--- apiVersion: v1 kind: Service metadata: name: nedge-mgmt namespace: nedge labels: app: nedge-mgmt spec: type: NodePort ports: - port: 8080 nodePort: 30080 name: http-rest - port: 4443 nodePort: 30443 name: https-rest - port: 3000 nodePort: 31080 name: http-ui - port: 3443 nodePort: 31443 name: https-ui - port: 3444 nodePort: 31444 name: https-ui-audit selector: app: nedge-mgmt --- kind: ConfigMap apiVersion: v1 metadata: name: nedge-mgmt-config namespace: nedge data: nesetup: |- { "ccow": { "tenant": { "failure_domain": 1 }, "network": { "broker_interfaces": "net0", "server_unix_socket" : "/opt/nedge/var/run/sock/ccowd.sock" } }, "auditd": { "is_aggregator": 1 }, "rest": { "password": "TQpcVgoSLA==", "port": 8080, "secure": { "port": 4443 } } } --- apiVersion: v1 kind: ServiceAccount metadata: name: nedge-mgmt namespace: nedge --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: nedge-mgmt namespace: nedge rules: - apiGroups: ["*"] resources: ["*"] verbs: ["*"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: nedge-mgmt namespace: nedge rules: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: nedge-mgmt subjects: - kind: ServiceAccount name: nedge-mgmt - kind: User name: "system:serviceaccount:nedge:default" --- apiVersion: extensions/v1beta1 kind: Deployment metadata: name: nedge-mgmt namespace: nedge spec: replicas: 1 template: metadata: labels: app: nedge-mgmt annotations: networks: '[ { "name": "client-net" }, { "name": "replicast" } ]' spec: serviceAccountName: nedge-mgmt hostIPC: true volumes: - name: nedge-target-state persistentVolumeClaim: claimName: nedge-target-state-claim - name: nedge-mgmt-config configMap: name: nedge-mgmt-config items: - key: nesetup path: nesetup.json - name: kubectl hostPath: path: /usr/bin/kubectl type: File affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: k8s-app operator: In values: - nedge-target topologyKey: kubernetes.io/hostname containers: - name: rest image: nexenta/nedge:2.1.3 imagePullPolicy: Always args: ["start", "-j", "rest", "-j", "auditserv"] env: - name: HOST_HOSTNAME valueFrom: fieldRef: fieldPath: spec.nodeName ports: - containerPort: 8080 - containerPort: 4443 volumeMounts: - name: nedge-target-state mountPath: /opt/nedge/var/run - name: nedge-mgmt-config mountPath: /opt/nedge/etc/config - name: kubectl mountPath: /usr/bin/kubectl livenessProbe: tcpSocket: port: 8080 initialDelaySeconds: 60 timeoutSeconds: 5 readinessProbe: tcpSocket: port: 8080 timeoutSeconds: 20 - name: ui image: nexenta/nedgeui:2.1.4 imagePullPolicy: Always env: - name: API_ENDPOINT value: http://localhost:8080 ports: - containerPort: 3000 - containerPort: 3443 livenessProbe: tcpSocket: port: 3000 initialDelaySeconds: 60 timeoutSeconds: 5 readinessProbe: tcpSocket: port: 3000 timeoutSeconds: 20 - name: ui-audit image: nexenta/nedgeui-audit:2.1.3 imagePullPolicy: Always env: - name: API_ENDPOINT value: http://localhost:8080 ports: - containerPort: 3444 livenessProbe: tcpSocket: port: 3444 initialDelaySeconds: 60 timeoutSeconds: 5 readinessProbe: tcpSocket: port: 3444 timeoutSeconds: 20