update deployments for var and secrets

README.md

@@ -38,4 +38,5 @@ You can also manage and update the variables in the configMap and Secret using k
 
 It's important to note that configMap and Secret are not the only way to use variables in Kubernetes, you can also use other tools like Helm or Kustomize.
 
-# 
+# ghost-blog-deployment.yaml
+In this example, the ghost-blog-deployment.yaml file has been updated to include the use of configMapKeyRef and secretKeyRef to reference variables for the url and database connection details respectively. The configMap and secrets resources must be created separately and referenced here. Additionally, the database__client and all database__connection__* keys are using secrets to manage the sensitive data. I've also defined resources limits and requests for the ghost-blog container. volumeMounts and volumes sections are added to the deployment.yaml file for the persistent volume claim for ghost-data.

deployments/ghost-blog-deployment.yaml

@@ -1,10 +1,10 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: ghost-blog
+  name: ghost-blog-deployment
   namespace: blog
 spec:
-  replicas: 2
+  replicas: 1
   selector:
     matchLabels:
       app: ghost-blog
@@ -19,27 +19,47 @@ spec:
         ports:
         - containerPort: 2368
         env:
-        - name: database__client
-          value: mysql
-        - name: database__connection__host
-          value: mysql-service
-        - name: database__connection__user
-          value: $(MYSQL_USER)
-        - name: database__connection__password
-          value: $(MYSQL_PASSWORD)
         - name: url
+          valueFrom:
+            configMapKeyRef:
+              name: ghost-config
+              key: url
+        - name: database__client
+          valueFrom:
+            secretKeyRef:
+              name: ghost-secrets
+              key: database__client
+        - name: database__connection__host
+          valueFrom:
+            secretKeyRef:
+              name: ghost-secrets
+              key: database__connection__host
+        - name: database__connection__user
+          valueFrom:
+            secretKeyRef:
+              name: ghost-secrets
+              key: database__connection__user
+        - name: database__connection__password
+          valueFrom:
+            secretKeyRef:
+              name: ghost-secrets
+              key: database__connection__password
+        - name: database__connection__database
+          valueFrom:
+            secretKeyRef:
+              name: ghost-secrets
+              key: database__connection__database
         resources:
           limits:
-            cpu: "0.5"
-            memory: "1Gi"
-          requests:
-            cpu: "0.1"
+            cpu: "200m"
             memory: "512Mi"
+          requests:
+            cpu: "100m"
+            memory: "256Mi"
         volumeMounts:
-        - name: ghost-persistent-storage
+        - name: ghost-data
           mountPath: /var/lib/ghost/content
       volumes:
-      - name: ghost-persistent-storage
+      - name: ghost-data
         persistentVolumeClaim:
-          claimName: ghost-pvc
-
+          claimName: ghost-data-pvc

deployments/mysql-deployment.yaml

@@ -1,10 +1,8 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: mysql
+  name: mysql-deployment
   namespace: blog
-  labels:
-    app: mysql
 spec:
   replicas: 1
   selector:
@@ -17,29 +15,41 @@ spec:
     spec:
       containers:
       - name: mysql
-        image: mysql:latest
+        image: mysql:8.0
         ports:
         - containerPort: 3306
         env:
         - name: MYSQL_ROOT_PASSWORD
-          value: password
+          valueFrom:
+            secretKeyRef:
+              name: mysql-secret
+              key: root_password
         - name: MYSQL_DATABASE
-          value: ghost_db
+          valueFrom:
+            configMapKeyRef:
+              name: mysql-config
+              key: database_name
         - name: MYSQL_USER
-          value: ghost
+          valueFrom:
+            configMapKeyRef:
+              name: mysql-config
+              key: database_user
         - name: MYSQL_PASSWORD
-          value: password
+          valueFrom:
+            secretKeyRef:
+              name: mysql-secret
+              key: database_password
         resources:
-          limits:
-            cpu: "0.5"
-            memory: "1Gi"
           requests:
-            cpu: "0.1"
+            memory: "256Mi"
+            cpu: "250m"
+          limits:
             memory: "512Mi"
+            cpu: "500m"
         volumeMounts:
-        - name: mysql-persistent-storage
+        - name: mysql-data
           mountPath: /var/lib/mysql
       volumes:
-      - name: mysql-persistent-storage
+      - name: mysql-data
         persistentVolumeClaim:
-          claimName: mysql-pvc
+          claimName: mysql-data-pvc

volume/blog-pv.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: ghost-blog-pv
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data/ghost-blog"

volume/blog-pvc.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: ghost-blog-pvc
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi

volume/mysql-pvc.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mysql-pvc
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi