Switch to kustomize

3 years ago · da29cc90c6
parent 98e5da9990
commit da29cc90c6
14 changed files with 268 additions and 225 deletions
--- a/rabbitmq/etc/rabbitmq/enabled_plugins
+++ b/rabbitmq/etc/rabbitmq/enabled_plugins
--- a/rabbitmq/etc/rabbitmq/rabbitmq.conf
+++ b/rabbitmq/etc/rabbitmq/rabbitmq.conf
@ -1,21 +1,21 @@
-loopback_users.guest = false
+loopback_users.guest = false
-listeners.tcp.default = 5672
+listeners.tcp.default = 5672
-management.tcp.port = 15672
+management.tcp.port = 15672
-
+
-#mqtt.listeners.tcp.default = 1883
+#mqtt.listeners.tcp.default = 1883
-## Default MQTT with TLS port is 8883
+## Default MQTT with TLS port is 8883
-# mqtt.listeners.ssl.default = 8883
+# mqtt.listeners.ssl.default = 8883
-
+
-# anonymous connections, if allowed, will use the default
+# anonymous connections, if allowed, will use the default
-# credentials specified here
+# credentials specified here
-#mqtt.allow_anonymous  = true
+#mqtt.allow_anonymous  = true
-#mqtt.default_user     = guest
+#mqtt.default_user     = guest
-#mqtt.default_pass     = guest
+#mqtt.default_pass     = guest
-
+
-#mqtt.vhost            = /
+#mqtt.vhost            = /
-mqtt.exchange         = mqtt
+mqtt.exchange         = mqtt
-# 24 hours by default
+# 24 hours by default
-#mqtt.subscription_ttl = 86400000
+#mqtt.subscription_ttl = 86400000
-#mqtt.prefetch         = 10
+#mqtt.prefetch         = 10
-
+
 load_definitions = /etc/rabbitmq/rmq_schema.json
--- a/rabbitmq/etc/rabbitmq/rmq_schema.json
+++ b/rabbitmq/etc/rabbitmq/rmq_schema.json
@ -1,40 +1,40 @@
-{
+{
-  "rabbit_version": "3.8.9",
+  "rabbit_version": "3.8.9",
-  "rabbitmq_version": "3.8.9",
+  "rabbitmq_version": "3.8.9",
-  "product_name": "RabbitMQ",
+  "product_name": "RabbitMQ",
-  "product_version": "3.8.9",
+  "product_version": "3.8.9",
-  "users": [
+  "users": [
-    {
+    {
-      "name": "guest",
+      "name": "guest",
-      "password_hash": "KzhdT8G04Hon/5BEAasW4KF9NVBpwo3MIKGBs0nJjz8KLBvq",
+      "password_hash": "KzhdT8G04Hon/5BEAasW4KF9NVBpwo3MIKGBs0nJjz8KLBvq",
-      "hashing_algorithm": "rabbit_password_hashing_sha256",
+      "hashing_algorithm": "rabbit_password_hashing_sha256",
-      "tags": "administrator"
+      "tags": "administrator"
-    }
+    }
-  ],
+  ],
-  "vhosts": [
+  "vhosts": [
-    {
+    {
-      "name": "/"
+      "name": "/"
-    }
+    }
-  ],
+  ],
-  "permissions": [
+  "permissions": [
-    {
+    {
-      "user": "guest",
+      "user": "guest",
-      "vhost": "/",
+      "vhost": "/",
-      "configure": ".*",
+      "configure": ".*",
-      "write": ".*",
+      "write": ".*",
-      "read": ".*"
+      "read": ".*"
-    }
+    }
-  ],
+  ],
-  "policies": [],
+  "policies": [],
-  "exchanges": [
+  "exchanges": [
-    {
+    {
-      "name": "mqtt",
+      "name": "mqtt",
-      "vhost": "/",
+      "vhost": "/",
-      "type": "topic",
+      "type": "topic",
-      "durable": true,
+      "durable": true,
-      "auto_delete": false,
+      "auto_delete": false,
-      "internal": false,
+      "internal": false,
-      "arguments": {}
+      "arguments": {}
-    }
+    }
-  ]
+  ]
 }
--- a/base/kustomization.yaml
+++ b/base/kustomization.yaml
@ -0,0 +1,16 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - postgres.yaml
  - rabbitmq.yaml
 configMapGenerator:
  - name: rabbitmq-config
    files:
      - enabled_plugins=etc/rabbitmq/enabled_plugins
      - rabbitmq.conf=etc/rabbitmq/rabbitmq.conf
      - rmq_schema.json=etc/rabbitmq/rmq_schema.json
  - name: postgres-dbinit
    files:
      - piccdb.sql
--- a/postgres/piccdb.sql
+++ b/postgres/piccdb.sql
@ -1,44 +1,44 @@
-BEGIN;
+BEGIN;
-
+
-DROP TABLE IF EXISTS picc_events;
+DROP TABLE IF EXISTS picc_events;
-DROP TABLE IF EXISTS picc_locations;
+DROP TABLE IF EXISTS picc_locations;
-
+
-CREATE TABLE picc_locations
+CREATE TABLE picc_locations
-(
+(
-    id            SERIAL PRIMARY KEY,
+    id            SERIAL PRIMARY KEY,
-    location_name TEXT NOT NULL
+    location_name TEXT NOT NULL
-    -- TODO: figure out PostGIS
+    -- TODO: figure out PostGIS
-);
+);
-
+
-INSERT INTO picc_locations (id, location_name)
+INSERT INTO picc_locations (id, location_name)
-VALUES (0, 'Unknown');
+VALUES (0, 'Unknown');
-INSERT INTO picc_locations (id, location_name)
+INSERT INTO picc_locations (id, location_name)
-VALUES (1, 'Not Applicable');
+VALUES (1, 'Not Applicable');
-
+
-DROP TABLE IF EXISTS picc_events;
+DROP TABLE IF EXISTS picc_events;
-
+
-CREATE TABLE picc_events
+CREATE TABLE picc_events
-(
+(
-    id             BIGSERIAL PRIMARY KEY,                                                                 -- ID
+    id             BIGSERIAL PRIMARY KEY,                                                                 -- ID
-    log_time       TIMESTAMP with time zone NOT NULL                           DEFAULT CURRENT_TIMESTAMP, -- Time when event was logged
+    log_time       TIMESTAMP with time zone NOT NULL                           DEFAULT CURRENT_TIMESTAMP, -- Time when event was logged
-    event_time     TIMESTAMP with time zone,                                                              -- Optional: time when event was generated, can be different than log_time
+    event_time     TIMESTAMP with time zone,                                                              -- Optional: time when event was generated, can be different than log_time
-    event_location integer                  NOT NULL references picc_locations DEFAULT 0,                 -- Location associated with event
+    event_location integer                  NOT NULL references picc_locations DEFAULT 0,                 -- Location associated with event
--     sender         text                     NOT NULL, -- Sender is implicit in whoever owns the endpoint
+--     sender         text                     NOT NULL, -- Sender is implicit in whoever owns the endpoint
-    endpoint       text
+    endpoint       text
-        CONSTRAINT valid_endpoint CHECK ( endpoint ~ '^([A-Za-z0-9_-]+\.)*([A-Za-z0-9_-]+)$' ),             -- Event endpoint
+        CONSTRAINT valid_endpoint CHECK ( endpoint ~ '^([A-Za-z0-9_-]+\.)*([A-Za-z0-9_-]+)$' ),             -- Event endpoint
-    body           jsonb                    NOT NULL                                                      -- Event body content
+    body           jsonb                    NOT NULL                                                      -- Event body content
-);
+);
-
+
-CREATE INDEX idx_picc_events_endpoint ON picc_events (endpoint);
+CREATE INDEX idx_picc_events_endpoint ON picc_events (endpoint);
-
+
-- DROP TABLE IF EXISTS mqtt;
+-- DROP TABLE IF EXISTS mqtt;
--
+--
-- CREATE TABLE picc_mqtt
+-- CREATE TABLE picc_mqtt
-- (
+-- (
--     id           BIGSERIAL PRIMARY KEY,
+--     id           BIGSERIAL PRIMARY KEY,
--     receive_time TIMESTAMP,
+--     receive_time TIMESTAMP,
--     routing_key  TEXT,
+--     routing_key  TEXT,
--     payload      TEXT
+--     payload      TEXT
-- );
+-- );
-
+
 COMMIT;
--- a/postgres/postgres.yaml
+++ b/postgres/postgres.yaml
@ -1,51 +1,57 @@
-apiVersion: v1
+apiVersion: v1
-kind: Service
+kind: Service
-metadata:
+metadata:
-  name: postgres
+  name: postgres
-spec:
+spec:
-  type: LoadBalancer
+  type: LoadBalancer
-  selector:
+  selector:
-    app: postgres
+    app: postgres
-  ports:
+  ports:
-    - protocol: TCP
+    - protocol: TCP
-      port: 5432
+      port: 5432
---
+---
-apiVersion: apps/v1
+apiVersion: apps/v1
-kind: StatefulSet
+kind: StatefulSet
-metadata:
+metadata:
-  name: postgres
+  name: postgres
-spec:
+spec:
-  selector:
+  selector:
-    matchLabels:
+    matchLabels:
-      app: postgres
+      app: postgres
-  serviceName: "postgres"
+  serviceName: "postgres"
-  template:
+  template:
-    metadata:
+    metadata:
-      labels:
+      labels:
-        app: postgres
+        app: postgres
-    spec:
+    spec:
-      containers:
+      containers:
-        - name: postgres
+        - name: postgres
-          image: docker.io/postgres:13
+          image: docker.io/postgres:13
-          ports:
+          ports:
-            - containerPort: 5432
+            - containerPort: 5432
-              name: db
+              name: db
-          env:
+          env:
-            - name: POSTGRES_DB
+            - name: POSTGRES_DB
-              value: picc
+              value: picc
-            - name: POSTGRES_PASSWORD
+            - name: POSTGRES_PASSWORD
-              valueFrom:
+              valueFrom:
-                secretKeyRef:
+                secretKeyRef:
-                  name: postgres-password
+                  name: postgres-password
-                  key: password
+                  key: password
-          volumeMounts:
+          volumeMounts:
-            - name: postgres-data
+            - name: postgres-data
-              mountPath: /var/lib/postgresql/data
+              mountPath: /var/lib/postgresql/data
-  volumeClaimTemplates:
+            - name: dbinit
-    - metadata:
+              mountPath: /docker-entrypoint-initdb.d
-        name: postgres-data
+      volumes:
-      spec:
+        - name: dbinit
-        accessModes: [ "ReadWriteOnce" ]
+          configMap:
-        resources:
+            name: postgres-dbinit
-          requests:
+  volumeClaimTemplates:
    - metadata:
        name: postgres-data
      spec:
        accessModes: [ "ReadWriteOnce" ]
        resources:
          requests:
            storage: 100Mi
--- a/rabbitmq/rebbitmq.yaml
+++ b/rabbitmq/rebbitmq.yaml
@ -1,53 +1,53 @@
-apiVersion: v1
+apiVersion: v1
-kind: Service
+kind: Service
-metadata:
+metadata:
-  name: rabbitmq
+  name: rabbitmq
-spec:
+spec:
-  type: LoadBalancer
+  type: LoadBalancer
-  selector:
+  selector:
-    app: rabbitmq
+    app: rabbitmq
-  ports:
+  ports:
-    - name: amqp
+    - name: amqp
-      port: 5672
+      port: 5672
-    - name: web
+    - name: web
-      port: 15672
+      port: 15672
-    - name: mqtt
+    - name: mqtt
-      port: 1883
+      port: 1883
---
+---
-apiVersion: apps/v1
+apiVersion: apps/v1
-kind: Deployment
+kind: Deployment
-metadata:
+metadata:
-  name: rabbitmq
+  name: rabbitmq
-  labels:
+  labels:
-    app: rabbitmq
+    app: rabbitmq
-spec:
+spec:
-  replicas: 1
+  replicas: 1
-  selector:
+  selector:
-    matchLabels:
+    matchLabels:
-      app: rabbitmq
+      app: rabbitmq
-  template:
+  template:
-    metadata:
+    metadata:
-      labels:
+      labels:
-        app: rabbitmq
+        app: rabbitmq
-    spec:
+    spec:
-      containers:
+      containers:
-        - name: rabbitmq
+        - name: rabbitmq
-          image: docker.io/rabbitmq:3
+          image: docker.io/rabbitmq:3
-          ports:
+          ports:
-            - containerPort: 5672
+            - containerPort: 5672
-            - containerPort: 15672
+            - containerPort: 15672
-            - containerPort: 1883
+            - containerPort: 1883
-          volumeMounts:
+          volumeMounts:
-            - mountPath: "/etc/rabbitmq"
+            - mountPath: "/etc/rabbitmq"
-              name: config
+              name: config
-      volumes:
+      volumes:
-        - name: config
+        - name: config
-          configMap:
+          configMap:
-            name: rabbitmq-config
+            name: rabbitmq-config
-            items:
+            items:
-              - key: "enabled_plugins"
+              - key: "enabled_plugins"
-                path: "enabled_plugins"
+                path: "enabled_plugins"
-              - key: "rabbitmq.conf"
+              - key: "rabbitmq.conf"
-                path: "rabbitmq.conf"
+                path: "rabbitmq.conf"
-              - key: "rmq_schema.json"
+              - key: "rmq_schema.json"
-                path: "rmq_schema.json"
+                path: "rmq_schema.json"
--- a/overlay/development/kustomization.yaml
+++ b/overlay/development/kustomization.yaml
@ -0,0 +1,29 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: picc-dev
 resources:
  - namespace.yaml
  - ../../base
 secretGenerator:
  - name: postgres-password
    literals:
      - password=piccpass
 patches:
  - patch: |-
      - op: add
        path: /spec/loadBalancerIP
        value: 192.168.2.201
    target:
      kind: Service
      name: postgres
  - patch: |-
      - op: add
        path: /spec/loadBalancerIP
        value: 192.168.2.200
    target:
      kind: Service
      name: rabbitmq
--- a/overlay/development/namespace.yaml
+++ b/overlay/development/namespace.yaml
@ -0,0 +1,6 @@
 kind: Namespace
 apiVersion: v1
 metadata:
  name: picc-dev
  labels:
    name: picc-dev
--- a/overlay/production/namespace.yaml
+++ b/overlay/production/namespace.yaml
@ -0,0 +1,6 @@
 kind: Namespace
 apiVersion: v1
 metadata:
  name: picc-prod
  labels:
    name: picc-prod
--- a/postgres/.gitignore
+++ b/postgres/.gitignore
@ -1 +0,0 @@
 postgres_passsword.yaml
--- a/postgres/postgres_passsword.yaml.template
+++ b/postgres/postgres_passsword.yaml.template
@ -1,6 +0,0 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: postgres-password
 data:
  password: <encoded password; echo -n "password" | base64>
--- a/rabbitmq/.gitignore
+++ b/rabbitmq/.gitignore
@ -1 +0,0 @@
 rabbitmq-config.yaml
--- a/rabbitmq/rabbitmq_config.jsonnet
+++ b/rabbitmq/rabbitmq_config.jsonnet
@ -1,12 +0,0 @@
 {
 "rabbitmq-config.yaml":
 {
    "apiVersion" : "v1",
    "kind": "ConfigMap",
    "metadata": {"name": "rabbitmq-config"},
    "data": {
        "enabled_plugins": importstr "etc/rabbitmq/enabled_plugins",
        "rabbitmq.conf": importstr "etc/rabbitmq/rabbitmq.conf",
        "rmq_schema.json": importstr "etc/rabbitmq/rmq_schema.json"
    }
 }}