From 3017bd75f414d5f95c6d0a3b2c876c21c287dd1b Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 16:54:19 +0200 Subject: [PATCH 1/7] feat(k8s-manifests): added yamls for prod --- k8s-manifests/base/dmbc05/configmap.yaml | 23 +++++++ k8s-manifests/base/dmbc05/deployment.yaml | 65 +++++++++++++++++++ k8s-manifests/base/dmbc05/kustomization.yaml | 5 ++ .../base/dmbc05/persistentvolumeclaim.yaml | 14 ++++ k8s-manifests/base/dmbc05/secret.yaml | 12 ++++ k8s-manifests/base/kustomization.yaml | 1 + k8s-manifests/prod01/kustomization.yaml | 29 +++++++++ .../prod01/patches/dmbc00-common/ingress.yaml | 42 ++++++++++++ .../prod01/patches/dmbc00-common/secret.yaml | 13 ++++ .../prod01/patches/dmbc01/deployment.yaml | 31 +++++++++ .../prod01/patches/dmbc01/node-affinity.yaml | 18 +++++ .../prod01/patches/dmbc02/deployment.yaml | 31 +++++++++ .../prod01/patches/dmbc02/node-affinity.yaml | 18 +++++ .../prod01/patches/dmbc03/deployment.yaml | 31 +++++++++ .../prod01/patches/dmbc03/node-affinity.yaml | 18 +++++ .../prod01/patches/dmbc04/deployment.yaml | 31 +++++++++ .../prod01/patches/dmbc04/node-affinity.yaml | 18 +++++ .../prod01/patches/dmbc05/deployment.yaml | 31 +++++++++ .../prod01/patches/dmbc05/node-affinity.yaml | 18 +++++ k8s-manifests/stage01/kustomization.yaml | 2 +- 20 files changed, 450 insertions(+), 1 deletion(-) create mode 100644 k8s-manifests/base/dmbc05/configmap.yaml create mode 100644 k8s-manifests/base/dmbc05/deployment.yaml create mode 100644 k8s-manifests/base/dmbc05/kustomization.yaml create mode 100644 k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml create mode 100644 k8s-manifests/base/dmbc05/secret.yaml create mode 100644 k8s-manifests/prod01/kustomization.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc00-common/ingress.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc00-common/secret.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc01/deployment.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc01/node-affinity.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc02/deployment.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc02/node-affinity.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc03/deployment.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc03/node-affinity.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc04/deployment.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc04/node-affinity.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc05/deployment.yaml create mode 100644 k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml diff --git a/k8s-manifests/base/dmbc05/configmap.yaml b/k8s-manifests/base/dmbc05/configmap.yaml new file mode 100644 index 00000000..6a810017 --- /dev/null +++ b/k8s-manifests/base/dmbc05/configmap.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: v1 +data: + config.toml: | + [api] + current_node = "node05" + address = "0.0.0.0:8000" + private_address = "0.0.0.0:8001" + peer_address = "0.0.0.0:2000" + peers = [] + keys_path = "./var/keys" + is_validator = false + [db] + path = "./var/db" + [nats] + enabled = false + [service_discovery] + address = "dmbc-discovery:3000/nodes" +kind: ConfigMap +metadata: + name: dmbc05-config + labels: + app: dmbc05 \ No newline at end of file diff --git a/k8s-manifests/base/dmbc05/deployment.yaml b/k8s-manifests/base/dmbc05/deployment.yaml new file mode 100644 index 00000000..25c6606f --- /dev/null +++ b/k8s-manifests/base/dmbc05/deployment.yaml @@ -0,0 +1,65 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc05 + labels: + app: dmbc05 + dmbc: "true" +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: dmbc05 + strategy: + type: Recreate + template: + metadata: + name: dmbc05 + labels: + app: dmbc05 + dmbc: "true" + spec: + containers: + - name: dmarket-blockchain + image: globalgames/dmarket-blockchain:latest + imagePullPolicy: Always + env: + - name: RUST_LOG + value: info + - name: RUST_BACKTRACE + value: "1" + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + ports: + - containerPort: 8000 + protocol: TCP + volumeMounts: + - mountPath: /src/app/var/keys + name: dmbc05-keys + - mountPath: /src/app/var/db + name: dmbc05 + - mountPath: /src/app/etc + name: dmbc05-config + dnsPolicy: ClusterFirst + imagePullSecrets: + - name: dockerhub + restartPolicy: Always + terminationGracePeriodSeconds: 30 + volumes: + - name: dmbc05 + persistentVolumeClaim: + claimName: dmbc05 + - name: dmbc05-keys + secret: + defaultMode: 420 + secretName: dmbc05-keys + - configMap: + defaultMode: 420 + name: dmbc05-config + name: dmbc05-config + diff --git a/k8s-manifests/base/dmbc05/kustomization.yaml b/k8s-manifests/base/dmbc05/kustomization.yaml new file mode 100644 index 00000000..1676d7d2 --- /dev/null +++ b/k8s-manifests/base/dmbc05/kustomization.yaml @@ -0,0 +1,5 @@ +resources: + - deployment.yaml + - configmap.yaml + - secret.yaml + - persistentvolumeclaim.yaml diff --git a/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml b/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml new file mode 100644 index 00000000..d9a3dcd4 --- /dev/null +++ b/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dmbc05 + labels: + app: dmbc05 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: ssd \ No newline at end of file diff --git a/k8s-manifests/base/dmbc05/secret.yaml b/k8s-manifests/base/dmbc05/secret.yaml new file mode 100644 index 00000000..a363fded --- /dev/null +++ b/k8s-manifests/base/dmbc05/secret.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +data: + consensus: ODI3ZTZmOWZlYzYxMGYzMWM0MDBiN2EwMzU1N2M2MzFhZjE0ZTI2ZTBkZjcwYjkwNDBhMjRmNWQ4ZWVmODA1ZDhiYTg3MjUxMzBlM2UxMmM4ODc4NGVkYjBhMzNmNWM4ODUzZjQ1ZjU0ZGJkNDdmYzA4YjgxODJiZWUzY2UxZGY= + consensus.pub: OGJhODcyNTEzMGUzZTEyYzg4Nzg0ZWRiMGEzM2Y1Yzg4NTNmNDVmNTRkYmQ0N2ZjMDhiODE4MmJlZTNjZTFkZg== + service: NWFkN2IxMjg2OTQyOWQ0Y2EwMDFmOTczOWJiYmIyMGNkNzUzZTQ4MTEwMDdlMGY3YTQzMTRlODgzMTliYmJmMmE3NTk4MzkyMGY5NWZmZWZiYjg2ZTE3NTY0YzY0Y2FjNDRkNGYzYzRjZDEzOTA5OTQwNmRlNzEzOTUxYmM4ZTc= + service.pub: YTc1OTgzOTIwZjk1ZmZlZmJiODZlMTc1NjRjNjRjYWM0NGQ0ZjNjNGNkMTM5MDk5NDA2ZGU3MTM5NTFiYzhlNw== +kind: Secret +metadata: + name: dmbc05-keys + labels: + app: dmbc05 +type: Opaque \ No newline at end of file diff --git a/k8s-manifests/base/kustomization.yaml b/k8s-manifests/base/kustomization.yaml index 83bb6b59..f9782028 100644 --- a/k8s-manifests/base/kustomization.yaml +++ b/k8s-manifests/base/kustomization.yaml @@ -6,4 +6,5 @@ resources: - dmbc02 - dmbc03 - dmbc04 +- dmbc05 - dmbc-discovery \ No newline at end of file diff --git a/k8s-manifests/prod01/kustomization.yaml b/k8s-manifests/prod01/kustomization.yaml new file mode 100644 index 00000000..bab87e59 --- /dev/null +++ b/k8s-manifests/prod01/kustomization.yaml @@ -0,0 +1,29 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +# - ../base +- ../base/dmbc00-common +# - ../base/dmbc01 +# - ../base/dmbc02 +# - ../base/dmbc03 +# - ../base/dmbc04 +- ../base/dmbc05 +# - ../base/dmbc-discovery +namespace: dmbc-prod +images: +- name: globalgames/dmarket-blockchain + newName: globalgames/dmarket-blockchain + newTag: fat-wallets-125 +patchesStrategicMerge: +- patches/dmbc00-common/ingress.yaml +- patches/dmbc00-common/secret.yaml +- patches/dmbc05/deployment.yaml +- patches/dmbc05/node-affinity.yaml +# - patches/dmbc04/deployment.yaml +# - patches/dmbc04/node-affinity.yaml +# - patches/dmbc03/deployment.yaml +# - patches/dmbc03/node-affinity.yaml +# - patches/dmbc02/deployment.yaml +# - patches/dmbc02/node-affinity.yaml +#- patches/dmbc01/deployment.yaml +#- patches/dmbc01/node-affinity.yaml \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc00-common/ingress.yaml b/k8s-manifests/prod01/patches/dmbc00-common/ingress.yaml new file mode 100644 index 00000000..8a721846 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc00-common/ingress.yaml @@ -0,0 +1,42 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: dmbc + labels: + app: dmbc + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/configuration-snippet: | + proxy_set_header X-GeoIP-Country $geoip_country_code; + proxy_set_header X-GeoIP-Country-Name $geoip_country_name; + proxy_set_header X-GeoIP-Region-Name $geoip_region_name; + proxy_set_header X-GeoIP-City $geoip_city; + proxy_set_header X-GeoIP-Postal-Code $geoip_postal_code; + proxy_set_header CF-IPCountry $http_cf_ipcountry; + more_set_headers "X-XSS-Protection: 1; mode=block"; + more_set_headers "X-Frame-Options: SAMEORIGIN"; + nginx.ingress.kubernetes.io/cors-allow-credentials: "true" + nginx.ingress.kubernetes.io/cors-allow-headers: + Content-Type, Accept, Authorization, + Language, X-Forwarded-For, Set-Cookie, Payment-Session-Id, Access-Control-Allow-Origin + nginx.ingress.kubernetes.io/cors-allow-methods: GET, POST, OPTIONS, PUT, DELETE + nginx.ingress.kubernetes.io/cors-allow-origin: "*" + nginx.ingress.kubernetes.io/enable-cors: "true" + nginx.ingress.kubernetes.io/whitelist-source-range: 92.60.189.125,212.90.166.94,94.176.196.244,34.90.237.96,35.189.83.42,35.233.1.160,104.199.34.31,35.233.1.160,34.76.42.79,93.74.83.220,185.143.147.206 +spec: + rules: + - host: dm-blockchain-prod01.devss.xyz + http: + paths: + - backend: + service: + name: dmbc + port: + number: 8000 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - dm-blockchain-prod01.devss.xyz + secretName: devss-tls \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc00-common/secret.yaml b/k8s-manifests/prod01/patches/dmbc00-common/secret.yaml new file mode 100644 index 00000000..6d0e6fff --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc00-common/secret.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: dockerhub + annotations: + vault.security.banzaicloud.io/vault-addr: "http://10.157.0.109:8200" + vault.security.banzaicloud.io/vault-auth-method: "kubernetes" + vault.security.banzaicloud.io/vault-path: "dm-k8s-prod01" + vault.security.banzaicloud.io/vault-role: "vault-auth" + vault.security.banzaicloud.io/vault-skip-verify: "true" +data: + .dockerconfigjson: eyJhdXRocyI6eyJodHRwczovL2luZGV4LmRvY2tlci5pby92MS8iOnsidXNlcm5hbWUiOiJ2YXVsdDpzZWNyZXQvZGF0YS9jb21tb24vZG9ja2VyaHViL25vbnByb2QjRE9DS0VSX1JFUE9fVVNFUiIsInBhc3N3b3JkIjoidmF1bHQ6c2VjcmV0L2RhdGEvY29tbW9uL2RvY2tlcmh1Yi9ub25wcm9kI0RPQ0tFUl9SRVBPX1BBU1NXT1JEIiwiYXV0aCI6ImRtRjFiSFE2YzJWamNtVjBMMlJoZEdFdlkyOXRiVzl1TDJSdlkydGxjbWgxWWk5dWIyNXdjbTlrSTBSUFEwdEZVbDlTUlZCUFgxVlRSVkk2ZG1GMWJIUTZjMlZqY21WMEwyUmhkR0V2WTI5dGJXOXVMMlJ2WTJ0bGNtaDFZaTl1YjI1d2NtOWtJMFJQUTB0RlVsOVNSVkJQWDFCQlUxTlhUMUpFIn19fQ== +type: kubernetes.io/dockerconfigjson \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc01/deployment.yaml b/k8s-manifests/prod01/patches/dmbc01/deployment.yaml new file mode 100644 index 00000000..bdd2beef --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc01/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc01 +spec: + template: + spec: + serviceAccountName: dmbc-configmap-updater + initContainers: + - command: + - sh + - -c + - | + #!/usr/bin/env bash -e + echo "Updating of dmbc04-config configmap" + echo "POD_IP: $POD_IP" + + kubectl get cm dmbc01-config -o yaml | sed -e "0,/address = .*/ s/address = .*/address = \"$POD_IP:8000\"/g" | kubectl apply -f - + kubectl get cm dmbc01-config -o yaml | sed -e "s|private_address = .*|private_address = \"$POD_IP:8001\"|g" | kubectl apply -f - + kubectl get cm dmbc01-config -o yaml | sed -e "s|peer_address = .*|peer_address = \"$POD_IP:2000\"|g" | kubectl apply -f - + + echo "End" + image: bitnami/kubectl:1.21.2 + imagePullPolicy: IfNotPresent + name: configmap-updater + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc01/node-affinity.yaml b/k8s-manifests/prod01/patches/dmbc01/node-affinity.yaml new file mode 100644 index 00000000..89b7ff03 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc01/node-affinity.yaml @@ -0,0 +1,18 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc01 + labels: + app: dmbc01 +spec: + template: + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cloud.google.com/gke-nodepool + operator: In + values: + - dmbc-pool diff --git a/k8s-manifests/prod01/patches/dmbc02/deployment.yaml b/k8s-manifests/prod01/patches/dmbc02/deployment.yaml new file mode 100644 index 00000000..3000bd34 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc02/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc02 +spec: + template: + spec: + serviceAccountName: dmbc-configmap-updater + initContainers: + - command: + - sh + - -c + - | + #!/usr/bin/env bash -e + echo "Updating of dmbc02-config configmap" + echo "POD_IP: $POD_IP" + + kubectl get cm dmbc02-config -o yaml | sed -e "0,/address = .*/ s/address = .*/address = \"$POD_IP:8000\"/g" | kubectl apply -f - + kubectl get cm dmbc02-config -o yaml | sed -e "s|private_address = .*|private_address = \"$POD_IP:8001\"|g" | kubectl apply -f - + kubectl get cm dmbc02-config -o yaml | sed -e "s|peer_address = .*|peer_address = \"$POD_IP:2000\"|g" | kubectl apply -f - + + echo "End" + image: bitnami/kubectl:1.21.2 + imagePullPolicy: IfNotPresent + name: configmap-updater + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc02/node-affinity.yaml b/k8s-manifests/prod01/patches/dmbc02/node-affinity.yaml new file mode 100644 index 00000000..d2e19902 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc02/node-affinity.yaml @@ -0,0 +1,18 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc02 + labels: + app: dmbc02 +spec: + template: + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cloud.google.com/gke-nodepool + operator: In + values: + - dmbc-pool diff --git a/k8s-manifests/prod01/patches/dmbc03/deployment.yaml b/k8s-manifests/prod01/patches/dmbc03/deployment.yaml new file mode 100644 index 00000000..8efb72be --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc03/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc03 +spec: + template: + spec: + serviceAccountName: dmbc-configmap-updater + initContainers: + - command: + - sh + - -c + - | + #!/usr/bin/env bash -e + echo "Updating of dmbc04-config configmap" + echo "POD_IP: $POD_IP" + + kubectl get cm dmbc03-config -o yaml | sed -e "0,/address = .*/ s/address = .*/address = \"$POD_IP:8000\"/g" | kubectl apply -f - + kubectl get cm dmbc03-config -o yaml | sed -e "s|private_address = .*|private_address = \"$POD_IP:8001\"|g" | kubectl apply -f - + kubectl get cm dmbc03-config -o yaml | sed -e "s|peer_address = .*|peer_address = \"$POD_IP:2000\"|g" | kubectl apply -f - + + echo "End" + image: bitnami/kubectl:1.21.2 + imagePullPolicy: IfNotPresent + name: configmap-updater + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc03/node-affinity.yaml b/k8s-manifests/prod01/patches/dmbc03/node-affinity.yaml new file mode 100644 index 00000000..262b733d --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc03/node-affinity.yaml @@ -0,0 +1,18 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc03 + labels: + app: dmbc03 +spec: + template: + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cloud.google.com/gke-nodepool + operator: In + values: + - dmbc-pool diff --git a/k8s-manifests/prod01/patches/dmbc04/deployment.yaml b/k8s-manifests/prod01/patches/dmbc04/deployment.yaml new file mode 100644 index 00000000..0b7479b5 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc04/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc04 +spec: + template: + spec: + serviceAccountName: dmbc-configmap-updater + initContainers: + - command: + - sh + - -c + - | + #!/usr/bin/env bash -e + echo "Updating of dmbc04-config configmap" + echo "POD_IP: $POD_IP" + + kubectl get cm dmbc04-config -o yaml | sed -e "0,/address = .*/ s/address = .*/address = \"$POD_IP:8000\"/g" | kubectl apply -f - + kubectl get cm dmbc04-config -o yaml | sed -e "s|private_address = .*|private_address = \"$POD_IP:8001\"|g" | kubectl apply -f - + kubectl get cm dmbc04-config -o yaml | sed -e "s|peer_address = .*|peer_address = \"$POD_IP:2000\"|g" | kubectl apply -f - + + echo "End" + image: bitnami/kubectl:1.21.2 + imagePullPolicy: IfNotPresent + name: configmap-updater + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc04/node-affinity.yaml b/k8s-manifests/prod01/patches/dmbc04/node-affinity.yaml new file mode 100644 index 00000000..4ef0a1b7 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc04/node-affinity.yaml @@ -0,0 +1,18 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc04 + labels: + app: dmbc04 +spec: + template: + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cloud.google.com/gke-nodepool + operator: In + values: + - dmbc-pool diff --git a/k8s-manifests/prod01/patches/dmbc05/deployment.yaml b/k8s-manifests/prod01/patches/dmbc05/deployment.yaml new file mode 100644 index 00000000..51105010 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc05/deployment.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc05 +spec: + template: + spec: + serviceAccountName: dmbc-configmap-updater + initContainers: + - command: + - sh + - -c + - | + #!/usr/bin/env bash -e + echo "Updating of dmbc05-config configmap" + echo "POD_IP: $POD_IP" + + kubectl get cm dmbc05-config -o yaml | sed -e "0,/address = .*/ s/address = .*/address = \"$POD_IP:8000\"/g" | kubectl apply -f - + kubectl get cm dmbc05-config -o yaml | sed -e "s|private_address = .*|private_address = \"$POD_IP:8001\"|g" | kubectl apply -f - + kubectl get cm dmbc05-config -o yaml | sed -e "s|peer_address = .*|peer_address = \"$POD_IP:2000\"|g" | kubectl apply -f - + + echo "End" + image: bitnami/kubectl:1.21.2 + imagePullPolicy: IfNotPresent + name: configmap-updater + env: + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP \ No newline at end of file diff --git a/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml b/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml new file mode 100644 index 00000000..d52d3645 --- /dev/null +++ b/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml @@ -0,0 +1,18 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dmbc05 + labels: + app: dmbc05 +spec: + template: + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cloud.google.com/gke-nodepool + operator: In + values: + - dmbc-pool diff --git a/k8s-manifests/stage01/kustomization.yaml b/k8s-manifests/stage01/kustomization.yaml index 68b36cd9..443f88e0 100644 --- a/k8s-manifests/stage01/kustomization.yaml +++ b/k8s-manifests/stage01/kustomization.yaml @@ -12,7 +12,7 @@ namespace: dmbc-stage images: - name: globalgames/dmarket-blockchain newName: globalgames/dmarket-blockchain - newTag: fat-wallets-110 + newTag: fat-wallets-125 patchesStrategicMerge: - patches/dmbc00-common/ingress.yaml - patches/dmbc00-common/secret.yaml From 7e6eae36870ea69247a1e0575715de742a917fc4 Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 16:57:02 +0200 Subject: [PATCH 2/7] chore: added specific pvc volume for dmbc05 --- k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml | 2 +- k8s-manifests/base/kustomization.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml b/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml index d9a3dcd4..b766113e 100644 --- a/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml +++ b/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml @@ -10,5 +10,5 @@ spec: - ReadWriteOnce resources: requests: - storage: 5Gi + storage: 1100Gi storageClassName: ssd \ No newline at end of file diff --git a/k8s-manifests/base/kustomization.yaml b/k8s-manifests/base/kustomization.yaml index f9782028..9dbc45cc 100644 --- a/k8s-manifests/base/kustomization.yaml +++ b/k8s-manifests/base/kustomization.yaml @@ -6,5 +6,5 @@ resources: - dmbc02 - dmbc03 - dmbc04 -- dmbc05 +#- dmbc05 - dmbc-discovery \ No newline at end of file From c1c3a5f4ec0ab4e7db5c78ad39c9e97ef412ed9d Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 17:07:23 +0200 Subject: [PATCH 3/7] chore: don't create secret and dmbc/dmbc-discovery service for prod --- .../base/dmbc-discovery/kustomization.yaml | 2 +- k8s-manifests/base/dmbc00-common/kustomization.yaml | 4 ++-- .../prod01/patches/dmbc00-common/secret.yaml | 13 ------------- 3 files changed, 3 insertions(+), 16 deletions(-) delete mode 100644 k8s-manifests/prod01/patches/dmbc00-common/secret.yaml diff --git a/k8s-manifests/base/dmbc-discovery/kustomization.yaml b/k8s-manifests/base/dmbc-discovery/kustomization.yaml index d8c487c3..f408514e 100644 --- a/k8s-manifests/base/dmbc-discovery/kustomization.yaml +++ b/k8s-manifests/base/dmbc-discovery/kustomization.yaml @@ -1,4 +1,4 @@ resources: - deployment.yaml - configmap.yaml - - service.yaml +# - service.yaml diff --git a/k8s-manifests/base/dmbc00-common/kustomization.yaml b/k8s-manifests/base/dmbc00-common/kustomization.yaml index 026c6e85..f761f281 100644 --- a/k8s-manifests/base/dmbc00-common/kustomization.yaml +++ b/k8s-manifests/base/dmbc00-common/kustomization.yaml @@ -1,7 +1,7 @@ resources: - ingress.yaml - - service.yaml + # - service.yaml - serviceaccount.yaml - role.yaml - rolebinding.yaml - - secret.yaml + #- secret.yaml diff --git a/k8s-manifests/prod01/patches/dmbc00-common/secret.yaml b/k8s-manifests/prod01/patches/dmbc00-common/secret.yaml deleted file mode 100644 index 6d0e6fff..00000000 --- a/k8s-manifests/prod01/patches/dmbc00-common/secret.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: dockerhub - annotations: - vault.security.banzaicloud.io/vault-addr: "http://10.157.0.109:8200" - vault.security.banzaicloud.io/vault-auth-method: "kubernetes" - vault.security.banzaicloud.io/vault-path: "dm-k8s-prod01" - vault.security.banzaicloud.io/vault-role: "vault-auth" - vault.security.banzaicloud.io/vault-skip-verify: "true" -data: - .dockerconfigjson: eyJhdXRocyI6eyJodHRwczovL2luZGV4LmRvY2tlci5pby92MS8iOnsidXNlcm5hbWUiOiJ2YXVsdDpzZWNyZXQvZGF0YS9jb21tb24vZG9ja2VyaHViL25vbnByb2QjRE9DS0VSX1JFUE9fVVNFUiIsInBhc3N3b3JkIjoidmF1bHQ6c2VjcmV0L2RhdGEvY29tbW9uL2RvY2tlcmh1Yi9ub25wcm9kI0RPQ0tFUl9SRVBPX1BBU1NXT1JEIiwiYXV0aCI6ImRtRjFiSFE2YzJWamNtVjBMMlJoZEdFdlkyOXRiVzl1TDJSdlkydGxjbWgxWWk5dWIyNXdjbTlrSTBSUFEwdEZVbDlTUlZCUFgxVlRSVkk2ZG1GMWJIUTZjMlZqY21WMEwyUmhkR0V2WTI5dGJXOXVMMlJ2WTJ0bGNtaDFZaTl1YjI1d2NtOWtJMFJQUTB0RlVsOVNSVkJQWDFCQlUxTlhUMUpFIn19fQ== -type: kubernetes.io/dockerconfigjson \ No newline at end of file From efde643b81796487b92e681689b110c038efa08c Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 17:09:50 +0200 Subject: [PATCH 4/7] chore: new auditor node will deployed on current node pool --- k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml b/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml index d52d3645..70bfc445 100644 --- a/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml +++ b/k8s-manifests/prod01/patches/dmbc05/node-affinity.yaml @@ -15,4 +15,4 @@ spec: - key: cloud.google.com/gke-nodepool operator: In values: - - dmbc-pool + - dmbc-pool-prod-01 From 81a8aca8065b01db700472989d5314f8f47eca77 Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 17:12:00 +0200 Subject: [PATCH 5/7] chore: configure deploy only for dmbc05 node --- k8s-manifests/prod01/kustomization.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/k8s-manifests/prod01/kustomization.yaml b/k8s-manifests/prod01/kustomization.yaml index bab87e59..7ab7b8d3 100644 --- a/k8s-manifests/prod01/kustomization.yaml +++ b/k8s-manifests/prod01/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: # - ../base -- ../base/dmbc00-common +# - ../base/dmbc00-common # - ../base/dmbc01 # - ../base/dmbc02 # - ../base/dmbc03 @@ -15,8 +15,7 @@ images: newName: globalgames/dmarket-blockchain newTag: fat-wallets-125 patchesStrategicMerge: -- patches/dmbc00-common/ingress.yaml -- patches/dmbc00-common/secret.yaml +#- patches/dmbc00-common/ingress.yaml - patches/dmbc05/deployment.yaml - patches/dmbc05/node-affinity.yaml # - patches/dmbc04/deployment.yaml From 062f33163a1be0f85ea9552f0fd1446a82565cbc Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 17:42:48 +0200 Subject: [PATCH 6/7] chore: minor changes --- k8s-manifests/base/dmbc00-common/kustomization.yaml | 2 +- k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml | 2 +- k8s-manifests/prod01/kustomization.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s-manifests/base/dmbc00-common/kustomization.yaml b/k8s-manifests/base/dmbc00-common/kustomization.yaml index f761f281..27196e3d 100644 --- a/k8s-manifests/base/dmbc00-common/kustomization.yaml +++ b/k8s-manifests/base/dmbc00-common/kustomization.yaml @@ -1,5 +1,5 @@ resources: - - ingress.yaml + # - ingress.yaml # - service.yaml - serviceaccount.yaml - role.yaml diff --git a/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml b/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml index b766113e..b40ae1d6 100644 --- a/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml +++ b/k8s-manifests/base/dmbc05/persistentvolumeclaim.yaml @@ -11,4 +11,4 @@ spec: resources: requests: storage: 1100Gi - storageClassName: ssd \ No newline at end of file + storageClassName: standard \ No newline at end of file diff --git a/k8s-manifests/prod01/kustomization.yaml b/k8s-manifests/prod01/kustomization.yaml index 7ab7b8d3..370c20d6 100644 --- a/k8s-manifests/prod01/kustomization.yaml +++ b/k8s-manifests/prod01/kustomization.yaml @@ -2,7 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: # - ../base -# - ../base/dmbc00-common +- ../base/dmbc00-common # - ../base/dmbc01 # - ../base/dmbc02 # - ../base/dmbc03 @@ -15,7 +15,7 @@ images: newName: globalgames/dmarket-blockchain newTag: fat-wallets-125 patchesStrategicMerge: -#- patches/dmbc00-common/ingress.yaml +# - patches/dmbc00-common/ingress.yaml - patches/dmbc05/deployment.yaml - patches/dmbc05/node-affinity.yaml # - patches/dmbc04/deployment.yaml From 192c4ad5e9f9c8a1cfa8bc7418dd2d9d9486648a Mon Sep 17 00:00:00 2001 From: Dima Khodakivskyi Date: Mon, 24 Jan 2022 17:44:30 +0200 Subject: [PATCH 7/7] chore: removed sensetive data --- k8s-manifests/base/dmbc05/secret.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/k8s-manifests/base/dmbc05/secret.yaml b/k8s-manifests/base/dmbc05/secret.yaml index a363fded..3ea27ec2 100644 --- a/k8s-manifests/base/dmbc05/secret.yaml +++ b/k8s-manifests/base/dmbc05/secret.yaml @@ -1,9 +1,9 @@ apiVersion: v1 data: - consensus: ODI3ZTZmOWZlYzYxMGYzMWM0MDBiN2EwMzU1N2M2MzFhZjE0ZTI2ZTBkZjcwYjkwNDBhMjRmNWQ4ZWVmODA1ZDhiYTg3MjUxMzBlM2UxMmM4ODc4NGVkYjBhMzNmNWM4ODUzZjQ1ZjU0ZGJkNDdmYzA4YjgxODJiZWUzY2UxZGY= - consensus.pub: OGJhODcyNTEzMGUzZTEyYzg4Nzg0ZWRiMGEzM2Y1Yzg4NTNmNDVmNTRkYmQ0N2ZjMDhiODE4MmJlZTNjZTFkZg== - service: NWFkN2IxMjg2OTQyOWQ0Y2EwMDFmOTczOWJiYmIyMGNkNzUzZTQ4MTEwMDdlMGY3YTQzMTRlODgzMTliYmJmMmE3NTk4MzkyMGY5NWZmZWZiYjg2ZTE3NTY0YzY0Y2FjNDRkNGYzYzRjZDEzOTA5OTQwNmRlNzEzOTUxYmM4ZTc= - service.pub: YTc1OTgzOTIwZjk1ZmZlZmJiODZlMTc1NjRjNjRjYWM0NGQ0ZjNjNGNkMTM5MDk5NDA2ZGU3MTM5NTFiYzhlNw== + consensus: + consensus.pub: + service: + service.pub: kind: Secret metadata: name: dmbc05-keys