netmaker/kube/netmaker-template.yaml

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: rqlite-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: netmaker-backend
  labels:
    app: netmaker-backend
spec:
  selector:
    matchLabels:
      app: netmaker-backend
  replicas: 1
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: netmaker-backend
    spec:
      containers:
      - name: netmaker-backend
        image: gravitl/netmaker:v0.7
        imagePullPolicy: Always
        ports:
        - containerPort: 8081
        securityContext:
          privileged: true
        env:
        - name: SERVER_API_CONN_STRING
          value: "api.NETMAKER_BASE_DOMAIN:443"
        - name: SERVER_GRPC_CONN_STRING
          value: "grpc.NETMAKER_BASE_DOMAIN:443"
        - name: COREDNS_ADDR
          value: "10.152.183.53"
        - name: POD_IP
          valueFrom:
            fieldRef:
              fieldPath: status.podIP
        - name: GRPC_SSL
          value: "on"
        - name: SERVER_HTTP_HOST
          value: "api.NETMAKER_BASE_DOMAIN"
        - name: SERVER_GRPC_HOST
          value: "grpc.NETMAKER_BASE_DOMAIN"
        - name: API_PORT
          value: "8081"
        - name: GRPC_PORT
          value: "80"
        - name: CLIENT_MODE
          value: "off"
        - name: MASTER_KEY
          value: "Unkn0wn!"
        - name: PLATFORM
          value: "Kubernetes"
        - name: CORS_ALLOWED_ORIGIN
          value: "*"
        volumeMounts:
        - name: nm-pvc
          mountPath: /root/config/dnsconfig
      - name: rqlite
        image: rqlite/rqlite
        ports:
        - containerPort: 4001
        - containerPort: 4002
        volumeMounts:
        - name: rqlitevol
          mountPath: /rqlite/file/data
      volumes:
      - name: rqlitevol
        persistentVolumeClaim:
          claimName: rqlite-pvc
      - name: nm-pvc
        persistentVolumeClaim:
          claimName: nm-pvc
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nm-pvc
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 128Mi
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-backend
  name: netmaker-api
spec:
  ports:
  - port: 8081
    protocol: TCP
    targetPort: 8081
  selector:
    app: netmaker-backend
  sessionAffinity: None
  type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-backend
  name: netmaker-grpc
spec:
  ports:
  - port: 443
    protocol: TCP
    targetPort: 443
  selector:
    app: netmaker-backend
  sessionAffinity: None
  type: ClusterIP
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: netmaker-dns
  labels:
    app: netmaker-dns
spec:
  selector:
    matchLabels:
      app: netmaker-dns
  replicas: 1
  template:
    metadata:
      labels:
        app: netmaker-dns
    spec:
      containers:
      - args:
        - -conf
        - /root/dnsconfig/Corefile
        image: coredns/coredns
        imagePullPolicy: Always
        name: netmaker-dns
        ports:
        - containerPort: 53
          name: dns
          protocol: UDP
        - containerPort: 53
          name: dns-tcp
          protocol: TCP
        volumeMounts:
        - mountPath: /root/dnsconfig
          name: nm-pvc
          readOnly: true
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            add:
            - NET_BIND_SERVICE
            drop:
            - all
      dnsPolicy: "None"
      dnsConfig:
        nameservers:
          - 127.0.0.1
      volumes:
      - name: nm-pvc
        persistentVolumeClaim:
          claimName: nm-pvc
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-dns
  name: netmaker-dns
spec:
  ports:
  - port: 53
    protocol: UDP
    targetPort: 53
    name: udp
  - port: 53
    protocol: TCP
    targetPort: 53
    name: tcp
  selector:
    app: netmaker-dns
  sessionAffinity: None
  type: ClusterIP
  clusterIP: 10.152.183.53
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: netmaker-ui
  labels:
    app: netmaker-ui
spec:
  selector:
    matchLabels:
      app: netmaker-ui
  replicas: 1
  template:
    metadata:
      labels:
        app: netmaker-ui
    spec:
      containers:
      - name: netmaker-ui
        image: gravitl/netmaker-ui:v0.7
        ports:
        - containerPort: 80
        env:
        - name: BACKEND_URL
          value: "https://api.NETMAKER_BASE_DOMAIN"
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: netmaker-ui
  name: netmaker-ui
spec:
  ports:
  - port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: netmaker-ui
  sessionAffinity: None
  type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nm-api-ingress-nginx
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - api.NETMAKER_BASE_DOMAIN
    secretName: nm-api-tls
  rules:
  - host: api.NETMAKER_BASE_DOMAIN
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: netmaker-api
            port:
              number: 8081
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nm-grpc-ingress-nginx
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
    nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - grpc.NETMAKER_BASE_DOMAIN
    secretName: nm-grpc-tls
  rules:
  - host: grpc.NETMAKER_BASE_DOMAIN
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: netmaker-grpc
            port:
              number: 443
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nm-ui-ingress-nginx
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/ssl-redirect: 'true'
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - dashboard.NETMAKER_BASE_DOMAIN
    secretName: nm-ui-tls
  rules:
  - host: dashboard.NETMAKER_BASE_DOMAIN
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: netmaker-ui
            port:
              number: 80
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`---`
			`apiVersion: v1`
			`kind: PersistentVolumeClaim`
			`metadata:`
adding some rqlite vars 2021-08-19 02:55:41 +08:00			`name: rqlite-pvc`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`spec:`
			`accessModes:`
			`- ReadWriteOnce`
			`resources:`
			`requests:`
adding some rqlite vars 2021-08-19 02:55:41 +08:00			`storage: 1Gi`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`---`
			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: netmaker-backend`
			`labels:`
			`app: netmaker-backend`
			`spec:`
			`selector:`
			`matchLabels:`
			`app: netmaker-backend`
			`replicas: 1`
client mode enablement 2021-08-20 01:41:04 +08:00			`strategy:`
			`type: Recreate`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`template:`
			`metadata:`
			`labels:`
			`app: netmaker-backend`
			`spec:`
			`containers:`
			`- name: netmaker-backend`
fixing versions 2021-08-20 07:27:25 +08:00			`image: gravitl/netmaker:v0.7`
client mode enablement 2021-08-20 01:41:04 +08:00			`imagePullPolicy: Always`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`ports:`
			`- containerPort: 8081`
client mode enablement 2021-08-20 01:41:04 +08:00			`securityContext:`
			`privileged: true`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`env:`
			`- name: SERVER_API_CONN_STRING`
adding yemplates 2021-08-20 04:52:24 +08:00			`value: "api.NETMAKER_BASE_DOMAIN:443"`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: SERVER_GRPC_CONN_STRING`
adding yemplates 2021-08-20 04:52:24 +08:00			`value: "grpc.NETMAKER_BASE_DOMAIN:443"`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: COREDNS_ADDR`
			`value: "10.152.183.53"`
client mode enablement 2021-08-20 01:41:04 +08:00			`- name: POD_IP`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: status.podIP`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: GRPC_SSL`
			`value: "on"`
			`- name: SERVER_HTTP_HOST`
adding yemplates 2021-08-20 04:52:24 +08:00			`value: "api.NETMAKER_BASE_DOMAIN"`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: SERVER_GRPC_HOST`
adding yemplates 2021-08-20 04:52:24 +08:00			`value: "grpc.NETMAKER_BASE_DOMAIN"`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: API_PORT`
			`value: "8081"`
			`- name: GRPC_PORT`
adding yemplates 2021-08-20 04:52:24 +08:00			`value: "80"`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: CLIENT_MODE`
			`value: "off"`
			`- name: MASTER_KEY`
			`value: "Unkn0wn!"`
client mode enablement 2021-08-20 01:41:04 +08:00			`- name: PLATFORM`
			`value: "Kubernetes"`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: CORS_ALLOWED_ORIGIN`
			`value: "*"`
Added Volume to Netmaker-backend container spec The volume for the DNS config was not included in the netmaker-backend container spec. This caused the coredns container to continually fail. 2021-09-19 07:58:01 +08:00			`volumeMounts:`
			`- name: nm-pvc`
			`mountPath: /root/config/dnsconfig`
client mode enablement 2021-08-20 01:41:04 +08:00			`- name: rqlite`
			`image: rqlite/rqlite`
			`ports:`
			`- containerPort: 4001`
			`- containerPort: 4002`
			`volumeMounts:`
			`- name: rqlitevol`
			`mountPath: /rqlite/file/data`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`volumes:`
client mode enablement 2021-08-20 01:41:04 +08:00			`- name: rqlitevol`
			`persistentVolumeClaim:`
			`claimName: rqlite-pvc`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`- name: nm-pvc`
			`persistentVolumeClaim:`
			`claimName: nm-pvc`
			`---`
			`apiVersion: v1`
			`kind: PersistentVolumeClaim`
			`metadata:`
			`name: nm-pvc`
			`spec:`
			`accessModes:`
			`- ReadWriteMany`
			`resources:`
			`requests:`
			`storage: 128Mi`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`labels:`
			`app: netmaker-backend`
			`name: netmaker-api`
			`spec:`
			`ports:`
			`- port: 8081`
			`protocol: TCP`
			`targetPort: 8081`
			`selector:`
			`app: netmaker-backend`
			`sessionAffinity: None`
			`type: ClusterIP`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`labels:`
			`app: netmaker-backend`
			`name: netmaker-grpc`
			`spec:`
			`ports:`
			`- port: 443`
			`protocol: TCP`
			`targetPort: 443`
			`selector:`
			`app: netmaker-backend`
			`sessionAffinity: None`
			`type: ClusterIP`
			`---`
			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: netmaker-dns`
			`labels:`
			`app: netmaker-dns`
			`spec:`
			`selector:`
			`matchLabels:`
			`app: netmaker-dns`
			`replicas: 1`
			`template:`
			`metadata:`
			`labels:`
			`app: netmaker-dns`
			`spec:`
			`containers:`
			`- args:`
			`- -conf`
			`- /root/dnsconfig/Corefile`
			`image: coredns/coredns`
			`imagePullPolicy: Always`
			`name: netmaker-dns`
			`ports:`
			`- containerPort: 53`
			`name: dns`
			`protocol: UDP`
			`- containerPort: 53`
			`name: dns-tcp`
			`protocol: TCP`
			`volumeMounts:`
			`- mountPath: /root/dnsconfig`
			`name: nm-pvc`
			`readOnly: true`
			`securityContext:`
			`allowPrivilegeEscalation: false`
			`capabilities:`
			`add:`
			`- NET_BIND_SERVICE`
			`drop:`
			`- all`
			`dnsPolicy: "None"`
			`dnsConfig:`
			`nameservers:`
			`- 127.0.0.1`
			`volumes:`
			`- name: nm-pvc`
			`persistentVolumeClaim:`
			`claimName: nm-pvc`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`labels:`
			`app: netmaker-dns`
			`name: netmaker-dns`
			`spec:`
			`ports:`
			`- port: 53`
			`protocol: UDP`
			`targetPort: 53`
			`name: udp`
			`- port: 53`
			`protocol: TCP`
			`targetPort: 53`
			`name: tcp`
			`selector:`
			`app: netmaker-dns`
			`sessionAffinity: None`
			`type: ClusterIP`
			`clusterIP: 10.152.183.53`
			`---`
			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: netmaker-ui`
			`labels:`
			`app: netmaker-ui`
			`spec:`
			`selector:`
			`matchLabels:`
			`app: netmaker-ui`
			`replicas: 1`
			`template:`
			`metadata:`
			`labels:`
			`app: netmaker-ui`
			`spec:`
			`containers:`
			`- name: netmaker-ui`
updating docs 2021-08-11 11:27:13 +08:00			`image: gravitl/netmaker-ui:v0.7`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`ports:`
			`- containerPort: 80`
			`env:`
			`- name: BACKEND_URL`
			`value: "https://api.NETMAKER_BASE_DOMAIN"`
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`labels:`
			`app: netmaker-ui`
			`name: netmaker-ui`
			`spec:`
			`ports:`
			`- port: 80`
			`protocol: TCP`
			`targetPort: 80`
			`selector:`
			`app: netmaker-ui`
			`sessionAffinity: None`
			`type: ClusterIP`
			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: nm-api-ingress-nginx`
			`annotations:`
			`nginx.ingress.kubernetes.io/rewrite-target: /`
			`cert-manager.io/cluster-issuer: "letsencrypt-prod"`
			`nginx.ingress.kubernetes.io/ssl-redirect: 'true'`
			`spec:`
adding some rqlite vars 2021-08-19 02:55:41 +08:00			`ingressClassName: nginx`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`tls:`
			`- hosts:`
			`- api.NETMAKER_BASE_DOMAIN`
			`secretName: nm-api-tls`
			`rules:`
			`- host: api.NETMAKER_BASE_DOMAIN`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: netmaker-api`
			`port:`
			`number: 8081`
			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: nm-grpc-ingress-nginx`
			`annotations:`
			`cert-manager.io/cluster-issuer: "letsencrypt-prod"`
			`nginx.ingress.kubernetes.io/ssl-redirect: 'true'`
			`nginx.ingress.kubernetes.io/backend-protocol: "GRPC"`
			`spec:`
adding some rqlite vars 2021-08-19 02:55:41 +08:00			`ingressClassName: nginx`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`tls:`
			`- hosts:`
			`- grpc.NETMAKER_BASE_DOMAIN`
			`secretName: nm-grpc-tls`
			`rules:`
			`- host: grpc.NETMAKER_BASE_DOMAIN`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: netmaker-grpc`
			`port:`
			`number: 443`
			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: nm-ui-ingress-nginx`
			`annotations:`
			`nginx.ingress.kubernetes.io/rewrite-target: /`
			`cert-manager.io/cluster-issuer: "letsencrypt-prod"`
			`nginx.ingress.kubernetes.io/ssl-redirect: 'true'`
			`spec:`
adding some rqlite vars 2021-08-19 02:55:41 +08:00			`ingressClassName: nginx`
adding kubernetes templates 2021-07-16 03:27:34 +08:00			`tls:`
			`- hosts:`
			`- dashboard.NETMAKER_BASE_DOMAIN`
			`secretName: nm-ui-tls`
			`rules:`
			`- host: dashboard.NETMAKER_BASE_DOMAIN`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: netmaker-ui`
			`port:`
			`number: 80`