#0000 - Add Kubernetes manifests for PrivateBin deployment

Introduced Kubernetes YAML configurations for deploying PrivateBin. This includes namespace, PVC, deployment, service, ingress, and a utility pod for data restoration. Updated README with instructions and added an MIT license file.
2024-12-28 23:34:57 +01:00 · 2024-12-28 23:34:57 +01:00 · d162d7651d
commit d162d7651d
parent de9f58f050
8 changed files with 242 additions and 1 deletions
--- a/00-namespace.yaml
+++ b/00-namespace.yaml
@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: privatebin
--- a/01-pvc.yaml
+++ b/01-pvc.yaml
@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  namespace: privatebin
+  name: privatebin-data
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
--- a/02-deployments.yaml
+++ b/02-deployments.yaml
@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: privatebin
+  name: app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: app
+  template:
+    metadata:
+      labels:
+        name: app
+        instance: app-prod
+        component: frontend
+        part-of: privateBin
+        managed-by: k8s-yaml
+    spec:
+      containers:
+        - name: app
+          image: ghcr.io/privatebin/nginx-fpm-alpine:stable
+          ports:
+            - containerPort: 8080
+          readinessProbe:
+            tcpSocket:
+              port: 8080
+            initialDelaySeconds: 5
+            periodSeconds: 10
+          volumeMounts:
+            - mountPath: /srv/data
+              name: privatebin-data
+      volumes:
+        - name: privatebin-data
+          persistentVolumeClaim:
+            claimName: privatebin-data
--- a/03-service.yaml
+++ b/03-service.yaml
@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  namespace: privatebin
+  name: app
+spec:
+  ports:
+    - port: 80
+      targetPort: 8080
+      protocol: TCP
+  selector:
+    name: app
--- a/04-ingress.yaml
+++ b/04-ingress.yaml
@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  namespace: privatebin
+  name: privatebin-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production
+    external-dns.alpha.kubernetes.io/hostname: bin.van-hemmen.com
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+spec:
+  rules:
+    - host: bin.van-hemmen.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: app
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - bin.van-hemmen.com
+      secretName: bin-web-tls
--- a/99-restore-pod.yaml
+++ b/99-restore-pod.yaml
@ -0,0 +1,17 @@
+#apiVersion: v1
+#kind: Pod
+#metadata:
+#  namespace: privatebin
+#  name: data-transfer-pod
+#spec:
+#  containers:
+#    - name: transfer
+#      image: busybox
+#      command: ["sleep", "3600"]
+#      volumeMounts:
+#        - mountPath: /srv/data
+#          name: longhorn-volume
+#  volumes:
+#    - name: longhorn-volume
+#      persistentVolumeClaim:
+#        claimName: privatebin-data
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Guillaume 'B.B.' Van Hemmen
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/README.md
+++ b/README.md
@ -1,2 +1,117 @@
-# privateBin
+# K8s PrivateBin Deployment

+This repository contains Kubernetes manifests for deploying **PrivateBin**, an
+open-source minimalist, encrypted pastebin, into a Kubernetes cluster. The
+deployment is configured with Persistent Volumes, namespaces, services, and
+ingress for external access.
+
+## Project Structure
+
+The project consists of the following Kubernetes YAML manifests:
+
+- **00-namespace.yaml**: Specifies the namespace for isolating the PrivateBin
+  deployment.
+- **01-pvc.yaml**: Configures the Persistent Volume Claim (PVC) to store
+  PrivateBin data persistently.
+- **02-deployments.yaml**: Contains the deployment configuration for the
+  PrivateBin pod(s).
+- **03-service.yaml**: Defines the service for exposing the deployment
+  internally within the cluster.
+- **04-ingress.yaml**: Configures the ingress resource for routing external
+  traffic to the PrivateBin service.
+
+## Prerequisites
+
+Before deploying this project, ensure the following are already set up:
+
+1. A Kubernetes cluster (e.g., Minikube, AKS, GKE, EKS, etc.).
+2. `kubectl` CLI configured to interact with your cluster.
+3. An ingress controller installed in your cluster (e.g., NGINX/Traefik).
+
+## Deployment Instructions
+
+Follow the steps below to deploy PrivateBin:
+
+### 1. Clone the Repository
+
+```bash
+git clone https://git.van-hemmen.com/GuillaumeHemmen-k8s/privateBin.git
+cd privateBin
+```
+
+### 2. Apply Kubernetes Manifests
+
+Run the following commands to apply the manifests sequentially:
+
+```bash
+# Step 1: Create the namespace
+kubectl apply -f 00-namespace.yaml
+
+# Step 2: Apply Persistent Volume Claim
+kubectl apply -f 01-pvc.yaml
+
+# Step 3: Deploy PrivateBin
+kubectl apply -f 02-deployments.yaml
+
+# Step 4: Apply Service configuration
+kubectl apply -f 03-service.yaml
+
+# Step 5: Configure Ingress
+kubectl apply -f 04-ingress.yaml
+```
+
+### 3. Verify the Deployment
+
+- Check if all pods are running:
+  ```bash
+  kubectl get pods -n privatebin
+  ```
+- Check the ingress details:
+  ```bash
+  kubectl get ingress -n privatebin
+  ```
+
+### 4. Access PrivateBin
+
+- Access your PrivateBin instance using the URL configured in the
+  `04-ingress.yaml` file. Ensure the DNS or host settings are properly
+  configured to route traffic appropriately.
+
+## Customization
+
+### Modify Namespace
+
+If needed, update the namespace in each `.yaml` file to match your cluster's
+organization.
+
+### Update Ingress Configuration
+
+Set your desired domain or hostname in `04-ingress.yaml` under the `host` field.
+
+### Persistent Volume Storage Class
+
+Update the `storageClassName` in `01-pvc.yaml` if necessary to match your
+cluster's storage configuration.
+
+## Cleanup
+
+To remove the deployment, run:
+
+```bash
+kubectl delete -f 04-ingress.yaml
+kubectl delete -f 03-service.yaml
+kubectl delete -f 02-deployments.yaml
+kubectl delete -f 01-pvc.yaml
+kubectl delete -f 00-namespace.yaml
+```
+
+## Notes
+
+- Ensure ingress is properly configured, as it is dependent on your cluster's
+  ingress controller setup.
+- Persistent storage is configured to ensure your data is kept even if the pod
+  restarts.
+
+## License
+
+This project is licensed under the [MIT License](LICENSE).