├── .gitignore ├── LICENSE ├── README.rst ├── ansible ├── ansible.cfg ├── configs │ ├── ca.srl │ ├── cert_openssl.cnf │ ├── extfile.cnf │ └── openssl.cnf ├── create-x509s.yml ├── deploy-secrets.sh ├── inventory_dev ├── secrets │ ├── .gitignore │ ├── tls-aejupyter.yml │ ├── tls-ceph.yml │ ├── tls-client.yml │ ├── tls-database.yml │ ├── tls-docker.yml │ ├── tls-jenkins.yml │ ├── tls-jupyter.yml │ ├── tls-k8.yml │ ├── tls-kafka.yml │ ├── tls-kibana.yml │ ├── tls-minio.yml │ ├── tls-nginx.yml │ ├── tls-pgadmin.yml │ ├── tls-phpmyadmin.yml │ ├── tls-rabbitmq.yml │ ├── tls-redis.yml │ ├── tls-restapi.yml │ ├── tls-s3.yml │ ├── tls-splunk.yml │ └── tls-webserver.yml └── ssl │ └── .gitignore ├── api ├── _uninstall.sh ├── create-user.sh ├── deployment-splunk.yml ├── deployment.yml ├── get-api-url.sh ├── ingress-dev.yml ├── ingress-prod.yml ├── logs.sh ├── migrate-db.sh ├── pod-describe.sh ├── run.sh ├── secrets.yml ├── service.yml ├── show-ingress.sh ├── ssh.sh ├── users │ └── user_1.sh ├── view-env.sh └── view-ingress-config.sh ├── centos ├── docker.service ├── kernel-modules.conf └── prepare.sh ├── ceph ├── README.rst ├── _kvm-format-images.sh ├── _uninstall.sh ├── add-ceph-to-helm.sh ├── ceph-overrides.yaml ├── ceph-service.yml ├── check-kvm-disk-mounts.sh ├── cluster-status.sh ├── describe-osd.sh ├── install-ceph-tools.sh ├── kvm-attach-images.sh ├── kvm-build-images.sh ├── kvm-detach-images.sh ├── logs-kt-ceph.sh ├── logs-mon.sh ├── logs-osd-prepare-pod.sh ├── rbac.yaml ├── run.sh ├── setup-auth-for-k8s.sh ├── show-ceph-all.sh ├── show-ceph-df.sh ├── show-ceph-osd-status.sh ├── show-ceph-rados-df.sh ├── show-ceph-rbd-ls.sh ├── show-ceph-status.sh ├── show-daemonsets.sh ├── show-pods.sh ├── show-secrets.sh ├── template-pvc-ceph-client-key-secret.yml ├── test │ ├── mount-pv-in-pod.yml │ └── pvc.yml └── values.yml ├── cert-manager ├── _uninstall.sh ├── clusterissuer-prod.yml ├── clusterissuer-staging.yml ├── ingress-prod.yml ├── ingress-staging.yml ├── issuer-prod.yml ├── issuer-staging.yml ├── logs.sh ├── run.sh ├── secrets-prod.yml ├── secrets-staging.yml └── secrets.yml ├── core ├── _uninstall.sh ├── deployment-splunk.yml ├── deployment.yml ├── logs.sh ├── run.sh ├── secrets.yml ├── ssh.sh └── view-env.sh ├── deploy-resources.sh ├── deploy_to_kubernetes ├── __init__.py └── scripts │ └── __init__.py ├── docs ├── Makefile ├── make.bat └── source │ ├── README.rst │ ├── _static │ └── .gitignore │ ├── ceph.rst │ ├── conf.py │ ├── index.rst │ └── multi-host-with-dns.rst ├── helm ├── install-helm-and-tiller.sh ├── run.sh └── tiller │ ├── install.sh │ └── rbac.yml ├── ingress ├── _uninstall.sh ├── alpine-ssh.sh ├── default-server-secret.yml ├── logs.sh ├── nginx-config.yml ├── nginx-ingress.yml ├── ns-and-sa.yml ├── pod-describe.sh ├── rbac.yml ├── run.sh ├── ssh.sh └── view-configs.sh ├── jupyter ├── _uninstall.sh ├── deployment-splunk.yml ├── deployment.yml ├── ingress-dev.yml ├── ingress-prod.yml ├── logs.sh ├── pods-describe.sh ├── run.sh ├── secrets.yml ├── service.yml ├── show-ingress.sh ├── ssh.sh ├── view-env.sh └── view-ingress-config.sh ├── minio ├── _uninstall.sh ├── cluster-internal-service.yml ├── deployment-dev.yml ├── deployment-prod.yml ├── describe-ingress.sh ├── describe-objstore.sh ├── describe-pod.sh ├── describe-secret.sh ├── describe-service.sh ├── envs │ ├── ext.env │ └── int.env ├── external-service.yml ├── get-s3-endpoint.sh ├── get-s3-external-endpoint.sh ├── ingress-dev.yml ├── ingress-prod.yml ├── logs.sh ├── run.sh ├── run_s3_test.py ├── secrets │ ├── default_access_keys.yml │ └── test_key_roll.yml └── ssh.sh ├── multihost ├── README.rst ├── _clean_reset_install.sh ├── _reset-cluster-using-ssh.sh ├── apply_labels.sh ├── fwd.example.com.db ├── kvm │ ├── create-centos-vm.sh │ ├── install-kvm.sh │ ├── start-m1.sh │ ├── start-m2.sh │ └── start-m3.sh ├── m1 │ ├── 01-network-manager-all.yaml │ ├── deploy-resources.sh │ ├── ifcfg-eth0 │ └── m1.xml ├── m2 │ ├── 01-network-manager-all.yaml │ ├── ifcfg-eth0 │ └── m2.xml ├── m3 │ ├── 01-network-manager-all.yaml │ ├── ifcfg-eth0 │ └── m3.xml ├── rev.example.com.db └── run.sh ├── pgadmin ├── _uninstall.sh ├── crunchy-template-http.json ├── ingress-dev.yml ├── ingress-prod.yml ├── logs.sh ├── run.sh ├── secrets.yml ├── show-ingress.sh ├── ssh.sh └── view-ingress-config.sh ├── postgres ├── _uninstall.sh ├── crunchy-template.json ├── logs.sh ├── pod-describe.sh ├── primary-db-ceph.sh ├── primary-db-nfs.sh ├── primary-db.sh ├── run.sh └── ssh.sh ├── prepare.sh ├── pvs ├── create-pvs.sh ├── pv-certs-ceph.yml ├── pv-configs-ceph.yml ├── pv-datascience-ceph.yml ├── pv-frontendshared-ceph.yml └── pv-staticfiles-ceph.yml ├── redis ├── _uninstall.sh ├── describe-master.sh ├── pv-ceph.yml ├── pv-nfs.yml ├── pv.yml ├── pvc-ceph.yml ├── redis.yml └── run.sh ├── rook ├── _uninstall.sh ├── bucket-create.sh ├── bucket-ls.sh ├── ceph │ ├── cluster.yml │ ├── filesystem.yml │ ├── ingress-dev.yml │ ├── ingress-prod.yml │ ├── kube-registry.yml │ ├── object.yml │ ├── operator.yml │ ├── pool.yml │ ├── rgw-external.yml │ ├── s3-objectstore-dev.yml │ ├── s3-objectstore-prod.yml │ ├── scc.yml │ ├── service-objectstore-dev.yml │ ├── service-objectstore-prod.yml │ ├── storageclass.yml │ └── toolbox.yml ├── debug-osd-pods.sh ├── describe-rgw.sh ├── describe-tls-s3-ceph.sh ├── envs │ └── .gitignore ├── export-user-trex-to-env.sh ├── gather-all-logs.sh ├── get-ceph-s3-endpoint.sh ├── get-minio-s3-endpoint.sh ├── get-user-trex-info.sh ├── load-s3-secure-env.sh ├── logs.sh ├── minio │ ├── describe-ingress.sh │ ├── describe-objstore.sh │ ├── describe-pod.sh │ ├── describe-secret.sh │ ├── describe-service.sh │ ├── ingress-dev.yml │ ├── ingress-prod.yml │ ├── logs.sh │ ├── operator.yml │ ├── s3-objectstore-dev.yml │ ├── s3-objectstore-prod.yml │ ├── service-objectstore-dev.yml │ ├── service-objectstore-prod.yml │ └── ssh.sh ├── run.sh ├── secrets │ └── .gitignore ├── show-ceph-df.sh ├── show-ceph-osd-status.sh ├── show-ceph-rados-df.sh ├── show-ceph-status.sh ├── ssh.sh ├── test-s3.py ├── user-create.sh ├── user-deploy-creds.sh ├── view-ceph-pods.sh ├── view-env.sh ├── view-minio-pods.sh ├── view-services.sh ├── view-system-pods.sh └── view-toolbox.sh ├── setup.py ├── splunk ├── _uninstall.sh ├── deployment.yml ├── get-api-fqdn.sh ├── ingress.yml ├── logs.sh ├── run.sh ├── search.sh ├── secrets.yml ├── service.yml ├── show-ingress.sh ├── ssh.sh ├── tcp-ingress.yml ├── tcp-service.yml ├── view-env.sh ├── view-ingress-config.sh ├── web-ingress-dev.yml ├── web-ingress-prod.yml └── web-service.yml ├── start.sh ├── tests ├── __init__.py ├── base_test.py ├── core-predict-rows-full.json ├── core-predict-rows-simple.json ├── predict-rows-scaler-django-simple.json ├── predict-rows-scaler-full-django.json ├── scaler-django-antinex-simple.json ├── scaler-full-django-antinex-simple.json ├── scaler-regression.json └── test_functional.py ├── tools ├── bash_colors.sh ├── cluster-reset.sh ├── create-pvs.sh ├── fast-prepare.sh ├── install-go.sh ├── pods-system.sh ├── reset-flannel-cni-networks.sh ├── show-k8-ca-cert-hash.sh ├── start-cluster-on-reboot.sh └── update-k8.sh ├── tox.ini ├── user-install-kubeconfig.sh └── worker ├── _uninstall.sh ├── deployment-splunk.yml ├── deployment.yml ├── logs.sh ├── run.sh ├── secrets.yml ├── ssh.sh └── view-env.sh /ansible/ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | ask_pass=False 3 | host_key_checking=False 4 | display_skipped_hosts=True 5 | retry_files_save_path=/tmp 6 | transport=paramiko 7 | log_path="/tmp/ansible-cc.log" 8 | [ssh_connection] 9 | pipelining = True 10 | control_path = /tmp/ansible-cc-ssh-%%h-%%p-%%r 11 | -------------------------------------------------------------------------------- /ansible/configs/ca.srl: -------------------------------------------------------------------------------- 1 | 01 2 | -------------------------------------------------------------------------------- /ansible/configs/cert_openssl.cnf: -------------------------------------------------------------------------------- 1 | [req] 2 | days = 2000 3 | serial = 1 4 | distinguished_name = req_distinguished_name 5 | x509_extensions = v3_ca 6 | 7 | 8 | [req_distinguished_name] 9 | countryName = US 10 | stateOrProvinceName = CA 11 | localityName = City 12 | organizationName = ExampleOrg 13 | organizationalUnitName = ExampleOrgUnit 14 | commonName = example.com 15 | 16 | [ v3_ca ] 17 | subjectKeyIdentifier = hash 18 | authorityKeyIdentifier = keyid:always,issuer:always 19 | basicConstraints = CA:TRUE 20 | keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign 21 | subjectAltName = DNS:*.example.com, DNS:redis.example.com, DNS:rabbitmq.example.com, DNS:aejupyter.example.com, DNS:jupyter.example.com, DNS:jenkins.example.com, DNS:www.example.com, DNS:api.example.com, DNS:db.example.com, DNS:pgadmin.example.com, DNS:phpmyadmin.example.com, DNS:kibana.example.com, DNS:lb.example.com, DNS:docker.example.com, DNS:k8.example.com, DNS:splunk.example.com, DNS:kafka.example.com, DNS:s3.example.com, email:admin@example.com 22 | issuerAltName = issuer:copy 23 | -------------------------------------------------------------------------------- /ansible/configs/extfile.cnf: -------------------------------------------------------------------------------- 1 | subjectAltName = DNS:*.example.com, DNS:rabbitmq.example.com, DNS:redis.example.com, DNS:aejupyter.example.com, DNS:jupyter.example.com, DNS:jenkins.example.com, DNS:www.example.com, DNS:api.example.com, DNS:db.example.com, DNS:pgadmin.example.com, DNS:phpmyadmin.example.com, DNS:kibana.example.com, DNS:lb.example.com, DNS:docker.example.com, DNS:k8.example.com, DNS:splunk.example.com, DNS:kafka.example.com, DNS:s3.example.com, IP:127.0.0.1 2 | extendedKeyUsage = serverAuth 3 | -------------------------------------------------------------------------------- /ansible/configs/openssl.cnf: -------------------------------------------------------------------------------- 1 | [ req ] 2 | prompt = no 3 | default_bits = 2048 4 | distinguished_name = req_distinguished_name # where to get DN for reqs 5 | 6 | [ req_distinguished_name ] 7 | C = US 8 | ST = CA 9 | L = City 10 | O = example 11 | OU = example 12 | CN = example.com 13 | -------------------------------------------------------------------------------- /ansible/inventory_dev: -------------------------------------------------------------------------------- 1 | [local] 2 | localhost 3 | -------------------------------------------------------------------------------- /ansible/secrets/.gitignore: -------------------------------------------------------------------------------- 1 | *.pem 2 | -------------------------------------------------------------------------------- /ansible/ssl/.gitignore: -------------------------------------------------------------------------------- 1 | *.pem 2 | -------------------------------------------------------------------------------- /api/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting api" 30 | inf "" 31 | 32 | inf "deleting ingress: api-ingress" 33 | kubectl delete ingress api-ingress 34 | inf "" 35 | 36 | inf "deleting service: api-svc" 37 | kubectl delete svc api-svc 38 | inf "" 39 | 40 | inf "deleting deployment: api" 41 | kubectl delete deployment api 42 | inf "" 43 | 44 | inf "deleting secrets: api" 45 | kubectl delete secret api-secret 46 | inf "" 47 | 48 | good "done deleting: api" 49 | -------------------------------------------------------------------------------- /api/get-api-url.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "api.example.com" 4 | 5 | exit 0 6 | -------------------------------------------------------------------------------- /api/ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: api-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/redirect-to-https: True 8 | spec: 9 | tls: 10 | - hosts: 11 | - api.example.com 12 | secretName: tls-restapi 13 | rules: 14 | - host: api.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: api-svc 20 | servicePort: 8010 21 | -------------------------------------------------------------------------------- /api/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: api-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 10 | spec: 11 | tls: 12 | - hosts: 13 | - api.example.com 14 | secretName: api.example.com-tls 15 | rules: 16 | - host: api.example.com 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: api-svc 22 | servicePort: 8010 23 | -------------------------------------------------------------------------------- /api/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="api" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /api/migrate-db.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | user=antinex 29 | pw=antinex 30 | db=webapp 31 | 32 | use_namespace="default" 33 | app_name="api" 34 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 35 | 36 | warn "-----------------------------------------" 37 | warn "starting database migrations: https://github.com/jay-johnson/deploy-to-kubernetes/blob/master/api/migrate-db.sh" 38 | warn "with command:" 39 | warn "kubectl exec -it ${pod_name} -n ${use_namespace} -- /bin/bash -c \"export USE_ENV=k8 && ./run-migrations.sh\"" 40 | 41 | kubectl exec -it ${pod_name} -n ${use_namespace} -- /bin/bash -c "export USE_ENV=k8 && ./run-migrations.sh" 42 | 43 | good "done migrations" 44 | 45 | exit 0 46 | -------------------------------------------------------------------------------- /api/pod-describe.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe pods api -n default" 29 | 30 | kubectl describe pods api -n default 31 | -------------------------------------------------------------------------------- /api/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | should_cleanup_before_startup=0 13 | deploy_suffix="" 14 | cert_env="dev" 15 | for i in "$@" 16 | do 17 | if [[ "${i}" == "splunk" ]]; then 18 | deploy_suffix="-splunk" 19 | elif [[ "${i}" == "prod" ]]; then 20 | cert_env="prod" 21 | elif [[ "${i}" == "antinex" ]]; then 22 | cert_env="an" 23 | elif [[ "${i}" == "qs" ]]; then 24 | cert_env="qs" 25 | elif [[ "${i}" == "redten" ]]; then 26 | cert_env="redten" 27 | fi 28 | done 29 | 30 | use_path="." 31 | if [[ ! -e deployment.yml ]]; then 32 | use_path="./api" 33 | fi 34 | 35 | anmt "----------------------------------------------------------------------------------" 36 | anmt "deploying api with cert_env=${cert_env}: https://github.com/jay-johnson/deploy-to-kubernetes/blob/master/api" 37 | inf "" 38 | 39 | inf "applying secrets" 40 | kubectl apply -f ${use_path}/secrets.yml 41 | inf "" 42 | 43 | deploy_file=${use_path}/deployment${deploy_suffix}.yml 44 | warn "applying deployment: ${deploy_file}" 45 | kubectl apply -f ${deploy_file} 46 | inf "" 47 | 48 | inf "applying service" 49 | kubectl apply -f ${use_path}/service.yml 50 | inf "" 51 | 52 | inf "applying ingress cert_env: ${cert_env}" 53 | kubectl apply -f ${use_path}/ingress-${cert_env}.yml 54 | inf "" 55 | 56 | good "done deploying: api" 57 | -------------------------------------------------------------------------------- /api/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: api.user 5 | type: Opaque 6 | data: 7 | # echo -n "trex" | base64 8 | username: dHJleA== 9 | # echo -n "123321" | base64 10 | password: MTIzMzIx 11 | --- 12 | apiVersion: v1 13 | kind: Secret 14 | metadata: 15 | name: api.webserver 16 | type: Opaque 17 | data: 18 | # echo -n "antinexsuperdupersecret" | base64 19 | secret_key: YW50aW5leHN1cGVyZHVwZXJzZWNyZXQ= 20 | --- 21 | apiVersion: v1 22 | kind: Secret 23 | metadata: 24 | name: api.db 25 | type: Opaque 26 | data: 27 | # echo -n "antinex" | base64 28 | username: YW50aW5leA== 29 | # echo -n "antinex" | base64 30 | password: YW50aW5leA== 31 | # echo -n "webapp" | base64 32 | dbname: d2ViYXBw 33 | --- 34 | apiVersion: v1 35 | kind: Secret 36 | metadata: 37 | name: api.redis 38 | type: Opaque 39 | data: 40 | # echo -n "123321" | base64 41 | password: MTIzMzIx 42 | -------------------------------------------------------------------------------- /api/service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: api-svc 5 | spec: 6 | ports: 7 | - port: 8010 8 | targetPort: 8010 9 | protocol: TCP 10 | name: http 11 | selector: 12 | app: api 13 | -------------------------------------------------------------------------------- /api/show-ingress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe ingress api" 29 | kubectl describe ingress api 30 | -------------------------------------------------------------------------------- /api/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="api" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /api/users/user_1.sh: -------------------------------------------------------------------------------- 1 | export API_USER="trex" 2 | export API_PASSWORD="123321" 3 | export API_EMAIL="bugs@antinex.com" 4 | export API_FIRSTNAME="Guest" 5 | export API_LASTNAME="Guest" 6 | export API_URL="https://api.example.com" 7 | export API_VERBOSE="true" 8 | export API_DEBUG="false" 9 | 10 | if [[ "${ANTINEX_USER}" != "" ]]; then 11 | export API_USER="${ANTINEX_USER}" 12 | else 13 | export ANTINEX_USER="${API_USER}" 14 | fi 15 | 16 | if [[ "${ANTINEX_PASSWORD}" != "" ]]; then 17 | export API_PASSWORD="${ANTINEX_PASSWORD}" 18 | else 19 | export ANTINEX_PASSWORD="${API_PASSWORD}" 20 | fi 21 | 22 | if [[ "${ANTINEX_URL}" != "" ]]; then 23 | export API_URL="${ANTINEX_URL}" 24 | else 25 | export ANTINEX_URL="${API_URL}" 26 | fi 27 | if [[ "${ANTINEX_EMAIL}" != "" ]]; then 28 | export API_EMAIL="${ANTINEX_EMAIL}" 29 | else 30 | export ANTINEX_EMAIL="${API_EMAIL}" 31 | fi 32 | if [[ "${ANTINEX_FIRSTNAME}" != "" ]]; then 33 | export API_FIRSTNAME="${ANTINEX_FIRSTNAME}" 34 | else 35 | export ANTINEX_FIRSTNAME="${API_FIRSTNAME}" 36 | fi 37 | if [[ "${ANTINEX_LASTNAME}" != "" ]]; then 38 | export API_LASTNAME="${ANTINEX_LASTNAME}" 39 | else 40 | export ANTINEX_LASTNAME="${API_LASTNAME}" 41 | fi 42 | if [[ "${ANTINEX_VERBOSE}" != "" ]]; then 43 | export API_VERBOSE="${ANTINEX_VERBOSE}" 44 | else 45 | export ANTINEX_VERBOSE="${API_VERBOSE}" 46 | fi 47 | if [[ "${ANTINEX_DEBUG}" != "" ]]; then 48 | export API_DEBUG="${ANTINEX_DEBUG}" 49 | else 50 | export ANTINEX_DEBUG="${API_DEBUG}" 51 | fi 52 | -------------------------------------------------------------------------------- /api/view-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="api" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "getting api environment variables" 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | env | sort 39 | -------------------------------------------------------------------------------- /api/view-ingress-config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "Getting the Splunk ingress configuration: " 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | cat /etc/nginx/conf.d/${use_namespace}-api-ingress.conf 39 | -------------------------------------------------------------------------------- /centos/docker.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Docker Application Container Engine 3 | Documentation=https://docs.docker.com 4 | After=network-online.target firewalld.service 5 | Wants=network-online.target 6 | 7 | [Service] 8 | Type=notify 9 | # the default is not to use systemd for cgroups because the delegate issues still 10 | # exists and systemd currently does not support the cgroup feature set required 11 | # for containers run by docker 12 | ExecStart=/usr/bin/dockerd --storage-driver=overlay2 -H unix:///var/run/docker.sock --data-root /data/docker 13 | ExecReload=/bin/kill -s HUP $MAINPID 14 | # Having non-zero Limit*s causes performance problems due to accounting overhead 15 | # in the kernel. We recommend using cgroups to do container-local accounting. 16 | LimitNOFILE=infinity 17 | LimitNPROC=infinity 18 | LimitCORE=infinity 19 | # Uncomment TasksMax if your systemd version supports it. 20 | # Only systemd 226 and above support this version. 21 | #TasksMax=infinity 22 | TimeoutStartSec=0 23 | # set delegate yes so that systemd does not reset the cgroups of docker containers 24 | Delegate=yes 25 | # kill only the docker process, not all processes in the cgroup 26 | KillMode=process 27 | # restart the docker process if it exits prematurely 28 | Restart=on-failure 29 | StartLimitBurst=3 30 | StartLimitInterval=60s 31 | 32 | [Install] 33 | WantedBy=multi-user.target 34 | -------------------------------------------------------------------------------- /centos/kernel-modules.conf: -------------------------------------------------------------------------------- 1 | ip_vs 2 | ip_vs_rr 3 | ip_vs_wrr 4 | ip_vs_sh 5 | nf_conntrack_ipv4 6 | -------------------------------------------------------------------------------- /ceph/add-ceph-to-helm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | inf "checking if helm is running already" 32 | helm_running=$(ps auwwx | grep helm | grep serve | wc -l) 33 | if [[ "${helm_running}" == "0" ]]; then 34 | anmt "starting local helm server" 35 | helm serve & 36 | anmt " - sleeping" 37 | sleep 5 38 | helm_running=$(ps auwwx | grep helm | grep serve | wc -l) 39 | if [[ "${helm_running}" == "0" ]]; then 40 | err "failed starting local helm server" 41 | exit 1 42 | else 43 | good "helm is running" 44 | fi 45 | else 46 | inf " - helm is already serving charts" 47 | fi 48 | inf "" 49 | 50 | anmt "adding ceph repo to the helm charts" 51 | last_dir=$(pwd) 52 | if [[ ! -e ./ceph-overrides.yaml ]]; then 53 | cd ceph 54 | fi 55 | helm repo add ceph http://localhost:8879/charts 56 | if [[ ! -e ./ceph-helm ]]; then 57 | git clone https://github.com/ceph/ceph-helm ./ceph-helm 58 | fi 59 | cd ceph-helm/ceph 60 | ls 61 | inf "" 62 | 63 | anmt "updating helm repo" 64 | helm repo update 65 | inf "" 66 | 67 | inf "building ceph-helm chart" 68 | pwd 69 | make 70 | cd ${last_dir} 71 | inf "" 72 | -------------------------------------------------------------------------------- /ceph/ceph-overrides.yaml: -------------------------------------------------------------------------------- 1 | network: 2 | public: 192.168.0.0/16 3 | cluster: 192.168.0.0/16 4 | port: 5 | mon: 6789 6 | rgw: 8088 7 | 8 | # check cluster status with: 9 | # ./ceph/cluster-status.sh 10 | # or: 11 | # kubectl -n ceph exec -ti CEPH_MON_POD_NAME -c ceph-mon -- ceph -s 12 | osd_devices: 13 | - name: dev-vdb 14 | device: /dev/vdb 15 | zap: "1" 16 | 17 | # create keyring for k8s user 18 | # kubectl -n ceph exec -ti CEPH_MON_POD_NAME -c ceph-mon -- bash 19 | storageclass: 20 | provision_storage_class: true 21 | provisioner: ceph.com/rbd 22 | name: ceph-rbd 23 | monitors: null 24 | pool: rbd 25 | admin_id: admin 26 | admin_secret_name: pvc-ceph-conf-combined-storageclass 27 | admin_secret_namespace: ceph 28 | user_id: k8s 29 | user_secret_name: pvc-ceph-client-key 30 | image_format: "2" 31 | image_features: layering 32 | -------------------------------------------------------------------------------- /ceph/ceph-service.yml: -------------------------------------------------------------------------------- 1 | kind: Service 2 | apiVersion: v1 3 | metadata: 4 | name: ceph-mon 5 | namespace: default 6 | spec: 7 | type: ExternalName 8 | externalName: ceph-mon.ceph.svc.cluster.local 9 | ports: 10 | - port: 6789 11 | -------------------------------------------------------------------------------- /ceph/check-kvm-disk-mounts.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | good "Checking Ceph OSD Pod Mountpoints for /dev/vdb1:" 35 | inf "" 36 | found_failure="0" 37 | osd_pods=$(kubectl get po -n ${use_namespace} | grep osd | awk '{print $1}' | grep -v keyring | sort) 38 | command_to_run="-- df -h /var/lib/ceph/" 39 | for osd in ${osd_pods}; do 40 | anmt "checking: ${osd}" 41 | anmt "kubectl -n ${use_namespace} exec -it ${osd} ${command_to_run}" 42 | found_mount=$(kubectl -n ${use_namespace} exec -it ${osd} ${command_to_run} | grep -v Filesystem | awk '{print $1}') 43 | if [[ "${found_mount}" != "/dev/vdb1" ]]; then 44 | err "failed: ${osd} is using ${found_mount}" 45 | found_failure="1" 46 | else 47 | good "confirmed: ${osd} is using ${found_mount}" 48 | fi 49 | done 50 | 51 | if [[ "${found_failure}" == "1" ]]; then 52 | critical "detected at least one Ceph OSD mount failure" 53 | critical "Please review the Ceph debugging guide: https://deploy-to-kubernetes.readthedocs.io/en/latest/ceph.html#confirm-ceph-osd-pods-are-using-the-kvm-mounted-disks for more details on how to fix this issue" 54 | exit 1 55 | else 56 | good "all Ceph OSD pods: ${osd_pods} are using /dev/vbd1 for storage" 57 | fi 58 | 59 | exit 1 60 | -------------------------------------------------------------------------------- /ceph/cluster-status.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Getting Ceph cluster status:" 35 | inf "" 36 | mon_pod=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-mon-" | awk '{print $1}' | tail -1) 37 | if [[ "${mon_pod}" == "" ]]; then 38 | err "Did not find a ceph-mon pod running - please check ceph:" 39 | err "kubectl get pods -n ${use_namespace}" 40 | exit 1 41 | else 42 | good "kubectl -n ceph exec -ti ${mon_pod} -c ceph-mon -- ceph -s" 43 | kubectl -n ceph exec -ti ${mon_pod} -c ceph-mon -- ceph -s 44 | fi 45 | -------------------------------------------------------------------------------- /ceph/describe-osd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Tailing Ceph logs with:" 35 | inf "" 36 | inf "" 37 | mon_pod=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-osd-" | awk '{print $1}' | tail -1) 38 | if [[ "${mon_pod}" == "" ]]; then 39 | err "Did not find a ceph-osd pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | good "kubectl -n ${use_namespace} describe pod ${mon_pod}" 44 | kubectl -n ${use_namespace} describe pod ${mon_pod} 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/install-ceph-tools.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "installing ceph from steps on: http://docs.ceph.com/docs/master/install/get-packages/" 4 | sudo rpm --import "https://download.ceph.com/keys/release.asc" 5 | 6 | # https://github.com/openshift/origin/issues/20363 7 | sudo yum install -y ceph-common centos-release-ceph-luminous lsof strace 8 | 9 | -------------------------------------------------------------------------------- /ceph/kvm-attach-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | image_dir="/cephdata" 4 | size="100G" 5 | 6 | if [[ ${1} != "" ]]; then 7 | image_dir=${1} 8 | fi 9 | 10 | if [[ ${2} != "" ]]; then 11 | size=${2} 12 | fi 13 | 14 | if [[ ! -e ${image_dir} ]]; then 15 | sudo mkdir -p -m 775 ${image_dir} 16 | fi 17 | 18 | nodes="m1 m2 m3" 19 | for node in $nodes; do 20 | node_dir=${image_dir}/${node} 21 | if [[ ! -e ${node_dir} ]]; then 22 | sudo mkdir -p -m 775 ${node_dir} 23 | fi 24 | image_name="k8-centos-${node}" 25 | image_path="${node_dir}/${image_name}" 26 | if [[ ! -e ${image_path} ]]; then 27 | echo "missing hdd image at: ${image_path} size: ${size}" 28 | echo "please generate them manually or with the ./ceph/kvm-build-images.sh script" 29 | exit 1 30 | else 31 | echo "attaching image: ${image_path} to ${node} with:" 32 | echo "virsh attach-disk ${node} --source ${image_path} --subdriver qcow2 --target vdb --persistent" 33 | virsh attach-disk ${node} \ 34 | --source ${image_path} \ 35 | --subdriver qcow2 \ 36 | --target vdb \ 37 | --persistent 38 | fi 39 | done 40 | -------------------------------------------------------------------------------- /ceph/kvm-build-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | image_dir="/cephdata" 4 | size="100G" 5 | 6 | if [[ ${1} != "" ]]; then 7 | image_dir=${1} 8 | fi 9 | 10 | if [[ ${2} != "" ]]; then 11 | size=${2} 12 | fi 13 | 14 | if [[ ! -e ${image_dir} ]]; then 15 | sudo mkdir -p -m 775 ${image_dir} 16 | fi 17 | 18 | nodes="m1 m2 m3" 19 | for node in $nodes; do 20 | node_dir=${image_dir}/${node} 21 | if [[ ! -e ${node_dir} ]]; then 22 | sudo mkdir -p -m 775 ${node_dir} 23 | fi 24 | image_name="k8-centos-${node}" 25 | image_path="${node_dir}/${image_name}" 26 | if [[ ! -e ${image_path} ]]; then 27 | echo "creating hdd image at: ${image_path} size: ${size}" 28 | echo "qemu-img create -f qcow2 ${image_path} ${size}" 29 | sudo qemu-img create -f qcow2 ${image_path} ${size} 30 | else 31 | echo " - already have image: ${image_path}" 32 | ls -lrth ${image_path} 33 | fi 34 | done 35 | -------------------------------------------------------------------------------- /ceph/kvm-detach-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | image_dir="/cephdata" 4 | size="100G" 5 | 6 | if [[ ${1} != "" ]]; then 7 | image_dir=${1} 8 | fi 9 | 10 | if [[ ${2} != "" ]]; then 11 | size=${2} 12 | fi 13 | 14 | if [[ ! -e ${image_dir} ]]; then 15 | sudo mkdir -p -m 775 ${image_dir} 16 | fi 17 | 18 | nodes="m1 m2 m3" 19 | for node in $nodes; do 20 | node_dir=${image_dir}/${node} 21 | if [[ ! -e ${node_dir} ]]; then 22 | sudo mkdir -p -m 775 ${node_dir} 23 | fi 24 | image_name="k8-centos-${node}" 25 | image_path="${node_dir}/${image_name}" 26 | if [[ ! -e ${image_path} ]]; then 27 | echo "missing hdd image at: ${image_path} size: ${size}" 28 | echo "please generate them manually or with the ./ceph/kvm-build-images.sh script" 29 | exit 1 30 | else 31 | echo "detaching image: ${image_path} to ${node} with:" 32 | echo "virsh detach-disk ${node} \ 33 | ${image_path}" 34 | virsh detach-disk ${node} \ 35 | ${image_path} \ 36 | --persistent 37 | fi 38 | done 39 | -------------------------------------------------------------------------------- /ceph/logs-kt-ceph.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Tailing all Ceph logs with kubetail:" 35 | inf "" 36 | kubetail ceph -n ceph 37 | -------------------------------------------------------------------------------- /ceph/logs-mon.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Tailing Ceph logs with:" 35 | inf "" 36 | inf "" 37 | mon_pod=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-mon-" | awk '{print $1}' | tail -1) 38 | if [[ "${mon_pod}" == "" ]]; then 39 | err "Did not find a ceph-mon pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | good "kubectl -n ${use_namespace} logs ${mon_pod} -c cluster-log-tailer" 44 | kubectl -n ${use_namespace} logs ${mon_pod} -c cluster-log-tailer 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/logs-osd-prepare-pod.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Getting Ceph OSD Device logs with:" 35 | inf "" 36 | inf "" 37 | pod_name=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep ceph-osd-dev-vdb | awk '{print $1}' | tail -1) 38 | if [[ "${pod_name}" == "" ]]; then 39 | err "Did not find a ceph-osd-dev-vdb pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | good "kubectl -n ${use_namespace} logs ${pod_name} -c osd-prepare-pod" 44 | kubectl -n ${use_namespace} logs ${pod_name} -c osd-prepare-pod 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/show-ceph-all.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | inf "" 32 | anmt "----------------------------------------------" 33 | good "Getting all Ceph reports:" 34 | 35 | use_path="." 36 | if [[ -e ./ceph/show-ceph-status.sh ]]; then 37 | use_path="./ceph" 38 | fi 39 | 40 | files="show-ceph-status.sh show-ceph-rados-df.sh show-ceph-df.sh show-ceph-osd-status.sh show-ceph-rbd-ls.sh show-pods.sh" 41 | for f in ${files}; do 42 | ${use_path}/${f} 43 | done 44 | -------------------------------------------------------------------------------- /ceph/show-ceph-df.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "----------------------------------------------" 36 | good "Getting Ceph df:" 37 | pod_name=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-rgw-" | awk '{print $1}' | tail -1) 38 | if [[ "${pod_name}" == "" ]]; then 39 | err "Did not find a ceph-rgw pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | inf "kubectl -n ${use_namespace} exec -it ${pod_name} -- ceph df" 44 | kubectl -n ${use_namespace} exec -it ${pod_name} -- ceph df 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/show-ceph-osd-status.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "----------------------------------------------" 36 | good "Getting Ceph osd status:" 37 | pod_name=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-rgw-" | awk '{print $1}' | tail -1) 38 | if [[ "${pod_name}" == "" ]]; then 39 | err "Did not find a ceph-rgw pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | inf "kubectl -n ${use_namespace} exec -it ${pod_name} -- ceph osd status" 44 | kubectl -n ${use_namespace} exec -it ${pod_name} -- ceph osd status 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/show-ceph-rados-df.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "----------------------------------------------" 36 | good "Getting Ceph rados df:" 37 | pod_name=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-rgw-" | awk '{print $1}' | tail -1) 38 | if [[ "${pod_name}" == "" ]]; then 39 | err "Did not find a ceph-rgw pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | inf "kubectl -n ${use_namespace} exec -it ${pod_name} -- rados df" 44 | kubectl -n ${use_namespace} exec -it ${pod_name} -- rados df 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/show-ceph-rbd-ls.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "----------------------------------------------" 36 | good "Getting Ceph rbd's:" 37 | pod_name=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-rgw-" | awk '{print $1}' | tail -1) 38 | if [[ "${pod_name}" == "" ]]; then 39 | err "Did not find a ceph-rgw pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | inf "kubectl -n ${use_namespace} exec -it ${pod_name} -- rbd ls" 44 | kubectl -n ${use_namespace} exec -it ${pod_name} -- rbd ls 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/show-ceph-status.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "----------------------------------------------" 36 | good "Getting Ceph status:" 37 | pod_name=$(kubectl get pods --ignore-not-found -n ${use_namespace} | grep -v keyring- | grep "ceph-rgw-" | awk '{print $1}' | tail -1) 38 | if [[ "${pod_name}" == "" ]]; then 39 | err "Did not find a ceph-rgw pod running - please check ceph:" 40 | err "kubectl get pods -n ${use_namespace}" 41 | exit 1 42 | else 43 | inf "kubectl -n ${use_namespace} exec -it ${pod_name} -- ceph status" 44 | kubectl -n ${use_namespace} exec -it ${pod_name} -- ceph status 45 | fi 46 | -------------------------------------------------------------------------------- /ceph/show-daemonsets.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Getting Ceph daemonsets with:" 35 | inf "" 36 | good "kubectl get daemonsets -n ${use_namespace}" 37 | inf "" 38 | kubectl get daemonsets -n ${use_namespace} 39 | 40 | -------------------------------------------------------------------------------- /ceph/show-pods.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | good "Getting Ceph pods with:" 35 | good "kubectl get pods -n ${use_namespace}" 36 | inf "" 37 | kubectl get pods -n ${use_namespace} 38 | -------------------------------------------------------------------------------- /ceph/show-secrets.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="ceph" 32 | 33 | anmt "--------------------------------------------------" 34 | anmt "Getting Ceph secrets with:" 35 | inf "" 36 | good "kubectl get secrets -n ${use_namespace}" 37 | inf "" 38 | kubectl get secrets -n ${use_namespace} 39 | 40 | -------------------------------------------------------------------------------- /ceph/template-pvc-ceph-client-key-secret.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | key: REPLACE_WITH_KEYRING_KEY 4 | kind: Secret 5 | metadata: 6 | name: pvc-ceph-client-key 7 | namespace: ceph 8 | type: kubernetes.io/rbd 9 | -------------------------------------------------------------------------------- /ceph/test/mount-pv-in-pod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: ceph-tester 5 | labels: 6 | integration-test: ceph-tester 7 | spec: 8 | volumes: 9 | - name: storage 10 | persistentVolumeClaim: 11 | claimName: test-ceph-pv-claim 12 | containers: 13 | - image: busybox:glibc 14 | command: [ "/bin/sh", "-c", "--" ] 15 | args: [ "ls -l /testing; df -h /testing; echo 'last update: '; cat /testing/updated; date > /testing/updated; tail -f /testing/updated"] 16 | name: busybox 17 | volumeMounts: 18 | - mountPath: "/testing" 19 | name: storage 20 | -------------------------------------------------------------------------------- /ceph/test/pvc.yml: -------------------------------------------------------------------------------- 1 | kind: PersistentVolumeClaim 2 | apiVersion: v1 3 | metadata: 4 | name: test-ceph-pv-claim 5 | spec: 6 | accessModes: 7 | - ReadWriteOnce 8 | resources: 9 | requests: 10 | storage: 1Gi 11 | storageClassName: ceph-rbd 12 | -------------------------------------------------------------------------------- /cert-manager/clusterissuer-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-issuer 5 | namespace: default 6 | spec: 7 | acme: 8 | # The ACME server URL 9 | server: https://acme-v02.api.letsencrypt.org/directory 10 | # Email address used for ACME registration 11 | email: bugs@example.com 12 | # Name of a secret used to store the ACME account private key 13 | privateKeySecretRef: 14 | name: letsencrypt-prod 15 | http01: {} 16 | 17 | --- 18 | 19 | apiVersion: certmanager.k8s.io/v1alpha1 20 | kind: ClusterIssuer 21 | metadata: 22 | name: letsencrypt-issuer 23 | namespace: rook-ceph 24 | spec: 25 | acme: 26 | # The ACME server URL 27 | server: https://acme-v02.api.letsencrypt.org/directory 28 | # Email address used for ACME registration 29 | email: bugs@example.com 30 | # Name of a secret used to store the ACME account private key 31 | privateKeySecretRef: 32 | name: letsencrypt-prod 33 | http01: {} 34 | -------------------------------------------------------------------------------- /cert-manager/clusterissuer-staging.yml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-issuer 5 | namespace: default 6 | spec: 7 | acme: 8 | # The ACME server URL 9 | server: https://acme-staging-v02.api.letsencrypt.org/directory 10 | # Email address used for ACME registration 11 | email: bugs@example.com 12 | # Name of a secret used to store the ACME account private key 13 | privateKeySecretRef: 14 | name: letsencrypt-staging 15 | http01: {} 16 | 17 | --- 18 | 19 | apiVersion: certmanager.k8s.io/v1alpha1 20 | kind: ClusterIssuer 21 | metadata: 22 | name: letsencrypt-issuer 23 | namespace: rook-ceph 24 | spec: 25 | acme: 26 | # The ACME server URL 27 | server: https://acme-v02.api.letsencrypt.org/directory 28 | # Email address used for ACME registration 29 | email: bugs@example.com 30 | # Name of a secret used to store the ACME account private key 31 | privateKeySecretRef: 32 | name: letsencrypt-staging 33 | http01: {} 34 | -------------------------------------------------------------------------------- /cert-manager/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: cert-manager-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-prod" 10 | spec: 11 | tls: 12 | - hosts: 13 | - api.example.com 14 | secretName: api.example.com-tls 15 | rules: 16 | - host: api.example.com 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: nginx 22 | servicePort: 80 23 | -------------------------------------------------------------------------------- /cert-manager/ingress-staging.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: cert-manager-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-prod" 10 | spec: 11 | tls: 12 | - hosts: 13 | - api.redten.io 14 | secretName: api.redten.io-tls 15 | rules: 16 | - host: api.redten.io 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: nginx 22 | servicePort: 80 23 | -------------------------------------------------------------------------------- /cert-manager/issuer-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: Issuer 3 | metadata: 4 | name: letsencrypt-prod 5 | namespace: kube-system 6 | spec: 7 | acme: 8 | # The ACME server URL 9 | server: https://acme-v01.api.letsencrypt.org/directory 10 | # Email address used for ACME registration 11 | email: bugs@example.com 12 | # Name of a secret used to store the ACME account private key 13 | privateKeySecretRef: 14 | name: letsencrypt-prod 15 | http01: {} 16 | -------------------------------------------------------------------------------- /cert-manager/issuer-staging.yml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: Issuer 3 | metadata: 4 | name: letsencrypt-staging 5 | namespace: kube-system 6 | spec: 7 | acme: 8 | # The ACME server URL 9 | server: https://acme-staging-v02.api.letsencrypt.org/directory 10 | # Email address used for ACME registration 11 | email: settoemail@gmail.com 12 | # Name of a secret used to store the ACME account private key 13 | privateKeySecretRef: 14 | name: letsencrypt-staging 15 | # Enable HTTP01 validations 16 | http01: {} 17 | -------------------------------------------------------------------------------- /cert-manager/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="cert-manager" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /cert-manager/secrets-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: letsencrypt-secret 5 | type: Opaque 6 | data: 7 | # echo -n "prod" | base64 8 | env: c3RhZ2luZw== 9 | -------------------------------------------------------------------------------- /cert-manager/secrets-staging.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: letsencrypt-secret 5 | type: Opaque 6 | data: 7 | # echo -n "prod" | base64 8 | env: cHJvZA== 9 | -------------------------------------------------------------------------------- /cert-manager/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: letsencrypt-secret 5 | type: Opaque 6 | data: 7 | -------------------------------------------------------------------------------- /core/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting core" 30 | inf "" 31 | 32 | inf "deleting deployment: core" 33 | kubectl delete deployment core 34 | inf "" 35 | 36 | inf "deleting secrets: core" 37 | kubectl delete secret core-secret 38 | inf "" 39 | 40 | good "done deleting: core" 41 | -------------------------------------------------------------------------------- /core/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="core" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /core/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | deploy_suffix="" 13 | if [[ "${1}" == "splunk" ]]; then 14 | deploy_suffix="-splunk" 15 | fi 16 | 17 | use_path="." 18 | if [[ ! -e deployment.yml ]]; then 19 | use_path="./core" 20 | fi 21 | 22 | anmt "------------------------------------------------------------------------------------" 23 | anmt "deploying core: https://github.com/jay-johnson/deploy-to-kubernetes/blob/master/core" 24 | inf "" 25 | 26 | inf "applying secrets" 27 | kubectl apply -f ${use_path}/secrets.yml 28 | inf "" 29 | 30 | deploy_file=${use_path}/deployment${deploy_suffix}.yml 31 | warn "applying deployment: ${deploy_file}" 32 | kubectl apply -f ${deploy_file} 33 | inf "" 34 | 35 | good "done deploying: core" 36 | -------------------------------------------------------------------------------- /core/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: core.user 5 | type: Opaque 6 | data: 7 | # echo -n "trex" | base64 8 | username: dHJleA== 9 | # echo -n "123321" | base64 10 | password: MTIzMzIx 11 | --- 12 | apiVersion: v1 13 | kind: Secret 14 | metadata: 15 | name: core.db 16 | type: Opaque 17 | data: 18 | # echo -n "antinex" | base64 19 | username: YW50aW5leA== 20 | # echo -n "antinex" | base64 21 | password: YW50aW5leA== 22 | # echo -n "webapp" | base64 23 | dbname: d2ViYXBw 24 | --- 25 | apiVersion: v1 26 | kind: Secret 27 | metadata: 28 | name: core.redis 29 | type: Opaque 30 | data: 31 | # echo -n "123321" | base64 32 | password: MTIzMzIx 33 | -------------------------------------------------------------------------------- /core/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="core" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /core/view-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="core" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "getting core environment variables" 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | env | sort 39 | -------------------------------------------------------------------------------- /deploy_to_kubernetes/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jay-johnson/deploy-to-kubernetes/3624ab187e7f4e7d0cb2a45816f24122d7385637/deploy_to_kubernetes/__init__.py -------------------------------------------------------------------------------- /deploy_to_kubernetes/scripts/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jay-johnson/deploy-to-kubernetes/3624ab187e7f4e7d0cb2a45816f24122d7385637/deploy_to_kubernetes/scripts/__init__.py -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- 1 | # Minimal makefile for Sphinx documentation 2 | # 3 | 4 | # You can set these variables from the command line. 5 | SPHINXOPTS = 6 | SPHINXBUILD = sphinx-build 7 | SPHINXPROJ = DeploytoKuberenetes 8 | SOURCEDIR = source 9 | BUILDDIR = build 10 | 11 | # Put it first so that "make" without argument is like "make help". 12 | help: 13 | @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) 14 | 15 | .PHONY: help Makefile 16 | 17 | # Catch-all target: route all unknown targets to Sphinx using the new 18 | # "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). 19 | %: Makefile 20 | @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) -------------------------------------------------------------------------------- /docs/make.bat: -------------------------------------------------------------------------------- 1 | @ECHO OFF 2 | 3 | pushd %~dp0 4 | 5 | REM Command file for Sphinx documentation 6 | 7 | if "%SPHINXBUILD%" == "" ( 8 | set SPHINXBUILD=sphinx-build 9 | ) 10 | set SOURCEDIR=source 11 | set BUILDDIR=build 12 | set SPHINXPROJ=DeploytoKuberenetes 13 | 14 | if "%1" == "" goto help 15 | 16 | %SPHINXBUILD% >NUL 2>NUL 17 | if errorlevel 9009 ( 18 | echo. 19 | echo.The 'sphinx-build' command was not found. Make sure you have Sphinx 20 | echo.installed, then set the SPHINXBUILD environment variable to point 21 | echo.to the full path of the 'sphinx-build' executable. Alternatively you 22 | echo.may add the Sphinx directory to PATH. 23 | echo. 24 | echo.If you don't have Sphinx installed, grab it from 25 | echo.http://sphinx-doc.org/ 26 | exit /b 1 27 | ) 28 | 29 | %SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% 30 | goto end 31 | 32 | :help 33 | %SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% 34 | 35 | :end 36 | popd 37 | -------------------------------------------------------------------------------- /docs/source/_static/.gitignore: -------------------------------------------------------------------------------- 1 | *.png 2 | *.gif 3 | -------------------------------------------------------------------------------- /helm/install-helm-and-tiller.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "" 4 | echo "installing tiller and initialzing helm" 5 | ./helm/tiller/install.sh 6 | echo "" 7 | -------------------------------------------------------------------------------- /helm/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | user_test=$(whoami) 13 | if [[ "${user_test}" != "root" ]]; then 14 | err "please run as root" 15 | exit 1 16 | fi 17 | 18 | anmt "--------------------------------------------" 19 | anmt "deploying helm and tiller" 20 | inf "" 21 | 22 | inf "curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash" 23 | curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash 24 | 25 | inf "setting up helm and tiller: ./helm/install-helm-and-tiller.sh" 26 | ./helm/install-helm-and-tiller.sh 27 | 28 | good "done deploying: helm and tiller" 29 | -------------------------------------------------------------------------------- /helm/tiller/install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | echo "creating service account for tiller in the kube-system" 4 | kubectl create serviceaccount --namespace kube-system tiller 5 | 6 | echo "creating rbac for tiller service account" 7 | kubectl apply -f ./helm/tiller/rbac.yml 8 | 9 | echo "creating cluster role binding for tiller" 10 | kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller 11 | echo "patching any tiller deploys with the service account" 12 | kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}' 13 | echo "listing helm" 14 | helm list 15 | echo "updating helm repo" 16 | helm repo update 17 | 18 | echo "initializing helm with tiller service account" 19 | helm init --upgrade --service-account tiller 20 | 21 | -------------------------------------------------------------------------------- /helm/tiller/rbac.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: tiller 5 | namespace: kube-system 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1beta1 8 | kind: ClusterRoleBinding 9 | metadata: 10 | name: tiller 11 | roleRef: 12 | apiGroup: rbac.authorization.k8s.io 13 | kind: ClusterRole 14 | name: cluster-admin 15 | subjects: 16 | - kind: ServiceAccount 17 | name: tiller 18 | namespace: kube-system 19 | -------------------------------------------------------------------------------- /ingress/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting ingress" 30 | inf "" 31 | 32 | good "kubectl delete -f ingress/nginx-ingress.yml" 33 | kubectl delete -f ingress/nginx-ingress.yml 34 | inf "" 35 | 36 | good "done deleting: ingress" 37 | -------------------------------------------------------------------------------- /ingress/alpine-ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} /bin/ash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | /bin/ash 38 | -------------------------------------------------------------------------------- /ingress/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /ingress/nginx-config.yml: -------------------------------------------------------------------------------- 1 | kind: ConfigMap 2 | apiVersion: v1 3 | metadata: 4 | name: nginx-config 5 | namespace: default 6 | annotations: 7 | nginx.org/redirect-to-https: "true" 8 | data: 9 | # Adding new entries here will make them appear as files in the deployment. 10 | # 11 | # Using ConfigMaps: 12 | # https://github.com/nginxinc/kubernetes-ingress/tree/master/examples/customization#using-configmaps 13 | # 14 | # Some nginx optimizations guides I found helpful (not specific to kubernetes): 15 | # 16 | # https://github.com/agile6v/awesome-nginx 17 | # http://articles.slicehost.com/2009/2/20/centos-nginx-configuration 18 | # https://bjornjohansen.no/optimizing-https-nginx 19 | # https://github.com/easypath/nginx-secure-configs 20 | # 21 | proxy-connect-timeout: "10s" 22 | proxy-read-timeout: "10s" 23 | client-max-body-size: "500m" 24 | -------------------------------------------------------------------------------- /ingress/nginx-ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: DaemonSet 3 | metadata: 4 | name: nginx 5 | namespace: default 6 | spec: 7 | selector: 8 | matchLabels: 9 | app: nginx 10 | template: 11 | metadata: 12 | labels: 13 | app: nginx 14 | spec: 15 | serviceAccountName: nginx 16 | containers: 17 | # shell /bin/bash 18 | - image: nginx/nginx-ingress:1.2.0 19 | # alpine shell /bin/ash 20 | # - image: nginx/nginx-ingress:1.2.0-alpine 21 | name: nginx 22 | ports: 23 | - name: http 24 | containerPort: 80 25 | hostPort: 80 26 | - name: https 27 | containerPort: 443 28 | hostPort: 443 29 | env: 30 | - name: POD_NAMESPACE 31 | valueFrom: 32 | fieldRef: 33 | fieldPath: metadata.namespace 34 | args: 35 | - -nginx-configmaps=$(POD_NAMESPACE)/nginx-config 36 | - -default-server-tls-secret=$(POD_NAMESPACE)/default-server-secret 37 | - -v=3 # Enables extensive logging. Useful for troubleshooting. 38 | -------------------------------------------------------------------------------- /ingress/ns-and-sa.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: nginx 5 | --- 6 | apiVersion: v1 7 | kind: ServiceAccount 8 | metadata: 9 | name: nginx 10 | namespace: default 11 | -------------------------------------------------------------------------------- /ingress/pod-describe.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe pods -n default" 29 | kubectl describe pods -n default 30 | -------------------------------------------------------------------------------- /ingress/rbac.yml: -------------------------------------------------------------------------------- 1 | kind: ClusterRole 2 | apiVersion: rbac.authorization.k8s.io/v1beta1 3 | metadata: 4 | name: nginx 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - services 10 | - endpoints 11 | verbs: 12 | - list 13 | - watch 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - configmaps 18 | - secrets 19 | verbs: 20 | - get 21 | - list 22 | - watch 23 | - apiGroups: 24 | - "" 25 | resources: 26 | - pods 27 | verbs: 28 | - list 29 | - apiGroups: 30 | - "" 31 | resources: 32 | - events 33 | verbs: 34 | - create 35 | - patch 36 | - apiGroups: 37 | - extensions 38 | resources: 39 | - ingresses 40 | verbs: 41 | - list 42 | - watch 43 | --- 44 | kind: ClusterRoleBinding 45 | apiVersion: rbac.authorization.k8s.io/v1beta1 46 | metadata: 47 | name: nginx 48 | subjects: 49 | - kind: ServiceAccount 50 | name: nginx 51 | namespace: default 52 | roleRef: 53 | kind: ClusterRole 54 | name: nginx 55 | apiGroup: rbac.authorization.k8s.io 56 | -------------------------------------------------------------------------------- /ingress/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} /bin/bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | /bin/bash 38 | -------------------------------------------------------------------------------- /ingress/view-configs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "Getting the pgAdmin4 ingress configuration: " 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | cat /etc/nginx/conf.d/default-pgadmin-ingress.conf 39 | 40 | inf "" 41 | anmt "-----------------------------------------" 42 | good "Getting the Jupyter ingress configuration: " 43 | kubectl exec -it \ 44 | ${pod_name} \ 45 | -n ${use_namespace} \ 46 | cat /etc/nginx/conf.d/default-jupyter-ingress.conf 47 | 48 | inf "" 49 | anmt "-----------------------------------------" 50 | good "Getting the API ingress configuration: " 51 | kubectl exec -it \ 52 | ${pod_name} \ 53 | -n ${use_namespace} \ 54 | cat /etc/nginx/conf.d/default-api-ingress.conf 55 | -------------------------------------------------------------------------------- /jupyter/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting jupyter" 30 | inf "" 31 | 32 | good "kubectl delete ingress: jupyter-ingress" 33 | kubectl delete ingress jupyter-ingress 34 | inf "" 35 | 36 | good "kubectl delete service: jupyter-svc" 37 | kubectl delete svc jupyter-svc 38 | inf "" 39 | 40 | good "kubectl delete deployment: jupyter" 41 | kubectl delete deployment jupyter 42 | inf "" 43 | 44 | inf "deleting secrets: jupyter" 45 | kubectl delete secret jupyter-secret 46 | inf "" 47 | 48 | good "done deleting: jupyter" 49 | -------------------------------------------------------------------------------- /jupyter/ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: jupyter-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/websocket-services: "jupyter-svc" 8 | spec: 9 | tls: 10 | - hosts: 11 | - jupyter.example.com 12 | secretName: tls-jupyter 13 | rules: 14 | - host: jupyter.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: jupyter-svc 20 | servicePort: 8888 21 | -------------------------------------------------------------------------------- /jupyter/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: jupyter-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/websocket-services: "jupyter-svc" 8 | kubernetes.io/tls-acme: "true" 9 | kubernetes.io/ingress.class: "nginx" 10 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 11 | spec: 12 | tls: 13 | - hosts: 14 | - jupyter.example.com 15 | secretName: jupyter.example.com-tls 16 | rules: 17 | - host: jupyter.example.com 18 | http: 19 | paths: 20 | - path: / 21 | backend: 22 | serviceName: jupyter-svc 23 | servicePort: 8888 24 | -------------------------------------------------------------------------------- /jupyter/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="jupyter" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /jupyter/pods-describe.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe pods jupyter" 29 | kubectl describe pods jupyter 30 | -------------------------------------------------------------------------------- /jupyter/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | should_cleanup_before_startup=0 13 | deploy_suffix="" 14 | cert_env="dev" 15 | for i in "$@" 16 | do 17 | if [[ "${i}" == "prod" ]]; then 18 | cert_env="prod" 19 | elif [[ "${i}" == "splunk" ]]; then 20 | deploy_suffix="-splunk" 21 | elif [[ "${i}" == "antinex" ]]; then 22 | cert_env="an" 23 | elif [[ "${i}" == "qs" ]]; then 24 | cert_env="qs" 25 | elif [[ "${i}" == "redten" ]]; then 26 | cert_env="redten" 27 | fi 28 | done 29 | 30 | use_path="." 31 | if [[ ! -e deployment.yml ]]; then 32 | use_path="./jupyter" 33 | fi 34 | 35 | anmt "----------------------------------------------------------------------------------" 36 | anmt "deploying jupyter with cert_env=${cert_env}: https://github.com/jay-johnson/deploy-to-kubernetes/blob/master/jupyter" 37 | inf "" 38 | 39 | inf "applying secrets" 40 | kubectl apply -f ${use_path}/secrets.yml 41 | inf "" 42 | 43 | deploy_file=${use_path}/deployment${deploy_suffix}.yml 44 | warn "applying deployment: ${deploy_file}" 45 | kubectl apply -f ${deploy_file} 46 | inf "" 47 | 48 | inf "applying service" 49 | kubectl apply -f ${use_path}/service.yml 50 | inf "" 51 | 52 | inf "applying ingress cert_env: ${cert_env}" 53 | kubectl apply -f ${use_path}/ingress-${cert_env}.yml 54 | inf "" 55 | 56 | good "done deploying: jupyter" 57 | -------------------------------------------------------------------------------- /jupyter/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: jupyter.user 5 | type: Opaque 6 | data: 7 | # echo -n "admin" | base64 8 | password: YWRtaW4= 9 | --- 10 | apiVersion: v1 11 | kind: Secret 12 | metadata: 13 | name: jupyter.api.user 14 | type: Opaque 15 | data: 16 | # echo -n "trex" | base64 17 | username: dHJleA== 18 | # echo -n "123321" | base64 19 | password: MTIzMzIx 20 | --- 21 | apiVersion: v1 22 | kind: Secret 23 | metadata: 24 | name: jupyter.redis 25 | type: Opaque 26 | data: 27 | # echo -n "123321" | base64 28 | password: MTIzMzIx 29 | -------------------------------------------------------------------------------- /jupyter/service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: jupyter-svc 5 | spec: 6 | ports: 7 | - port: 8888 8 | targetPort: 8888 9 | protocol: TCP 10 | name: http 11 | selector: 12 | app: jupyter 13 | -------------------------------------------------------------------------------- /jupyter/show-ingress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe ingress jupyter" 29 | kubectl describe ingress jupyter 30 | -------------------------------------------------------------------------------- /jupyter/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="jupyter" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /jupyter/view-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="api" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "getting api environment variables" 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | env | sort 39 | -------------------------------------------------------------------------------- /jupyter/view-ingress-config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "Getting the Splunk ingress configuration: " 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | cat /etc/nginx/conf.d/${use_namespace}-jupyter-ingress.conf 39 | -------------------------------------------------------------------------------- /minio/cluster-internal-service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: minio-service 5 | namespace: default 6 | labels: 7 | app: minio-service 8 | spec: 9 | ports: 10 | - port: 9000 11 | targetPort: 9000 12 | protocol: TCP 13 | name: http 14 | selector: 15 | app: minio 16 | -------------------------------------------------------------------------------- /minio/describe-ingress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio ingress namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe ingress -n ${use_namespace} minio-ingress" 37 | inf "" 38 | kubectl describe ingress -n ${use_namespace} minio-ingress 39 | -------------------------------------------------------------------------------- /minio/describe-objstore.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio pod namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe objectstore -n ${use_namespace} -l app=minio" 37 | inf "" 38 | kubectl describe objectstore -n ${use_namespace} -l app=minio 39 | -------------------------------------------------------------------------------- /minio/describe-pod.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio pod namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe pod -n ${use_namespace} minio" 37 | inf "" 38 | kubectl describe pod -n ${use_namespace} minio 39 | -------------------------------------------------------------------------------- /minio/describe-secret.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio secret rook.s3.user namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe secret -n ${use_namespace} rook.s3.user" 37 | inf "" 38 | kubectl describe secret -n ${use_namespace} rook.s3.user 39 | 40 | -------------------------------------------------------------------------------- /minio/describe-service.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio service namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe service -n ${use_namespace}" 37 | inf "" 38 | kubectl describe service -n ${use_namespace} 39 | -------------------------------------------------------------------------------- /minio/envs/ext.env: -------------------------------------------------------------------------------- 1 | export S3_ACCESS_KEY="trexaccesskey" 2 | export S3_SECRET_KEY="trex123321" 3 | export S3_ADDRESS="" 4 | if [[ -e ./minio/get-s3-endpoint.sh ]]; then 5 | export S3_ADDRESS=$(./minio/get-s3-endpoint.sh) 6 | elif [[ -e ./get-s3-endpoint.sh ]]; then 7 | export S3_ADDRESS=$(./get-s3-endpoint.sh) 8 | fi 9 | export S3_REGION_NAME="us-east-1" 10 | -------------------------------------------------------------------------------- /minio/envs/int.env: -------------------------------------------------------------------------------- 1 | export S3_ACCESS_KEY="trexaccesskey" 2 | export S3_SECRET_KEY="trex123321" 3 | export S3_ADDRESS="minio-service:9000" 4 | export S3_REGION_NAME="us-east-1" 5 | -------------------------------------------------------------------------------- /minio/external-service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: minio-external 5 | namespace: default 6 | labels: 7 | app: minio 8 | release: minio 9 | spec: 10 | type: NodePort 11 | ports: 12 | - name: minio-service-external 13 | port: 9000 14 | protocol: TCP 15 | targetPort: 9000 16 | selector: 17 | app: minio 18 | release: minio 19 | sessionAffinity: None 20 | status: 21 | loadBalancer: {} 22 | -------------------------------------------------------------------------------- /minio/get-s3-endpoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | namespace="default" 4 | svc_name="minio" 5 | endpoint=$(kubectl -n ${namespace} describe service minio | grep -i endpoint | awk '{print $2}') 6 | echo "${endpoint}" 7 | -------------------------------------------------------------------------------- /minio/get-s3-external-endpoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | namespace="default" 4 | svc_name="minio-external" 5 | endpoint=$(kubectl -n ${namespace} describe service ${svc_name} | grep -i endpoints | awk '{print $NF}') 6 | echo "${endpoint}" 7 | -------------------------------------------------------------------------------- /minio/ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: minio-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/proxy-connect-timeout: "60s" 8 | nginx.org/proxy-read-timeout: "60s" 9 | nginx.org/client-max-body-size: "5000m" 10 | nginx.org/redirect-to-https: True 11 | spec: 12 | tls: 13 | - hosts: 14 | - minio.example.com 15 | secretName: tls-minio 16 | rules: 17 | - host: minio.example.com 18 | http: 19 | paths: 20 | - path: / 21 | backend: 22 | serviceName: minio 23 | servicePort: 9000 24 | -------------------------------------------------------------------------------- /minio/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: minio-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | nginx.org/proxy-connect-timeout: "60s" 10 | nginx.org/proxy-read-timeout: "60s" 11 | nginx.org/client-max-body-size: "5000m" 12 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 13 | spec: 14 | tls: 15 | - hosts: 16 | - minio.example.com 17 | secretName: minio.example.com-tls 18 | rules: 19 | - host: minio.example.com 20 | http: 21 | paths: 22 | - path: / 23 | backend: 24 | serviceName: minio 25 | servicePort: 9000 26 | -------------------------------------------------------------------------------- /minio/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | app_name=$(kubectl -n ${use_namespace} get pod --ignore-not-found | grep minio | awk '{print $1}') 33 | 34 | anmt "--------------------------------------------------" 35 | anmt "Tailing Rook Minio Operator ${app_name} logs with:" 36 | inf "" 37 | good "kubectl logs -f -n ${use_namespace} ${app_name}" 38 | inf "" 39 | kubectl logs -f -n ${use_namespace} ${app_name} 40 | 41 | -------------------------------------------------------------------------------- /minio/secrets/default_access_keys.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: minio-s3-access 5 | type: Opaque 6 | data: 7 | # echo -n "trexaccesskey" | base64 8 | access_key: dHJleGFjY2Vzc2tleQ== 9 | # echo -n "trex123321" | base64 10 | secret_key: dHJleDEyMzMyMQ== 11 | -------------------------------------------------------------------------------- /minio/secrets/test_key_roll.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: minio-s3-access 5 | type: Opaque 6 | data: 7 | # echo -n "accesskey" | base64 8 | access_key: YWNjZXNza2V5 9 | # echo -n "secretkey" | base64 10 | secret_key: c2VjcmV0a2V5 11 | 12 | -------------------------------------------------------------------------------- /minio/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | app_name="minio" 33 | pod_name=$(kubectl get pod -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 34 | 35 | good "kubectl exec -it -n ${use_namespace} ${pod_name} sh" 36 | 37 | kubectl exec -it \ 38 | -n ${use_namespace} \ 39 | ${pod_name} \ 40 | sh 41 | -------------------------------------------------------------------------------- /multihost/apply_labels.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Make sure to run this before starting: source cluster.env 4 | 5 | # use the bash_colors.sh file 6 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 7 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 8 | elif [[ -e ./tools/bash_colors.sh ]]; then 9 | source ./tools/bash_colors.sh 10 | elif [[ -e ../tools/bash_colors.sh ]]; then 11 | source ../tools/bash_colors.sh 12 | fi 13 | 14 | nodes="${K8_NODES}" 15 | labels="${K8_LABELS}" 16 | 17 | anmt "-------------------------" 18 | anmt "applying multihost labels" 19 | anmt "labels: ${labels}" 20 | anmt "nodes: ${nodes}" 21 | anmt "KUBECONFIG: ${KUBECONFIG}" 22 | 23 | num_nodes=$(kubectl get nodes -o wide | grep Ready | wc -l) 24 | if [[ "${num_nodes}" == "-" ]]; then 25 | anmt "unable to detect kubernetes nodes with KUBECONFIG=${KUBECONFIG}" 26 | inf "" 27 | exit 1 28 | fi 29 | 30 | anmt "detected kubernetes nodes: ${num_nodes}" 31 | 32 | for node in ${nodes}; do 33 | # anmt "getting lables for all cluster nodes" 34 | node_name=$(kubectl get nodes | grep ${node} | awk '{print $1}') 35 | for label in $labels; do 36 | label_name=$(echo ${label} | sed -e 's/=/ /g' | awk '{print $1}') 37 | label_value=$(echo ${label} | sed -e 's/=/ /g' | awk '{print $2}') 38 | kubectl label nodes ${node_name} ${label} --overwrite >> /dev/null 2>&1 39 | done 40 | done 41 | 42 | anmt "review labels with:" 43 | anmt "kubectl get nodes --show-labels -o wide" 44 | 45 | good "done - applying: multihost labels" 46 | anmt "-------------------------" 47 | 48 | exit 0 49 | -------------------------------------------------------------------------------- /multihost/fwd.example.com.db: -------------------------------------------------------------------------------- 1 | ; 2 | ; BIND forward zone data file for example.com 3 | ; 4 | $TTL 604800 5 | @ IN SOA example.com. root.example.com. ( 6 | 20 ; Serial 7 | 604800 ; Refresh 8 | 86400 ; Retry 9 | 2419200 ; Expire 10 | 604800 ) ; Negative Cache TTL 11 | ; 12 | ;@ IN NS localhost. 13 | ;@ IN A 127.0.0.1 14 | ;@ IN AAAA ::1 15 | 16 | ;Name Server Information 17 | IN NS ns1.example.com. 18 | ;IP address of Name Server 19 | ns1 IN A 192.168.0.101 20 | 21 | ;Mail Exchanger 22 | example.com. IN MX 10 mail.example.com. 23 | 24 | ;A - Record HostName To Ip Address 25 | @ IN A 192.168.0.101 26 | api IN A 192.168.0.101 27 | ceph IN A 192.168.0.101 28 | master1 IN A 192.168.0.101 29 | mail IN A 192.168.0.101 30 | minio IN A 192.168.0.101 31 | pgadmin IN A 192.168.0.101 32 | www IN A 192.168.0.101 33 | api IN A 192.168.0.102 34 | jenkins IN A 192.168.0.102 35 | jupyter IN A 192.168.0.102 36 | aejupyter IN A 192.168.0.102 37 | master2 IN A 192.168.0.102 38 | master3 IN A 192.168.0.103 39 | splunk IN A 192.168.0.103 40 | -------------------------------------------------------------------------------- /multihost/kvm/create-centos-vm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # requires having kvm installed 4 | 5 | # usage: ./multihost/kvm/create-centos-vm.sh m1 /data/kvm/m1.qcow2 6 | # usage: ./multihost/kvm/create-centos-vm.sh m2 7 | # usage: ./multihost/kvm/create-centos-vm.sh m3 8 | 9 | default_disk_location="/data/kvm/disks" 10 | test_virt_installed=$(which virt-install | wc -l) 11 | if [[ "${test_virt_installed}" == "0" ]]; then 12 | echo "Please install kvm before running this script" 13 | exit 1 14 | fi 15 | 16 | if [[ ! -e ${default_disk_location} ]]; then 17 | mkdir -p -m 777 ${default_disk_location} 18 | fi 19 | 20 | if [[ ! -e /data/iso ]]; then 21 | mkdir -p -m 777 /data/iso 22 | fi 23 | 24 | vm_name="m1" 25 | kvm_image_path="${default_disk_location}/${vm_name}.qcow2" 26 | download_url="http://centos.s.uw.edu/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1804.iso" 27 | download_file="/data/isos/centos-7.iso" 28 | 29 | if [[ "${1}" != "" ]]; then 30 | vm_name="${1}" 31 | kvm_image_path="${default_disk_location}/${vm_name}.qcow2" 32 | fi 33 | if [[ "${2}" != "" ]]; then 34 | kvm_image_path="${2}" 35 | fi 36 | if [[ "${3}" != "" ]]; then 37 | download_url="${3}" 38 | fi 39 | if [[ "${4}" != "" ]]; then 40 | download_file="${4}" 41 | fi 42 | 43 | if [[ ! -e ${download_file} ]]; then 44 | echo "downloading: curl ${download_url} --output ${download_file}" 45 | curl ${download_url} --output ${download_file} 46 | fi 47 | 48 | echo "creating ${vm_name} iso: ${download_file} path: ${kvm_image_path}" 49 | virt-install \ 50 | --name ${vm_name} \ 51 | --virt-type=kvm \ 52 | --ram 10240 \ 53 | --cpu host \ 54 | --vcpus=2 \ 55 | --os-type=linux \ 56 | --os-variant=rhel7 \ 57 | --virt-type=kvm \ 58 | --hvm \ 59 | --network=bridge=br0,model=virtio \ 60 | --graphics vnc \ 61 | --cdrom ${download_file} \ 62 | --disk path=${kvm_image_path},size=80,bus=virtio,format=qcow2 63 | -------------------------------------------------------------------------------- /multihost/kvm/install-kvm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 4 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 5 | fi 6 | 7 | user=jay 8 | inf "anmt installing kvm" 9 | apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virt-manager 10 | 11 | nic_name=$(ifconfig | grep -E "enp|ens" | sed -e 's/:/ /g' | awk '{print $1}' | head -1) 12 | 13 | echo "" >> /etc/network/interfaces 14 | echo "auto br0" >> /etc/network/interfaces 15 | echo "iface br0 inet dhcp" >> /etc/network/interfaces 16 | echo " bridge_ports ${nic_name}" >> /etc/network/interfaces 17 | echo " bridge_stp off" >> /etc/network/interfaces 18 | echo " bridge_maxwait 0" >> /etc/network/interfaces 19 | 20 | adduser ${user} libvirt 21 | adduser ${user} libvirt-qemu 22 | 23 | good "done installing kvm with support for bridge network adapters" 24 | -------------------------------------------------------------------------------- /multihost/kvm/start-m1.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | create_vm="1" 4 | vm_name="m1" 5 | default_disk_location=/data/kvm/disks 6 | use_img=${default_disk_location}/${vm_name}.qcow2 7 | 8 | if [[ -e ${use_img} ]]; then 9 | test_exists=$(virsh list --all | grep ${vm_name} | wc -l) 10 | if [[ "${test_exists}" == "1" ]]; then 11 | echo "" 12 | echo "starting ${vm_name}" 13 | virsh start ${vm_name} 14 | create_vm="0" 15 | else 16 | echo "" 17 | echo "importing ${vm_name}" 18 | virt-install \ 19 | --import \ 20 | --name ${vm_name} \ 21 | --virt-type=kvm \ 22 | --ram 10240 \ 23 | --cpu host \ 24 | --vcpus=3 \ 25 | --os-variant=rhel7 \ 26 | --virt-type=kvm \ 27 | --hvm \ 28 | --network=bridge=br0,model=virtio \ 29 | --disk path=${use_img},size=80,bus=virtio,format=qcow2 30 | create_vm="0" 31 | fi 32 | fi 33 | 34 | if [[ "${create_vm}" == "1" ]]; then 35 | echo "" 36 | echo "creating ${vm_name}" 37 | virt-install \ 38 | --name ${vm_name} \ 39 | --virt-type=kvm \ 40 | --ram 10240 \ 41 | --cpu host \ 42 | --vcpus=3 \ 43 | --os-variant=rhel7 \ 44 | --virt-type=kvm \ 45 | --hvm \ 46 | --network=bridge=br0,model=virtio \ 47 | --graphics vnc \ 48 | --disk path=${use_img},size=80,bus=virtio,format=qcow2 49 | fi 50 | -------------------------------------------------------------------------------- /multihost/kvm/start-m2.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | create_vm="1" 4 | vm_name="m2" 5 | default_disk_location=/data/kvm/disks 6 | use_img=${default_disk_location}/${vm_name}.qcow2 7 | 8 | if [[ -e ${use_img} ]]; then 9 | test_exists=$(virsh list --all | grep ${vm_name} | wc -l) 10 | if [[ "${test_exists}" == "1" ]]; then 11 | echo "" 12 | echo "starting ${vm_name}" 13 | virsh start ${vm_name} 14 | create_vm="0" 15 | else 16 | echo "" 17 | echo "importing ${vm_name}" 18 | virt-install \ 19 | --import \ 20 | --name ${vm_name} \ 21 | --virt-type=kvm \ 22 | --ram 8240 \ 23 | --cpu host \ 24 | --vcpus=2 \ 25 | --os-variant=rhel7 \ 26 | --virt-type=kvm \ 27 | --hvm \ 28 | --network=bridge=br0,model=virtio \ 29 | --disk path=${use_img},size=80,bus=virtio,format=qcow2 30 | create_vm="0" 31 | fi 32 | fi 33 | 34 | if [[ "${create_vm}" == "1" ]]; then 35 | echo "" 36 | echo "creating ${vm_name}" 37 | virt-install \ 38 | --name ${vm_name} \ 39 | --virt-type=kvm \ 40 | --ram 8240 \ 41 | --cpu host \ 42 | --vcpus=2 \ 43 | --os-variant=rhel7 \ 44 | --virt-type=kvm \ 45 | --hvm \ 46 | --network=bridge=br0,model=virtio \ 47 | --graphics vnc \ 48 | --disk path=${use_img},size=80,bus=virtio,format=qcow2 49 | fi 50 | -------------------------------------------------------------------------------- /multihost/kvm/start-m3.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | create_vm="1" 4 | vm_name="m3" 5 | default_disk_location=/data/kvm/disks 6 | use_img=${default_disk_location}/${vm_name}.qcow2 7 | 8 | if [[ -e ${use_img} ]]; then 9 | test_exists=$(virsh list --all | grep ${vm_name} | wc -l) 10 | if [[ "${test_exists}" == "1" ]]; then 11 | echo "" 12 | echo "starting ${vm_name}" 13 | virsh start ${vm_name} 14 | create_vm="0" 15 | else 16 | echo "" 17 | echo "importing ${vm_name}" 18 | virt-install \ 19 | --import \ 20 | --name ${vm_name} \ 21 | --virt-type=kvm \ 22 | --ram 8240 \ 23 | --cpu host \ 24 | --vcpus=2 \ 25 | --os-variant=rhel7 \ 26 | --virt-type=kvm \ 27 | --hvm \ 28 | --network=bridge=br0,model=virtio \ 29 | --disk path=${use_img},size=80,bus=virtio,format=qcow2 30 | create_vm="0" 31 | fi 32 | fi 33 | 34 | if [[ "${create_vm}" == "1" ]]; then 35 | echo "" 36 | echo "creating ${vm_name}" 37 | virt-install \ 38 | --name ${vm_name} \ 39 | --virt-type=kvm \ 40 | --ram 8240 \ 41 | --cpu host \ 42 | --vcpus=2 \ 43 | --os-variant=rhel7 \ 44 | --virt-type=kvm \ 45 | --hvm \ 46 | --network=bridge=br0,model=virtio \ 47 | --graphics vnc \ 48 | --disk path=${use_img},size=80,bus=virtio,format=qcow2 49 | fi 50 | -------------------------------------------------------------------------------- /multihost/m1/01-network-manager-all.yaml: -------------------------------------------------------------------------------- 1 | # Let NetworkManager manage all devices on this system 2 | network: 3 | version: 2 4 | renderer: NetworkManager 5 | ethernets: 6 | enp0s3: 7 | dhcp4: no 8 | addresses: [192.168.0.101/24] 9 | gateway4: 192.168.0.1 10 | nameservers: 11 | addresses: [192.168.0.101,8.8.8.8,8.8.4.4] 12 | -------------------------------------------------------------------------------- /multihost/m1/deploy-resources.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_c="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_c}" != "" ]] && [[ -e ${up_c} ]]; then 9 | . ${up_c} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | should_cleanup_before_startup=0 32 | cert_env="dev" 33 | ceph="" 34 | splunk="" 35 | for i in "$@" 36 | do 37 | if [[ "${i}" == "splunk" ]]; then 38 | splunk="splunk" 39 | elif [[ "${i}" == "ceph" ]]; then 40 | ceph="ceph" 41 | elif [[ "${i}" == "prod" ]]; then 42 | cert_env="prod" 43 | elif [[ "${i}" == "antinex" ]]; then 44 | cert_env="an" 45 | elif [[ "${i}" == "qs" ]]; then 46 | cert_env="qs" 47 | elif [[ "${i}" == "redten" ]]; then 48 | cert_env="redten" 49 | fi 50 | done 51 | 52 | anmt "--------------------------------------------------" 53 | anmt "deploying master 1 - ${splunk} ${ceph} ${cert_env}" 54 | inf "" 55 | 56 | if [[ ! -e /opt/deploy-to-kubernetes ]]; then 57 | git clone https://github.com/jay-johnson/deploy-to-kubernetes /opt/deploy-to-kubernetes 58 | fi 59 | 60 | cd /opt/deploy-to-kubernetes 61 | export KUBECONFIG=/etc/kubernetes/admin.conf 62 | export GOPATH=$HOME/go/bin 63 | export PATH=$PATH:$GOPATH:$GOPATH/bin 64 | 65 | inf "installing expenv" 66 | go get github.com/blang/expenv 67 | 68 | anmt "deploying resources: /opt/deploy-to-kubernetes/deploy-resources.sh ${splunk} ${ceph} ${cert_env}" 69 | cd /opt/deploy-to-kubernetes 70 | /opt/deploy-to-kubernetes/deploy-resources.sh ${splunk} ${ceph} ${cert_env} 71 | 72 | good "done deploying master 1 resources" 73 | -------------------------------------------------------------------------------- /multihost/m1/ifcfg-eth0: -------------------------------------------------------------------------------- 1 | TYPE="Ethernet" 2 | PROXY_METHOD="none" 3 | BROWSER_ONLY="no" 4 | BOOTPROTO="none" 5 | DEFROUTE="yes" 6 | IPV4_FAILURE_FATAL="no" 7 | IPV6INIT="yes" 8 | IPV6_AUTOCONF="yes" 9 | IPV6_DEFROUTE="yes" 10 | IPV6_FAILURE_FATAL="no" 11 | IPV6_ADDR_GEN_MODE="stable-privacy" 12 | NAME="eth0" 13 | UUID="747d880d-0c38-4a9f-b0a5-eeeeeed6be46" 14 | DEVICE="eth0" 15 | ONBOOT="yes" 16 | IPADDR="192.168.0.101" 17 | PREFIX="24" 18 | GATEWAY="192.168.0.1" 19 | DNS1="192.168.0.100" 20 | DNS2="8.8.8.8" 21 | DNS3="8.8.4.4" 22 | IPV6_PRIVACY="no" 23 | -------------------------------------------------------------------------------- /multihost/m2/01-network-manager-all.yaml: -------------------------------------------------------------------------------- 1 | # Let NetworkManager manage all devices on this system 2 | network: 3 | version: 2 4 | renderer: NetworkManager 5 | ethernets: 6 | enp0s3: 7 | dhcp4: no 8 | addresses: [192.168.0.102/24] 9 | gateway4: 192.168.0.1 10 | nameservers: 11 | addresses: [192.168.0.101,8.8.8.8,8.8.4.4] 12 | -------------------------------------------------------------------------------- /multihost/m2/ifcfg-eth0: -------------------------------------------------------------------------------- 1 | TYPE="Ethernet" 2 | PROXY_METHOD="none" 3 | BROWSER_ONLY="no" 4 | BOOTPROTO="none" 5 | DEFROUTE="yes" 6 | IPV4_FAILURE_FATAL="no" 7 | IPV6INIT="yes" 8 | IPV6_AUTOCONF="yes" 9 | IPV6_DEFROUTE="yes" 10 | IPV6_FAILURE_FATAL="no" 11 | IPV6_ADDR_GEN_MODE="stable-privacy" 12 | NAME="eth0" 13 | UUID="747d880d-0c38-4a9f-eea5-eeeebcd6be47" 14 | DEVICE="eth0" 15 | ONBOOT="yes" 16 | IPADDR="192.168.0.102" 17 | PREFIX="24" 18 | GATEWAY="192.168.0.1" 19 | DNS1="192.168.0.100" 20 | DNS2="8.8.8.8" 21 | DNS3="8.8.4.4" 22 | IPV6_PRIVACY="no" 23 | -------------------------------------------------------------------------------- /multihost/m3/01-network-manager-all.yaml: -------------------------------------------------------------------------------- 1 | # Let NetworkManager manage all devices on this system 2 | network: 3 | version: 2 4 | renderer: NetworkManager 5 | ethernets: 6 | enp0s3: 7 | dhcp4: no 8 | addresses: [192.168.0.103/24] 9 | gateway4: 192.168.0.1 10 | nameservers: 11 | addresses: [192.168.0.101,8.8.8.8,8.8.4.4] 12 | -------------------------------------------------------------------------------- /multihost/m3/ifcfg-eth0: -------------------------------------------------------------------------------- 1 | TYPE="Ethernet" 2 | PROXY_METHOD="none" 3 | BROWSER_ONLY="no" 4 | BOOTPROTO="none" 5 | DEFROUTE="yes" 6 | IPV4_FAILURE_FATAL="no" 7 | IPV6INIT="yes" 8 | IPV6_AUTOCONF="yes" 9 | IPV6_DEFROUTE="yes" 10 | IPV6_FAILURE_FATAL="no" 11 | IPV6_ADDR_GEN_MODE="stable-privacy" 12 | NAME="eth0" 13 | UUID="747d880d-0c38-4a9f-eeee-deee0cd6be50" 14 | DEVICE="eth0" 15 | ONBOOT="yes" 16 | IPADDR="192.168.0.103" 17 | PREFIX="24" 18 | GATEWAY="192.168.0.1" 19 | DNS1="192.168.0.100" 20 | DNS2="8.8.8.8" 21 | DNS3="8.8.4.4" 22 | IPV6_PRIVACY="no" 23 | -------------------------------------------------------------------------------- /multihost/rev.example.com.db: -------------------------------------------------------------------------------- 1 | ; 2 | ; BIND reverse zone data file for example.com 3 | ; 4 | $TTL 604800 5 | @ IN SOA example.com. root.example.com. ( 6 | 20 ; Serial 7 | 604800 ; Refresh 8 | 86400 ; Retry 9 | 2419200 ; Expire 10 | 604800 ) ; Negative Cache TTL 11 | ; 12 | ;@ IN NS localhost. 13 | ;1.0.0 IN PTR localhost. 14 | 15 | ;Name Server Information 16 | IN NS ns1.example.com. 17 | ;Reverse lookup for Name Server 18 | 101 IN PTR ns1.example.com. 19 | ;PTR Record IP address to HostName 20 | 101 IN PTR api.example.com. 21 | 101 IN PTR example.com 22 | 101 IN PTR ceph.example.com. 23 | 101 IN PTR mail.example.com. 24 | 101 IN PTR master1.example.com. 25 | 101 IN PTR minio.example.com. 26 | 101 IN PTR pgadmin.example.com. 27 | 101 IN PTR www.example.com. 28 | 102 IN PTR api.example.com. 29 | 102 IN PTR jupyter.example.com. 30 | 102 IN PTR aejupyter.example.com. 31 | 102 IN PTR jenkins.example.com. 32 | 102 IN PTR master2.example.com. 33 | 103 IN PTR master3.example.com. 34 | 103 IN PTR splunk.example.com. 35 | -------------------------------------------------------------------------------- /pgadmin/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting pgadmin" 30 | inf "" 31 | 32 | good "kubectl delete ingress: pgadmin-ingress" 33 | kubectl delete ingress pgadmin-ingress 34 | inf "" 35 | 36 | good "kubectl delete service: pgadmin4-http" 37 | kubectl delete svc pgadmin4-http 38 | inf "" 39 | 40 | good "kubectl delete pod: pgadmin4-http" 41 | kubectl delete pod pgadmin4-http 42 | inf "" 43 | 44 | good "kubectl delete pvc: pgadmin4-http-data" 45 | kubectl delete pvc pgadmin4-http-data 46 | inf "" 47 | 48 | good "kubectl delete pv: pgadmin4-http-data" 49 | kubectl delete pv pgadmin4-http-data 50 | inf "" 51 | 52 | inf "deleting secrets: pgadmin-secrets" 53 | kubectl delete secret pgadmin-secrets 54 | inf "" 55 | 56 | inf "deleting secrets: pgadmin4-http-secrets" 57 | kubectl delete secret pgadmin4-http-secrets 58 | inf "" 59 | 60 | good "done deleting: pgadmin" 61 | -------------------------------------------------------------------------------- /pgadmin/ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: pgadmin-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/redirect-to-https: True 8 | spec: 9 | tls: 10 | - hosts: 11 | - pgadmin.example.com 12 | secretName: tls-pgadmin 13 | rules: 14 | - host: pgadmin.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: pgadmin4-http 20 | servicePort: 5050 21 | -------------------------------------------------------------------------------- /pgadmin/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: pgadmin-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 10 | spec: 11 | tls: 12 | - hosts: 13 | - pgadmin.example.com 14 | secretName: pgadmin.example.com-tls 15 | rules: 16 | - host: pgadmin.example.com 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: pgadmin4-http 22 | servicePort: 5050 23 | -------------------------------------------------------------------------------- /pgadmin/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="pgadmin4-http" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /pgadmin/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: pgadmin-secret 5 | type: Opaque 6 | data: 7 | # echo -n "antinex" | base64 8 | username: YW50aW5leA== 9 | # echo -n "antinex" | base64 10 | password: YW50aW5leA== 11 | # echo -n "webapp" | base64 12 | dbname: d2ViYXBw 13 | -------------------------------------------------------------------------------- /pgadmin/show-ingress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe ingress pgadmin" 29 | kubectl describe ingress pgadmin 30 | -------------------------------------------------------------------------------- /pgadmin/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="pgadmin4-http" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /pgadmin/view-ingress-config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "Getting the Splunk ingress configuration: " 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | cat /etc/nginx/conf.d/${use_namespace}-pgadmin4-http-ingress.conf 39 | -------------------------------------------------------------------------------- /postgres/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "-----------------------------------------" 29 | warn "deleting postgres" 30 | inf "" 31 | 32 | good "deleting postgres service: primary" 33 | kubectl delete svc primary 34 | inf "" 35 | 36 | good "deleting postgres service: postgres-primary" 37 | kubectl delete svc postgres-primary 38 | inf "" 39 | 40 | good "deleting pod: primary" 41 | kubectl delete pod primary 42 | inf "" 43 | 44 | good "deleting pvc: primary-pgdata" 45 | kubectl delete pvc primary-pgdata 46 | inf "" 47 | 48 | good "deleting pv: primary-pgdata" 49 | kubectl delete pv primary-pgdata 50 | inf "" 51 | 52 | good "done deleting: postgres" 53 | -------------------------------------------------------------------------------- /postgres/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="primary" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /postgres/pod-describe.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe pod primary" 29 | 30 | kubectl describe pod primary 31 | -------------------------------------------------------------------------------- /postgres/primary-db-ceph.sh: -------------------------------------------------------------------------------- 1 | # https://crunchydata.github.io/crunchy-containers/getting-started/kubernetes-and-openshift/#_single_primary 2 | # git clone https://github.com/CrunchyData/crunchy-containers.git /opt/antinex/crunchy 3 | # sudo su 4 | # GO_VERSION="1.11" 5 | # GO_OS="linux" 6 | # GO_ARCH="amd64" 7 | # go_file="go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz" 8 | # curl https://dl.google.com/go/${go_file} --output /tmp/${go_file} 9 | # export GOPATH=$HOME/go/bin 10 | # export PATH=$PATH:$GOPATH:$GOPATH/bin 11 | # tar -C $HOME -xzf /tmp/${go_file} 12 | # ${GOPATH}/go get github.com/blang/expenv 13 | 14 | export PROJECT="default" 15 | if [[ "${CCP_NAMESPACE}" == "" ]]; then 16 | export CCP_NAMESPACE="default" 17 | fi 18 | if [[ "${CCPROOT}" == "" ]]; then 19 | export CCPROOT="$(pwd)/.pgdeployment" 20 | fi 21 | export CCP_IMAGE_PREFIX="crunchydata" 22 | export CCP_IMAGE_TAG="centos7-10.4-1.8.3" 23 | export CCP_PGADMIN_IMAGE_TAG="centos7-10.3-1.8.2" 24 | export CCP_CLI="kubectl" 25 | # https://crunchydata.github.io/crunchy-containers/installation/storage-configuration 26 | # there's a gluster example showing how to set this for ceph to work based 27 | # off this issue: 28 | # https://github.com/rook/rook/issues/1921#issuecomment-406757857 29 | export CCP_SECURITY_CONTEXT='"fsGroup":0' 30 | export CCP_STORAGE_MODE="ReadWriteMany" 31 | export CCP_STORAGE_CAPACITY="400M" 32 | 33 | export PG_DEPLOYMENT_DIR="${CCPROOT}" 34 | export PG_USER="antinex" 35 | export PG_PASSWORD="antinex" 36 | export PG_DATABASE="webapp" 37 | export PG_PRIMARY_PASSWORD="123321" 38 | export PG_SVC_NAME="primary" 39 | export PG_REPO="https://github.com/CrunchyData/crunchy-containers.git" 40 | 41 | export PGADMIN_DEPLOYMENT_DIR="${CCPROOT}" 42 | export PGADMIN_REPO="https://github.com/CrunchyData/crunchy-containers.git" 43 | export PGADMIN_SVC_NAME="pgadmin4-http" 44 | export PGADMIN_SETUP_EMAIL="admin@admin.com" 45 | export PGADMIN_SETUP_PASSWORD="123321" 46 | -------------------------------------------------------------------------------- /postgres/primary-db-nfs.sh: -------------------------------------------------------------------------------- 1 | # https://crunchydata.github.io/crunchy-containers/getting-started/kubernetes-and-openshift/#_single_primary 2 | # git clone https://github.com/CrunchyData/crunchy-containers.git /opt/antinex/crunchy 3 | # sudo su 4 | # GO_VERSION="1.11" 5 | # GO_OS="linux" 6 | # GO_ARCH="amd64" 7 | # go_file="go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz" 8 | # curl https://dl.google.com/go/${go_file} --output /tmp/${go_file} 9 | # export GOPATH=$HOME/go/bin 10 | # export PATH=$PATH:$GOPATH:$GOPATH/bin 11 | # tar -C $HOME -xzf /tmp/${go_file} 12 | # ${GOPATH}/go get github.com/blang/expenv 13 | 14 | export PROJECT="default" 15 | if [[ "${CCP_NFS_IP}" == "" ]]; then 16 | if [[ -e ./tools/get-nfs-ip.sh ]]; then 17 | export CCP_NFS_IP=$(./tools/get-nfs-ip.sh) 18 | else 19 | export CCP_NFS_IP="localhost" 20 | fi 21 | fi 22 | if [[ "${CCP_NAMESPACE}" == "" ]]; then 23 | export CCP_NAMESPACE="default" 24 | fi 25 | if [[ "${CCPROOT}" == "" ]]; then 26 | export CCPROOT="$(pwd)/.pgdeployment" 27 | fi 28 | export CCP_IMAGE_PREFIX="crunchydata" 29 | export CCP_IMAGE_TAG="centos7-10.4-1.8.3" 30 | export CCP_PGADMIN_IMAGE_TAG="centos7-10.3-1.8.2" 31 | export CCP_CLI="kubectl" 32 | export CCP_SECURITY_CONTEXT='"supplementalGroups": [65534]' 33 | export CCP_STORAGE_PATH="/data/k8/postgres" 34 | export CCP_STORAGE_MODE="ReadWriteMany" 35 | export CCP_STORAGE_CAPACITY="400M" 36 | 37 | export PG_DEPLOYMENT_DIR="${CCPROOT}" 38 | export PG_USER="antinex" 39 | export PG_PASSWORD="antinex" 40 | export PG_DATABASE="webapp" 41 | export PG_PRIMARY_PASSWORD="123321" 42 | export PG_SVC_NAME="primary" 43 | export PG_REPO="https://github.com/CrunchyData/crunchy-containers.git" 44 | 45 | export PGADMIN_DEPLOYMENT_DIR="${CCPROOT}" 46 | export PGADMIN_REPO="https://github.com/CrunchyData/crunchy-containers.git" 47 | export PGADMIN_SVC_NAME="pgadmin4-http" 48 | export PGADMIN_SETUP_EMAIL="admin@admin.com" 49 | export PGADMIN_SETUP_PASSWORD="123321" 50 | -------------------------------------------------------------------------------- /postgres/primary-db.sh: -------------------------------------------------------------------------------- 1 | # https://crunchydata.github.io/crunchy-containers/getting-started/kubernetes-and-openshift/#_single_primary 2 | # git clone https://github.com/CrunchyData/crunchy-containers.git /opt/antinex/crunchy 3 | # sudo su 4 | # GO_VERSION="1.11" 5 | # GO_OS="linux" 6 | # GO_ARCH="amd64" 7 | # go_file="go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz" 8 | # curl https://dl.google.com/go/${go_file} --output /tmp/${go_file} 9 | # export GOPATH=$HOME/go/bin 10 | # export PATH=$PATH:$GOPATH:$GOPATH/bin 11 | # tar -C $HOME -xzf /tmp/${go_file} 12 | # ${GOPATH}/go get github.com/blang/expenv 13 | 14 | export PROJECT="default" 15 | if [[ "${CCP_NFS_IP}" == "" ]]; then 16 | if [[ -e ./tools/get-nfs-ip.sh ]]; then 17 | export CCP_NFS_IP=$(./tools/get-nfs-ip.sh) 18 | else 19 | export CCP_NFS_IP="localhost" 20 | fi 21 | fi 22 | if [[ "${CCP_NAMESPACE}" == "" ]]; then 23 | export CCP_NAMESPACE="default" 24 | fi 25 | if [[ "${CCPROOT}" == "" ]]; then 26 | export CCPROOT="$(pwd)/.pgdeployment" 27 | fi 28 | export CCP_IMAGE_PREFIX="crunchydata" 29 | export CCP_IMAGE_TAG="centos7-10.4-1.8.3" 30 | export CCP_PGADMIN_IMAGE_TAG="centos7-10.3-1.8.2" 31 | export CCP_CLI="kubectl" 32 | export CCP_SECURITY_CONTEXT='"supplementalGroups": [65534]' 33 | export CCP_STORAGE_PATH="/data/k8/postgres" 34 | export CCP_STORAGE_MODE="ReadWriteMany" 35 | export CCP_STORAGE_CAPACITY="400M" 36 | 37 | export PG_DEPLOYMENT_DIR="${CCPROOT}" 38 | export PG_USER="antinex" 39 | export PG_PASSWORD="antinex" 40 | export PG_DATABASE="webapp" 41 | export PG_PRIMARY_PASSWORD="123321" 42 | export PG_SVC_NAME="primary" 43 | export PG_REPO="https://github.com/CrunchyData/crunchy-containers.git" 44 | 45 | export PGADMIN_DEPLOYMENT_DIR="${CCPROOT}" 46 | export PGADMIN_REPO="https://github.com/CrunchyData/crunchy-containers.git" 47 | export PGADMIN_SVC_NAME="pgadmin4-http" 48 | export PGADMIN_SETUP_EMAIL="admin@admin.com" 49 | export PGADMIN_SETUP_PASSWORD="123321" 50 | -------------------------------------------------------------------------------- /postgres/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="primary" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /pvs/pv-certs-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: certs-pv-claim 5 | labels: 6 | app: secure 7 | spec: 8 | storageClassName: rook-ceph-block 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 1Gi 14 | -------------------------------------------------------------------------------- /pvs/pv-configs-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: configs-pv-claim 5 | labels: 6 | app: configs 7 | spec: 8 | storageClassName: rook-ceph-block 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 1Gi 14 | -------------------------------------------------------------------------------- /pvs/pv-datascience-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: datascience-pv-claim 5 | labels: 6 | app: configs 7 | spec: 8 | storageClassName: rook-ceph-block 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 1Gi 14 | -------------------------------------------------------------------------------- /pvs/pv-frontendshared-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: frontendshared-pv-claim 5 | labels: 6 | app: frontend 7 | spec: 8 | storageClassName: rook-ceph-block 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 1Gi 14 | -------------------------------------------------------------------------------- /pvs/pv-staticfiles-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: staticfiles-pv-claim 5 | labels: 6 | app: frontend 7 | spec: 8 | storageClassName: rook-ceph-block 9 | accessModes: 10 | - ReadWriteOnce 11 | resources: 12 | requests: 13 | storage: 1Gi 14 | -------------------------------------------------------------------------------- /redis/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting redis" 30 | inf "" 31 | 32 | helm delete --purge redis 33 | 34 | good "done deleting: redis" 35 | -------------------------------------------------------------------------------- /redis/describe-master.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe pod redis-master-0" 29 | 30 | kubectl describe pod redis-master-0 31 | -------------------------------------------------------------------------------- /redis/pv-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | annotations: 5 | pv.kubernetes.io/bound-by-controller: "yes" 6 | name: redis-pv 7 | spec: 8 | storageClassName: rook-ceph-block 9 | accessModes: 10 | - ReadWriteOnce 11 | capacity: 12 | storage: 30G 13 | persistentVolumeReclaimPolicy: Retain 14 | -------------------------------------------------------------------------------- /redis/pv-nfs.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | annotations: 5 | pv.kubernetes.io/bound-by-controller: "yes" 6 | creationTimestamp: 2018-05-27T20:06:05Z 7 | name: redis-pv 8 | spec: 9 | accessModes: 10 | - ReadWriteOnce 11 | capacity: 12 | storage: 30G 13 | nfs: 14 | path: /data/k8/redis 15 | server: localhost 16 | persistentVolumeReclaimPolicy: Retain 17 | -------------------------------------------------------------------------------- /redis/pv.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | annotations: 5 | pv.kubernetes.io/bound-by-controller: "yes" 6 | creationTimestamp: 2018-05-27T20:06:05Z 7 | name: redis-pv 8 | spec: 9 | accessModes: 10 | - ReadWriteOnce 11 | capacity: 12 | storage: 30G 13 | nfs: 14 | path: /data/k8/redis 15 | server: localhost 16 | persistentVolumeReclaimPolicy: Retain 17 | -------------------------------------------------------------------------------- /redis/pvc-ceph.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: redis-ceph-data 5 | namespace: default 6 | labels: 7 | app: redis 8 | release: redis 9 | role: master 10 | storage: ceph 11 | spec: 12 | storageClassName: rook-ceph-block 13 | accessModes: 14 | - ReadWriteOnce 15 | resources: 16 | requests: 17 | storage: 30Gi 18 | -------------------------------------------------------------------------------- /rook/ceph/filesystem.yml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1beta1 2 | kind: Filesystem 3 | metadata: 4 | name: myfs 5 | namespace: rook-ceph 6 | spec: 7 | # The metadata pool spec 8 | metadataPool: 9 | replicated: 10 | # Increase the replication size if you have more than one osd 11 | size: 1 12 | # The list of data pool specs 13 | dataPools: 14 | - failureDomain: osd 15 | replicated: 16 | size: 1 17 | # If you have at least three osds, erasure coding can be specified 18 | # erasureCoded: 19 | # dataChunks: 2 20 | # codingChunks: 1 21 | # The metadata service (mds) configuration 22 | metadataServer: 23 | # The number of active MDS instances 24 | activeCount: 1 25 | # Whether each active MDS instance will have an active standby with a warm metadata cache for faster failover. 26 | # If false, standbys will be available, but will not have a warm cache. 27 | activeStandby: true 28 | # The affinity rules to apply to the mds deployment 29 | placement: 30 | # nodeAffinity: 31 | # requiredDuringSchedulingIgnoredDuringExecution: 32 | # nodeSelectorTerms: 33 | # - matchExpressions: 34 | # - key: role 35 | # operator: In 36 | # values: 37 | # - mds-node 38 | # tolerations: 39 | # - key: mds-node 40 | # operator: Exists 41 | # podAffinity: 42 | # podAntiAffinity: 43 | resources: 44 | # The requests and limits set here, allow the filesystem MDS Pod(s) to use half of one CPU core and 1 gigabyte of memory 45 | # limits: 46 | # cpu: "500m" 47 | # memory: "1024Mi" 48 | # requests: 49 | # cpu: "500m" 50 | # memory: "1024Mi" 51 | -------------------------------------------------------------------------------- /rook/ceph/ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: ceph-ingress 5 | namespace: rook-ceph 6 | annotations: 7 | nginx.org/redirect-to-https: True 8 | spec: 9 | tls: 10 | - hosts: 11 | - ceph.example.com 12 | secretName: tls-ceph 13 | rules: 14 | - host: ceph.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: rook-ceph-mgr-dashboard 20 | servicePort: 7000 21 | -------------------------------------------------------------------------------- /rook/ceph/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: ceph-ingress 5 | namespace: rook-ceph 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 10 | spec: 11 | tls: 12 | - hosts: 13 | - ceph.example.com 14 | secretName: ceph.example.com-tls 15 | rules: 16 | - host: ceph.example.com 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: rook-ceph-mgr-dashboard 22 | servicePort: 7000 23 | -------------------------------------------------------------------------------- /rook/ceph/kube-registry.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ReplicationController 3 | metadata: 4 | name: kube-registry-v0 5 | namespace: kube-system 6 | labels: 7 | k8s-app: kube-registry 8 | version: v0 9 | kubernetes.io/cluster-service: "true" 10 | spec: 11 | replicas: 3 12 | selector: 13 | k8s-app: kube-registry 14 | version: v0 15 | template: 16 | metadata: 17 | labels: 18 | k8s-app: kube-registry 19 | version: v0 20 | kubernetes.io/cluster-service: "true" 21 | spec: 22 | containers: 23 | - name: registry 24 | image: registry:2 25 | resources: 26 | limits: 27 | cpu: 100m 28 | memory: 100Mi 29 | env: 30 | - name: REGISTRY_HTTP_ADDR 31 | value: :5000 32 | - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY 33 | value: /var/lib/registry 34 | volumeMounts: 35 | - name: image-store 36 | mountPath: /var/lib/registry 37 | ports: 38 | - containerPort: 5000 39 | name: registry 40 | protocol: TCP 41 | volumes: 42 | - name: image-store 43 | flexVolume: 44 | driver: ceph.rook.io/rook 45 | fsType: ceph 46 | options: 47 | fsName: myfs # name of the filesystem specified in the filesystem CRD. 48 | clusterNamespace: rook-ceph # namespace where the Rook cluster is deployed 49 | # by default the path is /, but you can override and mount a specific path of the filesystem by using the path attribute 50 | # the path must exist on the filesystem, otherwise mounting the filesystem at that path will fail 51 | # path: /some/path/inside/cephfs 52 | -------------------------------------------------------------------------------- /rook/ceph/object.yml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1beta1 2 | kind: ObjectStore 3 | metadata: 4 | name: ceph-storage 5 | namespace: rook-ceph 6 | spec: 7 | # The pool spec used to create the metadata pools 8 | metadataPool: 9 | failureDomain: host 10 | replicated: 11 | # Increase the replication size if you have more than one osd 12 | size: 1 13 | # The pool spec used to create the data pool 14 | dataPool: 15 | failureDomain: osd 16 | replicated: 17 | size: 1 18 | # If you have at least three osds, erasure coding can be specified 19 | # erasureCoded: 20 | # dataChunks: 2 21 | # codingChunks: 1 22 | # The gaeteway service configuration 23 | gateway: 24 | # type of the gateway (s3) 25 | type: s3 26 | # A reference to the secret in the rook namespace where the ssl certificate is stored 27 | sslCertificateRef: 28 | # The port that RGW pods will listen on (http) 29 | port: 80 30 | # The port that RGW pods will listen on (https). An ssl certificate is required. 31 | securePort: 32 | # The number of pods in the rgw deployment (ignored if allNodes=true) 33 | instances: 1 34 | # Whether the rgw pods should be deployed on all nodes as a daemonset 35 | allNodes: false 36 | # The affinity rules to apply to the rgw deployment or daemonset. 37 | placement: 38 | # nodeAffinity: 39 | # requiredDuringSchedulingIgnoredDuringExecution: 40 | # nodeSelectorTerms: 41 | # - matchExpressions: 42 | # - key: role 43 | # operator: In 44 | # values: 45 | # - rgw-node 46 | # tolerations: 47 | # - key: rgw-node 48 | # operator: Exists 49 | # podAffinity: 50 | # podAntiAffinity: 51 | resources: 52 | # The requests and limits set here, allow the object store gateway Pod(s) to use half of one CPU core and 1 gigabyte of memory 53 | # limits: 54 | # cpu: "500m" 55 | # memory: "1024Mi" 56 | # requests: 57 | # cpu: "500m" 58 | # memory: "1024Mi" 59 | -------------------------------------------------------------------------------- /rook/ceph/pool.yml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1beta1 2 | kind: Pool 3 | metadata: 4 | name: replicapool 5 | namespace: rook-ceph 6 | spec: 7 | # The failure domain will spread the replicas of the data across different failure zones 8 | failureDomain: osd 9 | # The root of the crush hierarchy that will be used for the pool. If not set, will use "default". 10 | crushRoot: default 11 | # For a pool based on raw copies, specify the number of copies. A size of 1 indicates no redundancy. 12 | replicated: 13 | size: 1 14 | # For an erasure-coded pool, comment out the replicated size above and uncomment the following settings. 15 | # Make sure you have enough OSDs to support the replica size or sum of the erasure coding and data chunks. 16 | #erasureCoded: 17 | # dataChunks: 2 18 | # codingChunks: 1 19 | -------------------------------------------------------------------------------- /rook/ceph/rgw-external.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: rook-ceph-rgw-my-store-external 5 | namespace: rook-ceph 6 | labels: 7 | app: rook-ceph-rgw 8 | rook_cluster: rook-ceph 9 | rook_object_store: my-store 10 | spec: 11 | ports: 12 | - name: rgw 13 | port: 80 14 | protocol: TCP 15 | targetPort: 80 16 | selector: 17 | app: rook-ceph-rgw 18 | rook_cluster: rook-ceph 19 | rook_object_store: my-store 20 | sessionAffinity: None 21 | type: NodePort 22 | -------------------------------------------------------------------------------- /rook/ceph/s3-objectstore-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1beta1 2 | kind: ObjectStore 3 | metadata: 4 | name: s3-storage 5 | namespace: rook-ceph 6 | label: 7 | name: rook-ceph-s3-storage 8 | app: rook-ceph-rgw-s3-storage 9 | spec: 10 | metadataPool: 11 | replicated: 12 | size: 3 13 | dataPool: 14 | erasureCoded: 15 | dataChunks: 2 16 | codingChunks: 1 17 | gateway: 18 | type: s3 19 | sslCertificateRef: 20 | port: 80 21 | securePort: 22 | instances: 1 23 | allNodes: false 24 | placement: 25 | # nodeAffinity: 26 | # requiredDuringSchedulingIgnoredDuringExecution: 27 | # nodeSelectorTerms: 28 | # - matchExpressions: 29 | # - key: role 30 | # operator: In 31 | # values: 32 | # - rgw-node 33 | # tolerations: 34 | # - key: rgw-node 35 | # operator: Exists 36 | # podAffinity: 37 | # podAntiAffinity: 38 | resources: 39 | # limits: 40 | # cpu: "500m" 41 | # memory: "1024Mi" 42 | # requests: 43 | # cpu: "500m" 44 | # memory: "1024Mi" 45 | -------------------------------------------------------------------------------- /rook/ceph/s3-objectstore-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1beta1 2 | kind: ObjectStore 3 | metadata: 4 | name: s3-storage 5 | namespace: rook-ceph 6 | label: 7 | name: rook-ceph-s3-storage 8 | app: rook-ceph-rgw-s3-storage 9 | spec: 10 | metadataPool: 11 | replicated: 12 | size: 3 13 | dataPool: 14 | erasureCoded: 15 | dataChunks: 2 16 | codingChunks: 1 17 | gateway: 18 | type: s3 19 | sslCertificateRef: tls-s3-ceph 20 | port: 80 21 | securePort: 443 22 | instances: 1 23 | allNodes: false 24 | placement: 25 | # nodeAffinity: 26 | # requiredDuringSchedulingIgnoredDuringExecution: 27 | # nodeSelectorTerms: 28 | # - matchExpressions: 29 | # - key: role 30 | # operator: In 31 | # values: 32 | # - rgw-node 33 | # tolerations: 34 | # - key: rgw-node 35 | # operator: Exists 36 | # podAffinity: 37 | # podAntiAffinity: 38 | resources: 39 | # limits: 40 | # cpu: "500m" 41 | # memory: "1024Mi" 42 | # requests: 43 | # cpu: "500m" 44 | # memory: "1024Mi" 45 | -------------------------------------------------------------------------------- /rook/ceph/scc.yml: -------------------------------------------------------------------------------- 1 | kind: SecurityContextConstraints 2 | apiVersion: v1 3 | metadata: 4 | name: rook 5 | allowPrivilegedContainer: true 6 | allowHostNetwork: true 7 | allowHostDirVolumePlugin: true 8 | priority: 9 | allowedCapabilities: [] 10 | allowHostPorts: false 11 | allowHostPID: true 12 | allowHostIPC: false 13 | readOnlyRootFilesystem: false 14 | requiredDropCapabilities: [] 15 | defaultAddCapabilities: [] 16 | runAsUser: 17 | type: RunAsAny 18 | seLinuxContext: 19 | type: MustRunAs 20 | fsGroup: 21 | type: MustRunAs 22 | supplementalGroups: 23 | type: RunAsAny 24 | allowedFlexVolumes: 25 | - driver: "rook.io/rook" 26 | volumes: 27 | - configMap 28 | - downwardAPI 29 | - emptyDir 30 | - flexVolume 31 | - hostPath 32 | - persistentVolumeClaim 33 | - projected 34 | - secret 35 | users: 36 | # A user needs to be added for each rook service account. 37 | # This assumes running in the default sample "rook-ceph" and "rook-ceph-system" namespaces. 38 | # If other namespaces or service accounts are configured, they need to be updated here. 39 | - system:serviceaccount:rook-ceph-system:rook-ceph-system 40 | - system:serviceaccount:rook-ceph:default 41 | - system:serviceaccount:rook-ceph:rook-ceph-cluster 42 | -------------------------------------------------------------------------------- /rook/ceph/service-objectstore-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: rook-ceph-rgw-s3 5 | namespace: rook-ceph 6 | labels: 7 | app: rook-ceph-rgw 8 | rook_cluster: rook-ceph 9 | rook_object_store: s3-storage 10 | spec: 11 | ports: 12 | - name: rgw 13 | port: 80 14 | selector: 15 | app: rook-ceph-rgw 16 | rook_cluster: rook-ceph 17 | rook_object_store: s3-storage 18 | sessionAffinity: None 19 | -------------------------------------------------------------------------------- /rook/ceph/service-objectstore-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: rook-ceph-rgw-s3 5 | namespace: rook-ceph 6 | labels: 7 | app: rook-ceph-rgw 8 | rook_cluster: rook-ceph 9 | rook_object_store: s3-storage 10 | spec: 11 | ports: 12 | - name: rgw 13 | port: 80 14 | selector: 15 | app: rook-ceph-rgw 16 | rook_cluster: rook-ceph 17 | rook_object_store: s3-storage 18 | sessionAffinity: None 19 | -------------------------------------------------------------------------------- /rook/ceph/storageclass.yml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1beta1 2 | kind: Pool 3 | metadata: 4 | name: replicapool 5 | namespace: rook-ceph 6 | spec: 7 | replicated: 8 | size: 1 9 | # For an erasure-coded pool, comment out the replication size above and uncomment the following settings. 10 | # Make sure you have enough OSDs to support the replica size or erasure code chunks. 11 | #erasureCoded: 12 | # dataChunks: 2 13 | # codingChunks: 1 14 | --- 15 | apiVersion: storage.k8s.io/v1 16 | kind: StorageClass 17 | metadata: 18 | name: rook-ceph-block 19 | provisioner: ceph.rook.io/block 20 | parameters: 21 | pool: replicapool 22 | # Specify the namespace of the rook cluster from which to create volumes. 23 | # If not specified, it will use `rook` as the default namespace of the cluster. 24 | # This is also the namespace where the cluster will be 25 | clusterNamespace: rook-ceph 26 | # Specify the filesystem type of the volume. If not specified, it will use `ext4`. 27 | fstype: xfs 28 | -------------------------------------------------------------------------------- /rook/ceph/toolbox.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: rook-ceph-tools 5 | namespace: rook-ceph 6 | spec: 7 | dnsPolicy: ClusterFirstWithHostNet 8 | containers: 9 | - name: rook-ceph-tools 10 | image: rook/ceph-toolbox:master 11 | imagePullPolicy: IfNotPresent 12 | env: 13 | - name: ROOK_ADMIN_SECRET 14 | valueFrom: 15 | secretKeyRef: 16 | name: rook-ceph-mon 17 | key: admin-secret 18 | securityContext: 19 | privileged: true 20 | volumeMounts: 21 | - mountPath: /dev 22 | name: dev 23 | - mountPath: /sys/bus 24 | name: sysbus 25 | - mountPath: /lib/modules 26 | name: libmodules 27 | - name: mon-endpoint-volume 28 | mountPath: /etc/rook 29 | hostNetwork: false 30 | volumes: 31 | - name: dev 32 | hostPath: 33 | path: /dev 34 | - name: sysbus 35 | hostPath: 36 | path: /sys/bus 37 | - name: libmodules 38 | hostPath: 39 | path: /lib/modules 40 | - name: mon-endpoint-volume 41 | configMap: 42 | name: rook-ceph-mon-endpoints 43 | items: 44 | - key: data 45 | path: mon-endpoints 46 | -------------------------------------------------------------------------------- /rook/debug-osd-pods.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | new_logs_zip=/tmp/rook-logs.gz 32 | 33 | anmt "--------------------------------" 34 | anmt "Viewing OSD Debug Information" 35 | 36 | # https://github.com/rook/rook/blob/764781d7da39f125407d33f62778d30c4dd4f545/Documentation/advanced-configuration.md#kubernetes 37 | 38 | # Get OSD Pods 39 | # This uses the example/default cluster name "rook" 40 | OSD_PODS=$(kubectl get pods --all-namespaces -l \ 41 | app=rook-ceph-osd,rook_cluster=rook-ceph -o jsonpath='{.items[*].metadata.name}') 42 | 43 | # Find node and drive associations from OSD pods 44 | for pod in $(echo ${OSD_PODS}) 45 | do 46 | echo "Pod: ${pod}" 47 | echo "Node: $(kubectl -n rook-ceph get pod ${pod} -o jsonpath='{.spec.nodeName}')" 48 | kubectl -n rook-ceph exec ${pod} -- sh -c '\ 49 | for i in /var/lib/rook/osd*; do 50 | [ -f ${i}/ready ] || continue 51 | echo -ne "-$(basename ${i}) " 52 | echo $(lsblk -n -o NAME,SIZE ${i}/block 2> /dev/null || \ 53 | findmnt -n -v -o SOURCE,SIZE -T ${i}) $(cat ${i}/type) 54 | done|sort -V 55 | echo' 56 | done 57 | 58 | inf "" 59 | -------------------------------------------------------------------------------- /rook/describe-rgw.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="rook-ceph" 29 | app_name="" 30 | 31 | inf "" 32 | anmt "-----------------------------------------" 33 | good "Getting the Rook Ceph System Pods:" 34 | inf "kubectl describe -n ${use_namespace} pod rook-ceph-rgw" 35 | kubectl describe -n ${use_namespace} pod rook-ceph-rgw 36 | -------------------------------------------------------------------------------- /rook/describe-tls-s3-ceph.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="rook-ceph" 29 | app_name="" 30 | 31 | inf "" 32 | anmt "-----------------------------------------" 33 | good "Getting the Rook Ceph System Pods:" 34 | inf "kubectl get secret -n rook-ceph --ignore-not-found | grep tls-s3-ceph" 35 | kubectl get secret -n rook-ceph --ignore-not-found | grep tls-s3-ceph 36 | -------------------------------------------------------------------------------- /rook/envs/.gitignore: -------------------------------------------------------------------------------- 1 | *.env 2 | -------------------------------------------------------------------------------- /rook/gather-all-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | new_logs_zip=/tmp/rook-logs.gz 32 | 33 | anmt "----------------------------" 34 | anmt "Gathering all Rook Ceph logs" 35 | 36 | all_pods="" 37 | # https://github.com/rook/rook/blob/764781d7da39f125407d33f62778d30c4dd4f545/Documentation/advanced-configuration.md#log-collection 38 | (for p in $(kubectl -n rook-ceph get pods -o jsonpath='{.items[*].metadata.name}') 39 | do 40 | for c in $(kubectl -n rook-ceph get pod ${p} -o jsonpath='{.spec.containers[*].name}') 41 | do 42 | echo "" 43 | anmt "BEGIN logs from pod: ${p} ${c}" 44 | kubectl -n rook-ceph logs -c ${c} ${p} 45 | good "END logs from pod: ${p} ${c}" 46 | echo "" 47 | all_pods="${p} ${all_pods}" 48 | done 49 | done 50 | for i in $(kubectl -n rook-ceph-system get pods -o jsonpath='{.items[*].metadata.name}') 51 | do 52 | echo "" 53 | anmt "BEGIN logs from pod: ${i}" 54 | kubectl -n rook-ceph-system logs ${i} 55 | good "END logs from pod: ${i}" 56 | echo "" 57 | all_pods="${p} ${all_pods}" 58 | # done) | gzip > ${new_logs_zip} 59 | done 60 | echo "" 61 | echo "kubetail -f ${all_pods}") > ${new_logs_zip} 62 | 63 | inf "" 64 | anmt "---------------" 65 | anmt "Rook Ceph logs:" 66 | cat ${new_logs_zip} 67 | inf "" 68 | inf "view the logs again with:" 69 | good "cat ${new_logs_zip}" 70 | 71 | -------------------------------------------------------------------------------- /rook/get-ceph-s3-endpoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | svc_name="rook-ceph-rgw-s3" 4 | service_type="NodePort" 5 | port=80 6 | if [[ "${1}" == "clusterip" ]]; then 7 | service_type="ClusterIP" 8 | port=80 9 | fi 10 | ip_address=$(kubectl -n rook-ceph get svc --ignore-not-found | grep ${svc_name} | grep rgw | grep ${service_type} | awk '{print $3}') 11 | echo "${ip_address}:${port}" 12 | -------------------------------------------------------------------------------- /rook/get-minio-s3-endpoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | svc_name="minio-service" 4 | service_type="NodePort" 5 | port=80 6 | if [[ "${1}" == "clusterip" ]]; then 7 | service_type="ClusterIP" 8 | port=80 9 | fi 10 | ip_address=$(kubectl -n rook-minio get svc --ignore-not-found | grep ${svc_name} | grep ${service_type} | awk '{print $3}') 11 | echo "${ip_address}:${port}" 12 | -------------------------------------------------------------------------------- /rook/get-user-trex-info.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph" 32 | app_name="" 33 | username="trex" 34 | display_name="trex" 35 | secure_realm="ceph-storage" 36 | secure_zonegroup="ceph-storage" 37 | insecure_realm="ceph-storage" 38 | insecure_zonegroup="ceph-storage" 39 | 40 | if [[ "${1}" != "" ]]; then 41 | username="${1}" 42 | display_name="${1}" 43 | fi 44 | 45 | inf "" 46 | anmt "----------------------------------------------" 47 | good "Creating Rook User: ${username}" 48 | 49 | # http://docs.ceph.com/docs/giant/radosgw/admin/ 50 | echo "kubectl exec -n rook-ceph -it rook-ceph-tools -- /bin/bash -c \"radosgw-admin user info --uid=${username}\"" 51 | kubectl exec -n rook-ceph -it rook-ceph-tools -- /bin/bash -c "radosgw-admin user info --uid=${username}" 52 | -------------------------------------------------------------------------------- /rook/load-s3-secure-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | svc_name="rook-ceph-rgw-s3-secure" 4 | ip_address=$(kubectl -n rook-ceph get svc ${svc_name} | grep rgw | awk '{print $3}') 5 | port=443 6 | 7 | echo "${ip_address}:${port}" 8 | 9 | export AWS_HOST="${svc_name}.rook-ceph" 10 | export AWS_ENDPOINT="${ip_address}:${port}" 11 | export AWS_ACCESS_KEY_ID= 12 | export AWS_SECRET_ACCESS_KEY= 13 | 14 | -------------------------------------------------------------------------------- /rook/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph" 32 | app_name=$(kubectl -n rook-ceph get pod --ignore-not-found | grep rook-ceph-rgw-s3-storage | awk '{print $1}') 33 | 34 | anmt "--------------------------------" 35 | anmt "Tailing Rook Ceph RGW ${app_name} logs with:" 36 | inf "" 37 | good "kubectl logs -n ${use_namespace} ${app_name} -f" 38 | inf "" 39 | kubectl logs -f -n ${use_namespace} ${app_name} 40 | -------------------------------------------------------------------------------- /rook/minio/describe-ingress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio ingress namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe ingress -n ${use_namespace}" 37 | inf "" 38 | kubectl describe ingress -n ${use_namespace} 39 | -------------------------------------------------------------------------------- /rook/minio/describe-objstore.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio-system" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio pod namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe objectstore -n rook-minio -l app=rook-minio-objectstore" 37 | inf "" 38 | kubectl describe objectstore -n rook-minio -l app=rook-minio-objectstore 39 | -------------------------------------------------------------------------------- /rook/minio/describe-pod.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio-system" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio pod namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe minio pod" 37 | inf "" 38 | kubectl describe pod -n ${use_namespace} 39 | -------------------------------------------------------------------------------- /rook/minio/describe-secret.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio secret rook.s3.user namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe secret rook.s3.user" 37 | inf "" 38 | kubectl describe secret -n ${use_namespace} rook.s3.user 39 | 40 | -------------------------------------------------------------------------------- /rook/minio/describe-service.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio" 32 | 33 | anmt "---------------------------------------------------------" 34 | anmt "Describing minio service namespace ${use_namespace}" 35 | inf "" 36 | good "kubectl describe service -n ${use_namespace}" 37 | inf "" 38 | kubectl describe service -n ${use_namespace} 39 | -------------------------------------------------------------------------------- /rook/minio/ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: minio-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/redirect-to-https: True 8 | spec: 9 | tls: 10 | - hosts: 11 | - minio.example.com 12 | secretName: tls-minio 13 | rules: 14 | - host: minio.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: minio 20 | servicePort: 9000 21 | -------------------------------------------------------------------------------- /rook/minio/ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: minio-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 10 | spec: 11 | tls: 12 | - hosts: 13 | - minio.example.com 14 | secretName: minio.example.com-tls 15 | rules: 16 | - host: minio.example.com 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: minio 22 | servicePort: 9000 23 | -------------------------------------------------------------------------------- /rook/minio/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio-system" 32 | app_name=$(kubectl -n ${use_namespace} get pod --ignore-not-found | grep rook-minio-operator | awk '{print $1}') 33 | 34 | anmt "--------------------------------------------------" 35 | anmt "Tailing Rook Minio Operator ${app_name} logs with:" 36 | inf "" 37 | good "kubectl logs -f -n ${use_namespace} ${app_name}" 38 | inf "" 39 | kubectl logs -f -n ${use_namespace} ${app_name} 40 | 41 | -------------------------------------------------------------------------------- /rook/minio/s3-objectstore-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: rook-minio 5 | --- 6 | apiVersion: minio.rook.io/v1alpha1 7 | kind: ObjectStore 8 | metadata: 9 | name: s3-storage 10 | namespace: rook-minio 11 | labels: 12 | app: rook-minio-objectstore 13 | spec: 14 | scope: 15 | nodeCount: 1 16 | placement: 17 | tolerations: 18 | nodeAffinity: 19 | podAffinity: 20 | podAnyAffinity: 21 | port: 9000 22 | credentials: 23 | name: rook.s3.user 24 | namespace: default 25 | storageAmount: "10G" 26 | -------------------------------------------------------------------------------- /rook/minio/s3-objectstore-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: rook-minio 5 | --- 6 | apiVersion: minio.rook.io/v1alpha1 7 | kind: ObjectStore 8 | metadata: 9 | name: s3-storage 10 | namespace: rook-minio 11 | spec: 12 | scope: 13 | nodeCount: 4 14 | placement: 15 | tolerations: 16 | nodeAffinity: 17 | podAffinity: 18 | podAnyAffinity: 19 | port: 9000 20 | credentials: 21 | name: rook.s3.user 22 | namespace: default 23 | storageAmount: "10G" 24 | -------------------------------------------------------------------------------- /rook/minio/service-objectstore-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: minio-service 5 | namespace: rook-minio 6 | labels: 7 | name: minio-service 8 | rook_cluster: minio 9 | storage: s3-storage 10 | spec: 11 | ports: 12 | - name: http 13 | port: 9000 14 | targetPort: 9000 15 | protocol: TCP 16 | selector: 17 | app: rook-minio-objectstore 18 | -------------------------------------------------------------------------------- /rook/minio/service-objectstore-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: minio-service 5 | namespace: rook-minio 6 | labels: 7 | name: minio-service 8 | rook_cluster: minio 9 | storage: s3-storage 10 | spec: 11 | type: NodePort 12 | ports: 13 | - name: 14 | port: 9000 15 | protocol: TCP 16 | selector: 17 | name: minio-service 18 | rook_cluster: minio 19 | storage: s3-storage 20 | -------------------------------------------------------------------------------- /rook/minio/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio-system" 32 | app_name="rook-minio-operator" 33 | pod_name=$(kubectl get pod -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 34 | 35 | good "kubectl exec -it -n ${use_namespace} ${pod_name} sh" 36 | 37 | kubectl exec -it \ 38 | -n ${use_namespace} \ 39 | ${pod_name} \ 40 | sh 41 | -------------------------------------------------------------------------------- /rook/secrets/.gitignore: -------------------------------------------------------------------------------- 1 | *.json 2 | *.yml 3 | -------------------------------------------------------------------------------- /rook/show-ceph-df.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="rook-ceph" 29 | app_name="" 30 | 31 | inf "" 32 | anmt "----------------------------------------------" 33 | good "Getting the Rook Ceph df with Toolbox:" 34 | inf "kubectl -n ${use_namespace} exec -it rook-ceph-tools ceph df" 35 | kubectl -n ${use_namespace} exec -it rook-ceph-tools ceph df 36 | -------------------------------------------------------------------------------- /rook/show-ceph-osd-status.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="rook-ceph" 29 | app_name="" 30 | 31 | inf "" 32 | anmt "----------------------------------------------" 33 | good "Getting the Rook Ceph OSD Status with Toolbox:" 34 | inf "kubectl -n ${use_namespace} exec -it rook-ceph-tools ceph osd status" 35 | kubectl -n ${use_namespace} exec -it rook-ceph-tools ceph osd status 36 | -------------------------------------------------------------------------------- /rook/show-ceph-rados-df.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="rook-ceph" 29 | app_name="" 30 | 31 | inf "" 32 | anmt "----------------------------------------------" 33 | good "Getting the Rook Ceph rados df with Toolbox:" 34 | inf "kubectl -n ${use_namespace} exec -it rook-ceph-tools rados df" 35 | kubectl -n ${use_namespace} exec -it rook-ceph-tools rados df 36 | -------------------------------------------------------------------------------- /rook/show-ceph-status.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="rook-ceph" 29 | app_name="" 30 | 31 | inf "" 32 | anmt "----------------------------------------------" 33 | good "Getting the Rook Ceph Status with Toolbox:" 34 | inf "kubectl -n ${use_namespace} exec -it rook-ceph-tools ceph status" 35 | kubectl -n ${use_namespace} exec -it rook-ceph-tools ceph status 36 | -------------------------------------------------------------------------------- /rook/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph" 32 | app_name="rook-ceph-tools" 33 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 34 | 35 | good "kubectl exec -it -n ${use_namespace} ${app_name} /bin/bash" 36 | 37 | kubectl exec -it \ 38 | -n ${use_namespace} \ 39 | ${app_name} \ 40 | /bin/bash 41 | -------------------------------------------------------------------------------- /rook/test-s3.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import os 4 | import boto3 5 | import datetime 6 | 7 | # If bucket is private 8 | AWS_ACCESS_KEY = os.getenv( 9 | 'AWS_ACCESS_KEY', 10 | 'your access key') 11 | AWS_SECRET_KEY = os.getenv( 12 | 'AWS_SECRET_KEY', 13 | 'your secret key') 14 | AWS_REGION = os.getenv( 15 | 'AWS_REGION', 16 | 'your region') 17 | 18 | bucket_name = 'test-bucket' 19 | filename = 'hello-test.txt' 20 | download_filename = 'download-{}'.format( 21 | filename) 22 | key_name = filename 23 | key_contents = 'hello tested on: {}'.format( 24 | datetime.datetime.utcnow().strftime('%Y-%m-%d %H:%M:%S')) 25 | 26 | print(( 27 | 'creating test file: {}').format( 28 | filename)) 29 | with open(filename, 'w') as key_file: 30 | key_file.write(key_contents) 31 | 32 | print('connecting') 33 | session = boto3.session.Session( 34 | aws_access_key_id=AWS_ACCESS_KEY, 35 | aws_secret_access_key=AWS_SECRET_KEY, 36 | region_name=AWS_REGION 37 | ) 38 | print('getting s3 client') 39 | s3_client = session.client('s3') 40 | 41 | # If the bucket is public 42 | # s3_client = boto3.client('s3') 43 | 44 | # Once the client is created. 45 | 46 | try: 47 | print(( 48 | 'creating bucket={}').format( 49 | bucket_name)) 50 | bucket = s3_client.create_bucket(Bucket=bucket_name) 51 | except Exception as e: 52 | print(( 53 | 'failed creating bucket={} with ex={}').format( 54 | bucket_name, 55 | e)) 56 | # end of try/ex for creating bucket 57 | 58 | 59 | # Upload the file to S3 60 | print(( 61 | 'upload_file({}, {}, {})').format( 62 | filename, 63 | bucket_name, 64 | key_name)) 65 | s3_client.upload_file(filename, bucket_name, key_name) 66 | 67 | # Download the file from S3 68 | print(( 69 | 'upload_file({}, {}, {})').format( 70 | bucket_name, 71 | key_name, 72 | download_filename)) 73 | s3_client.download_file(bucket_name, key_name, download_filename) 74 | print(( 75 | 'download_filename={} contents: {}').format( 76 | download_filename, 77 | open(download_filename).read())) 78 | -------------------------------------------------------------------------------- /rook/view-ceph-pods.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "-----------------------------------------" 36 | good "Getting the Rook Ceph Pods:" 37 | inf "kubectl -n ${use_namespace} get pod" 38 | kubectl -n ${use_namespace} get pod 39 | -------------------------------------------------------------------------------- /rook/view-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="default" 32 | app_name="core" 33 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 34 | 35 | inf "" 36 | anmt "-----------------------------------------" 37 | good "getting core environment variables" 38 | kubectl exec -it \ 39 | ${pod_name} \ 40 | -n ${use_namespace} \ 41 | env | sort 42 | -------------------------------------------------------------------------------- /rook/view-minio-pods.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-minio-system" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "-----------------------------------------" 36 | good "Getting the Rook Minio Pods:" 37 | inf "kubectl -n ${use_namespace} get pod" 38 | kubectl -n ${use_namespace} get pod 39 | -------------------------------------------------------------------------------- /rook/view-services.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "-----------------------------------------" 36 | good "Getting the Rook Ceph Services:" 37 | inf "" 38 | 39 | inf "kubectl -n ${use_namespace} get svc --ignore-not-found | grep rgw-s3" 40 | kubectl -n ${use_namespace} get svc --ignore-not-found | grep rgw-s3 41 | inf "" 42 | -------------------------------------------------------------------------------- /rook/view-system-pods.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph-system" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "-----------------------------------------" 36 | good "Getting the Rook Ceph System Pods:" 37 | inf "kubectl -n ${use_namespace} get pod" 38 | kubectl -n ${use_namespace} get pod 39 | -------------------------------------------------------------------------------- /rook/view-toolbox.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | up_found_colors="../tools/bash_colors.sh" 6 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 7 | . ${found_colors} 8 | elif [[ "${DISABLE_COLORS}" == "" ]] && [[ "${up_found_colors}" != "" ]] && [[ -e ${up_found_colors} ]]; then 9 | . ${up_found_colors} 10 | else 11 | inf() { 12 | echo "$@" 13 | } 14 | anmt() { 15 | echo "$@" 16 | } 17 | good() { 18 | echo "$@" 19 | } 20 | err() { 21 | echo "$@" 22 | } 23 | critical() { 24 | echo "$@" 25 | } 26 | warn() { 27 | echo "$@" 28 | } 29 | fi 30 | 31 | use_namespace="rook-ceph" 32 | app_name="" 33 | 34 | inf "" 35 | anmt "-----------------------------------------" 36 | good "Getting the Rook Ceph Toolbox:" 37 | inf "kubectl -n ${use_namespace} get pod rook-ceph-tools" 38 | kubectl -n ${use_namespace} get pod rook-ceph-tools 39 | -------------------------------------------------------------------------------- /splunk/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting splunk" 30 | inf "" 31 | 32 | good "kubectl delete ingresses: splunk-ingress splunk-web-ingress splunk-tcp-ingress" 33 | kubectl delete ingress splunk-ingress 34 | kubectl delete ingress splunk-tcp-ingress 35 | kubectl delete ingress splunk-web-ingress 36 | inf "" 37 | 38 | good "kubectl delete services: splunk-svc splunk-web-svc splunk-tcp-svc" 39 | kubectl delete svc splunk-svc 40 | kubectl delete svc splunk-web-svc 41 | kubectl delete svc splunk-tcp-svc 42 | inf "" 43 | 44 | good "kubectl delete deployment: splunk" 45 | kubectl delete deployment splunk 46 | inf "" 47 | 48 | inf "deleting secrets: splunk-secrets" 49 | kubectl delete secret splunk-secrets 50 | inf "" 51 | 52 | good "done deleting: splunk" 53 | -------------------------------------------------------------------------------- /splunk/get-api-fqdn.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | kubectl describe svc splunk-svc | grep 8089 | grep Endpoint | awk '{print $NF}' 4 | -------------------------------------------------------------------------------- /splunk/ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: splunk-ingress 5 | namespace: default 6 | spec: 7 | rules: 8 | - host: splunkapi.redten.io 9 | http: 10 | paths: 11 | - path: / 12 | backend: 13 | serviceName: splunk-svc 14 | servicePort: 8089 15 | -------------------------------------------------------------------------------- /splunk/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="splunk" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /splunk/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | should_cleanup_before_startup=0 13 | cert_env="dev" 14 | extra_params="" 15 | for i in "$@" 16 | do 17 | if [[ "${i}" == "prod" ]]; then 18 | cert_env="prod" 19 | elif [[ "${i}" == "antinex" ]]; then 20 | cert_env="an" 21 | elif [[ "${i}" == "qs" ]]; then 22 | cert_env="qs" 23 | elif [[ "${i}" == "redten" ]]; then 24 | cert_env="redten" 25 | fi 26 | done 27 | 28 | use_path="." 29 | if [[ ! -e deployment.yml ]]; then 30 | use_path="./splunk" 31 | fi 32 | 33 | anmt "------------------------------------------------------------" 34 | anmt "deploying splunk with cert_env=${cert_env}: https://hub.docker.com/r/splunk/splunk/" 35 | inf "" 36 | 37 | inf "applying secrets" 38 | kubectl apply -f ${use_path}/secrets.yml 39 | inf "" 40 | 41 | inf "applying API and HEC service" 42 | kubectl apply -f ${use_path}/service.yml 43 | inf "" 44 | 45 | inf "applying Web dashboard service" 46 | kubectl apply -f ${use_path}/web-service.yml 47 | inf "" 48 | 49 | inf "applying TCP service" 50 | kubectl apply -f ${use_path}/tcp-service.yml 51 | inf "" 52 | 53 | # Optional ingress files 54 | 55 | # inf "applying API and HEC ingresses" 56 | # kubectl apply -f ${use_path}/ingress.yml 57 | # inf "" 58 | 59 | # inf "applying TCP endpoint ingress" 60 | # kubectl apply -f ${use_path}/tcp-ingress.yml 61 | # inf "" 62 | 63 | inf "applying Web dashboard endpoint ingress cert_env: ${cert_env}" 64 | kubectl apply -f ${use_path}/web-ingress-${cert_env}.yml 65 | inf "" 66 | 67 | inf "applying deployment: ${use_path}/deployment.yml" 68 | kubectl apply -f ${use_path}/deployment.yml 69 | inf "" 70 | 71 | good "done deploying: splunk" 72 | -------------------------------------------------------------------------------- /splunk/search.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="api" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | warn "searching splunk with: ${@}" 33 | warn "with command:" 34 | warn "kubectl exec -it ${pod_name} -n ${use_namespace} echo 'starting search' && /bin/bash -c \"source /opt/venv/bin/activate && sp ${@}\"" 35 | 36 | kubectl exec -it \ 37 | ${pod_name} \ 38 | -n ${use_namespace} \ 39 | echo 'starting search' && /bin/bash -c "source /opt/venv/bin/activate && sp ${@}" 40 | 41 | good "done searching" 42 | 43 | exit 0 44 | -------------------------------------------------------------------------------- /splunk/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: splunk.user 5 | type: Opaque 6 | data: 7 | # echo -n "trex" | base64 8 | username: dHJleA== 9 | # echo -n "123321" | base64 10 | password: MTIzMzIx 11 | --- 12 | apiVersion: v1 13 | kind: Secret 14 | metadata: 15 | name: splunk.log 16 | type: Opaque 17 | data: 18 | # echo -n "antinex" | base64 19 | index: YW50aW5leA== 20 | # echo -n "splunk" | base64 21 | handler: c3BsdW5r 22 | # echo -n "1" | base64 23 | verify: MQ== 24 | # echo -n "0" | base64 25 | debug: MA== 26 | --- 27 | apiVersion: v1 28 | kind: Secret 29 | metadata: 30 | name: splunk.endpoints 31 | type: Opaque 32 | data: 33 | # echo -n "splunk-tcp-svc" | base64 34 | tcp_service: c3BsdW5rLXRjcC1zdmM= 35 | # echo -n "splunk-svc" | base64 36 | api_service: c3BsdW5rLXN2Yw== 37 | # echo -n "splunk-svc:8089" | base64 38 | api: c3BsdW5rLXN2Yzo4MDg5 39 | # echo -n "splunk-tcp-svc:1514" | base64 40 | tcp: c3BsdW5rLXRjcC1zdmM6MTUxNA== 41 | # echo -n "splunk-svc:8088" | base64 42 | hec: c3BsdW5rLXN2Yzo4MDg4 43 | -------------------------------------------------------------------------------- /splunk/service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: splunk-svc 5 | spec: 6 | ports: 7 | - port: 8088 8 | targetPort: 8088 9 | protocol: TCP 10 | name: splunk-api-port 11 | - port: 8089 12 | targetPort: 8089 13 | protocol: TCP 14 | name: splunk-hec-port 15 | selector: 16 | app: splunk 17 | -------------------------------------------------------------------------------- /splunk/show-ingress.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl describe ingress splunk" 29 | kubectl describe ingress splunk 30 | -------------------------------------------------------------------------------- /splunk/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="splunk" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /splunk/tcp-ingress.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: splunk-tcp-ingress 5 | namespace: default 6 | spec: 7 | rules: 8 | - host: splunktcp.redten.io 9 | http: 10 | paths: 11 | - path: / 12 | backend: 13 | serviceName: splunk-tcp-svc 14 | servicePort: 1514 15 | -------------------------------------------------------------------------------- /splunk/tcp-service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: splunk-tcp-svc 5 | spec: 6 | ports: 7 | - port: 1514 8 | targetPort: 1514 9 | protocol: TCP 10 | name: splunk-tcp-port 11 | selector: 12 | app: splunk 13 | -------------------------------------------------------------------------------- /splunk/view-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="splunk" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "getting api environment variables" 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | env | sort 39 | -------------------------------------------------------------------------------- /splunk/view-ingress-config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="nginx" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "Getting the Splunk ingress configuration: " 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | cat /etc/nginx/conf.d/${use_namespace}-splunk-ingress.conf 39 | -------------------------------------------------------------------------------- /splunk/web-ingress-dev.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: splunk-web-ingress 5 | namespace: default 6 | annotations: 7 | nginx.org/redirect-to-https: True 8 | spec: 9 | tls: 10 | - hosts: 11 | - splunk.example.com 12 | secretName: tls-splunk 13 | rules: 14 | - host: splunk.example.com 15 | http: 16 | paths: 17 | - path: / 18 | backend: 19 | serviceName: splunk-web-svc 20 | servicePort: 8000 21 | -------------------------------------------------------------------------------- /splunk/web-ingress-prod.yml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: splunk-web-ingress 5 | namespace: default 6 | annotations: 7 | kubernetes.io/tls-acme: "true" 8 | kubernetes.io/ingress.class: "nginx" 9 | certmanager.k8s.io/cluster-issuer: "letsencrypt-issuer" 10 | spec: 11 | tls: 12 | - hosts: 13 | - splunk.example.com 14 | secretName: splunk.example.com-tls 15 | rules: 16 | - host: splunk.example.com 17 | http: 18 | paths: 19 | - path: / 20 | backend: 21 | serviceName: splunk-web-svc 22 | servicePort: 8000 23 | -------------------------------------------------------------------------------- /splunk/web-service.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: splunk-web-svc 5 | spec: 6 | ports: 7 | - port: 8000 8 | targetPort: 8000 9 | protocol: TCP 10 | name: splunk-web-port 11 | selector: 12 | app: splunk 13 | -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jay-johnson/deploy-to-kubernetes/3624ab187e7f4e7d0cb2a45816f24122d7385637/tests/__init__.py -------------------------------------------------------------------------------- /tests/base_test.py: -------------------------------------------------------------------------------- 1 | import logging 2 | import unittest 3 | 4 | log = logging.getLogger("base_test") 5 | 6 | 7 | class BaseTestCase(unittest.TestCase): 8 | 9 | debug = False 10 | 11 | def setUp(self): 12 | if self.debug: 13 | print("setUp") 14 | # end of setUp 15 | 16 | def tearDown(self): 17 | if self.debug: 18 | print("tearDown") 19 | # end of tearDown 20 | 21 | # end of BaseTestCase 22 | -------------------------------------------------------------------------------- /tests/scaler-django-antinex-simple.json: -------------------------------------------------------------------------------- 1 | { 2 | "label": "Django-AntiNex-Simple-Scaler-DNN", 3 | "dataset": "./drf_network_pipeline/tests/datasets/cleaned_attack_scans.csv", 4 | "ml_type": "classification", 5 | "predict_feature": "label_value", 6 | "features_to_process": [ 7 | "eth_type", 8 | "idx", 9 | "ip_ihl", 10 | "ip_len", 11 | "ip_tos", 12 | "ip_version", 13 | "tcp_dport", 14 | "tcp_fields_options.MSS", 15 | "tcp_fields_options.Timestamp", 16 | "tcp_fields_options.WScale", 17 | "tcp_seq", 18 | "tcp_sport" 19 | ], 20 | "ignore_features": [ 21 | ], 22 | "sort_values": [ 23 | ], 24 | "seed": 42, 25 | "test_size": 0.2, 26 | "batch_size": 32, 27 | "epochs": 10, 28 | "num_splits": 2, 29 | "loss": "binary_crossentropy", 30 | "optimizer": "adam", 31 | "metrics": [ 32 | "accuracy" 33 | ], 34 | "histories": [ 35 | "val_loss", 36 | "val_acc", 37 | "loss", 38 | "acc" 39 | ], 40 | "model_desc": { 41 | "layers": [ 42 | { 43 | "num_neurons": 250, 44 | "init": "uniform", 45 | "activation": "relu" 46 | }, 47 | { 48 | "num_neurons": 1, 49 | "init": "uniform", 50 | "activation": "sigmoid" 51 | } 52 | ] 53 | }, 54 | "label_rules": { 55 | "labels": [ 56 | "not_attack", 57 | "not_attack", 58 | "attack" 59 | ], 60 | "label_values": [ 61 | -1, 62 | 0, 63 | 1 64 | ] 65 | }, 66 | "version": 1 67 | } 68 | -------------------------------------------------------------------------------- /tests/scaler-regression.json: -------------------------------------------------------------------------------- 1 | { 2 | "label": "Scaler-Close-Regression", 3 | "dataset": "/opt/antinex/api/webapp/drf_network_pipeline/tests/datasets/stock.csv", 4 | "ml_type": "regression", 5 | "predict_feature": "close", 6 | "features_to_process": [ 7 | "high", 8 | "low", 9 | "open", 10 | "volume" 11 | ], 12 | "ignore_features": [], 13 | "sort_values": [], 14 | "seed": 7, 15 | "test_size": 0.2, 16 | "batch_size": 32, 17 | "epochs": 50, 18 | "num_splits": 2, 19 | "loss": "mse", 20 | "optimizer": "adam", 21 | "metrics": [ 22 | "accuracy" 23 | ], 24 | "model_desc": { 25 | "layers": [ 26 | { 27 | "activation": "relu", 28 | "init": "uniform", 29 | "num_neurons": 200 30 | }, 31 | { 32 | "activation": null, 33 | "init": "uniform", 34 | "num_neurons": 1 35 | } 36 | ] 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /tests/test_functional.py: -------------------------------------------------------------------------------- 1 | from tests.base_test import BaseTestCase 2 | 3 | 4 | class FunctionalTest(BaseTestCase): 5 | 6 | def test_unittest_works(self): 7 | self.assertEqual(1, 1) 8 | # end of test_unittest_works 9 | 10 | # end of FunctionalTest 11 | -------------------------------------------------------------------------------- /tools/cluster-reset.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | test_user=$(whoami) 13 | if [[ "${test_user}" != "root" ]]; then 14 | err "please run as root" 15 | exit 1 16 | fi 17 | 18 | anmt "---------------------------------------------" 19 | inf "running: kubeadm reset -f" 20 | 21 | kubeadm reset -f 22 | 23 | if [[ "${1}" == "fast" ]]; then 24 | anmt "running: ./tools/fast-prepare.sh" 25 | ./tools/fast-prepare.sh 26 | elif [[ "${1}" == "clean" ]]; then 27 | anmt "running: ./prepare.sh clean" 28 | ./prepare.sh clean 29 | else 30 | anmt "running: ./prepare.sh splunk ceph" 31 | ./prepare.sh splunk ceph 32 | fi 33 | 34 | inf "done - running: kubeadm reset and prepare" 35 | anmt "---------------------------------------------" 36 | 37 | exit 0 38 | -------------------------------------------------------------------------------- /tools/pods-system.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | good "kubectl get pods -n kube-system" 29 | 30 | kubectl get pods -n kube-system 31 | -------------------------------------------------------------------------------- /tools/reset-flannel-cni-networks.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | user_test=$(whoami) 13 | if [[ "${user_test}" != "root" ]]; then 14 | err "please run as root" 15 | exit 1 16 | fi 17 | 18 | dir_to_check="/var/lib/cni/networks/cbr0" 19 | anmt "-------------------------" 20 | anmt "removing flannel-created cni files in directory: ${dir_to_check}" 21 | 22 | cur_dir=$(pwd) 23 | cd ${dir_to_check} 24 | for hash in $(tail -n +1 * | egrep '^[A-Za-z0-9]{64,64}$'); do 25 | if [ -z $(crictl pods --no-trunc | grep $hash | awk '{print $1}') ]; then 26 | grep -ilr $hash ./ | xargs rm 27 | fi; 28 | done 29 | cd ${cur_dir} 30 | 31 | anmt "done - removing flannel-created cni files in directory: ${dir_to_check}" 32 | anmt "-------------------------" 33 | 34 | exit 0 35 | -------------------------------------------------------------------------------- /tools/show-k8-ca-cert-hash.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \ 29 | openssl dgst -sha256 -hex | sed 's/^.* //' 30 | -------------------------------------------------------------------------------- /tools/update-k8.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | anmt "-------------------------" 13 | anmt "installing kubernetes updates on $(hostname) with command:" 14 | inf "yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes" 15 | yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes 16 | 17 | anmt "done - installing kubernetes updates on $(hostname) with command:" 18 | anmt "-------------------------" 19 | -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- 1 | [tox] 2 | envlist = 3 | 3.5 4 | 3.6 5 | flake8 6 | flakeplus 7 | configcheck 8 | pydocstyle 9 | 10 | basepython = 11 | 3.5: python3.5 12 | 3.6,flake8,flakeplus,configcheck,pydocstyle: python3 13 | 14 | [flake8] 15 | max-line-length = 80 16 | exclude = ./setup.py,.tox/*,./build/*,./.eggs/*,./postgres/.pgdeployment/* 17 | 18 | [pycodestyle] 19 | exclude = build,.eggs,.tox,./postgres/.pgdeployment/* 20 | 21 | [testenv:lint] 22 | deps = flake8 23 | commands = flake8 24 | -------------------------------------------------------------------------------- /user-install-kubeconfig.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | anmt "-------------------------" 13 | anmt "installing kubernetes config for user on $(hostname) to $HOME/.kube/config" 14 | 15 | mkdir -p $HOME/.kube 16 | if [[ -e $HOME/.kube/config ]]; then 17 | rm -f $HOME/.kube/config >> /dev/null 2>&1 18 | fi 19 | 20 | if [[ -e /etc/kubernetes/admin.conf ]]; then 21 | sudo chmod 666 /etc/kubernetes/admin.conf 22 | fi 23 | 24 | good "installing admin kubernetes config credentials using sudo" 25 | sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config 26 | 27 | inf "listing tokens:" 28 | kubeadm token list 29 | 30 | inf "listing pods:" 31 | kubectl get pods 32 | 33 | inf "listing nodes:" 34 | kubectl get nodes 35 | 36 | good "done installing kubernetes config credentials: ${HOME}/.kube/config" 37 | 38 | exit 0 39 | -------------------------------------------------------------------------------- /worker/_uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | warn "------------------------------------------" 29 | warn "deleting worker" 30 | inf "" 31 | 32 | inf "deleting deployment: worker" 33 | kubectl delete deployment worker 34 | inf "" 35 | 36 | inf "deleting secrets: worker" 37 | kubectl delete secret worker-secret 38 | inf "" 39 | 40 | good "done deleting: worker" 41 | -------------------------------------------------------------------------------- /worker/logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="worker" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl logs -f ${pod_name} -n ${use_namespace}" 33 | 34 | kubectl logs \ 35 | -f ${pod_name} \ 36 | -n ${use_namespace} 37 | -------------------------------------------------------------------------------- /worker/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | if [[ -e /opt/deploy-to-kubernetes/tools/bash_colors.sh ]]; then 5 | source /opt/deploy-to-kubernetes/tools/bash_colors.sh 6 | elif [[ -e ./tools/bash_colors.sh ]]; then 7 | source ./tools/bash_colors.sh 8 | elif [[ -e ../tools/bash_colors.sh ]]; then 9 | source ../tools/bash_colors.sh 10 | fi 11 | 12 | deploy_suffix="" 13 | if [[ "${1}" == "splunk" ]]; then 14 | deploy_suffix="-splunk" 15 | fi 16 | 17 | use_path="." 18 | if [[ ! -e deployment.yml ]]; then 19 | use_path="./worker" 20 | fi 21 | 22 | anmt "----------------------------------------------------------------------------------------" 23 | anmt "deploying worker: https://github.com/jay-johnson/deploy-to-kubernetes/blob/master/worker" 24 | inf "" 25 | 26 | inf "applying secrets" 27 | kubectl apply -f ${use_path}/secrets.yml 28 | inf "" 29 | 30 | deploy_file=${use_path}/deployment${deploy_suffix}.yml 31 | warn "applying deployment: ${deploy_file}" 32 | kubectl apply -f ${deploy_file} 33 | inf "" 34 | 35 | good "done deploying: worker" 36 | -------------------------------------------------------------------------------- /worker/secrets.yml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: worker.user 5 | type: Opaque 6 | data: 7 | # echo -n "trex" | base64 8 | username: dHJleA== 9 | # echo -n "123321" | base64 10 | password: MTIzMzIx 11 | --- 12 | apiVersion: v1 13 | kind: Secret 14 | metadata: 15 | name: worker.db 16 | type: Opaque 17 | data: 18 | # echo -n "antinex" | base64 19 | username: YW50aW5leA== 20 | # echo -n "antinex" | base64 21 | password: YW50aW5leA== 22 | # echo -n "webapp" | base64 23 | dbname: d2ViYXBw 24 | --- 25 | apiVersion: v1 26 | kind: Secret 27 | metadata: 28 | name: worker.redis 29 | type: Opaque 30 | data: 31 | # echo -n "123321" | base64 32 | password: MTIzMzIx 33 | -------------------------------------------------------------------------------- /worker/ssh.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="worker" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | good "kubectl exec -it ${pod_name} -n ${use_namespace} bash" 33 | 34 | kubectl exec -it \ 35 | ${pod_name} \ 36 | -n ${use_namespace} \ 37 | bash 38 | -------------------------------------------------------------------------------- /worker/view-env.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # use the bash_colors.sh file 4 | found_colors="./tools/bash_colors.sh" 5 | if [[ "${DISABLE_COLORS}" == "" ]] && [[ "${found_colors}" != "" ]] && [[ -e ${found_colors} ]]; then 6 | . ${found_colors} 7 | else 8 | inf() { 9 | echo "$@" 10 | } 11 | anmt() { 12 | echo "$@" 13 | } 14 | good() { 15 | echo "$@" 16 | } 17 | err() { 18 | echo "$@" 19 | } 20 | critical() { 21 | echo "$@" 22 | } 23 | warn() { 24 | echo "$@" 25 | } 26 | fi 27 | 28 | use_namespace="default" 29 | app_name="worker" 30 | pod_name=$(kubectl get pods -n ${use_namespace} | awk '{print $1}' | grep ${app_name} | head -1) 31 | 32 | inf "" 33 | anmt "-----------------------------------------" 34 | good "getting worker environment variables" 35 | kubectl exec -it \ 36 | ${pod_name} \ 37 | -n ${use_namespace} \ 38 | env | sort 39 | --------------------------------------------------------------------------------