--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+######### Common parameters #########
+######### Mandatory #########
+private_repo_ip:
+ name:
+
+######### Optional #########
+eg_image_tag:
+ name: 0.9
+# User can either give common pwd or can opt to provide individual pwds
+common_pwd:
+ name:
+
+########## Edge config #############
+######### Mandatory #########
+mep_kong_pg_pwd:
+ name:
+######### Optional #########
+edge_management_interface:
+ name: eth0
+edge_dataplane_interface:
+ name: eth1
+eg-management-address:
+ name: 100.1.1.2/24
+eg-dataplane-address:
+ name: 200.1.1.2/24
+
+# All Edge related password which needs to be specified if user doesn't
+# need common password for security purpose
+mep_pg_admin_pwd:
+ name:
+mep_cert_pwd:
+ name:
+generate_cert_pass:
+ name:
+mecm_mepm_postgresPassword:
+ name:
+mecm_mepm_postgresLcmCntlrPassword:
+ name:
+mecm_mepm_postgresk8sPluginPassword:
+ name:
+
+########### Master config ###########
+######### Mandatory #########
+mecm_meo_edgeRepoUserName:
+ name:
+mecm_meo_edgeRepoPassword:
+ name:
+
+######### Optional #########
+usermgmt_port:
+ name: 30067
+appstore_port:
+ name: 30091
+developer_port:
+ name: 30092
+mecm_port:
+ name: 30093
+docker_registry_port:
+ name: 5000
+
+# All Master related password which needs to be specified if user
+# doesn't need common password for security purpose
+user_mgmt_encryptPassword:
+ name:
+mecm_meo_keystorePassword:
+ name:
+mecm_meo_truststorePassword:
+ name:
+mecm_meo_postgresPassword:
+ name:
+mecm_meo_postgresApmPassword:
+ name:
+mecm_meo_postgresAppoPassword:
+ name:
+mecm_meo_postgresInventoryPassword:
+ name:
+# Only if env structure, ocd in arm and master and edge in x86_64
+master_edge_processor:
+ name: "x86_64"
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+
+############ OCD ############
+
+- hosts: ocdconsolidated
+ become: yes
+ tags:
+ - ocdhost
+ - ocdconsolidated
+
+ roles:
+ - eg_helm-repo
+ - eg_registry
+ - eg_certs
+ - helm
+ - k8s
+
+############ Master ############
+
+### EdgeGallery related ###
+
+- hosts: egmaster
+ become: yes
+ tags:
+ - egmaster
+ - master
+
+ roles:
+ - eg_mecm-meo
+ - eg_mecm-fe
+ - eg_appstore
+ - eg_developer
+ - eg_user-mgmt
+ - service_center
+ - eg_secret
+
+### Other 3rd party related ###
+
+- hosts: thirdpartymaster
+ become: yes
+ tags:
+ - thirdpartymaster
+ - master
+
+ roles:
+ - grafana
+
+### Pre-Requisites ###
+
+- hosts: prerequisitemaster
+ become: yes
+ tags:
+ - prerequisitemaster
+ - master
+
+ roles:
+ - kubeconfig
+ - helm
+
+############ Edge ############
+
+### EdgeGallery related ###
+
+- hosts: egedge
+ become: yes
+ tags:
+ - egedge
+ - edge
+
+ roles:
+ - eg_secret
+ - eg_mep
+ - eg_mecm-mepm
+
+### Other 3rd party related ###
+
+- hosts: thirdpartyedge
+ become: yes
+ tags:
+ - thirdpartyedge
+ - edge
+
+ roles:
+ - rabbitmq
+ - prometheus
+ - kubeconfig
+ - mepkubeconfig
+ - cadvisor
+
+### Pre-Requisites ###
+
+- hosts: prerequisiteedge
+ become: yes
+ tags:
+ - prerequisiteedge
+ - edge
+
+ roles:
+ - helm
+
+### Infrastructure ###
+- hosts: edge-infra
+ become: yes
+ tags:
+ - edge-infra
+ - edge
+
+ roles:
+ - k3s
+ - docker
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+[master]
+controller1 ansible_host="" ansible_user="" ansible_password=""
+
+[edge]
+edge1 ansible_host="" ansible_user="" ansible_password=""
+
+[ocdhost]
+ocdhost ansible_host="" ansible_user="" ansible_password=""
+
+### OCD childrens ###
+
+[ocdconsolidated:children]
+ocdhost
+
+### Master node childrens ###
+
+[master-infra:children]
+master
+
+[prerequisitemaster:children]
+master
+
+[thirdpartymaster:children]
+master
+
+[egmaster:children]
+master
+
+### Edge node childrens ###
+
+[edge-infra:children]
+edge
+
+[prerequisiteedge:children]
+edge
+
+[thirdpartyedge:children]
+edge
+
+[egedge:children]
+edge
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+############ OCD ############
+
+- hosts: ocdconsolidated
+ become: yes
+ tags:
+ - ocdhost
+ - ocdconsolidated
+
+ roles:
+ - k8s
+ - helm
+ - eg_certs
+ - eg_registry
+ - eg_helm-repo
+
+############ Master ############
+
+### Pre-Requisites ###
+
+- hosts: prerequisitemaster
+ become: yes
+ tags:
+ - prerequisitemaster
+ - master
+
+ roles:
+ - eg_prerequisite
+ - helm
+ - eg_set-helm-repo
+ - kubeconfig
+
+### Other 3rd party related ###
+
+- hosts: thirdpartymaster
+ become: yes
+ tags:
+ - thirdpartymaster
+ - master
+
+ roles:
+ - grafana
+
+### EdgeGallery related ###
+
+- hosts: egmaster
+ become: yes
+ tags:
+ - egmaster
+ - master
+
+ roles:
+ - eg_secret
+ - service_center
+ - eg_user-mgmt
+ - eg_mecm-meo
+ - eg_mecm-fe
+ - eg_appstore
+ - eg_developer
+
+
+############ Edge ############
+
+### Infrastructure ###
+- hosts: edge-infra
+ become: yes
+ tags:
+ - edge-infra
+ - edge
+
+ roles:
+ - docker
+ - eg_prerequisite
+ - k3s
+
+### Pre-Requisites ###
+
+- hosts: prerequisiteedge
+ become: yes
+ tags:
+ - prerequisiteedge
+ - edge
+
+ roles:
+ - helm
+
+### Other 3rd party related ###
+
+- hosts: thirdpartyedge
+ become: yes
+ tags:
+ - thirdpartyedge
+ - edge
+
+ roles:
+ - rabbitmq
+ - prometheus
+ - kubeconfig
+ - mepkubeconfig
+ - cadvisor
+
+### EdgeGallery related ###
+
+- hosts: egedge
+ become: yes
+ tags:
+ - egedge
+ - edge
+
+ roles:
+ - eg_secret
+ - eg_set-helm-repo
+ - eg_mep
+ - eg_mecm-mepm
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# cadvisor pod
+---
+apiVersion: v1
+kind: Pod
+metadata:
+ name: cadvisor
+ namespace: default
+ labels:
+ app: cadvisor
+ annotations:
+ seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
+spec:
+ containers:
+ - image: unibaktr/cadvisor:v0.36.0
+ imagePullPolicy: Always
+ name: cadvisor-pod
+ ports:
+ - containerPort: 8080
+ hostPort: 8081
+ protocol: TCP
+ resources:
+ requests:
+ memory: 200Mi
+ cpu: 150m
+ limits:
+ memory: 2000Mi
+ cpu: 300m
+ volumeMounts:
+ - mountPath: /rootfs
+ name: rootfs
+ readOnly: true
+ # yamllint disable-line rule:key-duplicates
+ volumeMounts:
+ - mountPath: /var/run
+ name: varrun
+ readOnly: true
+ # yamllint disable-line rule:key-duplicates
+ volumeMounts:
+ - mountPath: /sys
+ name: sys
+ readOnly: true
+ # yamllint disable-line rule:key-duplicates
+ volumeMounts:
+ - mountPath: /var/lib/docker
+ name: varlibdocker
+ readOnly: true
+ # yamllint disable-line rule:key-duplicates
+ volumeMounts:
+ - mountPath: /dev/disk
+ name: devdisk
+ readOnly: true
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - name: rootfs
+ hostPath:
+ path: /
+ # yamllint disable-line rule:key-duplicates
+ volumes:
+ - name: varrun
+ hostPath:
+ path: /var/run
+ # yamllint disable-line rule:key-duplicates
+ volumes:
+ - name: sys
+ hostPath:
+ path: /sys
+ # yamllint disable-line rule:key-duplicates
+ volumes:
+ - name: varlibdocker
+ hostPath:
+ path: /var/lib/docker
+ # yamllint disable-line rule:key-duplicates
+ volumes:
+ - name: devdisk
+ hostPath:
+ path: /dev/disk
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: copy deploy folder to mep node to install mepserver
+ copy:
+ src: dep.yaml
+ dest: /tmp/cadvisor/
+
+- name: Installation of cadvisor
+ shell:
+ cmd: kubectl apply -f /tmp/cadvisor/dep.yaml
+ ignore_errors: 'True'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+
+# tasks file for cAdvisor
+
+- include: "install.yml"
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if cadvisor is installed before removing
+ shell:
+ cmd: kubectl get pods | grep cadvisor
+ register: result
+ ignore_errors: 'True'
+
+- name: Uninstallation of cadvisor
+ shell:
+ cmd: kubectl delete -f /tmp/cadvisor/dep.yaml
+ when: result is succeeded
+ ignore_errors: 'True'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: Installation of cert-manager
+ shell:
+# yamllint disable rule:line-length
+ cmd: kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v0.15.0/cert-manager.yaml
+ ignore_errors: 'True'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+
+# tasks file for cert-manager
+
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check whether cert-manager applied or not
+ shell:
+ cmd: kubectl get pods -n cert-manager
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Removing cert-manager pods...
+ when: result.stdout != ""
+
+- name: Uninstallation of cert-manager
+ shell:
+# yamllint disable rule:line-length
+ cmd: kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v0.15.0/cert-manager.yaml
+ ignore_errors: 'True'
+ when: result.stdout != ""
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: Check whether docker is already installed
+ command: which docker
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Docker is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , Docker not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: "INSTALL: Installing docker update"
+ command: apt-get update -y
+ ignore_errors: yes
+ failed_when: false
+ no_log: True
+
+- name: "INSTALL: Installing docker upgrade"
+# yamllint disable rule:line-length
+ command: apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common
+# yamllint disable rule:line-length
+ ignore_errors: yes
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Add repository"
+ shell: curl -sL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: CA-Certificates"
+# yamllint disable rule:line-length
+ shell: sudo add-apt-repository "deb [arch=arm64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
+# yamllint disable rule:line-length
+ ignore_errors: yes
+ failed_when: false
+ no_log: True
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Update....."
+ command: apt-get update -y
+ ignore_errors: yes
+ failed_when: false
+ no_log: True
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Installed docker"
+ command: apt-get install -y docker-ce docker-ce-cli containerd.io
+ ignore_errors: yes
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- debug:
+ msg: "CentOS commands start"
+
+- name: "INSTALL:Installing docker "
+ command: yum install -y yum-utils
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+ ignore_errors: yes
+ no_log: true
+
+- name: "INSTALL: Add repo"
+ command: yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+ #ignore_error: yes
+ no_log: true
+
+- name: "INSTALL: install containerd.io"
+ command: yum -y install docker-ce-19.03.8 docker-ce-cli-19.03.8 containerd.io
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+ ignore_errors: yes
+ no_log: true
+
+- name: "Start Docker:"
+ command: systemctl start docker
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+ ignore_errors: yes
+ #no_log: true
+
+- name: "Start Docker: enable"
+ command: systemctl enable docker
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+ ignore_errors: yes
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for docker
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: Check whether docker is installed before deleting
+ command: which docker
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Uninstalling docker...
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , Docker not installed
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: "UNINSTALL: Uninstall docker engine"
+ command: apt-get purge -y docker-engine
+ ignore_errors: yes
+ when: result is succeeded and ansible_architecture == 'aarch64'
+
+- name: "UNINSTALL: Uninstall docker"
+ command: apt-get purge -y docker
+ ignore_errors: yes
+ when: result is succeeded and ansible_architecture == 'aarch64'
+ #when: result is succeeded and ansible_architecture == 'x86_64'
+
+- name: "UNINSTALL: Uninstall docker.io"
+ command: apt-get purge -y docker.io
+ ignore_errors: yes
+ when: result is succeeded and ansible_architecture == 'aarch64'
+
+- name: "UNINSTALL: Uninstall docker-ce"
+ command: apt-get purge -y docker-ce
+ ignore_errors: yes
+ when: result is succeeded and ansible_architecture == 'aarch64'
+ #when: result is succeeded and ansible_architecture == 'aarch64'
+
+- name: "UNINSTALL: Uninstall docker"
+ command: apt-get purge -y docker-ce-cli
+ ignore_errors: yes
+ when: result is succeeded and ansible_architecture == 'aarch64'
+ #when: result is succeeded
+
+- debug:
+ msg: "CentOS commands start"
+
+- name: "UNINSTALL:Uninstalled docker "
+ shell:
+ cmd: yes | yum remove docker-ce docker-ce-cli containerd.io
+ ignore_errors: yes
+ no_log: true
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import vars
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Helm install appstore
+ # yamllint disable rule:line-length
+ command: helm install appstore-edgegallery edgegallery/appstore --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{ vardata.usermgmt_port.name}} --set images.appstoreFe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/appstore-fe --set images.appstoreBe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/appstore-be --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.appstoreFe.tag={{vardata.eg_image_tag.name}} --set images.appstoreBe.tag={{vardata.eg_image_tag.name}} --set images.appstoreFe.pullPolicy=IfNotPresent --set images.appstoreBe.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_appstore
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall appstore
+ command: helm uninstall appstore-edgegallery
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Remove old ssl key dir
+ command: rm -rf /tmp/ssl-eg-keys-certs
+ args:
+ chdir: /tmp/
+
+- name: Make new ssl key dir
+ command: mkdir -p /tmp/ssl-eg-keys-certs
+ args:
+ chdir: /tmp/
+
+- name: generate cert
+ # yamllint disable rule:line-length
+ command: docker run -e CERT_VALIDITY_IN_DAYS=365 -v /tmp/ssl-eg-keys-certs:/certs swr.ap-southeast-1.myhuaweicloud.com/edgegallery/deploy-tool:latest
+ # yamllint disable rule:line-length
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+# tasks file for eg_certs
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Remove generated certificates
+ command: rm -rf /tmp/ssl-eg-keys-certs
+ args:
+ chdir: /tmp/
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Developer chart installing
+ # yamllint disable rule:line-length
+ command: helm install developer-edgegallery edgegallery/developer --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{ vardata.usermgmt_port.name}} --set images.developerFe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/developer-fe --set images.developerBe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/developer-be --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.developerFe.tag={{vardata.eg_image_tag.name}} --set images.developerBe.tag={{vardata.eg_image_tag.name}} --set images.developerFe.pullPolicy=IfNotPresent --set images.developerBe.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+# tasks file for eg_developer
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall developer
+ command: helm uninstall developer-edgegallery
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment setup for edge gallery
+ copy:
+ src: deploy
+ dest: /tmp/eg_helm-repo/
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Helm repo index edgegallery
+ command: helm repo index edgegallery/
+ args:
+ chdir: /tmp/eg_helm-repo/deploy/helm/helm-charts/
+
+- name: Helm repo index stable
+ command: helm repo index stable/
+ args:
+ chdir: /tmp/eg_helm-repo/deploy/helm/helm-charts/
+
+- name: Changing permisiion
+ command: chmod -R 755 /tmp/eg_helm-repo
+
+- name: Creating helm repo
+ # yamllint disable rule:line-length
+ command: docker run --name helm-repo -v /tmp/eg_helm-repo/deploy/helm/helm-charts/:/usr/share/nginx/html:ro -d -p 8080:80 nginx:stable
+ args:
+ chdir: /tmp/eg_helm-repo/deploy/helm/helm-charts/
+
+- name: Helm repo add edgegallery
+ # yamllint disable rule:line-length
+ command: helm repo add edgegallery http://{{ vardata.private_repo_ip.name}}:8080/edgegallery
+ args:
+ chdir: /tmp/eg_helm-repo/deploy/helm/helm-charts/
+
+- name: Helm repo add stable
+ command: helm repo add stable http://{{ vardata.private_repo_ip.name}}:8080/stable
+ args:
+ chdir: /tmp/eg_helm-repo/deploy/helm/helm-charts/
+
+- debug:
+ msg: "Helm repo created"
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_helm_repo_add
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Docker stop helm repo
+ command: docker stop helm-repo
+ ignore_errors: yes
+ no_log: True
+
+- name: Docker rm helm repo
+ command: docker rm helm-repo
+ ignore_errors: yes
+ no_log: True
+
+- name: Remove tmp folder
+ command: rm -rf /tmp/eg_helm-repo
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Install mecm-fe
+ # yamllint disable rule:line-length
+ command: helm install mecm-fe-edgegallery edgegallery/mecm-fe --set global.oauth2.authServerAddress=https://{{ ansible_host }}:{{vardata.usermgmt_port.name}} --set images.mecmFe.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-fe --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.mecmFe.tag={{vardata.eg_image_tag.name}} --set images.mecmFe.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+# tasks file for eg_mecm-fe
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall mecm fe
+ command: helm uninstall mecm-fe-edgegallery
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+CREATE USER inventory WITH PASSWORD 'PASSWORD_VALUE' CREATEDB;
+CREATE DATABASE inventorydb
+ WITH
+ OWNER = inventory
+ ENCODING = 'UTF8'
+ LC_COLLATE = 'en_US.utf8'
+ LC_CTYPE = 'en_US.utf8'
+ TABLESPACE = pg_default
+ CONNECTION LIMIT = -1;
+
+CREATE USER appo WITH PASSWORD 'PASSWORD_VALUE' CREATEDB;
+CREATE DATABASE appodb
+ WITH
+ OWNER = appo
+ ENCODING = 'UTF8'
+ LC_COLLATE = 'en_US.utf8'
+ LC_CTYPE = 'en_US.utf8'
+ TABLESPACE = pg_default
+ CONNECTION LIMIT = -1;
+
+CREATE USER apm WITH PASSWORD 'PASSWORD_VALUE' CREATEDB;
+CREATE DATABASE apmdb
+ WITH
+ OWNER = apm
+ ENCODING = 'UTF8'
+ LC_COLLATE = 'en_US.utf8'
+ LC_CTYPE = 'en_US.utf8'
+ TABLESPACE = pg_default
+ CONNECTION LIMIT = -1;
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment eg_mecm-meo setup for edge gallery eg_mecm-meo
+ copy:
+ src: deploy
+ dest: /tmp/eg_mecm-meo/
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Replacing pwd sql
+ replace:
+ path: /tmp/eg_mecm-meo/deploy/conf/keys/postgres_init.sql
+ regexp: 'PASSWORD_VALUE'
+ replace: "{{ vardata.common_pwd.name }}"
+
+- name: Set a variable
+ ansible.builtin.set_fact:
+ comm_pwd: "{{ vardata.common_pwd.name }}"
+
+- name: Create mecm-ssl-secret with common pwd
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic mecm-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-file=keystore.jks=/tmp/ssl-eg-keys-certs/keystore.jks --from-literal=keystorePassword={{ vardata.common_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-literal=truststorePassword={{ vardata.common_pwd.name}}
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Generates certificate mecm-ssl-secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic mecm-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-file=keystore.jks=/tmp/ssl-eg-keys-certs/keystore.jks --from-literal=keystorePassword={{ vardata.mecm_meo_keystorePassword.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-literal=truststorePassword={{ vardata.mecm_meo_truststorePassword.name}}
+ # yamllint disable rule:line-length
+ when: comm_pwd == ""
+
+- name: Create certificate edgegallery-mecm-secret with common pwd
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic edgegallery-mecm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-meo/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.common_pwd.name}} --from-literal=postgresApmPassword={{ vardata.common_pwd.name}} --from-literal=postgresAppoPassword={{ vardata.common_pwd.name}} --from-literal=postgresInventoryPassword={{ vardata.common_pwd.name}} --from-literal=edgeRepoUserName={{ vardata.mecm_meo_edgeRepoUserName.name}} --from-literal=edgeRepoPassword={{ vardata.mecm_meo_edgeRepoPassword.name}}
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/eg_mecm-meo/deploy/
+ when: comm_pwd != ""
+
+- name: Generates certificate edgegallery-mecm-secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic edgegallery-mecm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-meo/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.mecm_meo_postgresPassword.name}} --from-literal=postgresApmPassword={{ vardata.mecm_meo_postgresApmPassword.name}} --from-literal=postgresAppoPassword={{ vardata.mecm_meo_postgresAppoPassword.name}} --from-literal=postgresInventoryPassword={{ vardata.mecm_meo_postgresInventoryPassword.name}} --from-literal=edgeRepoUserName={{ vardata.mecm_meo_edgeRepoUserName.name}} --from-literal=edgeRepoPassword={{ vardata.mecm_meo_edgeRepoPassword.name}}
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/eg_mecm-meo/deploy/
+ when: comm_pwd == ""
+
+- name: Fs group value
+ shell: 'getent group docker | cut -d: -f3'
+ register: result
+
+- name: Helm install
+ # yamllint disable rule:line-length
+ command: helm install mecm-meo-edgegallery edgegallery/mecm-meo --set ssl.secretName=mecm-ssl-secret --set mecm.secretName=edgegallery-mecm-secret --set images.inventory.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-inventory --set images.appo.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-appo --set images.apm.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-apm --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.inventory.tag={{ vardata.eg_image_tag.name}} --set images.appo.tag={{ vardata.eg_image_tag.name}} --set images.apm.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set images.inventory.pullPolicy=IfNotPresent --set images.appo.pullPolicy=IfNotPresent --set images.apm.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set mecm.docker.fsgroup="{{result.stdout}}"
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_mecm-meo
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall mecm meo
+ command: helm uninstall mecm-meo-edgegallery
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete mecm-ssl-secret and edgegallery-mecm-secret
+ command: kubectl delete secret mecm-ssl-secret edgegallery-mecm-secret
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+CREATE USER lcmcontroller WITH PASSWORD 'PASSWORD_VALUE' CREATEDB;
+CREATE DATABASE lcmcontrollerdb
+ WITH
+ OWNER = lcmcontroller
+ ENCODING = 'UTF8'
+ LC_COLLATE = 'en_US.utf8'
+ LC_CTYPE = 'en_US.utf8'
+ TABLESPACE = pg_default
+ CONNECTION LIMIT = -1;
+
+CREATE USER k8splugin WITH PASSWORD 'PASSWORD_VALUE' CREATEDB;
+CREATE DATABASE k8splugindb
+ WITH
+ OWNER = k8splugin
+ ENCODING = 'UTF8'
+ LC_COLLATE = 'en_US.utf8'
+ LC_CTYPE = 'en_US.utf8'
+ TABLESPACE = pg_default
+ CONNECTION LIMIT = -1;
+
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: fabric8-rbac
+subjects:
+ - kind: ServiceAccount
+ # Reference to upper's `metadata.name`
+ name: default
+ # Reference to upper's `metadata.namespace`
+ namespace: default
+roleRef:
+ kind: ClusterRole
+ name: cluster-admin
+ apiGroup: rbac.authorization.k8s.io
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment eg_mecm-mepm setup for edge gallery eg_mecm-mepm
+ copy:
+ src: deploy
+ dest: /tmp/eg_mecm-mepm/
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Set a variable
+ ansible.builtin.set_fact:
+ comm_pwd: "{{ vardata.common_pwd.name }}"
+
+- name: Replacing password
+ replace:
+ path: /tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql
+ regexp: 'PASSWORD_VALUE'
+ replace: "{{ vardata.common_pwd.name }}"
+
+- name: Create mecm-mepm-ssl-secret secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic mecm-mepm-jwt-public-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/encryptedtls.key
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/ssl-eg-keys-certs/
+
+- name: Create mecm-mepm-ssl-secret secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic mecm-mepm-ssl-secret --from-file=server_tls.key=/tmp/ssl-eg-keys-certs/tls.key --from-file=server_tls.crt=/tmp/ssl-eg-keys-certs/tls.crt --from-file=ca.crt=/tmp/ssl-eg-keys-certs/ca.crt
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/ssl-eg-keys-certs/
+
+- name: Create edgegallery-mepm-secret secret with common pwd
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic edgegallery-mepm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.common_pwd.name}} --from-literal=postgresLcmCntlrPassword={{ vardata.common_pwd.name}} --from-literal=postgresk8sPluginPassword={{ vardata.common_pwd.name}}
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Create edgegallery-mepm-secret secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic edgegallery-mepm-secret --from-file=postgres_init.sql=/tmp/eg_mecm-mepm/deploy/conf/keys/postgres_init.sql --from-literal=postgresPassword={{ vardata.mecm_mepm_postgresPassword.name}} --from-literal=postgresLcmCntlrPassword={{ vardata.mecm_mepm_postgresLcmCntlrPassword.name}} --from-literal=postgresk8sPluginPassword={{ vardata.mecm_mepm_postgresk8sPluginPassword.name}}
+ # yamllint disable rule:line-length
+ when: comm_pwd == ""
+
+- name: Create mepm service account
+ command: kubectl apply -f /tmp/eg_mecm-mepm/deploy/conf/manifest/mepm/mepm-service-account.yaml
+ args:
+ chdir: /tmp/eg_mecm-mepm/deploy/
+
+- name: Install mecm-mepm
+ # yamllint disable rule:line-length
+ command: helm install mecm-mepm-edgegaller edgegallery/mecm-mepm --set jwt.publicKeySecretName=mecm-mepm-jwt-public-secret --set mepm.secretName=edgegallery-mepm-secret --set ssl.secretName=mecm-mepm-ssl-secret --set images.lcmcontroller.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-applcm --set images.k8splugin.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mecm-applcm-k8splugin --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.lcmcontroller.tag={{ vardata.eg_image_tag.name}} --set images.k8splugin.tag={{ vardata.eg_image_tag.name}} --set images.postgres.tag=12.3 --set images.lcmcontroller.pullPolicy=IfNotPresent --set images.k8splugin.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent
+ # yamllint disable rule:line-length
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_mecm-mepm
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Delete mecm-mepm secret
+ command: helm uninstall mecm-mepm-edgegallery
+ ignore_errors: yes
+ no_log: True
+
+- name: Mecm mepm jwt delete
+ # yamllint disable rule:line-length
+ command: kubectl delete secret mecm-mepm-jwt-public-secret mecm-mepm-ssl-secret edgegallery-mepm-secret
+ # yamllint disable rule:line-length
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete mep-service-account
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mecm-mepm/deploy/conf/manifest/mepm/mepm-service-account.yaml
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ namespace: metallb-system
+ name: config
+data:
+ config: |
+ address-pools:
+ - name: address-pool-1
+ protocol: layer2
+ addresses:
+ - 192.168.100.120/32
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+ labels:
+ app: metallb
+ name: controller
+ namespace: metallb-system
+spec:
+ allowPrivilegeEscalation: false
+ allowedCapabilities: []
+ allowedHostPaths: []
+ defaultAddCapabilities: []
+ defaultAllowPrivilegeEscalation: false
+ fsGroup:
+ ranges:
+ - max: 65535
+ min: 1
+ rule: MustRunAs
+ hostIPC: false
+ hostNetwork: false
+ hostPID: false
+ privileged: false
+ readOnlyRootFilesystem: true
+ requiredDropCapabilities:
+ - ALL
+ runAsUser:
+ ranges:
+ - max: 65535
+ min: 1
+ rule: MustRunAs
+ seLinux:
+ rule: RunAsAny
+ supplementalGroups:
+ ranges:
+ - max: 65535
+ min: 1
+ rule: MustRunAs
+ volumes:
+ - configMap
+ - secret
+ - emptyDir
+---
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+ labels:
+ app: metallb
+ name: speaker
+ namespace: metallb-system
+spec:
+ allowPrivilegeEscalation: false
+ allowedCapabilities:
+ - NET_ADMIN
+ - NET_RAW
+ - SYS_ADMIN
+ allowedHostPaths: []
+ defaultAddCapabilities: []
+ defaultAllowPrivilegeEscalation: false
+ fsGroup:
+ rule: RunAsAny
+ hostIPC: false
+ hostNetwork: true
+ hostPID: false
+ hostPorts:
+ - max: 7472
+ min: 7472
+ privileged: true
+ readOnlyRootFilesystem: true
+ requiredDropCapabilities:
+ - ALL
+ runAsUser:
+ rule: RunAsAny
+ seLinux:
+ rule: RunAsAny
+ supplementalGroups:
+ rule: RunAsAny
+ volumes:
+ - configMap
+ - secret
+ - emptyDir
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app: metallb
+ name: controller
+ namespace: metallb-system
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app: metallb
+ name: speaker
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:controller
+rules:
+ - apiGroups:
+ - ''
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+ - update
+ - apiGroups:
+ - ''
+ resources:
+ - services/status
+ verbs:
+ - update
+ - apiGroups:
+ - ''
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - policy
+ resourceNames:
+ - controller
+ resources:
+ - podsecuritypolicies
+ verbs:
+ - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:speaker
+rules:
+ - apiGroups:
+ - ''
+ resources:
+ - services
+ - endpoints
+ - nodes
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - ''
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - policy
+ resourceNames:
+ - speaker
+ resources:
+ - podsecuritypolicies
+ verbs:
+ - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ app: metallb
+ name: config-watcher
+ namespace: metallb-system
+rules:
+ - apiGroups:
+ - ''
+ resources:
+ - configmaps
+ verbs:
+ - get
+ - list
+ - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ labels:
+ app: metallb
+ name: pod-lister
+ namespace: metallb-system
+rules:
+ - apiGroups:
+ - ''
+ resources:
+ - pods
+ verbs:
+ - list
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:controller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: metallb-system:controller
+subjects:
+ - kind: ServiceAccount
+ name: controller
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: metallb-system:speaker
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: metallb-system:speaker
+subjects:
+ - kind: ServiceAccount
+ name: speaker
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: config-watcher
+ namespace: metallb-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: config-watcher
+subjects:
+ - kind: ServiceAccount
+ name: controller
+ - kind: ServiceAccount
+ name: speaker
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app: metallb
+ name: pod-lister
+ namespace: metallb-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: pod-lister
+subjects:
+ - kind: ServiceAccount
+ name: speaker
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ labels:
+ app: metallb
+ component: speaker
+ name: speaker
+ namespace: metallb-system
+spec:
+ selector:
+ matchLabels:
+ app: metallb
+ component: speaker
+ template:
+ metadata:
+ annotations:
+ prometheus.io/port: '7472'
+ prometheus.io/scrape: 'true'
+ labels:
+ app: metallb
+ component: speaker
+ spec:
+ containers:
+ - args:
+ - --port=7472
+ - --config=config
+ env:
+ - name: METALLB_NODE_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: spec.nodeName
+ - name: METALLB_HOST
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+ - name: METALLB_ML_BIND_ADDR
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: METALLB_ML_LABELS
+ value: "app=metallb,component=speaker"
+ - name: METALLB_ML_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: METALLB_ML_SECRET_KEY
+ valueFrom:
+ secretKeyRef:
+ name: memberlist
+ key: secretkey
+ image: metallb/speaker:v0.9.3
+ imagePullPolicy: IfNotPresent
+ name: speaker
+ ports:
+ - containerPort: 7472
+ name: monitoring
+ resources:
+ limits:
+ cpu: 100m
+ memory: 100Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ add:
+ - NET_ADMIN
+ - NET_RAW
+ - SYS_ADMIN
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ hostNetwork: true
+ nodeSelector:
+ beta.kubernetes.io/os: linux
+ serviceAccountName: speaker
+ terminationGracePeriodSeconds: 2
+ tolerations:
+ - effect: NoSchedule
+ key: node-role.kubernetes.io/master
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app: metallb
+ component: controller
+ name: controller
+ namespace: metallb-system
+spec:
+ revisionHistoryLimit: 3
+ selector:
+ matchLabels:
+ app: metallb
+ component: controller
+ template:
+ metadata:
+ annotations:
+ prometheus.io/port: '7472'
+ prometheus.io/scrape: 'true'
+ labels:
+ app: metallb
+ component: controller
+ spec:
+ containers:
+ - args:
+ - --port=7472
+ - --config=config
+ image: metallb/controller:v0.9.3
+ imagePullPolicy: IfNotPresent
+ name: controller
+ ports:
+ - containerPort: 7472
+ name: monitoring
+ resources:
+ limits:
+ cpu: 100m
+ memory: 100Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - all
+ readOnlyRootFilesystem: true
+ nodeSelector:
+ beta.kubernetes.io/os: linux
+ securityContext:
+ runAsNonRoot: true
+ runAsUser: 65534
+ serviceAccountName: controller
+ terminationGracePeriodSeconds: 0
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: metallb-system
+ labels:
+ app: metallb
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+kind: Pod
+apiVersion: v1
+metadata:
+ name: edgegallery-secondary-ep-controller
+ namespace: kube-system
+spec:
+ serviceAccount: edgegallery-secondary-ep-controller
+ containers:
+ - name: edgegallery-secondary-ep-controller
+ image: edgegallery/edgegallery-secondary-ep-controller:latest
+ imagePullPolicy: IfNotPresent
+ command: ["/bin/sh", "-c", "--"]
+ args: ["edgegallery-secondary-ep-controller"]
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+ name: edgegallery-secondary-ep-controller
+ namespace: kube-system
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: multi-ip-controller
+rules:
+ - apiGroups: [""]
+ resources: ["services", "pods"]
+ verbs: ["get", "watch", "list"]
+ - apiGroups: [""]
+ resources: ["endpoints", "events"]
+ verbs: ["*"]
+ - apiGroups: ["k8s.cni.cncf.io"]
+ resources: ["network-attachment-definitions"]
+ verbs: ["*"]
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: watch-update-secondary-endpoints
+subjects:
+ - kind: ServiceAccount
+ name: edgegallery-secondary-ep-controller
+ namespace: kube-system
+roleRef:
+ kind: ClusterRole
+ name: multi-ip-controller
+ apiGroup: rbac.authorization.k8s.io
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ name: network-attachment-definitions.k8s.cni.cncf.io
+spec:
+ group: k8s.cni.cncf.io
+ scope: Namespaced
+ names:
+ plural: network-attachment-definitions
+ singular: network-attachment-definition
+ kind: NetworkAttachmentDefinition
+ shortNames:
+ - net-attach-def
+ versions:
+ - name: v1
+ served: true
+ storage: true
+ schema:
+ openAPIV3Schema:
+ # yamllint disable rule:line-length
+ description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing
+ Working Group to express the intent for attaching pods to one or more logical or physical
+ networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec'
+ # yamllint disable rule:line-length
+ type: object
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this represen
+ tation of an object. Servers should convert recognized schemas to the
+ latest internal value, and may reject unrecognized values. More info:
+ https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: 'NetworkAttachmentDefinition spec defines the desired state of a network attachment'
+ type: object
+ properties:
+ config:
+ description: 'NetworkAttachmentDefinition config is a JSON-formatted CNI configuration'
+ type: string
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: multus
+rules:
+ - apiGroups: ["k8s.cni.cncf.io"]
+ resources:
+ - '*'
+ verbs:
+ - '*'
+ - apiGroups:
+ - ""
+ resources:
+ - pods
+ - pods/status
+ verbs:
+ - get
+ - update
+ - apiGroups:
+ - ""
+ - events.k8s.io
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - update
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: multus
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: multus
+subjects:
+ - kind: ServiceAccount
+ name: multus
+ namespace: kube-system
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: multus
+ namespace: kube-system
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: multus-cni-config
+ namespace: kube-system
+ labels:
+ tier: node
+ app: multus
+data:
+ # NOTE: If you'd prefer to manually apply a configuration file, you may create one here.
+ # In the case you'd like to customize the Multus installation, you should change the arguments to the Multus pod
+ # change the "args" line below from
+ # - "--multus-conf-file=auto"
+ # to:
+ # "--multus-conf-file=/tmp/multus-conf/70-multus.conf"
+ # Additionally -- you should ensure that the name "70-multus.conf" is the alphabetically first name in the
+ # /etc/cni/net.d/ directory on each node, otherwise, it will not be used by the Kubelet.
+ cni-conf.json: |
+ {
+ "name": "multus-cni-network",
+ "type": "multus",
+ "capabilities": {
+ "portMappings": true
+ },
+ "delegates": [
+ {
+ "cniVersion": "0.3.1",
+ "name": "default-cni-network",
+ "plugins": [
+ {
+ "type": "flannel",
+ "name": "flannel.1",
+ "delegate": {
+ "isDefaultGateway": true,
+ "hairpinMode": true
+ }
+ },
+ {
+ "type": "portmap",
+ "capabilities": {
+ "portMappings": true
+ }
+ }
+ ]
+ }
+ ],
+ "kubeconfig": "/etc/cni/net.d/multus.d/multus.kubeconfig"
+ }
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: kube-multus-ds-amd64
+ namespace: kube-system
+ labels:
+ tier: node
+ app: multus
+ name: multus
+spec:
+ selector:
+ matchLabels:
+ name: multus
+ updateStrategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ tier: node
+ app: multus
+ name: multus
+ spec:
+ hostNetwork: true
+ nodeSelector:
+ kubernetes.io/arch: amd64
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ serviceAccountName: multus
+ containers:
+ - name: kube-multus
+ image: docker.io/nfvpe/multus:stable
+ command: ["/entrypoint.sh"]
+ args:
+ - "--multus-conf-file=auto"
+ - "--cni-version=0.3.1"
+ resources:
+ requests:
+ cpu: "100m"
+ memory: "50Mi"
+ limits:
+ cpu: "100m"
+ memory: "50Mi"
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: cni
+ mountPath: /host/etc/cni/net.d
+ - name: cnibin
+ mountPath: /host/opt/cni/bin
+ - name: multus-cfg
+ mountPath: /tmp/multus-conf
+ volumes:
+ - name: cni
+ hostPath:
+ path: /etc/cni/net.d
+ - name: cnibin
+ hostPath:
+ path: /opt/cni/bin
+ - name: multus-cfg
+ configMap:
+ name: multus-cni-config
+ items:
+ - key: cni-conf.json
+ path: 70-multus.conf
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: kube-multus-ds-ppc64le
+ namespace: kube-system
+ labels:
+ tier: node
+ app: multus
+ name: multus
+spec:
+ selector:
+ matchLabels:
+ name: multus
+ updateStrategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ tier: node
+ app: multus
+ name: multus
+ spec:
+ hostNetwork: true
+ nodeSelector:
+ kubernetes.io/arch: ppc64le
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ serviceAccountName: multus
+ containers:
+ - name: kube-multus
+ # ppc64le support requires multus:latest for now. support 3.3 or later.
+ image: docker.io/nfvpe/multus:stable-ppc64le
+ command: ["/entrypoint.sh"]
+ args:
+ - "--multus-conf-file=auto"
+ - "--cni-version=0.3.1"
+ resources:
+ requests:
+ cpu: "100m"
+ memory: "90Mi"
+ limits:
+ cpu: "100m"
+ memory: "90Mi"
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: cni
+ mountPath: /host/etc/cni/net.d
+ - name: cnibin
+ mountPath: /host/opt/cni/bin
+ - name: multus-cfg
+ mountPath: /tmp/multus-conf
+ volumes:
+ - name: cni
+ hostPath:
+ path: /etc/cni/net.d
+ - name: cnibin
+ hostPath:
+ path: /opt/cni/bin
+ - name: multus-cfg
+ configMap:
+ name: multus-cni-config
+ items:
+ - key: cni-conf.json
+ path: 70-multus.conf
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: kube-multus-ds-arm64v8
+ namespace: kube-system
+ labels:
+ tier: node
+ app: multus
+ name: multus
+spec:
+ selector:
+ matchLabels:
+ name: multus
+ updateStrategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ tier: node
+ app: multus
+ name: multus
+ spec:
+ hostNetwork: true
+ nodeSelector:
+ kubernetes.io/arch: arm64
+ tolerations:
+ - operator: Exists
+ effect: NoSchedule
+ serviceAccountName: multus
+ containers:
+ - name: kube-multus
+ image: docker.io/nfvpe/multus:stable-arm64v8
+ command: ["/entrypoint.sh"]
+ args:
+ - "--multus-conf-file=auto"
+ - "--cni-version=0.3.1"
+ resources:
+ requests:
+ cpu: "100m"
+ memory: "90Mi"
+ limits:
+ cpu: "100m"
+ memory: "90Mi"
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - name: cni
+ mountPath: /host/etc/cni/net.d
+ - name: cnibin
+ mountPath: /host/opt/cni/bin
+ - name: multus-cfg
+ mountPath: /tmp/multus-conf
+ volumes:
+ - name: cni
+ hostPath:
+ path: /etc/cni/net.d
+ - name: cnibin
+ hostPath:
+ path: /opt/cni/bin
+ - name: multus-cfg
+ configMap:
+ name: multus-cni-config
+ items:
+ - key: cni-conf.json
+ path: 70-multus.conf
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment setup for edge gallery
+ copy:
+ src: deploy
+ dest: /tmp/eg_mep/
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Set a variable
+ ansible.builtin.set_fact:
+ comm_pwd: "{{ vardata.common_pwd.name }}"
+
+- name: Remove old dir
+ command: rm -rf /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- name: Make dir
+ command: mkdir -p /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- name: Openssl genrsa
+ command: openssl genrsa -out ca.key 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Opnessl req
+ # yamllint disable rule:line-length
+ command: openssl req -new -key ca.key -subj /C=CN/ST=Peking/L=Beijing/O=edgegallery/CN=edgegallery -out ca.csr
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Sing key with ca key and ca crt
+ # yamllint disable rule:line-length
+ command: openssl x509 -req -days 365 -in ca.csr -extensions v3_ca -signkey ca.key -out ca.crt
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl genrsa
+ command: openssl genrsa -out mepserver_tls.key 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa mep tls with common pwd
+ # yamllint disable rule:line-length
+ command: openssl rsa -in /tmp/.mep_tmp_cer/mepserver_tls.key -aes256 -passout pass:{{ vardata.common_pwd.name}} -out /tmp/.mep_tmp_cer/mepserver_encryptedtls.key
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Openssl rsa mep tls
+ # yamllint disable rule:line-length
+ command: openssl rsa -in /tmp/.mep_tmp_cer/mepserver_tls.key -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out /tmp/.mep_tmp_cer/mepserver_encryptedtls.key
+ # yamllint disable rule:line-length
+ when: comm_pwd == ""
+
+- name: Openssl req new key mepserver tls key
+ # yamllint disable rule:line-length
+ command: openssl req -new -key mepserver_tls.key -subj /C=CN/ST=Beijing/L=Beijing/O=edgegallery/CN=edgegallery -out mepserver_tls.csr
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl mepserver tls csr
+ # yamllint disable rule:line-length
+ command: openssl x509 -req -in mepserver_tls.csr -extensions v3_req -CA ca.crt -CAkey ca.key -CAcreateserial -out mepserver_tls.crt
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl genrsa out
+ command: openssl genrsa -out jwt_privatekey 2048
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa jwt privatekey
+ command: openssl rsa -in jwt_privatekey -pubout -out jwt_publickey
+ args:
+ chdir: /tmp/.mep_tmp_cer/
+
+- name: Openssl rsa in jwt with common pwd
+ # yamllint disable rule:line-length
+ command: openssl rsa -in /tmp/.mep_tmp_cer/jwt_privatekey -aes256 -passout pass:{{ vardata.common_pwd.name}} -out /tmp/.mep_tmp_cer/jwt_encrypted_privatekey
+ ignore_errors: yes
+ no_log: True
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Openssl rsa in jwt
+ # yamllint disable rule:line-length
+ command: openssl rsa -in /tmp/.mep_tmp_cer/jwt_privatekey -aes256 -passout pass:{{ vardata.mep_cert_pwd.name}} -out /tmp/.mep_tmp_cer/jwt_encrypted_privatekey
+ # yamllint disable rule:line-length
+ ignore_errors: yes
+ no_log: True
+ when: comm_pwd == ""
+
+- name: Create mep namespace
+ command: kubectl create ns mep
+ args:
+ chdir: /tmp/
+
+- name: Create generic pg secret with common pwd
+ # yamllint disable rule:line-length
+ command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.common_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.mep_kong_pg_pwd.name}}
+ --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt
+ ignore_errors: yes
+ no_log: True
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Create generic pg secret
+ # yamllint disable rule:line-length
+ command: kubectl -n mep create secret generic pg-secret --from-literal=pg_admin_pwd={{ vardata.mep_pg_admin_pwd.name}} --from-literal=kong_pg_pwd={{ vardata.mep_kong_pg_pwd.name}}
+ --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt
+ ignore_errors: yes
+ no_log: True
+ # yamllint disable rule:line-length
+ when: comm_pwd == ""
+
+- name: Create mep generic for mep ssl with common pwd
+ # yamllint disable rule:line-length
+ command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.common_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt
+ --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt
+ ignore_errors: yes
+ no_log: True
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Create mep generic for mep ssl
+ # yamllint disable rule:line-length
+ command: kubectl -n mep create secret generic mep-ssl --from-literal=cert_pwd={{ vardata.mep_cert_pwd.name}} --from-file=server.cer=/tmp/.mep_tmp_cer/mepserver_tls.crt
+ --from-file=server_key.pem=/tmp/.mep_tmp_cer/mepserver_encryptedtls.key --from-file=trust.cer=/tmp/.mep_tmp_cer/ca.crt
+ # yamllint disable rule:line-length
+ when: comm_pwd == ""
+
+- name: Create mep seret generic
+ # yamllint disable rule:line-length
+ command: kubectl -n mep create secret generic mepauth-secret --from-file=server.crt=/tmp/.mep_tmp_cer/mepserver_tls.crt --from-file=server.key=/tmp/.mep_tmp_cer/mepserver_tls.key
+ --from-file=ca.crt=/tmp/.mep_tmp_cer/ca.crt --from-file=jwt_publickey=/tmp/.mep_tmp_cer/jwt_publickey --from-file=jwt_encrypted_privatekey=/tmp/.mep_tmp_cer/jwt_encrypted_privatekey
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/
+
+- name: Remove directory
+ command: rm -rf /tmp/.mep_tmp_cer
+ args:
+ chdir: /tmp/
+
+- debug:
+ msg: Deploy_dns_metallb execution start
+
+- name: Eg_Mep deployment execution of namesapce
+ command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/namespace.yaml
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- name: Eg_Mep deployment execution of metallb
+ command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/metallb.yaml
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- name: Eg_Mep deployment create secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
+ # yamllint disable rule:line-length
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- name: Eg_Mep deployment execution of config-mep
+ command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/metallb/config-map.yaml
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- debug:
+ msg: Deploy_network_isolation_multus execution start
+
+- name: Running multus yaml files
+ command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/multus.yaml
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- name: Running eg-sp-rbac yaml files
+ command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-rbac.yaml
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- name: Replacing image
+ replace:
+ path: /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
+ regexp: 'edgegallery/edgegallery-secondary-ep-controller:latest'
+ replace: "{{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/edgegallery-secondary-ep-controller:latest"
+
+- name: Running eg-sp-controller yaml files
+ # yamllint disable rule:line-length
+ command: kubectl apply -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
+ args:
+ chdir: /tmp/eg_mep/deploy/
+
+- debug:
+ msg: Setup_interfaces execution start
+
+- name: Link eg mep macvlan
+ # yamllint disable rule:line-length
+ command: ip link add eg-mp1 link {{ vardata.edge_management_interface.name}} type macvlan mode bridge
+ args:
+ chdir: /tmp/eg_mep/deploy/
+ ignore_errors: yes
+ no_log: True
+
+- name: Link eg mep macvlan
+ command: ip addr add {{ vardata.eg-management-address.name}} dev eg-mp1
+ args:
+ chdir: /tmp/eg_mep/deploy/
+ ignore_errors: yes
+ no_log: True
+
+- name: Link eg me1 up
+ command: ip link set dev eg-mp1 up
+ args:
+ chdir: /tmp/eg_mep/deploy/
+ ignore_errors: yes
+ no_log: True
+
+- name: Link eg eg mm5 with eth1
+ # yamllint disable rule:line-length
+ command: ip link add eg-mm5 link {{ vardata.edge_dataplane_interface.name}} type macvlan mode bridge
+ args:
+ chdir: /tmp/eg_mep/deploy/
+ ignore_errors: yes
+ no_log: True
+
+- name: Link eg eg mm5 ip addr
+ command: ip addr add {{ vardata.eg-dataplane-address.name}} dev eg-mm5
+ args:
+ chdir: /tmp/eg_mep/deploy/
+ ignore_errors: yes
+ no_log: True
+
+- name: Link eg eg mm5 set dev
+ command: ip link set dev eg-mm5 up
+ args:
+ chdir: /tmp/eg_mep/deploy/
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Pull helm repo start
+
+- name: Edge gallery mep installation pull chart and image
+ # yamllint disable rule:line-length
+ command: helm install mep-edgegallery edgegallery/mep --set networkIsolation.phyInterface.mp1={{ vardata.edge_management_interface.name}} --set networkIsolation.phyInterface.mm5={{ vardata.edge_dataplane_interface.name}} --set images.mep.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mep --set images.mepauth.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mepauth --set images.dns.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/mep-dns-server --set images.kong.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/kong --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/postgres --set images.mep.tag={{ vardata.eg_image_tag.name}} --set images.mepauth.tag={{ vardata.eg_image_tag.name}} --set images.dns.tag={{ vardata.eg_image_tag.name}} --set images.mep.pullPolicy=IfNotPresent --set images.mepauth.pullPolicy=IfNotPresent --set images.dns.pullPolicy=IfNotPresent --set images.kong.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set ssl.secretName=mep-ssl
+ # yamllint disable rule:line-length
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_mep
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall ssl config mep helm chart
+ command: helm uninstall mep-edgegallery
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete ssl config pg secret
+ command: kubectl delete secret pg-secret -n mep
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete ssl config mep ssl
+ command: kubectl delete secret mep-ssl -n mep
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete ssl config mep mep auth
+ command: kubectl delete secret mepauth-secret -n mep
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete ssl config namesapce mep
+ command: kubectl delete ns mep
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation multus eg sp controller
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-controller.yaml
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation multus eg sp rbac
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mep/deploy/conf/edge/network-isolation/eg-sp-rbac.yaml
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation multus
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mep/deploy/conf/edge/network-isolation/multus.yaml
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation eg mp1
+ command: ip link set dev eg-mp1 down
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete nnetwork isolation eg mp1 link
+ command: ip link delete eg-mp1
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation eg mm5
+ command: ip link set dev eg-mm5 down
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation eg mm5 link
+ command: ip link delete eg-mm5
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete network isolation multus rm
+ command: rm -rf /opt/cni/bin/multus
+ ignore_errors: yes
+ no_log: True
+
+- name: Uninstall dns metallb config mep
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mep/deploy/conf/edge/metallb/config-map.yaml
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete dns metallb
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mep/deploy/conf/edge/metallb/metallb.yaml
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete dns metallb namespace
+ # yamllint disable rule:line-length
+ command: kubectl delete -f /tmp/eg_mep/deploy/conf/edge/metallb/namespace.yaml
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete dns namesapce metallb
+ command: kubectl delete secret memberlist -n metallb-system
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#!/bin/bash
+
+function _help_insecure_registry()
+{
+ grep -i "insecure-registries" /etc/docker/daemon.json | grep "REGISTRIES_IP:REGISTRIES_PORT" >/dev/null 2>&1
+ if [ $? != 0 ]; then
+ mkdir -p /etc/docker
+cat <<EOF | tee /etc/docker/daemon.json
+{
+ "insecure-registries" : ["REGISTRIES_IP:REGISTRIES_PORT"]
+}
+EOF
+ service docker restart
+ fi
+}
+
+##############################################################
+############################################
+function main(){
+ _help_insecure_registry
+}
+#########################################
+#skip main in case of source
+ main $@
+######################
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment setup for edge gallery
+ copy:
+ src: deploy
+ dest: /tmp/eg_prerequisite/
+ mode: 750
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Replacing private ip
+ replace:
+ path: /tmp/eg_prerequisite/deploy/eg_daemon.sh
+ regexp: REGISTRIES_IP
+ replace: "{{ vardata.private_repo_ip.name }}"
+
+- name: Replacing private port
+ replace:
+ path: /tmp/eg_prerequisite/deploy/eg_daemon.sh
+ regexp: REGISTRIES_PORT
+ replace: "{{ vardata.docker_registry_port.name }}"
+
+- name: Execute script for docker daemon
+ shell:
+ cmd: /tmp/eg_prerequisite/deploy/eg_daemon.sh
+
+- name: Delete Execute script for docker daemon
+ command: rm -rf /tmp/eg_prerequisite
+
+- name: Certificate copy
+ debug:
+ msg: Copy certificate from ocd to center and edge
+
+- synchronize:
+ src: /tmp/ssl-eg-keys-certs
+ dest: /tmp/
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_prerequisite
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
--- /dev/null
+#!/bin/bash
+TARBALL_PATH=/tmp/eg_registry/deploy/
+
+function _load_and_run_docker_registry()
+{
+
+ docker ps | grep registry >/dev/null
+ if [ $? != 0 ]; then
+ cd "$TARBALL_PATH"/registry
+ docker load --input registry-2.tar.gz
+ docker run -d -p 5000:5000 --restart=always --name registry registry:2
+ fi
+}
+
+function _load_swr_images_and_push_to_private_registry()
+{
+ IP=REGISTRIES_IP
+ PORT="REGISTRIES_PORT"
+ cd "$TARBALL_PATH"/eg_swr_images
+
+ for f in *.tar.gz;
+ do
+ cat $f | docker load
+ IMAGE_NAME=`echo $f|rev|cut -c8-|rev|sed -e "s/\#/:/g" | sed -e "s/\@/\//g"`;
+ docker image tag $IMAGE_NAME $IP:$PORT/$IMAGE_NAME
+ docker push $IP:$PORT/$IMAGE_NAME
+ done
+}
+
+##############################################################
+############################################
+function main(){
+ _load_and_run_docker_registry
+ _load_swr_images_and_push_to_private_registry
+}
+#########################################
+#skip main in case of source
+ main $@
+######################
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Doing deployment setup for edge gallery
+ copy:
+ src: deploy
+ dest: /tmp/eg_registry/
+ mode: 750
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Make dir for arm images
+ command: mkdir -p /tmp/eg_registry/armtarball
+ args:
+ chdir: /tmp/
+
+- name: Set a variable
+ ansible.builtin.set_fact:
+ processor: "{{ vardata.master_edge_processor.name}}"
+
+- name: Downloading based on master_edge_processor value x86_64 tarball
+ command: wget http://release.edgegallery.org/x86/all/0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+ when: processor == "x86_64"
+
+- name: Download 0.9 tar arms based on master_edge_processor value
+ command: wget http://release.edgegallery.org/arm64/all/0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/armtarball/
+ when: ansible_architecture == 'aarch64' and processor == "x86_64"
+
+- name: Download 0.9 tar arms
+ command: wget http://release.edgegallery.org/arm64/all/0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+ when: ansible_architecture == 'aarch64' and processor != "x86_64"
+
+- name: Download 0.9 tar x86
+ command: wget http://release.edgegallery.org/x86/all/0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+ when: ansible_architecture == 'x86_64'
+
+- name: Untar the donwloaded tar
+ command: tar -zxf 0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/deploy/
+
+- name: Untar the donwloaded tar
+ command: tar -zxf 0.9.tar.gz
+ args:
+ chdir: /tmp/eg_registry/armtarball/
+ when: processor == "x86_64"
+
+- name: Registry replaced for cross playform
+ command: rm -rf /tmp/eg_registry/deploy/registry
+ when: processor == "x86_64"
+
+- name: Docker image replaced for cross playform
+ command: rm -rf /tmp/eg_registry/deploy/eg_swr_images/nginx#stable.tar.gz
+ when: processor == "x86_64"
+
+- name: Copy registry from x86 tarball
+ command: cp -r /tmp/eg_registry/armtarball/registry /tmp/eg_registry/deploy/
+ when: processor == "x86_64"
+
+- name: Copy docker image from x86 tarball
+ # yamllint disable rule:line-length
+ command: cp -r /tmp/eg_registry/armtarball/eg_swr_images/nginx#stable.tar.gz /tmp/eg_registry/deploy/eg_swr_images/
+ # yamllint disable rule:line-length
+ when: processor == "x86_64"
+
+- name: Replacing private ip
+ replace:
+ path: /tmp/eg_registry/deploy/load-images.sh
+ regexp: 'REGISTRIES_IP'
+ replace: "{{ vardata.private_repo_ip.name }}"
+
+- name: Replacing private port
+ replace:
+ path: /tmp/eg_registry/deploy/load-images.sh
+ regexp: 'REGISTRIES_PORT'
+ replace: "{{ vardata.docker_registry_port.name }}"
+
+- name: Execute the script
+ shell:
+ cmd: /tmp/eg_registry/deploy/load-images.sh
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_load-iamges
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Stop registry
+ command: docker stop registry
+ ignore_errors: yes
+ no_log: True
+
+- name: Remove registry
+ command: docker rm -v registry
+ ignore_errors: yes
+ no_log: True
+
+- name: Remove tmp file
+ command: rm -rf /tmp/eg_registry
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Generate secret
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic edgegallery-ssl-secret --from-file=keystore.p12=/tmp/ssl-eg-keys-certs/keystore.p12 --from-literal=keystorePassword={{ vardata.common_pwd.name}} --from-literal=keystoreType=PKCS12 --from-literal=keyAlias=edgegallery --from-file=trust.cer=/tmp/ssl-eg-keys-certs/ca.crt --from-file=server.cer=/tmp/ssl-eg-keys-certs/tls.crt --from-file=server_key.pem=/tmp/ssl-eg-keys-certs/encryptedtls.key --from-literal=cert_pwd={{ vardata.common_pwd.name}}
+ args:
+ chdir: /tmp/ssl-eg-keys-certs/
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_secret
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Delete edgegallery ssl secret
+ command: kubectl delete secret edgegallery-ssl-secret
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Helm repo add edgegallery
+ # yamllint disable rule:line-length
+ command: helm repo add edgegallery http://{{ vardata.private_repo_ip.name}}:8080/edgegallery
+
+- name: Helm repo add stable
+ # yamllint disable rule:line-length
+ command: helm repo add stable http://{{ vardata.private_repo_ip.name}}:8080/stable
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_set-helm-repo
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Set a variable
+ ansible.builtin.set_fact:
+ comm_pwd: "{{ vardata.common_pwd.name }}"
+
+- name: Create certificates for usermanagment with common pwd
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.common_pwd.name}}
+ # yamllint disable rule:line-length
+ when: comm_pwd != ""
+
+- name: Generating certificates for usermanagment
+ # yamllint disable rule:line-length
+ command: kubectl create secret generic user-mgmt-jwt-secret --from-file=publicKey=/tmp/ssl-eg-keys-certs/rsa_public_key.pem --from-file=encryptedPrivateKey=/tmp/ssl-eg-keys-certs/encrypted_rsa_private_key.pem --from-literal=encryptPassword={{ vardata.user_mgmt_encryptPassword.name}}
+ # yamllint disable rule:line-length
+ when: comm_pwd == ""
+
+- name: Install user-mgmt
+ # yamllint disable rule:line-length
+ command: helm install user-mgmt-edgegallery edgegallery/usermgmt --set global.oauth2.clients.appstore.clientUrl=https://{{ ansible_host }}:{{vardata.appstore_port.name}},global.oauth2.clients.developer.clientUrl=https://{{ ansible_host }}:{{vardata.developer_port.name}},global.oauth2.clients.mecm.clientUrl=https://{{ ansible_host }}:{{vardata.mecm_port.name}}, --set jwt.secretName=user-mgmt-jwt-secret --set images.usermgmt.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/user-mgmt --set images.postgres.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/postgres --set images.redis.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/redis --set images.initservicecenter.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/curl --set images.usermgmt.tag={{ vardata.eg_image_tag.name}} --set images.usermgmt.pullPolicy=IfNotPresent --set images.postgres.pullPolicy=IfNotPresent --set images.redis.pullPolicy=IfNotPresent --set images.initservicecenter.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for eg_user-mgmt
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall user management
+ command: helm uninstall user-mgmt-edgegallery
+ ignore_errors: yes
+ no_log: True
+
+- name: Delete user-mgmt-jwt-secret
+ command: kubectl delete secret user-mgmt-jwt-secret
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+---
+env:
+ # GF_USERS_DEFAULT_THEME: 'light'
+ GF_SECURITY_ALLOW_EMBEDDING: 'true'
+ GF_AUTH_ANONYMOUS_ENABLED: 'true'
+ GF_AUTH_ANONYMOUS_ORG_ROLE: 'Editor'
+
+service:
+ type: NodePort
+ nodePort: 30000
+
+image:
+ repository: grafana/grafana-arm64v8-linux
+ tag: 6.5.2-ubuntu
+
+datasources:
+ datasources.yaml:
+ apiVersion: 1
+ datasources:
+ - name: MEP
+ type: prometheus
+ access: proxy
+ url: http://mep-prometheus-server.default.svc.cluster.local:80
+
+downloadDashboardsImage:
+ repository: lucashalbert/curl
+ tag: arm64v8-7.66.0-r0
+
+dashboardProviders:
+ dashboardproviders.yaml:
+ apiVersion: 1
+ providers:
+ - name: 'default'
+ orgId: 1
+ folder: ''
+ type: file
+ disableDeletion: false
+ editable: true
+ options:
+ path: /var/lib/grafana/dashboards/default
+
+dashboards:
+ default:
+ cluster-metrics:
+ # yamllint disable rule:line-length
+ json: |
+ {
+ "annotations": {
+ "list": [
+ {
+ "builtIn": 1,
+ "datasource": "-- Grafana --",
+ "enable": true,
+ "hide": true,
+ "iconColor": "rgba(0, 211, 255, 1)",
+ "name": "Annotations & Alerts",
+ "type": "dashboard"
+ }
+ ]
+ },
+ "description": "Summary metrics about containers running on Kubernetes nodes.\r\n\r\nDashboard was taken from here. This version does not reqiure you to\r\nsetup the Kubernetes-app plugin. (https://github.com/grafana/kubernetes-app)\r\n\r\nUse this Helm chart to launch Grafana into a Kubernetes cluster. It will include this dashboard and many more dashboards to give you visibility into the Kubernetes Cluster. (https://github.com/sekka1/cloud-public/tree/master/kubernetes/pods/grafana-helm)",
+ "editable": true,
+ "gnetId": 6417,
+ "graphTooltip": 1,
+ "id": 2,
+ "iteration": 1574675114940,
+ "links": [
+ {
+ "asDropdown": true,
+ "icon": "external link",
+ "includeVars": true,
+ "keepTime": false,
+ "tags": [
+ "kubernetes-app"
+ ],
+ "title": "Dashboards",
+ "type": "dashboards"
+ }
+ ],
+ "panels": [
+ {
+ "collapsed": false,
+ "datasource": null,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 0
+ },
+ "id": 2,
+ "panels": [],
+ "title": "Cluster Health",
+ "type": "row"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "percentunit",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": true,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 4,
+ "w": 6,
+ "x": 0,
+ "y": 1
+ },
+ "id": 4,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_info{node=~\"$node\"}) / sum(kube_node_status_allocatable_pods{node=~\".*\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "80,90",
+ "title": "Cluster Pod Usage",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "percentunit",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": true,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 4,
+ "w": 6,
+ "x": 6,
+ "y": 1
+ },
+ "id": 5,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores{node=~\"$node\"}) / sum(kube_node_status_allocatable_cpu_cores{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "80,90",
+ "title": "Cluster CPU Usage",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "percentunit",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": true,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 4,
+ "w": 6,
+ "x": 12,
+ "y": 1
+ },
+ "id": 6,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes{node=~\"$node\"}) / sum(kube_node_status_allocatable_memory_bytes{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "80,90",
+ "title": "Cluster Memory Usage",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "percentunit",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": true,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 4,
+ "w": 6,
+ "x": 18,
+ "y": 1
+ },
+ "id": 7,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "(sum (node_filesystem_size_bytes{kubernetes_node=~\"$node\"}) - sum (node_filesystem_free_bytes{kubernetes_node=~\"$node\"})) / sum (node_filesystem_size_bytes{kubernetes_node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "80,90",
+ "title": "Cluster Disk Usage",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "MEP",
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 0,
+ "y": 5
+ },
+ "id": 9,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "dataLinks": []
+ },
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum(kube_node_status_allocatable_pods{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "allocatable",
+ "refId": "A"
+ },
+ {
+ "expr": "sum(kube_node_status_capacity_pods{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "capacity",
+ "refId": "B"
+ },
+ {
+ "expr": "sum(kube_pod_info{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "requested",
+ "refId": "C"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Cluster Pod Capacity",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": "pods",
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "MEP",
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 6,
+ "y": 5
+ },
+ "id": 10,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "dataLinks": []
+ },
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum(kube_node_status_capacity_cpu_cores{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "allocatable",
+ "refId": "A"
+ },
+ {
+ "expr": "sum(kube_node_status_allocatable_cpu_cores{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "capacity",
+ "refId": "B"
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "requested",
+ "refId": "C"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Cluster CPU Capacity",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "decimals": null,
+ "format": "none",
+ "label": "cores",
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "MEP",
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 12,
+ "y": 5
+ },
+ "id": 11,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "dataLinks": []
+ },
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum(kube_node_status_allocatable_memory_bytes{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "allocatable",
+ "refId": "A"
+ },
+ {
+ "expr": "sum(kube_node_status_capacity_memory_bytes{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "capacity",
+ "refId": "B"
+ },
+ {
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "requested",
+ "refId": "C"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Cluster Mem Capacity",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "decbytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "MEP",
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 18,
+ "y": 5
+ },
+ "id": 12,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "dataLinks": []
+ },
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum(node_filesystem_size_bytes{kubernetes_node=~\"$node\"}) - sum(node_filesystem_free_bytes{kubernetes_node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "usage",
+ "refId": "A"
+ },
+ {
+ "expr": "sum(node_filesystem_size_bytes{kubernetes_node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "legendFormat": "limit",
+ "refId": "B"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Cluster Disk Capacity",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "decbytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "collapsed": false,
+ "datasource": null,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 10
+ },
+ "id": 14,
+ "panels": [],
+ "title": "Deployments",
+ "type": "row"
+ },
+ {
+ "columns": [
+ {
+ "text": "Current",
+ "value": "current"
+ }
+ ],
+ "datasource": "MEP",
+ "fontSize": "100%",
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 0,
+ "y": 11
+ },
+ "id": 16,
+ "links": [],
+ "options": {},
+ "pageSize": null,
+ "scroll": true,
+ "showHeader": true,
+ "sort": {
+ "col": 1,
+ "desc": true
+ },
+ "styles": [
+ {
+ "alias": "Time",
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "pattern": "Time",
+ "type": "date"
+ },
+ {
+ "alias": "",
+ "colorMode": "row",
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "decimals": 0,
+ "pattern": "Metric",
+ "thresholds": [
+ "0",
+ "0",
+ ".9"
+ ],
+ "type": "string",
+ "unit": "none"
+ },
+ {
+ "alias": "",
+ "colorMode": "row",
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "dateFormat": "YYYY-MM-DD HH:mm:ss",
+ "decimals": 0,
+ "link": false,
+ "pattern": "Value",
+ "thresholds": [
+ "0",
+ "1"
+ ],
+ "type": "number",
+ "unit": "none"
+ }
+ ],
+ "targets": [
+ {
+ "expr": "kube_deployment_status_replicas{namespace=~\"$namespace\"}",
+ "format": "time_series",
+ "instant": true,
+ "interval": "",
+ "intervalFactor": 1,
+ "legendFormat": "{{ deployment }}",
+ "refId": "A"
+ }
+ ],
+ "title": "Deployment Replicas - Up To Date",
+ "transform": "timeseries_to_rows",
+ "type": "table"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 6,
+ "y": 11
+ },
+ "id": 18,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_deployment_status_replicas{namespace=~\"$namespace\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Deployment Replicas",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "avg"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 12,
+ "y": 11
+ },
+ "id": 19,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_deployment_status_replicas_updated{namespace=~\"$namespace\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Deployment Replicas - Updated",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "avg"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 5,
+ "w": 6,
+ "x": 18,
+ "y": 11
+ },
+ "id": 20,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_deployment_status_replicas_unavailable{namespace=~\"$namespace\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Deployment Replicas - Unavailable",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "avg"
+ },
+ {
+ "collapsed": false,
+ "datasource": null,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 16
+ },
+ "id": 22,
+ "panels": [],
+ "title": "Node",
+ "type": "row"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 8,
+ "x": 0,
+ "y": 17
+ },
+ "id": 24,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_node_info{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Number Of Nodes",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "avg"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": true,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 8,
+ "x": 8,
+ "y": 17
+ },
+ "id": 25,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_node_status_condition{condition=\"OutOfDisk\", node=~\"$node\", status=\"true\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "1",
+ "title": "Nodes Out of Disk",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": true,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 8,
+ "x": 16,
+ "y": 17
+ },
+ "id": 26,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": false
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_node_spec_unschedulable{node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "1",
+ "title": "Nodes Unavailable",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "collapsed": false,
+ "datasource": null,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 20
+ },
+ "id": 28,
+ "panels": [],
+ "title": "Pods",
+ "type": "row"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 12,
+ "x": 0,
+ "y": 21
+ },
+ "id": 30,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(78, 203, 42, 0.28)",
+ "full": false,
+ "lineColor": "#629e51",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_status_phase{namespace=~\"$namespace\", phase=\"Running\"})",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Pods Running",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 12,
+ "x": 12,
+ "y": 21
+ },
+ "id": 31,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(78, 203, 42, 0.28)",
+ "full": false,
+ "lineColor": "#629e51",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_status_phase{namespace=~\"$namespace\", phase=\"Pending\"})",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Pods Pending",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 8,
+ "x": 0,
+ "y": 24
+ },
+ "id": 32,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(78, 203, 42, 0.28)",
+ "full": false,
+ "lineColor": "#629e51",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_status_phase{namespace=~\"$namespace\", phase=\"Failed\"})",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Pods Failed",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 8,
+ "x": 8,
+ "y": 24
+ },
+ "id": 33,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(78, 203, 42, 0.28)",
+ "full": false,
+ "lineColor": "#629e51",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_status_phase{namespace=~\"$namespace\", phase=\"Succeeded\"})",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Pods Succeeded",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 8,
+ "x": 16,
+ "y": 24
+ },
+ "id": 34,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(78, 203, 42, 0.28)",
+ "full": false,
+ "lineColor": "#629e51",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_status_phase{namespace=~\"$namespace\", phase=\"Unknown\"})",
+ "format": "time_series",
+ "interval": "",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Pods Unknown",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "collapsed": false,
+ "datasource": null,
+ "gridPos": {
+ "h": 1,
+ "w": 24,
+ "x": 0,
+ "y": 27
+ },
+ "id": 36,
+ "panels": [],
+ "title": "Containers",
+ "type": "row"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 6,
+ "x": 0,
+ "y": 28
+ },
+ "id": 38,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_status_running{namespace=~\"$namespace\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Containers Running",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 6,
+ "x": 6,
+ "y": 28
+ },
+ "id": 39,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_status_waiting{namespace=~\"$namespace\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Containers Waiting",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 6,
+ "x": 12,
+ "y": 28
+ },
+ "id": 40,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_status_terminated{namespace=~\"$namespace\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Containers Terminated",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 6,
+ "x": 18,
+ "y": 28
+ },
+ "id": 41,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(delta(kube_pod_container_status_restarts_total{namespace=\"kube-system\"}[30m]))",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Containers Restarts (Last 30 Minutes)",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "none",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 12,
+ "x": 0,
+ "y": 31
+ },
+ "id": 43,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_resource_requests_cpu_cores{kubernetes_namespace=~\"$namespace\", node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "CPU Cores Requested by Containers",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": false,
+ "colors": [
+ "#299c46",
+ "rgba(237, 129, 40, 0.89)",
+ "#d44a3a"
+ ],
+ "datasource": "MEP",
+ "format": "decbytes",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "gridPos": {
+ "h": 3,
+ "w": 12,
+ "x": 12,
+ "y": 31
+ },
+ "id": 42,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "options": {},
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum(kube_pod_container_resource_requests_memory_bytes{namespace=~\"kube-system\", node=~\"$node\"})",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": "",
+ "title": "Memory Requested By Containers",
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ }
+ ],
+ "refresh": false,
+ "schemaVersion": 20,
+ "style": "dark",
+ "tags": [
+ "kubernetes",
+ "kubernetes-app"
+ ],
+ "templating": {
+ "list": [
+ {
+ "current": {
+ "text": "No data sources found",
+ "value": ""
+ },
+ "hide": 2,
+ "includeAll": false,
+ "label": "",
+ "multi": false,
+ "name": "datasource",
+ "options": [],
+ "query": "prometheus",
+ "refresh": 1,
+ "regex": "/$ds/",
+ "skipUrlSync": false,
+ "type": "datasource"
+ },
+ {
+ "allValue": ".*",
+ "current": {
+ "tags": [],
+ "text": "All",
+ "value": "$__all"
+ },
+ "datasource": "MEP",
+ "definition": "label_values(kube_pod_info, kubernetes_node)",
+ "hide": 0,
+ "includeAll": true,
+ "label": null,
+ "multi": false,
+ "name": "node",
+ "options": [],
+ "query": "label_values(kube_pod_info, kubernetes_node)",
+ "refresh": 2,
+ "regex": "",
+ "skipUrlSync": false,
+ "sort": 0,
+ "tagValuesQuery": "",
+ "tags": [],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ },
+ {
+ "allValue": ".*",
+ "current": {
+ "text": "All",
+ "value": "$__all"
+ },
+ "datasource": "MEP",
+ "definition": "label_values(kube_pod_info, kubernetes_namespace)",
+ "hide": 0,
+ "includeAll": true,
+ "label": null,
+ "multi": false,
+ "name": "namespace",
+ "options": [],
+ "query": "label_values(kube_pod_info, kubernetes_namespace)",
+ "refresh": 2,
+ "regex": "",
+ "skipUrlSync": false,
+ "sort": 0,
+ "tagValuesQuery": "",
+ "tags": [],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
+ ]
+ },
+ "time": {
+ "from": "now-30m",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ]
+ },
+ "timezone": "browser",
+ "title": "MEP Cluster Metrics",
+ "uid": "4XuMd2Iiz",
+ "version": 10
+ }
+ pod-metrics:
+ json: |
+ {
+ "annotations": {
+ "list": [
+ {
+ "builtIn": 1,
+ "datasource": "-- Grafana --",
+ "enable": true,
+ "hide": true,
+ "iconColor": "rgba(0, 211, 255, 1)",
+ "name": "Annotations & Alerts",
+ "type": "dashboard"
+ }
+ ]
+ },
+ "description": "A dashboard to view pod metrics by namespace and pod names.\r\n\r\nUse this Helm chart to launch Grafana into a Kubernetes cluster. It will include this dashboard and many more dashboards to give you visibility into the Kubernetes Cluster. (https://github.com/sekka1/cloud-public/tree/master/kubernetes/pods/grafana-helm)",
+ "editable": true,
+ "gnetId": 6336,
+ "graphTooltip": 0,
+ "id": 4,
+ "iteration": 1574675785610,
+ "links": [],
+ "panels": [
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "MEP",
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 9,
+ "w": 23,
+ "x": 0,
+ "y": 0
+ },
+ "id": 2,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "dataLinks": []
+ },
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "avg(irate(container_cpu_usage_seconds_total{pod!=\"\", pod=~\"[[pod_name]].*\", namespace=~\"[[namespace]].*\"}[5m]) * 100) by (pod)",
+ "format": "time_series",
+ "hide": false,
+ "intervalFactor": 1,
+ "legendFormat": "",
+ "refId": "A"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "CPU",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "datasource": "MEP",
+ "fill": 1,
+ "fillGradient": 0,
+ "gridPos": {
+ "h": 10,
+ "w": 23,
+ "x": 0,
+ "y": 9
+ },
+ "id": 4,
+ "legend": {
+ "avg": false,
+ "current": false,
+ "max": false,
+ "min": false,
+ "show": true,
+ "total": false,
+ "values": false
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "options": {
+ "dataLinks": []
+ },
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (container_memory_working_set_bytes{pod!=\"\", pod=~\"[[pod_name]].*\", namespace=~\"[[namespace]].*\"}) by (pod)",
+ "format": "time_series",
+ "intervalFactor": 1,
+ "refId": "A"
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeRegions": [],
+ "timeShift": null,
+ "title": "Memory",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ],
+ "yaxis": {
+ "align": false,
+ "alignLevel": null
+ }
+ }
+ ],
+ "refresh": false,
+ "schemaVersion": 20,
+ "style": "dark",
+ "tags": [],
+ "templating": {
+ "list": [
+ {
+ "allValue": ".*",
+ "current": {
+ "tags": [],
+ "text": "All",
+ "value": "$__all"
+ },
+ "datasource": "MEP",
+ "definition": "label_values(kube_pod_info, kubernetes_namespace)",
+ "hide": 0,
+ "includeAll": true,
+ "label": null,
+ "multi": false,
+ "name": "namespace",
+ "options": [],
+ "query": "label_values(kube_pod_info, kubernetes_namespace)",
+ "refresh": 2,
+ "regex": "",
+ "skipUrlSync": false,
+ "sort": 0,
+ "tagValuesQuery": "",
+ "tags": [],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ },
+ {
+ "allValue": ".*",
+ "current": {
+ "text": "All",
+ "value": "$__all"
+ },
+ "datasource": "MEP",
+ "definition": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+ "hide": 0,
+ "includeAll": true,
+ "label": null,
+ "multi": false,
+ "name": "pod_name",
+ "options": [],
+ "query": "label_values(kube_pod_info{namespace=\"$namespace\"}, pod)",
+ "refresh": 2,
+ "regex": "",
+ "skipUrlSync": false,
+ "sort": 0,
+ "tagValuesQuery": "",
+ "tags": [],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
+ ]
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ]
+ },
+ "timezone": "",
+ "title": "MEP Pods Metrics",
+ "uid": "-7mPcYniz",
+ "version": 10
+ }
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if grafana is already installed
+ shell:
+ cmd: helm status mec-grafana
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: grafana is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , Grafana not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: "INSTALL: Install grafana on x86_64"
+ shell:
+ cmd: helm install mec-grafana stable/grafana
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: copy values.yaml to host"
+ copy:
+ src: values.yaml
+ dest: /tmp/grafana/
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Install grafana on aarch64"
+ shell:
+ cmd: helm install mec-grafana stable/grafana -f /tmp/grafana/values.yaml
+ when: result is failed and ansible_architecture == 'aarch64'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+ #- include: "uninstall.yml"
+ #when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if grafana is installed before deleting
+ shell:
+ cmd: helm status mec-grafana
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Uninstalling docker...
+ when: result.stdout != ""
+
+- debug:
+ msg: Ignore Uninstall Log , Grafana not installed
+ when: result.stdout == ""
+
+- name: Uninstall grafana
+ shell:
+ cmd: helm uninstall mec-grafana
+ when: result is succeeded
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+- name: check whether helm is already installed
+ command: which helm
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: helm is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , Helm not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: "INSTALL: Helm download command on x86_64"
+ command: wget https://get.helm.sh/helm-v3.0.2-linux-amd64.tar.gz
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: Untar helm on x86_64"
+ command: tar -zxvf helm-v3.0.2-linux-amd64.tar.gz
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: Helm move to bin folder on x86_64"
+ command: mv linux-amd64/helm /usr/local/bin/
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: Helm download command on aarch64"
+ command: wget https://get.helm.sh/helm-v3.0.2-linux-arm64.tar.gz
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Untar helm on aarch64"
+ command: tar -zxvf helm-v3.0.2-linux-arm64.tar.gz
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Helm move to bin folder on aarch64"
+ command: mv linux-arm64/helm /usr/local/bin/
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Add helm repo"
+# yamllint disable rule:line-length
+ command: helm repo add stable https://kubernetes-charts.storage.googleapis.com/
+# yamllint disable rule:line-length
+ when: result is failed
+
+- name: "INSTALL: Updated helm repo"
+ command: helm repo update
+ when: result is failed
+
+- name: "INSTALLED List helm repo"
+ command: helm repo list
+ when: result is failed
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+---
+
+# tasks file for helm
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check whether helm is installed before deleting
+ command: which helm
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Uninstalling helm...
+ when: result.stdout != ""
+
+- debug:
+ msg: Ignore Uninstall Log ,Helm not installed
+ when: result.stdout == ""
+
+- name: "UNINSTALL: Helm Uninstall on x86_64"
+ command: rm -rf linux-amd64/helm
+ when: result is succeeded and ansible_architecture == 'x86_64'
+
+- name: "UNINSTALL: Remove download helm file on x86_64"
+ command: rm ~/helm-v3.0.2-linux-amd64.tar.gz
+ when: result is succeeded and ansible_architecture == 'x86_64'
+
+- name: "UNINSTALL: Helm Uninstall on aarch64"
+ command: rm -rf linux-arm64/helm
+ ignore_errors: yes
+ no_log: True
+ when: result is succeeded and ansible_architecture == 'aarch64'
+
+- name: "UNINSTALL: Remove download helm file on aarch64"
+ command: rm helm-v3.0.2-linux-arm64.tar.gz
+ ignore_errors: yes
+ no_log: True
+ when: result is succeeded and ansible_architecture == 'aarch64'
+
+- name: "UNINSTALL: Remove helm from bin"
+ command: rm /usr/local/bin/helm
+ ignore_errors: yes
+ no_log: True
+ when: result is succeeded
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check whether k3s is already installed
+ shell:
+ cmd: which k3s
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: k3s is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , k3s not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- debug:
+ msg: K3 Installation started on {{ ansible_facts['distribution'] }} MEP Node
+
+- name: "INSTALL: Disabling firewall for successfull k3s installation on CentOs"
+ shell:
+ cmd: systemctl stop firewalld
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+
+- name: "INSTALL: install container-selinux"
+ shell:
+ cmd: yum install -y container-selinux selinux-policy-base
+ when: ansible_facts['distribution'] == "CentOS" and result is failed
+ ignore_errors: true
+
+- name: "INSTALL: get interface name"
+ shell:
+ cmd: ip a |grep {{ ansible_host }} |awk '{print $NF}'
+ register: ifName
+ when: result is failed
+
+# yamllint disable rule:line-length
+- name: "INSTALL: install k3s"
+ shell:
+ cmd: curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--node-ip={{ ansible_host }} --node-external-ip={{ ansible_host }} --bind-address={{ ansible_host }} --flannel-iface=eth0 --docker --no-deploy=servicelb --no-deploy=traefik --write-kubeconfig-mode 644 --kube-apiserver-arg="service-node-port-range=30000-36000"" sh -
+ when: result is failed
+
+# yamllint disable rule:line-length
+
+#- name: "INSTALL: install k3s"
+# shell:
+# cmd: curl -sfL https://get.k3s.io | sh -
+# when: result is failed
+
+- name: "INSTALL: create .kube dir"
+ shell:
+ cmd: mkdir -p $HOME/.kube/
+ when: result is failed
+
+- name: "INSTALL: copy kubeconfig"
+ shell:
+ cmd: cp /etc/rancher/k3s/k3s.yaml $HOME/.kube/config
+ when: result is failed
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check whether k3s is already installed
+ shell:
+ cmd: which k3s
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Uninstalling k3s...
+ when: result.stdout != ""
+
+- debug:
+ msg: "UNINSTALL: Ignore Uninstall Log , K3s not installed"
+ when: result.stdout == ""
+
+- name: "UNINSTALL: kill k3s"
+ shell:
+ cmd: k3s-killall.sh
+ when: result is succeeded
+
+- name: "UNINSTALL: uninstall k3s"
+ shell:
+ cmd: k3s-uninstall.sh
+ when: result is succeeded
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for k8s
+- name: Check whether k8s is already installed
+ command: which k8s
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: k8s is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , k8s not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: Install k8s
+ shell:
+# yamllint disable rule:line-length
+ cmd: ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root cluster.yml
+# yamllint disable rule:line-length
+ chdir: /root/eliotkubesprey/kubespray/
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for k8s
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# Uninstall file for k8s
+- name: Check whether k8s is already installed
+ command: kubectl version
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: k8s is already present
+ when: result.stdout != ""
+
+- name: Remove k8s
+ shell:
+ cmd: yes | ansible-playbook -i inventory/mycluster/hosts.yaml reset.yml
+ chdir: /root/eliotkubesprey/kubespray/
+ when: result.stdout != ""
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for transferring kubeconfig files
+- name: debug msg
+ debug:
+ msg: transfering config file to OCD Host
+
+- name: Fetch the file from the controller and edge nodes to ocd-host
+ fetch:
+ src: /root/.kube/config
+ dest: /root/.kube/config-{{ ansible_host }}
+ flat: yes
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for kubeconfig transfer
+- include: "install.yml"
+ when: operation == 'install'
+
+#- include: "uninstall.yml"
+ #when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for k3s kube-config file transfer
+- name: debug msg
+ debug:
+ msg: transfering mep config file to OCD Host
+
+- name: Fetch the file from the mep edge nodes to ocd-host
+ fetch:
+ src: /root/.kube/config
+ dest: /root/.kube/kubeconfig/{{ ansible_host }}
+ flat: yes
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for kubeconfig transfer
+- include: "install.yml"
+ when: operation == 'install'
--- /dev/null
+---
+alertmanager:
+ image:
+ tag: v0.18.0
+
+kubeStateMetrics:
+ image:
+ repository: carlosedp/kube-state-metrics
+ tag: v1.7.2
+
+pushgateway:
+ image:
+ tag: v1.0.1
+
+server:
+ image:
+ tag: v2.15.2
+
+nodeExporter:
+ image:
+ tag: v0.18.1
+
+configmapReload:
+ image:
+ repository: jimmidyson/configmap-reload
+ tag: latest-arm64
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if prometheus is already installed
+ shell:
+ cmd: helm status mep-prometheus
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: prometheus is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , prometheus not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: "INSTALL: Install prometheus on x86_64"
+ shell:
+ cmd: helm install mep-prometheus stable/prometheus --version v9.3.1
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: copy values.yaml to host"
+ copy:
+ src: values.yaml
+ dest: /tmp/prometheus/
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Install prometheus on aarch64"
+ shell:
+ cmd: 'helm install mep-prometheus
+ stable/prometheus -f /tmp/prometheus/values.yaml --version v9.3.1'
+ when: result is failed and ansible_architecture == 'aarch64'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+ #- include: "uninstall.yml"
+ #static: false
+ #when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if prometheus is installed before deleting
+ shell:
+ cmd: helm status mep-prometheus
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Uninstalling prometheus...
+ when: result.stdout != ""
+
+- debug:
+ msg: Ignore Uninstall Log , Prometheus not installed
+ when: result.stdout == ""
+
+- name: Uninstall prometheus
+ shell:
+ cmd: helm uninstall mep-prometheus
+ when: result is succeeded
--- /dev/null
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: rabbitmq-config
+ namespace: default
+data:
+ enabled_plugins: |
+ [rabbitmq_management,rabbitmq_peer_discovery_k8s].
+ rabbitmq.conf: |
+ cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
+ cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
+ cluster_formation.k8s.address_type = hostname
+ cluster_formation.node_cleanup.interval = 30
+ cluster_formation.node_cleanup.only_log_warning = true
+ cluster_partition_handling = autoheal
+ queue_master_locator=min-masters
+ loopback_users.guest = false
+ default_user=admin
+ default_pass=admin
--- /dev/null
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: default
--- /dev/null
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: rabbitmq
+ namespace: default
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: rabbitmq-peer-discovery-rbac
+ namespace: default
+rules:
+ - apiGroups: [""]
+ resources: ["endpoints"]
+ verbs: ["get"]
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: rabbitmq-peer-discovery-rbac
+ namespace: default
+subjects:
+ - kind: ServiceAccount
+ name: rabbitmq
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: rabbitmq-peer-discovery-rbac
--- /dev/null
+---
+kind: Service
+apiVersion: v1
+metadata:
+ namespace: default
+ name: rabbitmq
+ labels:
+ app: rabbitmq
+ type: LoadBalancer
+spec:
+ type: NodePort
+ ports:
+ - name: http
+ protocol: TCP
+ port: 15672
+ targetPort: 15672
+ nodePort: 31672
+ - name: amqp
+ protocol: TCP
+ port: 5672
+ targetPort: 5672
+ nodePort: 30672
+ selector:
+ app: rabbitmq
--- /dev/null
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: rabbitmq
+ namespace: default
+spec:
+ serviceName: rabbitmq
+ replicas: 3
+ selector:
+ matchLabels:
+ app: rabbitmq
+ template:
+ metadata:
+ labels:
+ app: rabbitmq
+ spec:
+ serviceAccountName: rabbitmq
+ terminationGracePeriodSeconds: 10
+ nodeSelector:
+ kubernetes.io/os: linux
+ containers:
+ - name: rabbitmq-k8s
+ image: arm64v8/rabbitmq:3.7-management-alpine
+ volumeMounts:
+ - name: config-volume
+ mountPath: /etc/rabbitmq
+ ports:
+ - name: http
+ protocol: TCP
+ containerPort: 15672
+ - name: amqp
+ protocol: TCP
+ containerPort: 5672
+ livenessProbe:
+ exec:
+ command: ["rabbitmq-diagnostics", "status"]
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ timeoutSeconds: 15
+ readinessProbe:
+ exec:
+ command: ["rabbitmq-diagnostics", "status"]
+ initialDelaySeconds: 20
+ periodSeconds: 60
+ timeoutSeconds: 10
+ imagePullPolicy: Always
+ env:
+ - name: MY_POD_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.name
+ - name: MY_POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: RABBITMQ_USE_LONGNAME
+ value: "true"
+ - name: K8S_SERVICE_NAME
+ value: rabbitmq
+ - name: RABBITMQ_NODENAME
+ # yamllint disable rule:line-length
+ value: rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
+ # yamllint enable rule:line-length
+ - name: K8S_HOSTNAME_SUFFIX
+ value: .$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
+ - name: RABBITMQ_ERLANG_COOKIE
+ value: "dW5pcXVlLWVybGFuZy1jb29raWU="
+ volumes:
+ - name: config-volume
+ configMap:
+ name: rabbitmq-config
+ items:
+ - key: rabbitmq.conf
+ path: rabbitmq.conf
+ - key: enabled_plugins
+ path: enabled_plugins
--- /dev/null
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: rabbitmq
+ namespace: default
+spec:
+ serviceName: rabbitmq
+ replicas: 3
+ selector:
+ matchLabels:
+ app: rabbitmq
+ template:
+ metadata:
+ labels:
+ app: rabbitmq
+ spec:
+ serviceAccountName: rabbitmq
+ terminationGracePeriodSeconds: 10
+ nodeSelector:
+ kubernetes.io/os: linux
+ containers:
+ - name: rabbitmq-k8s
+ image: rabbitmq:3.7-management-alpine
+ volumeMounts:
+ - name: config-volume
+ mountPath: /etc/rabbitmq
+ ports:
+ - name: http
+ protocol: TCP
+ containerPort: 15672
+ - name: amqp
+ protocol: TCP
+ containerPort: 5672
+ livenessProbe:
+ exec:
+ command: ["rabbitmq-diagnostics", "status"]
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ timeoutSeconds: 15
+ readinessProbe:
+ exec:
+ command: ["rabbitmq-diagnostics", "status"]
+ initialDelaySeconds: 20
+ periodSeconds: 60
+ timeoutSeconds: 10
+ imagePullPolicy: Always
+ env:
+ - name: MY_POD_NAME
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.name
+ - name: MY_POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: RABBITMQ_USE_LONGNAME
+ value: "true"
+ - name: K8S_SERVICE_NAME
+ value: rabbitmq
+ - name: RABBITMQ_NODENAME
+ # yamllint disable rule:line-length
+ value: rabbit@$(MY_POD_NAME).$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
+ # yamllint enable rule:line-length
+ - name: K8S_HOSTNAME_SUFFIX
+ value: .$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.cluster.local
+ - name: RABBITMQ_ERLANG_COOKIE
+ value: "dW5pcXVlLWVybGFuZy1jb29raWU="
+ volumes:
+ - name: config-volume
+ configMap:
+ name: rabbitmq-config
+ items:
+ - key: rabbitmq.conf
+ path: rabbitmq.conf
+ - key: enabled_plugins
+ path: enabled_plugins
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if rabbitmq is already installed
+ shell:
+ cmd: kubectl get pods rabbitmq-0
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: rabbitmq is already present
+ when: result.stdout != ""
+
+- debug:
+# yamllint disable rule:line-length
+ msg: Ignore Uninstall Log , rabbitmq not installed continue with Installation
+# yamllint disable rule:line-length
+ when: result.stdout == ""
+
+- name: "INSTALL: copy common folder to host for rabbitmq installation"
+ copy:
+ src: common
+ dest: /tmp/rabbitmq/
+ when: result is failed
+
+- name: "INSTALL: Install common for rabbitmq installation"
+ shell:
+ cmd: kubectl apply -f /tmp/rabbitmq/common
+ when: result is failed
+
+- name: "INSTALL: copy statefulset_x86.yaml to host for rabbitmq installation"
+ copy:
+ src: statefulset_x86.yaml
+ dest: /tmp/rabbitmq/
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: Install rabbitmq on x86_64"
+ shell:
+ cmd: kubectl apply -f /tmp/rabbitmq/statefulset_x86.yaml
+ when: result is failed and ansible_architecture == 'x86_64'
+
+- name: "INSTALL: copy statefulset_arm.yaml to host for rabbitmq installation"
+ copy:
+ src: statefulset_arm.yaml
+ dest: /tmp/rabbitmq/
+ when: result is failed and ansible_architecture == 'aarch64'
+
+- name: "INSTALL: Install rabbitmq on aarch64"
+ shell:
+ cmd: kubectl apply -f /tmp/rabbitmq/statefulset_arm.yaml
+ when: result is failed and ansible_architecture == 'aarch64'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+ #- include: "uninstall.yml"
+ #static: false
+ #when: operation == 'uninstall'
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+- name: check if rabbitmq is installed before deleting
+ shell:
+ cmd: kubectl get pods rabbitmq-0
+ register: result
+ ignore_errors: yes
+ no_log: True
+
+- debug:
+ msg: Uninstalling rabbitmq...
+ when: result.stdout != ""
+
+- debug:
+ msg: Ignore Uninstall Log , Rabbitmq not installed
+ when: result.stdout == ""
+
+- name: Uninstalling rabbitmq
+ shell:
+ cmd: kubectl delete -f /tmp/rabbitmq/common
+ when: result is succeeded
+
+- name: Uninstall rabbitmq on x86_64
+ shell:
+ cmd: kubectl delete -f /tmp/rabbitmq/statefulset_x86.yaml
+ when: result is succeeded and ansible_architecture == 'x86_64'
+
+- name: Uninstall rabbitmq on aarch64
+ shell:
+ cmd: kubectl delete -f /tmp/rabbitmq/statefulset_arm.yaml
+ when: result is succeeded and ansible_architecture == 'aarch64'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Import config file
+ include_vars:
+ file: ../../../config.yml
+ name: vardata
+
+- name: Install service center
+ # yamllint disable rule:line-length
+ command: helm install service-center-edgegallery edgegallery/servicecenter --set images.repository={{ vardata.private_repo_ip.name}}:{{ vardata.docker_registry_port.name}}/edgegallery/service-center --set images.pullPolicy=IfNotPresent --set global.ssl.enabled=true --set global.ssl.secretName=edgegallery-ssl-secret
+ # yamllint disable rule:line-length
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+# tasks file for service-center
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+- include: "uninstall.yml"
+ static: false
+ when: operation == 'uninstall'
--- /dev/null
+#
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+---
+
+- name: Uninstall service center
+ command: helm uninstall service-center-edgegallery
+ ignore_errors: yes
+ no_log: True
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: "INSTALL: Add Vault repo"
+# yamllint disable rule:line-length
+ command: helm repo add hashicorp https://helm.releases.hashicorp.com
+# yamllint disable rule:line-length
+
+- name: "INSTALL: Vault "
+ command: helm install vault hashicorp/vault
+
+
+- name: "Installing ...Vault "
+ command: sleep 10
+
+- name: "Initialize Vault POD and Unseal Key"
+ shell:
+# yamllint disable rule:line-length
+ cmd: kubectl exec -ti vault-0 -- vault operator unseal $(kubectl exec vault-0 -- vault operator init -key-shares=1 -key-threshold=1 -format="" | grep -i "unseal key 1" | awk '{print $4}')
+# yamllint enable rule:line-length
--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+# tasks file for Vault
+- include: "install.yml"
+ static: false
+ when: operation == 'install'
+
+#- include: "uninstall.yml"
+ #when: operation == 'uninstall'
Code Review / eliot.git / commitdiff