diff --git a/kubernetes/cluster-issuer.yaml b/kubernetes/cluster-issuer.yaml deleted file mode 100644 index 8b0dc6a7..00000000 --- a/kubernetes/cluster-issuer.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-prod -spec: - acme: - email: contact@zoltanszepesi.com - server: https://acme-v02.api.letsencrypt.org/directory - privateKeySecretRef: - # Secret resource that will be used to store the account's private key. - name: letsencrypt-issuer-account-key - solvers: - - http01: - ingress: - class: nginx \ No newline at end of file diff --git a/kubernetes/configmap-descheduler.yaml b/kubernetes/configmap-descheduler.yaml deleted file mode 100644 index ff498326..00000000 --- a/kubernetes/configmap-descheduler.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: descheduler-policy-configmap - namespace: kube-system -data: - policy.yaml: | - apiVersion: "descheduler/v1alpha1" - kind: "DeschedulerPolicy" - strategies: - "RemoveDuplicates": - enabled: true - "RemovePodsViolatingInterPodAntiAffinity": - enabled: true \ No newline at end of file diff --git a/kubernetes/configmap-ingress-nginx.yaml b/kubernetes/configmap-ingress-nginx.yaml deleted file mode 100644 index 60326c48..00000000 --- a/kubernetes/configmap-ingress-nginx.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: nginx-configuration - namespace: ingress-nginx - labels: - app.kubernetes.io/name: ingress-nginx - app.kubernetes.io/part-of: ingress-nginx -data: - use-forwarded-headers: "true" - compute-full-forwarded-for: "true" - use-proxy-protocol: "true" \ No newline at end of file diff --git a/kubernetes/deploy.sh b/kubernetes/deploy.sh deleted file mode 100755 index 165a03d0..00000000 --- a/kubernetes/deploy.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/usr/bin/env bash -set -e - -./operators.sh -sleep 30 -kubectl apply -f cluster-issuer.yaml -kubectl apply -f configmap-ingress-nginx.yaml - -kubectl apply -f namespace-matverseny.yaml -kubectl apply -f ./matverseny-backend/ingress.yaml -kubectl apply -f ./matverseny-backend/kafka-1.yaml -kubectl apply -f ./matverseny-backend/postgres-1.yaml -kubectl apply -f ./matverseny-backend/secret.yaml - -kubectl apply -f namespace-iam.yaml -envsubst < ./iam/secret.yaml | kubectl apply -f - -kubectl apply -f ./iam/mysql.yaml -sleep 10 -kubectl apply -f ./iam/migration.yaml -kubectl apply -f ./iam/iam.yaml -kubectl apply -f ./iam/ingress.yaml - -directory=$(mktemp -d) -pushd "$directory" -openssl genrsa -out keypair.pem 4096 -openssl rsa -in keypair.pem -pubout -out publickey.crt -export JWT_PRIVATE=$(cat keypair.pem) -export JWT_PUBLIC=$(cat publickey.crt) -shred -uz keypair.pem -popd -echo $JWT_PRIVATE -echo $JWT_PUBLIC -# TODO: fix this -# envsubst < ./iam/jwt.yaml | kubectl apply -f - -unset JWT_PRIVATE - -echo please fill in the secret for IAM_APP_SECRET -sleep 30 -kubectl apply -f ./matverseny-backend/matverseny-backend.yaml -kubectl apply -f ./matverseny-backend/matverseny-backend-migration.yaml diff --git a/kubernetes/iam/iam.yaml b/kubernetes/iam/iam.yaml deleted file mode 100644 index 1fcf96c2..00000000 --- a/kubernetes/iam/iam.yaml +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: iam - namespace: iam -spec: - replicas: 3 - selector: - matchLabels: - app: iam - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 - template: - metadata: - labels: - app: iam - spec: - containers: - - name: app - image: verseghy/iam - ports: - - containerPort: 3001 - imagePullPolicy: Always - #livenessProbe: - # httpGet: - # path: /liveness - # port: 3001 - # initialDelaySeconds: 300 - # failureThreshold: 5 - #readinessProbe: - # httpGet: - # path: /readiness - # port: 3001 - # initialDelaySeconds: 10 - # timeoutSeconds: 5 - resources: - limits: - memory: 128Mi - env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: mysql - key: mysql-password - - name: DATABASE_URL - value: mysql://root:$(DB_PASSWORD)@mysql.iam.svc.cluster.local/iam - - name: REDIS_URL - value: redis://redis.iam.svc.cluster.local - - name: SMTP_HOST - value: "" - - name: SMTP_USERNAME - value: "" - - name: SMTP_PASSWORD - value: "" - - name: JWT_RSA_PRIVATE - valueFrom: - secretKeyRef: - name: jwt - key: private-key - - name: JWT_RSA_PUBLIC - valueFrom: - secretKeyRef: - name: jwt - key: public-key ---- -apiVersion: v1 -kind: Service -metadata: - name: iam - namespace: iam -spec: - selector: - app: iam - ports: - - name: iam - protocol: TCP - port: 80 - targetPort: 3001 \ No newline at end of file diff --git a/kubernetes/iam/ingress.yaml b/kubernetes/iam/ingress.yaml deleted file mode 100644 index 8b4e3ff0..00000000 --- a/kubernetes/iam/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: ingress - annotations: - cert-manager.io/issue-temporary-certificate: "true" - acme.cert-manager.io/http01-edit-in-place: "true" - kubernetes.io/ingress.class: "nginx" - cert-manager.io/cluster-issuer: "letsencrypt-prod" - nginx.ingress.kubernetes.io/enable-cors: "true" - nginx.ingress.kubernetes.io/use-regex: "true" - nginx.ingress.kubernetes.io/proxy-read-timeout: "36000" - nginx.ingress.kubernetes.io/proxy-send-timeout: "36000" - namespace: iam -spec: - rules: - - host: iam.193.verseghy-gimnazium.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: iam - port: - number: 80 - tls: - - hosts: - - iam.193.verseghy-gimnazium.net - secretName: ingress-tls \ No newline at end of file diff --git a/kubernetes/iam/jwt.yaml b/kubernetes/iam/jwt.yaml deleted file mode 100644 index c6ec108e..00000000 --- a/kubernetes/iam/jwt.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: jwt - namespace: iam -data: - private-key: | - $JWT_PRIVATE - public-key: | - $JWT_PUBLIC diff --git a/kubernetes/iam/migration.yaml b/kubernetes/iam/migration.yaml deleted file mode 100644 index 56a9bd00..00000000 --- a/kubernetes/iam/migration.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: iam-migrations - namespace: iam -spec: - ttlSecondsAfterFinished: 3600 - template: - spec: - containers: - - name: iam-migrations - image: verseghy/iam-migration:latest - imagePullPolicy: Always - env: - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: mysql - key: mysql-password - - name: DATABASE_URL - value: mysql://root:$(DB_PASSWORD)@mysql.iam.svc.cluster.local/iam - restartPolicy: OnFailure - backoffLimit: 4 \ No newline at end of file diff --git a/kubernetes/iam/mysql.yaml b/kubernetes/iam/mysql.yaml deleted file mode 100644 index 0e245451..00000000 --- a/kubernetes/iam/mysql.yaml +++ /dev/null @@ -1,61 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: mysql - namespace: iam -spec: - ports: - - port: 3306 - selector: - app: mysql ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mysql - namespace: iam -spec: - selector: - matchLabels: - app: mysql - strategy: - type: Recreate - template: - metadata: - labels: - app: mysql - spec: - containers: - - image: mysql:8 - name: mysql - env: - - name: MYSQL_ROOT_PASSWORD - valueFrom: - secretKeyRef: - name: mysql - key: mysql-password - - name: MYSQL_DATABASE - value: iam - ports: - - containerPort: 3306 - name: mysql - volumeMounts: - - name: mysql-persistent-storage - mountPath: /var/lib/mysql - volumes: - - name: mysql-persistent-storage - persistentVolumeClaim: - claimName: mysql-pv-claim ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mysql-pv-claim - namespace: iam -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi \ No newline at end of file diff --git a/kubernetes/iam/secret.yaml b/kubernetes/iam/secret.yaml deleted file mode 100644 index 22c87a31..00000000 --- a/kubernetes/iam/secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: mysql - namespace: iam -data: - mysql-password: "$MYSQL_PASSWORD" diff --git a/kubernetes/kafka-drain-cleaner/000-Namespace.yaml b/kubernetes/kafka-drain-cleaner/000-Namespace.yaml deleted file mode 100644 index 9a9d13ac..00000000 --- a/kubernetes/kafka-drain-cleaner/000-Namespace.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner \ No newline at end of file diff --git a/kubernetes/kafka-drain-cleaner/010-ServiceAccount.yaml b/kubernetes/kafka-drain-cleaner/010-ServiceAccount.yaml deleted file mode 100644 index 51c6b7ad..00000000 --- a/kubernetes/kafka-drain-cleaner/010-ServiceAccount.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner - namespace: strimzi-drain-cleaner diff --git a/kubernetes/kafka-drain-cleaner/020-ClusterRole.yaml b/kubernetes/kafka-drain-cleaner/020-ClusterRole.yaml deleted file mode 100644 index 743eea84..00000000 --- a/kubernetes/kafka-drain-cleaner/020-ClusterRole.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner -rules: - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - patch diff --git a/kubernetes/kafka-drain-cleaner/030-ClusterRoleBinding.yaml b/kubernetes/kafka-drain-cleaner/030-ClusterRoleBinding.yaml deleted file mode 100644 index 25acff34..00000000 --- a/kubernetes/kafka-drain-cleaner/030-ClusterRoleBinding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner -subjects: - - kind: ServiceAccount - name: strimzi-drain-cleaner - namespace: strimzi-drain-cleaner -roleRef: - kind: ClusterRole - name: strimzi-drain-cleaner - apiGroup: rbac.authorization.k8s.io diff --git a/kubernetes/kafka-drain-cleaner/040-Issuer.yaml b/kubernetes/kafka-drain-cleaner/040-Issuer.yaml deleted file mode 100644 index 5a1f4ad5..00000000 --- a/kubernetes/kafka-drain-cleaner/040-Issuer.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner - namespace: strimzi-drain-cleaner -spec: - selfSigned: {} \ No newline at end of file diff --git a/kubernetes/kafka-drain-cleaner/041-Certificate.yaml b/kubernetes/kafka-drain-cleaner/041-Certificate.yaml deleted file mode 100644 index 4a2c69c6..00000000 --- a/kubernetes/kafka-drain-cleaner/041-Certificate.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner - namespace: strimzi-drain-cleaner -spec: - secretName: strimzi-drain-cleaner - commonName: strimzi-drain-cleaner - dnsNames: - - strimzi-drain-cleaner.strimzi-drain-cleaner.svc - - strimzi-drain-cleaner.strimzi-drain-cleaner - - strimzi-drain-cleaner - issuerRef: - name: strimzi-drain-cleaner \ No newline at end of file diff --git a/kubernetes/kafka-drain-cleaner/050-Service.yaml b/kubernetes/kafka-drain-cleaner/050-Service.yaml deleted file mode 100644 index 877ae8db..00000000 --- a/kubernetes/kafka-drain-cleaner/050-Service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: Service -apiVersion: v1 -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner - namespace: strimzi-drain-cleaner -spec: - ports: - - port: 80 - name: http - protocol: TCP - targetPort: 8080 - - port: 443 - name: https - protocol: TCP - targetPort: 8443 - selector: - app: strimzi-drain-cleaner \ No newline at end of file diff --git a/kubernetes/kafka-drain-cleaner/060-Deployment.yaml b/kubernetes/kafka-drain-cleaner/060-Deployment.yaml deleted file mode 100644 index 658878e7..00000000 --- a/kubernetes/kafka-drain-cleaner/060-Deployment.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner - namespace: strimzi-drain-cleaner -spec: - replicas: 1 - selector: - matchLabels: - app: strimzi-drain-cleaner - template: - metadata: - labels: - app: strimzi-drain-cleaner - spec: - serviceAccountName: strimzi-drain-cleaner - containers: - - name: strimzi-drain-cleaner - image: quay.io/strimzi/drain-cleaner:0.3.1 - ports: - - containerPort: 8080 - name: http - - containerPort: 8443 - name: https - command: - - "/application" - - "-Dquarkus.http.host=0.0.0.0" - - "--kafka" - - "--zookeeper" - volumeMounts: - - name: webhook-certificates - mountPath: "/etc/webhook-certificates" - readOnly: true - livenessProbe: - httpGet: - path: /health - port: http - initialDelaySeconds: 10 - periodSeconds: 30 - readinessProbe: - httpGet: - path: /health - port: http - initialDelaySeconds: 10 - periodSeconds: 30 - volumes: - - name: webhook-certificates - secret: - secretName: strimzi-drain-cleaner - strategy: - type: RollingUpdate diff --git a/kubernetes/kafka-drain-cleaner/070-ValidatingWebhookConfiguration.yaml b/kubernetes/kafka-drain-cleaner/070-ValidatingWebhookConfiguration.yaml deleted file mode 100644 index 97b9fdf3..00000000 --- a/kubernetes/kafka-drain-cleaner/070-ValidatingWebhookConfiguration.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: strimzi-drain-cleaner - labels: - app: strimzi-drain-cleaner - annotations: - cert-manager.io/inject-ca-from: strimzi-drain-cleaner/strimzi-drain-cleaner -webhooks: - - name: strimzi-drain-cleaner.strimzi.io - rules: - - apiGroups: [""] - apiVersions: ["v1"] - operations: ["CREATE"] - resources: ["pods/eviction"] - scope: "Namespaced" - clientConfig: - service: - namespace: "strimzi-drain-cleaner" - name: "strimzi-drain-cleaner" - path: /drainer - port: 443 - caBundle: Cg== - admissionReviewVersions: ["v1"] - sideEffects: None - failurePolicy: Ignore - timeoutSeconds: 5 \ No newline at end of file diff --git a/kubernetes/matverseny-backend/ingress.yaml b/kubernetes/matverseny-backend/ingress.yaml deleted file mode 100644 index 5f692aae..00000000 --- a/kubernetes/matverseny-backend/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: ingress - annotations: - cert-manager.io/issue-temporary-certificate: "true" - acme.cert-manager.io/http01-edit-in-place: "true" - kubernetes.io/ingress.class: "nginx" - cert-manager.io/cluster-issuer: "letsencrypt-prod" - nginx.ingress.kubernetes.io/enable-cors: "true" - nginx.ingress.kubernetes.io/use-regex: "true" - nginx.ingress.kubernetes.io/proxy-read-timeout: "36000" - nginx.ingress.kubernetes.io/proxy-send-timeout: "36000" - namespace: matverseny -spec: - rules: - - host: api.193.verseghy-gimnazium.net - http: - paths: - - path: "/(?!(readiness|liveness)).*" - pathType: Prefix - backend: - service: - name: matverseny-backend - port: - number: 3002 - tls: - - hosts: - - api.193.verseghy-gimnazium.net - secretName: ingress-tls diff --git a/kubernetes/matverseny-backend/kafka-1.yaml b/kubernetes/matverseny-backend/kafka-1.yaml deleted file mode 100644 index 32b55c94..00000000 --- a/kubernetes/matverseny-backend/kafka-1.yaml +++ /dev/null @@ -1,47 +0,0 @@ -apiVersion: kafka.strimzi.io/v1beta2 -kind: Kafka -metadata: - name: kafka-cluster - namespace: matverseny -spec: - kafka: - template: - podDisruptionBudget: - maxUnavailable: 0 - version: 3.5.0 - replicas: 1 - listeners: - - name: plain - port: 9092 - type: internal - tls: false - - name: tls - port: 9093 - type: internal - tls: true - config: - offsets.topic.replication.factor: 1 - transaction.state.log.replication.factor: 1 - transaction.state.log.min.isr: 1 - default.replication.factor: 1 - min.insync.replicas: 1 - inter.broker.protocol.version: "3.4" - storage: - type: persistent-claim - size: 1Gi - deleteClaim: true - zookeeper: - template: - podDisruptionBudget: - maxUnavailable: 0 - replicas: 1 - storage: - type: persistent-claim - size: 1Gi - deleteClaim: true - entityOperator: - template: - topicOperatorContainer: - env: - - name: STRIMZI_USE_ZOOKEEPER_TOPIC_STORE - value: "true" \ No newline at end of file diff --git a/kubernetes/matverseny-backend/kafka-3.yaml b/kubernetes/matverseny-backend/kafka-3.yaml deleted file mode 100644 index 966d46b8..00000000 --- a/kubernetes/matverseny-backend/kafka-3.yaml +++ /dev/null @@ -1,47 +0,0 @@ -apiVersion: kafka.strimzi.io/v1beta2 -kind: Kafka -metadata: - name: kafka-cluster - namespace: matverseny -spec: - kafka: - template: - podDisruptionBudget: - maxUnavailable: 0 - version: 3.4.0 - replicas: 3 - listeners: - - name: plain - port: 9092 - type: internal - tls: false - - name: tls - port: 9093 - type: internal - tls: true - config: - offsets.topic.replication.factor: 3 - transaction.state.log.replication.factor: 3 - transaction.state.log.min.isr: 2 - default.replication.factor: 3 - min.insync.replicas: 2 - inter.broker.protocol.version: "3.4" - storage: - type: persistent-claim - size: 1Gi - deleteClaim: true - zookeeper: - template: - podDisruptionBudget: - maxUnavailable: 0 - replicas: 3 - storage: - type: persistent-claim - size: 1Gi - deleteClaim: true - entityOperator: - template: - topicOperatorContainer: - env: - - name: STRIMZI_USE_ZOOKEEPER_TOPIC_STORE - value: "true" \ No newline at end of file diff --git a/kubernetes/matverseny-backend/matverseny-backend-migration.yaml b/kubernetes/matverseny-backend/matverseny-backend-migration.yaml deleted file mode 100644 index dabe6db8..00000000 --- a/kubernetes/matverseny-backend/matverseny-backend-migration.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: matverseny-backend-migration - namespace: matverseny -spec: - ttlSecondsAfterFinished: 3600 - template: - spec: - containers: - - name: matverseny-backend-migration - image: verseghy/matverseny-migrations:latest - imagePullPolicy: Always - env: - - name: DATABASE_URL - valueFrom: - secretKeyRef: - key: uri - name: postgres-pguser-postgres - restartPolicy: OnFailure - backoffLimit: 100 \ No newline at end of file diff --git a/kubernetes/matverseny-backend/matverseny-backend.yaml b/kubernetes/matverseny-backend/matverseny-backend.yaml deleted file mode 100644 index 871b0933..00000000 --- a/kubernetes/matverseny-backend/matverseny-backend.yaml +++ /dev/null @@ -1,86 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: matverseny-backend - namespace: matverseny -spec: - replicas: 3 - selector: - matchLabels: - app: matverseny-backend - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 0 - maxUnavailable: 1 - template: - metadata: - labels: - app: matverseny-backend - spec: - containers: - - name: app - image: verseghy/matverseny-backend - ports: - - containerPort: 3002 - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /liveness - port: 3002 - initialDelaySeconds: 300 - failureThreshold: 5 - readinessProbe: - httpGet: - path: /readiness - port: 3002 - initialDelaySeconds: 10 - timeoutSeconds: 5 - resources: - limits: - memory: 128Mi - env: - - name: DATABASE_URL - valueFrom: - secretKeyRef: - key: uri - name: postgres-pguser-postgres - - name: IAM_APP_SECRET - valueFrom: - secretKeyRef: - key: IAM_APP_SECRET - name: matverseny-backend - - name: IAM_URL - value: http://iam.iam.svc.cluster.local - - name: IAM_JWT_RSA_PUBLIC - valueFrom: - secretKeyRef: - key: public-key - name: jwt - - name: KAFKA_BOOTSTRAP_SERVERS - value: kafka-cluster-kafka-bootstrap.matverseny.svc.cluster.local:9092 ---- -apiVersion: v1 -kind: Service -metadata: - name: matverseny-backend - namespace: matverseny -spec: - selector: - app: matverseny-backend - ports: - - name: matverseny-backend - protocol: TCP - port: 80 - targetPort: 3002 ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: matverseny-backend - namespace: matverseny -spec: - maxUnavailable: 1 - selector: - matchLabels: - app: matverseny-backend \ No newline at end of file diff --git a/kubernetes/matverseny-backend/postgres-1.yaml b/kubernetes/matverseny-backend/postgres-1.yaml deleted file mode 100644 index a5b88e9f..00000000 --- a/kubernetes/matverseny-backend/postgres-1.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: postgres-operator.crunchydata.com/v1beta1 -kind: PostgresCluster -metadata: - name: postgres - namespace: matverseny -spec: - image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-16.0-0 - postgresVersion: 16 - instances: - - name: instance1 - replicas: 1 - dataVolumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 1Gi - backups: - pgbackrest: - image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.47-1 - repos: - - name: repo1 - volume: - volumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 10Gi - schedules: - full: "0,15,30,45 * * * *" - global: - repo1-retention-full: "48" - repo1-retention-full-type: count diff --git a/kubernetes/matverseny-backend/postgres-3.yaml b/kubernetes/matverseny-backend/postgres-3.yaml deleted file mode 100644 index 2f32388e..00000000 --- a/kubernetes/matverseny-backend/postgres-3.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: postgres-operator.crunchydata.com/v1beta1 -kind: PostgresCluster -metadata: - name: postgres - namespace: matverseny -spec: - image: registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-16.0-0 - postgresVersion: 16 - instances: - - name: instance1 - replicas: 3 - dataVolumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 1Gi - backups: - pgbackrest: - image: registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.47-1 - repos: - - name: repo1 - volume: - volumeClaimSpec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: 10Gi - schedules: - full: "0,15,30,45 * * * *" - global: - repo1-retention-full: "48" - repo1-retention-full-type: count diff --git a/kubernetes/matverseny-backend/postgres-data-access.yaml b/kubernetes/matverseny-backend/postgres-data-access.yaml deleted file mode 100644 index a3ee649d..00000000 --- a/kubernetes/matverseny-backend/postgres-data-access.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: postgres-data-access - namespace: matverseny -spec: - replicas: 1 - selector: - matchLabels: - app: postgres-data-access - template: - metadata: - labels: - app: postgres-data-access - spec: - containers: - - name: postgres-data-access - image: alpine:latest - command: ['sleep', 'infinity'] - imagePullPolicy: Always - volumeMounts: - - mountPath: /data - name: postgres-repo1 - volumes: - - name: postgres-repo1 - persistentVolumeClaim: - claimName: postgres-repo1 diff --git a/kubernetes/matverseny-backend/secret.yaml b/kubernetes/matverseny-backend/secret.yaml deleted file mode 100644 index 33220805..00000000 --- a/kubernetes/matverseny-backend/secret.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: matverseny-backend - namespace: matverseny -data: - IAM_APP_SECRET: "" diff --git a/kubernetes/namespace-iam.yaml b/kubernetes/namespace-iam.yaml deleted file mode 100644 index 20b9fa44..00000000 --- a/kubernetes/namespace-iam.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: iam \ No newline at end of file diff --git a/kubernetes/namespace-matverseny.yaml b/kubernetes/namespace-matverseny.yaml deleted file mode 100644 index 6ab2a0b5..00000000 --- a/kubernetes/namespace-matverseny.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: matverseny \ No newline at end of file diff --git a/kubernetes/operators.sh b/kubernetes/operators.sh deleted file mode 100755 index 37854638..00000000 --- a/kubernetes/operators.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env bash - -curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.23.1/install.sh | bash -s v0.23.1 -kubectl create -f https://operatorhub.io/install/strimzi-kafka-operator.yaml -sleep 10 -kubectl create -f https://operatorhub.io/install/postgresql.yaml -# PLATFORM SPECIFIC -kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.6.4/deploy/static/provider/do/deploy.yaml -kubectl scale deployment/ingress-nginx-controller -n ingress-nginx --replicas=2 -# PLATFORM SPECIFIC END -kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml -sleep 10 -kubectl annotate svc/ingress-nginx-controller -n ingress-nginx service.beta.kubernetes.io/do-loadbalancer-hostname=verseghy-gimnazium.net -sleep 10 -# Descheduler -kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/descheduler/master/kubernetes/base/rbac.yaml -kubectl apply -f configmap-descheduler.yaml -kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/descheduler/master/kubernetes/deployment/deployment.yaml -sleep 10 -kubectl apply -f ./kafka-drain-cleaner \ No newline at end of file