From 820191346b341a07bb0f70f5b67234f777b984f6 Mon Sep 17 00:00:00 2001 From: Teck Meng Date: Sun, 18 Aug 2024 07:38:16 +0800 Subject: [PATCH] refactor: Update Traefik ingress routes file paths --- cluster/plane/ingress.md | 10 ++ cluster/plane/readme.md | 13 ++ cluster/plane/values.yaml | 123 +++++++++++++++++ cluster/rancher-cleanup.yaml | 38 ++++++ cluster/readme.md | 45 +++++++ .../traefik_ingress_route/ingress_route.yaml | 47 +++++++ cluster/traefik_ingress_route/readme.md | 8 ++ .../traefik_controller.yaml | 82 ++++++++++++ cluster/traefik_ingress_route/whoami.yaml | 126 ++++++++++++++++++ cluster/verify.yaml | 38 ++++++ 10 files changed, 530 insertions(+) create mode 100644 cluster/plane/ingress.md create mode 100644 cluster/plane/readme.md create mode 100644 cluster/plane/values.yaml create mode 100644 cluster/rancher-cleanup.yaml create mode 100644 cluster/readme.md create mode 100644 cluster/traefik_ingress_route/ingress_route.yaml create mode 100644 cluster/traefik_ingress_route/readme.md create mode 100644 cluster/traefik_ingress_route/traefik_controller.yaml create mode 100644 cluster/traefik_ingress_route/whoami.yaml create mode 100644 cluster/verify.yaml diff --git a/cluster/plane/ingress.md b/cluster/plane/ingress.md new file mode 100644 index 0000000..638ffa2 --- /dev/null +++ b/cluster/plane/ingress.md @@ -0,0 +1,10 @@ +# Ngnix Ingress + +```bash +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update +helm install nginx ingress-nginx/ingress-nginx \ + --create-namespace \ + --namespace nginx-system + +``` \ No newline at end of file diff --git a/cluster/plane/readme.md b/cluster/plane/readme.md new file mode 100644 index 0000000..bb3fde0 --- /dev/null +++ b/cluster/plane/readme.md @@ -0,0 +1,13 @@ +# plane + +```bash +helm repo add makeplane https://helm.plane.so/ +helm repo update +helm install plane-app makeplane/plane-ce \ + --create-namespace \ + --namespace plane-ce \ + -f values.yaml \ + --timeout 10m \ + --wait \ + --wait-for-jobs +``` \ No newline at end of file diff --git a/cluster/plane/values.yaml b/cluster/plane/values.yaml new file mode 100644 index 0000000..b40ea81 --- /dev/null +++ b/cluster/plane/values.yaml @@ -0,0 +1,123 @@ +planeVersion: stable + +dockerRegistry: + enabled: false + host: "index.docker.io/v1/" + loginid: makeplane + password: "" + +ingress: + enabled: true + appHost: "plane.local" + minioHost: "plane-minio.local" + ingressClass: "nginx" + ingress_annotations: { + "nginx.ingress.kubernetes.io/proxy-body-size": "5m", + } + +# SSL Configuration - Valid only if ingress.enabled is true +ssl: + createIssuer: false + issuer: "http" # Allowed : cloudflare, digitalocean, http + token: "" # not required for http + server: https://acme-v02.api.letsencrypt.org/directory + email: plane@example.com + generateCerts: false + +redis: + local_setup: true + image: valkey/valkey:7.2.5-alpine + servicePort: 6379 + storageClass: longhorn + volumeSize: 1Gi + pullPolicy: IfNotPresent + +postgres: + local_setup: true + image: postgres:15.5-alpine + servicePort: 5432 + cliConnectPort: "" + storageClass: longhorn + volumeSize: 5Gi + pullPolicy: IfNotPresent + +minio: + image: minio/minio:latest + local_setup: true + pullPolicy: IfNotPresent + root_password: password + root_user: admin + storageClass: longhorn + volumeSize: 5Gi + +web: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + image: makeplane/plane-frontend + pullPolicy: IfNotPresent + +space: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + image: makeplane/plane-space + pullPolicy: IfNotPresent + +admin: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + image: makeplane/plane-admin + pullPolicy: IfNotPresent + +api: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + image: makeplane/plane-backend + pullPolicy: IfNotPresent + +worker: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + image: makeplane/plane-backend + pullPolicy: IfNotPresent + +beatworker: + replicas: 1 + memoryLimit: 1000Mi + cpuLimit: 500m + image: makeplane/plane-backend + pullPolicy: IfNotPresent + +env: + pgdb_username: plane + pgdb_password: plane + pgdb_name: plane + pgdb_remote_url: "" #INCASE OF REMOTE PG DB URL ONLY + + # NEXT_PUBLIC_DEPLOY_URL: "" + # REDIS + remote_redis_url: "" #INCASE OF REMOTE REDIS ONLY + # POSTGRES DB VALUES + + # DATA STORE + docstore_bucket: "uploads" + doc_upload_size_limit: "5242880" # 5MB + + # REQUIRED IF MINIO LOCAL SETUP IS FALSE + aws_access_key: "" + aws_secret_access_key: "" + aws_region: "" + aws_s3_endpoint_url: "" + + secret_key: "60gp0byfz2dvffa45cxl20p1scy9xbpf6d8c5y0geejgkyp1b5" + + sentry_dsn: "" + sentry_environment: "" + + cors_allowed_origins: "" + default_cluster_domain: cluster.local + diff --git a/cluster/rancher-cleanup.yaml b/cluster/rancher-cleanup.yaml new file mode 100644 index 0000000..72a3469 --- /dev/null +++ b/cluster/rancher-cleanup.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cleanup-service-account + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cleanup-admin +subjects: +- kind: ServiceAccount + name: cleanup-service-account + namespace: kube-system +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: cleanup-job + namespace: kube-system + labels: + app: cleanup +spec: + template: + spec: + containers: + - name: cleanup + image: rancher/rancher-cleanup:latest + args: [ "force" ] + imagePullPolicy: Always + serviceAccountName: cleanup-service-account + restartPolicy: Never + backoffLimit: 4 \ No newline at end of file diff --git a/cluster/readme.md b/cluster/readme.md new file mode 100644 index 0000000..a6f46bf --- /dev/null +++ b/cluster/readme.md @@ -0,0 +1,45 @@ +# kubunetes cluster + +## Create a cluster +```bash +``` + +## Delete a cluster +```bash +``` + +## Get cluster info +```bash +``` + +## Get cluster status +```bash +``` + +## Get cluster logs +```bash +``` + +## Get cluster events +```bash +``` + +## Get cluster nodes +```bash +``` + +## Delete rancher + +### Using the cleanup script +Run as a Kubernetes Job +```bash +k create -f rancher-cleanup.yaml +kubectl -n kube-system logs -l job-name=cleanup-job -f +``` + +Verify that the job has completed +```bash +kubectl apply -f verify.yaml +kubectl -n kube-system logs -l job-name=verify-job -f +kubectl -n kube-system logs -l job-name=verify-job -f | grep -v "is deprecated" +``` diff --git a/cluster/traefik_ingress_route/ingress_route.yaml b/cluster/traefik_ingress_route/ingress_route.yaml new file mode 100644 index 0000000..5297d76 --- /dev/null +++ b/cluster/traefik_ingress_route/ingress_route.yaml @@ -0,0 +1,47 @@ +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: myingressroute + namespace: default + +spec: + entryPoints: + - web + + routes: + - match: Host(`test.traefik.local`) && PathPrefix(`/bar`) + kind: Rule + services: + - name: whoami + port: 80 + +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRouteTCP +metadata: + name: ingressroute.tcp + namespace: default + +spec: + entryPoints: + - tcpep + routes: + - match: HostSNI(`testtcp.traefik.local`) + services: + - name: whoamitcp + port: 8080 + +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRouteUDP +metadata: + name: ingressroute.udp + namespace: default + +spec: + entryPoints: + - udpep + routes: + - services: + - name: whoamiudp + port: 8080 \ No newline at end of file diff --git a/cluster/traefik_ingress_route/readme.md b/cluster/traefik_ingress_route/readme.md new file mode 100644 index 0000000..074cf6c --- /dev/null +++ b/cluster/traefik_ingress_route/readme.md @@ -0,0 +1,8 @@ +# traefik ingress route + +## Description +```bash +k apply -f ingress_route.yaml -f whoami.yaml +http://test.traefik.local/bar +k delete -f ingress_route.yaml -f whoami.yaml +``` \ No newline at end of file diff --git a/cluster/traefik_ingress_route/traefik_controller.yaml b/cluster/traefik_ingress_route/traefik_controller.yaml new file mode 100644 index 0000000..a826919 --- /dev/null +++ b/cluster/traefik_ingress_route/traefik_controller.yaml @@ -0,0 +1,82 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: traefik-ingress-controller + +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: traefik + labels: + app: traefik + +spec: + replicas: 1 + selector: + matchLabels: + app: traefik + template: + metadata: + labels: + app: traefik + spec: + serviceAccountName: traefik-ingress-controller + containers: + - name: traefik + image: traefik:v3.1 + args: + - --log.level=DEBUG + - --api + - --api.insecure + - --entryPoints.web.address=:80 + - --entryPoints.tcpep.address=:8000 + - --entryPoints.udpep.address=:9000/udp + - --providers.kubernetescrd + ports: + - name: web + containerPort: 80 + - name: admin + containerPort: 8080 + - name: tcpep + containerPort: 8000 + - name: udpep + containerPort: 9000 + +--- +apiVersion: v1 +kind: Service +metadata: + name: traefik +spec: + type: LoadBalancer + selector: + app: traefik + ports: + - protocol: TCP + port: 80 + name: web + targetPort: 80 + - protocol: TCP + port: 8080 + name: admin + targetPort: 8080 + - protocol: TCP + port: 8000 + name: tcpep + targetPort: 8000 + +--- +apiVersion: v1 +kind: Service +metadata: + name: traefikudp +spec: + type: LoadBalancer + selector: + app: traefik + ports: + - protocol: UDP + port: 9000 + name: udpep + targetPort: 9000 \ No newline at end of file diff --git a/cluster/traefik_ingress_route/whoami.yaml b/cluster/traefik_ingress_route/whoami.yaml new file mode 100644 index 0000000..beb8937 --- /dev/null +++ b/cluster/traefik_ingress_route/whoami.yaml @@ -0,0 +1,126 @@ +kind: Deployment +apiVersion: apps/v1 +metadata: + name: whoami + namespace: default + labels: + app: traefiklabs + name: whoami + +spec: + replicas: 2 + selector: + matchLabels: + app: traefiklabs + task: whoami + template: + metadata: + labels: + app: traefiklabs + task: whoami + spec: + containers: + - name: whoami + image: traefik/whoami + ports: + - containerPort: 80 + +--- +apiVersion: v1 +kind: Service +metadata: + name: whoami + namespace: default + +spec: + ports: + - name: http + port: 80 + selector: + app: traefiklabs + task: whoami + +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: whoamitcp + namespace: default + labels: + app: traefiklabs + name: whoamitcp + +spec: + replicas: 2 + selector: + matchLabels: + app: traefiklabs + task: whoamitcp + template: + metadata: + labels: + app: traefiklabs + task: whoamitcp + spec: + containers: + - name: whoamitcp + image: traefik/whoamitcp + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: whoamitcp + namespace: default + +spec: + ports: + - protocol: TCP + port: 8080 + selector: + app: traefiklabs + task: whoamitcp + +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: whoamiudp + namespace: default + labels: + app: traefiklabs + name: whoamiudp + +spec: + replicas: 2 + selector: + matchLabels: + app: traefiklabs + task: whoamiudp + template: + metadata: + labels: + app: traefiklabs + task: whoamiudp + spec: + containers: + - name: whoamiudp + image: traefik/whoamiudp:latest + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: whoamiudp + namespace: default + +spec: + ports: + - port: 8080 + selector: + app: traefiklabs + task: whoamiudp \ No newline at end of file diff --git a/cluster/verify.yaml b/cluster/verify.yaml new file mode 100644 index 0000000..a6544ad --- /dev/null +++ b/cluster/verify.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cleanup-service-account + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: cleanup-admin +subjects: +- kind: ServiceAccount + name: cleanup-service-account + namespace: kube-system +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: verify-job + namespace: kube-system + labels: + app: verify +spec: + template: + spec: + containers: + - name: verify + image: rancher/rancher-cleanup:latest + command: [ "verify.sh" ] + imagePullPolicy: Always + serviceAccountName: cleanup-service-account + restartPolicy: Never + backoffLimit: 0 \ No newline at end of file