| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361 |
- ---
- apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: rqlite-pvc
- spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 1Gi
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: netmaker-backend
- labels:
- app: netmaker-backend
- spec:
- nodeSelector:
- netmaker-server: true
- selector:
- matchLabels:
- app: netmaker-backend
- replicas: 1
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app: netmaker-backend
- spec:
- containers:
- - name: netmaker-backend
- image: gravitl/netmaker:0.7.2
- imagePullPolicy: Always
- ports:
- - containerPort: 8081
- volumeMounts:
- - name: nm-pvc
- mountPath: /root/config/dnsconfig
- - mountPath: /etc/netclient
- name: etc-netclient
- - mountPath: /usr/bin/wg
- name: wg
- - mountPath: /var/run/dbus/system_bus_socket
- name: systemd-bus-socket
- - mountPath: /sys/fs/cgroup
- name: cgroup
- - mountPath: /run/systemd/system
- name: run-systemd
- - mountPath: /etc/systemd/system
- name: etc-systemd
- securityContext:
- privileged: true
- env:
- - name: SERVER_API_CONN_STRING
- value: "api.NETMAKER_BASE_DOMAIN:443"
- - name: SERVER_GRPC_CONN_STRING
- value: "grpc.NETMAKER_BASE_DOMAIN:443"
- - name: COREDNS_ADDR
- value: "10.152.183.53"
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: GRPC_SSL
- value: "on"
- - name: SERVER_HTTP_HOST
- value: "api.NETMAKER_BASE_DOMAIN:443"
- - name: SERVER_GRPC_HOST
- value: "grpc.NETMAKER_BASE_DOMAIN:443"
- - name: API_PORT
- value: "8081"
- - name: GRPC_PORT
- value: "443"
- - name: CLIENT_MODE
- value: "off"
- - name: MASTER_KEY
- value: "Unkn0wn!"
- - name: PLATFORM
- value: "Kubernetes"
- - name: CORS_ALLOWED_ORIGIN
- value: "*"
- - name: rqlite
- image: rqlite/rqlite
- ports:
- - containerPort: 4001
- - containerPort: 4002
- volumeMounts:
- - name: rqlitevol
- mountPath: /rqlite/file/data
- volumes:
- - name: rqlitevol
- persistentVolumeClaim:
- claimName: rqlite-pvc
- - name: nm-pvc
- persistentVolumeClaim:
- claimName: nm-pvc
- - hostPath:
- path: /etc/netclient
- type: DirectoryOrCreate
- name: etc-netclient
- - hostPath:
- path: /usr/bin/wg
- type: File
- name: wg
- - hostPath:
- path: /usr/bin/resolvectl
- type: File
- name: resolvectl
- - hostPath:
- path: /var/run/dbus/system_bus_socket
- type: ""
- name: systemd-bus-socket
- - hostPath:
- path: /etc/systemd/system
- type: ""
- name: etc-systemd
- - hostPath:
- path: /run/systemd/system
- type: ""
- name: run-systemd
- - hostPath:
- path: /sys/fs/cgroup
- type: ""
- name: cgroup
- ---
- apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: nm-pvc
- spec:
- accessModes:
- - ReadWriteMany
- resources:
- requests:
- storage: 128Mi
- ---
- apiVersion: v1
- kind: Service
- metadata:
- labels:
- app: netmaker-backend
- name: netmaker-api
- spec:
- ports:
- - port: 8081
- protocol: TCP
- targetPort: 8081
- selector:
- app: netmaker-backend
- sessionAffinity: None
- type: ClusterIP
- ---
- apiVersion: v1
- kind: Service
- metadata:
- labels:
- app: netmaker-backend
- name: netmaker-grpc
- spec:
- ports:
- - port: 443
- protocol: TCP
- targetPort: 443
- selector:
- app: netmaker-backend
- sessionAffinity: None
- type: ClusterIP
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: netmaker-dns
- labels:
- app: netmaker-dns
- spec:
- selector:
- matchLabels:
- app: netmaker-dns
- replicas: 1
- template:
- metadata:
- labels:
- app: netmaker-dns
- spec:
- containers:
- - args:
- - -conf
- - /root/dnsconfig/Corefile
- image: coredns/coredns
- imagePullPolicy: Always
- name: netmaker-dns
- ports:
- - containerPort: 53
- name: dns
- protocol: UDP
- - containerPort: 53
- name: dns-tcp
- protocol: TCP
- volumeMounts:
- - mountPath: /root/dnsconfig
- name: nm-pvc
- readOnly: true
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- add:
- - NET_BIND_SERVICE
- drop:
- - all
- dnsPolicy: "None"
- dnsConfig:
- nameservers:
- - 127.0.0.1
- volumes:
- - name: nm-pvc
- persistentVolumeClaim:
- claimName: nm-pvc
- ---
- apiVersion: v1
- kind: Service
- metadata:
- labels:
- app: netmaker-dns
- name: netmaker-dns
- spec:
- ports:
- - port: 53
- protocol: UDP
- targetPort: 53
- name: udp
- - port: 53
- protocol: TCP
- targetPort: 53
- name: tcp
- selector:
- app: netmaker-dns
- sessionAffinity: None
- type: ClusterIP
- clusterIP: 10.152.183.53
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: netmaker-ui
- labels:
- app: netmaker-ui
- spec:
- selector:
- matchLabels:
- app: netmaker-ui
- replicas: 1
- template:
- metadata:
- labels:
- app: netmaker-ui
- spec:
- containers:
- - name: netmaker-ui
- image: gravitl/netmaker-ui:v0.7
- ports:
- - containerPort: 80
- env:
- - name: BACKEND_URL
- value: "https://api.NETMAKER_BASE_DOMAIN"
- ---
- apiVersion: v1
- kind: Service
- metadata:
- labels:
- app: netmaker-ui
- name: netmaker-ui
- spec:
- ports:
- - port: 80
- protocol: TCP
- targetPort: 80
- selector:
- app: netmaker-ui
- sessionAffinity: None
- type: ClusterIP
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: nm-api-ingress-nginx
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
- cert-manager.io/cluster-issuer: "letsencrypt-prod"
- nginx.ingress.kubernetes.io/ssl-redirect: 'true'
- spec:
- ingressClassName: nginx
- tls:
- - hosts:
- - api.NETMAKER_BASE_DOMAIN
- secretName: nm-api-tls
- rules:
- - host: api.NETMAKER_BASE_DOMAIN
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: netmaker-api
- port:
- number: 8081
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: nm-grpc-ingress-nginx
- annotations:
- cert-manager.io/cluster-issuer: "letsencrypt-prod"
- nginx.ingress.kubernetes.io/ssl-redirect: 'true'
- nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
- spec:
- ingressClassName: nginx
- tls:
- - hosts:
- - grpc.NETMAKER_BASE_DOMAIN
- secretName: nm-grpc-tls
- rules:
- - host: grpc.NETMAKER_BASE_DOMAIN
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: netmaker-grpc
- port:
- number: 443
- ---
- apiVersion: networking.k8s.io/v1
- kind: Ingress
- metadata:
- name: nm-ui-ingress-nginx
- annotations:
- nginx.ingress.kubernetes.io/rewrite-target: /
- cert-manager.io/cluster-issuer: "letsencrypt-prod"
- nginx.ingress.kubernetes.io/ssl-redirect: 'true'
- spec:
- ingressClassName: nginx
- tls:
- - hosts:
- - dashboard.NETMAKER_BASE_DOMAIN
- secretName: nm-ui-tls
- rules:
- - host: dashboard.NETMAKER_BASE_DOMAIN
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: netmaker-ui
- port:
- number: 80
|
