127 lines
2.8 KiB
YAML
127 lines
2.8 KiB
YAML
---
|
|
# Create a namespace for this
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: ntp-reporting
|
|
---
|
|
# The headless service for the reporters
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: ntp-reporter-svc
|
|
namespace: ntp-reporting
|
|
spec:
|
|
clusterIP: None # This makes it a headless service
|
|
selector:
|
|
app: ntp-reporter
|
|
---
|
|
# The DaemonSet to run one reporter pod on each node
|
|
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: ntp-reporter
|
|
namespace: ntp-reporting
|
|
labels:
|
|
app: ntp-reporter
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: ntp-reporter
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ntp-reporter
|
|
spec:
|
|
hostNetwork: true
|
|
containers:
|
|
- name: reporter
|
|
image: git.dws.rip/dws/ntp/reporter:v8
|
|
ports:
|
|
- containerPort: 9898
|
|
env:
|
|
- name: K8S_NODE_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName
|
|
- name: NODE_ID
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: spec.nodeName # e.g. "us-server"
|
|
- name: PUBLIC_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.hostIP # This is the host's *internal* IP
|
|
- name: BIND_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.hostIP
|
|
---
|
|
# The frontend deployment (just one replica)
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: ntp-frontend
|
|
namespace: ntp-reporting
|
|
labels:
|
|
app: ntp-frontend
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: ntp-frontend
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ntp-frontend
|
|
spec:
|
|
containers:
|
|
- name: frontend
|
|
image: git.dws.rip/dws/ntp/frontend:v11
|
|
ports:
|
|
- containerPort: 8080
|
|
env:
|
|
- name: REPORTER_SERVICE
|
|
# This is the K8s service name: <service>.<namespace>
|
|
value: "ntp-reporter-svc.ntp-reporting"
|
|
---
|
|
# The service to expose the frontend internally
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: ntp-frontend-svc
|
|
namespace: ntp-reporting
|
|
spec:
|
|
selector:
|
|
app: ntp-frontend
|
|
ports:
|
|
- protocol: TCP
|
|
port: 80
|
|
targetPort: 8080
|
|
---
|
|
# The Traefik Ingress to expose the frontend to the world
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: ntp-report-ingress
|
|
namespace: ntp-reporting
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt-production"
|
|
spec:
|
|
rules:
|
|
- host: "time.dws.rip"
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: ntp-frontend-svc
|
|
port:
|
|
number: 80
|
|
# Enable this block for automatic HTTPS with Let's Encrypt
|
|
tls:
|
|
- hosts:
|
|
- "time.dws.rip"
|
|
secretName: time-dws-rip-tls # Traefik/Cert-Manager will create this
|