diff --git a/EjemploIngress/wp/creaTodo.sh b/EjemploIngress/wp/creaTodo.sh new file mode 100755 index 00000000..4b98cc0b --- /dev/null +++ b/EjemploIngress/wp/creaTodo.sh @@ -0,0 +1,4 @@ +kubectl create -f pv-local-mysql.yaml +kubectl create -f pv-local-wordpress.yaml +kubectl create -k ./ +#watch kubectl get all -n wordpress diff --git a/EjemploIngress/wp/entra.sh b/EjemploIngress/wp/entra.sh new file mode 100755 index 00000000..51dd5bb8 --- /dev/null +++ b/EjemploIngress/wp/entra.sh @@ -0,0 +1 @@ +kubectl exec -ti deployment.apps/wordpress -n wordpress -- /bin/bash diff --git a/EjemploIngress/wp/ingress.yaml b/EjemploIngress/wp/ingress.yaml new file mode 100644 index 00000000..70a80c74 --- /dev/null +++ b/EjemploIngress/wp/ingress.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: wordpress-ingress + namespace: wordpress-ingress + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/use-regex: "true" + nginx.ingress.kubernetes.io/rewrite-target: /$2 +spec: + ingressClassName: nginx + rules: + - host: k8s-server + http: + paths: + - path: /wordpress(/|$)(.*) + pathType: Prefix + backend: + service: + name: wordpress-ingress + port: + number: 80 + diff --git a/EjemploIngress/wp/kustomization.yaml b/EjemploIngress/wp/kustomization.yaml new file mode 100644 index 00000000..e5b094e7 --- /dev/null +++ b/EjemploIngress/wp/kustomization.yaml @@ -0,0 +1,7 @@ +resources: + - wp-namespace.yaml + - wordpress-secrets.yaml + - registry-secrets.yaml + - mysql-deployment.yaml + - wordpress-deployment.yaml + - php-deployment.yaml diff --git a/EjemploIngress/wp/mysql-deployment.yaml b/EjemploIngress/wp/mysql-deployment.yaml new file mode 100644 index 00000000..0a5d3a72 --- /dev/null +++ b/EjemploIngress/wp/mysql-deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Service +metadata: + name: wordpress-ingress-mysql + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + ports: + - port: 3306 + selector: + app: wordpress-ingress + tier: mysql + clusterIP: None +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mysql-wp-ingress-pv-claim + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wordpress-ingress-mysql + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + selector: + matchLabels: + app: wordpress-ingress + tier: mysql + strategy: + type: Recreate + template: + metadata: + labels: + app: wordpress-ingress + tier: mysql + spec: + containers: + - image: docker-registry:32000/mariadb:1.0 + name: mysql + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysqlwp-pass + key: password + ports: + - containerPort: 3306 + name: mysql + volumeMounts: + - name: mysql-persistent-storage + mountPath: /var/lib/mysql + imagePullSecrets: + - name: reg-cred-secret + volumes: + - name: mysql-persistent-storage + persistentVolumeClaim: + claimName: mysql-wp-ingress-pv-claim diff --git a/EjemploIngress/wp/paraTodo.sh b/EjemploIngress/wp/paraTodo.sh new file mode 100755 index 00000000..b6a57b7a --- /dev/null +++ b/EjemploIngress/wp/paraTodo.sh @@ -0,0 +1,3 @@ +kubectl delete -k ./ +kubectl delete -f pv-local-mysql.yaml +kubectl delete -f pv-local-wordpress.yaml diff --git a/EjemploIngress/wp/php-deployment.yaml b/EjemploIngress/wp/php-deployment.yaml new file mode 100644 index 00000000..f03882fb --- /dev/null +++ b/EjemploIngress/wp/php-deployment.yaml @@ -0,0 +1,55 @@ +apiVersion: v1 +kind: Service +metadata: + name: phpmyadmin-wordpress-ingress + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + selector: + app: wordpress-ingress + tier: phpmyadmin + type: NodePort + ports: + - name: phpadmin + port: 80 + targetPort: phpmyadm +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: phpmyadmin-wordpress-ingress + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + selector: + matchLabels: + app: wordpress-ingress + tier: phpmyadmin + strategy: + type: Recreate + template: + metadata: + labels: + app: wordpress-ingress + tier: phpmyadmin + spec: + containers: + - name: phpmyadmin + image: docker-registry:32000/phpmyadmin:1.0 + ports: + - containerPort: 80 + name: phpmyadm + env: + - name: PMA_HOST + value: wordpress-ingress-mysql + - name: PMA_PORT + value: "3306" + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysqlwp-pass + key: password + imagePullSecrets: + - name: reg-cred-secret diff --git a/EjemploIngress/wp/pv-local-mysql.yaml b/EjemploIngress/wp/pv-local-mysql.yaml new file mode 100644 index 00000000..241f738a --- /dev/null +++ b/EjemploIngress/wp/pv-local-mysql.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: wp-ingress-data +spec: + capacity: + storage: 20Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/Externo/wordpress/wordpress-db" diff --git a/EjemploIngress/wp/pv-local-wordpress.yaml b/EjemploIngress/wp/pv-local-wordpress.yaml new file mode 100644 index 00000000..6fe910df --- /dev/null +++ b/EjemploIngress/wp/pv-local-wordpress.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: wp-ingress-folder +spec: + capacity: + storage: 10Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/Externo/wordpress/wordpress-wp" + diff --git a/EjemploIngress/wp/registry-secrets.yaml b/EjemploIngress/wp/registry-secrets.yaml new file mode 100644 index 00000000..b350ff21 --- /dev/null +++ b/EjemploIngress/wp/registry-secrets.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +data: + .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXItcmVnaXN0cnk6MzIwMDAiOnsidXNlcm5hbWUiOiJjcmV5bG9wZXoiLCJwYXNzd29yZCI6IlJleS0xMTc2IiwiYXV0aCI6IlkzSmxlV3h2Y0dWNk9sSmxlUzB4TVRjMiJ9fX0= +kind: Secret +metadata: + creationTimestamp: "2023-01-29T10:54:14Z" + name: reg-cred-secret + namespace: wordpress-ingress + resourceVersion: "19890385" + uid: 66b3b7c5-26c1-4e5a-af4e-dc973aaafe4b +type: kubernetes.io/dockerconfigjson diff --git a/EjemploIngress/wp/wordpress-deployment.yaml b/EjemploIngress/wp/wordpress-deployment.yaml new file mode 100644 index 00000000..ac8a123e --- /dev/null +++ b/EjemploIngress/wp/wordpress-deployment.yaml @@ -0,0 +1,77 @@ +apiVersion: v1 +kind: Service +metadata: + name: wordpress-ingress + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + type: ClusterIP + ports: + - port: 80 + selector: + app: wordpress-ingress + tier: frontend +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: wp-ingress-pv-claim + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + accessModes: + - ReadWriteOnce + storageClassName: "" + resources: + requests: + storage: 10Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wordpress-ingress + namespace: wordpress-ingress + labels: + app: wordpress-ingress +spec: + selector: + matchLabels: + app: wordpress-ingress + tier: frontend + strategy: + type: Recreate + template: + metadata: + labels: + app: wordpress-ingress + tier: frontend + spec: + containers: + - image: docker-registry:32000/wordpress:1.0 + name: wordpress-ingress + env: + - name: WORDPRESS_DB_HOST + value: wordpress-ingress-mysql + - name: WORDPRESS_DB_PASSWORD + valueFrom: + secretKeyRef: + name: mysqlwp-pass + key: password + - name: WORDPRESS_DB_USER + valueFrom: + secretKeyRef: + name: mysqlwp-pass + key: db_user + ports: + - containerPort: 80 + volumeMounts: + - name: wordpress-ingress-persistent-storage + mountPath: /var/www/html + imagePullSecrets: + - name: reg-cred-secret + volumes: + - name: wordpress-ingress-persistent-storage + persistentVolumeClaim: + claimName: wp-ingress-pv-claim diff --git a/EjemploIngress/wp/wordpress-secrets.yaml b/EjemploIngress/wp/wordpress-secrets.yaml new file mode 100644 index 00000000..75d68791 --- /dev/null +++ b/EjemploIngress/wp/wordpress-secrets.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mysqlwp-pass + namespace: wordpress-ingress +data: + password: RHNhLTAyMTM= + db_user: cm9vdA== + db_passwd: RHNhLTAyMTM= diff --git a/EjemploIngress/wp/wp-ingress.yaml b/EjemploIngress/wp/wp-ingress.yaml new file mode 100644 index 00000000..29a049a7 --- /dev/null +++ b/EjemploIngress/wp/wp-ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: wordpress-ingress + namespace: wordpress + annotations: + ingress.kubernetes.io/rewrite-target: / +spec: + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: wordpress + port: + number: 80 diff --git a/EjemploIngress/wp/wp-namespace.yaml b/EjemploIngress/wp/wp-namespace.yaml new file mode 100644 index 00000000..b0b0ef43 --- /dev/null +++ b/EjemploIngress/wp/wp-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: wordpress-ingress diff --git a/HelmCharts/helmMiweb.sh b/HelmCharts/helmMiweb.sh index 27b3836d..ca1f3110 100644 --- a/HelmCharts/helmMiweb.sh +++ b/HelmCharts/helmMiweb.sh @@ -3,12 +3,12 @@ if [ "$1" = "i" ] then kubectl apply -f ./preparaMiweb/pv-local-miweb.yaml - kubectl apply -f ./preparaMiweb/pv-local-miweb-certbot.yaml - kubectl apply -f ./preparaMiweb/pv-local-miweb-conf.yaml + #kubectl apply -f ./preparaMiweb/pv-local-miweb-certbot.yaml + #kubectl apply -f ./preparaMiweb/pv-local-miweb-conf.yaml helm install miweb miweb-chart/ else helm uninstall miweb kubectl delete -f ./preparaMiweb/pv-local-miweb.yaml - kubectl delete -f ./preparaMiweb/pv-local-miweb-certbot.yaml - kubectl delete -f ./preparaMiweb/pv-local-miweb-conf.yaml + #kubectl delete -f ./preparaMiweb/pv-local-miweb-certbot.yaml + #kubectl delete -f ./preparaMiweb/pv-local-miweb-conf.yaml fi diff --git a/HelmCharts/miweb-chart/templates/miweb-deployment.yaml b/HelmCharts/miweb-chart/templates/miweb-deployment.yaml index 454b3d59..84eeaa94 100644 --- a/HelmCharts/miweb-chart/templates/miweb-deployment.yaml +++ b/HelmCharts/miweb-chart/templates/miweb-deployment.yaml @@ -26,20 +26,6 @@ spec: requests: storage: 2Gi --- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: miweb-conf-pv-claim - labels: - app: miweb -spec: - accessModes: - - ReadWriteMany - storageClassName: "" - resources: - requests: - storage: 100M ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -70,14 +56,9 @@ spec: volumeMounts: - name: miweb-www-folder mountPath: /usr/share/nginx/html - - name: miweb-conf-folder - mountPath: /etc/nginx/conf.d imagePullSecrets: - name: reg-cred-secret volumes: - name: miweb-www-folder persistentVolumeClaim: claimName: miweb-pv-claim - - name: miweb-conf-folder - persistentVolumeClaim: - claimName: miweb-conf-pv-claim diff --git a/HelmCharts/miweb-chart/templates/certbot-deployment.yaml b/HelmCharts/preparaMiweb/certbot-deployment.yaml similarity index 100% rename from HelmCharts/miweb-chart/templates/certbot-deployment.yaml rename to HelmCharts/preparaMiweb/certbot-deployment.yaml diff --git a/HelmCharts/preparaMiweb/miweb-ingress.yaml b/HelmCharts/preparaMiweb/miweb-ingress.yaml new file mode 100644 index 00000000..6dccd30e --- /dev/null +++ b/HelmCharts/preparaMiweb/miweb-ingress.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: miweb-ingress + namespace: default +spec: + ingressClassName: nginx + tls: + - hosts: + - reymota.ddns.net + secretName: ingress-cert + rules: + - host: "reymota.ddns.net" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: miweb + port: + number: 80 diff --git a/HelmCharts/preparaMiweb/pv-local-miweb.yaml b/HelmCharts/preparaMiweb/pv-local-miweb.yaml index 10be64f1..800fac9b 100644 --- a/HelmCharts/preparaMiweb/pv-local-miweb.yaml +++ b/HelmCharts/preparaMiweb/pv-local-miweb.yaml @@ -8,4 +8,4 @@ spec: accessModes: - ReadWriteMany hostPath: - path: "/mnt/cluster/miweb/www" + path: "/mnt/cluster/nginx" diff --git a/HelmCharts/preparaVaultwarden/vaultwarden-ingress.yaml b/HelmCharts/preparaVaultwarden/vaultwarden-ingress.yaml new file mode 100644 index 00000000..ad571cd4 --- /dev/null +++ b/HelmCharts/preparaVaultwarden/vaultwarden-ingress.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: vaultwarden-ingress + namespace: vaultwarden +spec: + ingressClassName: nginx + tls: + - hosts: + - reymota.ddns.net + secretName: ingress-cert + rules: + - host: "reymota.ddns.net" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: vaultwarden + port: + number: 80 diff --git a/Martin/Dockerfile b/Martin/Dockerfile new file mode 100644 index 00000000..61b68fde --- /dev/null +++ b/Martin/Dockerfile @@ -0,0 +1,4 @@ +FROM php:7.4-fpm +RUN mkdir /app +WORKDIR /app +COPY src . diff --git a/Martin/cert-issuer.yaml b/Martin/cert-issuer.yaml new file mode 100644 index 00000000..2323ab40 --- /dev/null +++ b/Martin/cert-issuer.yaml @@ -0,0 +1,15 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod-site + namespace: cert-manager +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + email: king.bernard.b@gmail.com + privateKeySecretRef: + name: letsencrypt-prod-site + solvers: + - http01: + ingress: + class: nginx diff --git a/Martin/comprobarVersionIngres.sh b/Martin/comprobarVersionIngres.sh new file mode 100644 index 00000000..8a55ed36 --- /dev/null +++ b/Martin/comprobarVersionIngres.sh @@ -0,0 +1,3 @@ +POD_NAMESPACE=ingress-nginx +POD_NAME=$(kubectl get pods -n $POD_NAMESPACE -l app.kubernetes.io/name=ingress-nginx --field-selector=status.phase=Running -o name) +kubectl exec $POD_NAME -n $POD_NAMESPACE -- /nginx-ingress-controller --version diff --git a/Martin/config.yaml b/Martin/config.yaml new file mode 100644 index 00000000..c5860269 --- /dev/null +++ b/Martin/config.yaml @@ -0,0 +1,27 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: nginx-config +data: + nginx.conf: | + events { + } + http { + server { + listen 80 default_server; + listen [::]:80 default_server; + + root /var/www/html; + index index.html index.htm index.php; + server_name _; + location / { + try_files $uri $uri/ =404; + } + location ~ \.php$ { + include fastcgi_params; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass 127.0.0.1:9000; + } + } + } diff --git a/Martin/deployment.yaml b/Martin/deployment.yaml new file mode 100644 index 00000000..47ee351c --- /dev/null +++ b/Martin/deployment.yaml @@ -0,0 +1,72 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: deployment + labels: + name: deployment +spec: + replicas: 3 + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 1 + maxUnavailable: 2 + selector: + matchLabels: + name: templated-pod + template: + metadata: + name: deployment-template + labels: + name: templated-pod + spec: + volumes: + - name: app-files + emptyDir: {} + + - name: nginx-config-volume + configMap: + name: nginx-config + + containers: + - image: docker-registry:32000/creylopez/kphp:v1 + name: app + volumeMounts: + - name: app-files + mountPath: /var/www/html + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "cp -r /app/. /var/www/html"] + resources: + limits: + cpu: 100m + requests: + cpu: 50m + + + - image: nginx:latest + name: nginx + volumeMounts: + - name: app-files + mountPath: /var/www/html + - name: nginx-config-volume + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + resources: + limits: + cpu: 100m + requests: + cpu: 50m + + ports: + - containerPort: 80 + readinessProbe: + httpGet: + path: / + port: 80 + initialDelaySeconds: 3 + periodSeconds: 3 + successThreshold: 1 + imagePullSecrets: + - name: reg-cred-secret diff --git a/Martin/ingress.yaml b/Martin/ingress.yaml new file mode 100644 index 00000000..845b8c69 --- /dev/null +++ b/Martin/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ingress + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt-prod-site" +spec: + tls: + - hosts: + - reymota.ddns.net + secretName: site-tls + + rules: + - host: reymota.ddns.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: service-loadbalancer + port: + number: 80 + diff --git a/Martin/instalaCertManager.sh b/Martin/instalaCertManager.sh new file mode 100644 index 00000000..bbccb1df --- /dev/null +++ b/Martin/instalaCertManager.sh @@ -0,0 +1 @@ +kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml diff --git a/Martin/instalaIngressController.sh b/Martin/instalaIngressController.sh new file mode 100644 index 00000000..f5481169 --- /dev/null +++ b/Martin/instalaIngressController.sh @@ -0,0 +1 @@ +kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.5.1/deploy/static/provider/baremetal/deploy.yaml diff --git a/Martin/service-loadbalancer.yaml b/Martin/service-loadbalancer.yaml new file mode 100644 index 00000000..198bb2e0 --- /dev/null +++ b/Martin/service-loadbalancer.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: service-loadbalancer +spec: + selector: + name: templated-pod + + type: ClusterIP + ports: + - name: http + nodePort: null + port: 80 + targetPort: 80 + protocol: TCP + + # type: LoadBalancer + # ports: + # - port: 80 + # targetPort: 80 + # externalIPs: + # - 192.168.1.147 diff --git a/Martin/service-loadbalancer.yaml.antesTLS b/Martin/service-loadbalancer.yaml.antesTLS new file mode 100644 index 00000000..8c1d34a9 --- /dev/null +++ b/Martin/service-loadbalancer.yaml.antesTLS @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: service-loadbalancer +spec: + selector: + name: templated-pod + ports: + - port: 80 + targetPort: 80 + + type: LoadBalancer + externalIPs: + - 192.168.1.147 diff --git a/Martin/src/index.php b/Martin/src/index.php new file mode 100644 index 00000000..61ace196 --- /dev/null +++ b/Martin/src/index.php @@ -0,0 +1,2 @@ +