Home Explore Help
Sign In
golang
/
netmaker
mirror of https://github.com/gravitl/netmaker
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #1339 from gravitl/feature_v0.14.5_kube

Feature v0.14.5 kube
dcarns 3 years ago
parent
231c8c46d9 46f7797df8
commit
4cbc78a0ba
29 changed files with 369 additions and 1903 deletions
Split View Show Diff Stats
  1. 0 0
      k8s/misc/clusterissuer.yaml
  2. 0 0
      k8s/misc/dnsutils.yaml
  3. 0 0
      k8s/misc/nginx-example.yaml
  4. 0 0
      k8s/misc/pingtest.yaml
  5. 0 0
      k8s/misc/ubuntu.yaml
  6. 33 0
      k8s/netclient/netclient-daemonset.yaml
  7. 44 0
      k8s/netclient/netclient.yaml
  8. 228 0
      k8s/netmaker-server.yaml
  9. 64 0
      k8s/netmaker-ui.yaml
  10. 0 59
      kube/components/mongo-statefulset.yaml
  11. 0 62
      kube/components/netclient-template.yaml.backup
  12. 0 87
      kube/components/netmaker-api.yaml
  13. 0 98
      kube/components/netmaker-backend.yaml
  14. 0 71
      kube/components/netmaker-dns.yaml
  15. 0 82
      kube/components/netmaker-grpc.yaml
  16. 0 25
      kube/components/netmaker-ingress-api.yaml
  17. 0 25
      kube/components/netmaker-ingress-frontend.yaml
  18. 0 17
      kube/components/netmaker-ingress-grpc.yaml
  19. 0 345
      kube/components/netmaker-template.yaml.backup
  20. 0 40
      kube/components/netmaker-ui.yaml
  21. 0 26
      kube/components/nm-ingress-api-nginx.yaml
  22. 0 25
      kube/components/nm-ingress-grpc-nginx.yaml
  23. 0 26
      kube/components/nm-ingress-ui-nginx.yaml
  24. 0 58
      kube/netclient-daemonset.yaml
  25. 0 43
      kube/netclient-template-doks-uspace.yaml
  26. 0 93
      kube/netclient-template-doks.yaml
  27. 0 57
      kube/netclient-template.yaml
  28. 0 353
      kube/netmaker-template-udp.yaml
  29. 0 311
      kube/netmaker-template.yaml

+ 0 - 0
kube/example/clusterissuer.yaml → k8s/misc/clusterissuer.yaml
View File


+ 0 - 0
kube/example/dnsutils.yaml → k8s/misc/dnsutils.yaml
View File


+ 0 - 0
kube/example/nginx-example.yaml → k8s/misc/nginx-example.yaml
View File


+ 0 - 0
kube/example/pingtest.yaml → k8s/misc/pingtest.yaml
View File


+ 0 - 0
kube/ubuntu.yaml → k8s/misc/ubuntu.yaml
View File


+ 33 - 0
k8s/netclient/netclient-daemonset.yaml
View File 

@@ -0,0 +1,33 @@
 
+apiVersion: apps/v1
 
+kind: DaemonSet
 
+metadata:
 
+  name: netclient
 
+  labels:
 
+    app: netclient
 
+spec:
 
+  selector:
 
+    matchLabels:
 
+      app: netclient
 
+  replicas: 1
 
+  template:
 
+    metadata:
 
+      labels:
 
+        app: netclient
 
+    spec:
 
+      hostNetwork: true
 
+      containers:
 
+      - name: netclient
 
+        image: gravitl/netclient:v0.14.5
 
+        env:
 
+        - name: TOKEN
 
+          value: "TOKEN_VALUE"
 
+        volumeMounts:
 
+        - mountPath: /etc/netclient
 
+          name: etc-netclient
 
+        securityContext:
 
+          privileged: true
 
+  volumes:
 
+  - hostPath:
 
+      path: /etc/netclient
 
+      type: DirectoryOrCreate
 
+    name: etc-netclient

+ 44 - 0
k8s/netclient/netclient.yaml
View File 

@@ -0,0 +1,44 @@
 
+---
 
+apiVersion: apps/v1
 
+kind: Deployment
 
+metadata:
 
+  name: netclient
 
+  labels:
 
+    app: netclient
 
+spec:
 
+  selector:
 
+    matchLabels:
 
+      app: netclient
 
+  replicas: 1
 
+  template:
 
+    metadata:
 
+      labels:
 
+        app: netclient
 
+    spec:
 
+      hostNetwork: true
 
+      # affinity:
 
+      #   nodeAffinity:
 
+      #     preferredDuringSchedulingIgnoredDuringExecution:
 
+      #     - weight: 1
 
+      #       preference:
 
+      #         matchExpressions:
 
+      #         - key: <node label>
 
+      #           operator: In
 
+      #           values:
 
+      #           - "<node label value>"
 
+      containers:
 
+      - name: netclient
 
+        image: gravitl/netclient:v0.14.5
 
+        env:
 
+        - name: TOKEN
 
+          value: "TOKEN_VALUE"
 
+        volumeMounts:
 
+        - mountPath: /etc/netclient
 
+          name: etc-netclient
 
+        securityContext:
 
+          privileged: true
 
+      volumes:
 
+      - hostPath:
 
+          path: /etc/netclient
 
+          type: DirectoryOrCreate
 
+        name: etc-netclient

+ 228 - 0
k8s/netmaker-server.yaml
View File 

@@ -0,0 +1,228 @@
 
+apiVersion: apps/v1
 
+kind: StatefulSet
 
+metadata:
 
+  labels:
 
+    app: netmaker
 
+  name: netmaker
 
+spec:
 
+  replicas: 3
 
+  serviceName: netmaker-headless
 
+  selector:
 
+    matchLabels:
 
+      app: netmaker
 
+  template:
 
+    metadata:
 
+      labels:
 
+        app: netmaker
 
+    spec:
 
+      initContainers:
 
+      - name: init-sysctl
 
+        image: busybox
 
+        imagePullPolicy: IfNotPresent
 
+        command: ["/bin/sh", "-c"]
 
+        args: ["sysctl -w net.ipv4.ip_forward=1 && sysctl -w net.ipv4.conf.all.src_valid_mark=1 && sysctl -w net.ipv6.conf.all.disable_ipv6=0 && sysctl -w net.ipv6.conf.all.forwarding=1"]
 
+        securityContext:
 
+          privileged: true
 
+      dnsPolicy: ClusterFirstWithHostNet
 
+      affinity:
 
+        podAntiAffinity:
 
+          requiredDuringSchedulingIgnoredDuringExecution:
 
+          - labelSelector:
 
+              matchExpressions:
 
+              - key: app
 
+                operator: In
 
+                values:
 
+                - netmaker
 
+            topologyKey: "kubernetes.io/hostname"
 
+      containers:
 
+      - env:
 
+        - name: NODE_ID
 
+          valueFrom:
 
+            fieldRef:
 
+              apiVersion: v1
 
+              fieldPath: metadata.name
 
+        - name: SERVER_NAME
 
+          value: broker.NETMAKER_SUBDOMAIN
 
+        - name: SERVER_API_CONN_STRING
 
+          value: api.NETMAKER_SUBDOMAIN:443
 
+        - name: SERVER_HTTP_HOST
 
+          value: api.NETMAKER_SUBDOMAIN
 
+        - name: API_PORT
 
+          value: "8081"
 
+        - name: WG_QUICK_USERSPACE_IMPLEMENTATION
 
+          value: wireguard-go
 
+        - name: DNS_MODE
 
+          value: "off"
 
+        - name: CLIENT_MODE
 
+          value: "on"
 
+        - name: DISPLAY_KEYS
 
+          value: "on"
 
+        - name: DATABASE
 
+          value: postgres
 
+        - name: SQL_HOST
 
+          value: "DB_NAME-postgresql" 
+        - name: SQL_PORT
 
+          value: "5432"
 
+        - name: SQL_DB
 
+          value: "postgres"
 
+        - name: SQL_USER
 
+          value: "postgres"
 
+        - name: SQL_PASS
 
+          value: "DB_PASS"
 
+        - name: MASTER_KEY
 
+          value: REPLACE_MASTER_KEY
 
+        - name: CORS_ALLOWED_ORIGIN
 
+          value: '*'
 
+        - name: MQ_HOST
 
+          value: "mq"
 
+        - name: MQ_PORT
 
+          value: "31883"
 
+        - name: MQ_SERVER_PORT
 
+          value: "1883"
 
+        - name: PLATFORM
 
+          value: "Kubernetes"
 
+        - name: VERBOSITY
 
+          value: "3"
 
+        image: gravitl/netmaker:v0.14.5
 
+        imagePullPolicy: Always
 
+        name: netmaker
 
+        ports:
 
+        - containerPort: 8081
 
+          protocol: TCP
 
+        - containerPort: 31821
 
+          protocol: UDP
 
+        - containerPort: 31822
 
+          protocol: UDP
 
+        - containerPort: 31823
 
+          protocol: UDP
 
+        - containerPort: 31824
 
+          protocol: UDP
 
+        - containerPort: 31825
 
+          protocol: UDP
 
+        - containerPort: 31826
 
+          protocol: UDP
 
+        - containerPort: 31827
 
+          protocol: UDP
 
+        - containerPort: 31828
 
+          protocol: UDP
 
+        - containerPort: 31829
 
+          protocol: UDP
 
+        - containerPort: 31830
 
+          protocol: UDP
 
+        resources: {}
 
+        securityContext:
 
+          capabilities:
 
+            add:
 
+            - NET_ADMIN
 
+            - NET_RAW
 
+            - SYS_MODULE
 
+        volumeMounts:
 
+        - mountPath: /etc/netmaker/
 
+          name: shared-certs
 
+      volumes:
 
+      - name: shared-certs
 
+        persistentVolumeClaim:
 
+          claimName: shared-certs-pvc
 
+---
 
+apiVersion: v1
 
+kind: Service
 
+metadata:
 
+  labels:
 
+  name: 'netmaker-wireguard'
 
+spec:
 
+  externalTrafficPolicy: Local
 
+  type: NodePort
 
+  ports:
 
+  - port: 31821
 
+    nodePort: 31821
 
+    protocol: UDP
 
+    targetPort: 31821
 
+    name: wg-iface-31821
 
+  - port: 31822
 
+    nodePort: 31822
 
+    protocol: UDP
 
+    targetPort: 31822
 
+    name: wg-iface-31822
 
+  - port: 31823
 
+    nodePort: 31823
 
+    protocol: UDP
 
+    targetPort: 31823
 
+    name: wg-iface-31823
 
+  - port: 31824
 
+    nodePort: 31824
 
+    protocol: UDP
 
+    targetPort: 31824
 
+    name: wg-iface-31824
 
+  - port: 31825
 
+    nodePort: 31825
 
+    protocol: UDP
 
+    targetPort: 31825
 
+    name: wg-iface-31825
 
+  - port: 31826
 
+    nodePort: 31826
 
+    protocol: UDP
 
+    targetPort: 31826
 
+    name: wg-iface-31826
 
+  - port: 31827
 
+    nodePort: 31827
 
+    protocol: UDP
 
+    targetPort: 31827
 
+    name: wg-iface-31827
 
+  - port: 31828
 
+    nodePort: 31828
 
+    protocol: UDP
 
+    targetPort: 31828
 
+    name: wg-iface-31828
 
+  - port: 31829
 
+    nodePort: 31829
 
+    protocol: UDP
 
+    targetPort: 31829
 
+    name: wg-iface-31829
 
+  - port: 31830
 
+    nodePort: 31830
 
+    protocol: UDP
 
+    targetPort: 31830
 
+    name: wg-iface-31830
 
+  selector:
 
+    app: 'netmaker'
 
+---
 
+apiVersion: v1
 
+kind: Service
 
+metadata:
 
+  name: 'netmaker-rest'
 
+spec:
 
+  ports:
 
+  - name: rest
 
+    port: 8081
 
+    protocol: TCP
 
+    targetPort: 8081
 
+  selector:
 
+    app: 'netmaker'
 
+  sessionAffinity: None
 
+  type: ClusterIP
 
+# ---
 
+# apiVersion: networking.k8s.io/v1
 
+# kind: Ingress
 
+# metadata:
 
+#   name: nm-api-ingress-nginx
 
+#   annotations:
 
+#     nginx.ingress.kubernetes.io/rewrite-target: /
 
+#     cert-manager.io/cluster-issuer: "letsencrypt-nginx"
 
+#     nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
+# spec:
 
+#   ingressClassName: nginx
 
+#   tls:
 
+#   - hosts:
 
+#     - api.NETMAKER_SUBDOMAIN
 
+#     secretName: nm-api-tls
 
+#   rules:
 
+#   - host: api.NETMAKER_SUBDOMAIN
 
+#     http:
 
+#       paths:
 
+#       - path: /
 
+#         pathType: Prefix
 
+#         backend:
 
+#           service:
 
+#             name: netmaker-rest
 
+#             port:
 
+#               number: 8081

+ 64 - 0
k8s/netmaker-ui.yaml
View File 

@@ -0,0 +1,64 @@
 
+---
 
+apiVersion: apps/v1
 
+kind: Deployment
 
+metadata:
 
+  name: netmaker-ui
 
+spec:
 
+  replicas: 2
 
+  selector:
 
+    matchLabels:
 
+      app: netmaker-ui
 
+  template:
 
+    metadata:
 
+      labels:
 
+        app: netmaker-ui
 
+    spec:
 
+      containers:
 
+      - name: netmaker-ui
 
+        image: gravitl/netmaker-ui:v0.14.5
 
+        ports:
 
+        - containerPort: 443
 
+        env:
 
+        - name: BACKEND_URL
 
+          value: 'https://api.NETMAKER_SUBDOMAIN'
 
+      terminationGracePeriodSeconds: 15
 
+---
 
+apiVersion: v1
 
+kind: Service
 
+metadata:
 
+  name: 'netmaker-ui'
 
+spec:
 
+  ports:
 
+  - port: 80
 
+    protocol: TCP
 
+    targetPort: 80
 
+  selector:
 
+    app: 'netmaker-ui'
 
+  sessionAffinity: None
 
+  type: 'ClusterIP'
 
+# ---
 
+# apiVersion: networking.k8s.io/v1
 
+# kind: Ingress
 
+# metadata:
 
+#   name: nm-ui-ingress-nginx
 
+#   annotations:
 
+#     nginx.ingress.kubernetes.io/rewrite-target: /
 
+#     cert-manager.io/cluster-issuer: "letsencrypt-nginx"
 
+#     nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
+# spec:
 
+#   ingressClassName: nginx
 
+#   tls:
 
+#   - hosts:
 
+#     - dashboard.NETMAKER_SUBDOMAIN
 
+#     secretName: nm-ui-tls
 
+#   rules:
 
+#   - host: dashboard.NETMAKER_SUBDOMAIN
 
+#     http:
 
+#       paths:
 
+#       - path: /
 
+#         pathType: Prefix
 
+#         backend:
 
+#           service:
 
+#             name: netmaker-ui
 
+#             port:
 
+#               number: 80

+ 0 - 59
kube/components/mongo-statefulset.yaml
View File 

@@ -1,59 +0,0 @@
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  name: mongo
 
-  labels:
 
-    name: mongo
 
-spec:
 
-  ports:
 
-    - port: 27017
 
-      targetPort: 27017
 
-  clusterIP: None
 
-  selector:
 
-    role: mongo
 
----
 
-apiVersion: apps/v1
 
-kind: StatefulSet
 
-metadata:
 
-  name: mongo
 
-spec:
 
-  serviceName: "mongo"
 
-  replicas: 1
 
-  selector:
 
-    matchLabels:
 
-      role: mongo
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: mongo
 
-        role: mongo
 
-    spec:
 
-      containers:
 
-      - name: mongo
 
-        image: mongo
 
-        env:
 
-          - name: MONGO_INITDB_ROOT_USERNAME
 
-            value: mongoadmin
 
-          - name: MONGO_INITDB_ROOT_PASSWORD
 
-            value: mongopass
 
-        securityContext:
 
-          privileged: true
 
-        volumeMounts:
 
-        - name: mongovol
 
-          mountPath: /data/db
 
-      volumes:
 
-      - name: mongovol
 
-        persistentVolumeClaim:
 
-          claimName: mongodb-pvc
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: mongodb-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteOnce
 
-  resources:
 
-    requests:
 
-      storage: 7Gi
 
-  storageClassName: microk8s-hostpath

+ 0 - 62
kube/components/netclient-template.yaml.backup
View File 

@@ -1,62 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: DaemonSet
 
-metadata:
 
-  name: netclient
 
-  labels:
 
-    app: netclient
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netclient
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netclient
 
-    spec:
 
-      hostNetwork: true
 
-      containers:
 
-      - name: netclient
 
-        image: gravitl/netclient:v0.5.8
 
-        command: ['bash', '-c', "/root/netclient join -t $ACCESS_TOKEN --daemon off --name $(echo $NODE_NAME| sed -e s/.$NETWORK//); while true; do /root/netclient checkin -n $NETWORK; sleep $SLEEP; done"]
 
-        env:
 
-        - name: ACCESS_TOKEN
 
-          value: "ACCESS_TOKEN_VALUE"
 
-        - name: NETWORK
 
-          value: "microk8s"
 
-        - name: SLEEP
 
-          value: "30"
 
-        - name: NODE_NAME
 
-          valueFrom:
 
-            fieldRef:
 
-              fieldPath: spec.nodeName
 
-        volumeMounts:
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        - mountPath: /usr/bin/wg
 
-          name: wg
 
-        - mountPath: /var/run/dbus/system_bus_socket
 
-          name: systemd-bus-socket
 
-        securityContext:
 
-          privileged: true
 
-          #capabilities:
 
-          #  add:
 
-          #  - ["NET_ADMIN","SYS_ADMIN","SYS_MODULE"]
 
-      volumes:
 
-      - hostPath:
 
-          path: /etc/netclient
 
-          type: DirectoryOrCreate
 
-        name: etc-netclient
 
-      - hostPath:
 
-          path: /usr/bin/wg
 
-          type: File
 
-        name: wg 
-      - hostPath:
 
-          path: /usr/bin/resolvectl
 
-          type: File
 
-        name: resolvectl
 
-      - hostPath:
 
-          path: /var/run/dbus/system_bus_socket
 
-          type: ""
 
-        name: systemd-bus-socket
 
-
 
-

+ 0 - 87
kube/components/netmaker-api.yaml
View File 

@@ -1,87 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-api
 
-  labels:
 
-    app: netmaker-api
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-api
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-api
 
-    spec:
 
-      containers:
 
-      - name: netmaker-api
 
-        image: gravitl/netmaker:v0.5.7
 
-        ports:
 
-        - containerPort: 8081
 
-        volumeMounts:
 
-        - name: nm-pvc
 
-          mountPath: /root/config/dnsconfig
 
-        env:
 
-        - name: SERVER_API_CONN_STRING
 
-          value: "api.nm.k8s.gravitl.com:443"
 
-        - name: COREDNS_ADDR
 
-          value: "netmaker-dns"
 
-        - name: SERVER_HTTP_HOST
 
-          value: "api.nm.k8s.gravitl.com"
 
-        - name: API_PORT
 
-          value: "8081"
 
-        - name: AGENT_BACKEND
 
-          value: "off"
 
-        - name: CLIENT_MODE
 
-          value: "off"
 
-        - name: DNS_MODE
 
-          value: "on"
 
-        - name: MASTER_KEY
 
-          value: "Unkn0wn!"
 
-        - name: MASTER_KEY
 
-          value: "secretkey"
 
-        - name: CORS_ALLOWED_ORIGIN
 
-          value: "*"
 
-        - name: DISABLE_REMOTE_IP_CHECK
 
-          value: "on"
 
-        - name: MONGO_ADMIN
 
-          value: "mongoadmin"
 
-        - name: MONGO_PASS
 
-          value: "mongopass"
 
-        - name: MONGO_HOST
 
-          value: "mongo-0.mongo"
 
-        - name: MONGO_OPTS
 
-          value: "/?authSource=admin"
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: nm-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteMany
 
-  resources:
 
-    requests:
 
-      storage: 128Mi
 
-  storageClassName: microk8s-hostpath
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-api
 
-  name: netmaker-api
 
-spec:
 
-  ports:
 
-  - port: 8081
 
-    protocol: TCP
 
-    targetPort: 8081
 
-  selector:
 
-    app: netmaker-api
 
-  sessionAffinity: None
 
-  type: ClusterIP

+ 0 - 98
kube/components/netmaker-backend.yaml
View File 

@@ -1,98 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-backend
 
-  labels:
 
-    app: netmaker-backend
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-backend
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-backend
 
-    spec:
 
-      containers:
 
-      - name: netmaker-backend
 
-        image: gravitl/netmaker:v0.5.7
 
-        ports:
 
-        - containerPort: 8081
 
-        volumeMounts:
 
-        - name: nm-pvc
 
-          mountPath: /root/config/dnsconfig
 
-        env:
 
-        - name: SERVER_API_CONN_STRING
 
-          value: "api.nm.k8s.gravitl.com:443"
 
-        - name: COREDNS_ADDR
 
-          value: "10.152.183.53"
 
-        - name: SERVER_HTTP_HOST
 
-          value: "api.k8s.gravitl.com"
 
-        - name: API_PORT
 
-          value: "8081"
 
-        - name: CLIENT_MODE
 
-          value: "off"
 
-        - name: MASTER_KEY
 
-          value: "Unkn0wn!"
 
-        - name: MASTER_KEY
 
-          value: "secretkey"
 
-        - name: CORS_ALLOWED_ORIGIN
 
-          value: "*"
 
-        - name: DISABLE_REMOTE_IP_CHECK
 
-          value: "on"
 
-        - name: MONGO_ADMIN
 
-          value: "mongoadmin"
 
-        - name: MONGO_PASS
 
-          value: "mongopass"
 
-        - name: MONGO_HOST
 
-          value: "mongo-0.mongo"
 
-        - name: MONGO_OPTS
 
-          value: "/?authSource=admin"
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: nm-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteMany
 
-  resources:
 
-    requests:
 
-      storage: 128Mi
 
-  storageClassName: microk8s-hostpath
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-api
 
-spec:
 
-  ports:
 
-  - port: 8081
 
-    protocol: TCP
 
-    targetPort: 8081
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-spec:
 
-  ports:
 
-  - port: 443
 
-    protocol: TCP
 
-    targetPort: 443
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP

+ 0 - 71
kube/components/netmaker-dns.yaml
View File 

@@ -1,71 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-dns
 
-  labels:
 
-    app: netmaker-dns
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-dns
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-dns
 
-    spec:
 
-      containers:
 
-      - args:
 
-        - -conf
 
-        - /root/dnsconfig/Corefile
 
-        image: coredns/coredns
 
-        imagePullPolicy: Always
 
-        name: netmaker-dns
 
-        ports:
 
-        - containerPort: 53
 
-          name: dns
 
-          protocol: UDP
 
-        - containerPort: 53
 
-          name: dns-tcp
 
-          protocol: TCP
 
-        volumeMounts:
 
-        - mountPath: /root/dnsconfig
 
-          name: nm-pvc
 
-          readOnly: true
 
-        securityContext:
 
-          allowPrivilegeEscalation: false
 
-          capabilities:
 
-            add:
 
-            - NET_BIND_SERVICE
 
-            drop:
 
-            - all
 
-      dnsPolicy: "None"
 
-      dnsConfig:
 
-        nameservers:
 
-          - 127.0.0.1
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-dns
 
-  name: netmaker-dns
 
-spec:
 
-  ports:
 
-  - port: 53
 
-    protocol: UDP
 
-    targetPort: 53
 
-    name: udp
 
-  - port: 53
 
-    protocol: TCP
 
-    targetPort: 53
 
-    name: tcp
 
-  selector:
 
-    app: netmaker-dns
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-  clusterIP: 10.152.183.53

+ 0 - 82
kube/components/netmaker-grpc.yaml
View File 

@@ -1,82 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-grpc
 
-  labels:
 
-    app: netmaker-grpc
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-grpc
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-grpc
 
-    spec:
 
-      containers:
 
-      - name: netmaker-grpc
 
-        image: gravitl/netmaker:v0.5.7
 
-        ports:
 
-        - containerPort: 443
 
-        volumeMounts:
 
-        - name: nm-pvc
 
-          mountPath: /root/dnsconfig
 
-        env:
 
-        - name: SERVER_API_CONN_STRING
 
-          value: "api.nm.k8s.gravitl.com:443"
 
-        - name: SERVER_GRPC_CONN_STRING
 
-          value: "grpc.nm.k8s.gravitl.com:443"
 
-        - name: COREDNS_ADDR
 
-          value: "netmaker-dns"
 
-        - name: GRPC_SSL
 
-          value: "on"
 
-        - name: CLIENT_MODE
 
-          value: "off"
 
-        - name: DNS_MODE
 
-          value: "on"
 
-        - name: MASTER_KEY
 
-          value: "Unkn0wn!"
 
-        - name: SERVER_GRPC_WIREGUARD
 
-          value: "off"
 
-        - name: MASTER_KEY
 
-          value: "secretkey"
 
-        - name: CORS_ALLOWED_ORIGIN
 
-          value: "*"
 
-        - name: DISABLE_REMOTE_IP_CHECK
 
-          value: "on"
 
-        - name: MONGO_ADMIN
 
-          value: "mongoadmin"
 
-        - name: MONGO_PASS
 
-          value: "mongopass"
 
-        - name: MONGO_HOST
 
-          value: "mongo-0.mongo"
 
-        - name: MONGO_OPTS
 
-          value: "/?authSource=admin"
 
-        - name: SERVER_GRPC_HOST
 
-          value: "0.0.0.0"
 
-        - name: GRPC_PORT
 
-          value: "443"
 
-        - name: REST_BACKEND
 
-          value: "off"
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-grpc
 
-  name: netmaker-grpc
 
-spec:
 
-  ports:
 
-  - port: 443
 
-    protocol: TCP
 
-    targetPort: 443
 
-  selector:
 
-    app: netmaker-grpc
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-

+ 0 - 25
kube/components/netmaker-ingress-api.yaml
View File 

@@ -1,25 +0,0 @@
 
-apiVersion: extensions/v1beta1
 
-kind: Ingress
 
-metadata:
 
-  annotations:
 
-    kubernetes.io/ingress.class: "traefik"
 
-    kubernetes.io/ingress.allow-http: "false"    
-    traefik.ingress.kubernetes.io/redirect-entry-point: https
 
-    traefik.ingress.kubernetes.io/redirect-permanent: "true"
 
-    traefik.ingress.kubernetes.io/rule-type: "PathPrefixStrip"
 
-    cert-manager.io/cluster-issuer: wildcard-issuer
 
-  name: nm-api-ingress
 
-  namespace: netmaker
 
-spec:
 
-  rules:
 
-  - host: api.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        backend:
 
-          serviceName: netmaker
 
-          servicePort: 8081
 
-  tls:
 
-  - hosts: 
-    - api.NETMAKER_BASE_DOMAIN
 
-    secretName: cert-nm-api

+ 0 - 25
kube/components/netmaker-ingress-frontend.yaml
View File 

@@ -1,25 +0,0 @@
 
-apiVersion: extensions/v1beta1
 
-kind: Ingress
 
-metadata:
 
-  annotations:
 
-    kubernetes.io/ingress.class: "traefik"
 
-    kubernetes.io/ingress.allow-http: "false"    
-    traefik.ingress.kubernetes.io/redirect-entry-point: https
 
-    traefik.ingress.kubernetes.io/redirect-permanent: "true"
 
-    traefik.ingress.kubernetes.io/rule-type: "PathPrefixStrip"
 
-    cert-manager.io/cluster-issuer: wildcard-issuer
 
-  name: nm-ui-ingress
 
-  namespace: netmaker
 
-spec:
 
-  rules:
 
-  - host: dashboard.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        backend:
 
-          serviceName: netmaker-ui
 
-          servicePort: 80
 
-  tls:
 
-  - hosts: 
-    - dashboard.NETMAKER_BASE_DOMAIN
 
-    secretName: cert-nm-ui

+ 0 - 17
kube/components/netmaker-ingress-grpc.yaml
View File 

@@ -1,17 +0,0 @@
 
-apiVersion: extensions/v1beta1
 
-kind: Ingress
 
-metadata:
 
-  annotations:
 
-    kubernetes.io/ingress.class: "traefik"
 
-    ingress.kubernetes.io/protocol: "h2c"
 
-  name: nm-grpc-ingress
 
-  namespace: netmaker
 
-spec:
 
-  rules:
 
-  - host: grpc.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        backend:
 
-          serviceName: netmaker-grpc
 
-          servicePort: 50051

+ 0 - 345
kube/components/netmaker-template.yaml.backup
View File 

@@ -1,345 +0,0 @@
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  name: mongo
 
-  labels:
 
-    name: mongo
 
-spec:
 
-  ports:
 
-    - port: 27017
 
-      targetPort: 27017
 
-  clusterIP: None
 
-  selector:
 
-    role: mongo
 
----
 
-apiVersion: apps/v1
 
-kind: StatefulSet
 
-metadata:
 
-  name: mongo
 
-spec:
 
-  serviceName: "mongo"
 
-  replicas: 1
 
-  selector:
 
-    matchLabels:
 
-      role: mongo
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: mongo
 
-        role: mongo
 
-    spec:
 
-      containers:
 
-      - name: mongo
 
-        image: mongo
 
-        env:
 
-          - name: MONGO_INITDB_ROOT_USERNAME
 
-            value: mongoadmin
 
-          - name: MONGO_INITDB_ROOT_PASSWORD
 
-            value: mongopass
 
-        securityContext:
 
-          privileged: true
 
-        volumeMounts:
 
-        - name: mongovol
 
-          mountPath: /data/db
 
-      volumes:
 
-      - name: mongovol
 
-        persistentVolumeClaim:
 
-          claimName: mongodb-pvc
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: mongodb-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteOnce
 
-  resources:
 
-    requests:
 
-      storage: 7Gi
 
-  storageClassName: microk8s-hostpath
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-backend
 
-  labels:
 
-    app: netmaker-backend
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-backend
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-backend
 
-    spec:
 
-      containers:
 
-      - name: netmaker-backend
 
-        image: gravitl/netmaker:v0.5.7
 
-        ports:
 
-        - containerPort: 8081
 
-        volumeMounts:
 
-        - name: nm-pvc
 
-          mountPath: /root/config/dnsconfig
 
-        env:
 
-        - name: SERVER_API_CONN_STRING
 
-          value: "api.NETMAKER_BASE_DOMAIN:443"
 
-        - name: COREDNS_ADDR
 
-          value: "10.152.183.53"
 
-        - name: SERVER_HTTP_HOST
 
-          value: "api.NETMAKER_BASE_DOMAIN"
 
-        - name: API_PORT
 
-          value: "8081"
 
-        - name: CLIENT_MODE
 
-          value: "off"
 
-        - name: MASTER_KEY
 
-          value: "Unkn0wn!"
 
-        - name: MASTER_KEY
 
-          value: "secretkey"
 
-        - name: CORS_ALLOWED_ORIGIN
 
-          value: "*"
 
-        - name: DISABLE_REMOTE_IP_CHECK
 
-          value: "on"
 
-        - name: MONGO_ADMIN
 
-          value: "mongoadmin"
 
-        - name: MONGO_PASS
 
-          value: "mongopass"
 
-        - name: MONGO_HOST
 
-          value: "mongo-0.mongo"
 
-        - name: MONGO_OPTS
 
-          value: "/?authSource=admin"
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: nm-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteMany
 
-  resources:
 
-    requests:
 
-      storage: 128Mi
 
-  storageClassName: microk8s-hostpath
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-api
 
-spec:
 
-  ports:
 
-  - port: 8081
 
-    protocol: TCP
 
-    targetPort: 8081
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-grpc
 
-spec:
 
-  ports:
 
-  - port: 443
 
-    protocol: TCP
 
-    targetPort: 443
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-dns
 
-  labels:
 
-    app: netmaker-dns
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-dns
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-dns
 
-    spec:
 
-      containers:
 
-      - args:
 
-        - -conf
 
-        - /root/dnsconfig/Corefile
 
-        image: coredns/coredns
 
-        imagePullPolicy: Always
 
-        name: netmaker-dns
 
-        ports:
 
-        - containerPort: 53
 
-          name: dns
 
-          protocol: UDP
 
-        - containerPort: 53
 
-          name: dns-tcp
 
-          protocol: TCP
 
-        volumeMounts:
 
-        - mountPath: /root/dnsconfig
 
-          name: nm-pvc
 
-          readOnly: true
 
-        securityContext:
 
-          allowPrivilegeEscalation: false
 
-          capabilities:
 
-            add:
 
-            - NET_BIND_SERVICE
 
-            drop:
 
-            - all
 
-      dnsPolicy: "None"
 
-      dnsConfig:
 
-        nameservers:
 
-          - 127.0.0.1
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-dns
 
-  name: netmaker-dns
 
-spec:
 
-  ports:
 
-  - port: 53
 
-    protocol: UDP
 
-    targetPort: 53
 
-    name: udp
 
-  - port: 53
 
-    protocol: TCP
 
-    targetPort: 53
 
-    name: tcp
 
-  selector:
 
-    app: netmaker-dns
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-  clusterIP: 10.152.183.53
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-ui
 
-  labels:
 
-    app: netmaker-ui
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-ui
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-ui
 
-    spec:
 
-      containers:
 
-      - name: netmaker-ui
 
-        image: gravitl/netmaker-ui:v0.5
 
-        ports:
 
-        - containerPort: 80
 
-        env:
 
-        - name: BACKEND_URL
 
-          value: "https://api.NETMAKER_BASE_DOMAIN"
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-ui
 
-  name: netmaker-ui
 
-spec:
 
-  ports:
 
-  - port: 80
 
-    protocol: TCP
 
-    targetPort: 80
 
-  selector:
 
-    app: netmaker-ui
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-api-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: public
 
-  tls:
 
-  - hosts:
 
-    - api.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-api-tls
 
-  rules:
 
-  - host: api.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-api
 
-            port:
 
-              number: 8081
 
-
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-grpc-ingress-nginx
 
-  annotations:
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-    nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
 
-spec:
 
-  ingressClassName: public
 
-  tls:
 
-  - hosts:
 
-    - grpc.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-grpc-tls
 
-  rules:
 
-  - host: grpc.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-grpc
 
-            port:
 
-              number: 443
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-ui-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: public
 
-  tls:
 
-  - hosts:
 
-    - dashboard.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-ui-tls
 
-  rules:
 
-  - host: dashboard.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-ui
 
-            port:
 
-              number: 80

+ 0 - 40
kube/components/netmaker-ui.yaml
View File 

@@ -1,40 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-ui
 
-  labels:
 
-    app: netmaker-ui
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-ui
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-ui
 
-    spec:
 
-      containers:
 
-      - name: netmaker-ui
 
-        image: gravitl/netmaker-ui:v0.5
 
-        ports:
 
-        - containerPort: 80
 
-        env:
 
-        - name: BACKEND_URL
 
-          value: "https://api.nm.k8s.gravitl.com"
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-ui
 
-  name: netmaker-ui
 
-spec:
 
-  ports:
 
-  - port: 80
 
-    protocol: TCP
 
-    targetPort: 80
 
-  selector:
 
-    app: netmaker-ui
 
-  sessionAffinity: None
 
-  type: ClusterIP

+ 0 - 26
kube/components/nm-ingress-api-nginx.yaml
View File 

@@ -1,26 +0,0 @@
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-api-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: public
 
-  tls:
 
-  - hosts:
 
-    - api.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-api-tls
 
-  rules:
 
-  - host: api.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-api
 
-            port:
 
-              number: 8081
 
-

+ 0 - 25
kube/components/nm-ingress-grpc-nginx.yaml
View File 

@@ -1,25 +0,0 @@
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-grpc-ingress-nginx
 
-  annotations:
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-    nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
 
-spec:
 
-  ingressClassName: public
 
-  tls:
 
-  - hosts:
 
-    - grpc.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-grpc-tls-2
 
-  rules:
 
-  - host: grpc.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-grpc
 
-            port:
 
-              number: 443

+ 0 - 26
kube/components/nm-ingress-ui-nginx.yaml
View File 

@@ -1,26 +0,0 @@
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-ui-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: public
 
-  tls:
 
-  - hosts:
 
-    - dashboard.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-ui-tls
 
-  rules:
 
-  - host: dashboard.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-ui
 
-            port:
 
-              number: 80
 
-

+ 0 - 58
kube/netclient-daemonset.yaml
View File 

@@ -1,58 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: DaemonSet
 
-metadata:
 
-  name: netclient
 
-  labels:
 
-    app: netclient
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netclient
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netclient
 
-    spec:
 
-      hostNetwork: true
 
-      containers:
 
-      - name: netclient
 
-        image: gravitl/netclient:v0.7.2
 
-        command: ['bash', '-c', "netclient checkin -n $NETWORK; sleep $SLEEP"]
 
-        env:
 
-        - name: ACCESS_TOKEN
 
-          value: "XXXX"
 
-        - name: NETWORK
 
-          value: "YYYY"
 
-        - name: SLEEP
 
-          value: 30
 
-        volumeMounts:
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        - mountPath: /usr/bin/wg
 
-          name: wg
 
-        securityContext:
 
-          privileged: true
 
-      initContainers:
 
-      - name: netclient-join
 
-        image: gravitl/netclient:v0.7.2
 
-        command: ['bash', '-c', "netclient join -t $ACCESS_TOKEN --daemon off"]
 
-        env:
 
-        - name: ACCESS_TOKEN
 
-          value: "XXXX"
 
-        volumeMounts:
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        - mountPath: /usr/bin/wg
 
-          name: wg
 
-        securityContext:
 
-          privileged: true
 
-  volumes:
 
-  - hostPath:
 
-      path: /etc/netclient
 
-      type: DirectoryOrCreate
 
-    name: etc-netclient
 
-  - hostPath:
 
-      path: /usr/bin/wg
 
-      type: File
 
-    name: wg

+ 0 - 43
kube/netclient-template-doks-uspace.yaml
View File 

@@ -1,43 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: DaemonSet
 
-metadata:
 
-  name: netclient-1
 
-  labels:
 
-    app: netclient-1
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netclient-1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netclient-1
 
-    spec:
 
-      hostNetwork: true
 
-      containers:
 
-      - name: netclient-1
 
-        image: gravitl/netclient:0.9.2-doks-uspace
 
-        env:
 
-        - name: NETCLIENT_ROAMING
 
-          value: "no"
 
-        - name: NETCLIENT_PORT
 
-          value: "51821"
 
-        - name: NETCLIENT_IS_STATIC
 
-          value: "yes"
 
-        - name: NETCLIENT_ENDPOINT
 
-          valueFrom:
 
-            fieldRef:
 
-              fieldPath: status.hostIP
 
-        - name: TOKEN
 
-          value: "<token>"
 
-        volumeMounts:
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        securityContext:
 
-          privileged: true
 
-      volumes:
 
-      - hostPath:
 
-          path: /etc/netclient
 
-          type: DirectoryOrCreate
 
-        name: etc-netclient
 
-

+ 0 - 93
kube/netclient-template-doks.yaml
View File 

@@ -1,93 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: DaemonSet
 
-metadata:
 
-  name: netclient-1
 
-  labels:
 
-    app: netclient-1
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netclient-1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netclient-1
 
-    spec:
 
-      hostNetwork: true
 
-      containers:
 
-      - name: netclient-1
 
-        image: gravitl/netclient:0.9.2-doks
 
-        env:
 
-        - name: NETCLIENT_ROAMING
 
-          value: "no"
 
-        - name: NETCLIENT_PORT
 
-          value: "51821"
 
-        - name: NETCLIENT_IS_STATIC
 
-          value: "yes"
 
-        - name: NETCLIENT_ENDPOINT
 
-          valueFrom:
 
-            fieldRef:
 
-              fieldPath: status.hostIP
 
-        - name: TOKEN
 
-          value: "<token>"
 
-        volumeMounts:
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        - mountPath: /usr/bin/wg
 
-          name: wg
 
-        securityContext:
 
-          privileged: true
 
-      volumes:
 
-      - hostPath:
 
-          path: /etc/netclient
 
-          type: DirectoryOrCreate
 
-        name: etc-netclient
 
-      - hostPath:
 
-          path: /usr/bin/wg
 
-          type: File
 
-        name: wg
 
----
 
-apiVersion: apps/v1
 
-kind: DaemonSet
 
-metadata:
 
-  name: wireguard-controller
 
-  labels:
 
-    app: wireguard-controller
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: wireguard-controller
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: wireguard-controller
 
-    spec:
 
-      hostNetwork: true
 
-      containers:
 
-      - image: gravitl/netclient:0.9.2-doks
 
-        imagePullPolicy: IfNotPresent
 
-        name: wg-installer
 
-        command: ['bash', '-c']
 
-        args:
 
-          - while [ 1 ];
 
-            do if ! command -v wg &> /dev/null;
 
-            then echo "wireguard not installed, installing";
 
-            echo 'deb http://deb.debian.org/debian buster-backports main contrib non-free' > /etc/apt/sources.list.d/buster-backports.list;
 
-            apt update;
 
-            sudo apt -y install linux-headers-$(uname --kernel-release);
 
-            apt -y install wireguard wireguard-tools;
 
-            else echo "wireguard installed";
 
-            sleep 300;
 
-            fi;
 
-            done
 
-        securityContext:
 
-          privileged: true
 
-        volumeMounts:
 
-        - name: rootfolder
 
-          mountPath: /
 
-      volumes:
 
-      - hostPath:
 
-          path: /
 
-          type: ""
 
-        name: rootfolder
 
-

+ 0 - 57
kube/netclient-template.yaml
View File 

@@ -1,57 +0,0 @@
 
-apiVersion: apps/v1
 
-kind: DaemonSet
 
-metadata:
 
-  name: netclient
 
-  labels:
 
-    app: netclient
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netclient
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netclient
 
-    spec:
 
-      hostNetwork: true
 
-      containers:
 
-      - name: netclient
 
-        image: gravitl/netclient:v0.5.11
 
-        command: ['bash', '-c', "/root/netclient join -t $ACCESS_TOKEN --daemon off --name $(echo $NODE_NAME| sed -e s/.$NETWORK//); while true; do /root/netclient checkin --dns on -n $NETWORK; sleep $SLEEP; done"]
 
-        env:
 
-        - name: ACCESS_TOKEN
 
-          value: "ACCESS_TOKEN_VALUE"
 
-        - name: NETWORK
 
-          value: "microk8s"
 
-        - name: SLEEP
 
-          value: "30"
 
-        - name: NODE_NAME
 
-          valueFrom:
 
-            fieldRef:
 
-              fieldPath: spec.nodeName
 
-        volumeMounts:
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        - mountPath: /usr/bin/wg
 
-          name: wg
 
-        - mountPath: /var/run/dbus/system_bus_socket
 
-          name: systemd-bus-socket
 
-        securityContext:
 
-          privileged: true
 
-      volumes:
 
-      - hostPath:
 
-          path: /etc/netclient
 
-          type: DirectoryOrCreate
 
-        name: etc-netclient
 
-      - hostPath:
 
-          path: /usr/bin/wg
 
-          type: File
 
-        name: wg 
-      - hostPath:
 
-          path: /usr/bin/resolvectl
 
-          type: File
 
-        name: resolvectl
 
-      - hostPath:
 
-          path: /var/run/dbus/system_bus_socket
 
-          type: ""
 
-        name: systemd-bus-socket

+ 0 - 353
kube/netmaker-template-udp.yaml
View File 

@@ -1,353 +0,0 @@
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: rqlite-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteOnce
 
-  resources:
 
-    requests:
 
-      storage: 1Gi
 
----
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-backend
 
-  labels:
 
-    app: netmaker-backend
 
-spec:
 
-  nodeSelector:
 
-    netmaker-server: true
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-backend
 
-  replicas: 1
 
-  strategy:
 
-    type: Recreate
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-backend
 
-    spec:
 
-      containers:
 
-      - name: netmaker-backend
 
-        image: gravitl/netmaker:0.7.2
 
-        imagePullPolicy: Always
 
-        ports:
 
-        - containerPort: 8081
 
-        volumeMounts:
 
-        - name: nm-pvc
 
-          mountPath: /root/config/dnsconfig
 
-        - mountPath: /etc/netclient
 
-          name: etc-netclient
 
-        - mountPath: /usr/bin/wg
 
-          name: wg
 
-        - mountPath: /var/run/dbus/system_bus_socket
 
-          name: systemd-bus-socket
 
-        - mountPath: /sys/fs/cgroup
 
-          name: cgroup
 
-        - mountPath: /run/systemd/system
 
-          name: run-systemd
 
-        - mountPath: /etc/systemd/system
 
-          name: etc-systemd
 
-        securityContext:
 
-          privileged: true
 
-        env:
 
-        - name: SERVER_API_CONN_STRING
 
-          value: "api.NETMAKER_BASE_DOMAIN:443"
 
-        - name: COREDNS_ADDR
 
-          value: "10.152.183.53"
 
-        - name: POD_IP
 
-          valueFrom:
 
-            fieldRef:
 
-              fieldPath: status.podIP
 
-        - name: SERVER_HTTP_HOST
 
-          value: "api.NETMAKER_BASE_DOMAIN:443"
 
-        - name: API_PORT
 
-          value: "8081"
 
-        - name: CLIENT_MODE
 
-          value: "off"
 
-        - name: MASTER_KEY
 
-          value: "Unkn0wn!"
 
-        - name: PLATFORM
 
-          value: "Kubernetes"
 
-        - name: CORS_ALLOWED_ORIGIN
 
-          value: "*"
 
-      - name: rqlite
 
-        image: rqlite/rqlite
 
-        ports:
 
-        - containerPort: 4001
 
-        - containerPort: 4002
 
-        volumeMounts:
 
-        - name: rqlitevol
 
-          mountPath: /rqlite/file/data
 
-      volumes:
 
-      - name: rqlitevol
 
-        persistentVolumeClaim:
 
-          claimName: rqlite-pvc
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
-      - hostPath:
 
-          path: /etc/netclient
 
-          type: DirectoryOrCreate
 
-        name: etc-netclient
 
-      - hostPath:
 
-          path: /usr/bin/wg
 
-          type: File
 
-        name: wg
 
-      - hostPath:
 
-          path: /usr/bin/resolvectl
 
-          type: File
 
-        name: resolvectl
 
-      - hostPath:
 
-          path: /var/run/dbus/system_bus_socket
 
-          type: ""
 
-        name: systemd-bus-socket
 
-      - hostPath:
 
-          path: /etc/systemd/system
 
-          type: ""
 
-        name: etc-systemd
 
-      - hostPath:
 
-          path: /run/systemd/system
 
-          type: ""
 
-        name: run-systemd
 
-      - hostPath:
 
-          path: /sys/fs/cgroup
 
-          type: ""
 
-        name: cgroup
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: nm-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteMany
 
-  resources:
 
-    requests:
 
-      storage: 128Mi
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-api
 
-spec:
 
-  ports:
 
-  - port: 8081
 
-    protocol: TCP
 
-    targetPort: 8081
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-grpc
 
-spec:
 
-  ports:
 
-  - port: 443
 
-    protocol: TCP
 
-    targetPort: 443
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-dns
 
-  labels:
 
-    app: netmaker-dns
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-dns
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-dns
 
-    spec:
 
-      containers:
 
-      - args:
 
-        - -conf
 
-        - /root/dnsconfig/Corefile
 
-        image: coredns/coredns
 
-        imagePullPolicy: Always
 
-        name: netmaker-dns
 
-        ports:
 
-        - containerPort: 53
 
-          name: dns
 
-          protocol: UDP
 
-        - containerPort: 53
 
-          name: dns-tcp
 
-          protocol: TCP
 
-        volumeMounts:
 
-        - mountPath: /root/dnsconfig
 
-          name: nm-pvc
 
-          readOnly: true
 
-        securityContext:
 
-          allowPrivilegeEscalation: false
 
-          capabilities:
 
-            add:
 
-            - NET_BIND_SERVICE
 
-            drop:
 
-            - all
 
-      dnsPolicy: "None"
 
-      dnsConfig:
 
-        nameservers:
 
-          - 127.0.0.1
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-dns
 
-  name: netmaker-dns
 
-spec:
 
-  ports:
 
-  - port: 53
 
-    protocol: UDP
 
-    targetPort: 53
 
-    name: udp
 
-  - port: 53
 
-    protocol: TCP
 
-    targetPort: 53
 
-    name: tcp
 
-  selector:
 
-    app: netmaker-dns
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-  clusterIP: 10.152.183.53
 
----
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-ui
 
-  labels:
 
-    app: netmaker-ui
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-ui
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-ui
 
-    spec:
 
-      containers:
 
-      - name: netmaker-ui
 
-        image: gravitl/netmaker-ui:v0.7
 
-        ports:
 
-        - containerPort: 80
 
-        env:
 
-        - name: BACKEND_URL
 
-          value: "https://api.NETMAKER_BASE_DOMAIN"
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-ui
 
-  name: netmaker-ui
 
-spec:
 
-  ports:
 
-  - port: 80
 
-    protocol: TCP
 
-    targetPort: 80
 
-  selector:
 
-    app: netmaker-ui
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-api-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: nginx
 
-  tls:
 
-  - hosts:
 
-    - api.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-api-tls
 
-  rules:
 
-  - host: api.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-api
 
-            port:
 
-              number: 8081
 
----
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-grpc-ingress-nginx
 
-  annotations:
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-    nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
 
-spec:
 
-  ingressClassName: nginx
 
-  tls:
 
-  - hosts:
 
-    - grpc.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-grpc-tls
 
-  rules:
 
-  - host: grpc.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-grpc
 
-            port:
 
-              number: 443
 
----
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-ui-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: nginx
 
-  tls:
 
-  - hosts:
 
-    - dashboard.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-ui-tls
 
-  rules:
 
-  - host: dashboard.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-ui
 
-            port:
 
-              number: 80

+ 0 - 311
kube/netmaker-template.yaml
View File 

@@ -1,311 +0,0 @@
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: rqlite-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteOnce
 
-  resources:
 
-    requests:
 
-      storage: 1Gi
 
----
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-backend
 
-  labels:
 
-    app: netmaker-backend
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-backend
 
-  replicas: 1
 
-  strategy:
 
-    type: Recreate
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-backend
 
-    spec:
 
-      containers:
 
-      - name: netmaker-backend
 
-        image: gravitl/netmaker:v0.7
 
-        imagePullPolicy: Always
 
-        ports:
 
-        - containerPort: 8081
 
-        securityContext:
 
-          privileged: true
 
-        env:
 
-        - name: SERVER_API_CONN_STRING
 
-          value: "api.NETMAKER_BASE_DOMAIN:443"
 
-        - name: COREDNS_ADDR
 
-          value: "10.152.183.53"
 
-        - name: POD_IP
 
-          valueFrom:
 
-            fieldRef:
 
-              fieldPath: status.podIP
 
-        - name: SERVER_HTTP_HOST
 
-          value: "api.NETMAKER_BASE_DOMAIN"
 
-        - name: API_PORT
 
-          value: "8081"
 
-        - name: CLIENT_MODE
 
-          value: "off"
 
-        - name: MASTER_KEY
 
-          value: "Unkn0wn!"
 
-        - name: PLATFORM
 
-          value: "Kubernetes"
 
-        - name: CORS_ALLOWED_ORIGIN
 
-          value: "*"
 
-        volumeMounts:
 
-        - name: nm-pvc
 
-          mountPath: /root/config/dnsconfig
 
-      - name: rqlite
 
-        image: rqlite/rqlite
 
-        ports:
 
-        - containerPort: 4001
 
-        - containerPort: 4002
 
-        volumeMounts:
 
-        - name: rqlitevol
 
-          mountPath: /rqlite/file/data
 
-      volumes:
 
-      - name: rqlitevol
 
-        persistentVolumeClaim:
 
-          claimName: rqlite-pvc
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: PersistentVolumeClaim
 
-metadata:
 
-  name: nm-pvc
 
-spec:
 
-  accessModes:
 
-    - ReadWriteMany
 
-  resources:
 
-    requests:
 
-      storage: 128Mi
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-api
 
-spec:
 
-  ports:
 
-  - port: 8081
 
-    protocol: TCP
 
-    targetPort: 8081
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-backend
 
-  name: netmaker-grpc
 
-spec:
 
-  ports:
 
-  - port: 443
 
-    protocol: TCP
 
-    targetPort: 443
 
-  selector:
 
-    app: netmaker-backend
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-dns
 
-  labels:
 
-    app: netmaker-dns
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-dns
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-dns
 
-    spec:
 
-      containers:
 
-      - args:
 
-        - -conf
 
-        - /root/dnsconfig/Corefile
 
-        image: coredns/coredns
 
-        imagePullPolicy: Always
 
-        name: netmaker-dns
 
-        ports:
 
-        - containerPort: 53
 
-          name: dns
 
-          protocol: UDP
 
-        - containerPort: 53
 
-          name: dns-tcp
 
-          protocol: TCP
 
-        volumeMounts:
 
-        - mountPath: /root/dnsconfig
 
-          name: nm-pvc
 
-          readOnly: true
 
-        securityContext:
 
-          allowPrivilegeEscalation: false
 
-          capabilities:
 
-            add:
 
-            - NET_BIND_SERVICE
 
-            drop:
 
-            - all
 
-      dnsPolicy: "None"
 
-      dnsConfig:
 
-        nameservers:
 
-          - 127.0.0.1
 
-      volumes:
 
-      - name: nm-pvc
 
-        persistentVolumeClaim:
 
-          claimName: nm-pvc
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-dns
 
-  name: netmaker-dns
 
-spec:
 
-  ports:
 
-  - port: 53
 
-    protocol: UDP
 
-    targetPort: 53
 
-    name: udp
 
-  - port: 53
 
-    protocol: TCP
 
-    targetPort: 53
 
-    name: tcp
 
-  selector:
 
-    app: netmaker-dns
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
-  clusterIP: 10.152.183.53
 
----
 
-apiVersion: apps/v1
 
-kind: Deployment
 
-metadata:
 
-  name: netmaker-ui
 
-  labels:
 
-    app: netmaker-ui
 
-spec:
 
-  selector:
 
-    matchLabels:
 
-      app: netmaker-ui
 
-  replicas: 1
 
-  template:
 
-    metadata:
 
-      labels:
 
-        app: netmaker-ui
 
-    spec:
 
-      containers:
 
-      - name: netmaker-ui
 
-        image: gravitl/netmaker-ui:v0.7
 
-        ports:
 
-        - containerPort: 80
 
-        env:
 
-        - name: BACKEND_URL
 
-          value: "https://api.NETMAKER_BASE_DOMAIN"
 
----
 
-apiVersion: v1
 
-kind: Service
 
-metadata:
 
-  labels:
 
-    app: netmaker-ui
 
-  name: netmaker-ui
 
-spec:
 
-  ports:
 
-  - port: 80
 
-    protocol: TCP
 
-    targetPort: 80
 
-  selector:
 
-    app: netmaker-ui
 
-  sessionAffinity: None
 
-  type: ClusterIP
 
----
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-api-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: nginx
 
-  tls:
 
-  - hosts:
 
-    - api.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-api-tls
 
-  rules:
 
-  - host: api.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-api
 
-            port:
 
-              number: 8081
 
----
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-grpc-ingress-nginx
 
-  annotations:
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-    nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
 
-spec:
 
-  ingressClassName: nginx
 
-  tls:
 
-  - hosts:
 
-    - grpc.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-grpc-tls
 
-  rules:
 
-  - host: grpc.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-grpc
 
-            port:
 
-              number: 443
 
----
 
-apiVersion: networking.k8s.io/v1
 
-kind: Ingress
 
-metadata:
 
-  name: nm-ui-ingress-nginx
 
-  annotations:
 
-    nginx.ingress.kubernetes.io/rewrite-target: /
 
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
 
-    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
 
-spec:
 
-  ingressClassName: nginx
 
-  tls:
 
-  - hosts:
 
-    - dashboard.NETMAKER_BASE_DOMAIN
 
-    secretName: nm-ui-tls
 
-  rules:
 
-  - host: dashboard.NETMAKER_BASE_DOMAIN
 
-    http:
 
-      paths:
 
-      - path: /
 
-        pathType: Prefix
 
-        backend:
 
-          service:
 
-            name: netmaker-ui
 
-            port:
 
-              number: 80