---
# Create a namespace for this
apiVersion: v1
kind: Namespace
metadata:
  name: ntp-reporting
---
# The headless service for the reporters
apiVersion: v1
kind: Service
metadata:
  name: ntp-reporter-svc
  namespace: ntp-reporting
spec:
  clusterIP: None # This makes it a headless service
  selector:
    app: ntp-reporter
---
# The DaemonSet to run one reporter pod on each node
apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: ntp-reporter
  namespace: ntp-reporting
  labels:
    app: ntp-reporter
spec:
  selector:
    matchLabels:
      app: ntp-reporter
  template:
    metadata:
      labels:
        app: ntp-reporter
    spec:
      hostNetwork: true
      containers:
      - name: reporter
        image: git.dws.rip/dws/ntp/reporter:v8
        ports:
        - containerPort: 9898
        env:
          - name: K8S_NODE_NAME
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName
          - name: NODE_ID
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName # e.g. "us-server"
          - name: PUBLIC_IP
            valueFrom:
              fieldRef:
                fieldPath: status.hostIP # This is the host's *internal* IP
          - name: BIND_IP
            valueFrom:
              fieldRef:
                fieldPath: status.hostIP
---
# The frontend deployment (just one replica)
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ntp-frontend
  namespace: ntp-reporting
  labels:
    app: ntp-frontend
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ntp-frontend
  template:
    metadata:
      labels:
        app: ntp-frontend
    spec:
      containers:
      - name: frontend
        image: git.dws.rip/dws/ntp/frontend:v11
        ports:
        - containerPort: 8080
        env:
          - name: REPORTER_SERVICE
            # This is the K8s service name: <service>.<namespace>
            value: "ntp-reporter-svc.ntp-reporting"
---
# The service to expose the frontend internally
apiVersion: v1
kind: Service
metadata:
  name: ntp-frontend-svc
  namespace: ntp-reporting
spec:
  selector:
    app: ntp-frontend
  ports:
  - protocol: TCP
    port: 80
    targetPort: 8080
---
# The Traefik Ingress to expose the frontend to the world
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ntp-report-ingress
  namespace: ntp-reporting
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-production"
spec:
  rules:
  - host: "time.dws.rip"
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: ntp-frontend-svc
            port:
              number: 80
  # Enable this block for automatic HTTPS with Let's Encrypt
  tls:
  - hosts:
    - "time.dws.rip"
    secretName: time-dws-rip-tls # Traefik/Cert-Manager will create this