161 lines
3.6 KiB
YAML
161 lines
3.6 KiB
YAML
---
|
|
# PostgreSQL Deployment
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: root-db
|
|
namespace: default
|
|
labels:
|
|
app: root-db
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: root-db
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: root-db
|
|
spec:
|
|
containers:
|
|
- name: postgres
|
|
image: postgres:17.6
|
|
ports:
|
|
- containerPort: 5432
|
|
env:
|
|
- name: POSTGRES_DB
|
|
value: "postgres"
|
|
- name: POSTGRES_USER
|
|
value: "postgres"
|
|
- name: POSTGRES_PASSWORD
|
|
value: "abearxiong"
|
|
volumeMounts:
|
|
- name: postgres-storage
|
|
mountPath: /var/lib/postgresql/data
|
|
# Health check (liveness/readiness)
|
|
livenessProbe:
|
|
exec:
|
|
command:
|
|
- pg_isready
|
|
- "-U"
|
|
- "postgres"
|
|
- "-d"
|
|
- "postgres"
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 3
|
|
readinessProbe:
|
|
exec:
|
|
command:
|
|
- pg_isready
|
|
- "-U"
|
|
- "postgres"
|
|
- "-d"
|
|
- "postgres"
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
timeoutSeconds: 3
|
|
volumes:
|
|
- name: postgres-storage
|
|
hostPath:
|
|
path: /opt/docker/nocodb/postgres_data
|
|
type: Directory
|
|
nodeSelector:
|
|
machine: "kevisual"
|
|
---
|
|
# PostgreSQL Service (ClusterIP, internal access)
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: root-db
|
|
labels:
|
|
app: root-db
|
|
spec:
|
|
selector:
|
|
app: root-db
|
|
ports:
|
|
- protocol: TCP
|
|
port: 5432
|
|
targetPort: 5432
|
|
type: ClusterIP
|
|
---
|
|
# NocoDB Deployment
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: nocodb
|
|
labels:
|
|
app: nocodb
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: nocodb
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: nocodb
|
|
spec:
|
|
containers:
|
|
- name: nocodb
|
|
image: nocodb/nocodb:latest
|
|
ports:
|
|
- containerPort: 8080
|
|
env:
|
|
- name: NC_DB
|
|
value: "pg://root-db:5432?u=postgres&p=abearxiong&d=postgres"
|
|
- name: NC_AUTH_JWT_SECRET
|
|
value: "MaCpbZugRlwFWUfpAUNAd7p64V4Yj7Xx" # openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32
|
|
volumeMounts:
|
|
- name: nc-data-storage
|
|
mountPath: /usr/app/data
|
|
# NocoDB 可能需要一些启动时间,可选添加 readinessProbe
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /api/v1/health
|
|
port: 8080
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
volumes:
|
|
- name: nc-data-storage
|
|
hostPath:
|
|
path: /opt/docker/nocodb/nc_data
|
|
type: Directory
|
|
nodeSelector:
|
|
machine: "kevisual"
|
|
---
|
|
# NocoDB Service (NodePort to expose on host:8080)
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: nocodb
|
|
labels:
|
|
app: nocodb
|
|
spec:
|
|
selector:
|
|
app: nocodb
|
|
ports:
|
|
- protocol: TCP
|
|
port: 8080
|
|
targetPort: 8080
|
|
type: NodePort
|
|
|
|
---
|
|
# NocoDB Ingress (optional, requires Ingress controller)
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: IngressRoute
|
|
metadata:
|
|
name: nocodb-https
|
|
spec:
|
|
entryPoints:
|
|
- websecure
|
|
routes:
|
|
- match: Host(`nocodb.kevisual.cn`)
|
|
kind: Rule
|
|
services:
|
|
- name: nocodb
|
|
port: 8080
|
|
tls:
|
|
certResolver: letsencrypt |