mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-21 07:46:04 +08:00
176 lines
4.1 KiB
YAML
176 lines
4.1 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mosquitto
|
|
spec:
|
|
progressDeadlineSeconds: 600
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/instance: mosquitto
|
|
app.kubernetes.io/name: mosquitto
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/instance: mosquitto
|
|
app.kubernetes.io/name: mosquitto
|
|
spec:
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
- matchExpressions:
|
|
- key: mqhost
|
|
operator: In
|
|
values:
|
|
- "true"
|
|
containers:
|
|
- image: eclipse-mosquitto:2.0.11-openssl
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
tcpSocket:
|
|
port: 8883
|
|
timeoutSeconds: 1
|
|
name: mosquitto
|
|
ports:
|
|
- containerPort: 1883
|
|
name: mqtt
|
|
protocol: TCP
|
|
- containerPort: 8883
|
|
name: mqtt2
|
|
protocol: TCP
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
tcpSocket:
|
|
port: 8883
|
|
timeoutSeconds: 1
|
|
resources: {}
|
|
startupProbe:
|
|
failureThreshold: 30
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
tcpSocket:
|
|
port: 8883
|
|
timeoutSeconds: 1
|
|
terminationMessagePath: /dev/termination-log
|
|
terminationMessagePolicy: File
|
|
volumeMounts:
|
|
- mountPath: /mosquitto/config/mosquitto.conf
|
|
name: mosquitto-config
|
|
subPath: mosquitto.conf
|
|
- mountPath: /mosquitto/certs
|
|
name: shared-certs
|
|
dnsPolicy: ClusterFirst
|
|
restartPolicy: Always
|
|
terminationGracePeriodSeconds: 30
|
|
volumes:
|
|
- configMap:
|
|
name: mosquitto-config
|
|
name: mosquitto-config
|
|
- name: shared-certs
|
|
persistentVolumeClaim:
|
|
claimName: shared-certs-pvc
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: mq
|
|
namespace: netmaker
|
|
spec:
|
|
ports:
|
|
- name: mqtt
|
|
port: 1883
|
|
protocol: TCP
|
|
targetPort: mqtt
|
|
- name: mqtt2
|
|
port: 8883
|
|
protocol: TCP
|
|
targetPort: mqtt2
|
|
selector:
|
|
app.kubernetes.io/instance: mosquitto
|
|
app.kubernetes.io/name: mosquitto
|
|
sessionAffinity: None
|
|
---
|
|
apiVersion: v1
|
|
data:
|
|
mosquitto.conf: |
|
|
per_listener_settings false
|
|
listener 8883
|
|
protocol websockets
|
|
allow_anonymous false
|
|
listener 1883
|
|
protocol websockets
|
|
allow_anonymous false
|
|
plugin /usr/lib/mosquitto_dynamic_security.so
|
|
plugin_opt_config_file /mosquitto/data/dynamic-security.json
|
|
kind: ConfigMap
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/instance: mosquitto
|
|
app.kubernetes.io/name: mosquitto
|
|
name: mosquitto-config
|
|
namespace: netmaker
|
|
---
|
|
kind: PersistentVolumeClaim
|
|
apiVersion: v1
|
|
metadata:
|
|
name: shared-certs-pvc
|
|
spec:
|
|
storageClassName: RWX_STORAGE_CLASS
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 100Mi
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
name: 'netmaker-mqtt'
|
|
spec:
|
|
externalTrafficPolicy: Cluster
|
|
type: NodePort
|
|
selector:
|
|
app.kubernetes.io/instance: mosquitto
|
|
app.kubernetes.io/name: mosquitto
|
|
ports:
|
|
- port: 31883
|
|
nodePort: 31883
|
|
protocol: TCP
|
|
targetPort: 8883
|
|
name: nm-mqtt
|
|
# ---
|
|
# apiVersion: networking.k8s.io/v1
|
|
# kind: Ingress
|
|
# metadata:
|
|
# name: nm-mqtt-ingress-nginx
|
|
# annotations:
|
|
# nginx.ingress.kubernetes.io/rewrite-target: /
|
|
# cert-manager.io/cluster-issuer: "letsencrypt-nginx"
|
|
# nginx.ingress.kubernetes.io/ssl-redirect: 'true'
|
|
# spec:
|
|
# ingressClassName: nginx
|
|
# tls:
|
|
# - hosts:
|
|
# - broker.NETMAKER_SUBDOMAIN
|
|
# secretName: nm-mqtt-tls
|
|
# rules:
|
|
# - host: broker.NETMAKER_SUBDOMAIN
|
|
# http:
|
|
# paths:
|
|
# - path: /
|
|
# pathType: Prefix
|
|
# backend:
|
|
# service:
|
|
# name: netmaker-mqtt
|
|
# port:
|
|
# number: 8883 |