diff --git a/_sys/haproxy-ingress.yaml b/_sys/haproxy-ingress.yaml deleted file mode 100644 index f6942df..0000000 --- a/_sys/haproxy-ingress.yaml +++ /dev/null @@ -1,204 +0,0 @@ -#https://raw.githubusercontent.com/haproxytech/kubernetes-ingress/master/deploy/haproxy-ingress.yaml -#https://www.haproxy.com/documentation/kubernetes/latest/installation/community/kubernetes/ -# -# NOTES: Images are not from haproxytech, no arm64 imgs ---- -apiVersion: v1 -kind: Namespace -metadata: - name: haproxy-controller - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: haproxy-ingress-service-account - namespace: haproxy-controller - ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: haproxy-ingress-cluster-role -rules: -- apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - services - - namespaces - - events - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - "extensions" - resources: - - ingresses - - ingresses/status - verbs: - - get - - list - - watch - - update -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - create - - patch - - update - ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: haproxy-ingress-cluster-role-binding - namespace: haproxy-controller -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: haproxy-ingress-cluster-role -subjects: -- kind: ServiceAccount - name: haproxy-ingress-service-account - namespace: haproxy-controller - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: haproxy - namespace: haproxy-controller -data: - forwarded-for: "true" - load-balance: "leastconn" ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - run: ingress-default-backend - name: ingress-default-backend - namespace: haproxy-controller -spec: - replicas: 1 - selector: - matchLabels: - run: ingress-default-backend - template: - metadata: - labels: - run: ingress-default-backend - spec: - containers: - - name: ingress-default-backend - #image: gcr.io/google_containers/defaultbackend:1.4 - image: starlingx4arm/defaultbackend:1.5-aarch64 - ports: - - containerPort: 8080 - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - run: ingress-default-backend - name: ingress-default-backend - namespace: haproxy-controller -spec: - selector: - run: ingress-default-backend - ports: - - name: port-1 - port: 8080 - protocol: TCP - targetPort: 8080 - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - run: haproxy-ingress - name: haproxy-ingress - namespace: haproxy-controller -spec: - replicas: 1 - selector: - matchLabels: - run: haproxy-ingress - template: - metadata: - labels: - run: haproxy-ingress - spec: - serviceAccountName: haproxy-ingress-service-account - containers: - - name: haproxy-ingress - #image: haproxytech/kubernetes-ingress - image: bmanojlovic/kubernetes-ingress:latest - args: - - --configmap=haproxy-controller/haproxy - - --default-backend-service=haproxy-controller/ingress-default-backend - resources: - requests: - cpu: "500m" - memory: "50Mi" - livenessProbe: - httpGet: - path: /healthz - port: 1042 - ports: - - name: http - containerPort: 80 - - name: https - containerPort: 443 - - name: stat - containerPort: 1024 - env: - - name: TZ - value: "Europe/Berlin" - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - ---- -apiVersion: v1 -kind: Service -metadata: - labels: - run: haproxy-ingress - name: haproxy-ingress - namespace: haproxy-controller -spec: - selector: - run: haproxy-ingress - type: NodePort - ports: - - name: http - port: 80 - protocol: TCP - targetPort: 80 - - name: https - port: 443 - protocol: TCP - targetPort: 443 - - name: stat - port: 1024 - protocol: TCP - targetPort: 1024 diff --git a/_sys/kube-router-accounts.yaml b/_sys/kube-router-accounts.yaml deleted file mode 100644 index 5f1fe44..0000000 --- a/_sys/kube-router-accounts.yaml +++ /dev/null @@ -1,53 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kube-router - namespace: kube-system ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: kube-router -rules: - - apiGroups: - - "" - resources: - - namespaces - - pods - - services - - nodes - - endpoints - verbs: - - list - - get - - watch - - apiGroups: - - "networking.k8s.io" - resources: - - networkpolicies - verbs: - - list - - get - - watch - - apiGroups: - - extensions - resources: - - networkpolicies - verbs: - - get - - list - - watch ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1beta1 -metadata: - name: kube-router -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kube-router -subjects: -- kind: ServiceAccount - name: kube-router - namespace: kube-system diff --git a/_sys/kube-router-all-service-daemonset.yaml b/_sys/kube-router-all-service-daemonset.yaml deleted file mode 100644 index 9b4a1b4..0000000 --- a/_sys/kube-router-all-service-daemonset.yaml +++ /dev/null @@ -1,139 +0,0 @@ -#https://gist.github.com/jjo/8c616aaf795284bb5b85d02143745f63 -apiVersion: v1 -kind: ConfigMap -metadata: - name: kube-router-cfg - namespace: kube-system - labels: - tier: node - k8s-app: kube-router -data: - cni-conf.json: | - { - "cniVersion":"0.3.0", - "name":"mynet", - "plugins":[ - { - "name":"kubernetes", - "type":"bridge", - "bridge":"kube-bridge", - "mtu":1420, - "isDefaultGateway":true, - "hairpinMode":true, - "ipam":{ - "type":"host-local" - } - } - ] - } ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: kube-router - namespace: kube-system - labels: - k8s-app: kube-router -spec: - selector: - matchLabels: - k8s-app: kube-router - template: - metadata: - labels: - k8s-app: kube-router - spec: - priorityClassName: system-node-critical - containers: - - name: kube-router - image: docker.io/cloudnativelabs/kube-router - args: - - "--auto-mtu=false" - - "--run-router=true" - - "--run-firewall=true" - - "--run-service-proxy=true" - - "--bgp-graceful-restart=true" - - "--hairpin-mode=true" - - "--enable-cni=true" - - "--advertise-cluster-ip=true" - - "--advertise-external-ip=true" - - "--advertise-loadbalancer-ip=true" - - "--kubeconfig=/var/lib/kube-router/kubeconfig" - #- "--master=https://192.168.10.13:6443" - securityContext: - privileged: true - imagePullPolicy: Always - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: KUBE_ROUTER_CNI_CONF_FILE - value: /etc/cni/net.d/10-kuberouter.conflist - livenessProbe: - httpGet: - path: /healthz - port: 20244 - initialDelaySeconds: 10 - periodSeconds: 3 - volumeMounts: - - name: lib-modules - mountPath: /lib/modules - readOnly: true - - name: cni-conf-dir - mountPath: /etc/cni/net.d - - name: kubeconfig - mountPath: /var/lib/kube-router/kubeconfig - readOnly: true - - name: xtables-lock - mountPath: /run/xtables.lock - readOnly: false - initContainers: - - name: install-cni - image: docker.io/cloudnativelabs/kube-router - imagePullPolicy: Always - command: - - /bin/sh - - -c - - set -e -x; - if [ ! -f /etc/cni/net.d/10-kuberouter.conflist ]; then - if [ -f /etc/cni/net.d/*.conf ]; then - rm -f /etc/cni/net.d/*.conf; - fi; - TMP=/etc/cni/net.d/.tmp-kuberouter-cfg; - cp /etc/kube-router/cni-conf.json ${TMP}; - mv ${TMP} /etc/cni/net.d/10-kuberouter.conflist; - fi - volumeMounts: - - name: cni-conf-dir - mountPath: /etc/cni/net.d - - name: kube-router-cfg - mountPath: /etc/kube-router - hostNetwork: true - serviceAccountName: kube-router - serviceAccount: kube-router - tolerations: - - effect: NoSchedule - operator: Exists - - key: CriticalAddonsOnly - operator: Exists - - effect: NoExecute - operator: Exists - volumes: - - name: lib-modules - hostPath: - path: /lib/modules - - name: cni-conf-dir - hostPath: - path: /etc/cni/net.d - - name: kube-router-cfg - configMap: - name: kube-router-cfg - - name: kubeconfig - hostPath: - path: /var/lib/kube-router/kubeconfig - - name: xtables-lock - hostPath: - path: /run/xtables.lock - type: FileOrCreate - diff --git a/_sys/metallb-address-pool.yaml b/_sys/metallb-address-pool.yaml new file mode 100644 index 0000000..ad99ef0 --- /dev/null +++ b/_sys/metallb-address-pool.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: metallb-system + name: config +data: + config: | + address-pools: + - name: default + protocol: layer2 + addresses: + - 172.23.255.1-172.23.255.254 diff --git a/_sys/namespaces.yaml b/_sys/namespaces.yaml new file mode 100644 index 0000000..6f9364b --- /dev/null +++ b/_sys/namespaces.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: live-env +--- +apiVersion: v1 +kind: Namespace +metadata: + name: test-env \ No newline at end of file diff --git a/_sys/traefik-deployment.yaml b/_sys/traefik-deployment.yaml deleted file mode 100644 index af7be9b..0000000 --- a/_sys/traefik-deployment.yaml +++ /dev/null @@ -1,59 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: traefik-ingress-controller - namespace: kube-system ---- -kind: Deployment -apiVersion: apps/v1 -metadata: - name: traefik-ingress-controller - namespace: kube-system - labels: - k8s-app: traefik-ingress-lb -spec: - replicas: 1 - selector: - matchLabels: - k8s-app: traefik-ingress-lb - template: - metadata: - labels: - k8s-app: traefik-ingress-lb - name: traefik-ingress-lb - spec: - serviceAccountName: traefik-ingress-controller - terminationGracePeriodSeconds: 60 - containers: - - image: traefik:v1.7 - name: traefik-ingress-lb - ports: - - name: http - containerPort: 80 - - name: admin - containerPort: 8080 - args: - - --api - - --kubernetes - - --loglevel=ERROR ---- -kind: Service -apiVersion: v1 -metadata: - name: traefik-ingress-service - namespace: kube-system - annotations: - kuber-router.io/service.hairpin: "" -spec: - selector: - k8s-app: traefik-ingress-lb - ports: - - protocol: TCP - port: 80 - name: web - - protocol: TCP - port: 8080 - name: admin - type: LoadBalancer - loadBalancerIP: 172.23.255.1