Skip to main content

Heimdall

image.png

Resumen

  • Creación del Namespace heimdall.

  • Creación de PV + PVC con aprovisionamiento manual .

  • Despliegue de Heimdall usando un Deployment.

  • Exposición del servicio usando NGINX Ingress.

Namespace

apiVersion: v1
kind: Namespace
metadata:
  name: heimdall

PV + PVC 

apiVersion: v1
kind: PersistentVolume
metadata:
  name: heimdall-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain
  nfs:
    server: 192.168.1.100
    path: "/exported/path/mi-directorio-fijo"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: heimdall-pvc
  namespace: heimdall
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: ""  # Fuerza binding estático
  resources:
    requests:
      storage: 10Gi

Deployment

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: heimdall
  namespace: heimdall
spec:
  replicas: 1
  selector:
    matchLabels:
      app: heimdall
  template:
    metadata:
      labels:
        app: heimdall
    spec:
      containers:
        - name: heimdall
          image: lscr.io/linuxserver/heimdall:latest
          ports:
            - containerPort: 80
          volumeMounts:
            - name: shared-storage
              mountPath: /config
      volumes:
        - name: shared-storage
          persistentVolumeClaim:
            claimName: heimdall-pvc

Service

---
apiVersion: v1
kind: Service
metadata:
  name: heimdall-svc
  namespace: heimdall
spec:
  type: ClusterIP
  ports:
    - port: 80
      targetPort: 80
  selector:
    app: heimdall

Ingress

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: heimdall-ingress
  namespace: heimdall
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    nginx.ingress.kubernetes.io/ssl-redirect: "true"
    cert-manager.io/cluster-issuer: "letsencrypt-staging" # Puedes cambiar por "letsencrypt-prod" 
spec:
  ingressClassName: nginx
  tls:
    - hosts:
        - heimdall.k8s.dominio.com
      secretName: heimdall-tls  # Nombre del secreto con el certificado TLS
  rules:
    - host: heimdall.k8s.dominio.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: heimdall-svc
                port:
                  number: 80

Comandos

# Aplicar
kubectl apply -f heimdall.yaml

# Comprobar
kubectl get all -n heimdall

# Escala el Deployment
kubectl scale deployment heimdall --replicas=2 -n heimdall

# Parar Deployment sin eliminarlo
kubectl scale deployment heimdall --replicas=0 -n heimdall

# reinicia deployment para aplicar cambios
kubectl rollout restart deployment heimdall -n heimdall

Back to top