubernetes
            
 [![Build Status](https://travis-ci.org/WanderaOrg/git2kube.svg?branch=master)](https://travis-ci.org/WanderaOrg/git2kube)
 [![Docker Build Status](https://img.shields.io/docker/build/wanderadock/git2kube.svg)](https://hub.docker.com/r/wanderadock/git2kube/)
 [![Go Report Card](https://goreportcard.com/badge/github.com/WanderaOrg/git2kube)](https://goreportcard.com/report/github.com/WanderaOrg/git2kube)
 [![GitHub release](https://img.shields.io/github/release/WanderaOrg/git2kube.svg)](https://github.com/WanderaOrg/git2kube/releases/latest)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://github.com/WanderaOrg/scccmd/blob/master/LICENSE)
 
-Tool for syncing git with K8s ConfigMap.
+Tool for syncing git with Kubernetes.
 
-### How to develop
-* Checkout into your GOROOT directory (e.g. /go/src/github.com/WanderaOrg/git2kube)
-* `cd` into the folder and run `dep ensure --vendor-only`
-* Tests are started by `go test -v ./...`
-* Or if you dont want to setup your local go env just use the provided Dockerfile
+### Features
+* Synchronisation of Git repository with Kubernetes ConfigMap/Secret
+  * One shot or periodic
+  * Configurable healthcheck
+  * Configurable labels and annotations
+* Configurable include/exclude rules for filtering files that should be synchronised
+* Ability to synchronise git into target folder using symlinks (suitable for sidecar deployments)
+* SSH key and Basic auth
+
+### Quickstart
+Check out [example](example) folder that should get you started. 
 
 ### Docker repository
 The tool is released as docker image as well, check the [repository](https://hub.docker.com/r/wanderadock/git2kube/).
 
+### Documentation
+* [docs](docs/git2kube.md) - Generated documentation for the tool
+* [example](example) - Kubernetes deployment examples
 
-### Tool documentation
-[docs](docs/git2kube.md) - Generated documentation for the tool
+### How to develop
+* Checkout into your GOROOT directory (e.g. /go/src/github.com/WanderaOrg/git2kube)
+* `cd` into the folder and run `dep ensure --vendor-only`
+* Tests are started by `go test -v ./...`
+* Or if you dont want to setup your local go env just use the provided Dockerfile

example/README.md

@@ -0,0 +1,26 @@
+## CronJob
+* [cronjob.yaml](cronjob.yaml) 
+* Deploy git2kube as a Kubernetes CronJob 
+* Synchronise with Kubernetes ConfigMap or Secret
+* Suitable for longer refresh intervals
+* Might be harder to monitor
+* Updates might have higher latency due to scheduling
+* Low resource requirements
+
+## Watcher
+* [watcher.yaml](watcher.yaml) 
+* Deploy git2kube as a Kubernetes Deployment
+* Synchronise with Kubernetes ConfigMap or Secret
+* Suitable for short refresh intervals
+* Easier to monitor
+* Low latency updates
+* Low resource requirements
+
+## Sidecar
+* [sidecar.yaml](sidecar.yaml) 
+* Deploy git2kube as part of different application Pod
+* Synchronise with application by using shared volume
+* Suitable for short refresh intervals
+* Easier to monitor
+* Low latency updates
+* Bigger resource requirements

example/cronjob.yaml

@@ -0,0 +1,89 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: git2kube-watcher
+  namespace: config
+  labels:
+    app: git2kube-watcher
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: git2kube-watcher
+  labels:
+    app: git2kube-watcher
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - update
+  - patch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: git2kube-watcher
+  labels:
+    app: git2kube-watcher
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: git2kube-watcher
+subjects:
+- kind: ServiceAccount
+  name: git2kube-watcher
+  namespace: config
+---
+apiVersion: batch/v1beta1
+kind: CronJob
+metadata:
+  name: git2kube
+  namespace: config
+  labels:
+    app: git2kube
+spec:
+  schedule: "*/5 * * * *"
+  jobTemplate:
+    metadata:
+      labels:
+        app: git2kube
+    spec:
+      template:
+        metadata:
+          labels:
+            app: git2kube
+        spec:
+          serviceAccountName: git2kube-watcher
+          containers:
+          - name: git2kube-prometheus-rules
+            image: wanderadock/git2kube
+            args:
+            - 'load'
+            - 'configmap'
+            - '--configmap=alert-rules'
+            - '--namespace=monitoring'
+            - '--branch=master'
+            - '--git=https://github.com/prometheus/mysqld_exporter.git'
+            - '--include=.*\.rules'
+            - '--label=prometheus=k8s'
+            - '--label=role=alert-rules'
+            resources:
+              requests:
+                cpu: 100m
+                memory: 32Mi
+              limits:
+                cpu: 200m
+                memory: 64Mi

example/sidecar.yaml

@@ -0,0 +1,70 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: git2kube-watcher
+  namespace: config
+  labels:
+    app: git2kube-watcher
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: git2kube-watcher
+  template:
+    metadata:
+      labels:
+        app: git2kube-watcher
+    spec:
+      containers:
+      - name: busybox
+        image: busybox
+        command:
+        - watch
+        - cat
+        - "/rules/example.rules"
+        volumeMounts:
+        - mountPath: /rules
+          name: rules
+          readOnly: true
+      - name: git2kube-prometheus-rules
+        image: wanderadock/git2kube
+        args:
+        - 'watch'
+        - 'folder'
+        - '--healthcheck-file=/tmp/health'
+        - '--branch=master'
+        - '--git=https://github.com/prometheus/mysqld_exporter.git'
+        - '--include=.*\.rules'
+        - '--interval=30'
+        - '--target-folder=/rules'
+        livenessProbe:
+          exec:
+            command:
+            - /bin/sh
+            - -c
+            - "grep -Fxq OK /tmp/health"
+          initialDelaySeconds: 10
+          periodSeconds: 35
+          failureThreshold: 3
+        readinessProbe:
+          exec:
+            command:
+            - /bin/sh
+            - -c
+            - "grep -Fxq OK /tmp/health"
+          initialDelaySeconds: 10
+          periodSeconds: 10
+        resources:
+          requests:
+            cpu: 100m
+            memory: 32Mi
+          limits:
+            cpu: 200m
+            memory: 64Mi
+        volumeMounts:
+        - mountPath: /rules
+          name: rules
+      volumes:
+      - name: rules
+        emptyDir: {}

example/watcher.yaml

@@ -0,0 +1,106 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: git2kube-watcher
+  namespace: config
+  labels:
+    app: git2kube-watcher
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: git2kube-watcher
+  labels:
+    app: git2kube-watcher
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+  - update
+  - patch
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: git2kube-watcher
+  labels:
+    app: git2kube-watcher
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: git2kube-watcher
+subjects:
+- kind: ServiceAccount
+  name: git2kube-watcher
+  namespace: config
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: git2kube-watcher
+  namespace: config
+  labels:
+    app: git2kube-watcher
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: git2kube-watcher
+  template:
+    metadata:
+      labels:
+        app: git2kube-watcher
+    spec:
+      serviceAccountName: git2kube-watcher
+      containers:
+        - name: git2kube-prometheus-rules
+          image: wanderadock/git2kube
+          args:
+          - 'watch'
+          - 'configmap'
+          - '--configmap=alert-rules'
+          - '--namespace=monitoring'
+          - '--healthcheck-file=/tmp/health'
+          - '--branch=master'
+          - '--git=https://github.com/prometheus/mysqld_exporter.git'
+          - '--include=.*\.rules'
+          - '--interval=30'
+          - '--label=prometheus=k8s'
+          - '--label=role=alert-rules'
+          livenessProbe:
+            exec:
+              command:
+              - /bin/sh
+              - -c
+              - "grep -Fxq OK /tmp/health"
+            initialDelaySeconds: 10
+            periodSeconds: 35
+            failureThreshold: 3
+          readinessProbe:
+            exec:
+              command:
+              - /bin/sh
+              - -c
+              - "grep -Fxq OK /tmp/health"
+            initialDelaySeconds: 10
+            periodSeconds: 10
+          resources:
+            requests:
+              cpu: 100m
+              memory: 32Mi
+            limits:
+              cpu: 200m
+              memory: 64Mi