K8s 레시피 – n8n

  • Post author:
  • Post category:칼럼
  • Post comments:0 Comments
  • Post last modified:August 3, 2020

n8n.io – Free and Open Workflow Automation Tool

준비물

레시피

apiVersion: v1
kind: Secret
metadata:
    name: n8n
    namespace: n8n
type: Opaque
stringData:
    N8N_BASIC_AUTH_USER: n8n
    N8N_BASIC_AUTH_PASSWORD: ABCDEFG
    N8N_ENCRYPTION_KEY: ABCDEFG
    COOKIE_SECRET: ABCDEFG
    OAUTH_CLIENT_ID: ABCDEFG
    OAUTH_SECRET_KEY: ABCDEFG
---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: n8n
  namespace: n8n
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/backend-protocol: http
    nginx.ingress.kubernetes.io/proxy-body-size: 128m

    cert-manager.io/issuer: letsencrypt-prod

    # For Cloudflare proxied entries, set the TTL annotation to 1 (automatic), or do not set it.
    external-dns.alpha.kubernetes.io/ttl: "1"
    external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
spec:
  tls:
    - hosts:
        - n8n.demo.com
      secretName: tls-n8n
  rules:
    - host: n8n.demo.com
      http:
        paths:
          - path: /
            backend:
              serviceName: n8n
              servicePort: 5679
---
apiVersion: v1
kind: Service
metadata:
  name: n8n
  namespace: n8n
spec:
  selector:
    app: n8n
  ports:
    - protocol: TCP
      port: 5679
      targetPort: 5679
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: n8n
  namespace: n8n
spec:
  storageClassName: rook-nfs-default
  accessModes:
    - ReadWriteMany
  volumeMode: Filesystem
  resources:
    requests:
      storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: n8n
  namespace: n8n
spec:
  replicas: 1
  selector:
    matchLabels:
      app: n8n
  template:
    metadata:
      labels:
        app: n8n
    spec:
      containers:
        - name: n8n
          image: n8nio/n8n
          ports:
            - containerPort: 5678
          env:
            - name: N8N_BASIC_AUTH_ACTIVE
              value: "false"
            - name: N8N_BASIC_AUTH_USER
              valueFrom:
                secretKeyRef:
                  name: n8n
                  key: N8N_BASIC_AUTH_USER
            - name: N8N_BASIC_AUTH_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: n8n
                  key: N8N_BASIC_AUTH_PASSWORD
            - name: GENERIC_TIMEZONE
              value: "Asia/Seoul"
            - name: N8N_PORT
              value: "5678"
            - name: N8N_HOST
              value: "0.0.0.0"
            - name: VUE_APP_URL_BASE_API
              value: "http://n8n:5678"
            - name: WEBHOOK_TUNNEL_URL
              value: "https://n8n.demo.com/"
            - name: N8N_ENCRYPTION_KEY
              valueFrom:
                secretKeyRef:
                  name: n8n
                  key: N8N_ENCRYPTION_KEY
          volumeMounts:
            - name: data
              mountPath: /root/
          resources:
            requests:
              cpu: "100m"
              memory: "64Mi"
            limits:
              cpu: "2000m"
              memory: "1024Mi"
        - name: oauth2-proxy
          image: quay.io/pusher/oauth2_proxy:latest
          imagePullPolicy: Always
          args:
            - "--email-domain=*"
            - "--github-org=my-org"
            - "--github-team=my-team"
            - "--upstream=http://0.0.0.0:5678"
            - "--approval-prompt=auto"
            - "--redirect-url=https://n8n.demo.com/oauth2/callback"
            - "--cookie-secret=$(COOKIE_SECRET)"
            - "--cookie-secure=false"
            - "--cookie-refresh=1h"
            - "--cookie-name=_oauth2_proxy_n8n_demo_com"
            - "--provider=github"
            - "--client-id=$(OAUTH_CLIENT_ID)"
            - "--client-secret=$(OAUTH_SECRET_KEY)"
            - "--http-address=0.0.0.0:5679"
          envFrom:
            - secretRef:
                name: n8n
          ports:
            - containerPort: 5679
          resources:
            requests:
              cpu: "100m"
              memory: "64Mi"
            limits:
              cpu: "1000m"
              memory: "256Mi"
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: n8n

Kubernetes, DevSecOps, AWS, 클라우드 보안, 클라우드 비용관리, SaaS 의 활용과 내재화 등 소프트웨어 개발 전반에 도움이 필요하다면 도움을 요청하세요. 지인이라면 가볍게 도와드리겠습니다. 전문적인 도움이 필요하다면 저의 현업에 방해가 되지 않는 선에서 협의가능합니다.
follow me
Buy me a coffeeBuy me a coffee
×
Kubernetes, DevSecOps, AWS, 클라우드 보안, 클라우드 비용관리, SaaS 의 활용과 내재화 등 소프트웨어 개발 전반에 도움이 필요하다면 도움을 요청하세요. 지인이라면 가볍게 도와드리겠습니다. 전문적인 도움이 필요하다면 저의 현업에 방해가 되지 않는 선에서 협의가능합니다.
Latest Posts