.

2022-04-05 19:57:21 +02:00 · 2022-04-05 19:45:59 +02:00 · 2022-04-05 17:26:50 +02:00 · 2022-03-27 23:02:36 +02:00 · 2022-03-27 12:15:03 +02:00 · 2022-03-25 23:14:25 +01:00
16 changed files with 573 additions and 0 deletions
--- a/Configmaps_Secrets_K3S/mysql-deploy.yml
+++ b/Configmaps_Secrets_K3S/mysql-deploy.yml
@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mysql
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: mysql
+  template:
+    metadata:
+      labels:
+        app: mysql
+    spec:
+      containers:
+      - image: tobi312/rpi-mariadb:10.5
+        name: mysql
+        env:
+        - name: MYSQL_ROOT_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: mysql-secret
+              key: roota-haslo
+        ports:
+        - name: mysql
+          containerPort: 3306
+#         volumeMounts:
+#         - name: mysql-vol
+#           mountPath: /var/lib/mysql
+#       volumes:
+#       - name: mysql-vol
+#         hostPath:
+#           path: /var/mysql-data
--- a/Configmaps_Secrets_K3S/mysql-secret.yml
+++ b/Configmaps_Secrets_K3S/mysql-secret.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: mysql-secret
+type: Opaque
+stringData:
+  roota-haslo: Zaq12wsx
--- a/Configmaps_Secrets_K3S/nginx-cm.yml
+++ b/Configmaps_Secrets_K3S/nginx-cm.yml
@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-cm
+data:
+  # key: value
+  # file: |
+  #   content
+  # ---
+  nginx.conf: |
+    user nginx;
+    worker_processes 1;
+    events {
+      worker_connections  1024;
+    }
+    http {
+      server {
+        listen 80;
+        server_name example.com;
+        location / {
+          root   /usr/share/nginx/html;
+          index  index.html index.htm index.php;
+        }
+        location /test {
+          return 401;
+        }
+      }
+    }
--- a/Configmaps_Secrets_K3S/nginx-deploy.yml
+++ b/Configmaps_Secrets_K3S/nginx-deploy.yml
@@ -0,0 +1,64 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:.
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx
+        ports:
+        - name: web
+          containerPort: 80
+        volumeMounts:
+        - name: nginx-cm
+          mountPath: /etc/nginx
+        - name: wolumin1
+          mountPath: /usr/share/nginx/html
+      volumes:
+      - name: nginx-cm
+        configMap:
+          name: nginx-cm
+      - name: wolumin1
+        hostPath:
+          path: /var/nginx
+          type: DirectoryOrCreate
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+  labels:
+    app: nginx
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 8880
+    targetPort: 80
+    protocol: TCP
+  selector:
+    app: nginx
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: metallb-system
+  name: config
+data:
+  config: |
+    address-pools:
+    - name: default
+      protocol: layer2
+      addresses:
+      - 192.168.100.230-192.168.100.235
--- a/Configmaps_Secrets_K3S/nginx-https-deploy.yml
+++ b/Configmaps_Secrets_K3S/nginx-https-deploy.yml
@@ -0,0 +1,104 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-https
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx-https
+  template:
+    metadata:
+      labels:
+        app: nginx-https
+    spec:
+      containers:
+      - name: nginx-https
+        image: nginx
+        ports:
+        - name: web
+          containerPort: 80
+        ports:
+        - name: sslweb
+          containerPort: 443
+        volumeMounts:
+        - name: nginx-cm
+          mountPath: /etc/nginx
+        - name: nginx-secret
+          mountPath: /etc/nginx/ssl
+          readOnly: true
+        - name: wolumin1
+          mountPath: /usr/share/nginx/html
+      volumes:
+      - name: nginx-cm
+        configMap:
+          name: nginx-cm
+      - name: nginx-secret
+        configMap:
+          name: nginx-secret
+      - name: wolumin1
+        hostPath:
+          path: /var/nginx
+          type: DirectoryOrCreate
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-cm
+data:
+  nginx.conf: |
+    user nginx;
+    worker_processes 1;
+    events {
+      worker_connections  1024;
+    }
+    http {
+      server {
+        listen 80;
+        listen 443 ssl;
+        server_name example.com;
+        ssl_certificate     /etc/nginx/ssl/server-cert.pem;
+        ssl_certificate_key /etc/nginx/ssl/server-key.pem;
+        location / {
+          root   /usr/share/nginx/html;
+          index  index.html index.htm index.php;
+        }
+      }
+    }  
+      
+      
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-https
+  labels:
+    app: nginx-https
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 8880
+    targetPort: 80
+    protocol: TCP
+    name: http
+  - port: 8443
+    targetPort: 443
+    protocol: TCP
+    name: https
+  selector:
+    app: nginx-https
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: metallb-system
+  name: config
+data:
+  config: |
+    address-pools:
+    - name: default
+      protocol: layer2
+      addresses:
+      - 192.168.100.230-192.168.100.235
--- a/Configmaps_Secrets_K3S/nginx-https-secret.yml
+++ b/Configmaps_Secrets_K3S/nginx-https-secret.yml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: nginx-secret
+type: Opaque
+stringData:
+  server-cert.pem: |
+    -----BEGIN CERTIFICATE-----
+    ...
+    -----END CERTIFICATE-----
+  server-key.pem: |
+    -----BEGIN PRIVATE KEY-----
+    ...
+    -----END PRIVATE KEY
--- a/K3S-NFS/nfs-pv.yml
+++ b/K3S-NFS/nfs-pv.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: nfs
+spec:
+  capacity:
+    storage: 500Mi
+  accessModes:
+    - ReadWriteMany
+  storageClassName: nfs
+  nfs:
+    server: 192.168.100.185
+    path: "/volume1/nginx"
--- a/K3S-NFS/nfs-pvc.yml
+++ b/K3S-NFS/nfs-pvc.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: nfs
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: nfs
+  resources:
+    requests:
+      storage: 100Mi
--- a/K3S-NFS/nginx-deployment.yml
+++ b/K3S-NFS/nginx-deployment.yml
@@ -0,0 +1,71 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx
+        ports:
+          - containerPort: 80
+        volumeMounts:
+          - name: wolumin1
+            mountPath: /usr/share/nginx/html
+      volumes:
+      - name: wolumin1
+        persistentVolumeClaim:
+          claimName: nfs
+
+#---
+#apiVersion: v1
+#kind: PersistentVolumeClaim
+#metadata:
+#  name: nfs
+#spec:
+#  accessModes:
+#    - ReadWriteMany
+#  storageClassName: nfs
+#  resources:
+#    requests:
+#      storage: 100Mi
+
+
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+  labels:
+    app: nginx
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 8088
+    targetPort: 80
+    protocol: TCP
+  selector:
+    app: nginx
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: metallb-system
+  name: config
+data:
+  config: |
+    address-pools:
+    - name: default
+      protocol: layer2
+      addresses:
+      - 192.168.100.230-192.168.100.235
--- a/MultiMaster_K3S_HA/checkapi.sh
+++ b/MultiMaster_K3S_HA/checkapi.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+errorExit() {
+  echo "*** $@" 1>&2
+  exit 1
+}
+
+curl --silent --max-time 2 --insecure https://localhost:6443/ -o /dev/null || errorExit "Error GET https://localhost:6443/"
+if ip addr | grep -q 192.168.101.111; then
+  curl --silent --max-time 2 --insecure https://192.168.101.111:6443/ -o /dev/null || errorExit "Error GET https://172.16.16.100:6443/"
+fi
--- a/MultiMaster_K3S_HA/haproxy.cfg
+++ b/MultiMaster_K3S_HA/haproxy.cfg
@@ -0,0 +1,15 @@
+frontend kubernetes-frontend
+  bind *:6443
+  mode tcp
+  option tcplog
+  default_backend kubernetes-backend
+
+backend kubernetes-backend
+  option httpchk GET /healthz
+  http-check expect status 200
+  mode tcp
+  option ssl-hello-chk
+  balance roundrobin
+    server kmaster1 192.168.100.56:6443 check fall 3 rise 2
+    server kmaster2 192.168.100.65:6443 check fall 3 rise 2
+    server kmaster3 192.168.100.66:6443 check fall 3 rise 2
--- a/MultiMaster_K3S_HA/keepalived.conf
+++ b/MultiMaster_K3S_HA/keepalived.conf
@@ -0,0 +1,26 @@
+vrrp_script checkapi {
+  script "/etc/keepalived/checkapi.sh"
+  interval 2 # Uruchamiaj skrypt co 2 sekundy
+  timeout 5 # Poczekaj do 5 sekund na skrypt przed przyjęciem niezerowego kodu wyjścia
+  fall 3 # Jeśli skrypt zwraca kod niezerowy 3 razy z rzędu, wprowadź stan FAULT
+  rise 3 # Jeśli skrypt zwraca kod zero 3 razy z rzędu, wyjdź ze stanu FAULT
+  weight -10 # Zmniejsz priorytet o 10 przy wykrytej awarii
+}
+
+vrrp_instance VI_1 {
+    state ACTIVE
+    interface enp0s3
+    virtual_router_id 1
+    priority 100
+    advert_int 2
+    authentication {
+        auth_type PASS
+        auth_pass mojehaslo
+    }
+    virtual_ipaddress {
+        192.168.101.111
+    }
+    track_script {
+        checkapi
+    }
+}
--- a/StatefullSet&DaemonSet/nginx-daemonset.yml
+++ b/StatefullSet&DaemonSet/nginx-daemonset.yml
@@ -0,0 +1,16 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: nginx-daemonset
+spec:
+  selector:
+    matchLabels:
+      app: nginx-daemonset-app
+  template:
+    metadata:
+      labels:
+        app: nginx-daemonset-app
+    spec:
+      containers:
+      - image: nginx
+        name: nginx
--- a/StatefullSet&DaemonSet/nginx-rollingupdate.yml
+++ b/StatefullSet&DaemonSet/nginx-rollingupdate.yml
@@ -0,0 +1,35 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    run: nginx
+  name: wdrozenie-nginx
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      run: nginx
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+  minReadySeconds: 5
+  revisionHistoryLimit: 5
+  template:
+    metadata:
+      labels:
+        run: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.18
+        ports:
+        - containerPort: 80
+        readinessProbe:
+          initialDelaySeconds: 5
+          periodSeconds: 5
+          successThreshold: 1
+          httpGet:
+             path: /
+             port: 80
--- a/StatefullSet&DaemonSet/sts-nginx.yml
+++ b/StatefullSet&DaemonSet/sts-nginx.yml
@@ -0,0 +1,46 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-uslugasts
+  labels:
+    run: nginx-sts
+spec:
+  ports:
+  - port: 80
+    name: web
+  clusterIP: None
+  selector:
+    run: nginx-sts
+    
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: nginx-sts
+spec:
+  serviceName: "nginx-uslugasts"
+  replicas: 4
+  selector:
+    matchLabels:
+      run: nginx-sts
+  template:
+    metadata:
+      labels:
+        run: nginx-sts
+    spec:
+      containers:
+      - name: nginx
+        image: nginx
+        volumeMounts:
+        - name: www
+          mountPath: /var/www/
+  volumeClaimTemplates:
+  - metadata:
+      name: www
+    spec:
+      storageClassName: manual
+      accessModes:
+        - ReadWriteOnce
+      resources:
+        requests:
+          storage: 20Mi
--- a/StatefullSet&DaemonSet/sts-pv.yml
+++ b/StatefullSet&DaemonSet/sts-pv.yml
@@ -0,0 +1,79 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-nfs-pv0
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 100Mi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: 192.168.100.179
+    path: "/kubenfs/pv0"
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-nfs-pv1
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 200Mi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: 192.168.100.179
+    path: "/kubenfs/pv1"
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-nfs-pv2
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 200Mi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: 192.168.100.179
+    path: "/kubenfs/pv2"
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-nfs-pv3
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 200Mi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: 192.168.100.179
+    path: "/kubenfs/pv3"
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-nfs-pv4
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 200Mi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: 192.168.100.179
+    path: "/kubenfs/pv4"
Author	SHA1	Message	Date
Jarosław Karcewicz	25a8ad8011	.	2022-04-05 19:57:21 +02:00
Jarosław Karcewicz	56f1a6edc4	.	2022-04-05 19:45:59 +02:00
Jarosław Karcewicz	95f2d5f1b4	.	2022-04-05 17:26:50 +02:00
Jarosław Karcewicz	3752df60bd	.	2022-03-27 23:02:36 +02:00
Jarosław Karcewicz	4822459531	Merge branch 'master' of ssh://gitea.adminakademia.pl:2222/adminakademia/kubernetes	2022-03-27 12:15:03 +02:00
Jarosław Karcewicz	22166acee1	MultiMaster_K3S_HA1	2022-03-25 23:14:25 +01:00