├── .gitignore
├── template
├── bases
│ ├── fluentd
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── rabbitmq
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── mongo-express
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── redis
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ ├── mongo
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ ├── pvc.yml
│ │ └── deployment.yml
│ ├── kanban-replicator
│ │ ├── kustomization.yml
│ │ ├── envoy-configmap.yml
│ │ └── deployment.yml
│ ├── authorization
│ │ ├── kustomization.yml
│ │ ├── service-account.yml
│ │ └── cluster-rolebinding.yml
│ ├── send-anything
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ ├── envoy-configmap.yml
│ │ └── deployment.yml
│ ├── service-broker
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ ├── deployment.yml
│ │ └── envoy-configmap.yml
│ └── status-kanban
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ ├── deployment.yml
│ │ └── envoy-configmap.yml
└── overlays
│ ├── default
│ ├── redis
│ │ └── kustomization.yml
│ ├── fluentd
│ │ └── kustomization.yml
│ ├── mongo-express
│ │ └── kustomization.yml
│ ├── status-kanban
│ │ └── kustomization.yml
│ ├── authorization
│ │ └── kustomization.yml
│ ├── kanban-replicator
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── mongo
│ │ ├── kustomization.yml
│ │ ├── pvc.yml
│ │ └── pv.yml
│ ├── send-anything
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ ├── service-broker
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ └── kustomization.yml
│ ├── init_prj
│ ├── rabbitmq
│ │ └── kustomization.yml
│ └── kustomization.yml
│ ├── init_default
│ ├── rabbitmq
│ │ └── kustomization.yml
│ └── kustomization.yml
│ ├── prj
│ ├── namespace.yml
│ ├── redis
│ │ └── kustomization.yml
│ ├── status-kanban
│ │ └── kustomization.yml
│ ├── authorization
│ │ └── kustomization.yml
│ ├── service-broker
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── kanban-replicator
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── mongo
│ │ ├── kustomization.yml
│ │ ├── pvc.yml
│ │ └── pv.yml
│ ├── send-anything
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ └── kustomization.yml
│ ├── master
│ ├── namespace.yml
│ ├── authorization
│ │ └── kustomization.yml
│ ├── redis
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ ├── kanban-replicator
│ │ ├── kustomization.yml
│ │ └── deployment.yml
│ ├── mongo
│ │ ├── service.yml
│ │ ├── kustomization.yml
│ │ ├── deployment.yml
│ │ └── pv.yml
│ ├── send-anything
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ ├── status-kanban
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ └── deployment.yml
│ ├── kustomization.yml
│ └── service-broker
│ │ ├── kustomization.yml
│ │ ├── service.yml
│ │ ├── deployment.yml
│ │ └── envoy-configmap.yml
│ └── worker
│ ├── namespace.yml
│ ├── authorization
│ └── kustomization.yml
│ ├── mongo
│ ├── service.yml
│ ├── kustomization.yml
│ ├── deployment.yml
│ └── pv.yml
│ ├── redis
│ ├── kustomization.yml
│ ├── service.yml
│ └── deployment.yml
│ ├── kanban-replicator
│ ├── kustomization.yml
│ └── deployment.yml
│ ├── send-anything
│ ├── kustomization.yml
│ ├── service.yml
│ └── deployment.yml
│ ├── status-kanban
│ ├── kustomization.yml
│ ├── service.yml
│ └── deployment.yml
│ ├── service-broker
│ ├── kustomization.yml
│ ├── service.yml
│ └── deployment.yml
│ └── kustomization.yml
├── others
├── prometheus
│ ├── grafana.db
│ ├── strage.yml
│ ├── kube-state-metrics.yml
│ ├── node-exporter.yml
│ ├── prometheus.yml
│ ├── role.yaml
│ └── prometheus-configmap.yml
├── log-stack
│ ├── elasticsearch-pv.yml
│ ├── kibana.yml
│ ├── elasticsearch.yml
│ └── fluentd.yml
└── metrics-server
│ └── component.yml
├── docs
└── structure_of_kubernets_yamls.png
├── kubectl-apply-without-secret.sh
├── kubectl-apply-target-node.sh
├── kubectl-delete-target-node.sh
├── aion-core-stop.sh
├── kubectl-apply-only-aion-without-secret.sh
├── kubectl-delete-only-aion-prj.sh
├── aion-start.sh
├── aion-stop.sh
├── aion-core-start.sh
├── kubectl-apply-for-row-power-host.sh
├── await-startup-for-pod.sh
├── LICENSE
├── generated
├── init_prj.yml
├── init_default.yml
├── prj.yml
└── default.yml
├── Makefile
└── readme.md
/.gitignore:
--------------------------------------------------------------------------------
1 | .idea/
2 | .vscode
--------------------------------------------------------------------------------
/template/bases/fluentd/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 |
--------------------------------------------------------------------------------
/template/bases/rabbitmq/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 |
--------------------------------------------------------------------------------
/template/bases/mongo-express/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 |
--------------------------------------------------------------------------------
/template/overlays/default/redis/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/redis
3 |
--------------------------------------------------------------------------------
/template/bases/redis/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 | - service.yml
4 |
--------------------------------------------------------------------------------
/template/overlays/default/fluentd/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/fluentd
3 |
--------------------------------------------------------------------------------
/template/overlays/init_prj/rabbitmq/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/rabbitmq
3 |
--------------------------------------------------------------------------------
/template/overlays/default/mongo-express/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/mongo-express
3 |
--------------------------------------------------------------------------------
/template/overlays/default/status-kanban/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/status-kanban
3 |
--------------------------------------------------------------------------------
/template/overlays/init_default/rabbitmq/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/rabbitmq
3 |
--------------------------------------------------------------------------------
/template/overlays/init_prj/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: default
2 |
3 | bases:
4 | - ./rabbitmq
5 |
--------------------------------------------------------------------------------
/template/overlays/prj/namespace.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: prj
--------------------------------------------------------------------------------
/template/overlays/prj/redis/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | bases:
3 | - ../../../bases/redis
4 |
--------------------------------------------------------------------------------
/template/bases/mongo/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 | - pvc.yml
4 | - service.yml
5 |
--------------------------------------------------------------------------------
/template/overlays/init_default/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: default
2 |
3 | bases:
4 | - ./rabbitmq
5 |
--------------------------------------------------------------------------------
/template/bases/kanban-replicator/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 | - envoy-configmap.yml
4 |
--------------------------------------------------------------------------------
/template/overlays/master/namespace.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: master
5 |
--------------------------------------------------------------------------------
/template/bases/authorization/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - service-account.yml
3 | - cluster-rolebinding.yml
4 |
--------------------------------------------------------------------------------
/template/overlays/prj/status-kanban/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | bases:
3 | - ../../../bases/status-kanban
4 |
--------------------------------------------------------------------------------
/template/overlays/worker/namespace.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: _HOSTNAME_
5 |
--------------------------------------------------------------------------------
/others/prometheus/grafana.db:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/latonaio/aion-core-manifests/HEAD/others/prometheus/grafana.db
--------------------------------------------------------------------------------
/template/bases/authorization/service-account.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: aion
5 |
--------------------------------------------------------------------------------
/template/bases/send-anything/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 | - envoy-configmap.yml
4 | - service.yml
5 |
--------------------------------------------------------------------------------
/template/bases/service-broker/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 | - envoy-configmap.yml
4 | - service.yml
5 |
--------------------------------------------------------------------------------
/template/bases/status-kanban/kustomization.yml:
--------------------------------------------------------------------------------
1 | resources:
2 | - deployment.yml
3 | - envoy-configmap.yml
4 | - service.yml
5 |
--------------------------------------------------------------------------------
/docs/structure_of_kubernets_yamls.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/latonaio/aion-core-manifests/HEAD/docs/structure_of_kubernets_yamls.png
--------------------------------------------------------------------------------
/kubectl-apply-without-secret.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl apply -f generated/default.yml
4 | kubectl apply -f ./others/metrics-server
5 |
--------------------------------------------------------------------------------
/template/overlays/prj/authorization/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | nameSuffix: -prj
3 | bases:
4 | - ../../../bases/authorization
5 |
--------------------------------------------------------------------------------
/kubectl-apply-target-node.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | if [ $1 = "" ] ;then
3 | exit 1
4 | fi
5 |
6 | kubectl apply -f generated/${1}/default.yml
7 | exit 0
8 |
--------------------------------------------------------------------------------
/template/overlays/default/authorization/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: default
2 | nameSuffix: -default
3 | bases:
4 | - ../../../bases/authorization
5 |
--------------------------------------------------------------------------------
/template/overlays/master/authorization/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | nameSuffix: -master
3 | bases:
4 | - ../../../bases/authorization
5 |
--------------------------------------------------------------------------------
/template/overlays/worker/authorization/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | nameSuffix: -_HOSTNAME_
3 | bases:
4 | - ../../../bases/authorization
5 |
--------------------------------------------------------------------------------
/kubectl-delete-target-node.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | echo $1
3 | if [ $1 = "" ] ;then
4 | exit 1
5 | fi
6 | kubectl delete -f generated/${1}/default.yml
7 | exit 0
8 |
--------------------------------------------------------------------------------
/template/overlays/default/kanban-replicator/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/kanban-replicator
3 | patchesStrategicMerge:
4 | - ./deployment.yml
5 |
--------------------------------------------------------------------------------
/template/overlays/default/mongo/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/mongo
3 | resources:
4 | - ./pv.yml
5 | patchesStrategicMerge:
6 | - ./pvc.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/default/send-anything/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/send-anything
3 | patchesStrategicMerge:
4 | - ./deployment.yml
5 | - ./service.yml
6 |
--------------------------------------------------------------------------------
/template/overlays/prj/service-broker/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | bases:
3 | - ../../../bases/service-broker
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 |
--------------------------------------------------------------------------------
/template/overlays/default/service-broker/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ../../../bases/service-broker
3 | patchesStrategicMerge:
4 | - ./deployment.yml
5 | - ./service.yml
6 |
--------------------------------------------------------------------------------
/template/overlays/master/redis/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | bases:
3 | - ../../../bases/redis
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/prj/kanban-replicator/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | bases:
3 | - ../../../bases/kanban-replicator
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 |
--------------------------------------------------------------------------------
/template/overlays/prj/mongo/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | bases:
3 | - ../../../bases/mongo
4 | resources:
5 | - ./pv.yml
6 | patchesStrategicMerge:
7 | - ./pvc.yml
8 |
--------------------------------------------------------------------------------
/template/overlays/prj/mongo/pvc.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolumeClaim
3 | metadata:
4 | name: mongo-pv-claim
5 | spec:
6 | volumeName: mongo-pv-volume-prj
7 |
--------------------------------------------------------------------------------
/template/overlays/default/mongo/pvc.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolumeClaim
3 | metadata:
4 | name: mongo-pv-claim
5 | spec:
6 | volumeName: mongo-pv-volume-default
7 |
--------------------------------------------------------------------------------
/template/overlays/master/kanban-replicator/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | bases:
3 | - ../../../bases/kanban-replicator
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 |
--------------------------------------------------------------------------------
/template/overlays/master/mongo/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: mongo
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
9 |
--------------------------------------------------------------------------------
/template/overlays/worker/mongo/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: mongo
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
9 |
--------------------------------------------------------------------------------
/template/overlays/worker/redis/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | bases:
3 | - ../../../bases/redis
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/prj/send-anything/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: prj
2 | bases:
3 | - ../../../bases/send-anything
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/worker/kanban-replicator/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | bases:
3 | - ../../../bases/kanban-replicator
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 |
--------------------------------------------------------------------------------
/template/overlays/master/redis/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: redis-cluster
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
9 |
--------------------------------------------------------------------------------
/template/overlays/worker/redis/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: redis-cluster
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
9 |
--------------------------------------------------------------------------------
/template/overlays/master/send-anything/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | bases:
3 | - ../../../bases/send-anything
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/master/status-kanban/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | bases:
3 | - ../../../bases/status-kanban
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/master/status-kanban/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: aion-statuskanban
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
--------------------------------------------------------------------------------
/template/overlays/worker/send-anything/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | bases:
3 | - ../../../bases/send-anything
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/worker/status-kanban/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | bases:
3 | - ../../../bases/status-kanban
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/worker/status-kanban/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: aion-statuskanban
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
--------------------------------------------------------------------------------
/template/overlays/worker/service-broker/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | bases:
3 | - ../../../bases/service-broker
4 | patchesStrategicMerge:
5 | - ./deployment.yml
6 | - ./service.yml
7 |
--------------------------------------------------------------------------------
/template/overlays/worker/service-broker/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: aion-servicebroker
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 |
9 |
--------------------------------------------------------------------------------
/template/overlays/master/mongo/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | bases:
3 | - ../../../bases/mongo
4 | resources:
5 | - ./pv.yml
6 | patchesStrategicMerge:
7 | #- ./pvc.yml
8 | - ./deployment.yml
9 | - ./service.yml
10 |
--------------------------------------------------------------------------------
/template/bases/mongo/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: mongo
5 | spec:
6 | type: ClusterIP
7 | ports:
8 | - port: 27017
9 | targetPort: 27017
10 | selector:
11 | app: mongo
12 |
--------------------------------------------------------------------------------
/template/overlays/prj/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ./authorization
3 | - ./redis
4 | - ./mongo
5 | - ./service-broker
6 | - ./status-kanban
7 | - ./kanban-replicator
8 | - ./send-anything
9 | resources:
10 | - ./namespace.yml
11 |
--------------------------------------------------------------------------------
/template/overlays/worker/mongo/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: _HOSTNAME_
2 | bases:
3 | - ../../../bases/mongo
4 | resources:
5 | - ./pv.yml
6 | patchesStrategicMerge:
7 | #- ./pvc.yml
8 | - ./deployment.yml
9 | - ./service.yml
10 |
--------------------------------------------------------------------------------
/template/overlays/master/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ./authorization
3 | - ./redis
4 | - ./mongo
5 | - ./service-broker
6 | - ./status-kanban
7 | - ./kanban-replicator
8 | - ./send-anything
9 | resources:
10 | - ./namespace.yml
11 |
--------------------------------------------------------------------------------
/template/overlays/master/service-broker/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: master
2 | bases:
3 | - ../../../bases/service-broker
4 |
5 | patchesStrategicMerge:
6 | - ./deployment.yml
7 | - ./service.yml
8 | - ./envoy-configmap.yml
9 |
10 |
--------------------------------------------------------------------------------
/template/overlays/worker/kustomization.yml:
--------------------------------------------------------------------------------
1 | bases:
2 | - ./authorization
3 | - ./redis
4 | - ./mongo
5 | - ./service-broker
6 | - ./status-kanban
7 | - ./kanban-replicator
8 | - ./send-anything
9 | resources:
10 | - ./namespace.yml
11 |
--------------------------------------------------------------------------------
/template/bases/redis/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: redis-cluster
5 | spec:
6 | type: ClusterIP
7 | ports:
8 | - port: 6379
9 | targetPort: 6379
10 | selector:
11 | app: redis-cluster
12 |
--------------------------------------------------------------------------------
/template/overlays/master/status-kanban/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-statuskanban
5 | spec:
6 | template:
7 | spec:
8 | nodeSelector:
9 | kubernetes.io/hostname: _HOSTNAME_
10 |
--------------------------------------------------------------------------------
/template/overlays/worker/status-kanban/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-statuskanban
5 | spec:
6 | template:
7 | spec:
8 | nodeSelector:
9 | kubernetes.io/hostname: _HOSTNAME_
10 |
--------------------------------------------------------------------------------
/template/bases/mongo/pvc.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: PersistentVolumeClaim
3 | metadata:
4 | name: mongo-pv-claim
5 | spec:
6 | storageClassName: mongo
7 | accessModes:
8 | - ReadWriteOnce
9 | resources:
10 | requests:
11 | storage: 5Gi
12 |
--------------------------------------------------------------------------------
/template/overlays/default/kustomization.yml:
--------------------------------------------------------------------------------
1 | namespace: default
2 |
3 | bases:
4 | - ./authorization
5 | - ./fluentd
6 | - ./redis
7 | - ./mongo
8 | - ./mongo-express
9 | - ./service-broker
10 | - ./status-kanban
11 | - ./kanban-replicator
12 | - ./send-anything
13 |
--------------------------------------------------------------------------------
/template/overlays/master/redis/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
2 | kind: Deployment
3 | metadata:
4 | name: redis-cluster
5 | spec:
6 | template:
7 | spec:
8 | nodeSelector:
9 | kubernetes.io/hostname: _HOSTNAME_
10 |
--------------------------------------------------------------------------------
/template/overlays/worker/redis/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
2 | kind: Deployment
3 | metadata:
4 | name: redis-cluster
5 | spec:
6 | template:
7 | spec:
8 | nodeSelector:
9 | kubernetes.io/hostname: _HOSTNAME_
10 |
--------------------------------------------------------------------------------
/aion-core-stop.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl delete -f ./template/bases/service-broker
4 |
5 | echo "wait for service-broker terminate microservices..."
6 | sleep 3
7 |
8 | kubectl delete \
9 | -f ./template/bases/kanban-replicator \
10 | -f ./template/bases/send-anything \
11 | -f ./template/bases/status-kanban
12 |
--------------------------------------------------------------------------------
/template/bases/authorization/cluster-rolebinding.yml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: aion
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: cluster-admin
9 | subjects:
10 | - kind: ServiceAccount
11 | name: aion
12 |
--------------------------------------------------------------------------------
/template/overlays/prj/kanban-replicator/deployment.yml:
--------------------------------------------------------------------------------
1 | # SERVICE BROKER GO
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: aion-kanban-replicator
6 | spec:
7 | template:
8 | spec:
9 | volumes:
10 | - name: config
11 | hostPath:
12 | path: /var/lib/aion/prj/config
13 |
--------------------------------------------------------------------------------
/template/overlays/default/kanban-replicator/deployment.yml:
--------------------------------------------------------------------------------
1 | # SERVICE BROKER GO
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: aion-kanban-replicator
6 | spec:
7 | template:
8 | spec:
9 | volumes:
10 | - name: config
11 | hostPath:
12 | path: /var/lib/aion/default/config
13 |
--------------------------------------------------------------------------------
/template/overlays/prj/mongo/pv.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolume
2 | apiVersion: v1
3 | metadata:
4 | name: mongo-pv-volume-prj
5 | labels:
6 | type: local
7 | spec:
8 | storageClassName: mongo
9 | capacity:
10 | storage: 5Gi
11 | accessModes:
12 | - ReadWriteOnce
13 | hostPath:
14 | path: "/var/lib/aion/prj/mnt/mongo_data"
15 |
--------------------------------------------------------------------------------
/template/overlays/default/mongo/pv.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolume
2 | apiVersion: v1
3 | metadata:
4 | name: mongo-pv-volume-default
5 | labels:
6 | type: local
7 | spec:
8 | storageClassName: mongo
9 | capacity:
10 | storage: 5Gi
11 | accessModes:
12 | - ReadWriteOnce
13 | hostPath:
14 | path: "/var/lib/aion/default/mnt/mongo_data"
15 |
--------------------------------------------------------------------------------
/kubectl-apply-only-aion-without-secret.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl apply \
4 | -f ./template/overlays/default/cluster-rolebinding.yml \
5 | -f ./template/bases/common \
6 | -f ./template/bases/kanban-replicator \
7 | -f ./template/bases/send-anything \
8 | -f ./template/bases/service-broker \
9 | -f ./template/bases/status-kanban \
10 | -f ./others/metrics-server
11 |
--------------------------------------------------------------------------------
/kubectl-delete-only-aion-prj.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl delete deployments.apps -n prj \
4 | aion-servicebroker \
5 | aion-statuskanban \
6 | aion-sendanything \
7 | aion-kanban-replicator
8 |
9 | # remove all service (includes ui, mysql, etc...) from prj namespace
10 | # kubectl delete -n prj svc $(kubectl get svc -n prj | grep -v NAME | awk '{print $1}')
11 |
--------------------------------------------------------------------------------
/aion-start.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl create secret generic dockerhub \
4 | --from-file=.dockerconfigjson=$HOME/.docker/config.json \
5 | --type=kubernetes.io/dockerconfigjson
6 |
7 | kubectl apply -f generated/init_default.yml
8 | sh ./await-startup-for-pod.sh ${HOST}
9 | kubectl apply -f generated/default.yml
10 | kubectl apply -f ./others/metrics-server
11 |
--------------------------------------------------------------------------------
/template/overlays/master/mongo/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: mongo
5 | spec:
6 | template:
7 | spec:
8 | nodeSelector:
9 | kubernetes.io/hostname: _HOSTNAME_
10 | volumes:
11 | - name: mongo-persistent-storage
12 | persistentVolumeClaim:
13 | claimName: mongo-pv-claim
--------------------------------------------------------------------------------
/template/overlays/worker/mongo/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: mongo
5 | spec:
6 | template:
7 | spec:
8 | nodeSelector:
9 | kubernetes.io/hostname: _HOSTNAME_
10 | volumes:
11 | - name: mongo-persistent-storage
12 | persistentVolumeClaim:
13 | claimName: mongo-pv-claim
--------------------------------------------------------------------------------
/aion-stop.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl delete -k ./template/overlays/default/service-broker
4 | kubectl delete -k ./template/overlays/default/kanban-replicator
5 | kubectl delete -k ./template/overlays/default/send-anything
6 | kubectl delete -k ./template/overlays/default/status-kanban
7 | kubectl delete -k ./template/overlays/default/mongo
8 | kubectl delete -k ./template/overlays/default/redis
9 |
--------------------------------------------------------------------------------
/template/overlays/prj/send-anything/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-sendanything
6 | name: aion-sendanything
7 | spec:
8 | selector:
9 | run: aion-sendanything
10 | type: NodePort
11 | ports:
12 | - name: envoy-grpc
13 | port: 10000
14 | nodePort: 31100
15 | protocol: TCP
16 | targetPort: 10000
17 |
--------------------------------------------------------------------------------
/template/overlays/default/send-anything/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-sendanything
6 | name: aion-sendanything
7 | spec:
8 | selector:
9 | run: aion-sendanything
10 | type: NodePort
11 | ports:
12 | - name: envoy-grpc
13 | port: 10000
14 | nodePort: 30100
15 | protocol: TCP
16 | targetPort: 10000
17 |
--------------------------------------------------------------------------------
/template/overlays/default/service-broker/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-servicebroker
6 | name: aion-servicebroker
7 | spec:
8 | selector:
9 | run: aion-servicebroker
10 | type: NodePort
11 | ports:
12 | - name: envoy-grpc
13 | port: 10000
14 | protocol: TCP
15 | targetPort: 10000
16 | nodePort: 31000
17 |
--------------------------------------------------------------------------------
/template/overlays/master/kanban-replicator/deployment.yml:
--------------------------------------------------------------------------------
1 | # SERVICE BROKER GO
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: aion-kanban-replicator
6 | spec:
7 | template:
8 | spec:
9 | volumes:
10 | - name: config
11 | hostPath:
12 | path: /var/lib/aion/default/config
13 | nodeSelector:
14 | kubernetes.io/hostname: _HOSTNAME_
15 |
--------------------------------------------------------------------------------
/template/overlays/worker/kanban-replicator/deployment.yml:
--------------------------------------------------------------------------------
1 | # SERVICE BROKER GO
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: aion-kanban-replicator
6 | spec:
7 | template:
8 | spec:
9 | volumes:
10 | - name: config
11 | hostPath:
12 | path: /var/lib/aion/default/config
13 | nodeSelector:
14 | kubernetes.io/hostname: _HOSTNAME_
15 |
--------------------------------------------------------------------------------
/template/overlays/worker/send-anything/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-sendanything
6 | name: aion-sendanything
7 | spec:
8 | selector:
9 | run: aion-sendanything
10 | type: ClusterIP
11 | ports:
12 | - name: envoy-grpc
13 | port: 10000
14 | protocol: TCP
15 | targetPort: 10000
16 | topologyKeys:
17 | - "kubernetes.io/hostname"
18 |
--------------------------------------------------------------------------------
/template/overlays/prj/send-anything/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-sendanything
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: aion-sendanything
10 | env:
11 | - name: CLIENT_PORT
12 | value: "31100"
13 | volumes:
14 | - name: data
15 | hostPath:
16 | path: /var/lib/aion/prj
17 |
--------------------------------------------------------------------------------
/template/overlays/default/send-anything/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-sendanything
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: aion-sendanything
10 | env:
11 | - name: CLIENT_PORT
12 | value: "30100"
13 | volumes:
14 | - name: data
15 | hostPath:
16 | path: /var/lib/aion/default
17 |
--------------------------------------------------------------------------------
/template/overlays/master/send-anything/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-sendanything
6 | name: aion-sendanything
7 | spec:
8 | selector:
9 | run: aion-sendanything
10 | type: NodePort
11 | ports:
12 | - name: envoy-grpc
13 | port: 10000
14 | nodePort: 32100
15 | protocol: TCP
16 | targetPort: 10000
17 | topologyKeys:
18 | - "kubernetes.io/hostname"
19 |
--------------------------------------------------------------------------------
/template/bases/send-anything/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-sendanything
6 | name: aion-sendanything
7 | spec:
8 | selector:
9 | run: aion-sendanything
10 | type: NodePort
11 | ports:
12 | - name: envoy-grpc
13 | port: 10000
14 | protocol: TCP
15 | targetPort: 10000
16 | - name: envoy-admin
17 | port: 10001
18 | protocol: TCP
19 | targetPort: 10001
20 |
--------------------------------------------------------------------------------
/template/overlays/master/service-broker/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: aion-servicebroker
5 | spec:
6 | topologyKeys:
7 | - "kubernetes.io/hostname"
8 | type: NodePort
9 | ports:
10 | - name: envoy-grpc
11 | port: 11110
12 | protocol: TCP
13 | targetPort: 11110
14 | nodePort: 31110
15 | - name: envoy-admin
16 | port: 10001
17 | protocol: TCP
18 | targetPort: 10001
19 |
--------------------------------------------------------------------------------
/template/bases/service-broker/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-servicebroker
6 | name: aion-servicebroker
7 | spec:
8 | selector:
9 | run: aion-servicebroker
10 | type: ClusterIP
11 | ports:
12 | - name: envoy-admin
13 | port: 10001
14 | protocol: TCP
15 | targetPort: 10001
16 | - name: envoy-grpc
17 | port: 10000
18 | protocol: TCP
19 | targetPort: 10000
20 |
--------------------------------------------------------------------------------
/aion-core-start.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | kubectl create secret generic dockerhub \
4 | --from-file=.dockerconfigjson=$HOME/.docker/config.json \
5 | --type=kubernetes.io/dockerconfigjson
6 |
7 | kubectl apply \
8 | -f ./template/overlays/default/cluster-rolebinding.yml \
9 | -f ./template/bases/common \
10 | -f ./template/bases/kanban-replicator \
11 | -f ./template/bases/send-anything \
12 | -f ./template/bases/service-broker \
13 | -f ./template/bases/status-kanban \
14 | -f ./others/metrics-server
15 |
--------------------------------------------------------------------------------
/template/overlays/master/send-anything/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-sendanything
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: aion-sendanything
10 | env:
11 | - name: CLIENT_PORT
12 | value: "30100"
13 | volumes:
14 | - name: data
15 | hostPath:
16 | path: /var/lib/aion/default
17 | nodeSelector:
18 | kubernetes.io/hostname: _HOSTNAME_
19 |
--------------------------------------------------------------------------------
/template/overlays/worker/send-anything/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-sendanything
5 | spec:
6 | template:
7 | spec:
8 | containers:
9 | - name: aion-sendanything
10 | env:
11 | - name: CLIENT_PORT
12 | value: "30100"
13 | volumes:
14 | - name: data
15 | hostPath:
16 | path: /var/lib/aion/default
17 | nodeSelector:
18 | kubernetes.io/hostname: _HOSTNAME_
19 |
--------------------------------------------------------------------------------
/template/bases/status-kanban/service.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: aion-statuskanban
6 | name: aion-statuskanban
7 | spec:
8 | selector:
9 | run: aion-statuskanban
10 | type: ClusterIP
11 | ports:
12 | - name: grpc
13 | port: 11010
14 | protocol: TCP
15 | targetPort: 11010
16 | - name: envoy-grpc
17 | port: 10000
18 | protocol: TCP
19 | targetPort: 10000
20 | - name: envoy-admin
21 | port: 10001
22 | protocol: TCP
23 | targetPort: 10001
24 |
--------------------------------------------------------------------------------
/template/overlays/prj/service-broker/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-servicebroker
5 | spec:
6 | template:
7 | spec:
8 | serviceAccountName: aion-prj
9 | containers:
10 | - name: aion-servicebroker
11 | env:
12 | - name: NAMESPACE
13 | value: prj
14 | - name: REPOSITORY_PREFIX
15 | value: localhost:31112
16 | volumes:
17 | - name: config
18 | hostPath:
19 | path: /var/lib/aion/prj/config
20 |
--------------------------------------------------------------------------------
/template/overlays/default/service-broker/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-servicebroker
5 | spec:
6 | template:
7 | spec:
8 | serviceAccountName: aion-default
9 | containers:
10 | - name: aion-servicebroker
11 | env:
12 | - name: NAMESPACE
13 | value: default
14 | - name: REPOSITORY_PREFIX
15 | value: latonaio
16 | volumes:
17 | - name: config
18 | hostPath:
19 | path: /var/lib/aion/default/config
20 |
--------------------------------------------------------------------------------
/others/prometheus/strage.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolume
2 | apiVersion: v1
3 | metadata:
4 | name: grafana-pv-volume
5 | spec:
6 | storageClassName: grafana-strage-class
7 | capacity:
8 | storage: 1Gi
9 | accessModes:
10 | - ReadWriteOnce
11 | hostPath:
12 | path: /var/lib/aion/grafana
13 | ---
14 |
15 | kind: PersistentVolumeClaim
16 | apiVersion: v1
17 | metadata:
18 | name: grafana-pv-claim
19 | spec:
20 | storageClassName: grafana-strage-class
21 | accessModes:
22 | - ReadWriteOnce
23 | resources:
24 | requests:
25 | storage: 1Gi
26 |
27 |
--------------------------------------------------------------------------------
/others/log-stack/elasticsearch-pv.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolume
2 | apiVersion: v1
3 | metadata:
4 | name: elasticsearch-pv-volume
5 | labels:
6 | type: local
7 | spec:
8 | storageClassName: elasticsearch
9 | capacity:
10 | storage: 5Gi
11 | accessModes:
12 | - ReadWriteOnce
13 | hostPath:
14 | path: "/mnt/elasticsearch_data"
15 | ---
16 | apiVersion: v1
17 | kind: PersistentVolumeClaim
18 | metadata:
19 | name: elasticsearch-pv-claim
20 | spec:
21 | storageClassName: elasticsearch
22 | accessModes:
23 | - ReadWriteOnce
24 | resources:
25 | requests:
26 | storage: 5Gi
27 |
--------------------------------------------------------------------------------
/template/overlays/master/mongo/pv.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolume
2 | apiVersion: v1
3 | metadata:
4 | name: mongo-pv-volume-_HOSTNAME_
5 | labels:
6 | type: local
7 | namespace: _HOSTNAME_
8 | spec:
9 | storageClassName: mongo
10 | capacity:
11 | storage: 5Gi
12 | accessModes:
13 | - ReadWriteOnce
14 | local:
15 | path: "/var/lib/aion/_HOSTNAME_/mnt/mongo_data"
16 | nodeAffinity:
17 | required:
18 | nodeSelectorTerms:
19 | - matchExpressions:
20 | - key: kubernetes.io/hostname
21 | operator: In
22 | values:
23 | - _HOSTNAME_
--------------------------------------------------------------------------------
/template/overlays/worker/mongo/pv.yml:
--------------------------------------------------------------------------------
1 | kind: PersistentVolume
2 | apiVersion: v1
3 | metadata:
4 | name: mongo-pv-volume-_HOSTNAME_
5 | labels:
6 | type: local
7 | namespace: _HOSTNAME_
8 | spec:
9 | storageClassName: mongo
10 | capacity:
11 | storage: 5Gi
12 | accessModes:
13 | - ReadWriteOnce
14 | local:
15 | path: "/var/lib/aion/_HOSTNAME_/mnt/mongo_data"
16 | nodeAffinity:
17 | required:
18 | nodeSelectorTerms:
19 | - matchExpressions:
20 | - key: kubernetes.io/hostname
21 | operator: In
22 | values:
23 | - _HOSTNAME_
--------------------------------------------------------------------------------
/others/prometheus/kube-state-metrics.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: kube-state-metrics
5 | namespace: kube-system
6 | spec:
7 | selector:
8 | matchLabels:
9 | app: kube-state-metrics
10 | template:
11 | metadata:
12 | labels:
13 | app: kube-state-metrics
14 | annotations:
15 | prometheus.io/scrape: 'true'
16 | prometheus.io/port: '8080'
17 | spec:
18 | serviceAccountName: kube-state-metrics
19 | containers:
20 | - name: kube-state-metrics
21 | image: carlosedp/kube-state-metrics:v1.9.5
22 | ports:
23 | - containerPort: 8080
--------------------------------------------------------------------------------
/template/overlays/master/service-broker/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-servicebroker
5 | spec:
6 | template:
7 | spec:
8 | serviceAccountName: aion-master
9 | containers:
10 | - name: aion-servicebroker
11 | env:
12 | - name: NAMESPACE
13 | value: master
14 | - name: REPOSITORY_PREFIX
15 | value: latonaio
16 | - name: MODE
17 | value: master
18 | volumes:
19 | - name: config
20 | hostPath:
21 | path: /var/lib/aion/default/config
22 | nodeSelector:
23 | kubernetes.io/hostname: _HOSTNAME_
24 |
--------------------------------------------------------------------------------
/template/overlays/worker/service-broker/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: aion-servicebroker
5 | spec:
6 | template:
7 | spec:
8 | serviceAccountName: aion-_HOSTNAME_
9 | containers:
10 | - name: aion-servicebroker
11 | env:
12 | - name: NAMESPACE
13 | value: _HOSTNAME_
14 | - name: MODE
15 | value: worker
16 | - name: REPOSITORY_PREFIX
17 | value: latonaio
18 | volumes:
19 | - name: config
20 | hostPath:
21 | path: /var/lib/aion/default/config
22 | nodeSelector:
23 | kubernetes.io/hostname: _HOSTNAME_
24 |
--------------------------------------------------------------------------------
/kubectl-apply-for-row-power-host.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | waiting () {
4 | sleep 10
5 | }
6 |
7 | kubectl create secret generic dockerhub \
8 | --from-file=.dockerconfigjson=$HOME/.docker/config.json \
9 | --type=kubernetes.io/dockerconfigjson
10 |
11 | kubectl apply -k ./template/overlays/default/authorization
12 | kubectl apply -k ./template/overlays/default/mongo
13 | waiting
14 | kubectl apply -k ./template/overlays/default/redis
15 | waiting
16 | kubectl apply -k ./template/overlays/default/status-kanban
17 | waiting
18 | kubectl apply -k ./template/overlays/default/kanban-replicator
19 | waiting
20 | kubectl apply -k ./template/overlays/default/send-anything
21 | waiting
22 | kubectl apply -k ./template/overlays/default/service-broker
23 |
--------------------------------------------------------------------------------
/await-startup-for-pod.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | echo "Waiting for RabbitMQ startup..."
4 |
5 | run_in_rabbitmq_pod() {
6 | local pod=$(kubectl get pod | grep -E '^rabbitmq-[0-9a-f]+-[0-9a-z]+ ' | sed -E 's/^([^ ]+) .*$/\1/')
7 | kubectl exec "$pod" -- "$@"
8 | }
9 |
10 | rabbitmqctl() {
11 | run_in_rabbitmq_pod rabbitmqctl "$@"
12 | }
13 |
14 | # RabbitMQ の pod が Running になるまで待機
15 | while ! kubectl get pod | grep -E '^rabbitmq-[0-9a-f]+-[0-9a-z]+ ' | grep Running > /dev/null; do
16 | sleep 1
17 | done
18 |
19 | # RabbitMQ のポートが開くまで待機
20 | while ! run_in_rabbitmq_pod bash -c "nc -w 1 127.0.0.1 5672" 2> /dev/null; do
21 | sleep 1
22 | done
23 |
24 | # RabbitMQ が利用可能になるまで待機
25 | while ! rabbitmqctl await_startup 2> /dev/null; do
26 | sleep 1
27 | done
28 |
--------------------------------------------------------------------------------
/template/bases/redis/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1 # for versions before 1.9.0 use apps/v1beta2
2 | kind: Deployment
3 | metadata:
4 | name: redis-cluster
5 | spec:
6 | selector:
7 | matchLabels:
8 | app: redis-cluster
9 | strategy:
10 | type: Recreate
11 | template:
12 | metadata:
13 | labels:
14 | app: redis-cluster
15 | spec:
16 | containers:
17 | - image: redis:6.0-rc-alpine3.11
18 | name: redis-cluster
19 | args:
20 | - --timeout
21 | - "600"
22 | - --loglevel
23 | - "debug"
24 | resources:
25 | limits:
26 | memory: 512Mi
27 | cpu: 100m
28 | requests:
29 | memory: 50Mi
30 | cpu: 5m
31 | ports:
32 | - containerPort: 6379
33 | name: redis-cluster
34 |
--------------------------------------------------------------------------------
/others/prometheus/node-exporter.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: DaemonSet
3 | metadata:
4 | name: node-exporter
5 | namespace: kube-system
6 | labels:
7 | app: node-exporter
8 | component: node-exporter
9 | spec:
10 | selector:
11 | matchLabels:
12 | app: node-exporter
13 | component: node-exporter
14 | template:
15 | metadata:
16 | name: node-exporter
17 | labels:
18 | app: node-exporter
19 | component: node-exporter
20 | annotations:
21 | prometheus.io/scrape: 'true'
22 | prometheus.io/port: '9100'
23 | prometheus.io/path: /metrics
24 | spec:
25 | containers:
26 | - image: prom/node-exporter:v0.18.0
27 | name: node-exporter
28 | ports:
29 | - name: prom-node-exp
30 | containerPort: 9100
31 | hostPort: 9100
32 | hostNetwork: true
33 | hostPID: true
--------------------------------------------------------------------------------
/template/bases/mongo-express/deployment.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apps/v1
3 | kind: Deployment
4 | metadata:
5 | name: mongo-express-deployment
6 | spec:
7 | replicas: 1
8 | selector:
9 | matchLabels:
10 | app: mongo-express
11 | template:
12 | metadata:
13 | labels:
14 | app: mongo-express
15 | spec:
16 | containers:
17 | - name: mongo-express
18 | image: mongo-express
19 |
20 | env:
21 | - name: MONGODB_USER
22 | value: root
23 | - name: MONGODB_PASS
24 | value: root
25 | ports:
26 | - name: mongo-express
27 | containerPort: 8081
28 | ---
29 | apiVersion: v1
30 | kind: Service
31 | metadata:
32 | name: mongo-express-service
33 | spec:
34 | selector:
35 | app: mongo-express
36 | type: LoadBalancer
37 | ports:
38 | - name: mongo-express
39 | port: 8081
40 | protocol: TCP
41 | targetPort: 8081
42 | nodePort: 32767
43 |
--------------------------------------------------------------------------------
/template/bases/mongo/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: mongo
5 | spec:
6 | selector:
7 | matchLabels:
8 | app: mongo
9 | strategy:
10 | type: Recreate
11 | template:
12 | metadata:
13 | labels:
14 | app: mongo
15 | spec:
16 | containers:
17 | - image: mongo:4.4
18 | name: mongo
19 | resources:
20 | limits:
21 | memory: 512Mi
22 | cpu: 100m
23 | requests:
24 | memory: 100Mi
25 | cpu: 10m
26 | env:
27 | - name: MONGODB_USER
28 | value: root
29 | - name: MONGODB_PASS
30 | value: root
31 | ports:
32 | - containerPort: 27017
33 | name: mongo
34 | volumeMounts:
35 | - name: mongo-persistent-storage
36 | mountPath: /data/db
37 | volumes:
38 | - name: mongo-persistent-storage
39 | persistentVolumeClaim:
40 | claimName: mongo-pv-claim
41 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 Latona, Inc.
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/template/bases/kanban-replicator/envoy-configmap.yml:
--------------------------------------------------------------------------------
1 | kind: ConfigMap
2 | apiVersion: v1
3 | metadata:
4 | name: envoy-config-kanban-replicator
5 | data:
6 | envoy.yaml: |
7 | static_resources:
8 | listeners:
9 | - name: redis_listener
10 | address:
11 | socket_address:
12 | address: 0.0.0.0
13 | port_value: 1999
14 | filter_chains:
15 | - filters:
16 | - name: envoy.filters.network.redis_proxy
17 | typed_config:
18 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
19 | stat_prefix: egress_redis
20 | settings:
21 | op_timeout: 5s
22 | prefix_routes:
23 | catch_all_route:
24 | cluster: redis_cluster
25 | clusters:
26 | - name: redis_cluster
27 | connect_timeout: 1s
28 | type: strict_dns # static
29 | lb_policy: MAGLEV
30 | load_assignment:
31 | cluster_name: redis_cluster
32 | endpoints:
33 | - lb_endpoints:
34 | - endpoint:
35 | address:
36 | socket_address:
37 | address: redis
38 | port_value: 6379
--------------------------------------------------------------------------------
/template/bases/rabbitmq/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | run: rabbitmq
6 | name: rabbitmq
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | run: rabbitmq
12 | strategy:
13 | rollingUpdate:
14 | template:
15 | metadata:
16 | labels:
17 | run: rabbitmq
18 | spec:
19 | hostname: rabbitmq
20 | containers:
21 | - name: rabbitmq
22 | tty: true
23 | image: rabbitmq:3.9.5-management-alpine
24 | imagePullPolicy: IfNotPresent
25 | ports:
26 | - containerPort: 5672
27 | volumeMounts:
28 | - name: rabbitmq-data
29 | mountPath: /var/lib/rabbitmq/mnesia
30 | volumes:
31 | - name: rabbitmq-data
32 | hostPath:
33 | path: /var/lib/aion/default/Data/rabbitmq
34 | ---
35 | apiVersion: v1
36 | kind: Service
37 | metadata:
38 | labels:
39 | run: rabbitmq
40 | name: rabbitmq
41 | spec:
42 | selector:
43 | run: rabbitmq
44 | type: NodePort
45 | ports:
46 | - name: rabbitmq-node
47 | port: 5672
48 | protocol: TCP
49 | targetPort: 5672
50 | nodePort: 32094
51 | - name: rabbitmq-mgmt
52 | port: 15672
53 | protocol: TCP
54 | targetPort: 15672
55 | nodePort: 32095
56 |
--------------------------------------------------------------------------------
/others/log-stack/kibana.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: kibana
5 | spec:
6 | selector:
7 | matchLabels:
8 | run: kibana
9 | template:
10 | metadata:
11 | labels:
12 | run: kibana
13 | spec:
14 | initContainers:
15 | - name: chown-data-dir
16 | image: centos:7
17 | args:
18 | - /bin/bash
19 | - -c
20 | - until curl elasticsearch:9200; do echo waiting for elasticsearch; sleep 10; done
21 | containers:
22 | - name: kibana
23 | imagePullPolicy: IfNotPresent
24 | image: latonaio/kibana-arm64:7.7.0
25 | resources:
26 | limits:
27 | memory: 300Mi
28 | cpu: 150m
29 | requests:
30 | memory: 300Mi
31 | cpu: 30m
32 | env:
33 | - name: ELASTICSEARCH_URL
34 | value: http://elasticsearch:9200
35 | ports:
36 | - containerPort: 5601
37 | name: http
38 | protocol: TCP
39 |
40 | ---
41 |
42 | apiVersion: v1
43 | kind: Service
44 | metadata:
45 | name: kibana
46 | labels:
47 | service: kibana
48 | spec:
49 | type: NodePort
50 | selector:
51 | run: kibana
52 | ports:
53 | - port: 5601
54 | targetPort: 5601
55 | nodePort: 30560
56 |
--------------------------------------------------------------------------------
/generated/init_prj.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: rabbitmq
6 | name: rabbitmq
7 | namespace: default
8 | spec:
9 | ports:
10 | - name: rabbitmq-node
11 | nodePort: 32094
12 | port: 5672
13 | protocol: TCP
14 | targetPort: 5672
15 | - name: rabbitmq-mgmt
16 | nodePort: 32095
17 | port: 15672
18 | protocol: TCP
19 | targetPort: 15672
20 | selector:
21 | run: rabbitmq
22 | type: NodePort
23 | ---
24 | apiVersion: apps/v1
25 | kind: Deployment
26 | metadata:
27 | labels:
28 | run: rabbitmq
29 | name: rabbitmq
30 | namespace: default
31 | spec:
32 | replicas: 1
33 | selector:
34 | matchLabels:
35 | run: rabbitmq
36 | strategy:
37 | rollingUpdate: null
38 | template:
39 | metadata:
40 | labels:
41 | run: rabbitmq
42 | spec:
43 | containers:
44 | - image: rabbitmq:3.9.5-management-alpine
45 | imagePullPolicy: IfNotPresent
46 | name: rabbitmq
47 | ports:
48 | - containerPort: 5672
49 | tty: true
50 | volumeMounts:
51 | - mountPath: /var/lib/rabbitmq/mnesia
52 | name: rabbitmq-data
53 | hostname: rabbitmq
54 | volumes:
55 | - hostPath:
56 | path: /var/lib/aion/default/Data/rabbitmq
57 | name: rabbitmq-data
58 |
--------------------------------------------------------------------------------
/generated/init_default.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | run: rabbitmq
6 | name: rabbitmq
7 | namespace: default
8 | spec:
9 | ports:
10 | - name: rabbitmq-node
11 | nodePort: 32094
12 | port: 5672
13 | protocol: TCP
14 | targetPort: 5672
15 | - name: rabbitmq-mgmt
16 | nodePort: 32095
17 | port: 15672
18 | protocol: TCP
19 | targetPort: 15672
20 | selector:
21 | run: rabbitmq
22 | type: NodePort
23 | ---
24 | apiVersion: apps/v1
25 | kind: Deployment
26 | metadata:
27 | labels:
28 | run: rabbitmq
29 | name: rabbitmq
30 | namespace: default
31 | spec:
32 | replicas: 1
33 | selector:
34 | matchLabels:
35 | run: rabbitmq
36 | strategy:
37 | rollingUpdate: null
38 | template:
39 | metadata:
40 | labels:
41 | run: rabbitmq
42 | spec:
43 | containers:
44 | - image: rabbitmq:3.9.5-management-alpine
45 | imagePullPolicy: IfNotPresent
46 | name: rabbitmq
47 | ports:
48 | - containerPort: 5672
49 | tty: true
50 | volumeMounts:
51 | - mountPath: /var/lib/rabbitmq/mnesia
52 | name: rabbitmq-data
53 | hostname: rabbitmq
54 | volumes:
55 | - hostPath:
56 | path: /var/lib/aion/default/Data/rabbitmq
57 | name: rabbitmq-data
58 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | HOST= ""
2 |
3 | .PHONY: build
4 |
5 | # init_default には、AIONアーキテクチャ構成リソースの初期立ち上げとして必要なリソース(RabbitMQ)が含まれています。
6 | # RabbitMQ を初期立ち上げすることが必要な理由は、aion-core および関連リソースの RabbitMQ への 依存度 が重要であるためです。
7 | build:
8 | kubectl kustomize template/overlays/init_default > generated/init_default.yml
9 | kubectl kustomize template/overlays/init_prj > generated/init_prj.yml
10 |
11 | kubectl kustomize template/overlays/default > generated/default.yml
12 | kubectl kustomize template/overlays/prj > generated/prj.yml
13 |
14 | .PHONY: apply-worker
15 | apply-worker:
16 | sh kubectl-apply-target-node.sh $(HOST)
17 |
18 | .PHONY: apply-master
19 | apply-master:
20 | docker pull envoyproxy/envoy:v1.16-latest
21 | sh kubectl-apply-target-node.sh master
22 |
23 | .PHONY: delete-worker
24 | delete-worker:
25 | sh kubectl-delete-target-node.sh $(HOST)
26 |
27 | .PHONY: delete-worker
28 | delete-master:
29 | sh kubectl-delete-target-node.sh master
30 |
31 | .PHONY: build-worker
32 | build-worker:
33 | mkdir -p generated/$(HOST)
34 | kubectl kustomize template/overlays/worker > generated/$(HOST)/default.yml
35 | sed -i -e "s/_HOSTNAME_/$(HOST)/g" generated/$(HOST)/default.yml
36 | mkdir -p /var/lib/aion/$(HOST)/mnt/mongo_data
37 |
38 | .PHONY: build-master
39 | build-master:
40 | mkdir -p generated/master
41 | kubectl kustomize template/overlays/master > generated/master/default.yml
42 | sed -i -e "s/_HOSTNAME_/$(HOST)/g" generated/master/default.yml
43 | sudo mkdir -p /var/lib/aion/$(HOST)/mnt/mongo_data
44 |
--------------------------------------------------------------------------------
/others/prometheus/prometheus.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | run: prometheus
6 | name: prometheus
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | run: prometheus
12 | strategy:
13 | rollingUpdate:
14 | template:
15 | metadata:
16 | labels:
17 | run: prometheus
18 | spec:
19 | serviceAccountName: prometheus-serviceaccount
20 | hostname: prometheus
21 | containers:
22 | - name: prometheus
23 | image: prom/prometheus:v2.17.2
24 | volumeMounts:
25 | - name: prometheus-config
26 | mountPath: /etc/prometheus
27 | ports:
28 | - containerPort: 9090
29 | name: prometheus-ui
30 | - name: grafana
31 | image: grafana/grafana:6.7.3
32 | ports:
33 | - containerPort: 3000
34 | name: grafana-ui
35 | volumeMounts:
36 | - mountPath: /var/lib/grafana
37 | name: grafana-data
38 | volumes:
39 | - name: prometheus-config
40 | configMap:
41 | name: prometheus-config
42 | - name: grafana-data
43 | persistentVolumeClaim:
44 | claimName: grafana-pv-claim
45 | status: {}
46 |
47 | ---
48 | apiVersion: v1
49 | kind: Service
50 | metadata:
51 | labels:
52 | run: prometheus
53 | name: prometheus
54 | spec:
55 | selector:
56 | run: prometheus
57 | type: NodePort
58 | ports:
59 | - name: prometheus-ui
60 | port: 9090
61 | targetPort: 9090
62 | nodePort: 30081
63 | - name: grafana-ui
64 | port: 3000
65 | targetPort: 3000
66 | nodePort: 30082
67 | ---
68 |
69 |
--------------------------------------------------------------------------------
/others/log-stack/elasticsearch.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: elasticsearch
5 | spec:
6 | selector:
7 | matchLabels:
8 | component: elasticsearch
9 | template:
10 | metadata:
11 | labels:
12 | component: elasticsearch
13 | spec:
14 | initContainers:
15 | - name: chown-elasticsearch-persistent-storage
16 | image: busybox
17 | args:
18 | - /bin/sh
19 | - -c
20 | - chown -R 1010:1010 /elasticsearch-7.7.0/data
21 | volumeMounts:
22 | - name: elasticsearch-persistent-storage
23 | mountPath: /elasticsearch-7.7.0/data
24 | containers:
25 | - name: elasticsearch
26 | imagePullPolicy: IfNotPresent
27 | image: latonaio/elasticserch-arm64:v7.7.0
28 | env:
29 | - name: discovery.type
30 | value: single-node
31 | ports:
32 | - containerPort: 9200
33 | name: http
34 | protocol: TCP
35 | resources:
36 | limits:
37 | cpu: 500m
38 | memory: 4Gi
39 | requests:
40 | cpu: 500m
41 | memory: 1Gi
42 | volumeMounts:
43 | - name: elasticsearch-persistent-storage
44 | mountPath: /elasticsearch-7.7.0/data
45 | volumes:
46 | - name: elasticsearch-persistent-storage
47 | persistentVolumeClaim:
48 | claimName: elasticsearch-pv-claim
49 |
50 | ---
51 |
52 | apiVersion: v1
53 | kind: Service
54 | metadata:
55 | name: elasticsearch
56 | labels:
57 | component: elasticsearch
58 | spec:
59 | type: NodePort
60 | selector:
61 | component: elasticsearch
62 | ports:
63 | - port: 9200
64 | targetPort: 9200
65 | nodePort: 30920
66 |
--------------------------------------------------------------------------------
/others/prometheus/role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1beta1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: kube-state-metrics
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: kube-state-metrics
9 | subjects:
10 | - kind: ServiceAccount
11 | name: kube-state-metrics
12 | namespace: kube-system
13 | ---
14 | apiVersion: rbac.authorization.k8s.io/v1beta1
15 | kind: ClusterRole
16 | metadata:
17 | name: kube-state-metrics
18 | rules:
19 | - apiGroups: [""]
20 | resources:
21 | - nodes
22 | - pods
23 | - services
24 | - resourcequotas
25 | - replicationcontrollers
26 | - limitranges
27 | verbs: ["list", "watch"]
28 | - apiGroups: ["extensions"]
29 | resources:
30 | - daemonsets
31 | - deployments
32 | - replicasets
33 | verbs: ["list", "watch"]
34 | ---
35 | apiVersion: v1
36 | kind: ServiceAccount
37 | metadata:
38 | name: kube-state-metrics
39 | namespace: kube-system
40 | ---
41 | apiVersion: rbac.authorization.k8s.io/v1beta1
42 | kind: ClusterRole
43 | metadata:
44 | name: prom-admin
45 | rules:
46 | - apiGroups: [""]
47 | resources:
48 | - namespaces
49 | - endpoints
50 | - services
51 | - nodes
52 | - nodes/proxy
53 | - pods
54 | verbs: ["get", "list", "watch"]
55 | - apiGroups: [""]
56 | resources:
57 | - configmaps
58 | verbs: ["get"]
59 | - nonResourceURLs: ["/metrics", "/api/*"]
60 | verbs: ["get"]
61 | ---
62 | apiVersion: rbac.authorization.k8s.io/v1
63 | kind: ClusterRoleBinding
64 | metadata:
65 | name: prom-rbac
66 | roleRef:
67 | apiGroup: rbac.authorization.k8s.io
68 | kind: ClusterRole
69 | name: prom-admin
70 | subjects:
71 | - kind: ServiceAccount
72 | name: prometheus-serviceaccount
73 | namespace: default
74 | ---
75 | apiVersion: v1
76 | kind: ServiceAccount
77 | metadata:
78 | name: prometheus-serviceaccount
79 | namespace: default
80 |
--------------------------------------------------------------------------------
/template/bases/send-anything/envoy-configmap.yml:
--------------------------------------------------------------------------------
1 | kind: ConfigMap
2 | apiVersion: v1
3 | metadata:
4 | name: envoy-config-sendanything
5 | data:
6 | envoy.yaml: |
7 | static_resources:
8 | listeners:
9 | - name: grpc_listener
10 | address:
11 | socket_address:
12 | address: 0.0.0.0
13 | port_value: 10000
14 | filter_chains:
15 | - filters:
16 | - name: envoy.filters.network.http_connection_manager
17 | typed_config:
18 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
19 | codec_type: auto
20 | stat_prefix: ingress_http
21 | stream_idle_timeout: 0s
22 | route_config:
23 | name: local_route
24 | virtual_hosts:
25 | - name: send_anything_grpc
26 | domains:
27 | - "*"
28 | routes:
29 | - match:
30 | prefix: "/"
31 | grpc: {}
32 | route:
33 | cluster: send_anything_grpc
34 | timeout: 0s
35 | idle_timeout: 0s
36 | http_filters:
37 | - name: envoy.filters.http.router
38 | typed_config: {}
39 | clusters:
40 | - name: send_anything_grpc
41 | connect_timeout: 0.250s
42 | type: strict_dns
43 | lb_policy: round_robin
44 | http2_protocol_options: {}
45 | load_assignment:
46 | cluster_name: send_anything_grpc
47 | endpoints:
48 | - lb_endpoints:
49 | - endpoint:
50 | address:
51 | socket_address:
52 | address: 127.0.0.1
53 | port_value: 11011
54 | admin:
55 | access_log_path: /tmp/admin_access.log
56 | address:
57 | socket_address:
58 | address: 0.0.0.0
59 | port_value: 10001
60 |
--------------------------------------------------------------------------------
/template/bases/send-anything/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | run: aion-sendanything
6 | name: aion-sendanything
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | run: aion-sendanything
12 | strategy:
13 | rollingUpdate:
14 | maxUnavailable: 1
15 | template:
16 | metadata:
17 | labels:
18 | run: aion-sendanything
19 | spec:
20 | hostname: aion-sendanything
21 | shareProcessNamespace: true
22 | imagePullSecrets:
23 | - name: dockerhub
24 | containers:
25 | - name: aion-sendanything
26 | image: latonaio/aion-sendanything:latest
27 | imagePullPolicy: IfNotPresent
28 | ports:
29 | - containerPort: 11011
30 | name: grpc
31 | volumeMounts:
32 | - name: data
33 | mountPath: /var/lib/aion
34 | env:
35 | - name: NODE_NAME
36 | valueFrom:
37 | fieldRef:
38 | fieldPath: spec.nodeName
39 | - name: NODE_IP
40 | valueFrom:
41 | fieldRef:
42 | fieldPath: status.hostIP
43 | - name: envoy
44 | image: envoyproxy/envoy:v1.16-latest
45 | imagePullPolicy: IfNotPresent
46 | command:
47 | - "/usr/local/bin/envoy"
48 | args:
49 | - "--config-path /etc/envoy/envoy.yaml"
50 | resources:
51 | limits:
52 | memory: 512Mi
53 | requests:
54 | memory: 64Mi
55 | ports:
56 | - containerPort: 10000
57 | name: envoy-grpc
58 | - containerPort: 10001
59 | name: envoy-admin
60 | volumeMounts:
61 | - name: envoy
62 | mountPath: /etc/envoy
63 | volumes:
64 | - name: envoy
65 | configMap:
66 | name: envoy-config-sendanything
67 | - name: data
68 | hostPath:
69 | path: /var/lib/aion/default
70 |
--------------------------------------------------------------------------------
/template/bases/kanban-replicator/deployment.yml:
--------------------------------------------------------------------------------
1 | # SERVICE BROKER GO
2 |
3 | apiVersion: apps/v1
4 | kind: Deployment
5 | metadata:
6 | labels:
7 | run: aion-kanban-replicator
8 | name: aion-kanban-replicator
9 | spec:
10 | replicas: 1
11 | selector:
12 | matchLabels:
13 | run: aion-kanban-replicator
14 | strategy:
15 | rollingUpdate:
16 | maxUnavailable: 1
17 | template:
18 | metadata:
19 | labels:
20 | run: aion-kanban-replicator
21 | spec:
22 | hostname: aion-kanban-replicator
23 | shareProcessNamespace: true
24 | imagePullSecrets:
25 | - name: dockerhub
26 | containers:
27 | - name: aion-kanban-replicator
28 | image: latonaio/aion-kanban-replicator:latest
29 | imagePullPolicy: IfNotPresent
30 | env:
31 | - name: REDIS_HOST
32 | value: redis-cluster:6379
33 | - name: MONGO_HOST
34 | value: mongo:27017
35 | - name: NODE_NAME
36 | valueFrom:
37 | fieldRef:
38 | fieldPath: spec.nodeName
39 | - name: NODE_IP
40 | valueFrom:
41 | fieldRef:
42 | fieldPath: status.hostIP
43 | volumeMounts:
44 | - name: config
45 | mountPath: /var/lib/aion/config
46 |
47 | - name: envoy
48 | image: envoyproxy/envoy:v1.16-latest
49 | imagePullPolicy: IfNotPresent
50 | command:
51 | - "/usr/local/bin/envoy"
52 | args:
53 | - "-l"
54 | - "debug"
55 | - "--config-path"
56 | - "/etc/envoy/envoy.yaml"
57 | resources:
58 | limits:
59 | memory: 512Mi
60 | requests:
61 | memory: 64Mi
62 | ports:
63 | - containerPort: 6379
64 | name: envoy-redis
65 | - containerPort: 10001
66 | name: envoy-admin
67 | volumeMounts:
68 | - name: envoy
69 | mountPath: /etc/envoy
70 | volumes:
71 | - name: config
72 | hostPath:
73 | path: /var/lib/aion/default/config
74 | - name: envoy
75 | configMap:
76 | name: envoy-config-kanban-replicator
77 |
--------------------------------------------------------------------------------
/others/log-stack/fluentd.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | name: fluentd
6 | namespace: default
7 |
8 | ---
9 | apiVersion: rbac.authorization.k8s.io/v1beta1
10 | kind: ClusterRole
11 | metadata:
12 | name: fluentd
13 | namespace: default
14 | rules:
15 | - apiGroups:
16 | - ""
17 | resources:
18 | - pods
19 | - namespaces
20 | verbs:
21 | - get
22 | - list
23 | - watch
24 |
25 | ---
26 | kind: ClusterRoleBinding
27 | apiVersion: rbac.authorization.k8s.io/v1beta1
28 | metadata:
29 | name: fluentd
30 | roleRef:
31 | kind: ClusterRole
32 | name: fluentd
33 | apiGroup: rbac.authorization.k8s.io
34 | subjects:
35 | - kind: ServiceAccount
36 | name: fluentd
37 | namespace: default
38 | ---
39 | apiVersion: apps/v1
40 | kind: DaemonSet
41 | metadata:
42 | name: fluentd
43 | namespace: default
44 | labels:
45 | k8s-app: fluentd-logging
46 | version: v1
47 | spec:
48 | selector:
49 | matchLabels:
50 | k8s-app: fluentd-logging
51 | version: v1
52 | template:
53 | metadata:
54 | labels:
55 | k8s-app: fluentd-logging
56 | version: v1
57 | spec:
58 | serviceAccount: fluentd
59 | serviceAccountName: fluentd
60 | containers:
61 | - name: fluentd
62 | image: latonaio/fluentd-kubernetes-elasticsearch-arm64:latest
63 | imagePullPolicy: IfNotPresent
64 | env:
65 | - name: FLUENT_ELASTICSEARCH_HOST
66 | value: "elasticsearch"
67 | - name: FLUENT_ELASTICSEARCH_PORT
68 | value: "9200"
69 | - name: FLUENT_ELASTICSEARCH_SCHEME
70 | value: "http"
71 | - name: FLUENT_UID
72 | value: "0"
73 | resources:
74 | limits:
75 | memory: 300Mi
76 | cpu: 200m
77 | requests:
78 | cpu: 50m
79 | memory: 300Mi
80 | volumeMounts:
81 | - name: varlog
82 | mountPath: /var/log
83 | - name: varlibdockercontainers
84 | mountPath: /var/lib/docker/containers
85 | readOnly: true
86 | terminationGracePeriodSeconds: 30
87 | volumes:
88 | - name: varlog
89 | hostPath:
90 | path: /var/log
91 | - name: varlibdockercontainers
92 | hostPath:
93 | path: /var/lib/docker/containers
94 |
--------------------------------------------------------------------------------
/template/bases/status-kanban/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | run: aion-statuskanban
6 | name: aion-statuskanban
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | run: aion-statuskanban
12 | strategy:
13 | rollingUpdate:
14 | maxUnavailable: 1
15 | template:
16 | metadata:
17 | labels:
18 | run: aion-statuskanban
19 | spec:
20 | hostname: aion-statuskanban
21 | shareProcessNamespace: true
22 | imagePullSecrets:
23 | - name: dockerhub
24 | initContainers:
25 | - name: check-connectivity-redis
26 | image: redis:6.0-rc-alpine3.11
27 | imagePullPolicy: IfNotPresent
28 | args:
29 | - /bin/sh
30 | - -c
31 | - until redis-cli -h redis-cluster -p 6379 SET connectivity true; do echo "wait..."; sleep 5; done
32 | containers:
33 | - name: aion-statuskanban
34 | image: latonaio/aion-statuskanban:latest
35 | imagePullPolicy: IfNotPresent
36 | env:
37 | - name: REDIS_HOST
38 | value: redis-cluster:6379
39 | - name: NODE_NAME
40 | valueFrom:
41 | fieldRef:
42 | fieldPath: spec.nodeName
43 | - name: NODE_IP
44 | valueFrom:
45 | fieldRef:
46 | fieldPath: status.hostIP
47 | ports:
48 | - containerPort: 11010
49 | name: grpc
50 | - name: envoy
51 | image: envoyproxy/envoy:v1.16-latest
52 | imagePullPolicy: IfNotPresent
53 | command:
54 | - "/usr/local/bin/envoy"
55 | args:
56 | - "-l"
57 | - "debug"
58 | - "--config-path"
59 | - "/etc/envoy/envoy.yaml"
60 | resources:
61 | limits:
62 | memory: 512Mi
63 | requests:
64 | memory: 64Mi
65 | ports:
66 | - containerPort: 6379
67 | name: envoy-redis
68 | - containerPort: 10000
69 | name: envoy-grpc
70 | - containerPort: 10001
71 | name: envoy-admin
72 | volumeMounts:
73 | - name: envoy
74 | mountPath: /etc/envoy
75 | volumes:
76 | - name: envoy
77 | configMap:
78 | name: envoy-config-statuskanban
79 |
--------------------------------------------------------------------------------
/template/bases/service-broker/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | labels:
5 | run: aion-servicebroker
6 | name: aion-servicebroker
7 | spec:
8 | replicas: 1
9 | selector:
10 | matchLabels:
11 | run: aion-servicebroker
12 | strategy:
13 | type: Recreate
14 | template:
15 | metadata:
16 | labels:
17 | run: aion-servicebroker
18 | spec:
19 | hostname: aion-servicebroker
20 | shareProcessNamespace: true
21 | imagePullSecrets:
22 | - name: dockerhub
23 | serviceAccountName: controller-serviceaccount
24 | initContainers:
25 | - name: check-connectivity-redis
26 | image: redis:6.0-rc-alpine3.11
27 | imagePullPolicy: IfNotPresent
28 | args:
29 | - /bin/sh
30 | - -c
31 | - until redis-cli -h redis-cluster -p 6379 SET connectivity true; do echo "wait..."; sleep 5; done
32 | containers:
33 | - name: aion-servicebroker
34 | image: latonaio/aion-servicebroker:latest
35 | imagePullPolicy: IfNotPresent
36 | resources:
37 | limits:
38 | cpu: 20m
39 | memory: 128Mi
40 | requests:
41 | cpu: 5m
42 | memory: 50Mi
43 | env:
44 | - name: REDIS_HOST
45 | value: redis-cluster:6379
46 | - name: MODE
47 | value: default
48 | - name: NODE_NAME
49 | valueFrom:
50 | fieldRef:
51 | fieldPath: spec.nodeName
52 | - name: NODE_IP
53 | valueFrom:
54 | fieldRef:
55 | fieldPath: status.hostIP
56 |
57 | volumeMounts:
58 | - name: config
59 | mountPath: /var/lib/aion/config
60 | - name: envoy
61 | image: envoyproxy/envoy:v1.16-latest
62 | imagePullPolicy: IfNotPresent
63 | command:
64 | - "/usr/local/bin/envoy"
65 | args:
66 | - "--config-path /etc/envoy/envoy.yaml"
67 | resources:
68 | limits:
69 | cpu: 20m
70 | memory: 512Mi
71 | requests:
72 | cpu: 5m
73 | memory: 64Mi
74 | ports:
75 | - containerPort: 6379
76 | name: envoy-redis
77 | - containerPort: 10001
78 | name: envoy-admin
79 | - containerPort: 10000
80 | name: envoy-grpc
81 | volumeMounts:
82 | - name: envoy
83 | mountPath: /etc/envoy
84 | volumes:
85 | - name: envoy
86 | configMap:
87 | name: envoy-config-servicebroker
88 | - name: config
89 | hostPath:
90 | path: /var/lib/aion/default/config
91 |
--------------------------------------------------------------------------------
/template/overlays/master/service-broker/envoy-configmap.yml:
--------------------------------------------------------------------------------
1 | kind: ConfigMap
2 | apiVersion: v1
3 | metadata:
4 | name: envoy-config-servicebroker
5 | data:
6 | envoy.yaml: |
7 | static_resources:
8 | listeners:
9 | - name: grpc_listener
10 | address:
11 | socket_address:
12 | address: 0.0.0.0
13 | port_value: 11110
14 | filter_chains:
15 | - filters:
16 | - name: envoy.filters.network.http_connection_manager
17 | typed_config:
18 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
19 | codec_type: auto
20 | stat_prefix: ingress_http
21 | stream_idle_timeout: 0s
22 | route_config:
23 | name: local_route
24 | virtual_hosts:
25 | - name: service_broker_grpc
26 | domains:
27 | - "*"
28 | routes:
29 | - match:
30 | prefix: "/"
31 | grpc: {}
32 | route:
33 | cluster: service_broker_grpc
34 | http_filters:
35 | - name: envoy.filters.http.router
36 | typed_config: {}
37 | - name: redis_listener
38 | address:
39 | socket_address:
40 | address: 0.0.0.0
41 | port_value: 1999
42 | filter_chains:
43 | - filters:
44 | - name: envoy.filters.network.redis_proxy
45 | typed_config:
46 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
47 | stat_prefix: egress_redis
48 | settings:
49 | op_timeout: 5s
50 | prefix_routes:
51 | catch_all_route:
52 | cluster: redis_cluster
53 | clusters:
54 | - name: service_broker_grpc
55 | connect_timeout: 0.250s
56 | type: strict_dns
57 | lb_policy: round_robin
58 | http2_protocol_options: {}
59 | load_assignment:
60 | cluster_name: service_broker_grpc
61 | endpoints:
62 | - lb_endpoints:
63 | - endpoint:
64 | address:
65 | socket_address:
66 | address: 127.0.0.1
67 | port_value: 11111
68 | - name: redis_cluster
69 | connect_timeout: 1s
70 | type: strict_dns # static
71 | lb_policy: MAGLEV
72 | load_assignment:
73 | cluster_name: redis_cluster
74 | endpoints:
75 | - lb_endpoints:
76 | - endpoint:
77 | address:
78 | socket_address:
79 | address: redis
80 | port_value: 6379
81 | admin:
82 | access_log_path: /tmp/admin_access.log
83 | address:
84 | socket_address:
85 | address: 0.0.0.0
86 | port_value: 10001
--------------------------------------------------------------------------------
/template/bases/service-broker/envoy-configmap.yml:
--------------------------------------------------------------------------------
1 | kind: ConfigMap
2 | apiVersion: v1
3 | metadata:
4 | name: envoy-config-servicebroker
5 | data:
6 | envoy.yaml: |
7 | static_resources:
8 | listeners:
9 | - name: grpc_listener
10 | address:
11 | socket_address:
12 | address: 0.0.0.0
13 | port_value: 10000
14 | filter_chains:
15 | - filters:
16 | - name: envoy.filters.network.http_connection_manager
17 | typed_config:
18 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
19 | codec_type: auto
20 | stat_prefix: ingress_http
21 | stream_idle_timeout: 0s
22 | route_config:
23 | name: local_route
24 | virtual_hosts:
25 | - name: status_kanban_grpc
26 | domains:
27 | - "*"
28 | routes:
29 | - match:
30 | prefix: "/"
31 | grpc: {}
32 | route:
33 | cluster: service_broker_grpc
34 | timeout: 0s
35 | idle_timeout: 0s
36 | http_filters:
37 | - name: envoy.filters.http.router
38 | typed_config: {}
39 | - name: redis_listener
40 | address:
41 | socket_address:
42 | address: 0.0.0.0
43 | port_value: 1999
44 | filter_chains:
45 | - filters:
46 | - name: envoy.filters.network.redis_proxy
47 | typed_config:
48 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
49 | stat_prefix: egress_redis
50 | settings:
51 | op_timeout: 5s
52 | prefix_routes:
53 | catch_all_route:
54 | cluster: redis_cluster
55 | clusters:
56 | - name: redis_cluster
57 | connect_timeout: 1s
58 | type: strict_dns # static
59 | lb_policy: MAGLEV
60 | load_assignment:
61 | cluster_name: redis_cluster
62 | endpoints:
63 | - lb_endpoints:
64 | - endpoint:
65 | address:
66 | socket_address:
67 | address: redis
68 | port_value: 6379
69 | - name: service_broker_grpc
70 | connect_timeout: 0.250s
71 | type: strict_dns
72 | lb_policy: round_robin
73 | http2_protocol_options: {}
74 | load_assignment:
75 | cluster_name: status_kanban_grpc
76 | endpoints:
77 | - lb_endpoints:
78 | - endpoint:
79 | address:
80 | socket_address:
81 | address: 127.0.0.1
82 | port_value: 11111
83 | admin:
84 | access_log_path: /tmp/admin_access.log
85 | address:
86 | socket_address:
87 | address: 0.0.0.0
88 | port_value: 10001
89 |
--------------------------------------------------------------------------------
/template/bases/status-kanban/envoy-configmap.yml:
--------------------------------------------------------------------------------
1 | kind: ConfigMap
2 | apiVersion: v1
3 | metadata:
4 | name: envoy-config-statuskanban
5 | data:
6 | envoy.yaml: |
7 | static_resources:
8 | listeners:
9 | - name: grpc_listener
10 | address:
11 | socket_address:
12 | address: 0.0.0.0
13 | port_value: 10000
14 | filter_chains:
15 | - filters:
16 | - name: envoy.filters.network.http_connection_manager
17 | typed_config:
18 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
19 | codec_type: auto
20 | stat_prefix: ingress_http
21 | stream_idle_timeout: 0s
22 | route_config:
23 | name: local_route
24 | virtual_hosts:
25 | - name: status_kanban_grpc
26 | domains:
27 | - "*"
28 | routes:
29 | - match:
30 | prefix: "/"
31 | grpc: {}
32 | route:
33 | cluster: status_kanban_grpc
34 | timeout: 0s
35 | idle_timeout: 0s
36 | http_filters:
37 | - name: envoy.filters.http.router
38 | typed_config: {}
39 | - name: redis_listener
40 | address:
41 | socket_address:
42 | address: 0.0.0.0
43 | port_value: 1999
44 | filter_chains:
45 | - filters:
46 | - name: envoy.filters.network.redis_proxy
47 | typed_config:
48 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
49 | stat_prefix: egress_redis
50 | settings:
51 | op_timeout: 5s
52 | prefix_routes:
53 | catch_all_route:
54 | cluster: redis_cluster
55 | clusters:
56 | - name: redis_cluster
57 | connect_timeout: 1s
58 | type: strict_dns # static
59 | lb_policy: MAGLEV
60 | load_assignment:
61 | cluster_name: redis_cluster
62 | endpoints:
63 | - lb_endpoints:
64 | - endpoint:
65 | address:
66 | socket_address:
67 | address: redis
68 | port_value: 6379
69 | - name: status_kanban_grpc
70 | connect_timeout: 0.250s
71 | type: strict_dns
72 | lb_policy: round_robin
73 | http2_protocol_options: {}
74 | load_assignment:
75 | cluster_name: status_kanban_grpc
76 | endpoints:
77 | - lb_endpoints:
78 | - endpoint:
79 | address:
80 | socket_address:
81 | address: 127.0.0.1
82 | port_value: 11010
83 | admin:
84 | access_log_path: /tmp/admin_access.log
85 | address:
86 | socket_address:
87 | address: 0.0.0.0
88 | port_value: 10001
89 |
90 |
--------------------------------------------------------------------------------
/others/prometheus/prometheus-configmap.yml:
--------------------------------------------------------------------------------
1 | kind: ConfigMap
2 | apiVersion: v1
3 | metadata:
4 | name: prometheus-config
5 | data:
6 | prometheus.yml: |
7 | global:
8 | scrape_interval: 15s
9 | evaluation_interval: 15s
10 | scrape_configs:
11 | - job_name: 'kubernetes-service-endpoints'
12 | metrics_path: /stats/prometheus
13 | kubernetes_sd_configs:
14 | - role: endpoints
15 | relabel_configs:
16 | - source_labels:
17 | - __meta_kubernetes_namespace
18 | - __meta_kubernetes_service_name
19 | regex: default;kubernetes
20 | action: drop
21 | - source_labels:
22 | - __meta_kubernetes_namespace
23 | - __meta_kubernetes_pod_container_port_number
24 | regex: default;10001
25 | action: keep
26 | - source_labels:
27 | - __meta_kubernetes_service_name
28 | target_label: job
29 | - source_labels:
30 | - __meta_kubernetes_pod_name
31 | target_label: pod
32 |
33 | - job_name: 'kubernetes-nodes'
34 | scheme: https
35 | tls_config:
36 | ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
37 | bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
38 | kubernetes_sd_configs:
39 | - role: node
40 | relabel_configs:
41 | - action: labelmap
42 | regex: __meta_kubernetes_node_label_(.+)
43 | - target_label: __address__
44 | replacement: kubernetes.default.svc:443
45 | - source_labels: [__meta_kubernetes_node_name]
46 | regex: (.+)
47 | target_label: __metrics_path__
48 | replacement: /api/v1/nodes/${1}/proxy/metrics
49 |
50 | - job_name: 'kubernetes-cadvisor'
51 | scheme: https
52 | tls_config:
53 | ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
54 | bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
55 | kubernetes_sd_configs:
56 | - role: node
57 | relabel_configs:
58 | - action: labelmap
59 | regex: __meta_kubernetes_node_label_(.+)
60 | - target_label: __address__
61 | replacement: kubernetes.default.svc:443
62 | - source_labels: [__meta_kubernetes_node_name]
63 | regex: (.+)
64 | target_label: __metrics_path__
65 | replacement: /api/v1/nodes/${1}/proxy/metrics/cadvisor
66 |
67 | - job_name: 'kubernetes-pods'
68 | kubernetes_sd_configs:
69 | - role: pod
70 | relabel_configs:
71 | - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
72 | action: keep
73 | regex: true
74 | - source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
75 | action: replace
76 | target_label: __metrics_path__
77 | regex: (.+)
78 | - source_labels: [__address__, __meta_kubernetes_pod_annotation_prometheus_io_port]
79 | action: replace
80 | regex: (.+):(?:\d+);(\d+)
81 | replacement: ${1}:${2}
82 | target_label: __address__
83 | - action: labelmap
84 | regex: __meta_kubernetes_pod_label_(.+)
85 | - source_labels: [__meta_kubernetes_namespace]
86 | action: replace
87 | target_label: kubernetes_namespace
88 | - source_labels: [__meta_kubernetes_pod_name]
89 | action: replace
90 | target_label: kubernetes_pod_name
91 |
92 |
--------------------------------------------------------------------------------
/template/bases/fluentd/deployment.yml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: DaemonSet
3 | metadata:
4 | name: fluentd
5 | namespace: default
6 | labels:
7 | k8s-app: fluentd
8 | spec:
9 | selector:
10 | matchLabels:
11 | name: fluentd
12 | template:
13 | metadata:
14 | labels:
15 | name: fluentd
16 | spec:
17 | serviceAccount: aion-default
18 | serviceAccountName: aion-default
19 | tolerations:
20 | - key: node-role.kubernetes.io/master
21 | effect: NoSchedule
22 | containers:
23 | - env:
24 | - name: K8S_NODE_NAME
25 | value: "your_node_name"
26 | - name: POS_FILE
27 | value: /var/log/fluentd/fluentd-docker.pos
28 | - name: CA_FILE
29 | value: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
30 | - name: BEARER_TOKEN_FILE
31 | value: /var/run/secrets/kubernetes.io/serviceaccount/token
32 | name: fluentd-for-containers-mongodb-kube
33 | image: latona/fluentd-for-containers-mongodb-kube
34 | imagePullPolicy: IfNotPresent
35 | resources:
36 | limits:
37 | memory: 200Mi
38 | requests:
39 | cpu: 100m
40 | memory: 200Mi
41 | volumeMounts:
42 | - name: varlog
43 | mountPath: /var/log
44 | - name: varlibdockercontainers
45 | mountPath: /var/lib/docker/containers
46 | readOnly: true
47 | - name: config-volume
48 | mountPath: /config
49 | terminationGracePeriodSeconds: 30
50 | volumes:
51 | - name: varlog
52 | hostPath:
53 | path: /var/log
54 | - name: varlibdockercontainers
55 | hostPath:
56 | path: /var/lib/docker/containers
57 | - name: config-volume
58 | configMap:
59 | name: fluentd-conf
60 | ---
61 | kind: ConfigMap
62 | apiVersion: v1
63 | metadata:
64 | name: fluentd-conf
65 | namespace: default
66 | labels:
67 | addonmanager.kubernetes.io/mode: Reconcile
68 | data:
69 | fluent.conf: |-
70 |
71 | log_level info
72 |
73 |
74 |
75 | @type tail
76 | path /var/log/containers/*.log
77 | pos_file "#{ENV['POS_FILE']}"
78 | tag kubernetes.*
79 | time_format %Y-%m-%dT%H:%M:%S
80 | format json
81 | read_from_head true
82 |
83 |
84 |
85 | @type kubernetes_metadata
86 | ca_file "#{ENV['CA_FILE']}"
87 | bearer_token_file "#{ENV['BEARER_TOKEN_FILE']}"
88 | skip_labels true
89 | skip_container_metadata true
90 | skip_master_url true
91 | skip_namespace_metadata true
92 |
93 |
94 |
95 | @type rewrite_tag_filter
96 |
97 | key $.kubernetes.container_name
98 | pattern /hogehoge/
99 | tag mongo.hogehoge
100 |
101 |
102 |
103 |
104 | @type mongo
105 | host mongo
106 | port 27017
107 | database k8s
108 | collection '${tag}'
109 | remove_tag_prefix mongo.
110 |
111 | flush_mode interval
112 | retry_type exponential_backoff
113 | flush_thread_count 2
114 | flush_interval 5s
115 | retry_forever
116 | retry_max_interval 30
117 | chunk_limit_size 2M
118 | queue_limit_length 8
119 | overflow_action block
120 |
121 |
--------------------------------------------------------------------------------
/others/metrics-server/component.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: system:aggregated-metrics-reader
6 | labels:
7 | rbac.authorization.k8s.io/aggregate-to-view: "true"
8 | rbac.authorization.k8s.io/aggregate-to-edit: "true"
9 | rbac.authorization.k8s.io/aggregate-to-admin: "true"
10 | rules:
11 | - apiGroups: ["metrics.k8s.io"]
12 | resources: ["pods", "nodes"]
13 | verbs: ["get", "list", "watch"]
14 | ---
15 | apiVersion: rbac.authorization.k8s.io/v1
16 | kind: ClusterRoleBinding
17 | metadata:
18 | name: metrics-server:system:auth-delegator
19 | roleRef:
20 | apiGroup: rbac.authorization.k8s.io
21 | kind: ClusterRole
22 | name: system:auth-delegator
23 | subjects:
24 | - kind: ServiceAccount
25 | name: metrics-server
26 | namespace: kube-system
27 | ---
28 | apiVersion: rbac.authorization.k8s.io/v1
29 | kind: RoleBinding
30 | metadata:
31 | name: metrics-server-auth-reader
32 | namespace: kube-system
33 | roleRef:
34 | apiGroup: rbac.authorization.k8s.io
35 | kind: Role
36 | name: extension-apiserver-authentication-reader
37 | subjects:
38 | - kind: ServiceAccount
39 | name: metrics-server
40 | namespace: kube-system
41 | ---
42 | apiVersion: apiregistration.k8s.io/v1beta1
43 | kind: APIService
44 | metadata:
45 | name: v1beta1.metrics.k8s.io
46 | spec:
47 | service:
48 | name: metrics-server
49 | namespace: kube-system
50 | group: metrics.k8s.io
51 | version: v1beta1
52 | insecureSkipTLSVerify: true
53 | groupPriorityMinimum: 100
54 | versionPriority: 100
55 | ---
56 | apiVersion: v1
57 | kind: ServiceAccount
58 | metadata:
59 | name: metrics-server
60 | namespace: kube-system
61 | ---
62 | apiVersion: apps/v1
63 | kind: Deployment
64 | metadata:
65 | name: metrics-server
66 | namespace: kube-system
67 | labels:
68 | k8s-app: metrics-server
69 | spec:
70 | selector:
71 | matchLabels:
72 | k8s-app: metrics-server
73 | template:
74 | metadata:
75 | name: metrics-server
76 | labels:
77 | k8s-app: metrics-server
78 | spec:
79 | serviceAccountName: metrics-server
80 | volumes:
81 | # mount in tmp so we can safely use from-scratch images and/or read-only containers
82 | - name: tmp-dir
83 | emptyDir: {}
84 | containers:
85 | - name: metrics-server
86 | image: k8s.gcr.io/metrics-server/metrics-server-arm64:v0.3.7
87 | imagePullPolicy: IfNotPresent
88 | command:
89 | - /metrics-server
90 | - --metric-resolution=30s
91 | - --requestheader-allowed-names=aggregator
92 | - --kubelet-insecure-tls
93 | - --kubelet-preferred-address-types=InternalIP,InternalDNS,ExternalDNS,ExternalIP,Hostname
94 | args:
95 | - --cert-dir=/tmp
96 | - --secure-port=4443
97 | ports:
98 | - name: main-port
99 | containerPort: 4443
100 | protocol: TCP
101 | securityContext:
102 | readOnlyRootFilesystem: true
103 | runAsNonRoot: true
104 | runAsUser: 1000
105 | volumeMounts:
106 | - name: tmp-dir
107 | mountPath: /tmp
108 | nodeSelector:
109 | kubernetes.io/os: linux
110 | kubernetes.io/arch: "arm64"
111 | ---
112 | apiVersion: v1
113 | kind: Service
114 | metadata:
115 | name: metrics-server
116 | namespace: kube-system
117 | labels:
118 | kubernetes.io/name: "Metrics-server"
119 | kubernetes.io/cluster-service: "true"
120 | spec:
121 | selector:
122 | k8s-app: metrics-server
123 | ports:
124 | - port: 443
125 | protocol: TCP
126 | targetPort: main-port
127 | ---
128 | apiVersion: rbac.authorization.k8s.io/v1
129 | kind: ClusterRole
130 | metadata:
131 | name: system:metrics-server
132 | rules:
133 | - apiGroups:
134 | - ""
135 | resources:
136 | - pods
137 | - nodes
138 | - nodes/stats
139 | - namespaces
140 | - configmaps
141 | verbs:
142 | - get
143 | - list
144 | - watch
145 | ---
146 | apiVersion: rbac.authorization.k8s.io/v1
147 | kind: ClusterRoleBinding
148 | metadata:
149 | name: system:metrics-server
150 | roleRef:
151 | apiGroup: rbac.authorization.k8s.io
152 | kind: ClusterRole
153 | name: system:metrics-server
154 | subjects:
155 | - kind: ServiceAccount
156 | name: metrics-server
157 | namespace: kube-system
--------------------------------------------------------------------------------
/readme.md:
--------------------------------------------------------------------------------
1 | ## **aion-core-manifests**
2 | aion-core-manifests は aion-core および 関連リソース のデプロイ・稼働を行うために必要不可欠なマニフェストファイル群です。
3 |
4 | aion-core および 関連リソース については[こちら](https://github.com/latonaio/aion-core)をご覧ください。
5 | ## 概要
6 | [aion-coreのセットアップ](https://github.com/latonaio/aion-core)で作成したDocker Imagesからこれらのマニフェストファイルを元にaion-core および関連リソースを構成します。
7 |
8 | ### AION の Kubernetes Yaml ファイルの構造(エッジデバイス内)
9 | AIONプラットフォームのあるエッジデバイス内において、Kubernetes Yaml ファイルは、次の領域に分かれています。
10 |
11 | * AION-Core のYamlファイル
12 |
13 | * 主要なオープンソースリソース のYamlファイル
14 |
15 | * 個別マイクロサービス のYamlファイル
16 |
17 | * Kubernetes 生成 Yamlファイル
18 |
19 |
20 | 
21 |
22 | ### AION の Kubernetes Yaml ファイルの所在
23 | それぞれの Yamlファイルは、以下のレポジトリにあります。
24 |
25 | * AION-Core のYamlファイル >>> [aion-core-manifests](https://github.com/latonaio/aion-core-manifests)
26 |
27 | * 主要なオープンソースリソース のYamlファイル >>> [aion-core-manifests](https://github.com/latonaio/aion-core-manifests)
28 |
29 | * 個別マイクロサービス のYamlファイル >>> [aion-service-definitions](https://github.com/latonaio/aion-service-definitions)
30 |
31 | * Kubernetes 生成 Yamlファイル >>> [aion-core-manifests](https://github.com/latonaio/aion-core-manifests)
32 |
33 |
34 | ### template/bases、template/overlays
35 | template/bases は、(エッジ)Kubernetes環境を前提とした aion-core および 関連リソース の Kubernetes 定義ファイル群です。
36 | AION および 関連リソース をデプロイ・稼働するために必要なリソースが定義されます。
37 | 定義されているリソースは、下記の通りです。
38 |
39 | * authorization
40 | * rabbitmq
41 | * service-broker
42 | * statuskanban
43 | * kanban-replicator
44 | * sendanything
45 | * fluentd
46 | * redis-cluster
47 | * mongo
48 | * mongo-express
49 |
50 | また、template overlays 下に、overlaysとして(エッジコンピューティング環境のために必要な)yamlファイルが配置されています。(ほとんどが最低限必要な初期値で構成されています。その理由は、エッジコンピューティング環境のデバイス内では通常、複雑な設定は必要ないからです)
51 |
52 | ### template/overlays/init_default/init_default.yml
53 |
54 | template/overlays/init_default には、AIONアーキテクチャ構成リソースの初期立ち上げとして必要なリソース(RabbitMQ) の 特別な init_default.yamlファイル が含まれています。
55 | AION において RabbitMQ を初期立ち上げすることが必要な理由は、aion-core および関連リソースの RabbitMQ への 依存度 が重要であるためです。
56 | なお、AION では、まず、init_default.yml の定義により、Rabbit-MQ が立ち上がります。その後、default.ymlの定義により、Rabbit MQ 以外の 各リソース が立ち上がります。
57 |
58 | init_default.yml の生成ソース行は、 Makefile 内の 下記の箇所です。
59 | ```
60 | kubectl kustomize template/overlays/init_default > generated/init_default.yml
61 | ```
62 |
63 | 参考として、default.yml の生成ソース行は、Makefile 内の 下記の箇所です。
64 | ```
65 | kubectl kustomize template/overlays/default > generated/default.yml
66 | ```
67 |
68 | ### generated/yaml ファイルの生成
69 |
70 | 以下のコマンドで、generated/yamlファイル(init_default.yml、default.yml、等)が生成されます。
71 | ```
72 | make build
73 | ```
74 |
75 | 上記の通り、AION では、まず、init_default.yml の定義により、Rabbit-MQ が立ち上がります。その後、default.ymlの定義により、Rabbit MQ 以外の 各リソース が立ち上がります。
76 |
77 | ### default.yml(生成後のサンプルファイル)
78 | aion-core-manifests の generated 下の default.yml に、サンプルとして、yamlファイルが配置されています。
79 |
80 | 生成後の サンプル default.yml 内のリソースは、下記の通りです。(template の定義ファイルに基づいて生成されます)
81 |
82 | * ServiceAccount
83 | * ClusterRoleBinding
84 | * PersistentVolume
85 | * PersistentVolumeClaim
86 | * aion-servicebroker
87 | * aion-statuskanban
88 | * aion-kanban-replicator
89 | * aion-sendanything
90 | * Fluentd
91 | * Rediscluster
92 | * Envoy/Configmap
93 | * MongoDB
94 | * 各Deployment
95 |
96 | (※RabbitMQ のリソース は init_default.yml 内にあります)
97 |
98 | ## 前提条件・動作環境
99 | aion-core-manifests の使用には aion-core のクローンが必要です。また Kubernetes が動作する必要があります。
100 |
101 | * [aion-core](https://github.com/latonaio/aion-core)
102 | * OS: Linux
103 | * CPU: ARM/AMD/Intel
104 | * Kubernetes
105 |
106 | ### ノード一覧を取得
107 | ```shell
108 | kubectl get node -o wide
109 | ```
110 |
111 | ## エッジ端末単体構成でのマニフェスト作成、AIONの起動/停止方法
112 | ### マニフェスト作成(generatedが生成されます)
113 | ```shell
114 | make build
115 | ```
116 |
117 | ### AIONの起動
118 | ```shell
119 | sh aion-start.sh
120 | ```
121 |
122 | ### AIONの停止
123 | ```shell
124 | sh aion-stop.sh
125 | ```
126 |
127 | ## エッジクラスター構成でのマニフェスト作成、AIONのデプロイ/削除方法
128 | ### マニフェスト作成(generatedが生成されます)
129 |
130 | `hostname` には配備するnodeのホスト名を使用してください
131 | ```shell
132 | # master
133 | make build-master HOST=$(hostname)
134 |
135 | # worker
136 | make build-worker HOST=$(hostname)
137 | ```
138 |
139 | ### AIONのデプロイ
140 | ```shell
141 | # master
142 | make apply-master
143 |
144 | # worker
145 | make apply-worker HOST=$(hostname)
146 | ```
147 |
148 | ### AIONの削除
149 | ```shell
150 | # master
151 | make delete-master
152 |
153 | # worker
154 | make delete-worker HOST=$(hostname)
155 | ```
156 |
157 | ## Port 番号 の 適用方針
158 | AIONプラットフォーム における Port 番号 の適用方針は、以下の通りです。
159 | AIONプラットフォームでは、Kubernetes の yml ファイルにおいてポート番号が定義されます。
160 | AION では、以下の通りに、マイクロサービス毎に Port番号 が定義されています。
161 |
162 | | type | Port固定の主要リソース | aion-core / 個別のマイクロサービス(MS) |
163 | | :-------- | :----------------------------- | :---------------------------------------- |
164 | | Envoy | Redis -> 6379 | aion-core -> 10000(grpc) / 10001(admin) |
165 | | | | 個別MS -> 必要な場合、適宜Port番号を設定 |
166 | | NodePort | RabbitMQ -> 5672 | aion-core -> NodePort 利用なし |
167 | | | RabbitMQ(外部)->32094/32095 | 個別MS ->:50500~50999をMS毎に分けて設定 |
168 | | | Cassandra -> 9042 | 個別MS(外部) ->:30500~30999を設定 |
169 | | | Cassandra(外部) -> 32100/32101 | |
170 | | | MySQL -> 3306 | |
171 | | | MySQL(外部) -> 30000 | |
172 | | ClusterIP | Redis(envoyless) -> 6379 | aion-core -> ClusterIP 利用なし |
173 | | | MongoDB -> 27017 | 個別MS ->:50500~50999をMS毎に分けて設定 |
174 | | Localhost | ReactJS/Public -> 3000 | - |
175 | | | ReactJS/API -> 30080 | - |
176 | | | ReactJS/Websocket -> 30099 | - |
177 | | | ReactJS/ImagePath -> 30080 | - |
178 | | | ReactJS/Grpc -> 30050 | - |
179 |
--------------------------------------------------------------------------------
/generated/prj.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Namespace
3 | metadata:
4 | name: prj
5 | ---
6 | apiVersion: v1
7 | kind: ServiceAccount
8 | metadata:
9 | name: aion-prj
10 | namespace: prj
11 | ---
12 | apiVersion: rbac.authorization.k8s.io/v1
13 | kind: ClusterRoleBinding
14 | metadata:
15 | name: aion-prj
16 | roleRef:
17 | apiGroup: rbac.authorization.k8s.io
18 | kind: ClusterRole
19 | name: cluster-admin
20 | subjects:
21 | - kind: ServiceAccount
22 | name: aion-prj
23 | namespace: prj
24 | ---
25 | apiVersion: v1
26 | data:
27 | envoy.yaml: |-
28 | static_resources:
29 | listeners:
30 | - name: redis_listener
31 | address:
32 | socket_address:
33 | address: 0.0.0.0
34 | port_value: 1999
35 | filter_chains:
36 | - filters:
37 | - name: envoy.filters.network.redis_proxy
38 | typed_config:
39 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
40 | stat_prefix: egress_redis
41 | settings:
42 | op_timeout: 5s
43 | prefix_routes:
44 | catch_all_route:
45 | cluster: redis_cluster
46 | clusters:
47 | - name: redis_cluster
48 | connect_timeout: 1s
49 | type: strict_dns # static
50 | lb_policy: MAGLEV
51 | load_assignment:
52 | cluster_name: redis_cluster
53 | endpoints:
54 | - lb_endpoints:
55 | - endpoint:
56 | address:
57 | socket_address:
58 | address: redis
59 | port_value: 6379
60 | kind: ConfigMap
61 | metadata:
62 | name: envoy-config-kanban-replicator
63 | namespace: prj
64 | ---
65 | apiVersion: v1
66 | data:
67 | envoy.yaml: |
68 | static_resources:
69 | listeners:
70 | - name: grpc_listener
71 | address:
72 | socket_address:
73 | address: 0.0.0.0
74 | port_value: 10000
75 | filter_chains:
76 | - filters:
77 | - name: envoy.filters.network.http_connection_manager
78 | typed_config:
79 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
80 | codec_type: auto
81 | stat_prefix: ingress_http
82 | stream_idle_timeout: 0s
83 | route_config:
84 | name: local_route
85 | virtual_hosts:
86 | - name: send_anything_grpc
87 | domains:
88 | - "*"
89 | routes:
90 | - match:
91 | prefix: "/"
92 | grpc: {}
93 | route:
94 | cluster: send_anything_grpc
95 | timeout: 0s
96 | idle_timeout: 0s
97 | http_filters:
98 | - name: envoy.filters.http.router
99 | typed_config: {}
100 | clusters:
101 | - name: send_anything_grpc
102 | connect_timeout: 0.250s
103 | type: strict_dns
104 | lb_policy: round_robin
105 | http2_protocol_options: {}
106 | load_assignment:
107 | cluster_name: send_anything_grpc
108 | endpoints:
109 | - lb_endpoints:
110 | - endpoint:
111 | address:
112 | socket_address:
113 | address: 127.0.0.1
114 | port_value: 11011
115 | admin:
116 | access_log_path: /tmp/admin_access.log
117 | address:
118 | socket_address:
119 | address: 0.0.0.0
120 | port_value: 10001
121 | kind: ConfigMap
122 | metadata:
123 | name: envoy-config-sendanything
124 | namespace: prj
125 | ---
126 | apiVersion: v1
127 | data:
128 | envoy.yaml: "static_resources:\n listeners:\n - name: grpc_listener\n address:\n
129 | \ socket_address:\n address: 0.0.0.0\n port_value: 10000\n filter_chains:\n
130 | \ - filters:\n - name: envoy.filters.network.http_connection_manager\n
131 | \ typed_config:\n \"@type\": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager\n
132 | \ codec_type: auto\n stat_prefix: ingress_http\n stream_idle_timeout:
133 | 0s\n route_config:\n name: local_route\n virtual_hosts:\n
134 | \ - name: status_kanban_grpc\n domains:\n -
135 | \"*\"\n routes:\n - match:\n prefix:
136 | \"/\"\n grpc: {}\n route:\n cluster:
137 | service_broker_grpc \n timeout: 0s\n idle_timeout:
138 | 0s\n http_filters:\n - name: envoy.filters.http.router\n typed_config:
139 | {}\n - name: redis_listener\n address:\n socket_address:\n address:
140 | 0.0.0.0\n port_value: 1999\n filter_chains:\n - filters:\n -
141 | name: envoy.filters.network.redis_proxy\n typed_config:\n \"@type\":
142 | type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy\n stat_prefix:
143 | egress_redis\n settings:\n op_timeout: 5s\n prefix_routes:\n
144 | \ catch_all_route:\n cluster: redis_cluster\n clusters:\n
145 | \ - name: redis_cluster\n connect_timeout: 1s\n type: strict_dns # static\n
146 | \ lb_policy: MAGLEV\n load_assignment:\n cluster_name: redis_cluster\n
147 | \ endpoints:\n - lb_endpoints:\n - endpoint:\n address:\n
148 | \ socket_address:\n address: redis\n port_value:
149 | 6379\n - name: service_broker_grpc\n connect_timeout: 0.250s\n type: strict_dns\n
150 | \ lb_policy: round_robin\n http2_protocol_options: {}\n load_assignment:\n
151 | \ cluster_name: status_kanban_grpc\n endpoints:\n - lb_endpoints:\n
152 | \ - endpoint:\n address:\n socket_address:\n address:
153 | 127.0.0.1\n port_value: 11111\nadmin:\n access_log_path: /tmp/admin_access.log\n
154 | \ address:\n socket_address:\n address: 0.0.0.0\n port_value: 10001\n"
155 | kind: ConfigMap
156 | metadata:
157 | name: envoy-config-servicebroker
158 | namespace: prj
159 | ---
160 | apiVersion: v1
161 | data:
162 | envoy.yaml: |
163 | static_resources:
164 | listeners:
165 | - name: grpc_listener
166 | address:
167 | socket_address:
168 | address: 0.0.0.0
169 | port_value: 10000
170 | filter_chains:
171 | - filters:
172 | - name: envoy.filters.network.http_connection_manager
173 | typed_config:
174 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
175 | codec_type: auto
176 | stat_prefix: ingress_http
177 | stream_idle_timeout: 0s
178 | route_config:
179 | name: local_route
180 | virtual_hosts:
181 | - name: status_kanban_grpc
182 | domains:
183 | - "*"
184 | routes:
185 | - match:
186 | prefix: "/"
187 | grpc: {}
188 | route:
189 | cluster: status_kanban_grpc
190 | timeout: 0s
191 | idle_timeout: 0s
192 | http_filters:
193 | - name: envoy.filters.http.router
194 | typed_config: {}
195 | - name: redis_listener
196 | address:
197 | socket_address:
198 | address: 0.0.0.0
199 | port_value: 1999
200 | filter_chains:
201 | - filters:
202 | - name: envoy.filters.network.redis_proxy
203 | typed_config:
204 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
205 | stat_prefix: egress_redis
206 | settings:
207 | op_timeout: 5s
208 | prefix_routes:
209 | catch_all_route:
210 | cluster: redis_cluster
211 | clusters:
212 | - name: redis_cluster
213 | connect_timeout: 1s
214 | type: strict_dns # static
215 | lb_policy: MAGLEV
216 | load_assignment:
217 | cluster_name: redis_cluster
218 | endpoints:
219 | - lb_endpoints:
220 | - endpoint:
221 | address:
222 | socket_address:
223 | address: redis
224 | port_value: 6379
225 | - name: status_kanban_grpc
226 | connect_timeout: 0.250s
227 | type: strict_dns
228 | lb_policy: round_robin
229 | http2_protocol_options: {}
230 | load_assignment:
231 | cluster_name: status_kanban_grpc
232 | endpoints:
233 | - lb_endpoints:
234 | - endpoint:
235 | address:
236 | socket_address:
237 | address: 127.0.0.1
238 | port_value: 11010
239 | admin:
240 | access_log_path: /tmp/admin_access.log
241 | address:
242 | socket_address:
243 | address: 0.0.0.0
244 | port_value: 10001
245 | kind: ConfigMap
246 | metadata:
247 | name: envoy-config-statuskanban
248 | namespace: prj
249 | ---
250 | apiVersion: v1
251 | kind: Service
252 | metadata:
253 | labels:
254 | run: aion-sendanything
255 | name: aion-sendanything
256 | namespace: prj
257 | spec:
258 | ports:
259 | - name: envoy-grpc
260 | nodePort: 31100
261 | port: 10000
262 | protocol: TCP
263 | targetPort: 10000
264 | - name: envoy-admin
265 | port: 10001
266 | protocol: TCP
267 | targetPort: 10001
268 | selector:
269 | run: aion-sendanything
270 | type: NodePort
271 | ---
272 | apiVersion: v1
273 | kind: Service
274 | metadata:
275 | labels:
276 | run: aion-servicebroker
277 | name: aion-servicebroker
278 | namespace: prj
279 | spec:
280 | ports:
281 | - name: envoy-admin
282 | port: 10001
283 | protocol: TCP
284 | targetPort: 10001
285 | - name: envoy-grpc
286 | port: 10000
287 | protocol: TCP
288 | targetPort: 10000
289 | selector:
290 | run: aion-servicebroker
291 | type: ClusterIP
292 | ---
293 | apiVersion: v1
294 | kind: Service
295 | metadata:
296 | labels:
297 | run: aion-statuskanban
298 | name: aion-statuskanban
299 | namespace: prj
300 | spec:
301 | ports:
302 | - name: grpc
303 | port: 11010
304 | protocol: TCP
305 | targetPort: 11010
306 | - name: envoy-grpc
307 | port: 10000
308 | protocol: TCP
309 | targetPort: 10000
310 | - name: envoy-admin
311 | port: 10001
312 | protocol: TCP
313 | targetPort: 10001
314 | selector:
315 | run: aion-statuskanban
316 | type: ClusterIP
317 | ---
318 | apiVersion: v1
319 | kind: Service
320 | metadata:
321 | name: mongo
322 | namespace: prj
323 | spec:
324 | ports:
325 | - port: 27017
326 | targetPort: 27017
327 | selector:
328 | app: mongo
329 | type: ClusterIP
330 | ---
331 | apiVersion: v1
332 | kind: Service
333 | metadata:
334 | name: redis-cluster
335 | namespace: prj
336 | spec:
337 | ports:
338 | - port: 6379
339 | targetPort: 6379
340 | selector:
341 | app: redis-cluster
342 | type: ClusterIP
343 | ---
344 | apiVersion: v1
345 | kind: PersistentVolume
346 | metadata:
347 | labels:
348 | type: local
349 | name: mongo-pv-volume-prj
350 | spec:
351 | accessModes:
352 | - ReadWriteOnce
353 | capacity:
354 | storage: 5Gi
355 | hostPath:
356 | path: /var/lib/aion/prj/mnt/mongo_data
357 | storageClassName: mongo
358 | ---
359 | apiVersion: v1
360 | kind: PersistentVolumeClaim
361 | metadata:
362 | name: mongo-pv-claim
363 | namespace: prj
364 | spec:
365 | accessModes:
366 | - ReadWriteOnce
367 | resources:
368 | requests:
369 | storage: 5Gi
370 | storageClassName: mongo
371 | volumeName: mongo-pv-volume-prj
372 | ---
373 | apiVersion: apps/v1
374 | kind: Deployment
375 | metadata:
376 | labels:
377 | run: aion-kanban-replicator
378 | name: aion-kanban-replicator
379 | namespace: prj
380 | spec:
381 | replicas: 1
382 | selector:
383 | matchLabels:
384 | run: aion-kanban-replicator
385 | strategy:
386 | rollingUpdate:
387 | maxUnavailable: 1
388 | template:
389 | metadata:
390 | labels:
391 | run: aion-kanban-replicator
392 | spec:
393 | containers:
394 | - env:
395 | - name: REDIS_HOST
396 | value: redis-cluster:6379
397 | - name: MONGO_HOST
398 | value: mongo:27017
399 | - name: NODE_NAME
400 | valueFrom:
401 | fieldRef:
402 | fieldPath: spec.nodeName
403 | - name: NODE_IP
404 | valueFrom:
405 | fieldRef:
406 | fieldPath: status.hostIP
407 | image: latonaio/aion-kanban-replicator:latest
408 | imagePullPolicy: IfNotPresent
409 | name: aion-kanban-replicator
410 | volumeMounts:
411 | - mountPath: /var/lib/aion/config
412 | name: config
413 | - args:
414 | - -l
415 | - debug
416 | - --config-path
417 | - /etc/envoy/envoy.yaml
418 | command:
419 | - /usr/local/bin/envoy
420 | image: envoyproxy/envoy:v1.16-latest
421 | imagePullPolicy: IfNotPresent
422 | name: envoy
423 | ports:
424 | - containerPort: 6379
425 | name: envoy-redis
426 | - containerPort: 10001
427 | name: envoy-admin
428 | resources:
429 | limits:
430 | memory: 512Mi
431 | requests:
432 | memory: 64Mi
433 | volumeMounts:
434 | - mountPath: /etc/envoy
435 | name: envoy
436 | hostname: aion-kanban-replicator
437 | imagePullSecrets:
438 | - name: dockerhub
439 | shareProcessNamespace: true
440 | volumes:
441 | - hostPath:
442 | path: /var/lib/aion/prj/config
443 | name: config
444 | - configMap:
445 | name: envoy-config-kanban-replicator
446 | name: envoy
447 | ---
448 | apiVersion: apps/v1
449 | kind: Deployment
450 | metadata:
451 | labels:
452 | run: aion-sendanything
453 | name: aion-sendanything
454 | namespace: prj
455 | spec:
456 | replicas: 1
457 | selector:
458 | matchLabels:
459 | run: aion-sendanything
460 | strategy:
461 | rollingUpdate:
462 | maxUnavailable: 1
463 | template:
464 | metadata:
465 | labels:
466 | run: aion-sendanything
467 | spec:
468 | containers:
469 | - env:
470 | - name: CLIENT_PORT
471 | value: "31100"
472 | - name: NODE_NAME
473 | valueFrom:
474 | fieldRef:
475 | fieldPath: spec.nodeName
476 | - name: NODE_IP
477 | valueFrom:
478 | fieldRef:
479 | fieldPath: status.hostIP
480 | image: latonaio/aion-sendanything:latest
481 | imagePullPolicy: IfNotPresent
482 | name: aion-sendanything
483 | ports:
484 | - containerPort: 11011
485 | name: grpc
486 | volumeMounts:
487 | - mountPath: /var/lib/aion
488 | name: data
489 | - args:
490 | - --config-path /etc/envoy/envoy.yaml
491 | command:
492 | - /usr/local/bin/envoy
493 | image: envoyproxy/envoy:v1.16-latest
494 | imagePullPolicy: IfNotPresent
495 | name: envoy
496 | ports:
497 | - containerPort: 10000
498 | name: envoy-grpc
499 | - containerPort: 10001
500 | name: envoy-admin
501 | resources:
502 | limits:
503 | memory: 512Mi
504 | requests:
505 | memory: 64Mi
506 | volumeMounts:
507 | - mountPath: /etc/envoy
508 | name: envoy
509 | hostname: aion-sendanything
510 | imagePullSecrets:
511 | - name: dockerhub
512 | shareProcessNamespace: true
513 | volumes:
514 | - hostPath:
515 | path: /var/lib/aion/prj
516 | name: data
517 | - configMap:
518 | name: envoy-config-sendanything
519 | name: envoy
520 | ---
521 | apiVersion: apps/v1
522 | kind: Deployment
523 | metadata:
524 | labels:
525 | run: aion-servicebroker
526 | name: aion-servicebroker
527 | namespace: prj
528 | spec:
529 | replicas: 1
530 | selector:
531 | matchLabels:
532 | run: aion-servicebroker
533 | strategy:
534 | type: Recreate
535 | template:
536 | metadata:
537 | labels:
538 | run: aion-servicebroker
539 | spec:
540 | containers:
541 | - env:
542 | - name: NAMESPACE
543 | value: prj
544 | - name: REPOSITORY_PREFIX
545 | value: localhost:31112
546 | - name: REDIS_HOST
547 | value: redis-cluster:6379
548 | - name: MODE
549 | value: default
550 | - name: NODE_NAME
551 | valueFrom:
552 | fieldRef:
553 | fieldPath: spec.nodeName
554 | - name: NODE_IP
555 | valueFrom:
556 | fieldRef:
557 | fieldPath: status.hostIP
558 | image: latonaio/aion-servicebroker:latest
559 | imagePullPolicy: IfNotPresent
560 | name: aion-servicebroker
561 | resources:
562 | limits:
563 | cpu: 20m
564 | memory: 128Mi
565 | requests:
566 | cpu: 5m
567 | memory: 50Mi
568 | volumeMounts:
569 | - mountPath: /var/lib/aion/config
570 | name: config
571 | - args:
572 | - --config-path /etc/envoy/envoy.yaml
573 | command:
574 | - /usr/local/bin/envoy
575 | image: envoyproxy/envoy:v1.16-latest
576 | imagePullPolicy: IfNotPresent
577 | name: envoy
578 | ports:
579 | - containerPort: 6379
580 | name: envoy-redis
581 | - containerPort: 10001
582 | name: envoy-admin
583 | - containerPort: 10000
584 | name: envoy-grpc
585 | resources:
586 | limits:
587 | cpu: 20m
588 | memory: 512Mi
589 | requests:
590 | cpu: 5m
591 | memory: 64Mi
592 | volumeMounts:
593 | - mountPath: /etc/envoy
594 | name: envoy
595 | hostname: aion-servicebroker
596 | imagePullSecrets:
597 | - name: dockerhub
598 | initContainers:
599 | - args:
600 | - /bin/sh
601 | - -c
602 | - until redis-cli -h redis-cluster -p 6379 SET connectivity true; do echo
603 | "wait..."; sleep 5; done
604 | image: redis:6.0-rc-alpine3.11
605 | imagePullPolicy: IfNotPresent
606 | name: check-connectivity-redis
607 | serviceAccountName: aion-prj
608 | shareProcessNamespace: true
609 | volumes:
610 | - hostPath:
611 | path: /var/lib/aion/prj/config
612 | name: config
613 | - configMap:
614 | name: envoy-config-servicebroker
615 | name: envoy
616 | ---
617 | apiVersion: apps/v1
618 | kind: Deployment
619 | metadata:
620 | labels:
621 | run: aion-statuskanban
622 | name: aion-statuskanban
623 | namespace: prj
624 | spec:
625 | replicas: 1
626 | selector:
627 | matchLabels:
628 | run: aion-statuskanban
629 | strategy:
630 | rollingUpdate:
631 | maxUnavailable: 1
632 | template:
633 | metadata:
634 | labels:
635 | run: aion-statuskanban
636 | spec:
637 | containers:
638 | - env:
639 | - name: REDIS_HOST
640 | value: redis-cluster:6379
641 | - name: NODE_NAME
642 | valueFrom:
643 | fieldRef:
644 | fieldPath: spec.nodeName
645 | - name: NODE_IP
646 | valueFrom:
647 | fieldRef:
648 | fieldPath: status.hostIP
649 | image: latonaio/aion-statuskanban:latest
650 | imagePullPolicy: IfNotPresent
651 | name: aion-statuskanban
652 | ports:
653 | - containerPort: 11010
654 | name: grpc
655 | - args:
656 | - -l
657 | - debug
658 | - --config-path
659 | - /etc/envoy/envoy.yaml
660 | command:
661 | - /usr/local/bin/envoy
662 | image: envoyproxy/envoy:v1.16-latest
663 | imagePullPolicy: IfNotPresent
664 | name: envoy
665 | ports:
666 | - containerPort: 6379
667 | name: envoy-redis
668 | - containerPort: 10000
669 | name: envoy-grpc
670 | - containerPort: 10001
671 | name: envoy-admin
672 | resources:
673 | limits:
674 | memory: 512Mi
675 | requests:
676 | memory: 64Mi
677 | volumeMounts:
678 | - mountPath: /etc/envoy
679 | name: envoy
680 | hostname: aion-statuskanban
681 | imagePullSecrets:
682 | - name: dockerhub
683 | initContainers:
684 | - args:
685 | - /bin/sh
686 | - -c
687 | - until redis-cli -h redis-cluster -p 6379 SET connectivity true; do echo
688 | "wait..."; sleep 5; done
689 | image: redis:6.0-rc-alpine3.11
690 | imagePullPolicy: IfNotPresent
691 | name: check-connectivity-redis
692 | shareProcessNamespace: true
693 | volumes:
694 | - configMap:
695 | name: envoy-config-statuskanban
696 | name: envoy
697 | ---
698 | apiVersion: apps/v1
699 | kind: Deployment
700 | metadata:
701 | name: mongo
702 | namespace: prj
703 | spec:
704 | selector:
705 | matchLabels:
706 | app: mongo
707 | strategy:
708 | type: Recreate
709 | template:
710 | metadata:
711 | labels:
712 | app: mongo
713 | spec:
714 | containers:
715 | - env:
716 | - name: MONGODB_USER
717 | value: root
718 | - name: MONGODB_PASS
719 | value: root
720 | image: mongo:4.4
721 | name: mongo
722 | ports:
723 | - containerPort: 27017
724 | name: mongo
725 | resources:
726 | limits:
727 | cpu: 100m
728 | memory: 512Mi
729 | requests:
730 | cpu: 10m
731 | memory: 100Mi
732 | volumeMounts:
733 | - mountPath: /data/db
734 | name: mongo-persistent-storage
735 | volumes:
736 | - name: mongo-persistent-storage
737 | persistentVolumeClaim:
738 | claimName: mongo-pv-claim
739 | ---
740 | apiVersion: apps/v1
741 | kind: Deployment
742 | metadata:
743 | name: redis-cluster
744 | namespace: prj
745 | spec:
746 | selector:
747 | matchLabels:
748 | app: redis-cluster
749 | strategy:
750 | type: Recreate
751 | template:
752 | metadata:
753 | labels:
754 | app: redis-cluster
755 | spec:
756 | containers:
757 | - args:
758 | - --timeout
759 | - "600"
760 | - --loglevel
761 | - debug
762 | image: redis:6.0-rc-alpine3.11
763 | name: redis-cluster
764 | ports:
765 | - containerPort: 6379
766 | name: redis-cluster
767 | resources:
768 | limits:
769 | cpu: 100m
770 | memory: 512Mi
771 | requests:
772 | cpu: 5m
773 | memory: 50Mi
774 |
--------------------------------------------------------------------------------
/generated/default.yml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: aion-default
5 | namespace: default
6 | ---
7 | apiVersion: rbac.authorization.k8s.io/v1
8 | kind: ClusterRoleBinding
9 | metadata:
10 | name: aion-default
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: ClusterRole
14 | name: cluster-admin
15 | subjects:
16 | - kind: ServiceAccount
17 | name: aion-default
18 | namespace: default
19 | ---
20 | apiVersion: v1
21 | data:
22 | envoy.yaml: |-
23 | static_resources:
24 | listeners:
25 | - name: redis_listener
26 | address:
27 | socket_address:
28 | address: 0.0.0.0
29 | port_value: 1999
30 | filter_chains:
31 | - filters:
32 | - name: envoy.filters.network.redis_proxy
33 | typed_config:
34 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
35 | stat_prefix: egress_redis
36 | settings:
37 | op_timeout: 5s
38 | prefix_routes:
39 | catch_all_route:
40 | cluster: redis_cluster
41 | clusters:
42 | - name: redis_cluster
43 | connect_timeout: 1s
44 | type: strict_dns # static
45 | lb_policy: MAGLEV
46 | load_assignment:
47 | cluster_name: redis_cluster
48 | endpoints:
49 | - lb_endpoints:
50 | - endpoint:
51 | address:
52 | socket_address:
53 | address: redis
54 | port_value: 6379
55 | kind: ConfigMap
56 | metadata:
57 | name: envoy-config-kanban-replicator
58 | namespace: default
59 | ---
60 | apiVersion: v1
61 | data:
62 | envoy.yaml: |
63 | static_resources:
64 | listeners:
65 | - name: grpc_listener
66 | address:
67 | socket_address:
68 | address: 0.0.0.0
69 | port_value: 10000
70 | filter_chains:
71 | - filters:
72 | - name: envoy.filters.network.http_connection_manager
73 | typed_config:
74 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
75 | codec_type: auto
76 | stat_prefix: ingress_http
77 | stream_idle_timeout: 0s
78 | route_config:
79 | name: local_route
80 | virtual_hosts:
81 | - name: send_anything_grpc
82 | domains:
83 | - "*"
84 | routes:
85 | - match:
86 | prefix: "/"
87 | grpc: {}
88 | route:
89 | cluster: send_anything_grpc
90 | timeout: 0s
91 | idle_timeout: 0s
92 | http_filters:
93 | - name: envoy.filters.http.router
94 | typed_config: {}
95 | clusters:
96 | - name: send_anything_grpc
97 | connect_timeout: 0.250s
98 | type: strict_dns
99 | lb_policy: round_robin
100 | http2_protocol_options: {}
101 | load_assignment:
102 | cluster_name: send_anything_grpc
103 | endpoints:
104 | - lb_endpoints:
105 | - endpoint:
106 | address:
107 | socket_address:
108 | address: 127.0.0.1
109 | port_value: 11011
110 | admin:
111 | access_log_path: /tmp/admin_access.log
112 | address:
113 | socket_address:
114 | address: 0.0.0.0
115 | port_value: 10001
116 | kind: ConfigMap
117 | metadata:
118 | name: envoy-config-sendanything
119 | namespace: default
120 | ---
121 | apiVersion: v1
122 | data:
123 | envoy.yaml: "static_resources:\n listeners:\n - name: grpc_listener\n address:\n
124 | \ socket_address:\n address: 0.0.0.0\n port_value: 10000\n filter_chains:\n
125 | \ - filters:\n - name: envoy.filters.network.http_connection_manager\n
126 | \ typed_config:\n \"@type\": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager\n
127 | \ codec_type: auto\n stat_prefix: ingress_http\n stream_idle_timeout:
128 | 0s\n route_config:\n name: local_route\n virtual_hosts:\n
129 | \ - name: status_kanban_grpc\n domains:\n -
130 | \"*\"\n routes:\n - match:\n prefix:
131 | \"/\"\n grpc: {}\n route:\n cluster:
132 | service_broker_grpc \n timeout: 0s\n idle_timeout:
133 | 0s\n http_filters:\n - name: envoy.filters.http.router\n typed_config:
134 | {}\n - name: redis_listener\n address:\n socket_address:\n address:
135 | 0.0.0.0\n port_value: 1999\n filter_chains:\n - filters:\n -
136 | name: envoy.filters.network.redis_proxy\n typed_config:\n \"@type\":
137 | type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy\n stat_prefix:
138 | egress_redis\n settings:\n op_timeout: 5s\n prefix_routes:\n
139 | \ catch_all_route:\n cluster: redis_cluster\n clusters:\n
140 | \ - name: redis_cluster\n connect_timeout: 1s\n type: strict_dns # static\n
141 | \ lb_policy: MAGLEV\n load_assignment:\n cluster_name: redis_cluster\n
142 | \ endpoints:\n - lb_endpoints:\n - endpoint:\n address:\n
143 | \ socket_address:\n address: redis\n port_value:
144 | 6379\n - name: service_broker_grpc\n connect_timeout: 0.250s\n type: strict_dns\n
145 | \ lb_policy: round_robin\n http2_protocol_options: {}\n load_assignment:\n
146 | \ cluster_name: status_kanban_grpc\n endpoints:\n - lb_endpoints:\n
147 | \ - endpoint:\n address:\n socket_address:\n address:
148 | 127.0.0.1\n port_value: 11111\nadmin:\n access_log_path: /tmp/admin_access.log\n
149 | \ address:\n socket_address:\n address: 0.0.0.0\n port_value: 10001\n"
150 | kind: ConfigMap
151 | metadata:
152 | name: envoy-config-servicebroker
153 | namespace: default
154 | ---
155 | apiVersion: v1
156 | data:
157 | envoy.yaml: |
158 | static_resources:
159 | listeners:
160 | - name: grpc_listener
161 | address:
162 | socket_address:
163 | address: 0.0.0.0
164 | port_value: 10000
165 | filter_chains:
166 | - filters:
167 | - name: envoy.filters.network.http_connection_manager
168 | typed_config:
169 | "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
170 | codec_type: auto
171 | stat_prefix: ingress_http
172 | stream_idle_timeout: 0s
173 | route_config:
174 | name: local_route
175 | virtual_hosts:
176 | - name: status_kanban_grpc
177 | domains:
178 | - "*"
179 | routes:
180 | - match:
181 | prefix: "/"
182 | grpc: {}
183 | route:
184 | cluster: status_kanban_grpc
185 | timeout: 0s
186 | idle_timeout: 0s
187 | http_filters:
188 | - name: envoy.filters.http.router
189 | typed_config: {}
190 | - name: redis_listener
191 | address:
192 | socket_address:
193 | address: 0.0.0.0
194 | port_value: 1999
195 | filter_chains:
196 | - filters:
197 | - name: envoy.filters.network.redis_proxy
198 | typed_config:
199 | "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
200 | stat_prefix: egress_redis
201 | settings:
202 | op_timeout: 5s
203 | prefix_routes:
204 | catch_all_route:
205 | cluster: redis_cluster
206 | clusters:
207 | - name: redis_cluster
208 | connect_timeout: 1s
209 | type: strict_dns # static
210 | lb_policy: MAGLEV
211 | load_assignment:
212 | cluster_name: redis_cluster
213 | endpoints:
214 | - lb_endpoints:
215 | - endpoint:
216 | address:
217 | socket_address:
218 | address: redis
219 | port_value: 6379
220 | - name: status_kanban_grpc
221 | connect_timeout: 0.250s
222 | type: strict_dns
223 | lb_policy: round_robin
224 | http2_protocol_options: {}
225 | load_assignment:
226 | cluster_name: status_kanban_grpc
227 | endpoints:
228 | - lb_endpoints:
229 | - endpoint:
230 | address:
231 | socket_address:
232 | address: 127.0.0.1
233 | port_value: 11010
234 | admin:
235 | access_log_path: /tmp/admin_access.log
236 | address:
237 | socket_address:
238 | address: 0.0.0.0
239 | port_value: 10001
240 | kind: ConfigMap
241 | metadata:
242 | name: envoy-config-statuskanban
243 | namespace: default
244 | ---
245 | apiVersion: v1
246 | data:
247 | fluent.conf: |-
248 |
249 | log_level info
250 |
251 |
252 |
253 | @type tail
254 | path /var/log/containers/*.log
255 | pos_file "#{ENV['POS_FILE']}"
256 | tag kubernetes.*
257 | time_format %Y-%m-%dT%H:%M:%S
258 | format json
259 | read_from_head true
260 |
261 |
262 |
263 | @type kubernetes_metadata
264 | ca_file "#{ENV['CA_FILE']}"
265 | bearer_token_file "#{ENV['BEARER_TOKEN_FILE']}"
266 | skip_labels true
267 | skip_container_metadata true
268 | skip_master_url true
269 | skip_namespace_metadata true
270 |
271 |
272 |
273 | @type rewrite_tag_filter
274 |
275 | key $.kubernetes.container_name
276 | pattern /hogehoge/
277 | tag mongo.hogehoge
278 |
279 |
280 |
281 |
282 | @type mongo
283 | host mongo
284 | port 27017
285 | database k8s
286 | collection '${tag}'
287 | remove_tag_prefix mongo.
288 |
289 | flush_mode interval
290 | retry_type exponential_backoff
291 | flush_thread_count 2
292 | flush_interval 5s
293 | retry_forever
294 | retry_max_interval 30
295 | chunk_limit_size 2M
296 | queue_limit_length 8
297 | overflow_action block
298 |
299 |
300 | kind: ConfigMap
301 | metadata:
302 | labels:
303 | addonmanager.kubernetes.io/mode: Reconcile
304 | name: fluentd-conf
305 | namespace: default
306 | ---
307 | apiVersion: v1
308 | kind: Service
309 | metadata:
310 | labels:
311 | run: aion-sendanything
312 | name: aion-sendanything
313 | namespace: default
314 | spec:
315 | ports:
316 | - name: envoy-grpc
317 | nodePort: 30100
318 | port: 10000
319 | protocol: TCP
320 | targetPort: 10000
321 | - name: envoy-admin
322 | port: 10001
323 | protocol: TCP
324 | targetPort: 10001
325 | selector:
326 | run: aion-sendanything
327 | type: NodePort
328 | ---
329 | apiVersion: v1
330 | kind: Service
331 | metadata:
332 | labels:
333 | run: aion-servicebroker
334 | name: aion-servicebroker
335 | namespace: default
336 | spec:
337 | ports:
338 | - name: envoy-admin
339 | port: 10001
340 | protocol: TCP
341 | targetPort: 10001
342 | - name: envoy-grpc
343 | nodePort: 31000
344 | port: 10000
345 | protocol: TCP
346 | targetPort: 10000
347 | selector:
348 | run: aion-servicebroker
349 | type: NodePort
350 | ---
351 | apiVersion: v1
352 | kind: Service
353 | metadata:
354 | labels:
355 | run: aion-statuskanban
356 | name: aion-statuskanban
357 | namespace: default
358 | spec:
359 | ports:
360 | - name: grpc
361 | port: 11010
362 | protocol: TCP
363 | targetPort: 11010
364 | - name: envoy-grpc
365 | port: 10000
366 | protocol: TCP
367 | targetPort: 10000
368 | - name: envoy-admin
369 | port: 10001
370 | protocol: TCP
371 | targetPort: 10001
372 | selector:
373 | run: aion-statuskanban
374 | type: ClusterIP
375 | ---
376 | apiVersion: v1
377 | kind: Service
378 | metadata:
379 | name: mongo
380 | namespace: default
381 | spec:
382 | ports:
383 | - port: 27017
384 | targetPort: 27017
385 | selector:
386 | app: mongo
387 | type: ClusterIP
388 | ---
389 | apiVersion: v1
390 | kind: Service
391 | metadata:
392 | name: mongo-express-service
393 | namespace: default
394 | spec:
395 | ports:
396 | - name: mongo-express
397 | nodePort: 32767
398 | port: 8081
399 | protocol: TCP
400 | targetPort: 8081
401 | selector:
402 | app: mongo-express
403 | type: LoadBalancer
404 | ---
405 | apiVersion: v1
406 | kind: Service
407 | metadata:
408 | name: redis-cluster
409 | namespace: default
410 | spec:
411 | ports:
412 | - port: 6379
413 | targetPort: 6379
414 | selector:
415 | app: redis-cluster
416 | type: ClusterIP
417 | ---
418 | apiVersion: v1
419 | kind: PersistentVolume
420 | metadata:
421 | labels:
422 | type: local
423 | name: mongo-pv-volume-default
424 | spec:
425 | accessModes:
426 | - ReadWriteOnce
427 | capacity:
428 | storage: 5Gi
429 | hostPath:
430 | path: /var/lib/aion/default/mnt/mongo_data
431 | storageClassName: mongo
432 | ---
433 | apiVersion: v1
434 | kind: PersistentVolumeClaim
435 | metadata:
436 | name: mongo-pv-claim
437 | namespace: default
438 | spec:
439 | accessModes:
440 | - ReadWriteOnce
441 | resources:
442 | requests:
443 | storage: 5Gi
444 | storageClassName: mongo
445 | volumeName: mongo-pv-volume-default
446 | ---
447 | apiVersion: apps/v1
448 | kind: Deployment
449 | metadata:
450 | labels:
451 | run: aion-kanban-replicator
452 | name: aion-kanban-replicator
453 | namespace: default
454 | spec:
455 | replicas: 1
456 | selector:
457 | matchLabels:
458 | run: aion-kanban-replicator
459 | strategy:
460 | rollingUpdate:
461 | maxUnavailable: 1
462 | template:
463 | metadata:
464 | labels:
465 | run: aion-kanban-replicator
466 | spec:
467 | containers:
468 | - env:
469 | - name: REDIS_HOST
470 | value: redis-cluster:6379
471 | - name: MONGO_HOST
472 | value: mongo:27017
473 | - name: NODE_NAME
474 | valueFrom:
475 | fieldRef:
476 | fieldPath: spec.nodeName
477 | - name: NODE_IP
478 | valueFrom:
479 | fieldRef:
480 | fieldPath: status.hostIP
481 | image: latonaio/aion-kanban-replicator:latest
482 | imagePullPolicy: IfNotPresent
483 | name: aion-kanban-replicator
484 | volumeMounts:
485 | - mountPath: /var/lib/aion/config
486 | name: config
487 | - args:
488 | - -l
489 | - debug
490 | - --config-path
491 | - /etc/envoy/envoy.yaml
492 | command:
493 | - /usr/local/bin/envoy
494 | image: envoyproxy/envoy:v1.16-latest
495 | imagePullPolicy: IfNotPresent
496 | name: envoy
497 | ports:
498 | - containerPort: 6379
499 | name: envoy-redis
500 | - containerPort: 10001
501 | name: envoy-admin
502 | resources:
503 | limits:
504 | memory: 512Mi
505 | requests:
506 | memory: 64Mi
507 | volumeMounts:
508 | - mountPath: /etc/envoy
509 | name: envoy
510 | hostname: aion-kanban-replicator
511 | imagePullSecrets:
512 | - name: dockerhub
513 | shareProcessNamespace: true
514 | volumes:
515 | - hostPath:
516 | path: /var/lib/aion/default/config
517 | name: config
518 | - configMap:
519 | name: envoy-config-kanban-replicator
520 | name: envoy
521 | ---
522 | apiVersion: apps/v1
523 | kind: Deployment
524 | metadata:
525 | labels:
526 | run: aion-sendanything
527 | name: aion-sendanything
528 | namespace: default
529 | spec:
530 | replicas: 1
531 | selector:
532 | matchLabels:
533 | run: aion-sendanything
534 | strategy:
535 | rollingUpdate:
536 | maxUnavailable: 1
537 | template:
538 | metadata:
539 | labels:
540 | run: aion-sendanything
541 | spec:
542 | containers:
543 | - env:
544 | - name: CLIENT_PORT
545 | value: "30100"
546 | - name: NODE_NAME
547 | valueFrom:
548 | fieldRef:
549 | fieldPath: spec.nodeName
550 | - name: NODE_IP
551 | valueFrom:
552 | fieldRef:
553 | fieldPath: status.hostIP
554 | image: latonaio/aion-sendanything:latest
555 | imagePullPolicy: IfNotPresent
556 | name: aion-sendanything
557 | ports:
558 | - containerPort: 11011
559 | name: grpc
560 | volumeMounts:
561 | - mountPath: /var/lib/aion
562 | name: data
563 | - args:
564 | - --config-path /etc/envoy/envoy.yaml
565 | command:
566 | - /usr/local/bin/envoy
567 | image: envoyproxy/envoy:v1.16-latest
568 | imagePullPolicy: IfNotPresent
569 | name: envoy
570 | ports:
571 | - containerPort: 10000
572 | name: envoy-grpc
573 | - containerPort: 10001
574 | name: envoy-admin
575 | resources:
576 | limits:
577 | memory: 512Mi
578 | requests:
579 | memory: 64Mi
580 | volumeMounts:
581 | - mountPath: /etc/envoy
582 | name: envoy
583 | hostname: aion-sendanything
584 | imagePullSecrets:
585 | - name: dockerhub
586 | shareProcessNamespace: true
587 | volumes:
588 | - hostPath:
589 | path: /var/lib/aion/default
590 | name: data
591 | - configMap:
592 | name: envoy-config-sendanything
593 | name: envoy
594 | ---
595 | apiVersion: apps/v1
596 | kind: Deployment
597 | metadata:
598 | labels:
599 | run: aion-servicebroker
600 | name: aion-servicebroker
601 | namespace: default
602 | spec:
603 | replicas: 1
604 | selector:
605 | matchLabels:
606 | run: aion-servicebroker
607 | strategy:
608 | type: Recreate
609 | template:
610 | metadata:
611 | labels:
612 | run: aion-servicebroker
613 | spec:
614 | containers:
615 | - env:
616 | - name: NAMESPACE
617 | value: default
618 | - name: REPOSITORY_PREFIX
619 | value: latonaio
620 | - name: REDIS_HOST
621 | value: redis-cluster:6379
622 | - name: MODE
623 | value: default
624 | - name: NODE_NAME
625 | valueFrom:
626 | fieldRef:
627 | fieldPath: spec.nodeName
628 | - name: NODE_IP
629 | valueFrom:
630 | fieldRef:
631 | fieldPath: status.hostIP
632 | image: latonaio/aion-servicebroker:latest
633 | imagePullPolicy: IfNotPresent
634 | name: aion-servicebroker
635 | resources:
636 | limits:
637 | cpu: 20m
638 | memory: 128Mi
639 | requests:
640 | cpu: 5m
641 | memory: 50Mi
642 | volumeMounts:
643 | - mountPath: /var/lib/aion/config
644 | name: config
645 | - args:
646 | - --config-path /etc/envoy/envoy.yaml
647 | command:
648 | - /usr/local/bin/envoy
649 | image: envoyproxy/envoy:v1.16-latest
650 | imagePullPolicy: IfNotPresent
651 | name: envoy
652 | ports:
653 | - containerPort: 6379
654 | name: envoy-redis
655 | - containerPort: 10001
656 | name: envoy-admin
657 | - containerPort: 10000
658 | name: envoy-grpc
659 | resources:
660 | limits:
661 | cpu: 20m
662 | memory: 512Mi
663 | requests:
664 | cpu: 5m
665 | memory: 64Mi
666 | volumeMounts:
667 | - mountPath: /etc/envoy
668 | name: envoy
669 | hostname: aion-servicebroker
670 | imagePullSecrets:
671 | - name: dockerhub
672 | initContainers:
673 | - args:
674 | - /bin/sh
675 | - -c
676 | - until redis-cli -h redis-cluster -p 6379 SET connectivity true; do echo
677 | "wait..."; sleep 5; done
678 | image: redis:6.0-rc-alpine3.11
679 | imagePullPolicy: IfNotPresent
680 | name: check-connectivity-redis
681 | serviceAccountName: aion-default
682 | shareProcessNamespace: true
683 | volumes:
684 | - hostPath:
685 | path: /var/lib/aion/default/config
686 | name: config
687 | - configMap:
688 | name: envoy-config-servicebroker
689 | name: envoy
690 | ---
691 | apiVersion: apps/v1
692 | kind: Deployment
693 | metadata:
694 | labels:
695 | run: aion-statuskanban
696 | name: aion-statuskanban
697 | namespace: default
698 | spec:
699 | replicas: 1
700 | selector:
701 | matchLabels:
702 | run: aion-statuskanban
703 | strategy:
704 | rollingUpdate:
705 | maxUnavailable: 1
706 | template:
707 | metadata:
708 | labels:
709 | run: aion-statuskanban
710 | spec:
711 | containers:
712 | - env:
713 | - name: REDIS_HOST
714 | value: redis-cluster:6379
715 | - name: NODE_NAME
716 | valueFrom:
717 | fieldRef:
718 | fieldPath: spec.nodeName
719 | - name: NODE_IP
720 | valueFrom:
721 | fieldRef:
722 | fieldPath: status.hostIP
723 | image: latonaio/aion-statuskanban:latest
724 | imagePullPolicy: IfNotPresent
725 | name: aion-statuskanban
726 | ports:
727 | - containerPort: 11010
728 | name: grpc
729 | - args:
730 | - -l
731 | - debug
732 | - --config-path
733 | - /etc/envoy/envoy.yaml
734 | command:
735 | - /usr/local/bin/envoy
736 | image: envoyproxy/envoy:v1.16-latest
737 | imagePullPolicy: IfNotPresent
738 | name: envoy
739 | ports:
740 | - containerPort: 6379
741 | name: envoy-redis
742 | - containerPort: 10000
743 | name: envoy-grpc
744 | - containerPort: 10001
745 | name: envoy-admin
746 | resources:
747 | limits:
748 | memory: 512Mi
749 | requests:
750 | memory: 64Mi
751 | volumeMounts:
752 | - mountPath: /etc/envoy
753 | name: envoy
754 | hostname: aion-statuskanban
755 | imagePullSecrets:
756 | - name: dockerhub
757 | initContainers:
758 | - args:
759 | - /bin/sh
760 | - -c
761 | - until redis-cli -h redis-cluster -p 6379 SET connectivity true; do echo
762 | "wait..."; sleep 5; done
763 | image: redis:6.0-rc-alpine3.11
764 | imagePullPolicy: IfNotPresent
765 | name: check-connectivity-redis
766 | shareProcessNamespace: true
767 | volumes:
768 | - configMap:
769 | name: envoy-config-statuskanban
770 | name: envoy
771 | ---
772 | apiVersion: apps/v1
773 | kind: Deployment
774 | metadata:
775 | name: mongo
776 | namespace: default
777 | spec:
778 | selector:
779 | matchLabels:
780 | app: mongo
781 | strategy:
782 | type: Recreate
783 | template:
784 | metadata:
785 | labels:
786 | app: mongo
787 | spec:
788 | containers:
789 | - env:
790 | - name: MONGODB_USER
791 | value: root
792 | - name: MONGODB_PASS
793 | value: root
794 | image: mongo:4.4
795 | name: mongo
796 | ports:
797 | - containerPort: 27017
798 | name: mongo
799 | resources:
800 | limits:
801 | cpu: 100m
802 | memory: 512Mi
803 | requests:
804 | cpu: 10m
805 | memory: 100Mi
806 | volumeMounts:
807 | - mountPath: /data/db
808 | name: mongo-persistent-storage
809 | volumes:
810 | - name: mongo-persistent-storage
811 | persistentVolumeClaim:
812 | claimName: mongo-pv-claim
813 | ---
814 | apiVersion: apps/v1
815 | kind: Deployment
816 | metadata:
817 | name: mongo-express-deployment
818 | namespace: default
819 | spec:
820 | replicas: 1
821 | selector:
822 | matchLabels:
823 | app: mongo-express
824 | template:
825 | metadata:
826 | labels:
827 | app: mongo-express
828 | spec:
829 | containers:
830 | - env:
831 | - name: MONGODB_USER
832 | value: root
833 | - name: MONGODB_PASS
834 | value: root
835 | image: mongo-express
836 | name: mongo-express
837 | ports:
838 | - containerPort: 8081
839 | name: mongo-express
840 | ---
841 | apiVersion: apps/v1
842 | kind: Deployment
843 | metadata:
844 | name: redis-cluster
845 | namespace: default
846 | spec:
847 | selector:
848 | matchLabels:
849 | app: redis-cluster
850 | strategy:
851 | type: Recreate
852 | template:
853 | metadata:
854 | labels:
855 | app: redis-cluster
856 | spec:
857 | containers:
858 | - args:
859 | - --timeout
860 | - "600"
861 | - --loglevel
862 | - debug
863 | image: redis:6.0-rc-alpine3.11
864 | name: redis-cluster
865 | ports:
866 | - containerPort: 6379
867 | name: redis-cluster
868 | resources:
869 | limits:
870 | cpu: 100m
871 | memory: 512Mi
872 | requests:
873 | cpu: 5m
874 | memory: 50Mi
875 | ---
876 | apiVersion: apps/v1
877 | kind: DaemonSet
878 | metadata:
879 | labels:
880 | k8s-app: fluentd
881 | name: fluentd
882 | namespace: default
883 | spec:
884 | selector:
885 | matchLabels:
886 | name: fluentd
887 | template:
888 | metadata:
889 | labels:
890 | name: fluentd
891 | spec:
892 | containers:
893 | - env:
894 | - name: K8S_NODE_NAME
895 | value: your_node_name
896 | - name: POS_FILE
897 | value: /var/log/fluentd/fluentd-docker.pos
898 | - name: CA_FILE
899 | value: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
900 | - name: BEARER_TOKEN_FILE
901 | value: /var/run/secrets/kubernetes.io/serviceaccount/token
902 | image: latona/fluentd
903 | imagePullPolicy: IfNotPresent
904 | name: fluentd
905 | resources:
906 | limits:
907 | memory: 200Mi
908 | requests:
909 | cpu: 100m
910 | memory: 200Mi
911 | volumeMounts:
912 | - mountPath: /var/log
913 | name: varlog
914 | - mountPath: /var/lib/docker/containers
915 | name: varlibdockercontainers
916 | readOnly: true
917 | - mountPath: /config
918 | name: config-volume
919 | serviceAccount: aion-default
920 | serviceAccountName: aion-default
921 | terminationGracePeriodSeconds: 30
922 | tolerations:
923 | - effect: NoSchedule
924 | key: node-role.kubernetes.io/master
925 | volumes:
926 | - hostPath:
927 | path: /var/log
928 | name: varlog
929 | - hostPath:
930 | path: /var/lib/docker/containers
931 | name: varlibdockercontainers
932 | - configMap:
933 | name: fluentd-conf
934 | name: config-volume
935 |
--------------------------------------------------------------------------------