import kubernetes setup from n8n-io/kubernetes-hosting

1 year ago · 912738a48c
11 changed files with 297 additions and 0 deletions
--- a/kubernetes/LICENSE
+++ b/kubernetes/LICENSE
@ -0,0 +1,21 @@
 MIT License
 Copyright (c) 2022 n8n - Workflow Automation
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/kubernetes/README.md
+++ b/kubernetes/README.md
@ -0,0 +1,28 @@
 # n8n-kubernetes-hosting
 Get up and running with n8n on the following platforms:
 * [AWS](https://docs.n8n.io/hosting/server-setups/aws/)
 * [Azure](https://docs.n8n.io/hosting/server-setups/azure/)
 * [Google Cloud Platform](https://docs.n8n.io/hosting/server-setups/google-cloud/)
 If you have questions after trying the tutorials, check out the [forums](https://community.n8n.io/).
 ## Prerequisites
 Self-hosting n8n requires technical knowledge, including:
 * Setting up and configuring servers and containers
 * Managing application resources and scaling
 * Securing servers and applications
 * Configuring n8n
 n8n recommends self-hosting for expert users. Mistakes can lead to data loss, security issues, and downtime. If you aren't experienced at managing servers, n8n recommends [n8n Cloud](https://n8n.io/cloud/).
 ## Contributions
 For common changes, please open a PR to `main` branch and we will merge this
 into cloud provider specific branches.
 If you have a contribution specific to a cloud provider, please open your PR to
 the relevant branch.
--- a/kubernetes/n8n-claim0-persistentvolumeclaim.yaml
+++ b/kubernetes/n8n-claim0-persistentvolumeclaim.yaml
@ -0,0 +1,13 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  labels:
    service: n8n-claim0
  name: n8n-claim0
  namespace: n8n
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 2Gi
--- a/kubernetes/n8n-deployment.yaml
+++ b/kubernetes/n8n-deployment.yaml
@ -0,0 +1,78 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
    service: n8n
  name: n8n
  namespace: n8n
 spec:
  replicas: 1
  selector:
    matchLabels:
      service: n8n
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        service: n8n
    spec:
      initContainers:
        - name: volume-permissions
          image: busybox:1.36
          command: ["sh", "-c", "chown 1000:1000 /data"]
          volumeMounts:
            - name: n8n-claim0
              mountPath: /data
      containers:
        - command:
            - /bin/sh
          args:
            - -c
            - sleep 5; n8n start
          env:
            - name: DB_TYPE
              value: postgresdb
            - name: DB_POSTGRESDB_HOST
              value: postgres-service.n8n.svc.cluster.local
            - name: DB_POSTGRESDB_PORT
              value: "5432"
            - name: DB_POSTGRESDB_DATABASE
              value: n8n
            - name: DB_POSTGRESDB_USER
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: POSTGRES_NON_ROOT_USER
            - name: DB_POSTGRESDB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: POSTGRES_NON_ROOT_PASSWORD
            - name: N8N_PROTOCOL
              value: http
            - name: N8N_PORT
              value: "5678"
          image: n8nio/n8n
          name: n8n
          ports:
            - containerPort: 5678
          resources:
            requests:
              memory: "250Mi"
            limits:
              memory: "500Mi"
          volumeMounts:
            - mountPath: /home/node/.n8n
              name: n8n-claim0
      restartPolicy: Always
      volumes:
        - name: n8n-claim0
          persistentVolumeClaim:
            claimName: n8n-claim0
        - name: n8n-secret
          secret:
            secretName: n8n-secret
        - name: postgres-secret
          secret:
            secretName: postgres-secret
--- a/kubernetes/n8n-service.yaml
+++ b/kubernetes/n8n-service.yaml
@ -0,0 +1,16 @@
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    service: n8n
  name: n8n
  namespace: n8n
 spec:
  type: LoadBalancer
  ports:
    - name: "5678"
      port: 5678
      targetPort: 5678
      protocol: TCP
  selector:
    service: n8n
--- a/kubernetes/namespace.yaml
+++ b/kubernetes/namespace.yaml
@ -0,0 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: n8n
--- a/kubernetes/postgres-claim0-persistentvolumeclaim.yaml
+++ b/kubernetes/postgres-claim0-persistentvolumeclaim.yaml
@ -0,0 +1,11 @@
 kind: PersistentVolumeClaim
 apiVersion: v1
 metadata:
  name: postgresql-pv
  namespace: n8n
 spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 300Gi
--- a/kubernetes/postgres-configmap.yaml
+++ b/kubernetes/postgres-configmap.yaml
@ -0,0 +1,17 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: init-data
  namespace: n8n
 data:
  init-data.sh: |
    #!/bin/bash
    set -e;
    if [ -n "${POSTGRES_NON_ROOT_USER:-}" ] && [ -n "${POSTGRES_NON_ROOT_PASSWORD:-}" ]; then
    	psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
    		CREATE USER "${POSTGRES_NON_ROOT_USER}" WITH PASSWORD '${POSTGRES_NON_ROOT_PASSWORD}';
    		GRANT ALL PRIVILEGES ON DATABASE ${POSTGRES_DB} TO "${POSTGRES_NON_ROOT_USER}";
    	EOSQL
    else
    	echo "SETUP INFO: No Environment variables given!"
    fi
--- a/kubernetes/postgres-deployment.yaml
+++ b/kubernetes/postgres-deployment.yaml
@ -0,0 +1,81 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  labels:
    service: postgres-n8n
  name: postgres
  namespace: n8n
 spec:
  replicas: 1
  selector:
    matchLabels:
      service: postgres-n8n
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 1
    type: RollingUpdate
  template:
    metadata:
      labels:
        service: postgres-n8n
    spec:
      containers:
        - image: postgres:11
          name: postgres
          resources:
            limits:
              cpu: "4"
              memory: 4Gi
            requests:
              cpu: "1"
              memory: 2Gi
          ports:
            - containerPort: 5432
          volumeMounts:
            - name: postgresql-pv
              mountPath: /var/lib/postgresql/data
            - name: init-data
              mountPath: /docker-entrypoint-initdb.d/init-n8n-user.sh
              subPath: init-data.sh
          env:
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata      
            - name: POSTGRES_USER
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: POSTGRES_USER
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: POSTGRES_PASSWORD
            - name: POSTGRES_DB
              value: n8n
            - name: POSTGRES_NON_ROOT_USER
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: POSTGRES_NON_ROOT_USER
            - name: POSTGRES_NON_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: POSTGRES_NON_ROOT_PASSWORD
            - name:   POSTGRES_HOST
              value: postgres-service
            - name: POSTGRES_PORT
              value: '5432'
      restartPolicy: Always
      volumes:
        - name: postgresql-pv
          persistentVolumeClaim:
            claimName: postgresql-pv
        - name: postgres-secret
          secret:
            secretName: postgres-secret
        - name: init-data
          configMap:
            name: init-data
            defaultMode: 0744
--- a/kubernetes/postgres-secret.yaml
+++ b/kubernetes/postgres-secret.yaml
@ -0,0 +1,12 @@
 apiVersion: v1
 kind: Secret
 metadata:
  namespace: n8n
  name: postgres-secret
 type: Opaque
 stringData:
  POSTGRES_USER: changeUser
  POSTGRES_PASSWORD: changePassword
  POSTGRES_DB: n8n
  POSTGRES_NON_ROOT_USER: changeUser
  POSTGRES_NON_ROOT_PASSWORD: changePassword
--- a/kubernetes/postgres-service.yaml
+++ b/kubernetes/postgres-service.yaml
@ -0,0 +1,16 @@
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    service: postgres-n8n
  name: postgres-service
  namespace: n8n
 spec:
  clusterIP: None
  ports:
    - name: "5432"
      port: 5432
      targetPort: 5432
      protocol: TCP
  selector:
    service: postgres-n8n