sa_8001/cmoa_installer_ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rel3.5.6

Browse Source
This commit is contained in:
ByeonJungHun
2024-03-21 10:42:44 +09:00
parent e7f5e332be
commit 49d78dd023
5 changed files with 437 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmoa_install.yaml
View File

@@ -3,9 +3,9 @@
become: true become: true
gather_facts: true gather_facts: true
environment: environment:
KUBECONFIG: /root/.kube/ansible_config KUBECONFIG: /Users/byeonjunghun/.kube/ansible_config
vars: vars:
REGISTRY: 10.10.43.224:5000/cmoa3 REGISTRY: 10.10.43.200:5000/cmoa3
REPO: "nexus" # dockerhub or nexus REPO: "nexus" # dockerhub or nexus
roles: roles:
- role: cmoa_install - role: cmoa_install

6
inventory
View File

@@ -1,11 +1,11 @@
[master] [master]
10.10.43.200 10.10.43.200 ansible_user=root
[worker1] [worker1]
10.10.43.201 10.10.43.201 ansible_user=root
[worker2] [worker2]
10.10.43.202 10.10.43.202 ansible_user=root
[cluster:children] [cluster:children]
master master

368
roles/cmoa_install/files/03-ddl-dml/postgres/patch/postgres_patch_3.5.6.psql Normal file
View File

@@ -0,0 +1,368 @@
-- Topology agent와 Metric agent 통합 작업
UPDATE public.agent_install_file_info
SET yaml='---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cloudmoa-cluster-role
rules:
- nonResourceURLs:
- "*"
verbs:
- get
- apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch
- update
- apiGroups:
- ""
resources:
- nodes/stats
- endpoints
- namespaces
- events
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- daemonsets
- deployments
- deployments/scale
- replicasets
- replicasets/scale
- statefulsets
- statefulsets/scale
verbs:
- get
- list
- watch
- update
- apiGroups:
- batch
resources:
- jobs
verbs:
- get
- list
- watch
- update
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- get
- list
- update
- apiGroups:
- storage.j8s.io
resources:
- storageclasses
verbs:
- get
- list
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- apiGroups:
- extensions
resources:
- ingresses
verbs:
- get
- list
- apiGroups:
- policy
resources:
- podsecuritypolicies
verbs:
- use
resourceNames:
- imxc-ps
- apiGroups:
- certificates.k8s.io
resourceNames:
- kubernetes.io/kube-apiserver-client-kubelet
resources:
- signers
verbs:
- approve
- apiGroups:
- certificates.k8s.io
resourceNames:
- kubernetes.io/kubelet-serving
resources:
- signers
verbs:
- approve
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- proxy
- apiGroups:
- ""
resources:
- nodes/log
- nodes/metrics
- nodes/proxy
- nodes/spec
- nodes/stats
verbs:
- ''*''
- apiGroups:
- ''*''
resources:
- ''*''
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cloudmoa-restricted-rb
namespace: $CLOUDMOA_NAMESPACE
subjects:
- kind: ServiceAccount
name: default
namespace: $CLOUDMOA_NAMESPACE
roleRef:
kind: ClusterRole
name: cloudmoa-cluster-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: cloudmoa-psp
namespace: $CLOUDMOA_NAMESPACE
spec:
privileged: true
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
runAsUser:
rule: RunAsAny
fsGroup:
rule: RunAsAny
hostPorts:
- max: 65535
min: 0
hostNetwork: true
hostPID: true
volumes:
- configMap
- secret
- emptyDir
- hostPath
- projected
- downwardAPI
- persistentVolumeClaim
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: cloudmoa-topology-agent
namespace: $CLOUDMOA_NAMESPACE
labels:
app: cloudmoa-topology-agent
spec:
selector:
matchLabels:
app: cloudmoa-topology-agent
template:
metadata:
labels:
app: cloudmoa-topology-agent
spec:
hostNetwork: true
hostPID: true
tolerations:
- effect: NoSchedule
operator: Exists
- effect: NoExecute
operator: Exists
containers:
- name: metric-agent
image: $DOCKER_REGISTRY_URL/metric-agent:$IMAGE_TAG
args:
- --config.file=/etc/metric-agent/metric-agent.yml
env:
- name: CLUSTER_ID
value: $CLOUDMOA_CLUSTER_ID
- name: STORAGE_TYPE
value: datagate
- name: DATAGATE
value: $COLLTION_SERVER_DATAGATE_IP:$COLLTION_SERVER_DATAGATE_PORT
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: LOG_LEVEL
value: "INFO"
ports:
- containerPort: 14271
protocol: TCP
- containerPort: 14272
protocol: TCP
resources:
limits:
cpu: 250m
memory: 180Mi
requests:
cpu: 125m
memory: 90Mi
volumeMounts:
- mountPath: /etc/metric-agent/
name: config-volume
- image: $DOCKER_REGISTRY_URL/node-exporter
name: node-agent
resources:
limits:
cpu: 250m
memory: 180Mi
requests:
cpu: 125m
memory: 90Mi
ports:
- containerPort: 9110
hostPort: 9110
name: scrape
args:
- --path.procfs=/host/proc
- --path.sysfs=/host/sys
- --path.rootfs=/host/root
- --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|run|var/lib/docker/.+|var/lib/kubelet/pods/.+)($|/)
- --collector.tcpstat
- --web.listen-address=:9110
# --log.level=debug
env:
- name: GOMAXPROCS
value: "1"
volumeMounts:
- mountPath: /host/proc
name: proc-volume
readOnly: false
- mountPath: /host/sys
name: sys-volume
readOnly: false
- mountPath: /host/root
mountPropagation: HostToContainer
name: root-volume
readOnly: true
- name: cloudmoa-topology-agent
image: $DOCKER_REGISTRY_URL/topology-agent:$IMAGE_TAG
resources:
requests:
cpu: 200m
memory: 512Mi
limits:
cpu: 500m
memory: 600Mi
securityContext:
privileged: true
volumeMounts:
- mountPath: /host/usr/bin
name: bin-volume
- mountPath: /var/run/docker.sock
name: docker-volume
- mountPath: /host/proc
name: proc-volume
- mountPath: /root
name: root-volume
- mountPath: /log
name: log-volume
env:
- name: DATAGATE
value: $COLLTION_SERVER_DATAGATE_IP:$COLLTION_SERVER_DATAGATE_PORT
- name: CLUSTER_ID
value: $CLOUDMOA_CLUSTER_ID
- name: ROOT_DIRECTORY
value: /root
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: POD_ID
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: LOG_LEVEL
value: "INFO"
livenessProbe:
httpGet:
path: /healthz
port: 18081
initialDelaySeconds: 30
timeoutSeconds: 5
volumes:
- name: bin-volume
hostPath:
path: /usr/bin
type: Directory
- name: docker-volume
hostPath:
path: /var/run/docker.sock
- name: proc-volume
hostPath:
path: /proc
- name: root-volume
hostPath:
path: /
- hostPath:
path: /sys
name: sys-volume
- name: log-volume
hostPath:
path: /home'
WHERE id=2;
-- Analysis|Log Viewer 에 Container Tab 추가
INSERT INTO public.auth_resource3 (name, is_deleted, tenant_id) VALUES ('menu|Statistics & Analysis|Log Viewer|Container', false, null);
INSERT INTO public.menu_meta (id, description, icon, "position", url, auth_resource3_id, scope_level) VALUES (53, 'Log Viewer(Container)', NULL, 13, '', (select id from auth_resource3 where name='menu|Statistics & Analysis|Log Viewer|Container'), 0);
commit;

5
roles/cmoa_install/files/03-ddl-dml/postgres/postgres_insert_ddl.psql
View File

@@ -1810,6 +1810,7 @@ CREATE TABLE "cmoa_storageclass_base" (
"kind" VARCHAR(30) NOT NULL, "kind" VARCHAR(30) NOT NULL,
"metadata_uid" VARCHAR(40) NOT NULL, "metadata_uid" VARCHAR(40) NOT NULL,
"row_index" INTEGER NOT NULL, "row_index" INTEGER NOT NULL,
"metadata_labels" TEXT NULL DEFAULT NULL,
"metadata_name" TEXT NULL DEFAULT NULL, "metadata_name" TEXT NULL DEFAULT NULL,
"metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL, "metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL,
"metadata_resourceversion" TEXT NULL DEFAULT NULL, "metadata_resourceversion" TEXT NULL DEFAULT NULL,
@@ -1853,6 +1854,7 @@ CREATE TABLE "cmoa_clusterrolebinding_base" (
"kind" VARCHAR(30) NOT NULL, "kind" VARCHAR(30) NOT NULL,
"metadata_uid" VARCHAR(40) NOT NULL, "metadata_uid" VARCHAR(40) NOT NULL,
"row_index" INTEGER NOT NULL, "row_index" INTEGER NOT NULL,
"metadata_labels" TEXT NULL DEFAULT NULL,
"metadata_name" TEXT NULL DEFAULT NULL, "metadata_name" TEXT NULL DEFAULT NULL,
"metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL, "metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL,
"metadata_resourceversion" TEXT NULL DEFAULT NULL, "metadata_resourceversion" TEXT NULL DEFAULT NULL,
@@ -1867,6 +1869,7 @@ CREATE TABLE "cmoa_role_base" (
"kind" VARCHAR(30) NOT NULL, "kind" VARCHAR(30) NOT NULL,
"metadata_uid" VARCHAR(40) NOT NULL, "metadata_uid" VARCHAR(40) NOT NULL,
"row_index" INTEGER NOT NULL, "row_index" INTEGER NOT NULL,
"metadata_labels" TEXT NULL DEFAULT NULL,
"metadata_name" TEXT NULL DEFAULT NULL, "metadata_name" TEXT NULL DEFAULT NULL,
"metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL, "metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL,
"metadata_resourceversion" TEXT NULL DEFAULT NULL, "metadata_resourceversion" TEXT NULL DEFAULT NULL,
@@ -1881,6 +1884,7 @@ CREATE TABLE "cmoa_rolebinding_base" (
"kind" VARCHAR(30) NOT NULL, "kind" VARCHAR(30) NOT NULL,
"metadata_uid" VARCHAR(40) NOT NULL, "metadata_uid" VARCHAR(40) NOT NULL,
"row_index" INTEGER NOT NULL, "row_index" INTEGER NOT NULL,
"metadata_labels" TEXT NULL DEFAULT NULL,
"metadata_name" TEXT NULL DEFAULT NULL, "metadata_name" TEXT NULL DEFAULT NULL,
"metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL, "metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL,
"metadata_resourceversion" TEXT NULL DEFAULT NULL, "metadata_resourceversion" TEXT NULL DEFAULT NULL,
@@ -1896,6 +1900,7 @@ CREATE TABLE "cmoa_serviceaccount_base" (
"kind" VARCHAR(30) NOT NULL, "kind" VARCHAR(30) NOT NULL,
"metadata_uid" VARCHAR(40) NOT NULL, "metadata_uid" VARCHAR(40) NOT NULL,
"row_index" INTEGER NOT NULL, "row_index" INTEGER NOT NULL,
"metadata_labels" TEXT NULL DEFAULT NULL,
"metadata_name" TEXT NULL DEFAULT NULL, "metadata_name" TEXT NULL DEFAULT NULL,
"metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL, "metadata_creationtimestamp" VARCHAR(25) NULL DEFAULT NULL,
"metadata_resourceversion" TEXT NULL DEFAULT NULL, "metadata_resourceversion" TEXT NULL DEFAULT NULL,

170
roles/cmoa_install/files/03-ddl-dml/postgres/postgres_insert_dml.psql
View File

File diff suppressed because one or more lines are too long