commit 36cc4fb61a179cdbd1dd071a36c6423d47c97d30
author Sergiusz Bazanski <q3k@q3k.org> Fri May 17 18:08:48 2019 +0200
committer Sergiusz Bazanski <q3k@q3k.org> Fri May 17 18:09:39 2019 +0200
tree 04da12b8e4424b60d0a361dfad960266a0d98e87
parent a4b37674553a26b5c35e845bd4e4130e3492d70f

bazel-cache: deploy, add waw-hdd-yolo-1 ceph pool

app/bazel-cache/prod.jsonnet

diff --git a/app/bazel-cache/prod.jsonnet b/app/bazel-cache/prod.jsonnet
new file mode 100644
index 0000000..9b65e95
--- /dev/null
+++ b/app/bazel-cache/prod.jsonnet
@@ -0,0 +1,108 @@
+# bazel-cache.k0.hswaw.net, a Bazel Cache based on buchgr/bazel-remote.
+# Once https://github.com/bazelbuild/bazel/pull/4889 gets merged, this will
+# likely be replaced with just an Rados GW instance.
+
+local kube = import "../../kube/kube.libsonnet";
+
+{
+    local app = self,
+    local cfg = app.cfg,
+    cfg:: {
+        namespace: "bazel-cache",
+        domain: "k0.hswaw.net",
+        storageClassName: "waw-hdd-yolo-1",
+    },
+
+    metadata(component):: {
+        namespace: cfg.namespace,
+        labels: {
+            "app.kubernetes.io/name": "bazel-cache",
+            "app.kubernetes.io/managed-by": "kubecfg",
+            "app.kubernetes.io/component": component,
+        },
+    },
+
+    namespace: kube.Namespace(cfg.namespace),
+
+    volumeClaim: kube.PersistentVolumeClaim("bazel-cache-storage") {
+        metadata+: app.metadata("bazel-cache-storage"),
+        spec+: {
+            storageClassName: cfg.storageClassName,
+            accessModes: [ "ReadWriteOnce" ],
+            resources: {
+                requests: {
+                    storage: "40Gi",
+                },
+            },
+        },
+    },
+
+
+    deployment: kube.Deployment("bazel-remote") {
+        metadata+: app.metadata("bazel-cache"),
+        spec+: {
+            replicas: 1,
+            template+: {
+                spec+: {
+                    volumes_: {
+                        data: kube.PersistentVolumeClaimVolume(app.volumeClaim),
+                    },
+                    containers_: {
+                        auth: kube.Container("bazel-remote") {
+                            image: "buchgr/bazel-remote-cache",
+                            volumeMounts_: {
+                                data: { mountPath: "/data" },
+                            },
+                            ports_: {
+                                http: {
+                                    containerPort: 8080,
+                                    protocol: "TCP",
+                                },
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+
+    service: kube.Service("bazel-cache") {
+        metadata+: app.metadata("bazel-cache"),
+        target_pod:: app.deployment.spec.template,
+        spec+: {
+            type: "ClusterIP",
+            ports: [
+                { name: "http", port: 8080, targetPort: 8080, protocol: "TCP" },
+            ],
+        }
+    },
+
+    ingress: kube.Ingress("bazel-cache") {
+        metadata+: app.metadata("bazel-cache") {
+            annotations+: {
+                "kubernetes.io/tls-acme": "true",
+                "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
+                "nginx.ingress.kubernetes.io/backend-protocol": "HTTP",
+                "nginx.ingress.kubernetes.io/proxy-body-size": "0",
+            },
+        },
+        spec+: {
+            tls: [
+                {
+                    hosts: ["bazel-cache.%s" % [cfg.domain]],
+                    secretName: "bazel-cache-tls",
+                },
+            ],
+            rules: [
+                {
+                    host: "bazel-cache.%s" % [cfg.domain],
+                    http: {
+                        paths: [
+                            { path: "/", backend: app.service.name_port },
+                        ]
+                    },
+                }
+            ],
+        },
+    },
+}