From a68cd66ae38fa673eb0fa5af2b76ffc5817f49e0 Mon Sep 17 00:00:00 2001 From: Ederson Torresini Date: Wed, 25 Nov 2020 03:00:22 +0000 Subject: [PATCH] =?UTF-8?q?Aplicar=20boas=20pr=C3=A1ticas=20#5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Até o serviço mediawiki. --- srv/awx/awx.yaml | 2 +- srv/bareos/bareos-webui.yaml | 2 +- srv/externos/campus-continente/Makefile | 7 + srv/externos/campus-continente/bareos-sd.yaml | 153 +++++++++++ .../bareos_sd/Deployment.yaml | 50 ---- .../campus-continente/bareos_sd/Makefile | 17 -- .../bareos_sd/PersistentVolume.yaml | 44 --- .../bareos_sd/PersistentVolumeClaim.yaml | 29 -- .../campus-continente/bareos_sd/Service.yaml | 21 -- srv/externos/campus-jaragua-gw/Makefile | 7 + srv/externos/campus-jaragua-gw/netbox.yaml | 251 +++++++++++++++++ .../campus-jaragua-gw/netbox/ConfigMap.yaml | 33 --- .../campus-jaragua-gw/netbox/Deployment.yaml | 99 ------- .../campus-jaragua-gw/netbox/Ingress.yaml | 46 ---- .../campus-jaragua-gw/netbox/Makefile | 21 -- .../netbox/PersistentVolume.yaml | 19 -- .../netbox/PersistentVolumeClaim.yaml | 11 - .../campus-jaragua-gw/netbox/Service.yaml | 14 - srv/fogproject/Deployment.yaml | 39 --- srv/fogproject/Ingress.yaml | 30 --- srv/fogproject/Makefile | 14 +- srv/fogproject/PersistentVolume.yaml | 63 ----- srv/fogproject/PersistentVolumeClaim.yaml | 45 ---- srv/fogproject/README.md | 4 - srv/fogproject/Service.yaml | 18 -- srv/fogproject/fogproject.yaml | 209 +++++++++++++++ srv/kubernetes-dashboard/Ingress.yaml | 20 -- srv/kubernetes-dashboard/Makefile | 9 - srv/kubernetes-dashboard/README.md | 13 - srv/ldap_config/ConfigMap.yaml | 82 ------ srv/ldap_config/Makefile | 6 +- srv/ldap_config/README.md | 6 +- srv/ldap_config/ldap_config.yaml | 82 ++++++ srv/matlab/Deployment.yaml | 104 -------- srv/matlab/HorizontalPodAutoscaler.yaml | 18 -- srv/matlab/Makefile | 14 +- srv/matlab/PersistentVolume.yaml | 60 ----- srv/matlab/PersistentVolumeClaim.yaml | 45 ---- srv/matlab/README.md | 2 - srv/matlab/Service.yaml | 21 -- srv/matlab/matlab.yaml | 252 ++++++++++++++++++ srv/mediawiki/Deployment.yaml | 121 --------- srv/mediawiki/Ingress.yaml | 19 -- srv/mediawiki/Makefile | 20 +- srv/mediawiki/PersistentVolume.yaml | 41 --- srv/mediawiki/PersistentVolumeClaim.yaml | 29 -- srv/mediawiki/Service.yaml | 31 --- srv/mediawiki/mediawiki.yaml | 249 +++++++++++++++++ srv/moodle/moodle.yaml | 2 +- srv/netbox/netbox.yaml | 2 +- srv/www/www.yaml | 4 +- 51 files changed, 1229 insertions(+), 1271 deletions(-) create mode 100644 srv/externos/campus-continente/Makefile create mode 100644 srv/externos/campus-continente/bareos-sd.yaml delete mode 100644 srv/externos/campus-continente/bareos_sd/Deployment.yaml delete mode 100644 srv/externos/campus-continente/bareos_sd/Makefile delete mode 100644 srv/externos/campus-continente/bareos_sd/PersistentVolume.yaml delete mode 100644 srv/externos/campus-continente/bareos_sd/PersistentVolumeClaim.yaml delete mode 100644 srv/externos/campus-continente/bareos_sd/Service.yaml create mode 100644 srv/externos/campus-jaragua-gw/Makefile create mode 100644 srv/externos/campus-jaragua-gw/netbox.yaml delete mode 100644 srv/externos/campus-jaragua-gw/netbox/ConfigMap.yaml delete mode 100644 srv/externos/campus-jaragua-gw/netbox/Deployment.yaml delete mode 100644 srv/externos/campus-jaragua-gw/netbox/Ingress.yaml delete mode 100644 srv/externos/campus-jaragua-gw/netbox/Makefile delete mode 100644 srv/externos/campus-jaragua-gw/netbox/PersistentVolume.yaml delete mode 100644 srv/externos/campus-jaragua-gw/netbox/PersistentVolumeClaim.yaml delete mode 100644 srv/externos/campus-jaragua-gw/netbox/Service.yaml delete mode 100644 srv/fogproject/Deployment.yaml delete mode 100644 srv/fogproject/Ingress.yaml delete mode 100644 srv/fogproject/PersistentVolume.yaml delete mode 100644 srv/fogproject/PersistentVolumeClaim.yaml delete mode 100644 srv/fogproject/README.md delete mode 100644 srv/fogproject/Service.yaml create mode 100644 srv/fogproject/fogproject.yaml delete mode 100644 srv/kubernetes-dashboard/Ingress.yaml delete mode 100644 srv/kubernetes-dashboard/Makefile delete mode 100644 srv/kubernetes-dashboard/README.md delete mode 100644 srv/ldap_config/ConfigMap.yaml create mode 100644 srv/ldap_config/ldap_config.yaml delete mode 100644 srv/matlab/Deployment.yaml delete mode 100644 srv/matlab/HorizontalPodAutoscaler.yaml delete mode 100644 srv/matlab/PersistentVolume.yaml delete mode 100644 srv/matlab/PersistentVolumeClaim.yaml delete mode 100644 srv/matlab/README.md delete mode 100644 srv/matlab/Service.yaml create mode 100644 srv/matlab/matlab.yaml delete mode 100644 srv/mediawiki/Deployment.yaml delete mode 100644 srv/mediawiki/Ingress.yaml delete mode 100644 srv/mediawiki/PersistentVolume.yaml delete mode 100644 srv/mediawiki/PersistentVolumeClaim.yaml delete mode 100644 srv/mediawiki/Service.yaml create mode 100644 srv/mediawiki/mediawiki.yaml diff --git a/srv/awx/awx.yaml b/srv/awx/awx.yaml index db9164b..fcc0247 100644 --- a/srv/awx/awx.yaml +++ b/srv/awx/awx.yaml @@ -35,7 +35,7 @@ spec: storageClassName: awx-postgresql --- -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: diff --git a/srv/bareos/bareos-webui.yaml b/srv/bareos/bareos-webui.yaml index bf61bdd..ea35cb7 100644 --- a/srv/bareos/bareos-webui.yaml +++ b/srv/bareos/bareos-webui.yaml @@ -35,7 +35,7 @@ spec: storageClassName: pv-bareos-webui --- -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: diff --git a/srv/externos/campus-continente/Makefile b/srv/externos/campus-continente/Makefile new file mode 100644 index 0000000..1bf1625 --- /dev/null +++ b/srv/externos/campus-continente/Makefile @@ -0,0 +1,7 @@ +all: delete create + +delete: + kubectl delete -f bareos-sd.yaml + +create: + kubectl create -f bareos-sd.yaml diff --git a/srv/externos/campus-continente/bareos-sd.yaml b/srv/externos/campus-continente/bareos-sd.yaml new file mode 100644 index 0000000..f7d8761 --- /dev/null +++ b/srv/externos/campus-continente/bareos-sd.yaml @@ -0,0 +1,153 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv-bareos-sd-continente-conf +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/externos/continente/bareos-sd-continente + secretRef: + name: ceph-secret + user: admin + storageClassName: pv-bareos-sd-continente-conf + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv-bareos-sd-continente-bkp +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1000Gi + iscsi: + chapAuthDiscovery: true + chapAuthSession: true + fsType: ext4 + initiatorName: "iqn.2019-06.pv-bareos-sd-continente:00:2955d7e72762" + iqn: "iqn.1992-04.com.emc:cx.ckm00123700157.a4" + iscsiInterface: default + lun: 0 + readOnly: false + secretRef: + name: chap-secret-pv-bareos-sd + targetPortal: "172.18.31.1:3260" + storageClassName: pv-bareos-sd-continente-bkp + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: pv-bareos-sd-continente-conf + name: pv-bareos-sd-continente-conf + namespace: continente +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: pv-bareos-sd-continente-conf + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: pv-bareos-sd-continente-bkp + name: pv-bareos-sd-continente-bkp + namespace: continente +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1000Gi + storageClassName: pv-bareos-sd-continente-bkp + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: svc-bareos-sd-continente + name: svc-bareos-sd-continente + namespace: continente +spec: + externalIPs: + - "191.36.8.1" + - "191.36.8.4" + - "191.36.8.6" + - "191.36.8.7" + - "191.36.8.25" + ports: + - name: bareos + port: 9113 + protocol: TCP + targetPort: 9103 + selector: + app: bareos-sd-continente + type: LoadBalancer + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: bareos-sd-continente + name: bareos-sd-continente + namespace: continente +spec: + selector: + matchLabels: + app: bareos-sd-continente + template: + metadata: + labels: + app: bareos-sd-continente + spec: + containers: + - env: + - name: BAREOS_SD_PASSWORD + valueFrom: + secretKeyRef: + key: bareos-sd-password + name: bareos-sd-password + - name: TZ + value: America/Sao_Paulo + image: "barcus/bareos-storage:17.2" + name: bareos-sd-continente + ports: + - containerPort: 9103 + name: bareos + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 1 + memory: 1Gi + volumeMounts: + - mountPath: /var/lib/bareos/storage + name: pv-bareos-sd-continente-bkp + - mountPath: /etc/bareos + name: pv-bareos-sd-continente-conf + volumes: + - name: bareos-sd-password + secret: + secretName: bareos-sd-password + - name: pv-bareos-sd-continente-bkp + persistentVolumeClaim: + claimName: pv-bareos-sd-continente-bkp + - name: pv-bareos-sd-continente-conf + persistentVolumeClaim: + claimName: pv-bareos-sd-continente-conf diff --git a/srv/externos/campus-continente/bareos_sd/Deployment.yaml b/srv/externos/campus-continente/bareos_sd/Deployment.yaml deleted file mode 100644 index 68c016c..0000000 --- a/srv/externos/campus-continente/bareos_sd/Deployment.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: bareos-sd-continente - labels: - app: bareos-sd-continente -spec: - replicas: 1 - template: - metadata: - labels: - app: bareos-sd-continente - spec: - containers: - - name: bareos-sd-continente - image: barcus/bareos-storage:17.2 - env: - - name: BAREOS_SD_PASSWORD - valueFrom: - secretKeyRef: - name: bareos-sd-password - key: bareos-sd-password - - name: TZ - value: "America/Sao_Paulo" - ports: - - name: bareos - containerPort: 9103 - resources: - requests: - cpu: 1 - memory: 1Gi - limits: - cpu: 2 - memory: 2Gi - volumeMounts: - - name: pv-bareos-sd-continente-bkp - mountPath: /var/lib/bareos/storage - - name: pv-bareos-sd-continente-conf - mountPath: /etc/bareos - volumes: - - name: bareos-sd-password - secret: - secretName: bareos-sd-password - - name: pv-bareos-sd-continente-bkp - persistentVolumeClaim: - claimName: pv-bareos-sd-continente-bkp - - name: pv-bareos-sd-continente-conf - persistentVolumeClaim: - claimName: pv-bareos-sd-continente-conf - diff --git a/srv/externos/campus-continente/bareos_sd/Makefile b/srv/externos/campus-continente/bareos_sd/Makefile deleted file mode 100644 index 29a458a..0000000 --- a/srv/externos/campus-continente/bareos_sd/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -all: delete create - -namespace = continente - -delete: - kubectl delete --namespace=$(namespace) -f Service.yaml - kubectl delete --namespace=$(namespace) -f Deployment.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolume.yaml - kubectl delete --namespace=$(namespace) -f Secret.yaml - -create: - kubectl create --namespace=$(namespace) -f Secret.yaml - kubectl create --namespace=$(namespace) -f PersistentVolume.yaml - kubectl create --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl create --namespace=$(namespace) -f Deployment.yaml - kubectl create --namespace=$(namespace) -f Service.yaml diff --git a/srv/externos/campus-continente/bareos_sd/PersistentVolume.yaml b/srv/externos/campus-continente/bareos_sd/PersistentVolume.yaml deleted file mode 100644 index 737c216..0000000 --- a/srv/externos/campus-continente/bareos_sd/PersistentVolume.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: pv-bareos-sd-continente-conf -spec: - capacity: - storage: 1Gi - storageClassName: pv-bareos-sd-continente-conf - accessModes: - - ReadWriteOnce - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/externos/continente/bareos-sd-continente - user: admin - secretRef: - name: ceph-secret - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: pv-bareos-sd-continente-bkp -spec: - capacity: - storage: 1000Gi - accessModes: - - ReadWriteOnce - iscsi: - targetPortal: 172.18.31.1:3260 - iscsiInterface: default - iqn: iqn.1992-04.com.emc:cx.ckm00123700157.a4 - lun: 0 - initiatorName: iqn.2019-06.pv-bareos-sd-continente:00:2955d7e72762 - fsType: ext4 - readOnly: false - chapAuthDiscovery: true - chapAuthSession: true - secretRef: - name: chap-secret-pv-bareos-sd - storageClassName: pv-bareos-sd-continente-bkp diff --git a/srv/externos/campus-continente/bareos_sd/PersistentVolumeClaim.yaml b/srv/externos/campus-continente/bareos_sd/PersistentVolumeClaim.yaml deleted file mode 100644 index 05ac73f..0000000 --- a/srv/externos/campus-continente/bareos_sd/PersistentVolumeClaim.yaml +++ /dev/null @@ -1,29 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: pv-bareos-sd-continente-conf - labels: - app: pv-bareos-sd-continente-conf -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: pv-bareos-sd-continente-conf - ---- - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: pv-bareos-sd-continente-bkp - labels: - app: pv-bareos-sd-continente-bkp -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1000Gi - storageClassName: pv-bareos-sd-continente-bkp \ No newline at end of file diff --git a/srv/externos/campus-continente/bareos_sd/Service.yaml b/srv/externos/campus-continente/bareos_sd/Service.yaml deleted file mode 100644 index 1738668..0000000 --- a/srv/externos/campus-continente/bareos_sd/Service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: svc-bareos-sd-continente - name: svc-bareos-sd-continente -spec: - externalIPs: - - "191.36.8.1" - - "191.36.8.4" - - "191.36.8.6" - - "191.36.8.7" - - "191.36.8.25" - ports: - - name: bareos - port: 9113 - protocol: TCP - targetPort: 9103 - selector: - app: bareos-sd-continente - type: LoadBalancer diff --git a/srv/externos/campus-jaragua-gw/Makefile b/srv/externos/campus-jaragua-gw/Makefile new file mode 100644 index 0000000..d5f5bc4 --- /dev/null +++ b/srv/externos/campus-jaragua-gw/Makefile @@ -0,0 +1,7 @@ +all: delete create + +delete: + kubectl delete -f netbox.yaml + +create: + kubectl create -f netbox.yaml diff --git a/srv/externos/campus-jaragua-gw/netbox.yaml b/srv/externos/campus-jaragua-gw/netbox.yaml new file mode 100644 index 0000000..b3a23ce --- /dev/null +++ b/srv/externos/campus-jaragua-gw/netbox.yaml @@ -0,0 +1,251 @@ +apiVersion: v1 +data: + nginx.conf: |- + events { + worker_connections 1024; + } + http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + server_tokens off; + gzip on; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + server { + listen 80 default_server; + server_name localhost; + location /static/ { + alias /opt/netbox/netbox/static/; + } + location / { + proxy_pass http://127.0.0.1:8001/; + add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"'; + } + } + } +kind: ConfigMap +metadata: + name: netbox-nginx-conf + namespace: jaragua-do-sul-rau + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: netbox-postgresql-jaragua-rau +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 2Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/externos/jaragua-rau/postgresql/base + secretRef: + name: ceph-secret + user: admin + storageClassName: netbox-postgresql-jaragua-rau + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: netbox-postgresql-base + namespace: jaragua-do-sul-rau +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: netbox-postgresql-jaragua-rau + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/whitelist-source-range: "191.36.0.0/17,2804:1454::/32,172.30.0.0/24,172.18.0.0/18" + name: netbox + namespace: jaragua-do-sul-rau +spec: + rules: + - host: netboxgw.sj.ifsc.edu.br + http: + paths: + - backend: + serviceName: netbox + servicePort: 80 + path: / + tls: + - hosts: + - netboxgw.sj.ifsc.edu.br + secretName: tls-ifsc-sje-wildcard + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/rewrite-target: "https://netboxrau.sj.ifsc.edu.br" + nginx.ingress.kubernetes.io/secure-backends: "true" + name: gtampto + namespace: jaragua-do-sul-rau +spec: + rules: + - host: netbox.gw.ifsc.edu.br + http: + paths: + - backend: + serviceName: netbox + servicePort: 80 + path: / + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: netbox + name: netbox + namespace: jaragua-do-sul-rau +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: netbox + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: netbox + namespace: jaragua-do-sul-rau +spec: + selector: + matchLabels: + app: netbox + template: + metadata: + labels: + app: netbox + spec: + containers: + - env: + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgresql_password + name: netbox-secret + - name: POSTGRES_DB + value: netbox + image: "postgres:9.6" + name: netbox-postgresql + resources: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 128m + memory: 64Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data/pgdata + name: netbox-postgresql-base + - env: + - name: SUPERUSER_NAME + value: admin + - name: SUPERUSER_EMAIL + value: ti.gw@@.ifsc.edu.br + - name: SUPERUSER_PASSWORD + valueFrom: + secretKeyRef: + key: netbox_superuser_password + name: netbox-secret + - name: ALLOWED_HOSTS + value: "*" + - name: DB_NAME + value: netbox + - name: DB_USER + value: postgres + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + key: netbox_db_password + name: netbox-secret + - name: DB_HOST + value: localhost + - name: DB_PORT + value: "5432" + - name: NETBOX_USERNAME + value: admin + - name: NETBOX_PASSWORD + valueFrom: + secretKeyRef: + key: netbox_password + name: netbox-secret + - name: SECRET_KEY + valueFrom: + secretKeyRef: + key: netbox_secret_key + name: netbox-secret + image: netboxcommunity/netbox + name: netbox-netbox + resources: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 128m + memory: 1Gi + volumeMounts: + - mountPath: /opt/netbox/netbox/static + name: netbox-netbox-static + - image: "nginx:1.13.1" + livenessProbe: + httpGet: + path: / + port: 80 + initialDelaySeconds: 30 + timeoutSeconds: 1 + name: netbox-nginx + ports: + - containerPort: 80 + resources: + limits: + cpu: 1 + memory: 128Mi + requests: + cpu: 128m + memory: 32Mi + volumeMounts: + - mountPath: /etc/nginx/nginx.conf + name: netbox-nginx-conf + readOnly: true + subPath: nginx.conf + - mountPath: /opt/netbox/netbox/static + name: netbox-netbox-static + volumes: + - name: netbox-secret + secret: + secretName: netbox-secret + - name: netbox-postgresql-base + persistentVolumeClaim: + claimName: netbox-postgresql-base + - configMap: + name: netbox-nginx-conf + name: netbox-nginx-conf + - emptyDir: {} + name: netbox-netbox-static diff --git a/srv/externos/campus-jaragua-gw/netbox/ConfigMap.yaml b/srv/externos/campus-jaragua-gw/netbox/ConfigMap.yaml deleted file mode 100644 index d1e2c70..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/ConfigMap.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: netbox-nginx-conf -data: - nginx.conf: |- - events { - worker_connections 1024; - } - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - sendfile on; - tcp_nopush on; - tcp_nodelay on; - server_tokens off; - gzip on; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $server_name; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - server { - listen 80 default_server; - server_name localhost; - location /static/ { - alias /opt/netbox/netbox/static/; - } - location / { - proxy_pass http://127.0.0.1:8001/; - add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"'; - } - } - } diff --git a/srv/externos/campus-jaragua-gw/netbox/Deployment.yaml b/srv/externos/campus-jaragua-gw/netbox/Deployment.yaml deleted file mode 100644 index 4a74487..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/Deployment.yaml +++ /dev/null @@ -1,99 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: netbox -spec: - replicas: 1 - template: - metadata: - labels: - app: netbox - spec: - containers: - - image: postgres:9.6 - name: netbox-postgresql - env: - - name: PGDATA - value: "/var/lib/postgresql/data/pgdata" - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: netbox-secret - key: postgresql_password - - name: POSTGRES_DB - value: "netbox" - volumeMounts: - - name: netbox-postgresql-base - mountPath: "/var/lib/postgresql/data/pgdata" - - image: netboxcommunity/netbox - name: netbox-netbox - env: - - name: SUPERUSER_NAME - value: "admin" - - name: SUPERUSER_EMAIL - value: "ti.gw@@.ifsc.edu.br" - - name: SUPERUSER_PASSWORD - valueFrom: - secretKeyRef: - name: netbox-secret - key: netbox_superuser_password - - name: ALLOWED_HOSTS - value: "*" - - name: DB_NAME - value: "netbox" - - name: DB_USER - value: "postgres" - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: netbox-secret - key: netbox_db_password - - name: DB_HOST - value: "localhost" - - name: DB_PORT - value: "5432" - - name: NETBOX_USERNAME - value: "admin" - - name: NETBOX_PASSWORD - valueFrom: - secretKeyRef: - name: netbox-secret - key: netbox_password - - name: SECRET_KEY - valueFrom: - secretKeyRef: - name: netbox-secret - key: netbox_secret_key - volumeMounts: - - name: netbox-netbox-static - mountPath: /opt/netbox/netbox/static - - image: nginx:1.13.1 - name: netbox-nginx - livenessProbe: - httpGet: - path: / - port: 80 - initialDelaySeconds: 30 - timeoutSeconds: 1 - ports: - - containerPort: 80 - volumeMounts: - - name: netbox-nginx-conf - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - readOnly: true - - name: netbox-netbox-static - mountPath: /opt/netbox/netbox/static - restartPolicy: Always - volumes: - - name: netbox-secret - secret: - secretName: netbox-secret - - name: netbox-postgresql-base - persistentVolumeClaim: - claimName: netbox-postgresql-base - - name: netbox-nginx-conf - configMap: - name: netbox-nginx-conf - - name: netbox-netbox-static - emptyDir: {} \ No newline at end of file diff --git a/srv/externos/campus-jaragua-gw/netbox/Ingress.yaml b/srv/externos/campus-jaragua-gw/netbox/Ingress.yaml deleted file mode 100644 index dd1a709..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/Ingress.yaml +++ /dev/null @@ -1,46 +0,0 @@ -kind: Ingress -apiVersion: extensions/v1beta1 -metadata: - name: netbox - annotations: - # Solução para pedir usuário e senha para acessar: - # https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/auth - # type of authentication - # nginx.ingress.kubernetes.io/auth-type: basic - # name of the secret that contains the user/password definitions - # nginx.ingress.kubernetes.io/auth-secret: basic-auth - # message to display with an appropiate context why the authentication is required - # nginx.ingress.kubernetes.io/auth-realm: "Authentication Required - Netbox SJE" - # - # Solução para liberar somente à redes definidas - nginx.ingress.kubernetes.io/whitelist-source-range: "191.36.0.0/17,2804:1454::/32,172.30.0.0/24,172.18.0.0/18" -spec: - tls: - - hosts: - - netboxgw.sj.ifsc.edu.br - secretName: tls-ifsc-sje-wildcard - rules: - - host: netboxgw.sj.ifsc.edu.br - http: - paths: - - path: / - backend: - serviceName: netbox - servicePort: 80 ---- -kind: Ingress -apiVersion: extensions/v1beta1 -metadata: - name: gtampto - annotations: - nginx.ingress.kubernetes.io/rewrite-target: 'https://netboxrau.sj.ifsc.edu.br' - nginx.ingress.kubernetes.io/secure-backends: "true" -spec: - rules: - - host: netbox.gw.ifsc.edu.br - http: - paths: - - path: / - backend: - serviceName: netbox - servicePort: 80 \ No newline at end of file diff --git a/srv/externos/campus-jaragua-gw/netbox/Makefile b/srv/externos/campus-jaragua-gw/netbox/Makefile deleted file mode 100644 index 8828177..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -all: delete create - -namespace = jaragua-do-sul-rau - -delete: - kubectl delete --namespace=$(namespace) -f Ingress.yaml - kubectl delete --namespace=$(namespace) -f Deployment.yaml - kubectl delete --namespace=$(namespace) -f Service.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolume.yaml - kubectl delete --namespace=$(namespace) -f ConfigMap.yaml - kubectl delete --namespace=$(namespace) -f Secret.yaml - -create: - kubectl create --namespace=$(namespace) -f Secret.yaml - kubectl create --namespace=$(namespace) -f ConfigMap.yaml - kubectl create --namespace=$(namespace) -f PersistentVolume.yaml - kubectl create --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl create --namespace=$(namespace) -f Service.yaml - kubectl create --namespace=$(namespace) -f Deployment.yaml - kubectl create --namespace=$(namespace) -f Ingress.yaml diff --git a/srv/externos/campus-jaragua-gw/netbox/PersistentVolume.yaml b/srv/externos/campus-jaragua-gw/netbox/PersistentVolume.yaml deleted file mode 100644 index e77db8a..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/PersistentVolume.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: netbox-postgresql-jaragua-rau -spec: - capacity: - storage: 2Gi - accessModes: - - ReadWriteOnce - storageClassName: netbox-postgresql-jaragua-rau - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/externos/jaragua-rau/postgresql/base - user: admin - secretRef: - name: ceph-secret \ No newline at end of file diff --git a/srv/externos/campus-jaragua-gw/netbox/PersistentVolumeClaim.yaml b/srv/externos/campus-jaragua-gw/netbox/PersistentVolumeClaim.yaml deleted file mode 100644 index b03e916..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/PersistentVolumeClaim.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: netbox-postgresql-base -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2Gi - storageClassName: netbox-postgresql-jaragua-rau diff --git a/srv/externos/campus-jaragua-gw/netbox/Service.yaml b/srv/externos/campus-jaragua-gw/netbox/Service.yaml deleted file mode 100644 index 65ec9a7..0000000 --- a/srv/externos/campus-jaragua-gw/netbox/Service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: netbox - name: netbox -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 80 - selector: - app: netbox diff --git a/srv/fogproject/Deployment.yaml b/srv/fogproject/Deployment.yaml deleted file mode 100644 index d26f08c..0000000 --- a/srv/fogproject/Deployment.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: fogproject -spec: - replicas: 1 - template: - metadata: - name: fogproject - labels: - app: fogproject - spec: - hostNetwork: true - nodeName: vmnuvem5 - containers: - - name: fogproject - image: cticsjeifsc/fog - resources: - requests: - cpu: "500m" - memory: "1Gi" - volumeMounts: - - name: mysql - mountPath: /var/lib/mysql - - name: pmagic - mountPath: /var/www/pmagic - - name: images - mountPath: /images - restartPolicy: Always - volumes: - - name: mysql - persistentVolumeClaim: - claimName: fogproject-mysql - - name: pmagic - persistentVolumeClaim: - claimName: fogproject-pmagic - - name: images - persistentVolumeClaim: - claimName: fogproject-images diff --git a/srv/fogproject/Ingress.yaml b/srv/fogproject/Ingress.yaml deleted file mode 100644 index 68371ad..0000000 --- a/srv/fogproject/Ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -kind: Ingress -apiVersion: extensions/v1beta1 -metadata: - name: fogproject - annotations: - nginx.ingress.kubernetes.io/rewrite-target: '/fog' - nginx.ingress.kubernetes.io/proxy-body-size: 8m -spec: - tls: - - hosts: - - fogproject.sj.ifsc.edu.br - secretName: tls-ifsc-sje-wildcard - - hosts: - - fog.sj.ifsc.edu.br - secretName: tls-ifsc-sje-wildcard - rules: - - host: fogproject.sj.ifsc.edu.br - http: - paths: - - path: / - backend: - serviceName: fogproject - servicePort: 8083 - - host: fog.sj.ifsc.edu.br - http: - paths: - - path: / - backend: - serviceName: fogproject - servicePort: 8083 \ No newline at end of file diff --git a/srv/fogproject/Makefile b/srv/fogproject/Makefile index 236cb12..3eb8258 100644 --- a/srv/fogproject/Makefile +++ b/srv/fogproject/Makefile @@ -1,17 +1,7 @@ all: delete create -namespace = producao - delete: - kubectl delete --namespace=$(namespace) -f Ingress.yaml - kubectl delete --namespace=$(namespace) -f Service.yaml - kubectl delete --namespace=$(namespace) -f Deployment.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolume.yaml + kubectl delete -f fogproject.yaml create: - kubectl create --namespace=$(namespace) -f PersistentVolume.yaml - kubectl create --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl create --namespace=$(namespace) -f Deployment.yaml - kubectl create --namespace=$(namespace) -f Service.yaml - kubectl create --namespace=$(namespace) -f Ingress.yaml + kubectl create -f fogproject.yaml diff --git a/srv/fogproject/PersistentVolume.yaml b/srv/fogproject/PersistentVolume.yaml deleted file mode 100644 index dc7bd45..0000000 --- a/srv/fogproject/PersistentVolume.yaml +++ /dev/null @@ -1,63 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: fogproject-mysql -spec: - capacity: - storage: 2Gi - accessModes: - - ReadWriteOnce - storageClassName: fogproject-mysql - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/fog/data/mysql - user: admin - secretRef: - name: ceph-secret - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: fogproject-pmagic -spec: - capacity: - storage: 2Gi - accessModes: - - ReadWriteOnce - storageClassName: fogproject-pmagic - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/fog/data/pmagic - user: admin - secretRef: - name: ceph-secret - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: fogproject-images -spec: - capacity: - storage: 1501Gi - accessModes: - - ReadWriteOnce - storageClassName: fogproject-images - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/fog/images - user: admin - secretRef: - name: ceph-secret diff --git a/srv/fogproject/PersistentVolumeClaim.yaml b/srv/fogproject/PersistentVolumeClaim.yaml deleted file mode 100644 index 26dd9be..0000000 --- a/srv/fogproject/PersistentVolumeClaim.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - app: fogproject-mysql - name: fogproject-mysql -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2Gi - storageClassName: fogproject-mysql - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - app: fogproject-pmagic - name: fogproject-pmagic -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 2Gi - storageClassName: fogproject-pmagic - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - app: fogproject-images - name: fogproject-images -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1501Gi - storageClassName: fogproject-images diff --git a/srv/fogproject/README.md b/srv/fogproject/README.md deleted file mode 100644 index 684d225..0000000 --- a/srv/fogproject/README.md +++ /dev/null @@ -1,4 +0,0 @@ -#fogproject no Kubernetes -====== -Se necessário pode escrever alguma coisa aqui. Por enquanto -está funcionando no kubernetes, mas tem que testar várias coisas. diff --git a/srv/fogproject/Service.yaml b/srv/fogproject/Service.yaml deleted file mode 100644 index 09e13d4..0000000 --- a/srv/fogproject/Service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: fogproject - name: fogproject -spec: - ports: - - name: http1 - port: 80 - protocol: TCP - targetPort: 8083 - - name: http2 - port: 8083 - protocol: TCP - targetPort: 8083 - selector: - app: fogproject \ No newline at end of file diff --git a/srv/fogproject/fogproject.yaml b/srv/fogproject/fogproject.yaml new file mode 100644 index 0000000..0624d58 --- /dev/null +++ b/srv/fogproject/fogproject.yaml @@ -0,0 +1,209 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: fogproject-mysql +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 2Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/fog/data/mysql + secretRef: + name: ceph-secret + user: admin + storageClassName: fogproject-mysql + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: fogproject-pmagic +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 2Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/fog/data/pmagic + secretRef: + name: ceph-secret + user: admin + storageClassName: fogproject-pmagic + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: fogproject-images +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 1501Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/fog/images + secretRef: + name: ceph-secret + user: admin + storageClassName: fogproject-images + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: fogproject-mysql + name: fogproject-mysql + namespace: producao +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: fogproject-mysql + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: fogproject-pmagic + name: fogproject-pmagic + namespace: producao +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + storageClassName: fogproject-pmagic + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: fogproject-images + name: fogproject-images + namespace: producao +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1501Gi + storageClassName: fogproject-images + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: 8m + nginx.ingress.kubernetes.io/rewrite-target: /fog + name: fogproject + namespace: producao +spec: + rules: + - host: fogproject.sj.ifsc.edu.br + http: + paths: + - backend: + serviceName: fogproject + servicePort: 8083 + path: / + - host: fog.sj.ifsc.edu.br + http: + paths: + - backend: + serviceName: fogproject + servicePort: 8083 + path: / + tls: + - hosts: + - fogproject.sj.ifsc.edu.br + secretName: tls-ifsc-sje-wildcard + - hosts: + - fog.sj.ifsc.edu.br + secretName: tls-ifsc-sje-wildcard + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: fogproject + name: fogproject + namespace: producao +spec: + ports: + - name: http1 + port: 80 + protocol: TCP + targetPort: 8083 + - name: http2 + port: 8083 + protocol: TCP + targetPort: 8083 + selector: + app: fogproject + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: fogproject + namespace: producao +spec: + selector: + matchLabels: + app: fogproject + template: + metadata: + labels: + app: fogproject + name: fogproject + spec: + containers: + - image: cticsjeifsc/fog + name: fogproject + resources: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 500m + memory: 1Gi + volumeMounts: + - mountPath: /var/lib/mysql + name: mysql + - mountPath: /var/www/pmagic + name: pmagic + - mountPath: /images + name: images + hostNetwork: true + nodeName: vmnuvem5 + volumes: + - name: mysql + persistentVolumeClaim: + claimName: fogproject-mysql + - name: pmagic + persistentVolumeClaim: + claimName: fogproject-pmagic + - name: images + persistentVolumeClaim: + claimName: fogproject-images diff --git a/srv/kubernetes-dashboard/Ingress.yaml b/srv/kubernetes-dashboard/Ingress.yaml deleted file mode 100644 index f1e4961..0000000 --- a/srv/kubernetes-dashboard/Ingress.yaml +++ /dev/null @@ -1,20 +0,0 @@ -kind: Ingress -apiVersion: extensions/v1beta1 -metadata: - name: kubernetes-dashboard - namespace: kube-system - annotations: - nginx.ingress.kubernetes.io/secure-backends: "true" -spec: - tls: - - hosts: - - projetos.sj.ifsc.edu.br - secretName: tls-ifsc-sje - rules: - - host: projetos.sj.ifsc.edu.br - http: - paths: - - path: / - backend: - serviceName: kubernetes-dashboard - servicePort: 443 diff --git a/srv/kubernetes-dashboard/Makefile b/srv/kubernetes-dashboard/Makefile deleted file mode 100644 index 51c87dc..0000000 --- a/srv/kubernetes-dashboard/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -all: delete create - -delete: - kubectl delete -f Ingress.yaml - kubectl delete -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml - -create: - kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml - kubectl create -f Ingress.yaml \ No newline at end of file diff --git a/srv/kubernetes-dashboard/README.md b/srv/kubernetes-dashboard/README.md deleted file mode 100644 index 79c8714..0000000 --- a/srv/kubernetes-dashboard/README.md +++ /dev/null @@ -1,13 +0,0 @@ -Baseado na documentação oficial do [kubernetes-dashboard](https://github.com/kubernetes/dashboard) - -Instalar o dashboard: - -```bash -$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml -``` - -Criado o ingress: -```bash -$ kubectl create -f Ingress.yaml -``` - diff --git a/srv/ldap_config/ConfigMap.yaml b/srv/ldap_config/ConfigMap.yaml deleted file mode 100644 index e6e4c8f..0000000 --- a/srv/ldap_config/ConfigMap.yaml +++ /dev/null @@ -1,82 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: ldap-conf -data: - ldap.conf: |- - base dc=cefetsc,dc=edu,dc=br - uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br - ldap_version 3 - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ldap-ldap-conf -data: - ldap.conf: |- - base dc=cefetsc,dc=edu,dc=br - uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br - ldap_version 3 - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: pam-ldap-conf -data: - pam_ldap.conf: |- - base dc=cefetsc,dc=edu,dc=br - uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br - ldap_version 3 - ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: libnss-ldap-conf -data: - libnss-ldap.conf: |- - base dc=cefetsc,dc=edu,dc=br - uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br - ldap_version 3 - ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: nsswitch-ldap-conf -data: - nsswitch.conf: | - passwd: compat ldap - group: compat ldap - shadow: compat ldap - gshadow: files - - hosts: files myhostname mdns4_minimal [NOTFOUND=return] dns - networks: files - - protocols: db files - services: db files - ethers: db files - rpc: db files - - netgroup: nis - ---- - -apiVersion: v1 -kind: ConfigMap -metadata: - name: pam-common-session -data: - common-session: |- - session [default=1] pam_permit.so - session requisite pam_deny.so - session required pam_permit.so - session required pam_unix.so - session optional pam_ldap.so - session optional pam_systemd.so - session required pam_mkhomedir.so skel=/etc/skel umask=077 diff --git a/srv/ldap_config/Makefile b/srv/ldap_config/Makefile index add584b..fcf292e 100644 --- a/srv/ldap_config/Makefile +++ b/srv/ldap_config/Makefile @@ -1,9 +1,7 @@ all: delete create -namespace = producao - delete: - kubectl delete --namespace=$(namespace) -f ConfigMap.yaml + kubectl delete -f ldap_config.yaml create: - kubectl create --namespace=$(namespace) -f ConfigMap.yaml + kubectl create -f ldap_config.yaml diff --git a/srv/ldap_config/README.md b/srv/ldap_config/README.md index 6bc556c..6e2bb65 100644 --- a/srv/ldap_config/README.md +++ b/srv/ldap_config/README.md @@ -1,3 +1,3 @@ -#NSS/PAM Client LDAP no Kubernetes -====== -Arquivos de configuração NSS/PAM Client LDAP utilizado por outros Deployments. +# NSS/PAM Client LDAP + +Arquivos de configuração NSS/PAM Client LDAP utilizados por outras aplicações. diff --git a/srv/ldap_config/ldap_config.yaml b/srv/ldap_config/ldap_config.yaml new file mode 100644 index 0000000..32cbd18 --- /dev/null +++ b/srv/ldap_config/ldap_config.yaml @@ -0,0 +1,82 @@ +apiVersion: v1 +data: + ldap.conf: |- + base dc=cefetsc,dc=edu,dc=br + uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br + ldap_version 3 +kind: ConfigMap +metadata: + name: ldap-conf + namespace: producao + +--- +apiVersion: v1 +data: + ldap.conf: |- + base dc=cefetsc,dc=edu,dc=br + uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br + ldap_version 3 +kind: ConfigMap +metadata: + name: ldap-ldap-conf + namespace: producao + +--- +apiVersion: v1 +data: + pam_ldap.conf: |- + base dc=cefetsc,dc=edu,dc=br + uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br + ldap_version 3 +kind: ConfigMap +metadata: + name: pam-ldap-conf + namespace: producao + +--- +apiVersion: v1 +data: + libnss-ldap.conf: |- + base dc=cefetsc,dc=edu,dc=br + uri ldap://ldap.sj.ifsc.edu.br ldap://ldap.ifsc.edu.br + ldap_version 3 +kind: ConfigMap +metadata: + name: libnss-ldap-conf + namespace: producao + +--- +apiVersion: v1 +data: + nsswitch.conf: |- + passwd: compat ldap + group: compat ldap + shadow: compat ldap + gshadow: files + hosts: files myhostname mdns4_minimal [NOTFOUND=return] dns + networks: files + protocols: db files + services: db files + ethers: db files + rpc: db files + netgroup: nis +kind: ConfigMap +metadata: + name: nsswitch-ldap-conf + namespace: producao + +--- +apiVersion: v1 +data: + common-session: |- + session [default=1] pam_permit.so + session requisite pam_deny.so + session required pam_permit.so + session required pam_unix.so + session optional pam_ldap.so + session optional pam_systemd.so + session required pam_mkhomedir.so skel=/etc/skel umask=077 +kind: ConfigMap +metadata: + name: pam-common-session + namespace: producao diff --git a/srv/matlab/Deployment.yaml b/srv/matlab/Deployment.yaml deleted file mode 100644 index fea5014..0000000 --- a/srv/matlab/Deployment.yaml +++ /dev/null @@ -1,104 +0,0 @@ -# subpath https://kubernetes.io/docs/concepts/storage/volumes/#using-subpath -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: matlab - labels: - app: matlab -spec: - replicas: 1 - template: - metadata: - labels: - app: matlab - spec: - containers: - - name: matlab - image: cticsjeifsc/matlab - ports: - - name: ssh - containerPort: 22 - resources: - requests: - cpu: 4 - memory: 8Gi - limits: - cpu: 8 - memory: 12Gi - volumeMounts: - # Binarios do Matlab - - name: matlab-root - mountPath: /opt - # Home dos usuarios - - name: matlab-home - mountPath: /home - # etc - - name: matlab-users - mountPath: /mnt/shadow - subPath: shadow - - name: matlab-users - mountPath: /mnt/passwd - subPath: passwd - - name: matlab-users - mountPath: /mnt/group - subPath: group - # Script atualiza usuarios - - name: matlab-users - mountPath: /mnt/cron_att_users.sh - subPath: cron_att_users.sh - # LDAP - - name: ldap-conf - mountPath: /etc/ldap.conf - subPath: ldap.conf - - name: ldap-ldap-conf - mountPath: /etc/ldap/ldap.conf - subPath: ldap.conf - - name: nsswitch-ldap-conf - mountPath: /etc/nsswitch.conf - subPath: nsswitch.conf - - name: libnss-ldap-conf - mountPath: /etc/libnss-ldap.conf - subPath: libnss-ldap.conf - - name: pam-ldap-conf - mountPath: /etc/pam_ldap.conf - subPath: pam_ldap.conf - - name: pam-common-session - mountPath: /etc/pam.d/common-session - subPath: common-session - - name: ssh-keys - mountPath: /root/.ssh/authorized_keys - subPath: authorized_keys - readOnly: true - volumes: - - name: matlab-root - persistentVolumeClaim: - claimName: matlab-root - - name: matlab-home - persistentVolumeClaim: - claimName: matlab-home - - name: matlab-users - persistentVolumeClaim: - claimName: matlab-servicos-etc - # LDAP - - name: ldap-conf - configMap: - name: ldap-conf - - name: ldap-ldap-conf - configMap: - name: ldap-ldap-conf - - name: nsswitch-ldap-conf - configMap: - name: nsswitch-ldap-conf - - name: pam-ldap-conf - configMap: - name: pam-ldap-conf - - name: libnss-ldap-conf - configMap: - name: libnss-ldap-conf - - name: pam-common-session - configMap: - name: pam-common-session - # Authorized keys ctic root - - name: ssh-keys - secret: - secretName: authorized-keys-ctic diff --git a/srv/matlab/HorizontalPodAutoscaler.yaml b/srv/matlab/HorizontalPodAutoscaler.yaml deleted file mode 100644 index 200b614..0000000 --- a/srv/matlab/HorizontalPodAutoscaler.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: autoscaling/v2beta1 -kind: HorizontalPodAutoscaler -metadata: - name: matlab -spec: - minReplicas: 1 - maxReplicas: 2 - metrics: - scaleTargetRef: - apiVersion: extensions/v1beta1 - kind: Deployment - name: matlab - metrics: - - type: Resource - resource: - name: cpu - targetAverageUtilization: 80 - diff --git a/srv/matlab/Makefile b/srv/matlab/Makefile index a97ebdb..5b4edcf 100644 --- a/srv/matlab/Makefile +++ b/srv/matlab/Makefile @@ -1,17 +1,7 @@ all: delete create -namespace = producao - delete: - kubectl delete --namespace=$(namespace) -f Deployment.yaml - # kubectl delete --namespace=$(namespace) -f HorizontalPodAutoscaler.yaml - kubectl delete --namespace=$(namespace) -f Service.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolume.yaml + kubectl delete -f matlab.yaml create: - kubectl create --namespace=$(namespace) -f PersistentVolume.yaml - kubectl create --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl create --namespace=$(namespace) -f Service.yaml - # kubectl create --namespace=$(namespace) -f HorizontalPodAutoscaler.yaml - kubectl create --namespace=$(namespace) -f Deployment.yaml + kubectl create -f matlab.yaml diff --git a/srv/matlab/PersistentVolume.yaml b/srv/matlab/PersistentVolume.yaml deleted file mode 100644 index faaa066..0000000 --- a/srv/matlab/PersistentVolume.yaml +++ /dev/null @@ -1,60 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: matlab-root -spec: - capacity: - storage: 10Gi - accessModes: - - ReadOnlyMany - storageClassName: matlab-root - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/matlab - user: admin - secretRef: - name: ceph-secret - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: matlab-home -spec: - capacity: - storage: 10Gi - accessModes: - - ReadWriteMany - storageClassName: matlab-home - mountOptions: - - nolock - - nfsvers=3 - nfs: - server: 191.36.8.71 - path: /nfs_kubernetes/kubernetes/ifsc/sje/a/home - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: matlab-servicos-etc -spec: - capacity: - storage: 100Mi - accessModes: - - ReadWriteMany - storageClassName: matlab-servicos-etc - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/users - user: admin - secretRef: - name: ceph-secret \ No newline at end of file diff --git a/srv/matlab/PersistentVolumeClaim.yaml b/srv/matlab/PersistentVolumeClaim.yaml deleted file mode 100644 index a93053f..0000000 --- a/srv/matlab/PersistentVolumeClaim.yaml +++ /dev/null @@ -1,45 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: matlab-root - labels: - app: matlab-root -spec: - accessModes: - - ReadOnlyMany - resources: - requests: - storage: 10Gi - storageClassName: matlab-root - ---- - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: matlab-home - labels: - app: matlab-home -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 10Gi - storageClassName: matlab-home - ---- - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: matlab-servicos-etc - labels: - app: matlab-servicos-etc -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 10Mi - storageClassName: matlab-servicos-etc diff --git a/srv/matlab/README.md b/srv/matlab/README.md deleted file mode 100644 index 09cc1ab..0000000 --- a/srv/matlab/README.md +++ /dev/null @@ -1,2 +0,0 @@ -#Matlab no Kubernetes -====== diff --git a/srv/matlab/Service.yaml b/srv/matlab/Service.yaml deleted file mode 100644 index 7464966..0000000 --- a/srv/matlab/Service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: matlab - labels: - app: matlab -spec: - externalIPs: - - "191.36.8.1" - - "191.36.8.4" - - "191.36.8.6" - - "191.36.8.7" - - "191.36.8.25" - ports: - - name: ssh - port: 2222 - protocol: TCP - targetPort: 22 - selector: - app: matlab - type: LoadBalancer diff --git a/srv/matlab/matlab.yaml b/srv/matlab/matlab.yaml new file mode 100644 index 0000000..3a950d9 --- /dev/null +++ b/srv/matlab/matlab.yaml @@ -0,0 +1,252 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: matlab-root +spec: + accessModes: + - ReadOnlyMany + capacity: + storage: 10Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/matlab + secretRef: + name: ceph-secret + user: admin + storageClassName: matlab-root + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: matlab-home +spec: + accessModes: + - ReadWriteMany + capacity: + storage: 10Gi + mountOptions: + - nolock + - nfsvers=3 + nfs: + path: /nfs_kubernetes/kubernetes/ifsc/sje/a/home + server: "191.36.8.71" + storageClassName: matlab-home + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: matlab-servicos-etc +spec: + accessModes: + - ReadWriteMany + capacity: + storage: 100Mi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/users + secretRef: + name: ceph-secret + user: admin + storageClassName: matlab-servicos-etc + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: matlab-root + name: matlab-root + namespace: producao +spec: + accessModes: + - ReadOnlyMany + resources: + requests: + storage: 10Gi + storageClassName: matlab-root + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: matlab-home + name: matlab-home + namespace: producao +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: matlab-home + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: matlab-servicos-etc + name: matlab-servicos-etc + namespace: producao +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Mi + storageClassName: matlab-servicos-etc + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: matlab + name: matlab + namespace: producao +spec: + externalIPs: + - "191.36.8.1" + - "191.36.8.4" + - "191.36.8.6" + - "191.36.8.7" + - "191.36.8.25" + ports: + - name: ssh + port: 2222 + protocol: TCP + targetPort: 22 + selector: + app: matlab + type: LoadBalancer + +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: matlab + namespace: producao +spec: + maxReplicas: 2 + metrics: + - resource: + name: cpu + target: + type: Utilization + averageUtilization: 80 + type: Resource + minReplicas: 1 + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: matlab + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: matlab + name: matlab + namespace: producao +spec: + selector: + matchLabels: + app: matlab + template: + metadata: + labels: + app: matlab + spec: + containers: + - image: cticsjeifsc/matlab + name: matlab + ports: + - containerPort: 22 + name: ssh + resources: + limits: + cpu: 8 + memory: 12Gi + requests: + cpu: 4 + memory: 8Gi + volumeMounts: + - mountPath: /opt + name: matlab-root + - mountPath: /home + name: matlab-home + - mountPath: /mnt/shadow + name: matlab-users + subPath: shadow + - mountPath: /mnt/passwd + name: matlab-users + subPath: passwd + - mountPath: /mnt/group + name: matlab-users + subPath: group + - mountPath: /mnt/cron_att_users.sh + name: matlab-users + subPath: cron_att_users.sh + - mountPath: /etc/ldap.conf + name: ldap-conf + subPath: ldap.conf + - mountPath: /etc/ldap/ldap.conf + name: ldap-ldap-conf + subPath: ldap.conf + - mountPath: /etc/nsswitch.conf + name: nsswitch-ldap-conf + subPath: nsswitch.conf + - mountPath: /etc/libnss-ldap.conf + name: libnss-ldap-conf + subPath: libnss-ldap.conf + - mountPath: /etc/pam_ldap.conf + name: pam-ldap-conf + subPath: pam_ldap.conf + - mountPath: /etc/pam.d/common-session + name: pam-common-session + subPath: common-session + - mountPath: /root/.ssh/authorized_keys + name: ssh-keys + readOnly: true + subPath: authorized_keys + volumes: + - name: matlab-root + persistentVolumeClaim: + claimName: matlab-root + - name: matlab-home + persistentVolumeClaim: + claimName: matlab-home + - name: matlab-users + persistentVolumeClaim: + claimName: matlab-servicos-etc + - configMap: + name: ldap-conf + name: ldap-conf + - configMap: + name: ldap-ldap-conf + name: ldap-ldap-conf + - configMap: + name: nsswitch-ldap-conf + name: nsswitch-ldap-conf + - configMap: + name: pam-ldap-conf + name: pam-ldap-conf + - configMap: + name: libnss-ldap-conf + name: libnss-ldap-conf + - configMap: + name: pam-common-session + name: pam-common-session + - name: ssh-keys + secret: + secretName: authorized-keys-ctic diff --git a/srv/mediawiki/Deployment.yaml b/srv/mediawiki/Deployment.yaml deleted file mode 100644 index 58598d5..0000000 --- a/srv/mediawiki/Deployment.yaml +++ /dev/null @@ -1,121 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: wiki-mariadb - labels: - app: wiki-mariadb -spec: - replicas: 1 - template: - metadata: - labels: - app: wiki-mariadb - spec: - containers: - - name: wiki-mariadb - image: mariadb:10.3 - env: - - name: TZ - value: "America/Recife" - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: wiki-mariadb - key: mysql-root-password - - name: MYSQL_DATABASE - valueFrom: - secretKeyRef: - name: wiki-mariadb - key: mysql-database - - name: MYSQL_USER - valueFrom: - secretKeyRef: - name: wiki-mariadb - key: mysql-user - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: wiki-mariadb - key: mysql-password - ports: - - name: mysql - containerPort: 3306 - volumeMounts: - - mountPath: /var/lib/mysql - name: wiki-mariadb - subPath: mysql - resources: - limits: - memory: 4Gi - cpu: 2 - requests: - memory: 512Mi - cpu: 300m - volumes: - - name: wiki-mariadb - persistentVolumeClaim: - claimName: wiki-mariadb - ---- - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: wiki - labels: - app: wiki -spec: - replicas: 1 - template: - metadata: - labels: - app: wiki - spec: - affinity: - podAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - "wiki-mariadb" - topologyKey: "kubernetes.io/hostname" - containers: - - name: wiki - image: cticsjeifsc/mediawiki:1.31.10 - env: - - name: TZ - value: "America/Recife" - ports: - - name: http - containerPort: 80 - livenessProbe: - httpGet: - path: /index.php/Página_principal - port: 80 - scheme: HTTP - initialDelaySeconds: 60 - timeoutSeconds: 10 - failureThreshold: 6 - volumeMounts: - - mountPath: /var/www/html/extensions - name: wiki-data - subPath: extensions - - mountPath: /var/www/html/images - name: wiki-data - subPath: images - - mountPath: /var/www/html/skins - name: wiki-data - subPath: skins - - mountPath: /var/www/html/LocalSettings.php - name: wiki-data - subPath: LocalSettings.php - resources: - requests: - memory: 512Mi - cpu: 300m - volumes: - - name: wiki-data - persistentVolumeClaim: - claimName: wiki diff --git a/srv/mediawiki/Ingress.yaml b/srv/mediawiki/Ingress.yaml deleted file mode 100644 index 0d56286..0000000 --- a/srv/mediawiki/Ingress.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: Ingress -apiVersion: extensions/v1beta1 -metadata: - name: wiki - annotations: - nginx.ingress.kubernetes.io/proxy-body-size: 32m -spec: - tls: - - hosts: - - wiki.sj.ifsc.edu.br - secretName: tls-ifsc-sje-wildcard - rules: - - host: wiki.sj.ifsc.edu.br - http: - paths: - - path: / - backend: - serviceName: wiki - servicePort: 80 diff --git a/srv/mediawiki/Makefile b/srv/mediawiki/Makefile index 5082aa4..75ed560 100644 --- a/srv/mediawiki/Makefile +++ b/srv/mediawiki/Makefile @@ -1,21 +1,9 @@ all: delete create -namespace = producao - delete: - kubectl delete --namespace=$(namespace) -f Ingress.yaml - kubectl delete --namespace=$(namespace) -f Service.yaml - kubectl delete --namespace=$(namespace) -f Deployment.yaml - helm delete memcached-wiki --namespace=$(namespace) - kubectl delete --namespace=$(namespace) -f PersistentVolumeClaim.yaml - kubectl delete --namespace=$(namespace) -f PersistentVolume.yaml - kubectl delete --namespace=$(namespace) -f Secrets.yaml + kubectl delete -f mediawiki.yaml + kubectl delete -f Secrets.yaml create: - kubectl create --namespace=$(namespace) -f Secrets.yaml - kubectl create --namespace=$(namespace) -f PersistentVolume.yaml - kubectl create --namespace=$(namespace) -f PersistentVolumeClaim.yaml - helm install memcached-wiki --namespace=$(namespace) -f values.yaml stable/memcached - kubectl create --namespace=$(namespace) -f Deployment.yaml - kubectl create --namespace=$(namespace) -f Service.yaml - kubectl create --namespace=$(namespace) -f Ingress.yaml + kubectl create -f Secrets.yaml + kubectl create -f mediawiki.yaml diff --git a/srv/mediawiki/PersistentVolume.yaml b/srv/mediawiki/PersistentVolume.yaml deleted file mode 100644 index 2d7aee3..0000000 --- a/srv/mediawiki/PersistentVolume.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: v1 -kind: PersistentVolume -metadata: - name: wiki-mariadb -spec: - capacity: - storage: 8Gi - accessModes: - - ReadWriteOnce - storageClassName: wiki-mariadb - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/mediawiki/mariadb - user: admin - secretRef: - name: ceph-secret - ---- - -apiVersion: v1 -kind: PersistentVolume -metadata: - name: wiki -spec: - capacity: - storage: 10Gi - accessModes: - - ReadWriteOnce - storageClassName: wiki - cephfs: - monitors: - - 10.10.10.1:6789 - - 10.10.10.5:6789 - - 10.10.10.6:6789 - path: /kubernetes/ifsc/sje/srv/mediawiki/wiki - user: admin - secretRef: - name: ceph-secret \ No newline at end of file diff --git a/srv/mediawiki/PersistentVolumeClaim.yaml b/srv/mediawiki/PersistentVolumeClaim.yaml deleted file mode 100644 index e0fcc4c..0000000 --- a/srv/mediawiki/PersistentVolumeClaim.yaml +++ /dev/null @@ -1,29 +0,0 @@ -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: wiki-mariadb - labels: - app: wiki-mariadb -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 8Gi - storageClassName: wiki-mariadb - ---- - -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: wiki - labels: - app: wiki -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: wiki \ No newline at end of file diff --git a/srv/mediawiki/Service.yaml b/srv/mediawiki/Service.yaml deleted file mode 100644 index e1c2e37..0000000 --- a/srv/mediawiki/Service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - app: wiki-mariadb - name: wiki-mariadb -spec: - ports: - - name: mysql - port: 3306 - protocol: TCP - targetPort: 3306 - selector: - app: wiki-mariadb - ---- - -apiVersion: v1 -kind: Service -metadata: - labels: - app: wiki - name: wiki -spec: - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 80 - selector: - app: wiki \ No newline at end of file diff --git a/srv/mediawiki/mediawiki.yaml b/srv/mediawiki/mediawiki.yaml new file mode 100644 index 0000000..0585b90 --- /dev/null +++ b/srv/mediawiki/mediawiki.yaml @@ -0,0 +1,249 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: wiki-mariadb +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 8Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/mediawiki/mariadb + secretRef: + name: ceph-secret + user: admin + storageClassName: wiki-mariadb + +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: wiki +spec: + accessModes: + - ReadWriteOnce + capacity: + storage: 10Gi + cephfs: + monitors: + - "10.10.10.1:6789" + - "10.10.10.5:6789" + - "10.10.10.6:6789" + path: /kubernetes/ifsc/sje/srv/mediawiki/wiki + secretRef: + name: ceph-secret + user: admin + storageClassName: wiki + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: wiki-mariadb + name: wiki-mariadb + namespace: producao +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + storageClassName: wiki-mariadb + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + app: wiki + name: wiki + namespace: producao +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: wiki + +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: 32m + name: wiki + namespace: producao +spec: + rules: + - host: wiki.sj.ifsc.edu.br + http: + paths: + - backend: + serviceName: wiki + servicePort: 80 + path: / + tls: + - hosts: + - wiki.sj.ifsc.edu.br + secretName: tls-ifsc-sje-wildcard + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: wiki-mariadb + name: wiki-mariadb + namespace: producao +spec: + ports: + - name: mysql + port: 3306 + protocol: TCP + targetPort: 3306 + selector: + app: wiki-mariadb + +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: wiki + name: wiki + namespace: producao +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: wiki + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: wiki-mariadb + name: wiki-mariadb + namespace: producao +spec: + selector: + matchLabels: + app: wiki-mariadb + template: + metadata: + labels: + app: wiki-mariadb + spec: + containers: + - env: + - name: TZ + value: America/Recife + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + key: mysql-root-password + name: wiki-mariadb + - name: MYSQL_DATABASE + valueFrom: + secretKeyRef: + key: mysql-database + name: wiki-mariadb + - name: MYSQL_USER + valueFrom: + secretKeyRef: + key: mysql-user + name: wiki-mariadb + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + key: mysql-password + name: wiki-mariadb + image: "mariadb:10.3" + name: wiki-mariadb + ports: + - containerPort: 3306 + name: mysql + resources: + limits: + cpu: 2 + memory: 6Gi + requests: + cpu: 300m + memory: 512Mi + volumeMounts: + - mountPath: /var/lib/mysql + name: wiki-mariadb + subPath: mysql + volumes: + - name: wiki-mariadb + persistentVolumeClaim: + claimName: wiki-mariadb + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: wiki + name: wiki + namespace: producao +spec: + selector: + matchLabels: + app: wiki + template: + metadata: + labels: + app: wiki + spec: + containers: + - env: + - name: TZ + value: America/Recife + image: "cticsjeifsc/mediawiki:1.31.10" + livenessProbe: + failureThreshold: 6 + httpGet: + path: /index.php/Página_principal + port: 80 + scheme: HTTP + initialDelaySeconds: 60 + timeoutSeconds: 10 + name: wiki + ports: + - containerPort: 80 + name: http + resources: + limits: + cpu: 2 + memory: 4Gi + requests: + cpu: 300m + memory: 512Mi + volumeMounts: + - mountPath: /var/www/html/extensions + name: wiki-data + subPath: extensions + - mountPath: /var/www/html/images + name: wiki-data + subPath: images + - mountPath: /var/www/html/skins + name: wiki-data + subPath: skins + - mountPath: /var/www/html/LocalSettings.php + name: wiki-data + subPath: LocalSettings.php + volumes: + - name: wiki-data + persistentVolumeClaim: + claimName: wiki diff --git a/srv/moodle/moodle.yaml b/srv/moodle/moodle.yaml index 8a18ee4..2bb376e 100644 --- a/srv/moodle/moodle.yaml +++ b/srv/moodle/moodle.yaml @@ -77,7 +77,7 @@ spec: --- kind: Ingress -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 metadata: name: moodle annotations: diff --git a/srv/netbox/netbox.yaml b/srv/netbox/netbox.yaml index c486675..9e5e002 100644 --- a/srv/netbox/netbox.yaml +++ b/srv/netbox/netbox.yaml @@ -75,7 +75,7 @@ spec: storageClassName: netbox-postgresql --- -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: diff --git a/srv/www/www.yaml b/srv/www/www.yaml index 563f9ec..4452cc8 100644 --- a/srv/www/www.yaml +++ b/srv/www/www.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: @@ -16,7 +16,7 @@ spec: --- -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: