Ansible Script 추가

ansible/01_old/roles/test/files/05-imxc/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: imxc
+version: 0.1.0

ansible/01_old/roles/test/files/05-imxc/cmoa-manual.yaml

@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: manual
+  namespace: imxc
+spec:
+  selector:
+    matchLabels:
+      app: manual
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: manual
+    spec:
+      containers:
+      - name: manual
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/manual:{{ .Values.global.CMOA_MANUAL_VERSION }}
+        imagePullPolicy: IfNotPresent
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: manual
+  namespace: imxc
+spec:
+  type: NodePort
+  selector:
+    app: manual
+  ports:
+    - protocol: TCP
+      port: 8088
+      targetPort: 3000
+      nodePort: {{ .Values.global.CMOA_MANUAL_PORT }}
+

ansible/01_old/roles/test/files/05-imxc/scripts/init-api-server.sh

@@ -0,0 +1,17 @@
+#! /bin/sh
+
+STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)"
+
+if [ $STATUS_CODE -eq 200 ]; then
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  chmod -R 777 /home/cloudmoa/notification/cloudmoa_alert.log
+
+  /sbin/tini -- java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+  #java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+elif [ $STATUS_CODE -eq 404 ]; then
+  echo "not found exem relam. check realm in imxc-keycloak"
+else
+  echo "not found keycloak. check to install keycloak"
+fi

ansible/01_old/roles/test/files/05-imxc/scripts/init-auth-server.sh

@@ -0,0 +1,36 @@
+#! /bin/bash
+
+# 200 -> 서버 및 realm이 있는 경우
+# 404 -> 서버는 있으나 realm이 없는 경우
+# 000 -> 서버가 없음
+STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)"
+
+if [ $STATUS_CODE -eq 404 ]; then
+  TOKEN="$(curl -s -d "client_id=admin-cli" -d "username=admin" -d "password=admin" -d "grant_type=password" http://imxc-keycloak-http/auth/realms/master/protocol/openid-connect/token | jq -r '.access_token')"
+  
+  echo $TOKEN
+
+  echo "create realm and client"
+  # create realm and client
+  curl -s -v POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d "@/tmp/init.json" http://imxc-keycloak-http/auth/admin/realms
+
+
+  echo "create admin and owner"
+  # create admin and owner
+  curl -s -v POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d '{"firstName":"","lastName":"", "username":"admin","email":"admin@example.com", "enabled":"true","credentials":[{"type":"password","value":"admin","temporary":false}]}' http://imxc-keycloak-http/auth/admin/realms/exem/users
+  curl -s -v POST -H "Authorization: Bearer $TOKEN" -H "Content-Type: application/json" -d '{"firstName":"","lastName":"", "username":"owner","email":"owner@example.com", "enabled":"true","credentials":[{"type":"password","value":"admin","temporary":false}]}' http://imxc-keycloak-http/auth/admin/realms/exem/users
+
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+elif [ $STATUS_CODE -eq 200 ]; then
+  echo "exist exem relam"
+
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+else
+  echo "not found keycloak. check to install keycloak"
+fi

ansible/01_old/roles/test/files/05-imxc/scripts/init-noti-server.sh

@@ -0,0 +1,14 @@
+#! /bin/sh
+
+STATUS_CODE="$(curl -s -o /dev/null -w '%{http_code}' http://imxc-keycloak-http/auth/realms/exem)"
+
+if [ $STATUS_CODE -eq 200 ]; then
+  JWT_KEY="$(curl -s -XGET http://imxc-keycloak-http/auth/realms/exem | jq -r '.public_key')"
+  export JWT_KEY
+
+  java -Djava.security.egd=file:/dev/./urandom -jar /app.jar
+elif [ $STATUS_CODE -eq 404 ]; then
+  echo "not found exem relam. check realm in imxc-keycloak"
+else
+  echo "not found keycloak. check to install keycloak"
+fi

ansible/01_old/roles/test/files/05-imxc/scripts/init-resource.sh

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+chmod -R 777 /scripts
+
+sed -i "s/localhost/$REDIRECT_URLS/g" /scripts/init.json
+cp /scripts/init.json /tmp/init.json

ansible/01_old/roles/test/files/05-imxc/templates/auth-server.yaml

@@ -0,0 +1,82 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: auth-server
+  namespace: imxc
+spec:
+  selector:
+    matchLabels:
+      app: auth
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: auth
+    spec:
+      initContainers:
+      - name: init-resource
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/init-resource:latest
+        imagePullPolicy: IfNotPresent
+        command: ["/bin/sh", "-c"]
+        args: ['chmod -R 777 /scripts; cp /scripts/init.json /tmp/init.json']
+        volumeMounts:
+          - name: init
+            mountPath: /tmp
+      containers:
+      - name: auth-server
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/auth-server:{{ .Values.global.AUTH_SERVER_VERSION }}
+        imagePullPolicy: IfNotPresent
+        command: ["sh", "-c", {{ .Files.Get "scripts/init-auth-server.sh" | quote }}]
+        env:
+        # spring profile
+        - name: SPRING_PROFILES_ACTIVE
+          value: prd
+
+        # imxc-api-server configuration
+        - name: IMXC_API-SERVER-URL
+          value: http://imxc-api-service:8080
+
+        # keycloak configuration
+        - name: KEYCLOAK_AUTH-SERVER-URL
+          value: "{{ .Values.global.KEYCLOAK_AUTH_SERVER_URL }}"
+        - name: KEYCLOAK_REALM
+          value: exem
+        # eureka configuration
+        - name: EUREKA_CLIENT_SERVICE-URL_DEFAULTZONE
+          value: http://eureka:8761/eureka
+        # log4j
+        - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+          value: "true"
+        - name: LOGGING_LEVEL_COM_EXEM_CLOUD_REPO
+          value: debug
+        - name: LOGGING_LEVEL_COM_EXEM_CLOUD_AUTH_AUTHENTICATION_USER_SERVICE
+          value: debug
+        # 현대카드는 커스텀으로 해당 값 추가. keycloak만 사용(true), keycloak+내부db 사용(false)
+        - name: IMXC_KEYCLOAK_ENABLED
+          value: "true"
+          
+        volumeMounts:
+          - name: init
+            mountPath: /tmp
+        resources:
+          requests:
+            memory: "200Mi"
+            cpu: "10m"
+
+      volumes:
+      - name: init
+        emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: auth-server-service
+  namespace: imxc
+spec:
+  type: ClusterIP
+  selector:
+    app: auth
+  ports:
+    - protocol: TCP
+      port: 8480
+      #      nodePort: 15016

ansible/01_old/roles/test/files/05-imxc/templates/cloudmoa-datagate.yaml

@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: datagate
+  namespace: imxc
+  labels:
+    app: datagate
+spec:
+  selector:
+    matchLabels:
+      app: datagate
+  replicas: 2
+  template:
+    metadata:
+      labels:
+        app: datagate
+    spec:
+      containers:
+        - image: {{ .Values.global.IMXC_IN_REGISTRY }}/datagate:{{ .Values.global.DATAGATE_VERSION }}
+          imagePullPolicy: IfNotPresent
+          name: datagate
+          ports:
+            - containerPort: 50051
+              protocol: TCP
+            - containerPort: 14268
+              protocol: TCP
+            - containerPort: 14269
+              protocol: TCP
+          readinessProbe:
+            httpGet:
+              path: "/"
+              port: 14269
+          env:
+            - name: REDIS_ADDR
+              value: redis-master:6379
+            - name: REDIS_PW
+              value: dkagh1234!
+            - name: REDIS_DB
+              value: "0"
+            - name: REDIS_TYPE
+              value: normal
+            - name: STORAGE_TYPE
+              value: kafka
+            - name: KAFKA_PRODUCER_BROKERS
+              value: kafka-broker:9094
+            - name: LOG_LEVEL
+              value: "INFO"
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "100Mi"
+            limits:
+              cpu: "2000m"
+              memory: "1Gi"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: datagate
+  namespace: imxc
+  labels:
+    app: datagate
+spec:
+  ports:
+    - name: datagate-grpc
+      port: 50051
+      protocol: TCP
+      targetPort: 50051
+      nodePort: 30051
+    - name: datagate-http
+      port: 14268
+      targetPort: 14268
+#      nodePort: 31268
+    - name: datagate-readiness
+      port: 14269
+      targetPort: 14269
+  selector:
+    app: datagate
+  type: NodePort

ansible/01_old/roles/test/files/05-imxc/templates/cloudmoa-metric-agent.yaml

@@ -0,0 +1,331 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: metric-agent
+  namespace: imxc
+  labels:
+    app: metric-agent
+spec:
+  selector:
+    matchLabels:
+      app: metric-agent
+  replicas: 1
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: metric-agent
+    spec:
+      containers:
+      - name: metric-agent
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/metric-agent:{{ .Values.global.METRIC_AGENT_VERSION }}
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 14271
+        - containerPort: 14272
+        args:
+          - --config.file=/etc/metric-agent/metric-agent.yml
+        env:
+          - name: STORAGE_TYPE
+            value: datagate
+          - name: DATAGATE
+            value: datagate:50051
+          - name: CLUSTER_ID
+            value: cloudmoa
+#          - name: USER_ID
+#            value: mskim@ex-em.com
+        volumeMounts:
+          - mountPath: /etc/metric-agent/
+            name: config-volume
+        resources:
+          requests:
+            memory: "256Mi"
+            cpu: "100m"
+          limits:
+            memory: "1000Mi"
+            cpu: "300m"
+      volumes:
+        - name: config-volume
+          configMap:
+            name: metric-agent-config
+      securityContext:
+        runAsUser: 1000
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: metric-agent
+  namespace: imxc
+  labels:
+    app: metric-agent
+spec:
+  ports:
+    - name: metric
+      port: 14271
+      targetPort: 14271
+  selector:
+    app: metric-agent
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: metric-agent-config
+  namespace: imxc
+data:
+  metric-agent.yml: |
+    global:
+      scrape_interval:     10s
+      evaluation_interval: 5s # Evaluate rules every 15 seconds. The default is every 1 minute.
+
+    scrape_configs:
+      - job_name: 'kubernetes-kubelet'
+        scheme: https
+        tls_config:
+          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+        kubernetes_sd_configs:
+        - role: node
+        relabel_configs:
+        - action: labelmap
+          regex: __meta_kubernetes_node_label_(.+)
+        - target_label: __address__
+          replacement: kubernetes.default.svc:443
+        - source_labels: [__meta_kubernetes_node_name]
+          regex: (.+)
+          target_label: __metrics_path__
+          replacement: /api/v1/nodes/${1}/proxy/metrics
+        - source_labels: [__meta_kubernetes_node_label_kubernetes_io_hostname]
+          target_label: xm_node_id
+        - target_label: xm_clst_id
+          replacement: 'cloudmoa'
+        - target_label: xm_entity_type
+          replacement: 'Node'
+
+        # added by mskim 8/19
+        metric_relabel_configs:
+        - source_labels: [ __name__ ]
+          regex: (kubelet_running_pod_count)
+          action: keep
+
+
+      - job_name: 'kubernetes-node-exporter'
+        tls_config:
+          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+        kubernetes_sd_configs:
+        - role: node
+
+        relabel_configs:
+        - action: labelmap
+          regex: __meta_kubernetes_node_label_(.+)
+        - source_labels: [__meta_kubernetes_role]
+          action: replace
+          target_label: kubernetes_role
+        - source_labels: [__address__]
+          regex: '(.*):10250'
+          replacement: '${1}:9100'
+          target_label: __address__
+        - source_labels: [__meta_kubernetes_node_label_kubernetes_io_hostname]
+          target_label: __instance__
+          # set "name" value to "job"
+        - source_labels: [job]
+          regex: 'kubernetes-(.*)'
+          replacement: '${1}'
+          target_label: name
+        - target_label: xm_clst_id
+          replacement: 'cloudmoa'
+        - source_labels: [__meta_kubernetes_node_label_kubernetes_io_hostname]
+          target_label: xm_node_id
+        - target_label: xm_entity_type
+          replacement: 'Node'
+        - source_labels: [__meta_kubernetes_namespace]
+          separator: ;
+          regex: (.*)
+          target_label: xm_namespace
+          replacement: $1
+          action: replace
+
+        # added by mskim 8/19
+        metric_relabel_configs:
+        - source_labels: [ __name__ ]
+          regex: (node_boot_time_seconds|node_context_switches_total|node_cpu_frequency_max_hertz|node_cpu_package_throttles_total|node_cpu_seconds_total|node_disk_io_time_seconds_total|node_disk_read_bytes_total|node_disk_read_time_seconds_total|node_disk_reads_completed_total|node_disk_write_time_seconds_total|node_disk_writes_completed_total|node_disk_written_bytes_total|node_filefd_allocated|node_filesystem_avail_bytes|node_filesystem_free_bytes|node_filesystem_size_bytes|node_load1|node_load15|node_load5|node_memory_Active_bytes|node_memory_Buffers_bytes|node_memory_Cached_bytes|node_memory_MemAvailable_bytes|node_memory_MemFree_bytes|node_memory_MemTotal_bytes|node_memory_SwapCached_bytes|node_memory_SwapFree_bytes|node_memory_SwapTotal_bytes|node_network_receive_bytes_total|node_network_receive_bytes_total|node_network_transmit_bytes_total|node_network_transmit_bytes_total)
+          action: keep
+
+      - job_name: 'kubernetes-cadvisor'
+        scheme: https
+
+        tls_config:
+          ca_file: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+          insecure_skip_verify: true
+        bearer_token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
+
+        kubernetes_sd_configs:
+        - role: node
+        metrics_path: /metrics/cadvisor
+
+        relabel_configs:
+        - action: labelmap
+          regex: __meta_kubernetes_node_label_(.+)
+        - target_label: xm_clst_id
+          replacement: 'cloudmoa'
+        - source_labels: [__meta_kubernetes_node_label_kubernetes_io_hostname]
+          target_label: xm_node_id
+        - target_label: xm_entity_type
+          replacement: 'Container'
+
+{{- if semverCompare ">=1.16-0" .Capabilities.KubeVersion.GitVersion }}
+        metric_relabel_configs:
+        - source_labels: [namespace]
+          target_label: xm_namespace
+        - source_labels: [pod]
+          target_label: xm_pod_id
+        - source_labels: [container]
+          target_label: xm_cont_name
+        - source_labels: [id]
+          target_label: xm_cont_id
+        # added by mskim 8/19
+        - source_labels: [ __name__ ]
+          regex: (container_cpu_cfs_throttled_seconds_total|container_cpu_system_seconds_total|container_cpu_usage_seconds_total|container_cpu_user_seconds_total|container_fs_limit_bytes|container_fs_reads_bytes_total|container_fs_usage_bytes|container_fs_writes_bytes_total|container_last_seen|container_memory_cache|container_memory_max_usage_bytes|container_memory_swap|container_memory_usage_bytes|container_memory_working_set_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total|container_spec_memory_limit_bytes)
+          action: keep
+
+  {{- else }}
+        metric_relabel_configs:
+        - source_labels: [namespace]
+          target_label: xm_namespace
+        - source_labels: [pod_name]
+          target_label: xm_pod_id
+        - source_labels: [container_name]
+          target_label: xm_cont_name
+        - source_labels: [id]
+          target_label: xm_cont_id
+        # added by mskim 8/19
+        - source_labels: [ __name__ ]
+          regex: (container_cpu_cfs_throttled_seconds_total|container_cpu_system_seconds_total|container_cpu_usage_seconds_total|container_cpu_user_seconds_total|container_fs_limit_bytes|container_fs_reads_bytes_total|container_fs_usage_bytes|container_fs_writes_bytes_total|container_last_seen|container_memory_cache|container_memory_max_usage_bytes|container_memory_swap|container_memory_usage_bytes|container_memory_working_set_bytes|container_network_receive_bytes_total|container_network_transmit_bytes_total|container_spec_memory_limit_bytes)
+          action: keep
+{{- end }}
+        # CLOUD-8671 | 데이터 필터링 설정 추가
+        - source_labels: [ __name__, image ]
+          separator: "@"
+          regex: "container_cpu.*@"
+          action: drop
+        - source_labels: [ __name__, name ]
+          separator: "@"
+          regex: "container_memory.*@"
+          action: drop
+
+      - job_name: 'kafka-consumer'
+        metrics_path: /remote_prom
+        scrape_interval: 5s
+        scrape_timeout: 5s
+        scheme: kafka
+        static_configs:
+        - targets: ['kafka-broker:9094']
+        params:
+          #server_addrs: ['broker.default.svc.k8s:9094']
+          server_addrs: ['kafka-broker:9094']
+          encoding: [proto3]
+          contents: [remote_write]
+          compression: [snappy]
+          group: [remote-write-consumer]
+          workers: [50]
+
+      # job for API server (SpringBoot) commented by ersione 2019-09-19
+      - job_name: 'imxc-api'
+        metrics_path: '/actuator/prometheus'
+        scrape_interval: 5s
+        static_configs:
+        - targets: ['imxc-api-service:8080']
+      - job_name: 'imxc-noti'
+        metrics_path: '/actuator/prometheus'
+        scrape_interval: 15s
+        static_configs:
+        - targets: ['noti-server-service:8080']
+      #- job_name: 'imxc-auth'
+      #  metrics_path: '/actuator/prometheus'
+      #  scrape_interval: 15s
+      #  static_configs:
+      #  - targets: ['auth-server-service:8480']
+
+
+
+      - job_name: 'alertmanager-exporter'
+        metrics_path: '/metrics'
+        scrape_interval: 5s
+        static_configs:
+        - targets: ['alertmanager:9093']
+
+
+      # modified by seungtak choi 2020-02-18
+      - job_name: 'cmoa-collector'
+        scrape_interval: 5s
+        kubernetes_sd_configs:
+          - role: endpoints
+            namespaces:
+              names:
+                - imxc
+        relabel_configs:
+          - source_labels: [__meta_kubernetes_service_name]
+            action: keep
+            regex:  cmoa-collector
+
+      # added by dwkim  2021-03-15
+      - job_name: 'elasticsearch'
+        scrape_interval: 5s
+        kubernetes_sd_configs:
+        - role: endpoints
+          namespaces:
+            names:
+            - imxc
+        relabel_configs:
+        - target_label: xm_clst_id
+          replacement: 'cloudmoa'
+        - source_labels: [__meta_kubernetes_pod_node_name]
+          target_label: xm_node_id
+        - source_labels: [__meta_kubernetes_namespace]
+          target_label: xm_namespace
+        - source_labels: [__meta_kubernetes_service_name]
+          action: keep
+          regex: es-exporter-elasticsearch-exporter
+
+      # kafka-exporter prometheus 수집 룰 추가
+      - job_name: 'kafka-exporter'
+        kubernetes_sd_configs:
+        - role: endpoints
+          namespaces:
+            names:
+            - imxc
+        scheme: http
+        relabel_configs:
+        - action: labelmap
+          regex: __meta_kubernetes_service_label_(.+)
+        - action: labelmap
+          regex: __meta_kubernetes_service_annotation_(.+)
+        - source_labels: [__meta_kubernetes_pod_container_port_number]
+          action: keep
+          regex: '(.*)9308'
+
+      # kafka-jmx-exporter configuration yaml 수집룰 추가
+      - job_name: 'kafka-jmx'
+        kubernetes_sd_configs:
+        - role: endpoints
+          namespaces:
+            names:
+            - imxc
+        scheme: http
+        relabel_configs:
+        - action: labelmap
+          regex: __meta_kubernetes_service_label_(.+)
+        - action: labelmap
+          regex: __meta_kubernetes_service_annotation_(.+)
+        - source_labels: [__meta_kubernetes_pod_container_port_number]
+          action: keep
+          regex: '(.*)9010'
+
+      # job for API Server(Spring Cloud Notification Server) commented by hjyoon 2022-01-26
+      - job_name: 'cmoa-noti'
+        metrics_path: '/actuator/prometheus'
+        scrape_interval: 15s
+        static_configs:
+        - targets: ['noti-server-service:8080']

ansible/01_old/roles/test/files/05-imxc/templates/cloudmoa-metric-collector.yaml

@@ -0,0 +1,45 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: metric-collector
+  namespace: imxc
+  labels:
+    app: metric-collector
+spec:
+  selector:
+    matchLabels:
+      app: metric-collector
+  replicas: 3
+  template:
+    metadata:
+      labels:
+        app: metric-collector
+    spec:
+      containers:
+      - name: metric-collector
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/metric-collector:{{ .Values.global.METRIC_COLLECTOR_VERSION }}
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 14270
+        env:
+          - name: KAFKA_CONSUMER_BROKERS
+            value: kafka-broker:9094
+          - name: HTTP_PUSH
+            value: http://base-cortex-nginx/api/v1/push
+      securityContext:
+        runAsUser: 1000
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: metric-collector
+  namespace: imxc
+  labels:
+    app: metric-collector
+spec:
+  ports:
+    - name: metric
+      port: 14270
+      targetPort: 14270
+  selector:
+    app: metric-collector

ansible/01_old/roles/test/files/05-imxc/templates/cmoa-kube-info-batch.yaml

@@ -0,0 +1,38 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cmoa-kube-info-batch
+  namespace: {{ .Values.global.IMXC_NAMESPACE }}
+  labels:
+    app: cmoa-kube-info-batch
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cmoa-kube-info-batch
+  template:
+    metadata:
+      labels:
+        app: cmoa-kube-info-batch
+    spec:
+      containers:
+        - name: cmoa-kube-info-batch
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/kube-info-batch:{{ .Values.global.KUBE_INFO_BATCH_VERSION }}
+          imagePullPolicy: Always
+          env:
+            - name: JDBC_KIND
+              value: {{ .Values.global.JDBC_KIND }}
+            - name: JDBC_SERVER
+              value: {{ .Values.global.JDBC_SERVER }}
+            - name: JDBC_DB
+              value: {{ .Values.global.JDBC_DB }}
+            - name: JDBC_USER
+              value: {{ .Values.global.JDBC_USER }}
+            - name: JDBC_PWD
+              value: {{ .Values.global.JDBC_PWD }}
+            - name: TABLE_PREFIX
+              value: {{ .Values.global.TABLE_PREFIX }}
+            - name: BLACK_LIST
+              value: {{ .Values.global.BLACK_LIST }}
+            - name: DELETE_HOUR
+              value: '{{ .Values.global.DELETE_HOUR }}'

ansible/01_old/roles/test/files/05-imxc/templates/cmoa-kube-info-connector.yaml

@@ -0,0 +1,48 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cmoa-kube-info-connector
+  namespace: {{ .Values.global.IMXC_NAMESPACE }}
+  labels:
+    app: cmoa-kube-info-connector
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cmoa-kube-info-connector
+  template:
+    metadata:
+      labels:
+        app: cmoa-kube-info-connector
+    spec:
+      containers:
+        - name: cmoa-kube-info-connector
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/kube-info-connector:{{ .Values.global.KUBE_INFO_CONNECTOR_VERSION }}
+          imagePullPolicy: Always
+          env:
+            - name: KAFKA_GROUP_ID
+              value: cmoa-kube-info-connector
+            - name: KAFKA_SERVER
+              value: kafka:9092
+            - name: JDBC_KIND
+              value: {{ .Values.global.JDBC_KIND }}
+            - name: JDBC_SERVER
+              value: {{ .Values.global.JDBC_SERVER }}
+            - name: JDBC_DB
+              value: {{ .Values.global.JDBC_DB }}
+            - name: JDBC_USER
+              value: {{ .Values.global.JDBC_USER }}
+            - name: JDBC_PWD
+              value: {{ .Values.global.JDBC_PWD }}
+            - name: TABLE_PREFIX
+              value: {{ .Values.global.TABLE_PREFIX }}
+            - name: BLACK_LIST
+              value: {{ .Values.global.BLACK_LIST }}
+            - name: MAX_POLL_RECORDS_CONFIG
+              value: "300"
+            - name: MAX_POLL_INTERVAL_MS_CONFIG
+              value: "600000"
+            - name: SESSION_TIMEOUT_MS_CONFIG
+              value: "60000"
+            - name: MAX_PARTITION_FETCH_BYTES_CONFIG
+              value: "5242880"

ansible/01_old/roles/test/files/05-imxc/templates/cmoa-kube-info-flat.yaml

@@ -0,0 +1,35 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cmoa-kube-info-flat
+  namespace: {{ .Values.global.IMXC_NAMESPACE }}
+  labels:
+    app: cmoa-kube-info-flat
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: cmoa-kube-info-flat
+  template:
+    metadata:
+      labels:
+        app: cmoa-kube-info-flat
+    spec:
+      containers:
+        - name: cmoa-kube-info-flat
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/kube-info-flat:{{ .Values.global.KUBE_INFO_FLAT_VERSION }}
+          imagePullPolicy: Always
+          env:
+            - name: KAFKA_SERVER
+              value: kafka:9092
+            - name: KAFKA_INPUT_TOPIC
+              value: {{ .Values.global.KAFKA_INPUT_TOPIC }}
+            - name: TABLE_PREFIX
+              value: {{ .Values.global.TABLE_PREFIX }}
+            - name: BLACK_LIST
+              value: {{ .Values.global.BLACK_LIST }}
+          resources:
+            limits:
+              memory: 1Gi
+            requests:
+              memory: 200Mi              

ansible/01_old/roles/test/files/05-imxc/templates/cmoa-manual.yaml

@@ -0,0 +1,36 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: manual
+  namespace: imxc
+spec:
+  selector:
+    matchLabels:
+      app: manual
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: manual
+    spec:
+      containers:
+      - name: manual
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/manual:{{ .Values.global.CMOA_MANUAL_VERSION }}
+        imagePullPolicy: IfNotPresent
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: manual
+  namespace: imxc
+spec:
+  type: NodePort
+  selector:
+    app: manual
+  ports:
+    - protocol: TCP
+      port: 8088
+      targetPort: 3000
+      nodePort: {{ .Values.global.CMOA_MANUAL_PORT }}
+

ansible/01_old/roles/test/files/05-imxc/templates/eureka-server.yaml

@@ -0,0 +1,60 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: eureka
+  namespace: imxc
+  labels:
+    app: eureka
+spec:
+  type: NodePort
+  ports:
+    - port: 8761
+      targetPort: 8761
+      nodePort: 30030
+      name: eureka
+  selector:
+    app: eureka
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: eureka
+  namespace: imxc
+spec:
+  serviceName: 'eureka'
+  replicas: 3
+  selector:
+    matchLabels:
+      app: eureka
+  template:
+    metadata:
+      labels:
+        app: eureka
+    spec:
+      containers:
+        - name: eureka
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/eureka-server:{{ .Values.global.EUREKA_SERVER_VERSION }}
+          imagePullPolicy: IfNotPresent
+          ports:
+            - containerPort: 8761
+          #resources:
+          #  requests:
+          #    memory: "1Gi"
+          #    cpu: "500m"
+          #  limits:
+          #    memory: "1200Mi"
+          #    cpu: "500m"
+          env:
+            - name: SPRING_PROFILES_ACTIVE
+              value: prd
+            - name: EUREKA_CLIENT_SERVICE-URL_DEFAULTZONE
+              value: http://eureka-0.eureka:8761/eureka/,http://eureka-1.eureka:8761/eureka/,http://eureka-2.eureka:8761/eureka/
+            - name: JVM_OPTS
+              value: "-Xms1g -Xmx1g"
+            # log4j
+            - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+              value: "true"
+          resources:
+            requests:
+              memory: "100Mi"
+              cpu: "20m"

ansible/01_old/roles/test/files/05-imxc/templates/imxc-api-server.yaml

@@ -0,0 +1,245 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: imxc-api-service
+  namespace: imxc
+spec:
+  type: NodePort
+  selector:
+    app: imxc-api
+  ports:
+  - protocol: TCP
+    name: api
+    port: 8080
+    targetPort: 8080
+    nodePort: 32080
+  - protocol: TCP
+    name: netty
+    port: 10100
+    targetPort: 10100
+    nodePort: 31100
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: imxc-api
+  namespace: imxc
+  labels:
+    app: imxc-api
+spec:
+  revisionHistoryLimit: 0
+  replicas: 1
+  selector:
+    matchLabels:
+      app: imxc-api
+  template:
+    metadata:
+      labels:
+        app: imxc-api
+        build: develop
+    spec:
+      securityContext:
+        #runAsNonRoot: true
+        runAsUser: 1577
+      initContainers:
+      - name: cloudmoa-api-permission-fix
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/busybox:latest
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          runAsUser: 0
+#        - sh
+#        - -c
+#        - "chmod -R 777 /home/cloudmoa/notification/cloudmoa_alert.log"
+        volumeMounts:
+        - mountPath: /home/cloudmoa/notification/
+          name: notification-upper-directory
+        - mountPath: /home/cloudmoa/notification/cloudmoa_alert.log
+          name: notification-directory
+      containers:
+      - name: imxc-api
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/api-server:{{ .Values.global.API_SERVER_VERSION }}
+        resources:
+          requests:
+            cpu: 200m
+            memory: 500Mi 
+          limits:
+            cpu: 2000m
+            memory: 5000Mi
+        imagePullPolicy: IfNotPresent
+        command: ["sh", "-c", {{ .Files.Get "scripts/init-api-server.sh" | quote }}]
+        env:
+        - name: SPRING_PROFILES_ACTIVE
+          value: prd
+        - name: SPRING_ELASTIC_URLS
+          value: elasticsearch
+        - name: SPRING_ELASTIC_PORT
+          value: "9200"
+        - name: SPRING_DATAGATE_URLS
+          value: "{{ .Values.global.DATAGATE_INSIDE_IP }}"
+        - name: SPRING_DATAGATE_PORT
+          value: "{{ .Values.global.DATAGATE_INSIDE_PORT }}"
+        - name: SPRING_REDIS_URLS
+          value: {{ .Values.global.REDIS_URLS }}
+        - name: SPRING_REDIS_PORT
+          value: "{{ .Values.global.REDIS_PORT }}"
+        - name: SPRING_REDIS_PASSWORD
+          value: {{ .Values.global.REDIS_PASSWORD }}
+        - name: SPRING_DATASOURCE_URL
+          value: jdbc:log4jdbc:postgresql://postgres:5432/postgresdb
+        - name: SPRING_BOOT_ADMIN_CLIENT_URL
+          value: http://{{ .Values.global.IMXC_ADMIN_SERVER_DNS }}:8888
+        - name: SPRING_BOOT_ADMIN_CLIENT_INSTANCE_NAME
+          value: Intermax Cloud API Server
+        - name: SPRING_BOOT_ADMIN_CLIENT_ENABLED
+          value: "false"
+        - name: OPENTRACING_JAEGER_ENABLED
+          value: "false"
+        - name: SPRING_JPA_PROPERTIES_HIBERNATE_GENERATE_STATISTICS
+          value: "false"
+        - name: IMXC_REPORT_ENABLED
+          value: "true"
+        - name: IMXC_ALERT_PERSIST
+          value: "true"
+        - name: SPRING_BOOT_ADMIN_CLIENT_INSTANCE_METADATA_TAGS_ENVIRONMENT
+          value: Demo
+        - name: SPRING_BOOT_ADMIN_CLIENT_INSTANCE_PREFERIP
+          value: "true"
+        - name: SPRING_BOOT_ADMIN_CLIENT_INSTANCE_METADATA_TAGS_NODENAME
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: spec.nodeName
+        - name: SPRING_BOOT_ADMIN_CLIENT_INSTANCE_METADATA_TAGS_PODNAME
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.name
+        - name: SPRING_BOOT_ADMIN_CLIENT_AUTODEREGISTRATION
+          value: "true"
+        - name: SPRING_JPA_HIBERNATE_DDL-AUTO
+          value: validate 
+        - name: KEYCLOAK_AUTH-SERVER-URL
+          value: "{{ .Values.global.KEYCLOAK_AUTH_SERVER_URL }}"
+        - name: KEYCLOAK_REALM
+          value: exem
+        - name: KEYCLOAK_RESOURCE
+          value: "{{ .Values.global.KEYCLOAK_RESOURCE }}"
+        - name: SPRING_KEYCLOAK_MASTER_USERNAME
+          value: "{{ .Values.global.KEYCLOAK_MASTER_USERNAME }}"
+        - name: SPRING_KEYCLOAK_MASTER_PASSWORD
+          value: "{{ .Values.global.KEYCLOAK_MASTER_PASSWORD }}"
+        - name: SPRING_LDAP_USE
+          value: "{{ .Values.global.IMXC_LDAP_USE }}"
+        - name: TIMEZONE
+          value: Asia/Seoul
+        - name: IMXC_PROMETHEUS_URL
+          value: http://base-cortex-nginx/prometheus
+        - name: IMXC_PROMETHEUS_NAMESPACE
+          value: "imxc"
+        - name: LOGGING_LEVEL_ROOT
+          value: info
+        - name: IMXC_ALERT_NOTIFICATION_FILE_USE
+          value: "true"
+        - name: IMXC_ALERT_NOTIFICATION_FILE_FILE-LIMIT-SIZE-MB
+          value: "10"
+        - name: IMXC_ALERT_NOTIFICATION_FILE_PATH
+          value: /cloudmoa_noti
+        - name: IMXC_ALERT_NOTIFICATION_FILE_NAME
+          value: cloudmoa_alert.log
+        - name: IMXC_ALERT_NOTIFICATION_FILE_FORMAT
+          value: $[name]/($[level])/$[data]/$[message]
+        - name: IMXC_ALERT_NOTIFICATION_FILE_LEVELCONTRACT
+          value: "true"
+          #R30020210730 추가 :: 현대카드는 true로 설정
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_MAIL-HOST
+          value: "exemmail1.ex-em.com"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_MAIL-PORT
+          value: "587"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_MAIL-USERNAME
+          value: "imxc@ex-em.com"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_MAIL-PASSWORD
+          value: "1234"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_PROTOCOL
+          value: "smtp"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_STARTTLS-REQ
+          value: "true"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_STARTTLS-ENB
+          value: "true"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_SMTP-AUTH
+          value: "true"
+        - name: IMXC_ALERT_NOTIFICATION_MAIL_DEBUG
+          value: "true"
+        - name: IMXC_ANOMALY_BLACK-LIST
+          value: "false"
+        - name: IMXC_VERSION_SAAS
+          value: "false"
+        - name: LOGGING_LEVEL_COM_EXEM_CLOUD_API_SERVER_KUBERNETES_SERVICE
+          value: info
+        - name: IMXC_WEBSOCKET_SCHEDULE_PERIOD_5SECOND
+          value: "30000"
+        - name: IMXC_CACHE_INFO_1MCACHE
+          value: "0 0/1 * * * ?"
+        - name: IMXC_EXECUTION_LOG_USE
+          value: "false"
+        - name: IMXC_EXECUTION_PERMISSION_LOG_USE
+          value: "false"
+        - name: IMXC_EXECUTION_CODE-LOG_USE
+          value: "false"
+        - name: IMXC_PORTAL_INFO_URL
+          value: "{{ .Values.global.IMXC_PORTAL_INFO_URL }}"
+        # Do not remove below rows related to AGENT-INSTALL. Added by youngmin 2021-03-29.
+        - name: AGENT-INSTALL_COLLECTION-SERVER_KAFKA_IP
+          value: {{ .Values.global.KAFKA_IP }}
+        - name: AGENT-INSTALL_COLLECTION-SERVER_KAFKA_INTERFACE-PORT
+          value: "{{ .Values.global.KAFKA_INTERFACE_PORT }}"
+        - name: AGENT-INSTALL_COLLECTION-SERVER_APISERVER_IP
+          value: {{ .Values.global.IMXC_API_SERVER_IP }}
+        - name: AGENT-INSTALL_COLLECTION-SERVER_APISERVER_NETTY-PORT
+          value: "{{ .Values.global.APISERVER_NETTY_PORT }}"
+        - name: AGENT-INSTALL_REGISTRY_URL
+          value: {{ .Values.global.IMXC_IN_REGISTRY }}
+        - name: AGENT-INSTALL_IMAGE_TAG
+          value: {{ .Values.global.AGENT_IMAGE_TAG }}
+        - name: AGENT-INSTALL_JAEGER_AGENT_CLUSTERIP
+          value: {{ .Values.global.JAEGER_AGENT_CLUSTERIP }}
+        - name: AGENT-INSTALL_JAEGER_JAVA-SPECIALAGENT-CLASSPATH
+          value: {{ .Values.global.JAEGER_JAVA_SPECIALAGENT_CLASSPATH }}
+        - name: AGENT-INSTALL_COLLECTION-SERVER_DATAGATE_IP
+          value: "{{ .Values.global.DATAGATE_OUTSIDE_IP }}"
+        - name: AGENT-INSTALL_COLLECTION-SERVER_DATAGATE_PORT
+          value: "{{ .Values.global.DATAGATE_OUTSIDE_PORT }}"
+        - name: IMXC_REST-CONFIG_MAX-CON
+          value: "200"
+        - name: IMXC_REST-CONFIG_MAX-CON-ROUTE
+          value: "65"
+        # log4j
+        - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+          value: "true"
+        # Elasticsearch for Security
+        - name: SPRING_ELASTIC_SSL_USERNAME
+          value: "{{ .Values.global.CMOA_ES_ID }}"
+        - name: SPRING_ELASTIC_SSL_PASSWORD
+          value: "{{ .Values.global.CMOA_ES_PW }}"
+        - name: IMXC_BACK-LOGIN_ENABLED
+          value: "{{ .Values.global.BACKLOGIN }}"
+        volumeMounts:
+        - mountPath: /var/log/imxc-audit.log
+          name: auditlog
+        - mountPath: /home/cloudmoa/notification/cloudmoa_alert.log
+          name: notification-directory
+        - mountPath: /home/cloudmoa/notification/
+          name: notification-upper-directory
+      volumes:
+      - name: auditlog
+        hostPath:
+          path: {{ .Values.global.AUDITLOG_PATH }}/imxc-audit.log
+          type: FileOrCreate
+      - name: notification-upper-directory
+        hostPath:
+          path: /home/
+          type: DirectoryOrCreate
+      - name: notification-directory
+        hostPath:
+          path: /home/cloudmoa_event.log
+          type: FileOrCreate

ansible/01_old/roles/test/files/05-imxc/templates/imxc-collector.yaml

@@ -0,0 +1,79 @@
+apiVersion: v1
+kind: List
+items:
+- apiVersion: apps/v1
+  kind: Deployment
+  metadata:
+    name: cmoa-collector
+    namespace: imxc
+    labels:
+      app: cmoa-collector
+  spec:
+    replicas: 1
+    selector:
+      matchLabels:
+        app: cmoa-collector
+    template:
+      metadata:
+        labels:
+          app: cmoa-collector
+      spec:
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 65534
+        containers:
+        - name: cmoa-collector
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/cmoa-collector:{{ .Values.global.COLLECTOR_VERSION }}
+          imagePullPolicy: IfNotPresent
+          resources:
+            requests:
+              cpu: 100m
+              memory: 500Mi
+            limits:
+              cpu: 500m
+              memory: 2500Mi
+          ports:
+          - containerPort: 12010
+          env:
+            - name: LOCATION
+              value: Asia/Seoul
+            - name: KAFKA_SERVER
+              value: kafka:9092
+            - name: ELASTICSEARCH
+              value: elasticsearch:9200
+#            - name: PROMETHEUS
+#              value: nginx-cortex/prometheus
+            - name: REDIS_ADDR
+              value: redis-master:6379
+            - name: REDIS_PW
+              value: dkagh1234!
+            - name: REDIS_DB
+              value: "0"
+            - name: REDIS_TYPE
+              value: normal
+            - name: CMOA_ES_ID
+              value: {{ .Values.global.CMOA_ES_ID }}
+            - name: CMOA_ES_PW
+              value: {{ .Values.global.CMOA_ES_PW }}              
+          resources:
+            requests:
+              cpu: "300m"
+              memory: "1500Mi"
+            limits:
+              cpu: "500m"
+              memory: "2500Mi"
+- apiVersion: v1
+  kind: Service
+  metadata:
+    name: cmoa-collector
+    namespace: imxc
+    labels:
+      app: cmoa-collector
+  spec:
+    ports:
+    - name: cmoa-collector-exporter
+      port: 12010
+      targetPort: 12010
+    selector:
+      app: cmoa-collector
+

ansible/01_old/roles/test/files/05-imxc/templates/noti-server.yaml

@@ -0,0 +1,121 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: noti-server
+  namespace: imxc
+spec:
+  selector:
+    matchLabels:
+      app: noti
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: noti
+    spec:
+      containers:
+      - name: noti-server
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/notification-server:{{ .Values.global.NOTI_SERVER_VERSION }}
+        imagePullPolicy: IfNotPresent
+        command: ["sh", "-c", {{ .Files.Get "scripts/init-noti-server.sh" | quote }}]
+        env:
+        # spring profile
+        - name: SPRING_PROFILES_ACTIVE
+          value: prd
+
+        # keycloak configuration
+        - name: KEYCLOAK_AUTH-SERVER-URL
+          value: {{ .Values.global.KEYCLOAK_AUTH_SERVER_URL }}
+        - name: KEYCLOAK_REALM
+          value: exem
+
+        # eureka configuration
+        - name: EUREKA_CLIENT_SERVICE-URL_DEFAULTZONE
+          value: http://eureka:8761/eureka
+
+        # postgres configuration
+        - name: SPRING_DATASOURCE_URL
+          value: jdbc:log4jdbc:postgresql://postgres:5432/postgresdb
+
+        # redis configuration
+        - name: SPRING_REDIS_HOST
+          value: redis-master
+        - name: SPRING_REDIS_PORT
+          value: "6379"
+        - name: SPRING_REDIS_PASSWORD
+          value: dkagh1234!
+
+        # elasticsearch configuration
+        - name: SPRING_ELASTIC_URLS
+          value: elasticsearch
+        - name: SPRING_ELASTIC_PORT
+          value: "9200"
+
+        # file I/O configuration
+        - name: IMXC_ALERT_NOTIFICATION_FILE_USE
+          value: "true"
+        - name: IMXC_ALERT_NOTIFICATION_FILE_FILE-LIMIT-SIZE-MB
+          value: "10"
+        - name: IMXC_ALERT_NOTIFICATION_FILE_PATH
+          value: /cloudmoa_noti
+        - name: IMXC_ALERT_NOTIFICATION_FILE_NAME
+          value: cloudmoa_alert.log
+        - name: IMXC_ALERT_NOTIFICATION_FILE_FORMAT
+          value: $[name]/($[level])/$[data]/$[message]
+        - name: IMXC_ALERT_NOTIFICATION_FILE_LEVELCONTRACT
+          value: "true"
+
+        # rabbitmq configuration
+        - name: IMXC_RABBITMQ_HOST
+          value: base-rabbitmq
+        - name: IMXC_RABBITMQ_PORT
+          value: "61613"
+        - name: IMXC_RABBITMQ_CLIENT_ID
+          value: "user"
+        - name: IMXC_RABBITMQ_CLIENT_PASSWORD
+          value: "eorbahrhkswp"
+        - name: IMXC_RABBITMQ_SYSTEM_ID
+          value: "user"
+        - name: IMXC_RABBITMQ_SYSTEM_PASSWORD
+          value: "eorbahrhkswp"
+
+        # api-server configuration
+        - name: IMXC_API-SERVER-URL
+          value: "http://imxc-api-service:8080"
+
+        # cortex integration
+        - name: SPRING_CORTEX_URLS
+          value: base-cortex-configs
+        - name: SPRING_CORTEX_PORT
+          value: "8080"
+
+        # alert webhook
+        - name: IMXC_ALERT_WEBHOOK_URLS
+          value: http://noti-server-service:8080/alert
+
+        # etc configuration
+        - name: IMXC_PROMETHEUS_NAMESPACE
+          value: {{ .Values.global.IMXC_NAMESPACE }}
+        - name: IMXC_ALERT_KUBERNETES_NAMESPACE
+          value: {{ .Values.global.IMXC_NAMESPACE }}
+        # log4j
+        - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+          value: "true"
+        resources:
+          requests:
+            memory: "100Mi"
+            cpu: "50m"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: noti-server-service
+  namespace: imxc
+spec:
+  type: NodePort
+  selector:
+    app: noti
+  ports:
+    - protocol: TCP
+      port: 8080
+      nodePort: 31083

ansible/01_old/roles/test/files/05-imxc/templates/streams-depl.yaml

@@ -0,0 +1,26 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kafka-stream-txntrend-deployment
+  namespace: imxc
+  labels:
+    app: kafka-stream-txntrend
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: kafka-stream-txntrend
+  template:
+    metadata:
+      labels:
+        app: kafka-stream-txntrend
+    spec:
+      containers:
+      - name: kafka-stream-txntrend
+        image: {{ .Values.global.IMXC_IN_REGISTRY }}/kafka-stream-txntrend:{{ .Values.global.KAFKA_STREAM_VERSION }}
+        imagePullPolicy: IfNotPresent
+        env:
+        - name: SERVICE_KAFKA_HOST
+          value: kafka-broker:9094
+        - name: SERVICE_STREAM_OUTPUT
+          value: jspd_txntrend

ansible/01_old/roles/test/files/05-imxc/templates/topology-agent.yaml

@@ -0,0 +1,107 @@
+{{ if semverCompare ">=1.17-0" .Capabilities.KubeVersion.GitVersion }}
+apiVersion: rbac.authorization.k8s.io/v1
+{{ else }}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+{{ end }}
+kind: ClusterRoleBinding
+metadata:
+  name: topology-agent
+  namespace: imxc
+  labels:
+    k8s-app: topology-agent
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: topology-agent
+    namespace: imxc
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: topology-agent
+  namespace: imxc
+  labels:
+    app: topology-agent
+spec:
+  selector:
+    matchLabels:
+      app: topology-agent
+  template:
+    metadata:
+      labels:
+        app: topology-agent
+    spec:
+      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      # below appended
+      hostPID: true
+      tolerations:
+      - effect: NoSchedule
+        operator: Exists
+      - effect: NoExecute
+        operator: Exists
+      containers:
+        - name: topology-agent
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/topology-agent:{{ .Values.global.TOPOLOGY_AGENT_VERSION }}
+          imagePullPolicy: IfNotPresent
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - mountPath: /host/usr/bin
+              name: bin-volume
+            - mountPath: /var/run/docker.sock
+              name: docker-volume
+            - mountPath: /host/proc
+              name: proc-volume
+            - mountPath: /root
+              name: root-volume
+          env:
+            - name: CLUSTER_ID
+              value: cloudmoa
+            - name: ROOT_DIRECTORY
+              value: /root
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            - name: POD_ID
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: NAMESPACE
+              valueFrom:
+                 fieldRef:
+                   fieldPath: metadata.namespace
+            - name: DATAGATE
+              value: datagate:50051
+            - name: LOG_RNAME_USE
+              value: "false"
+            - name: LOG_LEVEL
+              value: "DEBUG"
+            - name: CLOUDMOA_SETTING_PATH
+              value: /home/cloudmoa/setting/
+          resources:
+            requests:
+              memory: "125Mi"
+              cpu: "100m"
+            limits:
+              memory: "600Mi"
+              cpu: "500m"
+      volumes:
+        - name: bin-volume
+          hostPath:
+            path: /usr/bin
+            type: Directory
+        - name: docker-volume
+          hostPath:
+            path: /var/run/docker.sock
+        - name: proc-volume
+          hostPath:
+            path: /proc
+        - name: root-volume
+          hostPath:
+            path: /

ansible/01_old/roles/test/files/05-imxc/templates/zuul-server.yaml

@@ -0,0 +1,62 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: zuul-deployment
+  namespace: imxc
+  labels:
+    app: cloud
+spec:
+  selector:
+    matchLabels:
+      app: cloud
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: cloud
+    spec:
+      containers:
+        - env:
+            - name: SPRING_PROFILES_ACTIVE
+              value: prd
+            - name: SPRING_ZIPKIN_BASE-URL
+              value: http://zipkin-service:9411
+            - name: LOGGING_LEVEL_COM_EXEM_CLOUD_ZUULSERVER_FILTERS_AUTHFILTER
+              value: info
+            # log4j
+            - name: LOG4J_FORMAT_MSG_NO_LOOKUPS
+              value: "true"
+          name: zuul
+          image: {{ .Values.global.IMXC_IN_REGISTRY }}/zuul-server:{{ .Values.global.ZUUL_SERVER_VERSION }}
+          imagePullPolicy: IfNotPresent
+          ports:
+            - containerPort: 8080
+              #- containerPort: 6831
+              #protocol: UDP
+          #resources:
+          #  requests:
+          #    memory: "256Mi"
+          #    cpu: "344m"
+          #  limits:
+          #    memory: "1Gi"
+          #    cpu: "700m"
+          resources:
+            requests:
+              memory: "200Mi"
+              cpu: "50m"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: zuul
+  namespace: imxc
+  labels:
+    app: cloud
+spec:
+  type: NodePort
+  selector:
+    app: cloud
+  ports:
+    - port: 8080
+      targetPort: 8080
+      nodePort: 31081

ansible/01_old/roles/test/files/05-imxc/values.yaml

@@ -0,0 +1,157 @@
+# Default values for imxc.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: 10.10.31.243:5000/cmoa3/nginx
+  tag: stable
+  pullPolicy: IfNotPresent
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name:
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: false
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths: []
+
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+global:
+  IMXC_LDAP_USE: false
+  IMXC_ADMIN_SERVER_DNS: imxc-admin-service
+  AUDITLOG_PATH: /var/log
+  KAFKA_IP: kafka-broker
+  # 로드밸런서 안 쓴다고 가정했을때 입니다..
+  KAFKA_INTERFACE_PORT: 9094
+  APISERVER_NETTY_PORT: 10100
+  #REGISTRY_URL: cdm-dev.exem-oss.org:5050
+  #REGISTRY_URL: 10.10.31.243:5000/cmoa
+  IMXC_ADMIN_SERVER_DNS: imxc-admin-service
+  AGENT_IMAGE_TAG: rel0.0.0
+  # Jaeger 관련변수
+  JAEGER_AGENT_CLUSTERIP: 10.98.94.198
+  JAEGER_JAVA_SPECIALAGENT_CLASSPATH: classpath:/install/opentracing-specialagent-1.7.4.jar
+  # added by DongWoo Kim 2021-06-21
+  KEYCLOAK_AUTH_SERVER_URL: http://111.111.111.111:31082/auth
+  KEYCLOAK_RESOURCE: authorization_server
+  KEYCLOAK_MASTER_USERNAME: admin 
+  KEYCLOAK_MASTER_PASSWORD: admin
+  IMXC_PORTAL_INFO_URL: 
+  KEYCLOAK_REALM: exem
+  # added by EunHye Kim 2021-08-25
+  #DATAGATE_URLS: datagate
+  #DATAGATE_IP: 111.111.111.111
+  #DATAGATE_PORT: 14268
+  DATAGATE_INSIDE_IP: datagate
+  DATAGATE_INSIDE_PORT: 14268
+  DATAGATE_OUTSIDE_IP: 111.111.111.111
+  DATAGATE_OUTSIDE_PORT: 30051
+  REDIS_URLS: redis-master
+  REDIS_PORT: 6379
+  REDIS_PASSWORD: dkagh1234!
+  # added by DongWoo Kim 2021-08-31 (version of each module)
+  DATAGATE_VERSION: rel0.0.0
+  #ADMIN_SERVER_VERSION: v1.0.0
+  #API_SERVER_VERSION: CLOUD-172
+  API_SERVER_VERSION: rel0.0.0
+  COLLECTOR_VERSION: rel0.0.0
+  #release-3.3.0
+  TOPOLOGY_AGENT_VERSION: rel0.0.0
+  METRIC_COLLECTOR_VERSION: rel0.0.0
+  #v1.0.0
+  METRIC_AGENT_VERSION: rel0.0.0
+  # spring cloud
+  ZUUL_SERVER_VERSION: rel0.0.0  
+  #CMOA-1269
+  EUREKA_SERVER_VERSION: rel0.0.0
+  AUTH_SERVER_VERSION: rel0.0.0
+  NOTI_SERVER_VERSION: rel0.0.0
+  KAFKA_STREAM_VERSION: rel0.0.0
+  CMOA_MANUAL_VERSION: rel0.0.0
+  KUBE_INFO_FLAT_VERSION: rel0.0.0
+  KUBE_INFO_BATCH_VERSION: rel0.0.0
+  KUBE_INFO_CONNECTOR_VERSION: rel0.0.0
+
+
+  CMOA_MANUAL_PORT: 31090
+
+
+  # Keycloak
+  #KEYCLOAK_VERSION: v1.0.0
+
+  # 레지스트리 변수화 (Public Cloud 대비 / 아래 값 적절히 수정해서 사용할 것)
+  #IMXC_REGISTRY: 10.10.31.243:5000
+  IMXC_IN_REGISTRY: 10.10.31.243:5000/cmoa3
+
+
+  # namespace 추가
+  IMXC_NAMESPACE: imxc
+  
+  # ZUUL 8080으로 열어놓을것
+
+  CMOA_ES_ID: elastic
+  CMOA_ES_PW: elastic
+
+  JDBC_KIND: 'postgres'
+  JDBC_SERVER: 'postgres:5432'
+  JDBC_DB: 'postgresdb'
+  JDBC_USER: 'admin'
+  JDBC_PWD: 'eorbahrhkswp'
+
+  KAFKA_INPUT_TOPIC: 'kubernetes_info'
+
+  TABLE_PREFIX: 'cmoa_'
+  BLACK_LIST: 'configmap_base,cronjob_active,endpoint_base,endpoint_addresses,endpoint_notreadyaddresses,endpoint_ports,event_base,node_image,persistentvolume_base,persistentvolumeclaim_base,pod_volume,resourcequota_base,resourcequota_scopeselector'
+  DELETE_HOUR: '15'
+  BACKLOGIN: false