init

2021-05-06 15:02:42 +07:00
commit 05b0d36bb3
16 changed files with 260 additions and 0 deletions
--- a/App/docker/docker-compose.yaml
+++ b/App/docker/docker-compose.yaml
@@ -0,0 +1,13 @@
 version: '3.7'
 services:
    app:
        build: ./php
        container_name: myapp
        ports:
          - 80:80
        networks:
            app_net:
 networks:
  app_net:
    name: app_net
--- a/App/docker/php/Dockerfile
+++ b/App/docker/php/Dockerfile
@@ -0,0 +1,19 @@
 FROM php:7.4-apache-buster
 MAINTAINER vasyakrg <vasyakrg@gmail.com>
 RUN apt-get update && apt-get install -y \
        apt-transport-https \
        curl \
        wget \
        git \
        # && curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \
        && apt-get update && rm -rf /var/lib/apt/lists/*
 RUN rm /etc/apache2/sites-enabled/*
 COPY myapp.conf /etc/apache2/sites-available/myapp.conf
 RUN a2enmod rewrite headers && a2ensite myapp
 COPY myapp/ /var/www/
 WORKDIR /var/www
 # CMD ['apache2-foreground']
--- a/App/docker/php/build.sh
+++ b/App/docker/php/build.sh
@@ -0,0 +1,3 @@
 #!/bin/bash
 docker build -t vasyakrg/php-app . && docker push vasyakrg/php-app
--- a/App/docker/php/myapp.conf
+++ b/App/docker/php/myapp.conf
@@ -0,0 +1,17 @@
 <VirtualHost *:80>
    ServerName localhost
    DocumentRoot /var/www
    <Directory "/var/www">
        DirectoryIndex index.html
    </Directory>
    ErrorLog /var/log/apache2/error.log
    CustomLog /var/log/apache2/access.log combined
    RewriteEngine On
    RewriteCond "%{DOCUMENT_ROOT}%{REQUEST_FILENAME}" !-f
    RewriteCond "%{DOCUMENT_ROOT}%{REQUEST_FILENAME}" !-d
    RewriteRule "^" "/index.php" [L]
 </VirtualHost>
--- a/App/docker/php/myapp/index.php
+++ b/App/docker/php/myapp/index.php
@@ -0,0 +1,8 @@
 <html>
 <head>
  <title>Тестируем PHP</title>
 </head>
 <body>
 <?php echo '<p>Привет, мир!</p>'; ?>
 </body>
 </html>
--- a/App/kubernetes/deploy.yaml
+++ b/App/kubernetes/deploy.yaml
@@ -0,0 +1,27 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  namespace: myapp
  labels:
    app: myapp
  name: myapp
 spec:
  replicas: 1
  selector:
    matchLabels:
      app: myapp
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: myapp
    spec:
      hostname: app-pod
      restartPolicy: Always
      containers:
        - name: app-fpm
          image: vasyakrg/php-app
          imagePullPolicy: Always
          ports:
          - containerPort: 80
--- a/App/kubernetes/ingress.yaml
+++ b/App/kubernetes/ingress.yaml
@@ -0,0 +1,25 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  namespace: myapp
  annotations:
    cert-manager.io/cluster-issuer: orc-letsencrypt-issuer
    nginx.ingress.kubernetes.io/proxy-body-size: 200m
    nginx.ingress.kubernetes.io/from-to-www-redirect: "true"
  name: k8s-app
 spec:
  rules:
  - host: app.k8s-nsk.tk
    http:
      paths:
      - pathType: Prefix
        path: /
        backend:
          service:
            name: app-service
            port:
              number: 80
  tls:
  - hosts:
      - app.k8s-nsk.tk
    secretName: app-k8s-nsk-tls
--- a/App/kubernetes/namespace.yaml
+++ b/App/kubernetes/namespace.yaml
@@ -0,0 +1,6 @@
 # kubetpl:syntax:$
 apiVersion: v1
 kind: Namespace
 metadata:
  name: myapp
--- a/App/kubernetes/service.yaml
+++ b/App/kubernetes/service.yaml
@@ -0,0 +1,13 @@
 # App
 apiVersion: v1
 kind: Service
 metadata:
  namespace: myapp
  name: app-service
 spec:
  ports:
    - name: app-port
      port: 80
  selector:
    app: myapp
 ---
--- a/Cluster/.gitignore
+++ b/Cluster/.gitignore
@@ -0,0 +1,4 @@
 cluster.rkestate
 kube_config_cluster.yml
 tls/*.key
 tls/*.crt
--- a/Cluster/0-docker.sh
+++ b/Cluster/0-docker.sh
@@ -0,0 +1,4 @@
 #!/bin/bash
 # to all nodes
 apt update && apt install -y curl && curl https://get.docker.com -o install.sh && sh install.sh
--- a/Cluster/1-rke.sh
+++ b/Cluster/1-rke.sh
@@ -0,0 +1,7 @@
 #!/bin/bash
 # brew install rke
 # https://rancher.com/docs/rke/latest/en/installation/
 # create cluster
 rke up
--- a/Cluster/2-add-config.sh
+++ b/Cluster/2-add-config.sh
@@ -0,0 +1,10 @@
 #!/bin/bash
 # add config file
 cat kube_config_cluster.yml > ~/.kube/k8s-hls
 # enable config auth
 export KUBECONFIG=$(find ~/.kube -maxdepth 1 -type f -name '*' | tr "\n" ":")
 # test auth to cluster
 kubectl get pods --all-namespaces
--- a/Cluster/3-init-certmanager.sh
+++ b/Cluster/3-init-certmanager.sh
@@ -0,0 +1,25 @@
 #!/bin/bash
 # Install the CustomResourceDefinition resources separately
 kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.crds.yaml
 # Create the namespace for cert-manager
 kubectl create namespace cert-manager
 # Add the Jetstack Helm repository
 helm repo add cert-manager https://charts.jetstack.io
 # Update your local Helm chart repository cache
 helm repo update
 helm upgrade --install \
  cert-manager \
  cert-manager/cert-manager \
  --namespace cert-manager \
  --version 1.3.1
 kubectl -n cert-manager rollout status deploy/cert-manager
 sleep 5
 kubectl apply -f certmanager/orc-letsencrypt-issuer.yaml
--- a/Cluster/certmanager/orc-letsencrypt-issuer.yaml
+++ b/Cluster/certmanager/orc-letsencrypt-issuer.yaml
@@ -0,0 +1,15 @@
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
  name: orc-letsencrypt-issuer
 spec:
  acme:
    server: https://acme-v02.api.letsencrypt.org/directory
    email: vasyakrg@gmail.com
    privateKeySecretRef:
      name: orc-letsencrypt-private-key
    solvers:
    - selector: {}
      http01:
        ingress:
          class: nginx
--- a/Cluster/cluster.yml
+++ b/Cluster/cluster.yml
@@ -0,0 +1,64 @@
 cluster_name: k8s-cluster
 name: k8s-cluster
 enable_cluster_alerting: false
 enable_cluster_monitoring: false
 ignore_docker_version: true
 kubernetes_version: v1.19.9-rancher1-1
 nodes:
  - address: 65.21.148.66
    internal_address: 10.0.0.3
    hostname_override: node1
    user: root
    labels:
      worker: yes
      location: nsk
    role: [controlplane, worker, etcd]
  - address: 65.21.146.162
    internal_address: 10.0.0.2
    hostname_override: node2
    user: root
    labels:
      worker: yes
      location: nsk
    role: [controlplane, worker, etcd]
  - address: 65.21.149.204
    internal_address: 10.0.0.4
    hostname_override: node3
    user: root
    labels:
      worker: yes
      location: nsk
    role: [controlplane, worker, etcd]
 services:
  etcd:
    snapshot: true
    creation: 6h
    retention: 30h
  kube-controller:
    extra_args:
      terminated-pod-gc-threshold: 100
  kubelet:
    extra_args:
      max-pods: 250
  kube-api:
    extra_args:
      feature-gates: "ServiceAccountIssuerDiscovery=false,RemoveSelfLink=false"
 authentication:
    strategy: x509
    sans:
      - "167.233.11.162"
      - "rke.k8s-nsk.tk"
 dns:
  provider: coredns
  upstreamnameservers:
  - 8.8.8.8
  - 8.8.4.4
 ingress:
  provider: nginx
  options:
    use-forwarded-headers: "true"
		`@@ -0,0 +1,3 @@`
							`#!/bin/bash`

							`docker build -t vasyakrg/php-app . && docker push vasyakrg/php-app`