diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7313cce --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +certmanager diff --git a/dashboard/README.md b/dashboard/README.md new file mode 100644 index 0000000..f5e4b3c --- /dev/null +++ b/dashboard/README.md @@ -0,0 +1,5 @@ +# Obtenir le token +Une fois tout déployé, sur le master: +``` +sudo k3s kubectl -n kubernetes-dashboard create token admin-user +``` diff --git a/dashboard/account.yaml b/dashboard/account.yaml new file mode 100644 index 0000000..f38e9e6 --- /dev/null +++ b/dashboard/account.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: admin-user + namespace: kubernetes-dashboard +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: admin-user +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: admin-user + namespace: kubernetes-dashboard + diff --git a/dashboard/dashboard-ingress.yaml b/dashboard/dashboard-ingress.yaml new file mode 100644 index 0000000..1f95beb --- /dev/null +++ b/dashboard/dashboard-ingress.yaml @@ -0,0 +1,21 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: kubernetes-dashboard-ingr + namespace: kubernetes-dashboard + annotations: + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" +spec: + ingressClassName: nginx + rules: + - host: k8s.sq.lan + http: + paths: + - pathType: Prefix + backend: + service: + name: kubernetes-dashboard + port: + number: 443 + path: / + diff --git a/dashboard/recommended.yaml b/dashboard/recommended.yaml new file mode 100644 index 0000000..fb32819 --- /dev/null +++ b/dashboard/recommended.yaml @@ -0,0 +1,306 @@ +# Copyright 2017 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: kubernetes-dashboard + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard + +--- + +kind: Service +apiVersion: v1 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +spec: + ports: + - port: 443 + targetPort: 8443 + selector: + k8s-app: kubernetes-dashboard + +--- + +apiVersion: v1 +kind: Secret +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-certs + namespace: kubernetes-dashboard +type: Opaque + +--- + +apiVersion: v1 +kind: Secret +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-csrf + namespace: kubernetes-dashboard +type: Opaque +data: + csrf: "" + +--- + +apiVersion: v1 +kind: Secret +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-key-holder + namespace: kubernetes-dashboard +type: Opaque + +--- + +kind: ConfigMap +apiVersion: v1 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard-settings + namespace: kubernetes-dashboard + +--- + +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +rules: + # Allow Dashboard to get, update and delete Dashboard exclusive secrets. + - apiGroups: [""] + resources: ["secrets"] + resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs", "kubernetes-dashboard-csrf"] + verbs: ["get", "update", "delete"] + # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map. + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["kubernetes-dashboard-settings"] + verbs: ["get", "update"] + # Allow Dashboard to get metrics. + - apiGroups: [""] + resources: ["services"] + resourceNames: ["heapster", "dashboard-metrics-scraper"] + verbs: ["proxy"] + - apiGroups: [""] + resources: ["services/proxy"] + resourceNames: ["heapster", "http:heapster:", "https:heapster:", "dashboard-metrics-scraper", "http:dashboard-metrics-scraper"] + verbs: ["get"] + +--- + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard +rules: + # Allow Metrics Scraper to get metrics from the Metrics server + - apiGroups: ["metrics.k8s.io"] + resources: ["pods", "nodes"] + verbs: ["get", "list", "watch"] + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubernetes-dashboard +subjects: + - kind: ServiceAccount + name: kubernetes-dashboard + namespace: kubernetes-dashboard + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubernetes-dashboard +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubernetes-dashboard +subjects: + - kind: ServiceAccount + name: kubernetes-dashboard + namespace: kubernetes-dashboard + +--- + +kind: Deployment +apiVersion: apps/v1 +metadata: + labels: + k8s-app: kubernetes-dashboard + name: kubernetes-dashboard + namespace: kubernetes-dashboard +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + k8s-app: kubernetes-dashboard + template: + metadata: + labels: + k8s-app: kubernetes-dashboard + spec: + securityContext: + seccompProfile: + type: RuntimeDefault + containers: + - name: kubernetes-dashboard + image: kubernetesui/dashboard:v2.5.0 + imagePullPolicy: Always + ports: + - containerPort: 8443 + protocol: TCP + args: + - --auto-generate-certificates + - --namespace=kubernetes-dashboard + # Uncomment the following line to manually specify Kubernetes API server Host + # If not specified, Dashboard will attempt to auto discover the API server and connect + # to it. Uncomment only if the default does not work. + # - --apiserver-host=http://my-address:port + volumeMounts: + - name: kubernetes-dashboard-certs + mountPath: /certs + # Create on-disk volume to store exec logs + - mountPath: /tmp + name: tmp-volume + livenessProbe: + httpGet: + scheme: HTTPS + path: / + port: 8443 + initialDelaySeconds: 30 + timeoutSeconds: 30 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsUser: 1001 + runAsGroup: 2001 + volumes: + - name: kubernetes-dashboard-certs + secret: + secretName: kubernetes-dashboard-certs + - name: tmp-volume + emptyDir: {} + serviceAccountName: kubernetes-dashboard + nodeSelector: + "kubernetes.io/os": linux + # Comment the following tolerations if Dashboard must not be deployed on master + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + +--- + +kind: Service +apiVersion: v1 +metadata: + labels: + k8s-app: dashboard-metrics-scraper + name: dashboard-metrics-scraper + namespace: kubernetes-dashboard +spec: + ports: + - port: 8000 + targetPort: 8000 + selector: + k8s-app: dashboard-metrics-scraper + +--- + +kind: Deployment +apiVersion: apps/v1 +metadata: + labels: + k8s-app: dashboard-metrics-scraper + name: dashboard-metrics-scraper + namespace: kubernetes-dashboard +spec: + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + k8s-app: dashboard-metrics-scraper + template: + metadata: + labels: + k8s-app: dashboard-metrics-scraper + spec: + securityContext: + seccompProfile: + type: RuntimeDefault + containers: + - name: dashboard-metrics-scraper + image: kubernetesui/metrics-scraper:v1.0.7 + ports: + - containerPort: 8000 + protocol: TCP + livenessProbe: + httpGet: + scheme: HTTP + path: / + port: 8000 + initialDelaySeconds: 30 + timeoutSeconds: 30 + volumeMounts: + - mountPath: /tmp + name: tmp-volume + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsUser: 1001 + runAsGroup: 2001 + serviceAccountName: kubernetes-dashboard + nodeSelector: + "kubernetes.io/os": linux + # Comment the following tolerations if Dashboard must not be deployed on master + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + volumes: + - name: tmp-volume + emptyDir: {} diff --git a/grafana/graf-deployment.yaml b/grafana/graf-deployment.yaml deleted file mode 100644 index 4292933..0000000 --- a/grafana/graf-deployment.yaml +++ /dev/null @@ -1,129 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - run: blackbox-exporter - name: blackbox-exporter - namespace: monitoring -spec: - replicas: 1 - selector: - matchLabels: - run: blackbox-exporter - template: - metadata: - labels: - run: blackbox-exporter - spec: - containers: - - image: prom/blackbox-exporter:master - name: blackbox-exporter - volumeMounts: - - mountPath: /etc/blackbox_exporter - name: blackbox-exporter - readOnly: true - restartPolicy: Always - volumes: - - name: blackbox-exporter - persistentVolumeClaim: - claimName: blackbox-exporter - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - run: grafana - name: grafana - namespace: monitoring -spec: - replicas: 1 - selector: - matchLabels: - run: grafana - template: - metadata: - labels: - run: grafana - spec: - initContainers: - - name: volume-mount-hack - image: busybox:1.28 - command: ["sh", "-c", "chown -R 472:472 /etc/grafana && chown -R 472:472 /var/lib/grafana"] - volumeMounts: - - mountPath: /var/lib/grafana - readOnly: false - name: grafana-data - - mountPath: /etc/grafana - readOnly: false - name: grafana-conf - volumes: - - name: grafana-data - persistentVolumeClaim: - claimName: grafana-data - - name: grafana-conf - persistentVolumeClaim: - claimName: grafana-conf - - containers: - - image: grafana/grafana - name: grafana - volumeMounts: - - mountPath: /var/lib/grafana - readOnly: false - name: grafana-data - - mountPath: /etc/grafana - readOnly: false - name: grafana-conf - restartPolicy: Always - volumes: - - name: grafana-data - persistentVolumeClaim: - claimName: grafana-data - - name: grafana-conf - persistentVolumeClaim: - claimName: grafana-conf - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - run: prometheus - name: prometheus - namespace: monitoring -spec: - replicas: 1 - selector: - matchLabels: - run: prometheus - template: - metadata: - labels: - run: prometheus - spec: - containers: - - args: - - --storage.tsdb.retention.time=1y - - --config.file=/etc/prometheus/prometheus.yml - image: prom/prometheus - name: prometheus - ports: - - containerPort: 9090 - volumeMounts: - - mountPath: /etc/prometheus - readOnly: true - name: prometheus - - mountPath: /prometheus/data - readOnly: false - name: prometheus-data - restartPolicy: Always - volumes: - - name: prometheus - persistentVolumeClaim: - claimName: prometheus - - name: prometheus-data - persistentVolumeClaim: - claimName: prometheus-data - - diff --git a/grafana/graf-rbac.yaml b/grafana/graf-rbac.yaml deleted file mode 100644 index d91fbbf..0000000 --- a/grafana/graf-rbac.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: prometheus - namespace: monitoring -rules: -- apiGroups: [""] - resources: - - nodes - - nodes/proxy - - services - - endpoints - - pods - verbs: ["get", "list", "watch"] -- apiGroups: - - extensions - resources: - - ingresses - verbs: ["get", "list", "watch"] -- nonResourceURLs: ["/metrics"] - verbs: ["get"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: prometheus -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: prometheus -subjects: -- kind: ServiceAccount - name: default - namespace: monitoring diff --git a/grafana/graf-services.yaml b/grafana/graf-services.yaml deleted file mode 100644 index 5054652..0000000 --- a/grafana/graf-services.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - run: grafana - name: grafana - namespace: monitoring -spec: - ports: - - name: "grafweb" - port: 80 - targetPort: 3000 - selector: - run: grafana - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - run: prometheus - name: prometheus - namespace: monitoring -spec: - ports: - - name: "prom" - port: 9090 - targetPort: 9090 - selector: - run: prometheus - type: LoadBalancer - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - run: blackbox-exporter - name: blackbox-exporter - namespace: monitoring -spec: - ports: - - name: "bbox" - port: 9115 - targetPort: 9115 - selector: - run: blackbox-exporter - - diff --git a/grafana/grafana-pvc.yaml b/grafana/grafana-pvc.yaml deleted file mode 100644 index 957d199..0000000 --- a/grafana/grafana-pvc.yaml +++ /dev/null @@ -1,75 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: blackbox-exporter - namespace: monitoring -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 10Gi - volumeName: blackbox-exporter - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: grafana-data - namespace: monitoring -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 50Gi - volumeName: grafana-data - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: grafana-conf - namespace: monitoring -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 10Gi - volumeName: grafana-conf - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: prometheus - namespace: monitoring -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 10Gi - volumeName: prometheus - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: prometheus-data - namespace: monitoring -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 10Gi - volumeName: prometheus-data - diff --git a/grafana/grafana-volumeclaims.yaml b/grafana/grafana-volumeclaims.yaml deleted file mode 100644 index cb7a5dd..0000000 --- a/grafana/grafana-volumeclaims.yaml +++ /dev/null @@ -1,85 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: blackbox-exporter - namespace: monitoring -spec: - capacity: - storage: 10Gi - accessModes: - - ReadWriteMany - nfs: - server: nas.sq.lan - path: "/swarmdata/grafana/blackbox" - mountOptions: - - nfsvers=4.2 - ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: grafana-data - namespace: monitoring -spec: - capacity: - storage: 50Gi - accessModes: - - ReadWriteMany - nfs: - server: nas.sq.lan - path: "/swarmdata/grafana/grafana-data" - mountOptions: - - nfsvers=4.2 - ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: grafana-conf - namespace: monitoring -spec: - capacity: - storage: 10Gi - accessModes: - - ReadWriteMany - nfs: - server: nas.sq.lan - path: "/swarmdata/grafana/grafana-conf" - mountOptions: - - nfsvers=4.2 - ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: prometheus - namespace: monitoring -spec: - capacity: - storage: 10Gi - accessModes: - - ReadWriteMany - nfs: - server: nas.sq.lan - path: "/swarmdata/grafana/prometheus-conf" - mountOptions: - - nfsvers=4.2 - ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: prometheus-data - namespace: monitoring -spec: - capacity: - storage: 30Gi - accessModes: - - ReadWriteMany - nfs: - server: nas.sq.lan - path: "/swarmdata/grafana/prometheus-data" - mountOptions: - - nfsvers=4.2 - diff --git a/grafana/monitoring-ns.yaml b/grafana/monitoring-ns.yaml deleted file mode 100644 index d325236..0000000 --- a/grafana/monitoring-ns.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: monitoring diff --git a/grafana/prom-state-metrics/crole.yaml b/grafana/prom-state-metrics/crole.yaml deleted file mode 100644 index 859e901..0000000 --- a/grafana/prom-state-metrics/crole.yaml +++ /dev/null @@ -1,109 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: exporter - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/version: 2.3.0 - name: kube-state-metrics -rules: -- apiGroups: - - "" - resources: - - configmaps - - secrets - - nodes - - pods - - services - - resourcequotas - - replicationcontrollers - - limitranges - - persistentvolumeclaims - - persistentvolumes - - namespaces - - endpoints - verbs: - - list - - watch -- apiGroups: - - apps - resources: - - statefulsets - - daemonsets - - deployments - - replicasets - verbs: - - list - - watch -- apiGroups: - - batch - resources: - - cronjobs - - jobs - verbs: - - list - - watch -- apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - list - - watch -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - list - - watch -- apiGroups: - - certificates.k8s.io - resources: - - certificatesigningrequests - verbs: - - list - - watch -- apiGroups: - - storage.k8s.io - resources: - - storageclasses - - volumeattachments - verbs: - - list - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations - verbs: - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - - networkpolicies - - ingresses - verbs: - - list - - watch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - list - - watch diff --git a/grafana/prom-state-metrics/depl.yaml b/grafana/prom-state-metrics/depl.yaml deleted file mode 100644 index ae00aac..0000000 --- a/grafana/prom-state-metrics/depl.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: exporter - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/version: 2.3.0 - name: kube-state-metrics - namespace: monitoring -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: kube-state-metrics - template: - metadata: - labels: - app.kubernetes.io/component: exporter - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/version: 2.3.0 - spec: - automountServiceAccountToken: true - containers: - - image: k8s.gcr.io/kube-state-metrics/kube-state-metrics:v2.3.0 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 8080 - initialDelaySeconds: 5 - timeoutSeconds: 5 - name: kube-state-metrics - ports: - - containerPort: 8080 - name: http-metrics - - containerPort: 8081 - name: telemetry - readinessProbe: - httpGet: - path: / - port: 8081 - initialDelaySeconds: 5 - timeoutSeconds: 5 - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true - runAsUser: 65534 - nodeSelector: - kubernetes.io/os: linux - serviceAccountName: kube-state-metrics diff --git a/grafana/prom-state-metrics/rbac.yaml b/grafana/prom-state-metrics/rbac.yaml deleted file mode 100644 index 0a5bc26..0000000 --- a/grafana/prom-state-metrics/rbac.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: exporter - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/version: 2.3.0 - name: kube-state-metrics -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kube-state-metrics -subjects: -- kind: ServiceAccount - name: kube-state-metrics - namespace: monitoring diff --git a/grafana/prom-state-metrics/svc.yaml b/grafana/prom-state-metrics/svc.yaml deleted file mode 100644 index 367ea7f..0000000 --- a/grafana/prom-state-metrics/svc.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: exporter - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/version: 2.3.0 - name: kube-state-metrics - namespace: monitoring -spec: - type: LoadBalancer - ports: - - name: http-metrics - port: 8080 - targetPort: http-metrics - - name: telemetry - port: 8081 - targetPort: telemetry - selector: - app.kubernetes.io/name: kube-state-metrics diff --git a/grafana/prom-state-metrics/svcaccount.yaml b/grafana/prom-state-metrics/svcaccount.yaml deleted file mode 100644 index 92ccc13..0000000 --- a/grafana/prom-state-metrics/svcaccount.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -automountServiceAccountToken: false -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: exporter - app.kubernetes.io/name: kube-state-metrics - app.kubernetes.io/version: 2.3.0 - name: kube-state-metrics - namespace: monitoring diff --git a/persosite/site-deployment.yaml b/persosite/site-deployment.yaml new file mode 100644 index 0000000..afe9a2e --- /dev/null +++ b/persosite/site-deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + run: site + name: site +spec: + replicas: 1 + selector: + matchLabels: + run: site + template: + metadata: + labels: + run: site + spec: + containers: + - image: nginx:latest + name: site + imagePullPolicy: "Always" + volumeMounts: + - mountPath: /usr/share/nginx/html + name: site + restartPolicy: Always + volumes: + - name: site + persistentVolumeClaim: + claimName: site diff --git a/grafana/graf-ingress.yaml b/persosite/site-ingress.yaml similarity index 72% rename from grafana/graf-ingress.yaml rename to persosite/site-ingress.yaml index ce9d96f..da0b39e 100644 --- a/grafana/graf-ingress.yaml +++ b/persosite/site-ingress.yaml @@ -1,18 +1,17 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: grafana-ingr - namespace: monitoring + name: site-ingr spec: ingressClassName: nginx rules: - - host: graf.squi.fr + - host: justinepelletreau.com http: paths: - pathType: Prefix backend: service: - name: grafana + name: site port: number: 80 path: / diff --git a/persosite/site-persistentvolumes.yaml b/persosite/site-persistentvolumes.yaml new file mode 100644 index 0000000..2473e93 --- /dev/null +++ b/persosite/site-persistentvolumes.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: site +spec: + capacity: + storage: 10Gi + accessModes: + - ReadWriteMany + nfs: + server: nas.sq.lan + path: "/swarmdata/personnalsite" + mountOptions: + - nfsvers=4.2 + diff --git a/persosite/site-pvc.yaml b/persosite/site-pvc.yaml new file mode 100644 index 0000000..1ecbf49 --- /dev/null +++ b/persosite/site-pvc.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: site +spec: + accessModes: + - ReadWriteMany + storageClassName: "" + resources: + requests: + storage: 10Gi + volumeName: site diff --git a/persosite/site-service.yaml b/persosite/site-service.yaml new file mode 100644 index 0000000..bf08bb5 --- /dev/null +++ b/persosite/site-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + run: site + name: site +spec: + ports: + - name: "site" + port: 80 + targetPort: 80 + selector: + run: site diff --git a/sqnotes/ingr.yml b/sqnotes/notes-ingress.yaml similarity index 85% rename from sqnotes/ingr.yml rename to sqnotes/notes-ingress.yaml index 692fc04..0e7982b 100644 --- a/sqnotes/ingr.yml +++ b/sqnotes/notes-ingress.yaml @@ -2,8 +2,9 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: notes-ingr + annotations: + kubernetes.io/ingress.class: "nginx" spec: - ingressClassName: nginx rules: - host: notes.squi.fr http: diff --git a/testpod/testpod-depl.yaml b/testpod/testpod-depl.yaml new file mode 100644 index 0000000..a57ae6d --- /dev/null +++ b/testpod/testpod-depl.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: dnsutils + namespace: default +spec: + nodeName: swarm2 + containers: + - name: dnsutils + image: k8s.gcr.io/e2e-test-images/jessie-dnsutils:1.3 + command: + - sleep + - "3600" + imagePullPolicy: IfNotPresent + restartPolicy: Always