Skip to content

Commit

Permalink
Add RabbitMQ definitions auto loading & small other improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
@nikitades
nikitades committed Sep 25, 2023
1 parent 9e527d2 commit 4e658a2
Show file tree
Hide file tree
Showing 4 changed files with 189 additions and 188 deletions.
13 changes: 11 additions & 2 deletions .k8s/local/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ data:
.:53 {
log
errors
rewrite name sso.carres.local host.minikube.internal <-------- this one
rewrite name sso.carres.local <your keycloak node IP address, e.g. 192.168.49.2> <-------- this one
health {
lameduck 5s
}
Expand Down Expand Up @@ -80,4 +80,13 @@ This would enable the browser to access the whole ecosystem locally.
kubectl apply -f .k8s/local/carres-\*.yaml
```

It takes about 1 minute for the project to start due to Keycloak initialization.
It takes about 1 minute for the project to start due to Keycloak initialization.


## 5. (For Windows / OSX)

Run tunnelling:

```
minikube tunnel
```
148 changes: 114 additions & 34 deletions .k8s/local/carres-rmq-template.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,11 @@ metadata:
name: rmq-rabbitmq
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
automountServiceAccountToken: true
secrets:
- name: rmq-rabbitmq
Expand All @@ -21,14 +22,15 @@ metadata:
name: rmq-rabbitmq-config
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
type: Opaque
data:
rabbitmq.conf: |-
IyMgVXNlcm5hbWUgYW5kIHBhc3N3b3JkCiMjCmRlZmF1bHRfdXNlciA9IHJtcV9hZG1pbgojIyBDbHVzdGVyaW5nCiMjCmNsdXN0ZXJfZm9ybWF0aW9uLnBlZXJfZGlzY292ZXJ5X2JhY2tlbmQgID0gcmFiYml0X3BlZXJfZGlzY292ZXJ5X2s4cwpjbHVzdGVyX2Zvcm1hdGlvbi5rOHMuaG9zdCA9IGt1YmVybmV0ZXMuZGVmYXVsdApjbHVzdGVyX2Zvcm1hdGlvbi5ub2RlX2NsZWFudXAuaW50ZXJ2YWwgPSAxMApjbHVzdGVyX2Zvcm1hdGlvbi5ub2RlX2NsZWFudXAub25seV9sb2dfd2FybmluZyA9IHRydWUKY2x1c3Rlcl9wYXJ0aXRpb25faGFuZGxpbmcgPSBhdXRvaGVhbAoKIyBxdWV1ZSBtYXN0ZXIgbG9jYXRvcgpxdWV1ZV9tYXN0ZXJfbG9jYXRvciA9IG1pbi1tYXN0ZXJzCiMgZW5hYmxlIGxvb3BiYWNrIHVzZXIKbG9vcGJhY2tfdXNlcnMucm1xX2FkbWluID0gZmFsc2UKI2RlZmF1bHRfdmhvc3QgPSBjYXJyZXMtdmhvc3QKI2Rpc2tfZnJlZV9saW1pdC5hYnNvbHV0ZSA9IDUwTUI=
IyMgVXNlcm5hbWUgYW5kIHBhc3N3b3JkCiMjCmRlZmF1bHRfdXNlciA9IHVzZXIKIyMgQ2x1c3RlcmluZwojIwpjbHVzdGVyX2Zvcm1hdGlvbi5wZWVyX2Rpc2NvdmVyeV9iYWNrZW5kICA9IHJhYmJpdF9wZWVyX2Rpc2NvdmVyeV9rOHMKY2x1c3Rlcl9mb3JtYXRpb24uazhzLmhvc3QgPSBrdWJlcm5ldGVzLmRlZmF1bHQKY2x1c3Rlcl9mb3JtYXRpb24ubm9kZV9jbGVhbnVwLmludGVydmFsID0gMTAKY2x1c3Rlcl9mb3JtYXRpb24ubm9kZV9jbGVhbnVwLm9ubHlfbG9nX3dhcm5pbmcgPSB0cnVlCmNsdXN0ZXJfcGFydGl0aW9uX2hhbmRsaW5nID0gYXV0b2hlYWwKCmNsdXN0ZXJfZm9ybWF0aW9uLnRhcmdldF9jbHVzdGVyX3NpemVfaGludCA9IDEKCmxvYWRfZGVmaW5pdGlvbnMgPSAvYXBwL2xvYWRfZGVmaW5pdGlvbi5qc29uCiMgcXVldWUgbWFzdGVyIGxvY2F0b3IKcXVldWVfbWFzdGVyX2xvY2F0b3IgPSBtaW4tbWFzdGVycwojIGVuYWJsZSBsb29wYmFjayB1c2VyCmxvb3BiYWNrX3VzZXJzLnVzZXIgPSBmYWxzZQpsb2FkX2RlZmluaXRpb25zID0gL2FwcC9sb2FkX2RlZmluaXRpb24uanNvbgo=
---
# Source: rabbitmq/templates/secrets.yaml
apiVersion: v1
Expand All @@ -37,14 +39,79 @@ metadata:
name: rmq-rabbitmq
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
type: Opaque
data:
rabbitmq-password: "ZGV2cm1xdXNlcg=="
rabbitmq-erlang-cookie: "d1BMdDdWWVdqcVNBaWpXb3FSTHBMcm9SRFFGd1BPTUs="
rabbitmq-password: "Q0hBTkdFTUU="
rabbitmq-erlang-cookie: "WWFlMm41aWNLS0lLcE5uZE5KdklTUXVhdkRmSmFDWlY="
---
# Source: rabbitmq/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: load-definition
namespace: "default"
labels:
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
type: Opaque
stringData:
load_definition.json: |
{
"users": [
{
"name": "rmq_admin",
"password": "devrmquser",
"tags": "administrator"
},
{
"name": "carres",
"password": "carres",
"tags": "carres"
}
],
"vhosts": [
{
"name": "/"
},
{
"name": "carres"
}
],
"permissions": [
{
"configure": ".*",
"read": ".*",
"user": "carres",
"vhost": "carres",
"write": ".*"
},
{
"configure": ".*",
"read": ".*",
"user": "rmq_admin",
"vhost": "carres",
"write": ".*"
}
],
"queues": [
{
"arguments": {},
"auto_delete": false,
"durable": true,
"name": "new_reservations",
"type": "classic",
"vhost": "carres"
}
]
}
---
# Source: rabbitmq/templates/role.yaml
kind: Role
Expand All @@ -53,10 +120,11 @@ metadata:
name: rmq-rabbitmq-endpoint-reader
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
rules:
- apiGroups: [""]
resources: ["endpoints"]
Expand All @@ -72,10 +140,11 @@ metadata:
name: rmq-rabbitmq-endpoint-reader
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
subjects:
- kind: ServiceAccount
name: rmq-rabbitmq
Expand All @@ -91,10 +160,11 @@ metadata:
name: rmq-rabbitmq-headless
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
spec:
clusterIP: None
ports:
Expand All @@ -111,8 +181,8 @@ spec:
port: 15672
targetPort: stats
selector:
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/instance: rmq
app.kubernetes.io/name: rabbitmq
publishNotReadyAddresses: true
---
# Source: rabbitmq/templates/svc.yaml
Expand All @@ -122,10 +192,11 @@ metadata:
name: rmq-rabbitmq
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
spec:
type: ClusterIP
sessionAffinity: None
Expand All @@ -147,8 +218,8 @@ spec:
targetPort: stats
nodePort: null
selector:
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/instance: rmq
app.kubernetes.io/name: rabbitmq
---
# Source: rabbitmq/templates/statefulset.yaml
apiVersion: apps/v1
Expand All @@ -157,10 +228,11 @@ metadata:
name: rmq-rabbitmq
namespace: "default"
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
spec:
serviceName: rmq-rabbitmq-headless
podManagementPolicy: OrderedReady
Expand All @@ -169,41 +241,43 @@ spec:
type: RollingUpdate
selector:
matchLabels:
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/instance: rmq
app.kubernetes.io/name: rabbitmq
template:
metadata:
labels:
app.kubernetes.io/name: rabbitmq
helm.sh/chart: rabbitmq-12.0.10
app.kubernetes.io/instance: rmq
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/version: 3.12.6
helm.sh/chart: rabbitmq-12.1.7
annotations:
checksum/config: 1e6c3a00e9fa83423dc3f47b1971f7056615f100fc55bd6e024fa9b9a5729873
checksum/secret: 9a59f8c0d251c6ed1f3677ed31cdda1509ac88002ce26ab23066b70757393357
checksum/config: e5144be1b516acd085f42737d7bd64e0771f7415e3cfbdcf48e3ed79d6d0dca6
checksum/secret: 293665a9420bf3c63463d41522075457eff7a2faea63fa152b27a5b0c8284cf8
spec:

serviceAccountName: rmq-rabbitmq
affinity:
podAffinity:

podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: rabbitmq
app.kubernetes.io/instance: rmq
app.kubernetes.io/name: rabbitmq
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:

securityContext:
fsGroup: 1001
terminationGracePeriodSeconds: 120
initContainers:
containers:
- name: rabbitmq
image: docker.io/bitnami/rabbitmq:3.12.2-debian-11-r8
image: docker.io/bitnami/rabbitmq:3.12.6-debian-11-r4
imagePullPolicy: "IfNotPresent"
securityContext:
runAsNonRoot: true
Expand Down Expand Up @@ -261,13 +335,13 @@ spec:
name: rmq-rabbitmq
key: rabbitmq-erlang-cookie
- name: RABBITMQ_LOAD_DEFINITIONS
value: "no"
value: "yes"
- name: RABBITMQ_DEFINITIONS_FILE
value: "/app/load_definition.json"
- name: RABBITMQ_SECURE_PASSWORD
value: "yes"
- name: RABBITMQ_USERNAME
value: "rmq_admin"
value: "user"
- name: RABBITMQ_PASSWORD
valueFrom:
secretKeyRef:
Expand Down Expand Up @@ -295,7 +369,7 @@ spec:
command:
- sh
- -ec
- curl -f --user rmq_admin:$RABBITMQ_PASSWORD 127.0.0.1:15672/api/health/checks/virtual-hosts
- rabbitmq-diagnostics -q ping
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
Expand All @@ -306,7 +380,7 @@ spec:
command:
- sh
- -ec
- curl -f --user rmq_admin:$RABBITMQ_PASSWORD 127.0.0.1:15672/api/health/checks/local-alarms
- rabbitmq-diagnostics -q check_running && rabbitmq-diagnostics -q check_local_alarms
resources:
limits: {}
requests: {}
Expand All @@ -315,12 +389,18 @@ spec:
mountPath: /bitnami/rabbitmq/conf
- name: data
mountPath: /bitnami/rabbitmq/mnesia
- name: load-definition-volume
mountPath: /app
readOnly: true
volumes:
- name: configuration
projected:
sources:
- secret:
name: rmq-rabbitmq-config
- name: load-definition-volume
secret:
secretName: "load-definition"
- name: data
persistentVolumeClaim:
claimName: rmq-pv-claim
Expand Down
Loading

0 comments on commit 4e658a2

Please sign in to comment.