Rewrite to jsonnet because reasons

3 years ago · 66750faf92
parent da29cc90c6
commit 66750faf92
23 changed files with 451 additions and 269 deletions
--- a/base/kustomization.yaml
+++ b/base/kustomization.yaml
@ -1,16 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - postgres.yaml
  - rabbitmq.yaml
 configMapGenerator:
  - name: rabbitmq-config
    files:
      - enabled_plugins=etc/rabbitmq/enabled_plugins
      - rabbitmq.conf=etc/rabbitmq/rabbitmq.conf
      - rmq_schema.json=etc/rabbitmq/rmq_schema.json
  - name: postgres-dbinit
    files:
      - piccdb.sql
--- a/base/postgres.yaml
+++ b/base/postgres.yaml
@ -1,57 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: postgres
 spec:
  type: LoadBalancer
  selector:
    app: postgres
  ports:
    - protocol: TCP
      port: 5432
 ---
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
  name: postgres
 spec:
  selector:
    matchLabels:
      app: postgres
  serviceName: "postgres"
  template:
    metadata:
      labels:
        app: postgres
    spec:
      containers:
        - name: postgres
          image: docker.io/postgres:13
          ports:
            - containerPort: 5432
              name: db
          env:
            - name: POSTGRES_DB
              value: picc
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-password
                  key: password
          volumeMounts:
            - name: postgres-data
              mountPath: /var/lib/postgresql/data
            - name: dbinit
              mountPath: /docker-entrypoint-initdb.d
      volumes:
        - name: dbinit
          configMap:
            name: postgres-dbinit
  volumeClaimTemplates:
    - metadata:
        name: postgres-data
      spec:
        accessModes: [ "ReadWriteOnce" ]
        resources:
          requests:
            storage: 100Mi
--- a/base/rabbitmq.yaml
+++ b/base/rabbitmq.yaml
@ -1,53 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: rabbitmq
 spec:
  type: LoadBalancer
  selector:
    app: rabbitmq
  ports:
    - name: amqp
      port: 5672
    - name: web
      port: 15672
    - name: mqtt
      port: 1883
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: rabbitmq
  labels:
    app: rabbitmq
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: rabbitmq
  template:
    metadata:
      labels:
        app: rabbitmq
    spec:
      containers:
        - name: rabbitmq
          image: docker.io/rabbitmq:3
          ports:
            - containerPort: 5672
            - containerPort: 15672
            - containerPort: 1883
          volumeMounts:
            - mountPath: "/etc/rabbitmq"
              name: config
      volumes:
        - name: config
          configMap:
            name: rabbitmq-config
            items:
              - key: "enabled_plugins"
                path: "enabled_plugins"
              - key: "rabbitmq.conf"
                path: "rabbitmq.conf"
              - key: "rmq_schema.json"
                path: "rmq_schema.json"
--- a/deployments/picc/picc.jsonnet
+++ b/deployments/picc/picc.jsonnet
@ -0,0 +1,4 @@
 function(namespace){
    picc_app: import "picc_app.jsonnet",
    picc_config: (import "picc_config.jsonnet")(namespace),
 }
--- a/deployments/picc/picc_app.jsonnet
+++ b/deployments/picc/picc_app.jsonnet
@ -0,0 +1,71 @@
 {
    apiVersion: "apps/v1",
    kind: "Deployment",
    metadata: {
        name: "picc",
        labels: {
            app: "picc"
        }
    },
    spec: {
        replicas: 1,
        selector: {
            matchLabels: {
                app: "picc"
            }
        },
        template: {
            metadata: {
                labels: {
                    app: "picc"
                }
            },
            spec: {
                containers: [
                    {
                        name: "picc",
                        image: "docker.raptorpond.com/picc",
                        env: [
                            {
                                name: "RABBITMQ_HOST",
                                valueFrom: {
                                    configMapKeyRef: {
                                        name: "picc-config",
                                        key: "rabbitmq_host"
                                    }
                                }
                            },
                            {
                                name: "RABBITMQ_PORT",
                                valueFrom: {
                                    configMapKeyRef: {
                                        name: "picc-config",
                                        key: "rabbitmq_port"
                                    }
                                }
                            },
                            {
                                name: "POSTGRES_HOST",
                                valueFrom: {
                                    configMapKeyRef: {
                                        name: "picc-config",
                                        key: "postgres_host"
                                    }
                                }
                            },
                            {
                                name: "POSTGRES_PASSWORD",
                                valueFrom: {
                                    secretKeyRef: {
                                        name: "postgres-password",
                                        key: "password"
                                    }
                                }
                            }
                        ]
                    }
                ]
            }
        }
    }
 }
--- a/deployments/picc/picc_config.jsonnet
+++ b/deployments/picc/picc_config.jsonnet
@ -0,0 +1,12 @@
 function(namespace){
    kind: "ConfigMap",
    apiVersion: "v1",
    metadata: {
    	name: "picc-config"
    },
    data: {
        rabbitmq_host: "rabbitmq.%s" % [namespace],
        rabbitmq_port: "5672",
        postgres_host: "postgres.%s" % [namespace]
    }
 }
--- a/deployments/postgres/piccdb.sql
+++ b/deployments/postgres/piccdb.sql
@ -1,44 +1,44 @@
-BEGIN;
+BEGIN;
-
+
-DROP TABLE IF EXISTS picc_events;
+DROP TABLE IF EXISTS picc_events;
-DROP TABLE IF EXISTS picc_locations;
+DROP TABLE IF EXISTS picc_locations;
-
+
-CREATE TABLE picc_locations
+CREATE TABLE picc_locations
-(
+(
-    id            SERIAL PRIMARY KEY,
+    id            SERIAL PRIMARY KEY,
-    location_name TEXT NOT NULL
+    location_name TEXT NOT NULL
-    -- TODO: figure out PostGIS
+    -- TODO: figure out PostGIS
-);
+);
-
+
-INSERT INTO picc_locations (id, location_name)
+INSERT INTO picc_locations (id, location_name)
-VALUES (0, 'Unknown');
+VALUES (0, 'Unknown');
-INSERT INTO picc_locations (id, location_name)
+INSERT INTO picc_locations (id, location_name)
-VALUES (1, 'Not Applicable');
+VALUES (1, 'Not Applicable');
-
+
-DROP TABLE IF EXISTS picc_events;
+DROP TABLE IF EXISTS picc_events;
-
+
-CREATE TABLE picc_events
+CREATE TABLE picc_events
-(
+(
-    id             BIGSERIAL PRIMARY KEY,                                                                 -- ID
+    id             BIGSERIAL PRIMARY KEY,                                                                 -- ID
-    log_time       TIMESTAMP with time zone NOT NULL                           DEFAULT CURRENT_TIMESTAMP, -- Time when event was logged
+    log_time       TIMESTAMP with time zone NOT NULL                           DEFAULT CURRENT_TIMESTAMP, -- Time when event was logged
-    event_time     TIMESTAMP with time zone,                                                              -- Optional: time when event was generated, can be different than log_time
+    event_time     TIMESTAMP with time zone,                                                              -- Optional: time when event was generated, can be different than log_time
-    event_location integer                  NOT NULL references picc_locations DEFAULT 0,                 -- Location associated with event
+    event_location integer                  NOT NULL references picc_locations DEFAULT 0,                 -- Location associated with event
--     sender         text                     NOT NULL, -- Sender is implicit in whoever owns the endpoint
+--     sender         text                     NOT NULL, -- Sender is implicit in whoever owns the endpoint
-    endpoint       text
+    endpoint       text
-        CONSTRAINT valid_endpoint CHECK ( endpoint ~ '^([A-Za-z0-9_-]+\.)*([A-Za-z0-9_-]+)$' ),             -- Event endpoint
+        CONSTRAINT valid_endpoint CHECK ( endpoint ~ '^([A-Za-z0-9_-]+\.)*([A-Za-z0-9_-]+)$' ),             -- Event endpoint
-    body           jsonb                    NOT NULL                                                      -- Event body content
+    body           jsonb                    NOT NULL                                                      -- Event body content
-);
+);
-
+
-CREATE INDEX idx_picc_events_endpoint ON picc_events (endpoint);
+CREATE INDEX idx_picc_events_endpoint ON picc_events (endpoint);
-
+
-- DROP TABLE IF EXISTS mqtt;
+-- DROP TABLE IF EXISTS mqtt;
--
+--
-- CREATE TABLE picc_mqtt
+-- CREATE TABLE picc_mqtt
-- (
+-- (
--     id           BIGSERIAL PRIMARY KEY,
+--     id           BIGSERIAL PRIMARY KEY,
--     receive_time TIMESTAMP,
+--     receive_time TIMESTAMP,
--     routing_key  TEXT,
+--     routing_key  TEXT,
--     payload      TEXT
+--     payload      TEXT
-- );
+-- );
-
+
 COMMIT;
--- a/deployments/postgres/postgres.jsonnet
+++ b/deployments/postgres/postgres.jsonnet
@ -0,0 +1,12 @@
 local utils = import "../../lib/picc-k8s.libsonnet";
 function(password=null, ip=null){
    postgres_app: import "postgres_app.jsonnet",
    postgres_service: utils.service(name="postgres", ports=[{name: "postgres", protocol: "TCP", port:5432}], ip=ip),
    postgres_password:
        if password != null then
            (import "postgres_password.jsonnet")(password)
        else
            (import "postgres_password.jsonnet")(),
    postgres_dbinit: import "postgres_dbinit.jsonnet"
 }
--- a/deployments/postgres/postgres_app.jsonnet
+++ b/deployments/postgres/postgres_app.jsonnet
@ -0,0 +1,80 @@
 {
    apiVersion: "apps/v1",
    kind: "StatefulSet",
    metadata: {
        name: "postgres"
    },
    spec: {
        selector: {
            matchLabels: {
                app: "postgres"
            }
        },
        serviceName: "postgres",
        template: {
            metadata:{
                labels: {
                    app: "postgres"
                }
            },
            spec: {
                containers: [
                    {
                        name: "postgres",
                        image: "docker.io/postgres:13",
                        ports: [
                            {containerPort: 5432,
                             name: "db"}
                        ],
                        env: [
                            {
                                name: "POSTGRES_DB",
                                value: "picc"
                            },
                            {
                                name: "POSTGRES_PASSWORD",
                                valueFrom: {
                                    secretKeyRef: {
                                        name: "postgres-password",
                                        key: "password"
                                    }
                                }
                            }
                        ],
                        volumeMounts: [
                            {
                                name: "postgres-data",
                                mountPath: "/var/lib/postgresql/data"
                            },
                            {
                                name: "dbinit",
                                mountPath: "/docker-entrypoint-initdb.d"
                            }
                        ]
                    }
                ],
                volumes: [
                    {
                        name: "dbinit",
                        configMap: {
                            name: "postgres-dbinit"
                        }
                    }
                ]
            }
        },
        volumeClaimTemplates : [{
            metadata: {
                name: "postgres-data"
            },
            spec: {
                accessModes: ["ReadWriteOnce"],
                resources: {
                    requests: {
                        storage: "100Mi"
                    }
                }
            }
        }]
    }
 }
--- a/deployments/postgres/postgres_dbinit.jsonnet
+++ b/deployments/postgres/postgres_dbinit.jsonnet
@ -0,0 +1,10 @@
 {
 	kind: "ConfigMap",
 	apiVersion: "v1",
 	metadata: {
 		name: "postgres-dbinit"
 	},
 	data: {
 	    "piccdb.sql": importstr "piccdb.sql"
 	}
 }
--- a/deployments/postgres/postgres_password.jsonnet
+++ b/deployments/postgres/postgres_password.jsonnet
@ -0,0 +1,11 @@
 function(password = "piccpass") {
 	kind: "Secret",
 	apiVersion: "v1",
 	metadata: {
 		name: "postgres-password"
 	},
 	data: {
 		"password": std.base64(password)
 	},
 	type: "Opaque"
 }
--- a/deployments/rabbitmq/etc/rabbitmq/enabled_plugins
+++ b/deployments/rabbitmq/etc/rabbitmq/enabled_plugins
--- a/deployments/rabbitmq/etc/rabbitmq/rabbitmq.conf
+++ b/deployments/rabbitmq/etc/rabbitmq/rabbitmq.conf
@ -1,21 +1,21 @@
-loopback_users.guest = false
+loopback_users.guest = false
-listeners.tcp.default = 5672
+listeners.tcp.default = 5672
-management.tcp.port = 15672
+management.tcp.port = 15672
-
+
-#mqtt.listeners.tcp.default = 1883
+#mqtt.listeners.tcp.default = 1883
-## Default MQTT with TLS port is 8883
+## Default MQTT with TLS port is 8883
-# mqtt.listeners.ssl.default = 8883
+# mqtt.listeners.ssl.default = 8883
-
+
-# anonymous connections, if allowed, will use the default
+# anonymous connections, if allowed, will use the default
-# credentials specified here
+# credentials specified here
-#mqtt.allow_anonymous  = true
+#mqtt.allow_anonymous  = true
-#mqtt.default_user     = guest
+#mqtt.default_user     = guest
-#mqtt.default_pass     = guest
+#mqtt.default_pass     = guest
-
+
-#mqtt.vhost            = /
+#mqtt.vhost            = /
-mqtt.exchange         = mqtt
+mqtt.exchange         = mqtt
-# 24 hours by default
+# 24 hours by default
-#mqtt.subscription_ttl = 86400000
+#mqtt.subscription_ttl = 86400000
-#mqtt.prefetch         = 10
+#mqtt.prefetch         = 10
-
+
 load_definitions = /etc/rabbitmq/rmq_schema.json
--- a/deployments/rabbitmq/etc/rabbitmq/rmq_schema.json
+++ b/deployments/rabbitmq/etc/rabbitmq/rmq_schema.json
@ -1,40 +1,40 @@
-{
+{
-  "rabbit_version": "3.8.9",
+  "rabbit_version": "3.8.9",
-  "rabbitmq_version": "3.8.9",
+  "rabbitmq_version": "3.8.9",
-  "product_name": "RabbitMQ",
+  "product_name": "RabbitMQ",
-  "product_version": "3.8.9",
+  "product_version": "3.8.9",
-  "users": [
+  "users": [
-    {
+    {
-      "name": "guest",
+      "name": "guest",
-      "password_hash": "KzhdT8G04Hon/5BEAasW4KF9NVBpwo3MIKGBs0nJjz8KLBvq",
+      "password_hash": "KzhdT8G04Hon/5BEAasW4KF9NVBpwo3MIKGBs0nJjz8KLBvq",
-      "hashing_algorithm": "rabbit_password_hashing_sha256",
+      "hashing_algorithm": "rabbit_password_hashing_sha256",
-      "tags": "administrator"
+      "tags": "administrator"
-    }
+    }
-  ],
+  ],
-  "vhosts": [
+  "vhosts": [
-    {
+    {
-      "name": "/"
+      "name": "/"
-    }
+    }
-  ],
+  ],
-  "permissions": [
+  "permissions": [
-    {
+    {
-      "user": "guest",
+      "user": "guest",
-      "vhost": "/",
+      "vhost": "/",
-      "configure": ".*",
+      "configure": ".*",
-      "write": ".*",
+      "write": ".*",
-      "read": ".*"
+      "read": ".*"
-    }
+    }
-  ],
+  ],
-  "policies": [],
+  "policies": [],
-  "exchanges": [
+  "exchanges": [
-    {
+    {
-      "name": "mqtt",
+      "name": "mqtt",
-      "vhost": "/",
+      "vhost": "/",
-      "type": "topic",
+      "type": "topic",
-      "durable": true,
+      "durable": true,
-      "auto_delete": false,
+      "auto_delete": false,
-      "internal": false,
+      "internal": false,
-      "arguments": {}
+      "arguments": {}
-    }
+    }
-  ]
+  ]
 }
--- a/deployments/rabbitmq/rabbitmq.jsonnet
+++ b/deployments/rabbitmq/rabbitmq.jsonnet
@ -0,0 +1,11 @@
 local utils = import "../../lib/picc-k8s.libsonnet";
 function(ip=null){
    rabbitmq_app: import "rabbitmq_app.jsonnet",
    rabbitmq_service: utils.service(name="rabbitmq",
                                    ports=[{name: "amqp", port: 5672},
                                            {name: "web", port: 15672},
                                            {name: "mqtt", port: 1883}],
                                    ip=ip),
    rabbitmq_conf: import "rabbitmq_config.jsonnet"
 }
--- a/deployments/rabbitmq/rabbitmq_app.jsonnet
+++ b/deployments/rabbitmq/rabbitmq_app.jsonnet
@ -0,0 +1,60 @@
 {
    apiVersion: "apps/v1",
    kind: "Deployment",
    metadata: {
        name: "rabbitmq",
        labels: {
            app: "rabbitmq"
        }
    },
    spec: {
        replicas: 1,
        selector: {
            matchLabels: {
                app: "rabbitmq"
            }
        },
        template: {
            metadata: {
                labels: {
                    app: "rabbitmq"
                }
            },
            spec: {
                containers: [
                    {
                        name: "rabbitmq",
                        image: "docker.io/rabbitmq:3",
                        ports: [
                            {containerPort: 5672},
                            {containerPort: 15672},
                            {containerPort: 1883}
                        ],
                        volumeMounts: [
                            {
                                mountPath: "/etc/rabbitmq",
                                name: "config"
                            }
                        ]
                    }
                ],
                volumes: [
                    {
                        name: "config",
                        configMap: {
                            name: "rabbitmq-config",
                            items: [
                                {key: "enabled_plugins",
                                    path: "enabled_plugins"},
                                {key: "rabbitmq.conf",
                                    path: "rabbitmq.conf"},
                                {key: "rmq_schema.json",
                                    path: "rmq_schema.json"}
                            ]
                        }
                    }
                ]
            }
        }
    }
 }
--- a/deployments/rabbitmq/rabbitmq_config.jsonnet
+++ b/deployments/rabbitmq/rabbitmq_config.jsonnet
@ -0,0 +1,12 @@
 {
 	kind: "ConfigMap",
 	apiVersion: "v1",
 	metadata: {
 		name: "rabbitmq-config"
 	},
 	data: {
 	    "enabled_plugins": importstr "etc/rabbitmq/enabled_plugins",
 	    "rabbitmq.conf": importstr "etc/rabbitmq/rabbitmq.conf",
 	    "rmq_schema.json": importstr "etc/rabbitmq/rmq_schema.json"
 	}
 }
--- a/lib/picc-k8s.libsonnet
+++ b/lib/picc-k8s.libsonnet
@ -0,0 +1,35 @@
 {
    addNamespace(manifest, namespace)::
    manifest +
    {
        metadata+: {
            namespace: namespace
        }
    },
    createNamespace(namespace)::
    {
        apiVersion: "v1",
        kind: "Namespace",
        metadata: {
            name: namespace
        }
    },
    service(name, ports, ip=null)::
    {
        apiVersion: "v1",
        kind: "Service",
        metadata: {
            name: name
        },
        spec: {
            type: "LoadBalancer",
            selector: {
                app: name
            },
            ports: ports,
            [if ip != null then "loadBalancerIP"]: ip
        }
    }
 }
--- a/overlay/development/kustomization.yaml
+++ b/overlay/development/kustomization.yaml
@ -1,29 +0,0 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: picc-dev
 resources:
  - namespace.yaml
  - ../../base
 secretGenerator:
  - name: postgres-password
    literals:
      - password=piccpass
 patches:
  - patch: |-
      - op: add
        path: /spec/loadBalancerIP
        value: 192.168.2.201
    target:
      kind: Service
      name: postgres
  - patch: |-
      - op: add
        path: /spec/loadBalancerIP
        value: 192.168.2.200
    target:
      kind: Service
      name: rabbitmq
--- a/overlay/development/namespace.yaml
+++ b/overlay/development/namespace.yaml
@ -1,6 +0,0 @@
 kind: Namespace
 apiVersion: v1
 metadata:
  name: picc-dev
  labels:
    name: picc-dev
--- a/overlay/production/namespace.yaml
+++ b/overlay/production/namespace.yaml
@ -1,6 +0,0 @@
 kind: Namespace
 apiVersion: v1
 metadata:
  name: picc-prod
  labels:
    name: picc-prod
--- a/profiles/development.jsonnet
+++ b/profiles/development.jsonnet
@ -0,0 +1,13 @@
 local namespace="picc-dev";
 local utils = import "../lib/picc-k8s.libsonnet";
 local postgres = import "../deployments/postgres/postgres.jsonnet";
 local postgres_manifests = postgres(ip="192.168.2.201");
 local rabbitmq = import "../deployments/rabbitmq/rabbitmq.jsonnet";
 local rabbitmq_manifests = rabbitmq(ip="192.168.2.200");
 [utils.createNamespace(namespace),] +
 [utils.addNamespace(postgres_manifests[manifest], namespace) for manifest in std.objectFields(postgres_manifests)] +
 [utils.addNamespace(rabbitmq_manifests[manifest], namespace) for manifest in std.objectFields(rabbitmq_manifests)]
--- a/profiles/production.jsonnet
+++ b/profiles/production.jsonnet
@ -0,0 +1,18 @@
 local namespace="picc-prod";
 local utils = import "../lib/picc-k8s.libsonnet";
 local postgres = import "../deployments/postgres/postgres.jsonnet";
 local rabbitmq = import "../deployments/rabbitmq/rabbitmq.jsonnet";
 local picc = import "../deployments/picc/picc.jsonnet";
 function(postgres_password)
 local postgres_manifests = postgres(password=postgres_password);
 local rabbitmq_manifests = rabbitmq();
 local picc_manifests = picc(namespace);
 [utils.createNamespace(namespace),] +
 [utils.addNamespace(postgres_manifests[manifest], namespace) for manifest in std.objectFields(postgres_manifests)] +
 [utils.addNamespace(rabbitmq_manifests[manifest], namespace) for manifest in std.objectFields(rabbitmq_manifests)] +
 [utils.addNamespace(picc_manifests[manifest], namespace) for manifest in std.objectFields(picc_manifests)]