├── LICENSE ├── README.md ├── appendix.1.2 └── manifests │ └── psp │ ├── privileged.yaml │ └── restricted.yaml ├── appendix.1.3 └── manifests │ └── psp │ ├── privileged.yaml │ ├── psp-privileged-nodes.yaml │ ├── psp-privileged-sa.yaml │ ├── psp-privileged.yaml │ ├── psp-restricted.yaml │ └── restricted.yaml ├── appendix.1.4 └── manifests │ └── psp │ ├── developper.yaml │ ├── privileged.yaml │ ├── psp-developper.yaml │ ├── psp-privileged-nodes.yaml │ ├── psp-privileged-sa.yaml │ ├── psp-privileged.yaml │ ├── psp-restricted.yaml │ └── restricted.yaml ├── ch1.1.2 ├── .dockerignore ├── .gitignore ├── Dockerfile ├── package-lock.json ├── package.json └── server.js ├── ch1.1.3 └── my-rs.yaml ├── ch1.3.1 └── my-namespace.yaml ├── ch1.3.2 └── my-pod.yaml ├── ch1.3.3 ├── my-pod.yaml └── my-service.yaml ├── ch1.3.4 └── my-rs.yaml ├── ch1.3.5 └── my-deploy.yaml ├── ch1.3.6 └── my-svc.yaml ├── ch1.3.7 ├── cm-arg.yaml ├── cm-env.yaml ├── cm-env2.yaml ├── cm-volume.yaml └── my-cm.yaml ├── ch1.3.8 ├── secret-env.yaml ├── secret-volume.yaml └── username ├── ch3.2 └── image │ ├── Dockerfile │ └── mm_entrypoint.sh ├── ch3.4.1.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── db-deploy.yaml │ └── mattermost-deploy.yaml ├── ch3.4.1.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── db-deploy.yaml │ └── mattermost-deploy.yaml ├── ch3.4.2.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm.yaml │ ├── db-deploy.yaml │ └── mattermost-deploy.yaml ├── ch3.4.2.2 ├── config.json ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ └── mattermost-deploy.yaml ├── ch3.4.3 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── mattermost-deploy.yaml │ └── secret.yaml ├── ch3.5.1.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ └── secret.yaml ├── ch3.5.1.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ └── secret.yaml ├── ch3.5.1 └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ └── secret.yaml ├── ch3.5.2 └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ └── secret.yaml ├── ch3.6.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-service.yaml │ └── secret.yaml ├── ch3.6.3 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ └── secret.yaml ├── ch3.7.4 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ └── secret.yaml ├── ch3.7.5 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── db-deploy.yaml │ ├── db-service.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch3.7.6 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch3.7.7 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch3.8.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch3.8.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch6.1.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch6.2.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch6.2.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch7.3.1 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch7.3.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch7.3.3 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ └── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml ├── ch7.4.2 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ ├── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml │ └── network-policy │ └── mattermost-ingress.yaml ├── ch7.4.5 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ ├── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml │ └── network-policy │ ├── mattermost-ingress.yaml │ └── np-all-deny.yaml ├── ch7.4.6 ├── image │ ├── Dockerfile │ └── mm_entrypoint.sh └── manifests │ ├── mattermost │ ├── cm-file.yaml │ ├── cm.yaml │ ├── mattermost-deploy.yaml │ ├── mattermost-hpa.yaml │ ├── mattermost-ingress.yaml │ ├── mattermost-pdb.yaml │ ├── mattermost-service.yaml │ ├── mysql-cm-backup.yaml │ ├── mysql-cm-script.yaml │ ├── mysql-cronjob.yaml │ ├── mysql-job.yaml │ ├── mysql-pv.yaml │ ├── mysql-pvc.yaml │ ├── mysql-sts.yaml │ ├── mysql-svc-read.yaml │ ├── mysql-svc.yaml │ └── secret.yaml │ └── network-policy │ ├── mattermost-ingress.yaml │ ├── np-all-deny.yaml │ ├── np-mattermost.yaml │ └── np-mysql.yaml ├── ch8.2.5 └── prometheus.yaml ├── ch8.2.6 ├── kube-state-metrics.yaml ├── mysqld-exporter.yaml └── node-exporter.yaml └── ch8.2.7 ├── grafana-dashboards.yaml ├── grafana-updated.yaml └── grafana.yaml /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2018 Kubernetes practical guide authors 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining 6 | a copy of this software and associated documentation files (the 7 | "Software"), to deal in the Software without restriction, including 8 | without limitation the rights to use, copy, modify, merge, publish, 9 | distribute, sublicense, and/or sell copies of the Software, and to 10 | permit persons to whom the Software is furnished to do so, subject to 11 | the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be 14 | included in all copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 19 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 20 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 21 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 22 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 『Kubernetes実践入門 プロダクションレディなコンテナ&アプリケーションの作り方』のサンプルコード 2 | 3 | [『Kubernetes実践入門 プロダクションレディなコンテナ&アプリケーションの作り方』](https://gihyo.jp/book/2019/978-4-297-10438-2)(技術評論社)のサンプルコードです。 4 | 5 | サンプルコードは、章、節、項ごとにディレクトリが分かれており、第3章以降のディレクトリでは、ディレクトリに含まれるKubernetesマニフェストファイルをKubernetesクラスタに適用すると、その章、節、項の状態を再現できます。たとえば、3.4.3項の状態を再現する場合は、次のようにコマンドを実行してください。 6 | 7 | ``` 8 | $ git clone https://github.com/kubernetes-practical-guide/examples.git && cd examples 9 | $ kubectl apply -f ch3.4.3/manifests/mattermost/ 10 | ``` 11 | 12 | ## お問い合わせ 13 | 14 | サンプルコードに関するお問い合わせは、下記の技術評論社サイトからお願いいたします。 15 | 16 | - https://gihyo.jp/site/inquiry/book?ISBN=978-4-297-10438-2 17 | -------------------------------------------------------------------------------- /appendix.1.2/manifests/psp/privileged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodSecurityPolicy 3 | metadata: 4 | name: privileged 5 | annotations: 6 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' 7 | spec: 8 | privileged: true 9 | allowPrivilegeEscalation: true 10 | allowedCapabilities: 11 | - '*' 12 | volumes: 13 | - '*' 14 | hostNetwork: true 15 | hostPorts: 16 | - min: 0 17 | max: 65535 18 | hostIPC: true 19 | hostPID: true 20 | runAsUser: 21 | rule: 'RunAsAny' 22 | seLinux: 23 | rule: 'RunAsAny' 24 | supplementalGroups: 25 | rule: 'RunAsAny' 26 | fsGroup: 27 | rule: 'RunAsAny' 28 | -------------------------------------------------------------------------------- /appendix.1.2/manifests/psp/restricted.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodSecurityPolicy 3 | metadata: 4 | name: restricted 5 | annotations: 6 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' 7 | seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 8 | spec: 9 | privileged: false 10 | allowPrivilegeEscalation: false 11 | requiredDropCapabilities: 12 | - ALL 13 | volumes: 14 | - 'configMap' 15 | - 'emptyDir' 16 | - 'projected' 17 | - 'secret' 18 | - 'downwardAPI' 19 | - 'persistentVolumeClaim' 20 | hostNetwork: false 21 | hostIPC: false 22 | hostPID: false 23 | runAsUser: 24 | rule: 'MustRunAsNonRoot' 25 | seLinux: 26 | rule: 'RunAsAny' 27 | supplementalGroups: 28 | rule: 'MustRunAs' 29 | ranges: 30 | - min: 1 31 | max: 65535 32 | fsGroup: 33 | rule: 'MustRunAs' 34 | ranges: 35 | - min: 1 36 | max: 65535 37 | readOnlyRootFilesystem: false 38 | -------------------------------------------------------------------------------- /appendix.1.3/manifests/psp/privileged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodSecurityPolicy 3 | metadata: 4 | name: privileged 5 | annotations: 6 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' 7 | spec: 8 | privileged: true 9 | allowPrivilegeEscalation: true 10 | allowedCapabilities: 11 | - '*' 12 | volumes: 13 | - '*' 14 | hostNetwork: true 15 | hostPorts: 16 | - min: 0 17 | max: 65535 18 | hostIPC: true 19 | hostPID: true 20 | runAsUser: 21 | rule: 'RunAsAny' 22 | seLinux: 23 | rule: 'RunAsAny' 24 | supplementalGroups: 25 | rule: 'RunAsAny' 26 | fsGroup: 27 | rule: 'RunAsAny' 28 | -------------------------------------------------------------------------------- /appendix.1.3/manifests/psp/psp-privileged-nodes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: psp-privileged-nodes 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: psp-privileged 9 | subjects: 10 | - apiGroup: rbac.authorization.k8s.io 11 | kind: Group 12 | name: system:nodes 13 | -------------------------------------------------------------------------------- /appendix.1.3/manifests/psp/psp-privileged-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: psp-privileged-sa 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: psp-privileged 9 | subjects: 10 | - kind: ServiceAccount 11 | name: kube-proxy 12 | namespace: kube-system 13 | - kind: ServiceAccount 14 | name: coredns 15 | namespace: kube-system 16 | -------------------------------------------------------------------------------- /appendix.1.3/manifests/psp/psp-privileged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: psp-privileged 5 | rules: 6 | - apiGroups: 7 | - extensions 8 | resourceNames: 9 | - privileged 10 | resources: 11 | - podsecuritypolicies 12 | verbs: 13 | - use 14 | -------------------------------------------------------------------------------- /appendix.1.3/manifests/psp/psp-restricted.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: psp-restricted 5 | rules: 6 | - apiGroups: 7 | - extensions 8 | resourceNames: 9 | - restricted 10 | resources: 11 | - podsecuritypolicies 12 | verbs: 13 | - use 14 | --- 15 | apiVersion: rbac.authorization.k8s.io/v1beta1 16 | kind: ClusterRoleBinding 17 | metadata: 18 | name: psp-restricted 19 | roleRef: 20 | apiGroup: rbac.authorization.k8s.io 21 | kind: ClusterRole 22 | name: psp-restricted 23 | subjects: 24 | - apiGroup: rbac.authorization.k8s.io 25 | kind: Group 26 | name: system:authenticated 27 | -------------------------------------------------------------------------------- /appendix.1.3/manifests/psp/restricted.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodSecurityPolicy 3 | metadata: 4 | name: restricted 5 | annotations: 6 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' 7 | seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 8 | spec: 9 | privileged: false 10 | allowPrivilegeEscalation: false 11 | requiredDropCapabilities: 12 | - ALL 13 | volumes: 14 | - 'configMap' 15 | - 'emptyDir' 16 | - 'projected' 17 | - 'secret' 18 | - 'downwardAPI' 19 | - 'persistentVolumeClaim' 20 | hostNetwork: false 21 | hostIPC: false 22 | hostPID: false 23 | runAsUser: 24 | rule: 'MustRunAsNonRoot' 25 | seLinux: 26 | rule: 'RunAsAny' 27 | supplementalGroups: 28 | rule: 'MustRunAs' 29 | ranges: 30 | - min: 1 31 | max: 65535 32 | fsGroup: 33 | rule: 'MustRunAs' 34 | ranges: 35 | - min: 1 36 | max: 65535 37 | readOnlyRootFilesystem: false 38 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/developper.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: developper 5 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/privileged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodSecurityPolicy 3 | metadata: 4 | name: privileged 5 | annotations: 6 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' 7 | spec: 8 | privileged: true 9 | allowPrivilegeEscalation: true 10 | allowedCapabilities: 11 | - '*' 12 | volumes: 13 | - '*' 14 | hostNetwork: true 15 | hostPorts: 16 | - min: 0 17 | max: 65535 18 | hostIPC: true 19 | hostPID: true 20 | runAsUser: 21 | rule: 'RunAsAny' 22 | seLinux: 23 | rule: 'RunAsAny' 24 | supplementalGroups: 25 | rule: 'RunAsAny' 26 | fsGroup: 27 | rule: 'RunAsAny' 28 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/psp-developper.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: psp-developper 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: psp-restricted 9 | subjects: 10 | - kind: ServiceAccount 11 | name: developper 12 | namespace: default 13 | --- 14 | apiVersion: rbac.authorization.k8s.io/v1beta1 15 | kind: ClusterRoleBinding 16 | metadata: 17 | creationTimestamp: null 18 | name: psp-developper-edit 19 | roleRef: 20 | apiGroup: rbac.authorization.k8s.io 21 | kind: ClusterRole 22 | name: edit 23 | subjects: 24 | - kind: ServiceAccount 25 | name: developper 26 | namespace: default 27 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/psp-privileged-nodes.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: psp-privileged-nodes 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: psp-privileged 9 | subjects: 10 | - apiGroup: rbac.authorization.k8s.io 11 | kind: Group 12 | name: system:nodes 13 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/psp-privileged-sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1beta1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: psp-privileged-sa 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: psp-privileged 9 | subjects: 10 | - kind: ServiceAccount 11 | name: kube-proxy 12 | namespace: kube-system 13 | - kind: ServiceAccount 14 | name: coredns 15 | namespace: kube-system 16 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/psp-privileged.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: psp-privileged 5 | rules: 6 | - apiGroups: 7 | - extensions 8 | resourceNames: 9 | - privileged 10 | resources: 11 | - podsecuritypolicies 12 | verbs: 13 | - use 14 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/psp-restricted.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: psp-restricted 5 | rules: 6 | - apiGroups: 7 | - extensions 8 | resourceNames: 9 | - restricted 10 | resources: 11 | - podsecuritypolicies 12 | verbs: 13 | - use 14 | --- 15 | apiVersion: rbac.authorization.k8s.io/v1beta1 16 | kind: ClusterRoleBinding 17 | metadata: 18 | name: psp-restricted 19 | roleRef: 20 | apiGroup: rbac.authorization.k8s.io 21 | kind: ClusterRole 22 | name: psp-restricted 23 | subjects: 24 | - apiGroup: rbac.authorization.k8s.io 25 | kind: Group 26 | name: system:authenticated 27 | -------------------------------------------------------------------------------- /appendix.1.4/manifests/psp/restricted.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodSecurityPolicy 3 | metadata: 4 | name: restricted 5 | annotations: 6 | seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' 7 | seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 8 | spec: 9 | privileged: false 10 | allowPrivilegeEscalation: false 11 | requiredDropCapabilities: 12 | - ALL 13 | volumes: 14 | - 'configMap' 15 | - 'emptyDir' 16 | - 'projected' 17 | - 'secret' 18 | - 'downwardAPI' 19 | - 'persistentVolumeClaim' 20 | hostNetwork: false 21 | hostIPC: false 22 | hostPID: false 23 | runAsUser: 24 | rule: 'MustRunAsNonRoot' 25 | seLinux: 26 | rule: 'RunAsAny' 27 | supplementalGroups: 28 | rule: 'MustRunAs' 29 | ranges: 30 | - min: 1 31 | max: 65535 32 | fsGroup: 33 | rule: 'MustRunAs' 34 | ranges: 35 | - min: 1 36 | max: 65535 37 | readOnlyRootFilesystem: false 38 | -------------------------------------------------------------------------------- /ch1.1.2/.dockerignore: -------------------------------------------------------------------------------- 1 | /node_modules 2 | -------------------------------------------------------------------------------- /ch1.1.2/.gitignore: -------------------------------------------------------------------------------- 1 | /node_modules 2 | -------------------------------------------------------------------------------- /ch1.1.2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/node:10.11.0 2 | 3 | WORKDIR /src/app 4 | 5 | COPY package*.json ./ 6 | 7 | RUN set -x && \ 8 | npm install --production 9 | 10 | COPY . . 11 | 12 | ENV NODE_ENV production 13 | USER node 14 | EXPOSE 8080 15 | CMD ["npm", "start"] 16 | -------------------------------------------------------------------------------- /ch1.1.2/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "app", 3 | "version": "1.0.0", 4 | "description": "", 5 | "main": "index.js", 6 | "scripts": { 7 | "start": "node server.js", 8 | "test": "echo \"Error: no test specified\" && exit 1" 9 | }, 10 | "author": "", 11 | "license": "MIT", 12 | "dependencies": { 13 | "express": "^4.16.3" 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /ch1.1.2/server.js: -------------------------------------------------------------------------------- 1 | "use strict"; 2 | 3 | const express = require("express"); 4 | const app = express(); 5 | 6 | app.get("/", (req, res) => { 7 | res.send("Hello World"); 8 | }); 9 | 10 | app.listen(8080); 11 | -------------------------------------------------------------------------------- /ch1.1.3/my-rs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: ReplicaSet 3 | metadata: 4 | name: my-rs 5 | spec: 6 | replicas: 3 #コンテナを作成する数 7 | selector: 8 | matchLabels: 9 | app: my-rs 10 | template: #コンテナの設定情報 11 | metadata: 12 | labels: 13 | app: my-rs 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: k8spracticalguide/nginx:1.15.5 #コンテナイメージの指定 18 | -------------------------------------------------------------------------------- /ch1.3.1/my-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: my-namespace #オブジェクト名 (1) 5 | -------------------------------------------------------------------------------- /ch1.3.2/my-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: my-pod # このオブジェクトの名前 5 | spec: 6 | containers: # Podに含むコンテナのリスト (1) 7 | - name: nginx # コンテナの名前 8 | image: k8spracticalguide/nginx:1.15.5 # コンテナイメージ 9 | ports: 10 | - containerPort: 80 11 | -------------------------------------------------------------------------------- /ch1.3.3/my-pod.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: # 全てのオブジェクトが共通で持つメタ情報 (1) 4 | name: my-pod 5 | namespace: my-namespace 6 | labels: # Labelの設定 (2) 7 | environment: production 8 | release: canary 9 | spec: 10 | spec: 11 | containers: # Podに含むコンテナのリスト (1) 12 | - name: nginx # コンテナの名前 13 | image: k8spracticalguide/nginx:1.15.5 # コンテナイメージ 14 | ports: 15 | - containerPort: 80 16 | -------------------------------------------------------------------------------- /ch1.3.3/my-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: my-service 5 | annotations: # Annotationの設定 (2) 6 | prometheus.io/scrape: "true" 7 | prometheus.io/path: "/metrics" 8 | prometheus.io/port: "9102" 9 | spec: 10 | selector: 11 | app: my-app 12 | ports: 13 | - port: 8080 14 | targetPort: 80 15 | -------------------------------------------------------------------------------- /ch1.3.4/my-rs.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: ReplicaSet 3 | metadata: 4 | name: my-rs 5 | spec: 6 | replicas: 3 #Podレプリカ数 (1) 7 | selector: 8 | matchLabels: 9 | app: my-rs 10 | template: #Podレプリカの元となるPodテンプレート (2) 11 | metadata: 12 | labels: 13 | app: my-rs 14 | spec: 15 | containers: 16 | - name: nginx 17 | image: k8spracticalguide/nginx:1.15.5 18 | -------------------------------------------------------------------------------- /ch1.3.5/my-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: my-deploy 5 | spec: 6 | replicas: 3 #Podレプリカの数 7 | strategy: #デプロイ戦略の指定 (1) 8 | type: RollingUpdate 9 | rollingUpdate: # RollingUpdateの設定 (2) 10 | maxSurge: 25% 11 | maxUnavailable: 25% 12 | selector: 13 | matchLabels: 14 | app: my-deploy 15 | template: #Podテンプレート 16 | metadata: 17 | labels: 18 | app: my-deploy 19 | spec: 20 | containers: 21 | - name: nginx 22 | image: k8spracticalguide/nginx:1.15.5 23 | -------------------------------------------------------------------------------- /ch1.3.6/my-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: my-svc 5 | namespace: default 6 | spec: 7 | type: ClusterIP 8 | selector: # Podの集合をグルーピングするLabelセレクタ (1) 9 | app: nginx 10 | ports: # 公開するポートのリスト (2) 11 | - protocol: TCP 12 | port: 8080 #サービスが公開するポート 13 | targetPort: 80 #転送先のPodのポート 14 | -------------------------------------------------------------------------------- /ch1.3.7/cm-arg.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: cm-arg 5 | spec: 6 | restartPolicy: Never # 再起動のポリシー 7 | containers: 8 | - name: busybox 9 | image: k8spracticalguide/busybox:1.28 10 | command: ["/bin/sh", "-c", "echo $(DATABASE_HOST)"] # 環境変数として定義したConfigMapを参照する (6) 11 | env: # 環境変数として設定 12 | - name: DATABASE_HOST # 設定する環境変数名 13 | valueFrom: 14 | configMapKeyRef: 15 | name: my-cm # ConfigMap名を指定 16 | key: DATABASE_HOST # ConfigMapのキー名を指定 17 | -------------------------------------------------------------------------------- /ch1.3.7/cm-env.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: cm-env 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: k8spracticalguide/nginx:1.15.5 9 | ports: 10 | - containerPort: 80 11 | env: # コンテナで設定される環境変数のリスト (4) 12 | - name: DATABASE_HOST # 設定する環境変数名 13 | valueFrom: 14 | configMapKeyRef: 15 | name: my-cm # ConfigMap名を指定 16 | key: DATABASE_HOST # ConfigMapのキー名を指定 17 | -------------------------------------------------------------------------------- /ch1.3.7/cm-env2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: cm-env2 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: k8spracticalguide/nginx:1.15.5 9 | envFrom: # ConfigMap my-cmの全てのdataが環境変数として定義される (5) 10 | - configMapRef: 11 | name: my-cm 12 | -------------------------------------------------------------------------------- /ch1.3.7/cm-volume.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: cm-volume 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: k8spracticalguide/nginx:1.15.5 9 | ports: 10 | - containerPort: 80 11 | volumeMounts: # コンテナ内でマウントするVolumeのリスト (3) 12 | - name: my-cm # 下記のVolumeの名前と一致しなければならない 13 | readOnly: true 14 | mountPath: /var/nginx 15 | volumes: # コンテナでマウントするVolumeのリスト (2) 16 | - name: my-cm # Volumeの名前 17 | configMap: 18 | name: my-cm # ConfigMap名と一致しなければならない 19 | items: # 省略するとdataの全てがファイルとして配置される 20 | - key: nginx.conf # dataのキー名 21 | path: nginx.conf # 別名として配置することもできる 22 | -------------------------------------------------------------------------------- /ch1.3.7/my-cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: my-cm 5 | data: # キーバリューで設定情報を格納する (1) 6 | DATABASE_HOST: db.example.com 7 | nginx.conf: | 8 | server{ 9 | listen 80 default; 10 | server_name _; 11 | access_log /dev/stdout; 12 | 13 | location / { 14 | root /var/www/html; 15 | index index.html; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /ch1.3.8/secret-env.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: secret-env 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: k8spracticalguide/nginx:1.15.5 9 | ports: 10 | - containerPort: 80 11 | env: 12 | - name: SECRET_PASSWORD # 設定する環境変数名 13 | valueFrom: 14 | secretKeyRef: # 環境変数の値として利用するSecretのキーの参照 (2) 15 | name: mysecret # Secret名を指定する 16 | key: password # Secretのキー名を指定 17 | -------------------------------------------------------------------------------- /ch1.3.8/secret-volume.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: secret-volume 5 | spec: 6 | containers: 7 | - name: nginx 8 | image: k8spracticalguide/nginx:1.15.5 9 | ports: 10 | - containerPort: 80 11 | volumeMounts: 12 | - name: mysecret-volume # 下記の Volume 名と一致しなければならない 13 | readOnly: true 14 | mountPath: /secrets/mysecret 15 | volumes: 16 | - name: mysecret-volume 17 | secret: # Volumeとして投入するSecretの設定 (1) 18 | secretName: mysecret # Secret 名と一致しなければならない 19 | -------------------------------------------------------------------------------- /ch1.3.8/username: -------------------------------------------------------------------------------- 1 | my-username -------------------------------------------------------------------------------- /ch3.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.4.1.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.4.1.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.4.1.1/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /ch3.4.1.1/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | resources: {} 24 | status: {} 25 | -------------------------------------------------------------------------------- /ch3.4.1.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.4.1.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.4.1.2/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | env: 24 | - name: MYSQL_ROOT_PASSWORD 25 | value: rootpassword 26 | - name: MYSQL_USER 27 | value: myuser 28 | - name: MYSQL_PASSWORD 29 | value: mypassword 30 | - name: MYSQL_DATABASE 31 | value: mattermost 32 | resources: {} 33 | status: {} 34 | -------------------------------------------------------------------------------- /ch3.4.1.2/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | value: myuser 26 | - name: MM_PASSWORD 27 | value: mypassword 28 | - name: DB_NAME 29 | value: mattermost 30 | - name: DB_HOST 31 | value: "" 32 | resources: {} 33 | status: {} 34 | -------------------------------------------------------------------------------- /ch3.4.2.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.4.2.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.4.2.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_PASSWORD: mypassword 5 | MYSQL_USER: myuser 6 | kind: ConfigMap 7 | metadata: 8 | creationTimestamp: null 9 | name: common-env 10 | -------------------------------------------------------------------------------- /ch3.4.2.1/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | env: 24 | - name: MYSQL_ROOT_PASSWORD 25 | value: rootpassword 26 | envFrom: 27 | - configMapRef: 28 | name: common-env 29 | resources: {} 30 | status: {} 31 | -------------------------------------------------------------------------------- /ch3.4.2.1/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | configMapKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: "" 41 | resources: {} 42 | status: {} 43 | -------------------------------------------------------------------------------- /ch3.4.2.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.4.2.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.4.2.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_PASSWORD: mypassword 5 | MYSQL_USER: myuser 6 | kind: ConfigMap 7 | metadata: 8 | creationTimestamp: null 9 | name: common-env 10 | -------------------------------------------------------------------------------- /ch3.4.2.2/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | env: 24 | - name: MYSQL_ROOT_PASSWORD 25 | value: rootpassword 26 | envFrom: 27 | - configMapRef: 28 | name: common-env 29 | resources: {} 30 | status: {} 31 | -------------------------------------------------------------------------------- /ch3.4.2.2/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | configMapKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: "" 41 | resources: {} 42 | volumeMounts: 43 | - name: cm-volume 44 | mountPath: /mm/config 45 | volumes: 46 | - name: cm-volume 47 | configMap: 48 | name: mm-config-file 49 | items: 50 | - key: config.json 51 | path: config.json 52 | status: {} 53 | -------------------------------------------------------------------------------- /ch3.4.3/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.4.3/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.4.3/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.4.3/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.4.3/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: "" 41 | resources: {} 42 | volumeMounts: 43 | - name: cm-volume 44 | mountPath: /mm/config 45 | volumes: 46 | - name: cm-volume 47 | configMap: 48 | name: mm-config-file 49 | items: 50 | - key: config.json 51 | path: config.json 52 | status: {} 53 | -------------------------------------------------------------------------------- /ch3.4.3/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.5.1.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.5.1.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.5.1.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.5.1.1/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.5.1.1/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: mattermost-db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.5.1.1/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: "" 41 | resources: {} 42 | volumeMounts: 43 | - name: cm-volume 44 | mountPath: /mm/config 45 | volumes: 46 | - name: cm-volume 47 | configMap: 48 | name: mm-config-file 49 | items: 50 | - key: config.json 51 | path: config.json 52 | status: {} 53 | -------------------------------------------------------------------------------- /ch3.5.1.1/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.5.1.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.5.1.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.5.1.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.5.1.2/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.5.1.2/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.5.1.2/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | resources: {} 42 | volumeMounts: 43 | - name: cm-volume 44 | mountPath: /mm/config 45 | volumes: 46 | - name: cm-volume 47 | configMap: 48 | name: mm-config-file 49 | items: 50 | - key: config.json 51 | path: config.json 52 | status: {} 53 | -------------------------------------------------------------------------------- /ch3.5.1.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.5.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_PASSWORD: mypasswor 5 | MYSQL_USER: myuser 6 | kind: ConfigMap 7 | metadata: 8 | creationTimestamp: null 9 | name: common-env 10 | -------------------------------------------------------------------------------- /ch3.5.1/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | run: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | run: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | run: db 19 | spec: 20 | containers: 21 | - image: mysql:5.7.22 22 | name: db 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | ports: 29 | - containerPort: 3306 30 | resources: {} 31 | status: {} 32 | -------------------------------------------------------------------------------- /ch3.5.1/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: mattermost-db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.5.1/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | run: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 2 10 | selector: 11 | matchLabels: 12 | run: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | run: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: "" 41 | ports: 42 | - containerPort: 8065 43 | volumeMounts: 44 | - name: cm-volume 45 | mountPath: /mattermost/config 46 | volumes: 47 | - name: cm-volume 48 | configMap: 49 | name: mm-config-file 50 | items: 51 | - key: config.json 52 | path: config.json 53 | status: {} 54 | -------------------------------------------------------------------------------- /ch3.5.1/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZAo= 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.5.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_PASSWORD: mypasswor 5 | MYSQL_USER: myuser 6 | kind: ConfigMap 7 | metadata: 8 | creationTimestamp: null 9 | name: common-env 10 | -------------------------------------------------------------------------------- /ch3.5.2/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | run: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | run: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | run: db 19 | spec: 20 | containers: 21 | - image: mysql:5.7.22 22 | name: db 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | ports: 29 | - containerPort: 3306 30 | resources: {} 31 | status: {} 32 | -------------------------------------------------------------------------------- /ch3.5.2/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | run: db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.5.2/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1beta1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | run: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 2 10 | selector: 11 | matchLabels: 12 | run: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | run: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | ports: 42 | - containerPort: 8065 43 | volumeMounts: 44 | - name: cm-volume 45 | mountPath: /mattermost/config 46 | volumes: 47 | - name: cm-volume 48 | configMap: 49 | name: mm-config-file 50 | items: 51 | - key: config.json 52 | path: config.json 53 | status: {} 54 | -------------------------------------------------------------------------------- /ch3.5.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZAo= 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.6.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.6.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.6.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.6.1/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.6.1/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.6.1/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | resources: {} 42 | volumeMounts: 43 | - name: cm-volume 44 | mountPath: /mm/config 45 | volumes: 46 | - name: cm-volume 47 | configMap: 48 | name: mm-config-file 49 | items: 50 | - key: config.json 51 | path: config.json 52 | status: {} 53 | -------------------------------------------------------------------------------- /ch3.6.1/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.6.1/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.6.3/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.6.3/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | resources: {} 42 | volumeMounts: 43 | - name: cm-volume 44 | mountPath: /mm/config 45 | volumes: 46 | - name: cm-volume 47 | configMap: 48 | name: mm-config-file 49 | items: 50 | - key: config.json 51 | path: config.json 52 | status: {} 53 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.6.3/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.4/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.7.4/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | resources: {} 42 | status: {} 43 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch3.7.4/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.5/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.7.5/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/db-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: db 7 | name: db 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: db 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: db 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mysql:5.7.22 22 | name: mysql 23 | envFrom: 24 | - configMapRef: 25 | name: common-env 26 | - secretRef: 27 | name: common-env 28 | resources: {} 29 | status: {} 30 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/db-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost-db 7 | name: mattermost-db 8 | spec: 9 | ports: 10 | - name: "3306" 11 | port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | selector: 15 | app: db 16 | type: ClusterIP 17 | status: 18 | loadBalancer: {} 19 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | resources: {} 42 | status: {} 43 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | volumes: 47 | - name: initdb 48 | emptyDir: {} 49 | - name: confd 50 | emptyDir: {} 51 | - name: scripts 52 | configMap: 53 | name: mysql-scripts 54 | - name: backup 55 | persistentVolumeClaim: 56 | claimName: backup-mysql 57 | volumeClaimTemplates: 58 | - metadata: 59 | name: data 60 | spec: 61 | accessModes: ["ReadWriteOnce"] 62 | resources: 63 | requests: 64 | storage: 1Gi 65 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch3.7.5/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.6/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.7.6/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mattermost-db 41 | resources: {} 42 | status: {} 43 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | volumes: 47 | - name: initdb 48 | emptyDir: {} 49 | - name: confd 50 | emptyDir: {} 51 | - name: scripts 52 | configMap: 53 | name: mysql-scripts 54 | - name: backup 55 | persistentVolumeClaim: 56 | claimName: backup-mysql 57 | volumeClaimTemplates: 58 | - metadata: 59 | name: data 60 | spec: 61 | accessModes: ["ReadWriteOnce"] 62 | resources: 63 | requests: 64 | storage: 1Gi 65 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch3.7.6/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.7/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.7.7/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mysql-0.mysql 41 | - name: DB_PORT_NUMBER 42 | value: "3306" 43 | - name: MM_SQLSETTINGS_DRIVERNAME 44 | value: mysql 45 | - name: MM_SQLSETTINGS_DATASOURCE 46 | value: $(MM_USERNAME):$(MM_PASSWORD)@tcp(mysql-0.mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s 47 | ports: 48 | - containerPort: 8065 49 | volumeMounts: 50 | - name: cm-volume 51 | mountPath: /mm/config 52 | volumes: 53 | - name: cm-volume 54 | configMap: 55 | name: mm-config-file 56 | items: 57 | - key: config.json 58 | path: config.json 59 | status: {} 60 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | volumes: 47 | - name: initdb 48 | emptyDir: {} 49 | - name: confd 50 | emptyDir: {} 51 | - name: scripts 52 | configMap: 53 | name: mysql-scripts 54 | - name: backup 55 | persistentVolumeClaim: 56 | claimName: backup-mysql 57 | volumeClaimTemplates: 58 | - metadata: 59 | name: data 60 | spec: 61 | accessModes: ["ReadWriteOnce"] 62 | resources: 63 | requests: 64 | storage: 1Gi 65 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch3.7.7/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.8.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.8.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mysql-0.mysql 41 | - name: DB_PORT_NUMBER 42 | value: "3306" 43 | - name: MM_SQLSETTINGS_DRIVERNAME 44 | value: mysql 45 | - name: MM_SQLSETTINGS_DATASOURCE 46 | value: $(MM_USERNAME):$(MM_PASSWORD)@tcp(mysql-0.mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s 47 | ports: 48 | - containerPort: 8065 49 | volumeMounts: 50 | - name: cm-volume 51 | mountPath: /mm/config 52 | volumes: 53 | - name: cm-volume 54 | configMap: 55 | name: mm-config-file 56 | items: 57 | - key: config.json 58 | path: config.json 59 | status: {} 60 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | volumes: 47 | - name: initdb 48 | emptyDir: {} 49 | - name: confd 50 | emptyDir: {} 51 | - name: scripts 52 | configMap: 53 | name: mysql-scripts 54 | - name: backup 55 | persistentVolumeClaim: 56 | claimName: backup-mysql 57 | volumeClaimTemplates: 58 | - metadata: 59 | name: data 60 | spec: 61 | accessModes: ["ReadWriteOnce"] 62 | resources: 63 | requests: 64 | storage: 1Gi 65 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch3.8.1/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.8.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch3.8.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mysql-0.mysql 41 | - name: DB_PORT_NUMBER 42 | value: "3306" 43 | - name: MM_SQLSETTINGS_DRIVERNAME 44 | value: mysql 45 | - name: MM_SQLSETTINGS_DATASOURCE 46 | value: $(MM_USERNAME):$(MM_PASSWORD)@tcp(mysql-0.mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s 47 | ports: 48 | - containerPort: 8065 49 | volumeMounts: 50 | - name: cm-volume 51 | mountPath: /mm/config 52 | volumes: 53 | - name: cm-volume 54 | configMap: 55 | name: mm-config-file 56 | items: 57 | - key: config.json 58 | path: config.json 59 | status: {} 60 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | volumes: 47 | - name: initdb 48 | emptyDir: {} 49 | - name: confd 50 | emptyDir: {} 51 | - name: scripts 52 | configMap: 53 | name: mysql-scripts 54 | - name: backup 55 | persistentVolumeClaim: 56 | claimName: backup-mysql 57 | volumeClaimTemplates: 58 | - metadata: 59 | name: data 60 | spec: 61 | accessModes: ["ReadWriteOnce"] 62 | resources: 63 | requests: 64 | storage: 1Gi 65 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch3.8.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch6.1.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch6.1.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mattermost-deploy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mattermost 13 | strategy: {} 14 | template: 15 | metadata: 16 | creationTimestamp: null 17 | labels: 18 | app: mattermost 19 | spec: 20 | containers: 21 | - image: k8spracticalguide/mattermost:4.10.2 22 | name: mattermost 23 | env: 24 | - name: MM_USERNAME 25 | valueFrom: 26 | configMapKeyRef: 27 | name: common-env 28 | key: MYSQL_USER 29 | - name: MM_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | name: common-env 33 | key: MYSQL_PASSWORD 34 | - name: DB_NAME 35 | valueFrom: 36 | configMapKeyRef: 37 | name: common-env 38 | key: MYSQL_DATABASE 39 | - name: DB_HOST 40 | value: mysql-0.mysql 41 | - name: DB_PORT_NUMBER 42 | value: "3306" 43 | - name: MM_SQLSETTINGS_DRIVERNAME 44 | value: mysql 45 | - name: MM_SQLSETTINGS_DATASOURCE 46 | value: $(MM_USERNAME):$(MM_PASSWORD)@tcp(mysql-0.mysql:3306)/mattermost?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s 47 | ports: 48 | - containerPort: 8065 49 | volumeMounts: 50 | - name: cm-volume 51 | mountPath: /mm/config 52 | livenessProbe: 53 | initialDelaySeconds: 90 54 | timeoutSeconds: 5 55 | periodSeconds: 15 56 | httpGet: 57 | path: /api/v4/system/ping 58 | port: 8065 59 | readinessProbe: 60 | initialDelaySeconds: 15 61 | timeoutSeconds: 5 62 | periodSeconds: 15 63 | httpGet: 64 | path: /api/v4/system/ping 65 | port: 8065 66 | lifecycle: 67 | preStop: 68 | exec: 69 | command: 70 | - sleep 71 | - 5s 72 | volumes: 73 | - name: cm-volume 74 | configMap: 75 | name: mm-config-file 76 | items: 77 | - key: config.json 78 | path: config.json 79 | status: {} 80 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | livenessProbe: 47 | exec: 48 | command: 49 | - /bin/bash 50 | - -ec 51 | - >- 52 | mysqladmin -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} ping 53 | initialDelaySeconds: 5 54 | periodSeconds: 30 55 | timeoutSeconds: 5 56 | readinessProbe: 57 | exec: 58 | command: 59 | - /bin/bash 60 | - -ec 61 | - >- 62 | mysql -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} -e "SELECT 1" 63 | initialDelaySeconds: 5 64 | periodSeconds: 30 65 | timeoutSeconds: 5 66 | volumes: 67 | - name: initdb 68 | emptyDir: {} 69 | - name: confd 70 | emptyDir: {} 71 | - name: scripts 72 | configMap: 73 | name: mysql-scripts 74 | - name: backup 75 | persistentVolumeClaim: 76 | claimName: backup-mysql 77 | volumeClaimTemplates: 78 | - metadata: 79 | name: data 80 | spec: 81 | accessModes: ["ReadWriteOnce"] 82 | resources: 83 | requests: 84 | storage: 1Gi 85 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch6.1.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch6.2.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch6.2.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | livenessProbe: 47 | exec: 48 | command: 49 | - /bin/bash 50 | - -ec 51 | - >- 52 | mysqladmin -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} ping 53 | initialDelaySeconds: 5 54 | periodSeconds: 30 55 | timeoutSeconds: 5 56 | readinessProbe: 57 | exec: 58 | command: 59 | - /bin/bash 60 | - -ec 61 | - >- 62 | mysql -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} -e "SELECT 1" 63 | initialDelaySeconds: 5 64 | periodSeconds: 30 65 | timeoutSeconds: 5 66 | volumes: 67 | - name: initdb 68 | emptyDir: {} 69 | - name: confd 70 | emptyDir: {} 71 | - name: scripts 72 | configMap: 73 | name: mysql-scripts 74 | - name: backup 75 | persistentVolumeClaim: 76 | claimName: backup-mysql 77 | volumeClaimTemplates: 78 | - metadata: 79 | name: data 80 | spec: 81 | accessModes: ["ReadWriteOnce"] 82 | resources: 83 | requests: 84 | storage: 1Gi 85 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch6.2.1/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch6.2.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN chmod +x mm_entrypoint.sh 11 | ENTRYPOINT /mm/mm_entrypoint.sh 12 | -------------------------------------------------------------------------------- /ch6.2.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | livenessProbe: 47 | exec: 48 | command: 49 | - /bin/bash 50 | - -ec 51 | - >- 52 | mysqladmin -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} ping 53 | initialDelaySeconds: 5 54 | periodSeconds: 30 55 | timeoutSeconds: 5 56 | readinessProbe: 57 | exec: 58 | command: 59 | - /bin/bash 60 | - -ec 61 | - >- 62 | mysql -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} -e "SELECT 1" 63 | initialDelaySeconds: 5 64 | periodSeconds: 30 65 | timeoutSeconds: 5 66 | volumes: 67 | - name: initdb 68 | emptyDir: {} 69 | - name: confd 70 | emptyDir: {} 71 | - name: scripts 72 | configMap: 73 | name: mysql-scripts 74 | - name: backup 75 | persistentVolumeClaim: 76 | claimName: backup-mysql 77 | volumeClaimTemplates: 78 | - metadata: 79 | name: data 80 | spec: 81 | accessModes: ["ReadWriteOnce"] 82 | resources: 83 | requests: 84 | storage: 1Gi 85 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch6.2.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.3.1/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN apt-get update && apt-get install -y procps 11 | RUN chmod +x mm_entrypoint.sh 12 | ENTRYPOINT /mm/mm_entrypoint.sh 13 | -------------------------------------------------------------------------------- /ch7.3.1/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: mysql 5 | spec: 6 | serviceName: mysql 7 | selector: 8 | matchLabels: 9 | app: mysql 10 | updateStrategy: 11 | type: RollingUpdate 12 | replicas: 2 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | initContainers: 19 | - name: init-mysql 20 | image: k8spracticalguide/mysql:5.7.22 21 | command: ["bash", "/mnt/scripts/setup.sh"] 22 | volumeMounts: 23 | - name: confd 24 | mountPath: /mnt/conf.d 25 | - name: scripts 26 | mountPath: /mnt/scripts 27 | - name: initdb 28 | mountPath: /mnt/initdb 29 | containers: 30 | - name: mysql 31 | image: k8spracticalguide/mysql:5.7.22 32 | envFrom: 33 | - configMapRef: 34 | name: common-env 35 | - secretRef: 36 | name: common-env 37 | volumeMounts: 38 | - name: data 39 | mountPath: /var/lib/mysql 40 | - name: initdb 41 | mountPath: /docker-entrypoint-initdb.d 42 | - name: confd 43 | mountPath: /etc/mysql/conf.d 44 | - name: backup 45 | mountPath: /mnt/backup 46 | livenessProbe: 47 | exec: 48 | command: 49 | - /bin/bash 50 | - -ec 51 | - >- 52 | mysqladmin -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} ping 53 | initialDelaySeconds: 5 54 | periodSeconds: 30 55 | timeoutSeconds: 5 56 | readinessProbe: 57 | exec: 58 | command: 59 | - /bin/bash 60 | - -ec 61 | - >- 62 | mysql -h localhost --user=root --password=${MYSQL_ROOT_PASSWORD} -e "SELECT 1" 63 | initialDelaySeconds: 5 64 | periodSeconds: 30 65 | timeoutSeconds: 5 66 | volumes: 67 | - name: initdb 68 | emptyDir: {} 69 | - name: confd 70 | emptyDir: {} 71 | - name: scripts 72 | configMap: 73 | name: mysql-scripts 74 | - name: backup 75 | persistentVolumeClaim: 76 | claimName: backup-mysql 77 | volumeClaimTemplates: 78 | - metadata: 79 | name: data 80 | spec: 81 | accessModes: ["ReadWriteOnce"] 82 | resources: 83 | requests: 84 | storage: 1Gi 85 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch7.3.1/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.3.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN apt-get update && apt-get install -y procps 11 | RUN chmod +x mm_entrypoint.sh \ 12 | && groupadd -g 2000 mattermost \ 13 | && useradd -u 1000 -g mattermost mattermost \ 14 | && chown -R mattermost:mattermost ./ 15 | USER mattermost 16 | ENTRYPOINT /mm/mm_entrypoint.sh 17 | -------------------------------------------------------------------------------- /ch7.3.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch7.3.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.3.3/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN apt-get update && apt-get install -y procps 11 | RUN chmod +x mm_entrypoint.sh \ 12 | && groupadd -g 2000 mattermost \ 13 | && useradd -u 1000 -g mattermost mattermost \ 14 | && chown -R mattermost:mattermost ./ 15 | USER mattermost 16 | ENTRYPOINT /mm/mm_entrypoint.sh 17 | -------------------------------------------------------------------------------- /ch7.3.3/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch7.3.3/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.2/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN apt-get update && apt-get install -y procps 11 | RUN chmod +x mm_entrypoint.sh \ 12 | && groupadd -g 2000 mattermost \ 13 | && useradd -u 1000 -g mattermost mattermost \ 14 | && chown -R mattermost:mattermost ./ 15 | USER mattermost 16 | ENTRYPOINT /mm/mm_entrypoint.sh 17 | -------------------------------------------------------------------------------- /ch7.4.2/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.2/manifests/network-policy/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.127.0.0.1.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.4.5/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN apt-get update && apt-get install -y procps 11 | RUN chmod +x mm_entrypoint.sh \ 12 | && groupadd -g 2000 mattermost \ 13 | && useradd -u 1000 -g mattermost mattermost \ 14 | && chown -R mattermost:mattermost ./ 15 | USER mattermost 16 | ENTRYPOINT /mm/mm_entrypoint.sh 17 | -------------------------------------------------------------------------------- /ch7.4.5/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/network-policy/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.127.0.0.1.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.4.5/manifests/network-policy/np-all-deny.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: default-deny-all 5 | spec: 6 | podSelector: {} 7 | policyTypes: 8 | - Ingress 9 | - Egress 10 | -------------------------------------------------------------------------------- /ch7.4.6/image/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM k8spracticalguide/debian:9-slim AS downloader 2 | ARG MM_VERSION=4.10.2 3 | ADD mm_entrypoint.sh . 4 | ADD https://releases.mattermost.com/$MM_VERSION/mattermost-team-$MM_VERSION-linux-amd64.tar.gz . 5 | RUN tar -zxvf ./mattermost-team-$MM_VERSION-linux-amd64.tar.gz 6 | 7 | FROM k8spracticalguide/debian:9-slim 8 | WORKDIR /mm 9 | COPY --from=downloader /mattermost /mm_entrypoint.sh ./ 10 | RUN apt-get update && apt-get install -y procps 11 | RUN chmod +x mm_entrypoint.sh \ 12 | && groupadd -g 2000 mattermost \ 13 | && useradd -u 1000 -g mattermost mattermost \ 14 | && chown -R mattermost:mattermost ./ 15 | USER mattermost 16 | ENTRYPOINT /mm/mm_entrypoint.sh 17 | -------------------------------------------------------------------------------- /ch7.4.6/image/mm_entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | export DB_PORT=${DB_PORT:-3306} 4 | export DB_NAME=${DB_NAME:-mattermost} 5 | export MM_SQLSETTINGS_DATASOURCE="$MM_USERNAME:$MM_PASSWORD@tcp($DB_HOST:$DB_PORT)/$DB_NAME?charset=utf8mb4,utf8" 6 | 7 | exec ./bin/platform --config=config/config.json 8 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/cm.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_DATABASE: mattermost 4 | MYSQL_USER: myuser 5 | kind: ConfigMap 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mattermost-hpa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: autoscaling/v2beta1 2 | kind: HorizontalPodAutoscaler 3 | metadata: 4 | name: mattermost-hpa 5 | namespace: default 6 | spec: 7 | scaleTargetRef: # (1) 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: mattermost 11 | minReplicas: 1 # (2) 12 | maxReplicas: 5 # (3) 13 | metrics: # (4) 14 | - type: Resource 15 | resource: 16 | name: memory 17 | targetAverageUtilization: 50 18 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.192.168.99.100.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mattermost-pdb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: mattormost-pdb 5 | spec: 6 | maxUnavailable: 1 # (1) 動作しないことを許容する最大のPodの数または割合 7 | selector: #(2) 対象のPodを選択するための指定 8 | matchLabels: 9 | app: mattermost 10 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mattermost-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | app: mattermost 7 | name: mattermost 8 | spec: 9 | ports: 10 | - port: 8065 11 | protocol: TCP 12 | targetPort: 8065 13 | selector: 14 | app: mattermost 15 | type: NodePort 16 | status: 17 | loadBalancer: {} 18 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-cm-backup.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: mysql-backup 5 | data: 6 | backup-db.sh: | 7 | #!/bin/bash 8 | 9 | set -e 10 | echo "Execute backup-db.sh" 11 | MYSQLM="mysql -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 12 | MYSQLDUMP="mysqldump -h mysql-0.mysql --user=root --password=${MYSQL_ROOT_PASSWORD}" 13 | 14 | $MYSQLM -e 'FLUSH TABLES WITH READ LOCK;' 15 | log_file=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep File: | awk '{print $2}') 16 | pos=$($MYSQLM -e 'SHOW MASTER STATUS\G;' | grep Position: | awk '{print $2}') 17 | datestamp=$(date +%Y%m%d) 18 | backupname="/mnt/backup/${MYSQL_DATABASE}-${datestamp}-${log_file}-${pos}.dump" 19 | ${MYSQLDUMP} "${MYSQL_DATABASE}" > "${backupname}" 20 | $MYSQLM -e 'UNLOCK TABLES;' 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1beta1 2 | kind: CronJob 3 | metadata: 4 | name: cron-mysql-backup 5 | spec: 6 | schedule: "0 * * * *" 7 | startingDeadlineSeconds: 60 8 | concurrencyPolicy: Forbid 9 | successfulJobsHistoryLimit: 5 10 | failedJobsHistoryLimit: 5 11 | jobTemplate: 12 | spec: 13 | template: 14 | spec: 15 | containers: 16 | - name: cron-backup-mysql 17 | image: mysql:5.7.22 18 | envFrom: 19 | - configMapRef: 20 | name: common-env 21 | - secretRef: 22 | name: common-env 23 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 24 | volumeMounts: 25 | - name: backup-script 26 | mountPath: /mnt/backup-script 27 | - name: backup 28 | mountPath: /mnt/backup 29 | restartPolicy: Never 30 | volumes: 31 | - name: backup-script 32 | configMap: 33 | name: mysql-backup 34 | - name: backup 35 | persistentVolumeClaim: 36 | claimName: backup-mysql 37 | restartPolicy: Never 38 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-backup 5 | spec: 6 | completions: 1 7 | parallelism: 1 8 | template: 9 | spec: 10 | containers: 11 | - name: backup-mysql 12 | image: k8spracticalguide/mysql:5.7.22 13 | envFrom: 14 | - configMapRef: 15 | name: common-env 16 | - secretRef: 17 | name: common-env 18 | command: ["bash", "/mnt/backup-script/backup-db.sh"] 19 | volumeMounts: 20 | - name: backup-script 21 | mountPath: /mnt/backup-script 22 | - name: backup 23 | mountPath: /mnt/backup 24 | restartPolicy: Never 25 | volumes: 26 | - name: backup-script 27 | configMap: 28 | name: mysql-backup 29 | - name: backup 30 | persistentVolumeClaim: 31 | claimName: backup-mysql 32 | backoffLimit: 3 33 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-pv.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolume 3 | metadata: 4 | name: backup 5 | spec: 6 | capacity: 7 | storage: 10Gi 8 | accessModes: 9 | - ReadWriteMany 10 | persistentVolumeReclaimPolicy: Retain 11 | storageClassName: nfs 12 | mountOptions: 13 | - hard 14 | nfs: 15 | path: /share 16 | server: 192.168.99.1 17 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: backup-mysql 5 | spec: 6 | accessModes: 7 | - ReadWriteMany 8 | resources: 9 | requests: 10 | storage: 10Gi 11 | storageClassName: nfs 12 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-svc-read.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql-read 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - name: mysql 10 | port: 3306 11 | selector: 12 | app: mysql 13 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/mysql-svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: mysql 5 | labels: 6 | app: mysql 7 | spec: 8 | ports: 9 | - port: 3306 10 | name: mysql 11 | clusterIP: None 12 | selector: 13 | app: mysql 14 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/mattermost/secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MYSQL_PASSWORD: bXlwYXNzd29yZA== 4 | MYSQL_ROOT_PASSWORD: cm9vdHBhc3N3b3Jk 5 | kind: Secret 6 | metadata: 7 | creationTimestamp: null 8 | name: common-env 9 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/network-policy/mattermost-ingress.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: extensions/v1beta1 2 | kind: Ingress 3 | metadata: 4 | name: mattermost 5 | spec: 6 | rules: 7 | - host: chat.127.0.0.1.nip.io 8 | http: 9 | paths: 10 | - backend: 11 | serviceName: mattermost 12 | servicePort: 8065 13 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/network-policy/np-all-deny.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: default-deny-all 5 | spec: 6 | podSelector: {} 7 | policyTypes: 8 | - Ingress 9 | - Egress 10 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/network-policy/np-mattermost.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: mattermost 5 | spec: 6 | podSelector: 7 | matchLabels: 8 | app: mattermost 9 | policyTypes: 10 | - Ingress 11 | - Egress 12 | ingress: 13 | - from: 14 | - namespaceSelector: 15 | matchLabels: 16 | system: "true" 17 | - podSelector: 18 | matchLabels: 19 | app: nginx-ingress-controller 20 | ports: 21 | - protocol: TCP 22 | port: 8065 23 | egress: 24 | - to: 25 | - podSelector: 26 | matchLabels: 27 | app: mysql 28 | ports: 29 | - protocol: TCP 30 | port: 3306 31 | - to: 32 | - namespaceSelector: 33 | matchLabels: 34 | system: "true" 35 | - podSelector: 36 | matchLabels: 37 | k8s-app: coredns 38 | ports: 39 | - protocol: TCP 40 | port: 53 41 | - protocol: UDP 42 | port: 53 43 | -------------------------------------------------------------------------------- /ch7.4.6/manifests/network-policy/np-mysql.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: networking.k8s.io/v1 2 | kind: NetworkPolicy 3 | metadata: 4 | name: mysql 5 | spec: 6 | podSelector: 7 | matchLabels: 8 | app: mysql 9 | policyTypes: 10 | - Ingress 11 | - Egress 12 | ingress: 13 | - from: 14 | - podSelector: 15 | matchLabels: 16 | app: mattermost 17 | ports: 18 | - protocol: TCP 19 | port: 3306 20 | egress: 21 | - to: 22 | - namespaceSelector: 23 | matchLabels: 24 | system: "true" 25 | - podSelector: 26 | matchLabels: 27 | k8s-app: coredns 28 | ports: 29 | - protocol: TCP 30 | port: 53 31 | - protocol: UDP 32 | port: 53 33 | -------------------------------------------------------------------------------- /ch8.2.6/kube-state-metrics.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: kube-state-metrics 5 | namespace: default 6 | --- 7 | apiVersion: rbac.authorization.k8s.io/v1 8 | kind: ClusterRole 9 | metadata: 10 | name: kube-state-metrics 11 | rules: 12 | - apiGroups: [""] 13 | resources: 14 | - configmaps 15 | - secrets 16 | - nodes 17 | - pods 18 | - services 19 | - resourcequotas 20 | - replicationcontrollers 21 | - limitranges 22 | - persistentvolumeclaims 23 | - persistentvolumes 24 | - namespaces 25 | - endpoints 26 | verbs: ["list", "watch"] 27 | - apiGroups: ["extensions"] 28 | resources: 29 | - daemonsets 30 | - deployments 31 | - replicasets 32 | verbs: ["list", "watch"] 33 | - apiGroups: ["apps"] 34 | resources: 35 | - statefulsets 36 | verbs: ["list", "watch"] 37 | - apiGroups: ["batch"] 38 | resources: 39 | - cronjobs 40 | - jobs 41 | verbs: ["list", "watch"] 42 | - apiGroups: ["autoscaling"] 43 | resources: 44 | - horizontalpodautoscalers 45 | verbs: ["list", "watch"] 46 | --- 47 | apiVersion: rbac.authorization.k8s.io/v1 48 | kind: ClusterRoleBinding 49 | metadata: 50 | name: kube-state-metrics 51 | roleRef: 52 | apiGroup: rbac.authorization.k8s.io 53 | kind: ClusterRole 54 | name: kube-state-metrics 55 | subjects: 56 | - kind: ServiceAccount 57 | name: kube-state-metrics 58 | namespace: default 59 | --- 60 | apiVersion: apps/v1 61 | kind: Deployment 62 | metadata: 63 | name: kube-state-metrics 64 | spec: 65 | selector: 66 | matchLabels: 67 | app: kube-state-metrics 68 | replicas: 1 69 | template: 70 | metadata: 71 | labels: 72 | app: kube-state-metrics 73 | spec: 74 | serviceAccountName: kube-state-metrics 75 | containers: 76 | - name: kube-state-metrics 77 | image: k8spracticalguide/kube-state-metrics:v1.4.0 78 | ports: 79 | - containerPort: 8080 80 | name: default 81 | --- 82 | kind: Service 83 | apiVersion: v1 84 | metadata: 85 | name: kube-state-metrics 86 | spec: 87 | selector: 88 | app: kube-state-metrics 89 | type: NodePort 90 | ports: 91 | - protocol: TCP 92 | port: 8080 93 | targetPort: 8080 94 | -------------------------------------------------------------------------------- /ch8.2.6/mysqld-exporter.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: mysql-data-source-name 5 | type: Opaque 6 | data: 7 | # '{MYSQL_USER}:{MYSQL_PASSWORD}@({MYSQL_SERVICE_DOMAIN}:3306)/' をBase64エンコードした値 8 | DATA_SOURCE_NAME: ZXhwb3J0ZXI6ZXhwb3J0ZXJwYXNzd29yZEAobXlzcWwuZGVmYXVsdC5zdmMuY2x1c3Rlci5sb2NhbDozMzA2KS8= 9 | --- 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | metadata: 13 | name: mysqld-exporter 14 | spec: 15 | selector: 16 | matchLabels: 17 | app: mysqld-exporter 18 | replicas: 1 19 | template: 20 | metadata: 21 | annotations: 22 | prometheus.io/scrape: "true" 23 | prometheus.io/port: "9104" 24 | labels: 25 | app: mysqld-exporter 26 | spec: 27 | containers: 28 | - name: mysqld-exporter 29 | image: k8spracticalguide/mysqld-exporter:v0.11.0 30 | envFrom: 31 | - secretRef: 32 | name: mysql-data-source-name 33 | ports: 34 | - containerPort: 9104 35 | -------------------------------------------------------------------------------- /ch8.2.6/node-exporter.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: DaemonSet 3 | metadata: 4 | name: node-exporter 5 | spec: 6 | selector: 7 | matchLabels: 8 | app: node-exporter 9 | template: 10 | metadata: 11 | labels: 12 | app: node-exporter 13 | annotations: 14 | prometheus.io/scrape: 'true' 15 | prometheus.io/port: '9100' 16 | prometheus.io/path: /metrics 17 | spec: 18 | containers: 19 | - name: node-exporter 20 | image: k8spracticalguide/node-exporter:v0.16.0 21 | ports: 22 | - containerPort: 9100 23 | hostNetwork: true 24 | hostPID: true 25 | -------------------------------------------------------------------------------- /ch8.2.7/grafana-updated.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: grafana-dashboard-providers-config 6 | labels: 7 | app: grafana 8 | data: 9 | dashboard-providers.yml: | 10 | apiVersion: 1 11 | providers: 12 | - name: 'default' 13 | orgId: 1 14 | folder: '' 15 | type: file 16 | disableDeletion: true 17 | editable: false 18 | options: 19 | path: /var/lib/grafana/dashboards 20 | 21 | --- 22 | apiVersion: v1 23 | kind: ConfigMap 24 | metadata: 25 | name: grafana-datasources-config 26 | labels: 27 | app: grafana 28 | data: 29 | datasources.yml: | 30 | apiVersion: 1 31 | deleteDatasources: 32 | - name: prometheus 33 | orgId: 1 34 | 35 | datasources: 36 | - name: prometheus 37 | type: prometheus 38 | access: proxy 39 | orgId: 1 40 | url: http://prometheus.default.svc.cluster.local:9090 41 | version: 1 42 | editable: false 43 | 44 | --- 45 | apiVersion: v1 46 | kind: Service 47 | metadata: 48 | labels: 49 | app: grafana 50 | name: grafana 51 | spec: 52 | ports: 53 | - port: 3000 54 | targetPort: 3000 55 | selector: 56 | app: grafana 57 | type: NodePort 58 | 59 | --- 60 | apiVersion: apps/v1 61 | kind: Deployment 62 | metadata: 63 | labels: 64 | app: grafana 65 | name: grafana 66 | spec: 67 | selector: 68 | matchLabels: 69 | app: grafana 70 | template: 71 | metadata: 72 | labels: 73 | app: grafana 74 | spec: 75 | containers: 76 | - name: grafana 77 | image: k8spracticalguide/grafana:5.2.4 78 | env: 79 | - name: GF_AUTH_ANONYMOUS_ENABLED 80 | value: "true" 81 | volumeMounts: 82 | - name: provisioning-datasources 83 | mountPath: /etc/grafana/provisioning/datasources 84 | - name: provisioning-dashboard-providers 85 | mountPath: /etc/grafana/provisioning/dashboards 86 | - name: dashboard-data 87 | mountPath: /var/lib/grafana/dashboards 88 | volumes: 89 | - name: provisioning-datasources 90 | configMap: 91 | name: grafana-datasources-config 92 | - name: provisioning-dashboard-providers 93 | configMap: 94 | name: grafana-dashboard-providers-config 95 | - name: dashboard-data 96 | configMap: 97 | name: grafana-dashboards 98 | -------------------------------------------------------------------------------- /ch8.2.7/grafana.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: grafana-datasources-config 6 | labels: 7 | app: grafana 8 | data: 9 | datasources.yml: | 10 | apiVersion: 1 11 | deleteDatasources: 12 | - name: prometheus 13 | orgId: 1 14 | 15 | datasources: 16 | - name: prometheus 17 | type: prometheus 18 | access: proxy 19 | orgId: 1 20 | url: http://prometheus.default.svc.cluster.local:9090 21 | version: 1 22 | editable: false 23 | 24 | --- 25 | apiVersion: v1 26 | kind: Service 27 | metadata: 28 | labels: 29 | app: grafana 30 | name: grafana 31 | spec: 32 | ports: 33 | - port: 3000 34 | targetPort: 3000 35 | selector: 36 | app: grafana 37 | type: NodePort 38 | 39 | --- 40 | apiVersion: apps/v1 41 | kind: Deployment 42 | metadata: 43 | labels: 44 | app: grafana 45 | name: grafana 46 | spec: 47 | selector: 48 | matchLabels: 49 | app: grafana 50 | template: 51 | metadata: 52 | labels: 53 | app: grafana 54 | spec: 55 | containers: 56 | - name: grafana 57 | image: k8spracticalguide/grafana:5.2.4 58 | env: 59 | - name: GF_AUTH_ANONYMOUS_ENABLED 60 | value: "true" 61 | volumeMounts: 62 | - name: provisioning-datasources 63 | mountPath: /etc/grafana/provisioning/datasources 64 | volumes: 65 | - name: provisioning-datasources 66 | configMap: 67 | name: grafana-datasources-config 68 | --------------------------------------------------------------------------------