Kubernetes Deployment
Kubernetes Deployment
Section titled “Kubernetes Deployment”Deploy vcpkg-harbor on Kubernetes for scalable, production-ready deployments.
Basic Deployment
Section titled “Basic Deployment”Deployment
Section titled “Deployment”apiVersion: apps/v1kind: Deploymentmetadata: name: vcpkg-harbor labels: app: vcpkg-harborspec: replicas: 2 selector: matchLabels: app: vcpkg-harbor template: metadata: labels: app: vcpkg-harbor spec: containers: - name: vcpkg-harbor image: ghcr.io/rennerdo30/vcpkg-harbor:latest ports: - containerPort: 15151 env: - name: VCPKG_STORAGE_TYPE value: "s3" - name: VCPKG_S3_BUCKET value: "vcpkg-harbor" - name: VCPKG_S3_REGION value: "us-west-2" livenessProbe: httpGet: path: /health/live port: 15151 initialDelaySeconds: 10 periodSeconds: 30 readinessProbe: httpGet: path: /health/ready port: 15151 initialDelaySeconds: 5 periodSeconds: 10 resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "512Mi" cpu: "500m"Service
Section titled “Service”apiVersion: v1kind: Servicemetadata: name: vcpkg-harborspec: selector: app: vcpkg-harbor ports: - port: 80 targetPort: 15151 type: ClusterIPIngress
Section titled “Ingress”apiVersion: networking.k8s.io/v1kind: Ingressmetadata: name: vcpkg-harbor annotations: kubernetes.io/ingress.class: nginx cert-manager.io/cluster-issuer: letsencrypt-prodspec: tls: - hosts: - vcpkg-cache.example.com secretName: vcpkg-harbor-tls rules: - host: vcpkg-cache.example.com http: paths: - path: / pathType: Prefix backend: service: name: vcpkg-harbor port: number: 80Configuration with Secrets
Section titled “Configuration with Secrets”Secret for Authentication
Section titled “Secret for Authentication”apiVersion: v1kind: Secretmetadata: name: vcpkg-harbor-secretstype: OpaquestringData: auth-token: "your-secret-token"ConfigMap for Settings
Section titled “ConfigMap for Settings”apiVersion: v1kind: ConfigMapmetadata: name: vcpkg-harbor-configdata: VCPKG_STORAGE_TYPE: "s3" VCPKG_S3_BUCKET: "vcpkg-harbor" VCPKG_S3_REGION: "us-west-2" VCPKG_AUTH_ENABLED: "true" VCPKG_AUTH_TYPE: "token" VCPKG_LOG_JSON: "true"Using ConfigMap and Secret
Section titled “Using ConfigMap and Secret”spec: containers: - name: vcpkg-harbor envFrom: - configMapRef: name: vcpkg-harbor-config env: - name: VCPKG_AUTH_TOKEN valueFrom: secretKeyRef: name: vcpkg-harbor-secrets key: auth-tokenAWS EKS with IRSA
Section titled “AWS EKS with IRSA”Use IAM Roles for Service Accounts:
apiVersion: v1kind: ServiceAccountmetadata: name: vcpkg-harbor annotations: eks.amazonaws.com/role-arn: arn:aws:iam::123456789:role/vcpkg-harbor-s3---apiVersion: apps/v1kind: Deploymentspec: template: spec: serviceAccountName: vcpkg-harbor containers: - name: vcpkg-harbor env: - name: VCPKG_STORAGE_TYPE value: "s3" # No credentials needed - uses IRSAGKE with Workload Identity
Section titled “GKE with Workload Identity”apiVersion: v1kind: ServiceAccountmetadata: name: vcpkg-harbor annotations: iam.gke.io/gcp-service-account: vcpkg-harbor@project.iam.gserviceaccount.comMonitoring
Section titled “Monitoring”ServiceMonitor for Prometheus Operator
Section titled “ServiceMonitor for Prometheus Operator”apiVersion: monitoring.coreos.com/v1kind: ServiceMonitormetadata: name: vcpkg-harborspec: selector: matchLabels: app: vcpkg-harbor endpoints: - port: http path: /metrics interval: 30sHorizontal Pod Autoscaler
Section titled “Horizontal Pod Autoscaler”apiVersion: autoscaling/v2kind: HorizontalPodAutoscalermetadata: name: vcpkg-harborspec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: vcpkg-harbor minReplicas: 2 maxReplicas: 10 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 70