Heimdall
Resumen
-
Creación del
Namespaceheimdall. -
Creación de PVC con
nfs-clientcomoStorageClass. -
Despliegue de Heimdall usando un
StatefulSet. -
Exposición del servicio usando NGINX Ingress.
Namespace
apiVersion: v1
kind: Namespace
metadata:
name: heimdallPVC
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: heimdall-pvc
namespace: heimdall
spec:
accessModes:
- ReadWriteMany
storageClassName: nfs-client
resources:
requests:
storage: 2GiStatefulSet
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: heimdall
namespace: heimdall
spec:
serviceName: "heimdall"
replicas: 1
selector:
matchLabels:
app: heimdall
template:
metadata:
labels:
app: heimdall
spec:
containers:
- name: heimdall
image: lscr.io/linuxserver/heimdall:latest
ports:
- containerPort: 80
volumeMounts:
- name: heimdall-pvcshared-storage
mountPath: /config
volumes:
- name: heimdall-pvcshared-storage
persistentVolumeClaim:
claimName: heimdall-pvcService
---
apiVersion: v1
kind: Service
metadata:
name: heimdall
namespace: heimdall
spec:
ports:
- port: 80
targetPort: 80
clusterIP: None
selector:
app: heimdallIngress
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: heimdall-ingress
namespace: heimdall
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: "letsencrypt-staging" # Puedes cambiar por "letsencrypt-production"
spec:
ingressClassName: nginx
tls:
- hosts:
- heimdall.k8s.ictiberia.com
secretName: heimdall-tls # Nombre del secreto con el certificado TLS
rules:
- host: heimdall.k8s.ictiberia.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: heimdall
port:
number: 80Comandos
# Aplicar
kubectl apply -f heimdall.yaml
# Comprobar
kubectl get all -n heimdall
# Escala el StatefulSet
kubectl scale statefulset heimdall --replicas=2 -n heimdall
# Parar StatefulSet sin eliminarlo
kubectl scale statefulset heimdall --replicas=0 -n heimdall