1
0
Fork 0

add external database

This commit is contained in:
Massaki Archambault 2020-08-11 00:37:20 -04:00
parent acc1a074ed
commit 6711667af8
18 changed files with 91 additions and 25 deletions

7
clean-dev-cluster.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/bash -e
k3d cluster delete local
# docker stop registry.localhost
# docker container rm registry.localhost
# docker stop mariadb.localhost
# docker container rm mariadb.localhost

View File

@ -1,5 +1,5 @@
--- a 2020-08-03 08:32:44.463589161 -0400 --- a 2020-08-10 23:13:10.083362050 -0400
+++ b 2020-08-03 08:34:06.230277210 -0400 +++ b 2020-08-10 23:14:00.823784738 -0400
@@ -19,7 +19,7 @@ @@ -19,7 +19,7 @@
metadata: metadata:
name: certificaterequests.cert-manager.io name: certificaterequests.cert-manager.io
@ -147,3 +147,12 @@
--- ---
# Source: cert-manager/templates/service.yaml # Source: cert-manager/templates/service.yaml
apiVersion: v1 apiVersion: v1
@@ -19338,7 +19333,7 @@
- --secure-port=10250
- --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE)
- --dynamic-serving-ca-secret-name=cert-manager-webhook-ca
- - --dynamic-serving-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc
+ - --dynamic-serving-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.kube-system.svc
ports:
- name: https
containerPort: 10250

View File

@ -3,7 +3,7 @@ kind: RemoteResources
metadata: metadata:
name: cert-manager name: cert-manager
resources: resources:
- url: https://github.com/jetstack/cert-manager/releases/download/v0.16.0/cert-manager.yaml - url: https://github.com/jetstack/cert-manager/releases/download/v0.16.1/cert-manager.yaml
sha256: 5770f5f01c10a902355b3522b8ce44508ebb6ec88955efde9a443afe5b3969d7 sha256: 75e7cc1fb42f759860ab896aaa404c0d8c8d5896274d3739eccb193ed1075dd9
patches: # patches:
- cert-manager-namespace.patch # - cert-manager-namespace.patch

View File

@ -0,0 +1,3 @@
resources:
- drone-server-deployment.yaml
- drone-runner-deployment.yaml

View File

@ -32,7 +32,10 @@ spec:
- name: DB_TYPE - name: DB_TYPE
value: mysql value: mysql
- name: DB_HOST - name: DB_HOST
value: mariadb.gitea.svc:3306 valueFrom:
secretKeyRef:
name: mariadb-credentials-secret
key: host
- name: DB_NAME - name: DB_NAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

View File

@ -1,7 +1,5 @@
resources: resources:
- gitea-deployment.yaml - gitea-deployment.yaml
- drone-server-deployment.yaml
- drone-runner-deployment.yaml
- ingress.yaml - ingress.yaml
secretGenerator: secretGenerator:
@ -9,15 +7,16 @@ secretGenerator:
type: Opaque type: Opaque
behavior: create behavior: create
literals: literals:
- host=mariadb.localhost:3306
- database=gitea - database=gitea
- username=gitea - username=gitea
- password=replaceme - password=changeme
- name: drone-secret - name: drone-secret
type: Opaque type: Opaque
literals: literals:
- rpc_secret=replaceme - rpc_secret=changeme
- name: drone-gitea-oauth-secret - name: drone-gitea-oauth-secret
type: Opaque type: Opaque
literals: literals:
- client_id=replaceme - client_id=changeme
- client_secret=replaceme - client_secret=changeme

View File

@ -24,7 +24,10 @@ spec:
- name: GF_DATABASE_TYPE - name: GF_DATABASE_TYPE
value: mysql value: mysql
- name: GF_DATABASE_HOST - name: GF_DATABASE_HOST
value: mariadb.grafana.svc:3306 valueFrom:
secretKeyRef:
name: mariadb-credentials-secret
key: host
- name: GF_DATABASE_NAME - name: GF_DATABASE_NAME
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

View File

@ -12,6 +12,7 @@ secretGenerator:
type: Opaque type: Opaque
behavior: create behavior: create
literals: literals:
- host=mariadb.localhost:3306
- database=grafana - database=grafana
- username=grafana - username=grafana
- password=replaceme - password=changeme

View File

@ -1,5 +1,5 @@
--- a 2020-08-03 08:27:39.420706235 -0400 --- a 2020-08-10 23:16:01.598069317 -0400
+++ b 2020-08-03 08:29:09.257135444 -0400 +++ b 2020-08-10 23:16:35.401656793 -0400
@@ -1,14 +1,4 @@ @@ -1,14 +1,4 @@
- -
-apiVersion: v1 -apiVersion: v1
@ -253,11 +253,13 @@
spec: spec:
template: template:
metadata: metadata:
@@ -525,7 +515,7 @@ @@ -524,8 +514,8 @@
imagePullPolicy: IfNotPresent
args: args:
- create - create
- --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.ingress-nginx.svc - - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.ingress-nginx.svc
- - --namespace=ingress-nginx - - --namespace=ingress-nginx
+ - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.kube-system.svc
+ - --namespace=kube-system + - --namespace=kube-system
- --secret-name=ingress-nginx-admission - --secret-name=ingress-nginx-admission
restartPolicy: OnFailure restartPolicy: OnFailure

View File

@ -8,6 +8,7 @@ secretGenerator:
type: Opaque type: Opaque
behavior: create behavior: create
literals: literals:
- host=mariadb.localhost:3306
- database=nextcloud - database=nextcloud
- username=nextcloud - username=nextcloud
- password=replaceme - password=changeme

View File

@ -20,7 +20,10 @@ spec:
- name: TRUSTED_PROXIES - name: TRUSTED_PROXIES
value: 10.0.0.0/8 value: 10.0.0.0/8
- name: MYSQL_HOST - name: MYSQL_HOST
value: mariadb.nextcloud.svc:3306 valueFrom:
secretKeyRef:
name: mariadb-credentials-secret
key: host
- name: MYSQL_DATABASE - name: MYSQL_DATABASE
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

View File

@ -0,0 +1,4 @@
bases:
- ../../bases/cert-manager
# namespace: cert-manager

View File

@ -1,5 +1,4 @@
bases: bases:
- ../../bases/ingress-nginx - ../../bases/ingress-nginx
- ../../bases/cert-manager
namespace: kube-system namespace: kube-system

View File

@ -1,5 +1,6 @@
bases: bases:
- ../../namespaces/kube-system - ../../namespaces/kube-system
- ../../namespaces/cert-manager
# allow "kubectl apply -l managed-by=auto-deploy --prune ..." # allow "kubectl apply -l managed-by=auto-deploy --prune ..."
commonlabels: commonlabels:

View File

@ -27,8 +27,9 @@ if ! k3d cluster list "$cluster_name" &>/dev/null; then
--agents 3 \ --agents 3 \
--k3s-server-arg '--no-deploy=traefik' \ --k3s-server-arg '--no-deploy=traefik' \
--volume "$k3s_registry_config:/etc/rancher/k3s/registries.yaml" \ --volume "$k3s_registry_config:/etc/rancher/k3s/registries.yaml" \
-p 8080:80@loadbalancer -p 80:80@loadbalancer \
sleep 1 -p 443:443@loadbalancer
sleep 10
fi fi
# --volume ":/var/lib/rancher/k3s/server/manifests/auto-deploy.yaml" \ # --volume ":/var/lib/rancher/k3s/server/manifests/auto-deploy.yaml" \
@ -44,6 +45,36 @@ if ! docker ps -a | grep registry.localhost &>/dev/null; then
docker network connect "k3d-$cluster_name" registry.localhost docker network connect "k3d-$cluster_name" registry.localhost
fi fi
# local mariadb database
if ! docker ps -a | grep mariadb.localhost &>/dev/null; then
docker volume create local_mariadb
docker run -d \
--name mariadb.localhost \
--volume local_mariadb:/var/lib/mysql \
--restart always \
--env MYSQL_ROOT_PASSWORD=changeme \
-p 3306:3306 \
mariadb:10.5
docker network connect "k3d-$cluster_name" mariadb.localhost
sleep 10
fi
docker exec mariadb.localhost mysql -vv -uroot -pchangeme -e "
CREATE DATABASE IF NOT EXISTS gitea;
CREATE USER IF NOT EXISTS 'gitea'@'%' IDENTIFIED BY 'changeme';
GRANT ALL PRIVILEGES ON gitea.* TO 'gitea'@'%';
CREATE DATABASE IF NOT EXISTS grafana;
CREATE USER IF NOT EXISTS 'grafana'@'%' IDENTIFIED BY 'changeme';
GRANT ALL PRIVILEGES ON grafana.* TO 'grafana'@'%';
CREATE DATABASE IF NOT EXISTS nextcloud;
CREATE USER IF NOT EXISTS 'nextcloud'@'%' IDENTIFIED BY 'changeme';
GRANT ALL PRIVILEGES ON grafana.* TO 'nextcloud'@'%';
FLUSH PRIVILEGES;
"
k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null
kubectl apply -f "$auto_deploy_manifest" kubectl apply -f "$auto_deploy_manifest"
kubectl get nodes kubectl get nodes