diff --git a/yaml/busybox.yaml b/yaml/busybox.yaml deleted file mode 100644 index 50780d2..0000000 --- a/yaml/busybox.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: bbox - labels: - run: bbox -spec: - type: ClusterIP - selector: - app: busybox - ports: - - port: 8000 - targetPort: 8000 - protocol: TCP - name: http ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: busybox - namespace: default -spec: - replicas: 1 - template: - metadata: - labels: - app: busybox - spec: - containers: - - image: busybox - name: busybox - command: - - /bin/sh - - "-c" - - "while true; do echo ping | nc -l -p 8000; done" - # - "while true; do sleep 10; done" - volumeMounts: - - mountPath: /data - name: nfs-vol - ports: - - containerPort: 8000 - volumes: - - name: nfs-vol - nfs: - path: /data - server: git01.itpartner.intern - readOnly: false - - diff --git a/yaml/hello.yaml b/yaml/hello.yaml deleted file mode 100644 index 4879e9a..0000000 --- a/yaml/hello.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: hello - labels: - run: hello -spec: - type: ClusterIP - ports: - - port: 8000 - targetPort: 8000 - protocol: TCP - name: http - selector: - app: hello ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: hello - namespace: default -spec: - replicas: 1 - template: - metadata: - labels: - app: hello - spec: - containers: - - image: crccheck/hello-world - name: hello - # command: - # - sleep - # - "3600" - ports: - - containerPort: 8000 - - diff --git a/yaml/kube-rbac.yaml b/yaml/kube-rbac.yaml deleted file mode 100644 index 2238af5..0000000 --- a/yaml/kube-rbac.yaml +++ /dev/null @@ -1,73 +0,0 @@ -# -# These RBAC permissions enable the cluster to operate, but restrict the default/default Service -# The 'kube-admin' and 'kube-worker' users have full access -# The 'kube-system/default' ServiceAccount has full access (used by the default kube-system Pods) -# The 'default/default' ServiceAccount has no access, and so can only pull public or ECR images -# - -# -# ClusterRole's -# - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1alpha1 -metadata: - name: full-access -rules: - - apiGroups: ["*"] - resources: ["*"] - verbs: ["*"] - - nonResourceURLs: ["*"] - verbs: ["*"] ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1alpha1 -metadata: - name: read-access -rules: - - apiGroups: ["*"] - resources: ["*"] - verbs: ["get", "list", "watch"] - - nonResourceURLs: ["*"] - verbs: ["get", "list", "watch"] ---- -# -# ClusterRoleBindings's -# - -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1alpha1 -metadata: - name: kube-admin -subjects: - - kind: User - name: kube-admin -roleRef: - kind: ClusterRole - name: full-access - apiGroup: rbac.authorization.k8s.io ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1alpha1 -metadata: - name: kube-worker -subjects: - - kind: User - name: kube-worker -roleRef: - kind: ClusterRole - name: full-access - apiGroup: rbac.authorization.k8s.io ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1alpha1 -metadata: - name: system-default-service-account -subjects: - - kind: ServiceAccount - namespace: kube-system - name: default -roleRef: - kind: ClusterRole - name: full-access - apiGroup: rbac.authorization.k8s.io diff --git a/yaml/kubernetes-dashboard-ingress.yaml b/yaml/kubernetes-dashboard-ingress.yaml deleted file mode 100644 index 13e5ea3..0000000 --- a/yaml/kubernetes-dashboard-ingress.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: kubernetes-dashboard - namespace: kube-system -spec: - rules: - - host: dashboard.cluster.local - http: - paths: - - path: / - backend: - serviceName: kubernetes-dashboard - servicePort: 80 - # tls: - # - secretName: traefik-cert - backend: - serviceName: kubernetes-dashboard - servicePort: 80 - diff --git a/yaml/traefik-conf.yaml b/yaml/traefik-conf.yaml deleted file mode 100644 index d55e30e..0000000 --- a/yaml/traefik-conf.yaml +++ /dev/null @@ -1,22 +0,0 @@ ---- -kind: ConfigMap -apiVersion: v1 -metadata: - name: traefik-conf - namespace: kube-system -data: - traefik.toml: |- - logLevel = "INFO" - defaultEntryPoints = ["http"] - - [kubernetes] - - [entryPoints] - [entryPoints.http] - address = ":80" - # [entryPoints.https] - # address = ":443" - # [entryPoints.https.tls] - - [web] - address = ":8091" diff --git a/yaml/traefik.yaml b/yaml/traefik.yaml deleted file mode 100644 index 3499a3b..0000000 --- a/yaml/traefik.yaml +++ /dev/null @@ -1,85 +0,0 @@ -# --- -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# name: traefik-ingress-controller -# namespace: kube-system ---- -kind: DaemonSet -apiVersion: extensions/v1beta1 -metadata: - name: traefik-ingress-controller - namespace: kube-system - labels: - k8s-app: traefik-ingress-lb -spec: - template: - metadata: - labels: - k8s-app: traefik-ingress-lb - name: traefik-ingress-lb - spec: - # serviceAccountName: traefik-ingress-controller - serviceAccountName: default - terminationGracePeriodSeconds: 60 - hostNetwork: true - volumes: - - name: traefik-config - configMap: - name: traefik-conf - containers: - - image: traefik - name: traefik-ingress-lb - resources: - limits: - cpu: 200m - memory: 30Mi - requests: - cpu: 100m - memory: 20Mi - volumeMounts: - - mountPath: /etc/traefik - name: traefik-config - ports: - - name: http - containerPort: 80 - hostPort: 80 - - name: admin - containerPort: 8091 - securityContext: - privileged: true - args: - - --web - - --web.address=:8091 - - --kubernetes - - --configfile=/etc/traefik/traefik.toml - - --insecureSkipVerify=true ---- -apiVersion: v1 -kind: Service -metadata: - name: traefik-web-ui - namespace: kube-system -spec: - type: NodePort - selector: - k8s-app: traefik-ingress-lb - ports: - - name: web - port: 8091 - targetPort: 8091 ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: traefik-web-ui - namespace: kube-system -spec: - rules: - - host: traefik-ui.cluster.local - http: - paths: - - path: / - backend: - serviceName: traefik-web-ui - servicePort: web