-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathdeclarative-k8s.nix
90 lines (81 loc) · 1.88 KB
/
declarative-k8s.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
{ name ? "redis" }:
let
nixpkgs =
(
let lock = builtins.fromJSON (builtins.readFile ../flake.lock);
in fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/${lock.nodes.nixpkgs.locked.rev}.tar.gz";
sha256 = lock.nodes.nixpkgs.locked.narHash;
}
);
nix-snapshotter = import ../.;
config =
if name == "redis" then
{
entrypoint = "redis-server";
port = 6379;
args = [ "--protected-mode" "no" ];
nodePort = 30000;
}
else
{
entrypoint = "etcd";
port = 2379;
args = [
"--listen-client-urls"
"http://0.0.0.0:2379"
"--advertise-client-urls"
"http://0.0.0.0:2379"
];
nodePort = 30001;
};
inherit (config)
entrypoint
port
args
nodePort
;
pkgs = import nixpkgs {
overlays = [ nix-snapshotter.overlays.default ];
};
image = pkgs.nix-snapshotter.buildImage {
inherit name;
resolvedByNix = true;
config = {
entrypoint = [ "${pkgs.${name}}/bin/${entrypoint}" ];
};
};
pod = pkgs.writeText "${name}-pod.json" (builtins.toJSON {
apiVersion = "v1";
kind = "Pod";
metadata = {
inherit name;
labels = { inherit name; };
};
spec.containers = [{
inherit name args;
image = "nix:0${image}";
ports = [{
name = "client";
containerPort = port;
}];
}];
});
service = pkgs.writeText "${name}-service.json" (builtins.toJSON {
apiVersion = "v1";
kind = "Service";
metadata.name = "${name}-service";
spec = {
type = "NodePort";
selector = { inherit name; };
ports = [{
name = "client";
inherit port nodePort;
}];
};
});
in pkgs.runCommand "declarative-k8s" {} ''
mkdir -p $out/share/k8s
cp ${pod} $out/share/k8s/
cp ${service} $out/share/k8s/
''