Configuration¶

Configuration reference for Playpen components.

Kubernetes resources¶

Namespaces¶

playpen-platform: Platform services (Jenkins, Nexus, Dex, PostgreSQL)
playpen-apps: User applications

Storage classes¶

local-path: Default storage class using local-path-provisioner

Service configuration¶

Jenkins¶

Helm values (infra/jenkins/jenkins-values.yaml): - Storage: 20Gi persistent volume - Port: 8080 - Namespace: playpen-platform

Access: - Internal: jenkins.playpen-platform.svc.cluster.local:8080 - Local: localhost:8080 (via port-forward)

Nexus¶

Deployment (infra/nexus/nexus-deployment.yaml): - Storage: 20Gi persistent volume - Ports: 8081 (web), 5000 (Docker registry) - Namespace: playpen-platform

Access: - Internal: nexus.playpen-platform.svc.cluster.local:8081 - Local: localhost:8081 (via port-forward)

Dex¶

Deployment (infra/dex/dex-deployment.yaml): - Port: 5556 - Configuration: ConfigMap dex-config - Namespace: playpen-platform

Access: - Internal: dex.playpen-platform.svc.cluster.local:5556 - Local: localhost:5556 (via port-forward)

PostgreSQL¶

StatefulSet (infra/postgres/postgres-deployment.yaml): - Storage: 10Gi persistent volume - Port: 5432 - Namespace: playpen-platform

Access: - Internal: postgres.playpen-platform.svc.cluster.local:5432 - Local: localhost:5432 (via port-forward)

Environment variables¶

Application environment variables¶

Common environment variables for applications:

# PostgreSQL
POSTGRES_HOST=postgres.playpen-platform.svc.cluster.local
POSTGRES_PORT=5432
POSTGRES_DB=playpen
POSTGRES_USER=playpen
POSTGRES_PASSWORD=<from-secret>

# Nexus
NEXUS_URL=http://nexus.playpen-platform.svc.cluster.local:8081
NEXUS_REGISTRY=nexus:5000
NEXUS_USER=<username>
NEXUS_PASSWORD=<password>

# Dex OIDC
OIDC_ISSUER=http://dex.playpen-platform.svc.cluster.local:5556/dex
OIDC_CLIENT_ID=<from-secret>
OIDC_CLIENT_SECRET=<from-secret>

Secrets¶

Get secret values¶

# PostgreSQL credentials
kubectl get secret postgres-credentials -n playpen-platform \
  -o jsonpath='{.data.username}' | base64 -d

# Dex credentials
kubectl get secret dex-credentials -n playpen-platform \
  -o jsonpath='{.data.client-id}' | base64 -d

Create secrets¶

# Generic secret
kubectl create secret generic my-secret \
  --from-literal=key=value \
  -n playpen-apps

# Docker registry secret
kubectl create secret docker-registry nexus-registry-secret \
  --docker-server=nexus:5000 \
  --docker-username=username \
  --docker-password=password \
  -n playpen-apps

ConfigMaps¶

View ConfigMap¶

kubectl get configmap dex-config -n playpen-platform -o yaml

Update ConfigMap¶

kubectl edit configmap dex-config -n playpen-platform

Apply changes¶

After updating ConfigMap, restart pods:

kubectl rollout restart deployment/dex -n playpen-platform

Resource limits¶

Default limits¶

Platform services have default resource requests and limits:

Jenkins: - Requests: CPU 500m, Memory 1Gi - Limits: CPU 2000m, Memory 4Gi

Nexus: - Requests: CPU 1000m, Memory 2Gi - Limits: CPU 4000m, Memory 8Gi

PostgreSQL: - Requests: CPU 500m, Memory 512Mi - Limits: CPU 2000m, Memory 2Gi

Adjust limits¶

Edit deployment or StatefulSet:

kubectl edit deployment nexus -n playpen-platform

Update resources section:

resources:
  requests:
    cpu: 2000m
    memory: 4Gi
  limits:
    cpu: 4000m
    memory: 8Gi

Next steps¶

Learn about base images
Review best practices