From fab5fb32c94ef4fbf4aa5a183c0cfe97ed7cb4f3 Mon Sep 17 00:00:00 2001 From: ByeonJungHun Date: Thu, 9 Nov 2023 17:30:57 +0900 Subject: [PATCH] =?UTF-8?q?imxc=20/=20imxc-ui=20affinity=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmoa_infra.yaml | 8 ++++++++ cmoa_install.yaml | 2 +- installer.sh | 9 +++++++-- inventory | 6 +++--- roles/cmoa_install/defaults/main.yml | 2 +- .../files/04-keycloak/templates/statefulset.yaml | 2 +- roles/cmoa_install/files/05-imxc/cmoa-manual.yaml | 9 +++++++++ .../files/05-imxc/scripts/init-auth-server.sh | 2 +- .../files/05-imxc/templates/auth-server.yaml | 9 +++++++++ .../files/05-imxc/templates/cloudmoa-datagate.yaml | 9 +++++++++ .../files/05-imxc/templates/cloudmoa-metric-agent.yaml | 9 +++++++++ .../05-imxc/templates/cloudmoa-metric-collector.yaml | 9 +++++++++ .../files/05-imxc/templates/cmoa-kube-info-batch.yaml | 9 +++++++++ .../05-imxc/templates/cmoa-kube-info-connector.yaml | 9 +++++++++ .../files/05-imxc/templates/cmoa-kube-info-flat.yaml | 9 +++++++++ .../files/05-imxc/templates/cmoa-manual.yaml | 9 +++++++++ .../files/05-imxc/templates/eureka-server.yaml | 9 +++++++++ .../files/05-imxc/templates/imxc-api-server.yaml | 9 +++++++++ .../files/05-imxc/templates/imxc-collector.yaml | 9 +++++++++ .../files/05-imxc/templates/noti-server.yaml | 9 +++++++++ .../files/05-imxc/templates/streams-depl.yaml | 9 +++++++++ .../files/05-imxc/templates/zuul-server.yaml | 9 +++++++++ roles/cmoa_install/files/05-imxc/values.yaml | 2 +- .../06-imxc-ui/imxc-ui/scripts/init-auth-server.sh | 2 +- .../06-imxc-ui/imxc-ui/templates/imxc-ui-server.yaml | 10 ++++++++++ roles/cmoa_install/files/values/imxc.j2 | 2 +- roles/cmoa_os_setting/defaults/main.yml | 6 +++--- 27 files changed, 173 insertions(+), 15 deletions(-) create mode 100755 cmoa_infra.yaml diff --git a/cmoa_infra.yaml b/cmoa_infra.yaml new file mode 100755 index 0000000..12109fe --- /dev/null +++ b/cmoa_infra.yaml @@ -0,0 +1,8 @@ +--- +- hosts: cluster + become: true + gather_facts: true + environment: + KUBECONFIG: /root/.kube/ansible_config + roles: + - role: cmoa_os_setting diff --git a/cmoa_install.yaml b/cmoa_install.yaml index 20c9876..4ce1059 100755 --- a/cmoa_install.yaml +++ b/cmoa_install.yaml @@ -5,7 +5,7 @@ environment: KUBECONFIG: /root/.kube/ansible_config vars: - REGISTRY: 10.10.31.243:5000/cmoa3 + REGISTRY: 10.10.43.224:5000/cmoa3 REPO: "nexus" # dockerhub or nexus roles: - role: cmoa_install diff --git a/installer.sh b/installer.sh index 6092fe2..b9e379d 100755 --- a/installer.sh +++ b/installer.sh @@ -1,5 +1,7 @@ #!/bin/bash +clear + ESC=`printf "\033"`; input_key() { @@ -50,7 +52,7 @@ select_menu() { } select_test() { - arr_params=("CMOA INSTALL" "CMOA PG Patch"); + arr_params=("CMOA INSTALL" "CMOA PG Patch" "Kubernetes Install (Online Only)"); echo -e "\n"; echo ' ______ __ __ ______ ______ __ __ __ ______ ______ ______ __ __ ______ ______ '; echo '/\ ___\ /\ "-./ \ /\ __ \ /\ __ \ /\ \ /\ "-.\ \ /\ ___\ /\__ _\ /\ __ \ /\ \ /\ \ /\ ___\ /\ == \ '; @@ -71,6 +73,9 @@ main() { elif [ $SELECTED -eq 2 ] then ansible-playbook -i inventory cmoa_pgpatch.yaml + elif [ $SELECTED -eq 3 ] + then + ansible-playbook -i inventory cmoa_infra.yaml fi } -main \ No newline at end of file +main diff --git a/inventory b/inventory index fdb15b0..a355de5 100755 --- a/inventory +++ b/inventory @@ -1,11 +1,11 @@ [master] -10.10.43.210 +10.10.43.246 [worker1] -10.10.43.211 +10.10.43.247 [worker2] -10.10.43.212 +10.10.43.248 [cluster:children] master diff --git a/roles/cmoa_install/defaults/main.yml b/roles/cmoa_install/defaults/main.yml index 85b4b7f..700df0c 100644 --- a/roles/cmoa_install/defaults/main.yml +++ b/roles/cmoa_install/defaults/main.yml @@ -49,7 +49,7 @@ keycloak_realm: exem # Keycloak administration console user keycloak_admin_user: admin -keycloak_admin_password: cmoaA13!# +keycloak_admin_password: admin keycloak_auth_realm: master keycloak_auth_client: admin-cli keycloak_context: /auth diff --git a/roles/cmoa_install/files/04-keycloak/templates/statefulset.yaml b/roles/cmoa_install/files/04-keycloak/templates/statefulset.yaml index d069e02..8278986 100644 --- a/roles/cmoa_install/files/04-keycloak/templates/statefulset.yaml +++ b/roles/cmoa_install/files/04-keycloak/templates/statefulset.yaml @@ -91,7 +91,7 @@ spec: # name: keycloak-secret # key: KEYCLOAK_MASTER_USERNAME - name: KEYCLOAK_PASSWORD - value: "cmoaA13!#" + value: "admin" #valueFrom: # secretKeyRef: # name: keycloak-secret diff --git a/roles/cmoa_install/files/05-imxc/cmoa-manual.yaml b/roles/cmoa_install/files/05-imxc/cmoa-manual.yaml index e94fc14..de85c6f 100755 --- a/roles/cmoa_install/files/05-imxc/cmoa-manual.yaml +++ b/roles/cmoa_install/files/05-imxc/cmoa-manual.yaml @@ -13,6 +13,15 @@ spec: labels: app: manual spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 containers: - name: manual image: {{ .Values.global.IMXC_IN_REGISTRY }}/manual:{{ .Values.global.CMOA_MANUAL_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/scripts/init-auth-server.sh b/roles/cmoa_install/files/05-imxc/scripts/init-auth-server.sh index 6907ea6..61520e4 100755 --- a/roles/cmoa_install/files/05-imxc/scripts/init-auth-server.sh +++ b/roles/cmoa_install/files/05-imxc/scripts/init-auth-server.sh @@ -6,7 +6,7 @@ STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)" if [ $STATUS_CODE -eq 404 ]; then - TOKEN="$(curl -s -d "client_id=admin-cli" -d "username=admin" -d "password=cmoaA13!#" -d "grant_type=password" http://imxc-keycloak-http/auth/realms/master/protocol/openid-connect/token | jq -r '.access_token')" + TOKEN="$(curl -s -d "client_id=admin-cli" -d "username=admin" -d "password=admin" -d "grant_type=password" http://imxc-keycloak-http/auth/realms/master/protocol/openid-connect/token | jq -r '.access_token')" echo $TOKEN diff --git a/roles/cmoa_install/files/05-imxc/templates/auth-server.yaml b/roles/cmoa_install/files/05-imxc/templates/auth-server.yaml index fb8fe7b..bb15527 100755 --- a/roles/cmoa_install/files/05-imxc/templates/auth-server.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/auth-server.yaml @@ -13,6 +13,15 @@ spec: labels: app: auth spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 initContainers: - name: init-resource image: {{ .Values.global.IMXC_IN_REGISTRY }}/init-resource:latest diff --git a/roles/cmoa_install/files/05-imxc/templates/cloudmoa-datagate.yaml b/roles/cmoa_install/files/05-imxc/templates/cloudmoa-datagate.yaml index cbbee9a..4607fd6 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cloudmoa-datagate.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cloudmoa-datagate.yaml @@ -15,6 +15,15 @@ spec: labels: app: datagate spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - image: {{ .Values.global.IMXC_IN_REGISTRY }}/datagate:{{ .Values.global.DATAGATE_VERSION }} imagePullPolicy: IfNotPresent diff --git a/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-agent.yaml b/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-agent.yaml index d371296..e3e59d3 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-agent.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-agent.yaml @@ -17,6 +17,15 @@ spec: labels: app: metric-agent spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - name: metric-agent image: {{ .Values.global.IMXC_IN_REGISTRY }}/metric-agent:{{ .Values.global.METRIC_AGENT_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-collector.yaml b/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-collector.yaml index 3d7acc8..fb9b355 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-collector.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cloudmoa-metric-collector.yaml @@ -15,6 +15,15 @@ spec: labels: app: metric-collector spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - name: metric-collector image: {{ .Values.global.IMXC_IN_REGISTRY }}/metric-collector:{{ .Values.global.METRIC_COLLECTOR_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-batch.yaml b/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-batch.yaml index b20fed2..80f1621 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-batch.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-batch.yaml @@ -15,6 +15,15 @@ spec: labels: app: cmoa-kube-info-batch spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - name: cmoa-kube-info-batch image: {{ .Values.global.IMXC_IN_REGISTRY }}/kube-info-batch:{{ .Values.global.KUBE_INFO_BATCH_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-connector.yaml b/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-connector.yaml index 130a1e1..4528bc4 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-connector.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-connector.yaml @@ -15,6 +15,15 @@ spec: labels: app: cmoa-kube-info-connector spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - name: cmoa-kube-info-connector image: {{ .Values.global.IMXC_IN_REGISTRY }}/kube-info-connector:{{ .Values.global.KUBE_INFO_CONNECTOR_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-flat.yaml b/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-flat.yaml index bfca2eb..00dd62f 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-flat.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cmoa-kube-info-flat.yaml @@ -15,6 +15,15 @@ spec: labels: app: cmoa-kube-info-flat spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - name: cmoa-kube-info-flat image: {{ .Values.global.IMXC_IN_REGISTRY }}/kube-info-flat:{{ .Values.global.KUBE_INFO_FLAT_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/cmoa-manual.yaml b/roles/cmoa_install/files/05-imxc/templates/cmoa-manual.yaml index e94fc14..26d8cd0 100755 --- a/roles/cmoa_install/files/05-imxc/templates/cmoa-manual.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/cmoa-manual.yaml @@ -13,6 +13,15 @@ spec: labels: app: manual spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker1 containers: - name: manual image: {{ .Values.global.IMXC_IN_REGISTRY }}/manual:{{ .Values.global.CMOA_MANUAL_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/eureka-server.yaml b/roles/cmoa_install/files/05-imxc/templates/eureka-server.yaml index 5ffd9c2..1b0477d 100755 --- a/roles/cmoa_install/files/05-imxc/templates/eureka-server.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/eureka-server.yaml @@ -31,6 +31,15 @@ spec: labels: app: eureka spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 containers: - name: eureka image: {{ .Values.global.IMXC_IN_REGISTRY }}/eureka-server:{{ .Values.global.EUREKA_SERVER_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/imxc-api-server.yaml b/roles/cmoa_install/files/05-imxc/templates/imxc-api-server.yaml index 7cbe787..7669747 100755 --- a/roles/cmoa_install/files/05-imxc/templates/imxc-api-server.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/imxc-api-server.yaml @@ -39,6 +39,15 @@ spec: app: imxc-api build: develop spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 securityContext: #runAsNonRoot: true runAsUser: 1577 diff --git a/roles/cmoa_install/files/05-imxc/templates/imxc-collector.yaml b/roles/cmoa_install/files/05-imxc/templates/imxc-collector.yaml index e125243..86c1d31 100755 --- a/roles/cmoa_install/files/05-imxc/templates/imxc-collector.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/imxc-collector.yaml @@ -18,6 +18,15 @@ items: labels: app: cmoa-collector spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 securityContext: runAsNonRoot: true runAsUser: 65534 diff --git a/roles/cmoa_install/files/05-imxc/templates/noti-server.yaml b/roles/cmoa_install/files/05-imxc/templates/noti-server.yaml index 93b019e..726a3fe 100755 --- a/roles/cmoa_install/files/05-imxc/templates/noti-server.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/noti-server.yaml @@ -13,6 +13,15 @@ spec: labels: app: noti spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 containers: - name: noti-server image: {{ .Values.global.IMXC_IN_REGISTRY }}/notification-server:{{ .Values.global.NOTI_SERVER_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/streams-depl.yaml b/roles/cmoa_install/files/05-imxc/templates/streams-depl.yaml index b3223e5..a07627a 100755 --- a/roles/cmoa_install/files/05-imxc/templates/streams-depl.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/streams-depl.yaml @@ -15,6 +15,15 @@ spec: labels: app: kafka-stream-txntrend spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 containers: - name: kafka-stream-txntrend image: {{ .Values.global.IMXC_IN_REGISTRY }}/kafka-stream-txntrend:{{ .Values.global.KAFKA_STREAM_VERSION }} diff --git a/roles/cmoa_install/files/05-imxc/templates/zuul-server.yaml b/roles/cmoa_install/files/05-imxc/templates/zuul-server.yaml index 79969d7..e374132 100755 --- a/roles/cmoa_install/files/05-imxc/templates/zuul-server.yaml +++ b/roles/cmoa_install/files/05-imxc/templates/zuul-server.yaml @@ -15,6 +15,15 @@ spec: labels: app: cloud spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: cmoa + operator: In + values: + - worker2 containers: - env: - name: SPRING_PROFILES_ACTIVE diff --git a/roles/cmoa_install/files/05-imxc/values.yaml b/roles/cmoa_install/files/05-imxc/values.yaml index 420535b..fd3afcf 100755 --- a/roles/cmoa_install/files/05-imxc/values.yaml +++ b/roles/cmoa_install/files/05-imxc/values.yaml @@ -86,7 +86,7 @@ global: KEYCLOAK_AUTH_SERVER_URL: http://111.111.111.111:31082/auth KEYCLOAK_RESOURCE: authorization_server KEYCLOAK_MASTER_USERNAME: admin - KEYCLOAK_MASTER_PASSWORD: cmoaA13!# + KEYCLOAK_MASTER_PASSWORD: admin IMXC_PORTAL_INFO_URL: KEYCLOAK_REALM: exem # added by EunHye Kim 2021-08-25 diff --git a/roles/cmoa_install/files/06-imxc-ui/imxc-ui/scripts/init-auth-server.sh b/roles/cmoa_install/files/06-imxc-ui/imxc-ui/scripts/init-auth-server.sh index 6907ea6..61520e4 100644 --- a/roles/cmoa_install/files/06-imxc-ui/imxc-ui/scripts/init-auth-server.sh +++ b/roles/cmoa_install/files/06-imxc-ui/imxc-ui/scripts/init-auth-server.sh @@ -6,7 +6,7 @@ STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)" if [ $STATUS_CODE -eq 404 ]; then - TOKEN="$(curl -s -d "client_id=admin-cli" -d "username=admin" -d "password=cmoaA13!#" -d "grant_type=password" http://imxc-keycloak-http/auth/realms/master/protocol/openid-connect/token | jq -r '.access_token')" + TOKEN="$(curl -s -d "client_id=admin-cli" -d "username=admin" -d "password=admin" -d "grant_type=password" http://imxc-keycloak-http/auth/realms/master/protocol/openid-connect/token | jq -r '.access_token')" echo $TOKEN diff --git a/roles/cmoa_install/files/06-imxc-ui/imxc-ui/templates/imxc-ui-server.yaml b/roles/cmoa_install/files/06-imxc-ui/imxc-ui/templates/imxc-ui-server.yaml index 35c4b61..1742c63 100644 --- a/roles/cmoa_install/files/06-imxc-ui/imxc-ui/templates/imxc-ui-server.yaml +++ b/roles/cmoa_install/files/06-imxc-ui/imxc-ui/templates/imxc-ui-server.yaml @@ -33,6 +33,16 @@ spec: labels: app: imxc-ui spec: + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + - key: cmoa + operator: In + values: + - worker2 containers: - name: imxc-ui image: {{ .Values.global.IMXC_IN_REGISTRY }}/ui-server:{{ .Values.global.UI_SERVER_VERSION }} diff --git a/roles/cmoa_install/files/values/imxc.j2 b/roles/cmoa_install/files/values/imxc.j2 index 420535b..d0233c8 100644 --- a/roles/cmoa_install/files/values/imxc.j2 +++ b/roles/cmoa_install/files/values/imxc.j2 @@ -86,7 +86,7 @@ global: KEYCLOAK_AUTH_SERVER_URL: http://111.111.111.111:31082/auth KEYCLOAK_RESOURCE: authorization_server KEYCLOAK_MASTER_USERNAME: admin - KEYCLOAK_MASTER_PASSWORD: cmoaA13!# + KEYCLOAK_MASTER_PASSWORD: "admin" IMXC_PORTAL_INFO_URL: KEYCLOAK_REALM: exem # added by EunHye Kim 2021-08-25 diff --git a/roles/cmoa_os_setting/defaults/main.yml b/roles/cmoa_os_setting/defaults/main.yml index 54a134d..8e86968 100644 --- a/roles/cmoa_os_setting/defaults/main.yml +++ b/roles/cmoa_os_setting/defaults/main.yml @@ -107,16 +107,16 @@ containerd_config: conf_template: "" registry: configs: - "10.10.31.243:5000": + "10.10.43.224:5000": tls: insecure_skip_verify: true mirrors: "docker.io": endpoint: - https://registry-1.docker.io - "10.10.31.243:5000": + "10.10.43.224:5000": endpoint: - - "http://10.10.31.243:5000" + - "http://10.10.43.224:5000" x509_key_pair_streaming: tls_cert_file: "" tls_key_file: ""