feat: add PostgreSQL tunnel deployment with ConfigMap, HPA, and service

eu-central-1/argo-apps/metrics-server/metrics-server.yaml

@@ -0,0 +1,25 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: metrics-server
+  namespace: argocd
+spec:
+  project: default
+  destination:
+    namespace: kube-system
+    server: https://kubernetes.default.svc
+  sources:
+    - repoURL: https://kubernetes-sigs.github.io/metrics-server/
+      chart: metrics-server
+      targetRevision: 3.13.0
+      helm:
+        valueFiles:
+          - $values/metrics-server/eu-central-1/values.yaml
+    - repoURL: git@git.janis-eccarius.de:NowChess/GitOps.git
+      path: ./metrics-server/eu-central-1
+      ref: values
+      targetRevision: main
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true

eu-central-1/argo-apps/postgres-tunnel/postgres-tunnel.yaml

@@ -0,0 +1,20 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: postgres-tunnel
+  namespace: argocd
+spec:
+  project: default
+  destination:
+    namespace: postgres-tunnel
+    server: https://kubernetes.default.svc
+  sources:
+    - repoURL: git@git.janis-eccarius.de:NowChess/GitOps.git
+      path: ./postgres-tunnel/eu-central-1
+      targetRevision: main
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true

metrics-server/eu-central-1/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: []
+
+helmCharts:
+  - name: metrics-server
+    repo: https://kubernetes-sigs.github.io/metrics-server/
+    version: 3.x
+    releaseName: metrics-server
+    namespace: kube-system
+    valuesFile: values.yaml

metrics-server/eu-central-1/values.yaml

@@ -0,0 +1,13 @@
+resources:
+  requests:
+    cpu: 50m
+    memory: 64Mi
+  limits:
+    cpu: 100m
+    memory: 128Mi
+
+metrics:
+  enabled: true
+
+serviceMonitor:
+  enabled: false

postgres-tunnel/eu-central-1/configmap.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: postgres-tunnel-config
+  namespace: postgres-tunnel
+data:
+  SSH_HOST: "130.61.135.202"
+  SSH_PORT: "22"
+  SSH_USER: "cluster"
+  POSTGRES_REMOTE_HOST: "localhost"
+  POSTGRES_REMOTE_PORT: "5432"

postgres-tunnel/eu-central-1/deployment.yaml

@@ -0,0 +1,64 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgres-tunnel
+  namespace: postgres-tunnel
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: postgres-tunnel
+  template:
+    metadata:
+      labels:
+        app: postgres-tunnel
+    spec:
+      containers:
+        - name: tunnel
+          image: alpine:3.21
+          command: [/bin/sh, -c]
+          args:
+            - |
+              apk add --no-cache openssh-client
+              exec ssh -N \
+                -o StrictHostKeyChecking=no \
+                -o ServerAliveInterval=30 \
+                -o ServerAliveCountMax=3 \
+                -o ExitOnForwardFailure=yes \
+                -L 0.0.0.0:5432:$(POSTGRES_REMOTE_HOST):$(POSTGRES_REMOTE_PORT) \
+                -i /ssh-key/id_rsa \
+                -p $(SSH_PORT) \
+                $(SSH_USER)@$(SSH_HOST)
+          envFrom:
+            - configMapRef:
+                name: postgres-tunnel-config
+          ports:
+            - containerPort: 5432
+              name: postgres
+          volumeMounts:
+            - name: ssh-key
+              mountPath: /ssh-key
+              readOnly: true
+          resources:
+            requests:
+              cpu: 10m
+              memory: 16Mi
+            limits:
+              cpu: 50m
+              memory: 32Mi
+          livenessProbe:
+            tcpSocket:
+              port: 5432
+            initialDelaySeconds: 15
+            periodSeconds: 20
+          readinessProbe:
+            tcpSocket:
+              port: 5432
+            initialDelaySeconds: 5
+            periodSeconds: 10
+      volumes:
+        - name: ssh-key
+          secret:
+            secretName: postgres-tunnel-ssh-key
+            defaultMode: 0400
+      restartPolicy: Always

postgres-tunnel/eu-central-1/hpa.yaml

@@ -0,0 +1,22 @@
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: postgres-tunnel
+  namespace: postgres-tunnel
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: postgres-tunnel
+  minReplicas: 1
+  maxReplicas: 5
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: 70
+  behavior:
+    scaleDown:
+      stabilizationWindowSeconds: 300

postgres-tunnel/eu-central-1/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - configmap.yaml
+  - deployment.yaml
+  - service.yaml
+  - hpa.yaml

postgres-tunnel/eu-central-1/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: postgres-tunnel

postgres-tunnel/eu-central-1/service.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres
+  namespace: postgres-tunnel
+spec:
+  type: ClusterIP
+  selector:
+    app: postgres-tunnel
+  ports:
+    - name: postgres
+      port: 5432
+      targetPort: 5432