golang
/
netmaker
mirror of https://github.com/gravitl/netmaker


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345
							apiVersion: v1
kind: Service
metadata:
  name: mongo
  labels:
    name: mongo
spec:
  ports:
    - port: 27017
      targetPort: 27017
  clusterIP: None
  selector:
    role: mongo
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: mongo
spec:
  serviceName: "mongo"
  replicas: 1
  selector:
    matchLabels:
      role: mongo
  template:
    metadata:
      labels:
        app: mongo
        role: mongo
    spec:
      containers:
      - name: mongo
        image: mongo
        env:
          - name: MONGO_INITDB_ROOT_USERNAME
            value: mongoadmin
          - name: MONGO_INITDB_ROOT_PASSWORD
            value: mongopass
        securityContext:
          privileged: true
        volumeMounts:
        - name: mongovol
          mountPath: /data/db
      volumes:
      - name: mongovol
        persistentVolumeClaim:
          claimName: mongodb-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: mongodb-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 7Gi
  storageClassName: microk8s-hostpath
apiVersion: apps/v1
kind: Deployment
metadata:
  name: netmaker-backend
  labels:
    app: netmaker-backend
spec:
  selector:
    matchLabels:
      app: netmaker-backend
  replicas: 1
  template:
    metadata:
      labels:
        app: netmaker-backend
    spec:
      containers:
      - name: netmaker-backend
        image: gravitl/netmaker:v0.5.7
        ports:
        - containerPort: 8081
        volumeMounts:
        - name: nm-pvc
          mountPath: /root/config/dnsconfig
        env:
        - name: SERVER_API_CONN_STRING
          value: "api.NETMAKER_BASE_DOMAIN:443"
        - name: COREDNS_ADDR
          value: "10.152.183.53"
        - name: SERVER_HTTP_HOST
          value: "api.NETMAKER_BASE_DOMAIN"
        - name: API_PORT
          value: "8081"
        - name: CLIENT_MODE
          value: "off"
        - name: MASTER_KEY
          value: "Unkn0wn!"
        - name: MASTER_KEY
          value: "secretkey"
        - name: CORS_ALLOWED_ORIGIN
          value: "*"
        - name: DISABLE_REMOTE_IP_CHECK
          value: "on"
        - name: MONGO_ADMIN
          value: "mongoadmin"
        - name: MONGO_PASS
          value: "mongopass"
        - name: MONGO_HOST
          value: "mongo-0.mongo"
        - name: MONGO_OPTS
          value: "/?authSource=admin"
      volumes:
      - name: nm-pvc
        persistentVolumeClaim:
          claimName: nm-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nm-pvc
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 128Mi
  storageClassName: microk8s-hostpath
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-backend
  name: netmaker-api
spec:
  ports:
  - port: 8081
    protocol: TCP
    targetPort: 8081
  selector:
    app: netmaker-backend
  sessionAffinity: None
  type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-backend
  name: netmaker-grpc
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    app: netmaker-backend
  sessionAffinity: None
  type: ClusterIP
apiVersion: apps/v1
kind: Deployment
metadata:
  name: netmaker-dns
  labels:
    app: netmaker-dns
spec:
  selector:
    matchLabels:
      app: netmaker-dns
  replicas: 1
  template:
    metadata:
      labels:
        app: netmaker-dns
    spec:
      containers:
      - args:
        - -conf
        - /root/dnsconfig/Corefile
        image: coredns/coredns
        imagePullPolicy: Always
        name: netmaker-dns
        ports:
        - containerPort: 53
          name: dns
          protocol: UDP
        - containerPort: 53
          name: dns-tcp
          protocol: TCP
        volumeMounts:
        - mountPath: /root/dnsconfig
          name: nm-pvc
          readOnly: true
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - all
      dnsPolicy: "None"
      dnsConfig:
        nameservers:
          - 127.0.0.1
      volumes:
      - name: nm-pvc
        persistentVolumeClaim:
          claimName: nm-pvc
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-dns
  name: netmaker-dns
spec:
  ports:
  - port: 53
    protocol: UDP
    targetPort: 53
    name: udp
  - port: 53
    protocol: TCP
    targetPort: 53
    name: tcp
  selector:
    app: netmaker-dns
  sessionAffinity: None
  type: ClusterIP
  clusterIP: 10.152.183.53
apiVersion: apps/v1
kind: Deployment
metadata:
  name: netmaker-ui
  labels:
    app: netmaker-ui
spec:
  selector:
    matchLabels:
      app: netmaker-ui
  replicas: 1
  template:
    metadata:
      labels:
        app: netmaker-ui
    spec:
      containers:
      - name: netmaker-ui
        image: gravitl/netmaker-ui:v0.5
        ports:
        - containerPort: 80
        env:
        - name: BACKEND_URL
          value: "https://api.NETMAKER_BASE_DOMAIN"
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-ui
  name: netmaker-ui
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: netmaker-ui
  sessionAffinity: None
  type: ClusterIP
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nm-api-ingress-nginx
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
  ingressClassName: public
  tls:
  - hosts:
    - api.NETMAKER_BASE_DOMAIN
    secretName: nm-api-tls
  rules:
  - host: api.NETMAKER_BASE_DOMAIN
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: netmaker-api
            port:
              number: 8081

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nm-grpc-ingress-nginx
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
    nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
spec:
  ingressClassName: public
  tls:
  - hosts:
    - grpc.NETMAKER_BASE_DOMAIN
    secretName: nm-grpc-tls
  rules:
  - host: grpc.NETMAKER_BASE_DOMAIN
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: netmaker-grpc
            port:
              number: 443
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nm-ui-ingress-nginx
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
  ingressClassName: public
  tls:
  - hosts:
    - dashboard.NETMAKER_BASE_DOMAIN
    secretName: nm-ui-tls
  rules:
  - host: dashboard.NETMAKER_BASE_DOMAIN
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: netmaker-ui
            port:
              number: 80