From e093e945eb5a88a1984fb674f5444dbcc5463d74 Mon Sep 17 00:00:00 2001 From: Janis Date: Thu, 30 Apr 2026 08:08:39 +0200 Subject: [PATCH] feat: add PostgreSQL tunnel deployment with ConfigMap, HPA, and service --- .../metrics-server/metrics-server.yaml | 25 ++++++++ .../postgres-tunnel/postgres-tunnel.yaml | 20 ++++++ .../eu-central-1/kustomization.yaml | 11 ++++ metrics-server/eu-central-1/values.yaml | 13 ++++ postgres-tunnel/eu-central-1/configmap.yaml | 11 ++++ postgres-tunnel/eu-central-1/deployment.yaml | 64 +++++++++++++++++++ postgres-tunnel/eu-central-1/hpa.yaml | 22 +++++++ .../eu-central-1/kustomization.yaml | 8 +++ postgres-tunnel/eu-central-1/namespace.yaml | 4 ++ postgres-tunnel/eu-central-1/service.yaml | 13 ++++ 10 files changed, 191 insertions(+) create mode 100644 eu-central-1/argo-apps/metrics-server/metrics-server.yaml create mode 100644 eu-central-1/argo-apps/postgres-tunnel/postgres-tunnel.yaml create mode 100644 metrics-server/eu-central-1/kustomization.yaml create mode 100644 metrics-server/eu-central-1/values.yaml create mode 100644 postgres-tunnel/eu-central-1/configmap.yaml create mode 100644 postgres-tunnel/eu-central-1/deployment.yaml create mode 100644 postgres-tunnel/eu-central-1/hpa.yaml create mode 100644 postgres-tunnel/eu-central-1/kustomization.yaml create mode 100644 postgres-tunnel/eu-central-1/namespace.yaml create mode 100644 postgres-tunnel/eu-central-1/service.yaml diff --git a/eu-central-1/argo-apps/metrics-server/metrics-server.yaml b/eu-central-1/argo-apps/metrics-server/metrics-server.yaml new file mode 100644 index 0000000..e1226f3 --- /dev/null +++ b/eu-central-1/argo-apps/metrics-server/metrics-server.yaml @@ -0,0 +1,25 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: metrics-server + namespace: argocd +spec: + project: default + destination: + namespace: kube-system + server: https://kubernetes.default.svc + sources: + - repoURL: https://kubernetes-sigs.github.io/metrics-server/ + chart: metrics-server + targetRevision: 3.13.0 + helm: + valueFiles: + - $values/metrics-server/eu-central-1/values.yaml + - repoURL: git@git.janis-eccarius.de:NowChess/GitOps.git + path: ./metrics-server/eu-central-1 + ref: values + targetRevision: main + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/eu-central-1/argo-apps/postgres-tunnel/postgres-tunnel.yaml b/eu-central-1/argo-apps/postgres-tunnel/postgres-tunnel.yaml new file mode 100644 index 0000000..1335544 --- /dev/null +++ b/eu-central-1/argo-apps/postgres-tunnel/postgres-tunnel.yaml @@ -0,0 +1,20 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: postgres-tunnel + namespace: argocd +spec: + project: default + destination: + namespace: postgres-tunnel + server: https://kubernetes.default.svc + sources: + - repoURL: git@git.janis-eccarius.de:NowChess/GitOps.git + path: ./postgres-tunnel/eu-central-1 + targetRevision: main + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/metrics-server/eu-central-1/kustomization.yaml b/metrics-server/eu-central-1/kustomization.yaml new file mode 100644 index 0000000..ec60b0b --- /dev/null +++ b/metrics-server/eu-central-1/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: [] + +helmCharts: + - name: metrics-server + repo: https://kubernetes-sigs.github.io/metrics-server/ + version: 3.x + releaseName: metrics-server + namespace: kube-system + valuesFile: values.yaml diff --git a/metrics-server/eu-central-1/values.yaml b/metrics-server/eu-central-1/values.yaml new file mode 100644 index 0000000..4824b23 --- /dev/null +++ b/metrics-server/eu-central-1/values.yaml @@ -0,0 +1,13 @@ +resources: + requests: + cpu: 50m + memory: 64Mi + limits: + cpu: 100m + memory: 128Mi + +metrics: + enabled: true + +serviceMonitor: + enabled: false diff --git a/postgres-tunnel/eu-central-1/configmap.yaml b/postgres-tunnel/eu-central-1/configmap.yaml new file mode 100644 index 0000000..53dce47 --- /dev/null +++ b/postgres-tunnel/eu-central-1/configmap.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-tunnel-config + namespace: postgres-tunnel +data: + SSH_HOST: "130.61.135.202" + SSH_PORT: "22" + SSH_USER: "cluster" + POSTGRES_REMOTE_HOST: "localhost" + POSTGRES_REMOTE_PORT: "5432" diff --git a/postgres-tunnel/eu-central-1/deployment.yaml b/postgres-tunnel/eu-central-1/deployment.yaml new file mode 100644 index 0000000..21f7efc --- /dev/null +++ b/postgres-tunnel/eu-central-1/deployment.yaml @@ -0,0 +1,64 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres-tunnel + namespace: postgres-tunnel +spec: + replicas: 1 + selector: + matchLabels: + app: postgres-tunnel + template: + metadata: + labels: + app: postgres-tunnel + spec: + containers: + - name: tunnel + image: alpine:3.21 + command: [/bin/sh, -c] + args: + - | + apk add --no-cache openssh-client + exec ssh -N \ + -o StrictHostKeyChecking=no \ + -o ServerAliveInterval=30 \ + -o ServerAliveCountMax=3 \ + -o ExitOnForwardFailure=yes \ + -L 0.0.0.0:5432:$(POSTGRES_REMOTE_HOST):$(POSTGRES_REMOTE_PORT) \ + -i /ssh-key/id_rsa \ + -p $(SSH_PORT) \ + $(SSH_USER)@$(SSH_HOST) + envFrom: + - configMapRef: + name: postgres-tunnel-config + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - name: ssh-key + mountPath: /ssh-key + readOnly: true + resources: + requests: + cpu: 10m + memory: 16Mi + limits: + cpu: 50m + memory: 32Mi + livenessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + tcpSocket: + port: 5432 + initialDelaySeconds: 5 + periodSeconds: 10 + volumes: + - name: ssh-key + secret: + secretName: postgres-tunnel-ssh-key + defaultMode: 0400 + restartPolicy: Always diff --git a/postgres-tunnel/eu-central-1/hpa.yaml b/postgres-tunnel/eu-central-1/hpa.yaml new file mode 100644 index 0000000..b6977bb --- /dev/null +++ b/postgres-tunnel/eu-central-1/hpa.yaml @@ -0,0 +1,22 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: postgres-tunnel + namespace: postgres-tunnel +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: postgres-tunnel + minReplicas: 1 + maxReplicas: 5 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 70 + behavior: + scaleDown: + stabilizationWindowSeconds: 300 diff --git a/postgres-tunnel/eu-central-1/kustomization.yaml b/postgres-tunnel/eu-central-1/kustomization.yaml new file mode 100644 index 0000000..6ae5234 --- /dev/null +++ b/postgres-tunnel/eu-central-1/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - namespace.yaml + - configmap.yaml + - deployment.yaml + - service.yaml + - hpa.yaml diff --git a/postgres-tunnel/eu-central-1/namespace.yaml b/postgres-tunnel/eu-central-1/namespace.yaml new file mode 100644 index 0000000..dc9dd6a --- /dev/null +++ b/postgres-tunnel/eu-central-1/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: postgres-tunnel diff --git a/postgres-tunnel/eu-central-1/service.yaml b/postgres-tunnel/eu-central-1/service.yaml new file mode 100644 index 0000000..e97e909 --- /dev/null +++ b/postgres-tunnel/eu-central-1/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: postgres-tunnel +spec: + type: ClusterIP + selector: + app: postgres-tunnel + ports: + - name: postgres + port: 5432 + targetPort: 5432