Add rabbitmq ingress gateway def

This commit is contained in:
Stefan Reimer 2020-08-11 15:09:48 +01:00
parent 9359ee62c0
commit 8880b983ac
18 changed files with 6459 additions and 1 deletions

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero-istio
description: KubeZero Umbrella Chart for Istio
type: application
version: 0.2.2
version: 0.2.3
appVersion: 1.6.7
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png

View File

@ -60,6 +60,18 @@ spec:
privateKey: /etc/istio/ingressgateway-certs/tls.key
serverCertificate: /etc/istio/ingressgateway-certs/tls.crt
credentialName: public-ingress-cert
- port:
number: 5672
name: amqp
protocol: TCP
hosts:
- "*"
- port:
number: 5671
name: amqps
protocol: TCP
hosts:
- "*"
- port:
number: 24224
name: fluentd-forward

View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

View File

@ -0,0 +1,21 @@
apiVersion: v2
name: kubezero-logging
description: KubeZero Umbrella Chart for complete EFK stack
type: application
version: 0.0.1
appVersion: 1.2.0
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:
- kubezero
- elasticsearch
- kibana
- fluentd
- fluent-bit
maintainers:
- name: Quarky9
dependencies:
- name: kubezero-lib
version: ">= 0.1.3"
repository: https://zero-down-time.github.io/kubezero/
kubeVersion: ">= 1.16.0"

View File

@ -0,0 +1,47 @@
kubezero-logging
================
KubeZero Umbrella Chart for complete EFK stack
Current chart version is `0.0.1`
Source code can be found [here](https://kubezero.com)
## Chart Requirements
| Repository | Name | Version |
|------------|------|---------|
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
## Changes from upstream
### ECK
- Operator mapped to controller nodes
### ElasticSearch
- Installed Plugins:
- repository-s3
- elasticsearch-prometheus-exporter
- [Cross AZ Zone awareness](https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-advanced-node-scheduling.html#k8s-availability-zone-awareness) is implemented via nodeSets
## Manual tasks ATM
- Install index template
- setup Kibana
- create `logstash-*` Index Pattern
## Chart Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| es.replicas | int | `2` | |
| es.storage.class | string | `"local-sc-xfs"` | |
| es.storage.size | string | `"16Gi"` | |
| fullnameOverride | string | `"logging"` | |
| kibana.replicas | int | `1` | |
| version | string | `"7.6.0"` | |
## Resources:
- https://www.elastic.co/downloads/elastic-cloud-kubernetes
- https://github.com/elastic/cloud-on-k8s

View File

@ -0,0 +1,41 @@
{{ template "chart.header" . }}
{{ template "chart.description" . }}
{{ template "chart.versionLine" . }}
{{ template "chart.sourceLinkLine" . }}
{{ template "chart.requirementsSection" . }}
## Changes from upstream
### ECK
- Operator mapped to controller nodes
### ES
- SSL disabled ( Todo: provide cluster certs and setup Kibana/Fluentd to use https incl. client certs )
- Installed Plugins:
- repository-s3
- elasticsearch-prometheus-exporter
- [Cross AZ Zone awareness](https://www.elastic.co/guide/en/cloud-on-k8s/current/k8s-advanced-node-scheduling.html#k8s-availability-zone-awareness) is implemented via nodeSets
### Kibana
- increased timeout to ES to 3 minutes
## Manual tasks ATM
- Install index template
- setup Kibana
- create `logstash-*` Index Pattern
{{ template "chart.valuesSection" . }}
## Resources:
- https://www.elastic.co/downloads/elastic-cloud-kubernetes
- https://github.com/elastic/cloud-on-k8s

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,6 @@
resources:
- all-in-one.yaml
# map operator to controller nodes
patchesStrategicMerge:
- map-operator.yaml

View File

@ -0,0 +1,14 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: elastic-operator
spec:
template:
spec:
nodeSelector:
node-role.kubernetes.io/master: ""
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- key: node-role.kubernetes.io/master
effect: NoSchedule

View File

@ -0,0 +1,7 @@
#!/bin/bash
ECK_VERSION=1.2.0
curl -o all-in-one.yaml https://download.elastic.co/downloads/eck/${ECK_VERSION}/all-in-one.yaml
kubectl kustomize . > ../templates/eck-operator.yaml

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,83 @@
{{- if .Values.es.nodeSets }}
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: {{ template "kubezero-lib.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "kubezero-lib.labels" . | indent 4 }}
spec:
version: {{ .Values.version }}
nodeSets:
{{- range .Values.es.nodeSets }}
- name: {{ .name }}
config:
node.master: true
node.data: true
node.ingest: true
node.ml: false
prometheus.indices: false
{{- if .zone }}
node.attr.zone: {{ .zone }}
cluster.routing.allocation.awareness.attributes: zone
{{- end }}
podTemplate:
{{- if $.Values.es.s3_snapshot_iamrole }}
metadata:
annotations:
iam.amazonaws.com/role: {{ $.Values.es.s3_snapshot_iamrole }}
{{- end }}
spec:
initContainers:
- name: install-plugins
command:
- sh
- -c
- |
bin/elasticsearch-plugin install --batch repository-s3 && bin/elasticsearch-plugin install --batch https://github.com/vvanholl/elasticsearch-prometheus-exporter/releases/download/{{ $.Values.version }}.0/prometheus-exporter-{{ $.Values.version }}.0.zip
containers:
- name: elasticsearch
resources:
requests:
cpu: 100m
memory: 2500Mi
limits:
memory: 4Gi
env:
- name: ES_JAVA_OPTS
value: "-Xms2g -Xmx2g"
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
elasticsearch.k8s.elastic.co/cluster-name: {{ $.Values.name }}
topologyKey: kubernetes.io/hostname
{{- if .zone }}
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: failure-domain.beta.kubernetes.io/zone
operator: In
values:
- {{ .zone }}
{{- end }}
count: {{ .count }}
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .storage.size }}
storageClassName: {{ .storage.class }}
{{- end }}
http:
tls:
selfSignedCertificate:
disabled: true
{{- end }}

View File

@ -0,0 +1,20 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: es-{{ .Values.name }}
namespace: {{ .Release.Namespace }}
spec:
endpoints:
- basicAuth:
username:
name: {{ .Values.name }}-es-elastic-user
key: username
password:
name: {{ .Values.name }}-es-elastic-user
key: elastic
port: http
path: /_prometheus/metrics
selector:
matchLabels:
common.k8s.elastic.co/type: elasticsearch
elasticsearch.k8s.elastic.co/cluster-name: {{ .Values.name }}

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
type: Opaque
metadata:
labels:
common.k8s.elastic.co/type: elasticsearch
elasticsearch.k8s.elastic.co/cluster-name: {{ .Values.name }}
name: {{ .Values.name }}-es-elastic-user
namespace: {{ .Release.Namespace }}
data:
username: {{ "elastic" | b64enc | quote }}
elastic: {{ .Values.es.elastic_password | b64enc | quote }}

View File

@ -0,0 +1,18 @@
{{- if .Values.kibana.istio.enabled }}
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: {{ template "kubezero-lib.fullname" . }}-kibana
namespace: {{ .Release.Namespace }}
labels:
{{ include "kubezero-lib.labels" . | indent 4 }}
spec:
hosts:
- {{ .Values.kibana.istio.url }}
gateways:
- {{ default "istio-system/ingressgateway" .Values.kibana.istio.gateway }}
http:
- route:
- destination:
host: {{ template "kubezero-lib.fullname" . }}-kb-http
{{- end }}

View File

@ -0,0 +1,35 @@
{{- if .Values.kibana }}
apiVersion: kibana.k8s.elastic.co/v1
kind: Kibana
metadata:
name: {{ template "kubezero-lib.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "kubezero-lib.labels" . | indent 4 }}
spec:
version: {{ .Values.version }}
count: {{ .Values.kibana.count }}
elasticsearchRef:
name: {{ template "kubezero-lib.fullname" . }}
namespace: {{ .Release.Namespace }}
config:
elasticsearch.requestTimeout: 180000
elasticsearch.shardTimeout: 180000
#xpack.monitoring.enabled: false
#xpack.monitoring.ui.enabled: false
#xpack.ml.enabled: false
podTemplate:
spec:
containers:
- name: kibana
resources:
requests:
memory: 1Gi
cpu: 100m
limits:
memory: 2Gi
http:
tls:
selfSignedCertificate:
disabled: true
{{- end }}

View File

@ -0,0 +1,26 @@
# Default values for zdt-logging.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# This is for backwards compatibility with older zdt-logging setup
fullnameOverride: logging
# Version for ElasticSearch and Kibana have to match so we define it at top-level
version: 7.6.0
es:
nodeSets:
- count: 2
storage:
size: 16Gi
class: local-sc-xfs
zone: us-west-2a
s3_snapshot_iamrole: "" # INSERT_CLOUDFORMATION_OUTPUT_ElasticSearchSnapshots
elastic_password: "" # super_secret_elastic_password
kibana:
replicas: 1
istio:
enabled: true
url: kibana.example.com
gateway: istio-system/private-ingressgateway

View File

@ -0,0 +1,27 @@
# Default values for zdt-logging.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# This is for backwards compatibility with older zdt-logging setup
# fullnameOverride: logging
# Version for ElasticSearch and Kibana have to match so we define it at top-level
version: 7.8.1
es:
nodeSets: []
#- count: 2
# storage:
# size: 16Gi
# class: local-sc-xfs
# zone: us-west-2a
s3_snapshot_iamrole: "" # INSERT_CLOUDFORMATION_OUTPUT_ElasticSearchSnapshots
elastic_password: "" # super_secret_elastic_password
kibana:
#replicas: 1
#servicename: kibana.example.com
istio:
enabled: false
gateway: "istio-system/ingressgateway"
url: "" # kibana.example.com