From c6a9884d2f1027eeae0cc0c6040f4bf1efa35159 Mon Sep 17 00:00:00 2001 From: Victor Barba Martin Date: Thu, 28 Oct 2021 20:15:01 +0200 Subject: [PATCH] argocd --- README.md | 33 ++++- argocd | 38 ++++++ argocd.pub | 1 + bitbucket-pipelines.yml | 3 +- k8s/argocd/ingress.yaml | 30 ++++ k8s/cert-manager/certificate-staging.yaml | 12 ++ ...er-production.yaml => cluster-issuer.yaml} | 2 +- k8s/haproxy/haproxy-ingress-values.yaml | 3 +- k8s/haproxy/prometheus-service.yaml | 13 ++ k8s/haproxy/service-monitor.yaml | 37 +++++ k8s/monitoring/alertmanager-config.yaml | 42 ++++++ k8s/monitoring/prometheus-rules.yaml | 14 ++ k8s/stg-video-cluster-kubeconfig.yaml | 20 +-- monitoring.json | 129 ++++++++++++++++++ terraform/lke.tf | 8 +- 15 files changed, 367 insertions(+), 18 deletions(-) create mode 100644 argocd create mode 100644 argocd.pub create mode 100644 k8s/argocd/ingress.yaml create mode 100644 k8s/cert-manager/certificate-staging.yaml rename k8s/cert-manager/{cluster-issuer-production.yaml => cluster-issuer.yaml} (96%) create mode 100644 k8s/haproxy/prometheus-service.yaml create mode 100644 k8s/haproxy/service-monitor.yaml create mode 100644 k8s/monitoring/alertmanager-config.yaml create mode 100644 k8s/monitoring/prometheus-rules.yaml create mode 100644 monitoring.json diff --git a/README.md b/README.md index 39af52c..99d4a0e 100644 --- a/README.md +++ b/README.md @@ -26,4 +26,35 @@ This README would normally document whatever steps are necessary to get your app ### Who do I talk to? ### * Repo owner or admin -* Other community or team contact \ No newline at end of file +* Other community or team contact + +# Install NGINX-INGRESS-CONTROLLER +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update +helm install ingress-nginx ingress-nginx/ingress-nginx + +# GET NGINX INGRESS CONTROLLER LOADBALANCER IP +kubectl --namespace default get services -o wide -w ingress-nginx-controller + +# SETUP *.staging.video.jamkazam.com A RECORD to NGINX INGRESS CONTROLLER LB IP + +Manually AWS console + +# Install cert-manager +helm install cert-manager cert-manager \ +--repo https://charts.jetstack.io \ +--create-namespace --namespace cert-manager \ +--set installCRDs=true + +# Create cluster-issuer +kubectl apply -f k8s/cert-manager/cluster-issuer.yaml + +# Create SSL Cert +kubectl apply -f k8s/cert-manager/certificate-staging.yaml + +# Install ArgoCD +kubectl create namespace argocd +kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml + +# Create ArgoCD Ingress +kubectl apply -f k8s/argocd/ingress.yaml \ No newline at end of file diff --git a/argocd b/argocd new file mode 100644 index 0000000..299bf85 --- /dev/null +++ b/argocd @@ -0,0 +1,38 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAABlwAAAAdzc2gtcn +NhAAAAAwEAAQAAAYEA+cVjgXqQ5qP/+2J3uunKU681+c1YohjBWLXoyglz+GI9MNDoWcz1 +s0v8GX1AgMU4fTkHcuQCvGLvOiOgNFYWKGKhXvvp8PlXa6qgDIOW62Qg1C6VxdwUMu3QzH +lVR/dxCUrtlYL92lj6URXzStCSpviBKnqzGMJitlwyI2CtrEZIRlYkzG9QLypFQ+NdjI3d +Q3848g6gOwkInij+LR3x6MvkOOZeXyc+js4YR7wWkzOi/KHrJZ+zwuJqTD2d/wvDR3Eiyf +egDDiiyy29ryXWy2LCb5+FmXxzD/iO9Lio0EP8+4figw69jH2LZP/AIn9u7nOs7u6ZXQ56 +TijgF7UpUwrg7VsfOm1fjC33gdeMwAkOLA8oOTVlaYW3ZbnWYGZ6BHRV8yhohaB7XN3Hc5 +jDW6y4frmw+Vk8Om0bi6SKTPqn812NfIGSkxFZ9nQ5Z40PtFh/qX9MJQyI6yCwRGFtaARG +/8mitnoCClL47kaYHepMy4tSgfKzTFr575tRKJMnAAAFkJVexiOVXsYjAAAAB3NzaC1yc2 +EAAAGBAPnFY4F6kOaj//tid7rpylOvNfnNWKIYwVi16MoJc/hiPTDQ6FnM9bNL/Bl9QIDF +OH05B3LkArxi7zojoDRWFihioV776fD5V2uqoAyDlutkINQulcXcFDLt0Mx5VUf3cQlK7Z +WC/dpY+lEV80rQkqb4gSp6sxjCYrZcMiNgraxGSEZWJMxvUC8qRUPjXYyN3UN/OPIOoDsJ +CJ4o/i0d8ejL5DjmXl8nPo7OGEe8FpMzovyh6yWfs8Liakw9nf8Lw0dxIsn3oAw4osstva +8l1stiwm+fhZl8cw/4jvS4qNBD/PuH4oMOvYx9i2T/wCJ/bu5zrO7umV0Oek4o4Be1KVMK +4O1bHzptX4wt94HXjMAJDiwPKDk1ZWmFt2W51mBmegR0VfMoaIWge1zdx3OYw1usuH65sP +lZPDptG4ukikz6p/NdjXyBkpMRWfZ0OWeND7RYf6l/TCUMiOsgsERhbWgERv/JorZ6AgpS ++O5GmB3qTMuLUoHys0xa+e+bUSiTJwAAAAMBAAEAAAGAduOBANGxhUdNAoCVUzATcY/11k +jrRoUYCzzTaM/lFrbUP5dA8fXAgi7J+ewHtwOpZtmtdP+ZWciR7I+moyLS+zgvbcHlUiGt +ff9CnZJJVRRdGAJwojSmnLNcbufWMyJR+MVkn4UxhixSQiR7oQH0vGuPOAQdmcx1Ji5uYy +6SnGz73BcG/xSBC2JIhA8GqW+hgY5eMcHKfS9IndgPXLRjQJdEs9zb0NkiSuFI52RdLoYm +r6/2+PqymzIgvNebjBoxUeV7IGRjaXoqW7f+D5D0oRLnUb+7ueIHlxrdydtvWaTM6IBeCa +9gngve6y71eVJVuxeaXzuzxUjZqXEKQXNBJV6HQRy4uFzpJcvYcZQLAZTa6KIjXGPO8Ujw +MnIcs/YaoQMOXYR357kFSFMTQ9aN4tnzAYFnY32+R3o4NQX6nkcld9mje3F1msMosPlLOe +7AVqkqs4ebZk6F7THisTN1s7WP3mq1ogCb+JgujGRaArDULrkmOWUM5bQigAPjGDMhAAAA +wQCJSnPE7HFPLcTxXv5YvHlMdtRTLbvWtvKjMM1lMPo5rKd1gJHKJfYp16EmI9TUeFFiev +HzCHDaamzXcFs1th8u1exYxWdN4bftxBiM9QiFA3OMbl+qtBa9nSU+nOwtmRb6TP1Ai5QM +gtsqhQ6GIeeYWTtS8spFhIkQdCejb8mvGbZDvvbGO3vlddwPKJtoDWHzETje+ygRTrjqOi +4jCUuNAAyw1LFQshY9BLbCcCd+MOlvEd5wDlNALg1PdyUx/OkAAADBAP6iX1VmMMfwb2Bw +wW2ZR6QkEHsDMt1N5hBQmj5E765zou6Cxcud8/sRjfEfSrGr4m0MpqmrED4AB4lKo1GxG6 +zxO7Xrv7DwXjrj95F9cTvMEE5o4TiKh5ZB+lCNdqhb/scidMkrnFQgn3qpWAMkLIXOqG0O +rrCYMrKyjgoM0nKovZseboIAiHGmTkIJfSOiT0Lwd9rKznNugYcuZkCB3eyW+rujowIcry +Nb6AInHJh8TRoBpRpNEs+bAsfdNuJkEQAAAMEA+xxWvMfUG82ZEjRIxLIzVuEB1OihiVhN +IHYxYpz5qrqbva+fCNIKGZypqhbtf6pJUvOD1rS8OyzBUZYhPryUGRuiabMggK+RrfK0st ++fHCYbquigYgLJoODF7RUTGEE/EaXR9gJdyETSXH6K+PzNUI4bytOdgorxNnKxB6jnyNeZ +t2hY8ruoZe+I94E2Elmq9IQ9xG2UZtlZ8PviJT1Llr54p7AWmD00O6mczf95XNE7bo/ykH +as6fPnAPSssVu3AAAAGnZiYXJiYUBNYWNCb29rLVByby0yLmxvY2Fs +-----END OPENSSH PRIVATE KEY----- diff --git a/argocd.pub b/argocd.pub new file mode 100644 index 0000000..5171052 --- /dev/null +++ b/argocd.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQD5xWOBepDmo//7Yne66cpTrzX5zViiGMFYtejKCXP4Yj0w0OhZzPWzS/wZfUCAxTh9OQdy5AK8Yu86I6A0VhYoYqFe++nw+VdrqqAMg5brZCDULpXF3BQy7dDMeVVH93EJSu2Vgv3aWPpRFfNK0JKm+IEqerMYwmK2XDIjYK2sRkhGViTMb1AvKkVD412Mjd1DfzjyDqA7CQieKP4tHfHoy+Q45l5fJz6OzhhHvBaTM6L8oesln7PC4mpMPZ3/C8NHcSLJ96AMOKLLLb2vJdbLYsJvn4WZfHMP+I70uKjQQ/z7h+KDDr2MfYtk/8Aif27uc6zu7pldDnpOKOAXtSlTCuDtWx86bV+MLfeB14zACQ4sDyg5NWVphbdludZgZnoEdFXzKGiFoHtc3cdzmMNbrLh+ubD5WTw6bRuLpIpM+qfzXY18gZKTEVn2dDlnjQ+0WH+pf0wlDIjrILBEYW1oBEb/yaK2egIKUvjuRpgd6kzLi1KB8rNMWvnvm1Eokyc= vbarba@MacBook-Pro-2.local diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 1004d5d..7ed0893 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -72,7 +72,8 @@ pipelines: # --create-namespace --namespace ingress-controller\ # --version 0.13.1\ # -f k8s/haproxy/haproxy-ingress-values.yaml - + # helm upgrade -n ingress-controller -f k8s/haproxy/haproxy-ingress-values.yaml haproxy-ingress haproxy-ingress/haproxy-ingress --version 0.13.1 + # kubectl --namespace ingress-controller patch deployment haproxy-ingress -p '{"spec":{"template":{"spec":{"containers":[{"name":"haproxy-ingress","ports":[{"name":"exporter","containerPort":9105},{"name":"ingress-stats","containerPort":10254}]}]}}}}' # - step: Deploy cert-manager # helm install \ diff --git a/k8s/argocd/ingress.yaml b/k8s/argocd/ingress.yaml new file mode 100644 index 0000000..26752ec --- /dev/null +++ b/k8s/argocd/ingress.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: argocd-server-ingress + namespace: argocd + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + kubernetes.io/ingress.class: nginx + kubernetes.io/tls-acme: "true" + nginx.ingress.kubernetes.io/ssl-passthrough: "true" + # If you encounter a redirect loop or are getting a 307 response code + # then you need to force the nginx ingress to connect to the backend using HTTPS. + # + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" +spec: + rules: + - host: argocd.staging.video.jamkazam.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: argocd-server + port: + name: https + tls: + - hosts: + - argocd.staging.video.jamkazam.com + secretName: argocd-secret # do not change, this is provided by Argo CD \ No newline at end of file diff --git a/k8s/cert-manager/certificate-staging.yaml b/k8s/cert-manager/certificate-staging.yaml new file mode 100644 index 0000000..d5cafb3 --- /dev/null +++ b/k8s/cert-manager/certificate-staging.yaml @@ -0,0 +1,12 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: staging-cert +spec: + secretName: staging-cert + dnsNames: + - argocd.staging.video.jamkazam.com + - monitoring.staging.video.jamkazam.com + issuerRef: + name: letsencrypt-production + kind: ClusterIssuer \ No newline at end of file diff --git a/k8s/cert-manager/cluster-issuer-production.yaml b/k8s/cert-manager/cluster-issuer.yaml similarity index 96% rename from k8s/cert-manager/cluster-issuer-production.yaml rename to k8s/cert-manager/cluster-issuer.yaml index 7764f2f..49f83e7 100644 --- a/k8s/cert-manager/cluster-issuer-production.yaml +++ b/k8s/cert-manager/cluster-issuer.yaml @@ -16,5 +16,5 @@ spec: solvers: - http01: ingress: - class: haproxy + class: nginx diff --git a/k8s/haproxy/haproxy-ingress-values.yaml b/k8s/haproxy/haproxy-ingress-values.yaml index d856ee9..ca645d7 100644 --- a/k8s/haproxy/haproxy-ingress-values.yaml +++ b/k8s/haproxy/haproxy-ingress-values.yaml @@ -1,2 +1,3 @@ controller: - hostNetwork: true \ No newline at end of file + hostNetwork: true +prometheus-port: "9105" \ No newline at end of file diff --git a/k8s/haproxy/prometheus-service.yaml b/k8s/haproxy/prometheus-service.yaml new file mode 100644 index 0000000..efa8e0f --- /dev/null +++ b/k8s/haproxy/prometheus-service.yaml @@ -0,0 +1,13 @@ +# apiVersion: v1 +# kind: Service +# metadata: +# name: haproxy-exporter +# namespace: ingress-controller +# spec: +# ports: +# - name: exporter +# port: 9105 +# targetPort: exporter +# selector: +# app.kubernetes.io/instance: haproxy-ingress +# app.kubernetes.io/name: haproxy-ingress \ No newline at end of file diff --git a/k8s/haproxy/service-monitor.yaml b/k8s/haproxy/service-monitor.yaml new file mode 100644 index 0000000..300db76 --- /dev/null +++ b/k8s/haproxy/service-monitor.yaml @@ -0,0 +1,37 @@ +# apiVersion: monitoring.coreos.com/v1 +# kind: ServiceMonitor +# metadata: +# name: haproxy +# labels: +# app: haproxy +# release: monitoring +# spec: +# selector: +# matchLabels: +# app.kubernetes.io/instance: haproxy-ingress +# app.kubernetes.io/name: haproxy-ingress +# namespaceSelector: +# matchNames: +# - ingress-controller +# endpoints: +# - port: exporter +# path: /metrics +# interval: 30s + +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: haproxy + labels: + app: haproxy + release: monitoring +spec: + selector: + matchLabels: + app.kubernetes.io/instance: haproxy-ingress + app.kubernetes.io/name: haproxy-ingress + namespaceSelector: + matchNames: + - ingress-controller + podMetricsEndpoints: + - port: exporter \ No newline at end of file diff --git a/k8s/monitoring/alertmanager-config.yaml b/k8s/monitoring/alertmanager-config.yaml new file mode 100644 index 0000000..3c4fbc0 --- /dev/null +++ b/k8s/monitoring/alertmanager-config.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: slack-url + namespace: monitoring +data: + apiUrl: aHR0cHM6Ly9ob29rcy5zbGFjay5jb20vc2VydmljZXMvVDBMNVJBM0UwL0IwMVNNOFJDMzQ2L1hERE9yY1BFN2VBWEpQTUN2YzVGeEl2YQ== +--- +apiVersion: monitoring.coreos.com/v1alpha1 +kind: AlertmanagerConfig +metadata: + name: slack + namespace: monitoring + labels: + alertmanagerConfig: slack +spec: + route: + groupBy: ['alertname'] + groupWait: 30s + groupInterval: 5m + repeatInterval: 12h + receiver: 'slack-notifications' + receivers: + - name: 'slack-notifications' + slackConfigs: + - apiURL: + name: slack-url + key: apiUrl + channel: '#monitoring-alerts' + iconURL: 'https://avatars3.githubusercontent.com/u/3380462' + sendResolved: true + title: '[{{ .Status | toUpper }}{{ if eq .Status "firing" }}:{{ .Alerts.Firing | len }}{{ end }}] Monitoring Event Notification' + text: >- + {{ range .Alerts }} + *Alert:* {{ .Annotations.summary }} - `{{ .Labels.severity }}` + *Description:* {{ .Annotations.description }} + *Graph:* <{{ .GeneratorURL }}|:chart_with_upwards_trend:> *Runbook:* <{{ .Annotations.runbook }}|:spiral_note_pad:> + *Details:* + {{ range .Labels.SortedPairs }} • *{{ .Name }}:* `{{ .Value }}` + {{ end }} + {{ end }} \ No newline at end of file diff --git a/k8s/monitoring/prometheus-rules.yaml b/k8s/monitoring/prometheus-rules.yaml new file mode 100644 index 0000000..42350c7 --- /dev/null +++ b/k8s/monitoring/prometheus-rules.yaml @@ -0,0 +1,14 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + creationTimestamp: null + labels: + prometheus: example + role: alert-rules + name: prometheus-example-rules +spec: + groups: + - name: ./example.rules + rules: + - alert: ExampleAlert + expr: vector(1) \ No newline at end of file diff --git a/k8s/stg-video-cluster-kubeconfig.yaml b/k8s/stg-video-cluster-kubeconfig.yaml index d51a180..1121a49 100644 --- a/k8s/stg-video-cluster-kubeconfig.yaml +++ b/k8s/stg-video-cluster-kubeconfig.yaml @@ -1,25 +1,25 @@ - apiVersion: v1 kind: Config preferences: {} clusters: - cluster: - certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1EWXhOakUyTXpreU1sb1hEVE14TURZeE5ERTJNemt5TWxvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBS2ZBClJFVzlLNUhUMlRSbWxkTE45OUxzLzhiN2ZPVDZJckhqL3F1ZERZWVhBbFN4dG41aVMvYTdVM3BxckZ2VXhIZ0UKL1ZZM2xyWVFYM1VTYkswTjdVZU04OVV3QWs1Y2p0N3pXbTBhOVJrZThJeXFKZGt1QUtSdGlQYUNDc2pDdHovLwozVGRuei9NRStCSSsvOEc2MmRjVVBoL0Z3U3ZHeVV3M1ZrWG9qK0RMV1VwOUhid1kxRkxlYXlwMC9mWUtZdzdQCnh6UUhPZ3dFS1VyaENlWE83Yzg4Tm4wdlVVOHFLbmZpbmNINjFXVGhxQU5zVkMySTRxWUVjOExWSy9TYmtqdkYKL0ZhWDRKVXBxY0w2THgyd1A2L3U0ejQxYmVsUWJtUW5XZ3d1RHc4dDU4eXB6OGZzZWxCRS92di9sVEZOeVVzWApvSVdicEY2K2hlWHJudE1GWWlVQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZDSXpORCtMbUxQT1k5U0Jxc0kvTVgxajkxYVFNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFBWW5jeFk4YTNiak8wZWp2Qy9BQVhvS09va1B4dnZKcEpiZTdnT1NmM2EwcDR0bmcxdgpQV1lOZmlKalZhL20ySHJPWlF6cW9qVTJKZmtqT09vcmlIYnFCM2Z2M2h6MFNidW1pR1Y5bHpwUXhwSFFrUUFJCldJYjJ3ek5EQmQ0YTVITmRmR1VCaWxaZC9zR3k2Q21qNTRxZHpHSm5xWThJUDkrUXhESUl0UStqSGQ1ZitYdGMKYXh0eEpvVjB3cjIzVkp0MjZJQjExMUJPZW02UmZOeHVDNkdtdUVSYWRBLzA1M0lQSEhyMVZ4UXFFVTNXWjJNMwpJZEEzSmt3RWU1dTdUbFhCT0RRdVJuWGdwUHZGMk9mY2dDajZETUVrdXNnT2tVUWxPdG4ycUt5VVNLdUlZRko1CjQrVFNma2FmSGw2aU5lSTFGcGpWbkdoSDZNZ0RaWXd2ZC9QTwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - server: https://9a870b0b-5da8-4282-9100-06d7be6a8920.cpc1-us-central.linodelke.net:443 - name: lke29062 + certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeE1UQXlOekUyTlRnd01Wb1hEVE14TVRBeU5URTJOVGd3TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTVpmCjFKbEg3Q3hrR1J0emlsVXJBSEc5R0p4WVFKaWJlSlRpM3I2Vkg2cFpBL1k0SXZJTjZpTjJKcTl1UmtPV2I0Z3UKcW00dG4rSTdicDRhTU43UTBoYnBUVUoyQnFmRjdMd2IvOTJMS2QzK0EvUVJ3eEs1ZUxtY1k0WERaQmdhOUxlTAo1V2VoUCtaOG5nWkpTWGRGTHgrclVoY2xLbUovZ0VqL0VFQ0hhWlI3YWhsU3FUcGFJbDZEVjdtc09veGMvYUNvClV2d3lIZmw5Rjgva21LU0cxVGJVM0N0ME9LWGpTZEl5NjQrRTJQK05BZElYYmU4SWJQYmJFcG8xdzBCcFB4QXcKa3E3QnF4dC9oM0puaUpBRG1LVmlreDBXY3A0ZTh0RkpHV3VCenFEdVpOdnlnQ0o5VFhLTktYQ2pEUkIxZ0lOdwpiUjF4bjF4NlNUaDZUS0lUaHhNQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZDcFlVWHRlUVdONjJnMjNhNGphNXNqSkwyRmJNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFBSUtuWnI0N0lSUllxUVE3cWpyeFNHWERHK2VLUmVaSVlmWWc0YmthRXlYRC92NGFGbAp2bHg5cmxWYU1FQmRNN1JNY1FlNUNYYnFhQ0RISVlEeHFEOGVDR2dDSUVPUUcrK0VjYmIwWjkwK1lBOUZVZklNCmtNanhnV2hRaEhIeWltZHlpdzJncGs2MDJoWUxaZ1grMENySEpzNk8zSHBpSUFjUGhZc0JnclpoRUxCV1l6aHgKV21SckRldG9ZazhOMktJRmphMzYvWjhvcUZKK3Bxa09yZ0dxYm80SGhWNDVNMmZCckZJcGNQMi9wUEpjMDJERwpNWnNkL3ozWmFZSXR2MDBPMG5GNDVpYk5wTHBBMjZBZFRPS2RsUXZTY0haQ0h3WUlQNytHUmI3am5lQSt1Z2hjClQ3UFNHSVhmd2tRd04razBDdkpmYk9yaVhLSUtXWnZ3bHE1aAotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + server: https://c2c3b4c8-3f99-4b1c-b611-2f938ec8bb8c.cpc1-us-central.linodelke.net:443 + name: lke41285 users: -- name: lke29062-admin +- name: lke41285-admin user: as-user-extra: {} - token: eyJhbGciOiJSUzI1NiIsImtpZCI6ImNjbnpYTTk1VWdmZ0YzV3B2RzR1eUYtdmtRWEF4Z2xFZTFPMlJGSThMak0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJsa2UtYWRtaW4tdG9rZW4tbmQ4Y3QiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibGtlLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiNTE5ODFmNDEtZjMyYi00M2JjLWJhNDctOTRmOGE4ZDQxMjllIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmxrZS1hZG1pbiJ9.Ma62VuZAFxaMW-rpgnNlg6-ur3y7yCue841m3sNgO_kn6ISr2VUDqDAgXIqyc6LP3qhuIf_h6dVAqAPVHhQGnSRtK_q5b_n96A90VBwY5iYkhx4RF_uqxXmkYwG1-01YMctsTN2mPvnllruNF9z0ZxMiGaF4lbSZczM-L4Rwwt-5SlzBelPvPosUqQWfzrNVMO83YBK5Wk6pO_GXpFC1TAkBDe7oridIA9H8MD_qpqoNo76ZmVXxp9XGc0w0BM9ZRYsnSUNxl_Yha_D7V4pTU5GSFrn0MaNNHZGd2UFPU0fkHcLudE7cqGqlvawXA3AWKBC3La9Dl9rGNBPlAHtf7A + token: eyJhbGciOiJSUzI1NiIsImtpZCI6InVPOEdJV1FnZkVJWU1DQVNCRFJPOVVkVV93ZEhUZEE2LWJOZWlNenlhWHcifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJsa2UtYWRtaW4tdG9rZW4tMmptOGwiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoibGtlLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiMzlmOTFmOWQtZjQ1My00YzZlLWFlY2QtZTI3ZWQ0Mjg5ZDk0Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmxrZS1hZG1pbiJ9.JnUUn57SgkH5ljg2npSyaSCxr9VyKtH3hdfsgOlaqHcKjiRKetXXE57ipTBIkrE7U7me0ClHjR2UeZX09gcRRILdfElABdVRhi8z-KvGj9DKwLPfbdWHEYniT0xfTe0w-Li1d2BZpyePjPFWudoEKvlmWojBaNTOsdfGfuah-ZUMnmFORuELz3ie2D2U0X-vTR8UuqsPt1A9PJ0fKbDRyiYK5wmzRMaHg0k9IoLdZB4tgxaEvcv0Oj8xIbT4R8qy4lTPxs3R9A_ZvmTbZdY_AKj4GTcqYDrQefntAOgOEnkKQzq50_rzaSop28kXVR5Vx5_2jGi3CkjdWjedV-r_xg contexts: - context: - cluster: lke29062 + cluster: lke41285 namespace: default - user: lke29062-admin - name: lke29062-ctx + user: lke41285-admin + name: lke41285-ctx + +current-context: lke41285-ctx -current-context: lke29062-ctx diff --git a/monitoring.json b/monitoring.json new file mode 100644 index 0000000..dbf7c7f --- /dev/null +++ b/monitoring.json @@ -0,0 +1,129 @@ +{ + "apiVersion": "v1", + "kind": "Namespace", + "metadata": { + "creationTimestamp": "2021-08-27T17:08:28Z", + "deletionTimestamp": "2021-09-02T17:45:13Z", + "labels": { + "kubernetes.io/metadata.name": "monitoring" + }, + "managedFields": [ + { + "apiVersion": "v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:metadata": { + "f:labels": { + ".": {}, + "f:kubernetes.io/metadata.name": {} + } + } + }, + "manager": "kubectl-create", + "operation": "Update", + "time": "2021-08-27T17:08:28Z" + }, + { + "apiVersion": "v1", + "fieldsType": "FieldsV1", + "fieldsV1": { + "f:status": { + "f:conditions": { + ".": {}, + "k:{\"type\":\"NamespaceContentRemaining\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"NamespaceDeletionContentFailure\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"NamespaceDeletionDiscoveryFailure\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"NamespaceDeletionGroupVersionParsingFailure\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + }, + "k:{\"type\":\"NamespaceFinalizersRemaining\"}": { + ".": {}, + "f:lastTransitionTime": {}, + "f:message": {}, + "f:reason": {}, + "f:status": {}, + "f:type": {} + } + } + } + }, + "manager": "kube-controller-manager", + "operation": "Update", + "time": "2021-09-02T17:45:49Z" + } + ], + "name": "monitoring", + "resourceVersion": "4164219", + "uid": "2569dafe-71aa-4425-9e03-4031b0337ce0" + }, + "spec": { + "finalizers": [ + ] + }, + "status": { + "conditions": [ + { + "lastTransitionTime": "2021-09-02T17:45:23Z", + "message": "Discovery failed for some groups, 1 failing: unable to retrieve the complete list of server APIs: metrics.k8s.io/v1beta1: the server is currently unable to handle the request", + "reason": "DiscoveryFailed", + "status": "True", + "type": "NamespaceDeletionDiscoveryFailure" + }, + { + "lastTransitionTime": "2021-09-02T17:45:49Z", + "message": "All legacy kube types successfully parsed", + "reason": "ParsedGroupVersions", + "status": "False", + "type": "NamespaceDeletionGroupVersionParsingFailure" + }, + { + "lastTransitionTime": "2021-09-02T17:47:34Z", + "message": "All content successfully deleted, may be waiting on finalization", + "reason": "ContentDeleted", + "status": "False", + "type": "NamespaceDeletionContentFailure" + }, + { + "lastTransitionTime": "2021-09-02T17:47:34Z", + "message": "All content successfully removed", + "reason": "ContentRemoved", + "status": "False", + "type": "NamespaceContentRemaining" + }, + { + "lastTransitionTime": "2021-09-02T17:45:51Z", + "message": "All content-preserving finalizers finished", + "reason": "ContentHasNoFinalizers", + "status": "False", + "type": "NamespaceFinalizersRemaining" + } + ], + "phase": "Terminating" + } +} diff --git a/terraform/lke.tf b/terraform/lke.tf index bf6e232..37eaf7e 100644 --- a/terraform/lke.tf +++ b/terraform/lke.tf @@ -1,18 +1,18 @@ -resource "linode_lke_cluster" "my-cluster" { - label = "video-cluster" +resource "linode_lke_cluster" "stg-video-cluster" { + label = "stg-video-cluster" k8s_version = "1.21" region = "us-central" tags = ["staging"] pool { type = "g6-standard-2" - count = 3 + count = 1 } # WebRTC-BE pool pool { type = "g6-standard-2" - count = 3 + count = 1 } # Coturn pool pool {