Skip to content

Commit

Permalink
Create app.tf
Browse files Browse the repository at this point in the history
  • Loading branch information
RaulBernal authored Dec 19, 2024
1 parent 1f372a9 commit 378b351
Showing 1 changed file with 141 additions and 0 deletions.
141 changes: 141 additions & 0 deletions terraform/app.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
# app.tf

provider "kubernetes" {
host = "https://${google_container_cluster.default.endpoint}"
token = data.google_client_config.default.access_token
cluster_ca_certificate = base64decode(google_container_cluster.default.master_auth[0].cluster_ca_certificate)

ignore_annotations = [
"^autopilot\\.gke\\.io\\/.*",
"^cloud\\.google\\.com\\/.*"
]
}

data "google_client_config" "default" {}

resource "kubernetes_deployment_v1" "default" {
metadata {
name = "webwallet-vite-app-deployment"
}

spec {
replicas = 2

selector {
match_labels = {
app = "vite-app"
}
}

template {
metadata {
labels = {
app = "vite-app"
}
}

spec {
container {
image = "bernalraul/webwallet:latest"
name = "vite-app-container"

port {
container_port = 3000
name = "vite-app-svc"
}

security_context {
allow_privilege_escalation = false
privileged = false
read_only_root_filesystem = false

capabilities {
add = []
drop = ["NET_RAW"]
}
}

liveness_probe {
http_get {
path = "/login"
port = "3000"
}

initial_delay_seconds = 60
period_seconds = 5
}
}

security_context {
run_as_non_root = true

seccomp_profile {
type = "RuntimeDefault"
}
}

toleration {
effect = "NoSchedule"
key = "kubernetes.io/arch"
operator = "Equal"
value = "amd64"
}
}
}
}
}

resource "kubernetes_service_v1" "default" {
metadata {
name = "webwallet-vite-app-loadbalancer"
annotations = {
"networking.gke.io/load-balancer-type" = "External"
}
}

spec {
selector = {
app = kubernetes_deployment_v1.default.spec[0].selector[0].match_labels.app
}

# ip_family_policy = "RequireDualStack"

port {
port = 443
target_port = kubernetes_deployment_v1.default.spec[0].template[0].spec[0].container[0].port[0].name
}

type = "LoadBalancer"
}

depends_on = [time_sleep.wait_service_cleanup]
}

resource "kubernetes_ingress_v1" "default" {
metadata {
name = "webwallet-ingress"
annotations = {
"kubernetes.io/ingress.class" : "gce",
"networking.gke.io/managed-certificates" : "gke-wallet-cert"
}
}

spec {
rule {
host = "gke-wallet.bitcanna.io"
http {
path {
path = "/"
backend {
service {
name = kubernetes_service_v1.default.metadata[0].name
port {
number = 443
}
}
}
}
}
}
}
}

0 comments on commit 378b351

Please sign in to comment.