commit 514b401aaeaca1b15bad41dd5cbe1116ee7af403 Author: Maxim Romanko Date: Thu Dec 18 15:34:28 2025 +0300 added conf files for k8s diff --git a/cluster1/configmap-init-scripts.yaml b/cluster1/configmap-init-scripts.yaml new file mode 100644 index 0000000..92b4abe --- /dev/null +++ b/cluster1/configmap-init-scripts.yaml @@ -0,0 +1,191 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cluster1-init-scripts + namespace: cluster1 +data: + db1-init.sql: | + -- from Практика 3/init-scripts/db1-init.sql + -- Инициализация БД 1 + -- Создание пользователей + + -- Пользователь 1: видит только свою БД (database1) + CREATE USER user1_local WITH PASSWORD 'user1pass'; + GRANT CONNECT ON DATABASE database1 TO user1_local; + GRANT USAGE ON SCHEMA public TO user1_local; + GRANT CREATE ON SCHEMA public TO user1_local; + + -- Пользователь 1: может видеть БД в соседнем контейнере (database2) + -- Этот пользователь будет создан также в db2, что позволит ему подключаться к обеим БД + CREATE USER user1_cross WITH PASSWORD 'user1pass'; + GRANT CONNECT ON DATABASE database1 TO user1_cross; + GRANT USAGE ON SCHEMA public TO user1_cross; + GRANT CREATE ON SCHEMA public TO user1_cross; + + -- Создание таблиц + CREATE TABLE IF NOT EXISTS products ( + id SERIAL PRIMARY KEY, + name VARCHAR(100) NOT NULL, + price DECIMAL(10, 2) NOT NULL, + quantity INTEGER NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + ); + + CREATE TABLE IF NOT EXISTS orders ( + id SERIAL PRIMARY KEY, + customer_name VARCHAR(100) NOT NULL, + total_amount DECIMAL(10, 2) NOT NULL, + status VARCHAR(50) NOT NULL, + order_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP + ); + + -- Выдача прав на таблицы для user1_local + GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO user1_local; + GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO user1_local; + + -- Выдача прав на таблицы для user1_cross + GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO user1_cross; + GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO user1_cross; + + -- Настройка прав по умолчанию для будущих таблиц + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO user1_local; + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO user1_cross; + ALTER DEFAULT PRIVИЛЕGES IN SCHEMA public GRANT ALL ON SEQUENCES TO user1_local; + ALTER DEFAULT PRIVИЛЕGES IN SCHEMA public GRANT ALL ON SEQUENCES TO user1_cross; + + db1-data.sql: | + -- from Практика 3/init-scripts/db1-data.sql + -- Заполнение таблиц случайными данными для БД 1 + + -- Вставка случайных данных в таблицу products + INSERT INTO products (name, price, quantity) VALUES + ('Ноутбук Dell XPS', 89999.99, 15), + ('Мышь Logitech MX', 3499.50, 42), + ('Клавиатура Mechanical', 5999.00, 28), + ('Монитор LG 27"', 24999.99, 12), + ('Наушники Sony WH-1000XM4', 19999.00, 35), + ('Веб-камера Logitech C920', 4999.00, 18), + ('Микрофон Blue Yeti', 8999.99, 8), + ('Коврик для мыши', 599.00, 100), + ('USB-C кабель', 1299.00, 55), + ('Внешний SSD 1TB', 8999.99, 22), + ('Планшет Samsung Galaxy', 29999.00, 14), + ('Смартфон iPhone 15', 79999.99, 9), + ('Умные часы Apple Watch', 24999.00, 20), + ('Портативная колонка JBL', 4999.00, 30), + ('Беспроводные наушники AirPods', 14999.00, 25); + + -- Вставка случайных данных в таблицу orders + INSERT INTO orders (customer_name, total_amount, status) VALUES + ('Иван Петров', 125999.99, 'completed'), + ('Мария Сидорова', 3499.50, 'pending'), + ('Алексей Иванов', 5999.00, 'completed'), + ('Елена Козлова', 24999.99, 'processing'), + ('Дмитрий Смирнов', 19999.00, 'completed'), + ('Ольга Волкова', 4999.00, 'pending'), + ('Сергей Лебедев', 8999.99, 'completed'), + ('Анна Новикова', 599.00, 'completed'), + ('Павел Морозов', 1299.00, 'processing'), + ('Татьяна Федорова', 8999.99, 'completed'), + ('Николай Соколов', 29999.00, 'pending'), + ('Юлия Попова', 79999.99, 'completed'), + ('Андрей Васильев', 24999.00, 'processing'), + ('Наталья Павлова', 4999.00, 'completed'), + ('Владимир Семенов', 14999.00, 'pending'), + ('Ирина Григорьева', 89999.99, 'completed'), + ('Роман Орлов', 3499.50, 'processing'), + ('Екатерина Зайцева', 5999.00, 'completed'), + ('Максим Егоров', 24999.99, 'pending'), + ('Светлана Михайлова', 19999.00, 'completed'); + + db2-init.sql: | + -- from Практика 3/init-scripts/db2-init.sql + -- Инициализация БД 2 + -- Создание пользователей + + -- Пользователь 2: видит только свою БД (database2) + CREATE USER user2_local WITH PASSWORD 'user2pass'; + GRANT CONNECT ON DATABASE database2 TO user2_local; + GRANT USAGE ON SCHEMA public TO user2_local; + GRANT CREATE ON SCHEMA public TO user2_local; + + -- Пользователь 1: может видеть БД в соседнем контейнере (database1) + -- Этот пользователь создан также в db1, что позволяет ему подключаться к обеим БД + CREATE USER user1_cross WITH PASSWORD 'user1pass'; + GRANT CONNECT ON DATABASE database2 TO user1_cross; + GRANT USAGE ON SCHEMA public TO user1_cross; + GRANT CREATE ON SCHEMA public TO user1_cross; + + -- Создание таблиц + CREATE TABLE IF NOT EXISTS employees ( + id SERIAL PRIMARY KEY, + first_name VARCHAR(50) NOT NULL, + last_name VARCHAR(50) NOT NULL, + position VARCHAR(100) NOT NULL, + salary DECIMAL(10, 2) NOT NULL, + hire_date DATE NOT NULL, + department VARCHAR(50) NOT NULL + ); + + CREATE TABLE IF NOT EXISTS departments ( + id SERIAL PRIMARY KEY, + name VARCHAR(100) NOT NULL UNIQUE, + budget DECIMAL(12, 2) NOT NULL, + manager_id INTEGER, + location VARCHAR(100) NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + ); + + -- Выдача прав на таблицы для user2_local + GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO user2_local; + GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO user2_local; + + -- Выдача прав на таблицы для user1_cross + GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO user1_cross; + GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO user1_cross; + + -- Настройка прав по умолчанию для будущих таблиц + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO user2_local; + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO user1_cross; + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO user2_local; + ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO user1_cross; + + db2-data.sql: | + -- from Практика 3/init-scripts/db2-data.sql + -- Заполнение таблиц случайными данными для БД 2 + + -- Вставка случайных данных в таблицу departments + INSERT INTO departments (name, budget, location) VALUES + ('Отдел разработки', 5000000.00, 'Москва, офис 1'), + ('Отдел продаж', 3000000.00, 'Санкт-Петербург, офис 2'), + ('Отдел маркетинга', 2000000.00, 'Москва, офис 1'), + ('Отдел HR', 1500000.00, 'Новосибирск, офис 3'), + ('Отдел финансов', 4000000.00, 'Москва, офис 1'), + ('Отдел поддержки', 1800000.00, 'Екатеринбург, офис 4'), + ('Отдел тестирования', 2500000.00, 'Москва, офис 1'), + ('Отдел аналитики', 2200000.00, 'Казань, офис 5'); + + -- Вставка случайных данных в таблицу employees + INSERT INTO employees (first_name, last_name, position, salary, hire_date, department) VALUES + ('Александр', 'Иванов', 'Senior Developer', 150000.00, '2020-03-15', 'Отдел разработки'), + ('Елена', 'Петрова', 'Product Manager', 120000.00, '2019-06-20', 'Отдел разработки'), + ('Дмитрий', 'Сидоров', 'Sales Manager', 80000.00, '2021-01-10', 'Отдел продаж'), + ('Мария', 'Козлова', 'Marketing Specialist', 70000.00, '2021-08-05', 'Отдел маркетинга'), + ('Сергей', 'Смирнов', 'HR Manager', 90000.00, '2020-11-12', 'Отдел HR'), + ('Ольга', 'Волкова', 'Financial Analyst', 110000.00, '2019-09-18', 'Отдел финансов'), + ('Андрей', 'Лебедев', 'Support Engineer', 65000.00, '2022-02-22', 'Отдел поддержки'), + ('Татьяна', 'Новикова', 'QA Engineer', 75000.00, '2021-04-30', 'Отдел тестирования'), + ('Павел', 'Морозов', 'Data Analyst', 85000.00, '2020-07-14', 'Отдел аналитики'), + ('Юлия', 'Федорова', 'Junior Developer', 60000.00, '2022-05-08', 'Отдел разработки'), + ('Николай', 'Соколов', 'Senior Sales Manager', 95000.00, '2018-12-03', 'Отдел продаж'), + ('Анна', 'Попова', 'Marketing Manager', 100000.00, '2020-10-25', 'Отдел маркетинга'), + ('Владимир', 'Васильев', 'Lead Developer', 180000.00, '2017-05-11', 'Отдел разработки'), + ('Наталья', 'Павлова', 'Recruiter', 55000.00, '2021-11-19', 'Отдел HR'), + ('Роман', 'Семенов', 'CFO', 200000.00, '2016-08-07', 'Отдел финансов'), + ('Екатерина', 'Григорьева', 'Senior Support Engineer', 80000.00, '2019-03-28', 'Отдел поддержки'), + ('Максим', 'Орлов', 'Test Lead', 130000.00, '2018-09-15', 'Отдел тестирования'), + ('Светлана', 'Зайцева', 'Senior Data Analyst', 120000.00, '2019-12-01', 'Отдел аналитики'), + ('Игорь', 'Егоров', 'DevOps Engineer', 140000.00, '2020-04-16', 'Отдел разработки'), + ('Людмила', 'Михайлова', 'Sales Director', 160000.00, '2017-11-23', 'Отдел продаж'); + + diff --git a/cluster1/configmap-replication-scripts.yaml b/cluster1/configmap-replication-scripts.yaml new file mode 100644 index 0000000..28e0d4f --- /dev/null +++ b/cluster1/configmap-replication-scripts.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cluster1-replication-scripts + namespace: cluster1 +data: + entrypoint-replica.sh: | + #!/bin/sh + set +e # Не останавливаться при ошибках в фоновых процессах + + # Запускаем PostgreSQL в фоновом режиме + echo "Запуск PostgreSQL..." + docker-entrypoint.sh postgres & + POSTGRES_PID=$! + + # Ждем запуска PostgreSQL + echo "Ожидание запуска PostgreSQL..." + sleep 15 + + # Проверяем, что PostgreSQL запущен + RETRY_COUNT=0 + MAX_RETRIES=30 + until PGPASSWORD=postgres123 psql -h localhost -U postgres -c '\q' 2>/dev/null; do + RETRY_COUNT=$((RETRY_COUNT + 1)) + if [ $RETRY_COUNT -ge $MAX_RETRIES ]; then + echo "Ошибка: PostgreSQL не запустился за отведенное время" + exit 1 + fi + echo "Ожидание PostgreSQL... ($RETRY_COUNT/$MAX_RETRIES)" + sleep 2 + done + + echo "PostgreSQL запущен!" + + # Настраиваем репликацию + echo "Настройка репликации..." + /replication-scripts/setup-replica.sh + + # Запускаем периодическую репликацию в фоне + echo "Запуск службы периодической репликации..." + /replication-scripts/replication-cron.sh & + REPLICATION_PID=$! + + # Ждем завершения PostgreSQL (главный процесс) + wait $POSTGRES_PID + + diff --git a/cluster1/namespace.yaml b/cluster1/namespace.yaml new file mode 100644 index 0000000..298b27e --- /dev/null +++ b/cluster1/namespace.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: cluster1 + diff --git a/cluster1/pvc-db.yaml b/cluster1/pvc-db.yaml new file mode 100644 index 0000000..a0b6ac3 --- /dev/null +++ b/cluster1/pvc-db.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: db1-data + namespace: cluster1 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: db2-data + namespace: cluster1 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: replica-data + namespace: cluster1 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + + diff --git a/cluster1/secrets-db.yaml b/cluster1/secrets-db.yaml new file mode 100644 index 0000000..3cc572e --- /dev/null +++ b/cluster1/secrets-db.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cluster1-postgres-secret + namespace: cluster1 +type: Opaque +stringData: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: postgres123 + DB1_NAME: database1 + DB2_NAME: database2 + + diff --git a/cluster1/statefulset-db1.yaml b/cluster1/statefulset-db1.yaml new file mode 100644 index 0000000..0d6221e --- /dev/null +++ b/cluster1/statefulset-db1.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: db1 + namespace: cluster1 +spec: + serviceName: db1 + replicas: 1 + selector: + matchLabels: + app: db1 + template: + metadata: + labels: + app: db1 + spec: + containers: + - name: postgres + image: postgres:15-alpine + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: DB1_NAME + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: POSTGRES_PASSWORD + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + volumeMounts: + - name: db1-data + mountPath: /var/lib/postgresql/data + - name: init-scripts + mountPath: /docker-entrypoint-initdb.d/01-init.sql + subPath: db1-init.sql + - name: init-scripts + mountPath: /docker-entrypoint-initdb.d/02-data.sql + subPath: db1-data.sql + volumes: + - name: db1-data + persistentVolumeClaim: + claimName: db1-data + - name: init-scripts + configMap: + name: cluster1-init-scripts +--- +apiVersion: v1 +kind: Service +metadata: + name: db1 + namespace: cluster1 +spec: + type: ClusterIP + selector: + app: db1 + ports: + - name: postgres + port: 5432 + targetPort: 5432 + + diff --git a/cluster1/statefulset-db2.yaml b/cluster1/statefulset-db2.yaml new file mode 100644 index 0000000..6114476 --- /dev/null +++ b/cluster1/statefulset-db2.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: db2 + namespace: cluster1 +spec: + serviceName: db2 + replicas: 1 + selector: + matchLabels: + app: db2 + template: + metadata: + labels: + app: db2 + spec: + containers: + - name: postgres + image: postgres:15-alpine + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: DB2_NAME + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: POSTGRES_PASSWORD + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + volumeMounts: + - name: db2-data + mountPath: /var/lib/postgresql/data + - name: init-scripts + mountPath: /docker-entrypoint-initdb.d/01-init.sql + subPath: db2-init.sql + - name: init-scripts + mountPath: /docker-entrypoint-initdb.d/02-data.sql + subPath: db2-data.sql + volumes: + - name: db2-data + persistentVolumeClaim: + claimName: db2-data + - name: init-scripts + configMap: + name: cluster1-init-scripts +--- +apiVersion: v1 +kind: Service +metadata: + name: db2 + namespace: cluster1 +spec: + type: ClusterIP + selector: + app: db2 + ports: + - name: postgres + port: 5432 + targetPort: 5432 + + diff --git a/cluster1/statefulset-replica.yaml b/cluster1/statefulset-replica.yaml new file mode 100644 index 0000000..8baa079 --- /dev/null +++ b/cluster1/statefulset-replica.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: replica + namespace: cluster1 +spec: + serviceName: replica + replicas: 1 + selector: + matchLabels: + app: replica + template: + metadata: + labels: + app: replica + spec: + containers: + - name: postgres + image: postgres:15-alpine + ports: + - containerPort: 5432 + env: + - name: POSTGRES_DB + value: replica_db + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: POSTGRES_USER + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: cluster1-postgres-secret + key: POSTGRES_PASSWORD + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + command: + - /bin/sh + - -c + - | + chmod +x /replication-scripts/entrypoint-replica.sh + exec /replication-scripts/entrypoint-replica.sh + volumeMounts: + - name: replica-data + mountPath: /var/lib/postgresql/data + - name: replication-scripts + mountPath: /replication-scripts + volumes: + - name: replica-data + persistentVolumeClaim: + claimName: replica-data + - name: replication-scripts + configMap: + name: cluster1-replication-scripts + defaultMode: 0755 +--- +apiVersion: v1 +kind: Service +metadata: + name: replica + namespace: cluster1 +spec: + type: ClusterIP + selector: + app: replica + ports: + - name: postgres + port: 5432 + targetPort: 5432 + + diff --git a/cluster2/configmap-init-scripts.yaml b/cluster2/configmap-init-scripts.yaml new file mode 100644 index 0000000..f36eb52 --- /dev/null +++ b/cluster2/configmap-init-scripts.yaml @@ -0,0 +1,58 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cluster2-init-scripts + namespace: cluster2 +data: + mongo1-init.js: | + db = db.getSiblingDB('db1'); + + db.documents.insertMany([ + { name: "Документ 1 бд 1", value: Math.random() * 100, timestamp: new Date() }, + { name: "Документ 2 бд 1", value: Math.random() * 100, timestamp: new Date() } + ]); + + db = db.getSiblingDB('admin'); + + db.createUser({ + user: "user1", + pwd: "user1pass", + roles: [{ role: "readWrite", db: "db1" }] + }); + + db.createUser({ + user: "user-shared", + pwd: "user2pass", + roles: [ + { role: "readWrite", db: "db1" }, + { role: "readWrite", db: "db2" } + ] + }); + + mongo2-init.js: | + db = db.getSiblingDB('db2'); + + db.documents.insertMany([ + { name: "Документ A бд 2", value: Math.random() * 100, timestamp: new Date() }, + { name: "Документ B бд 2", value: Math.random() * 100, timestamp: new Date() } + ]); + + db = db.getSiblingDB('admin'); + + db.createUser({ + user: "user2", + pwd: "user1pass", + roles: [{ role: "readWrite", db: "db2" }] + }); + + db.createUser({ + user: "user-shared", + pwd: "user2pass", + roles: [ + { role: "readWrite", db: "db1" }, + { role: "readWrite", db: "db2" } + ] + }); + + + diff --git a/cluster2/deployment-mongo-rs.yaml b/cluster2/deployment-mongo-rs.yaml new file mode 100644 index 0000000..758a844 --- /dev/null +++ b/cluster2/deployment-mongo-rs.yaml @@ -0,0 +1,171 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo-rs1 + namespace: cluster2 +spec: + replicas: 1 + selector: + matchLabels: + app: mongo-rs1 + template: + metadata: + labels: + app: mongo-rs1 + spec: + containers: + - name: mongo + image: mongo:7 + command: ["mongod", "--replSet", "rs0", "--bind_ip_all"] + ports: + - containerPort: 27017 + volumeMounts: + - name: data + mountPath: /data/db + volumes: + - name: data + persistentVolumeClaim: + claimName: mongo-rs1-data +--- +apiVersion: v1 +kind: Service +metadata: + name: mongo-rs1 + namespace: cluster2 +spec: + type: ClusterIP + selector: + app: mongo-rs1 + ports: + - name: mongo + port: 27017 + targetPort: 27017 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo-rs2 + namespace: cluster2 +spec: + replicas: 1 + selector: + matchLabels: + app: mongo-rs2 + template: + metadata: + labels: + app: mongo-rs2 + spec: + containers: + - name: mongo + image: mongo:7 + command: ["mongod", "--replSet", "rs0", "--bind_ip_all"] + ports: + - containerPort: 27017 + volumeMounts: + - name: data + mountPath: /data/db + volumes: + - name: data + persistentVolumeClaim: + claimName: mongo-rs2-data +--- +apiVersion: v1 +kind: Service +metadata: + name: mongo-rs2 + namespace: cluster2 +spec: + type: ClusterIP + selector: + app: mongo-rs2 + ports: + - name: mongo + port: 27017 + targetPort: 27017 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo-rs3 + namespace: cluster2 +spec: + replicas: 1 + selector: + matchLabels: + app: mongo-rs3 + template: + metadata: + labels: + app: mongo-rs3 + spec: + containers: + - name: mongo + image: mongo:7 + command: ["mongod", "--replSet", "rs0", "--bind_ip_all"] + ports: + - containerPort: 27017 + volumeMounts: + - name: data + mountPath: /data/db + volumes: + - name: data + persistentVolumeClaim: + claimName: mongo-rs3-data +--- +apiVersion: v1 +kind: Service +metadata: + name: mongo-rs3 + namespace: cluster2 +spec: + type: ClusterIP + selector: + app: mongo-rs3 + ports: + - name: mongo + port: 27017 + targetPort: 27017 +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: mongo-rs-init + namespace: cluster2 +spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: mongo-rs-init + image: mongo:7 + command: + - bash + - -c + - | + echo "Waiting for MongoDB replica set members..." + sleep 30 + until mongosh --host mongo-rs1:27017 --eval "db.adminCommand({ping:1})" --quiet; do + echo "Waiting for mongo-rs1..." + sleep 5 + done + until mongosh --host mongo-rs2:27017 --eval "db.adminCommand({ping:1})" --quiet; do + echo "Waiting for mongo-rs2..." + sleep 5 + done + until mongosh --host mongo-rs3:27017 --eval "db.adminCommand({ping:1})" --quiet; do + echo "Waiting for mongo-rs3..." + sleep 5 + done + echo "All nodes ready, initializing replica set..." + mongosh --host mongo-rs1:27017 --eval 'rs.initiate({ + _id: "rs0", + members: [ + { _id: 0, host: "mongo-rs1:27017" }, + { _id: 1, host: "mongo-rs2:27017" }, + { _id: 2, host: "mongo-rs3:27017" } + ] + })' + + + diff --git a/cluster2/deployment-mongo1.yaml b/cluster2/deployment-mongo1.yaml new file mode 100644 index 0000000..9340f64 --- /dev/null +++ b/cluster2/deployment-mongo1.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo1 + namespace: cluster2 +spec: + replicas: 1 + selector: + matchLabels: + app: mongo1 + template: + metadata: + labels: + app: mongo1 + spec: + containers: + - name: mongo + image: mongo:7 + ports: + - containerPort: 27017 + env: + - name: MONGO_INITDB_ROOT_USERNAME + valueFrom: + secretKeyRef: + name: cluster2-mongo-secret + key: MONGO_INITDB_ROOT_USERNAME + - name: MONGO_INITDB_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: cluster2-mongo-secret + key: MONGO_INITDB_ROOT_PASSWORD + volumeMounts: + - name: data + mountPath: /data/db + - name: init-scripts + mountPath: /docker-entrypoint-initdb.d/init.js + subPath: mongo1-init.js + volumes: + - name: data + persistentVolumeClaim: + claimName: mongo1-data + - name: init-scripts + configMap: + name: cluster2-init-scripts +--- +apiVersion: v1 +kind: Service +metadata: + name: mongo1 + namespace: cluster2 +spec: + type: ClusterIP + selector: + app: mongo1 + ports: + - name: mongo + port: 27017 + targetPort: 27017 + + + diff --git a/cluster2/deployment-mongo2.yaml b/cluster2/deployment-mongo2.yaml new file mode 100644 index 0000000..e9ad6f8 --- /dev/null +++ b/cluster2/deployment-mongo2.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo2 + namespace: cluster2 +spec: + replicas: 1 + selector: + matchLabels: + app: mongo2 + template: + metadata: + labels: + app: mongo2 + spec: + containers: + - name: mongo + image: mongo:7 + ports: + - containerPort: 27017 + env: + - name: MONGO_INITDB_ROOT_USERNAME + valueFrom: + secretKeyRef: + name: cluster2-mongo-secret + key: MONGO_INITDB_ROOT_USERNAME + - name: MONGO_INITDB_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: cluster2-mongo-secret + key: MONGO_INITDB_ROOT_PASSWORD + volumeMounts: + - name: data + mountPath: /data/db + - name: init-scripts + mountPath: /docker-entrypoint-initdb.d/init.js + subPath: mongo2-init.js + volumes: + - name: data + persistentVolumeClaim: + claimName: mongo2-data + - name: init-scripts + configMap: + name: cluster2-init-scripts +--- +apiVersion: v1 +kind: Service +metadata: + name: mongo2 + namespace: cluster2 +spec: + type: ClusterIP + selector: + app: mongo2 + ports: + - name: mongo + port: 27017 + targetPort: 27017 + + + diff --git a/cluster2/namespace.yaml b/cluster2/namespace.yaml new file mode 100644 index 0000000..1ea490f --- /dev/null +++ b/cluster2/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: cluster2 + + diff --git a/cluster2/pvc-mongo.yaml b/cluster2/pvc-mongo.yaml new file mode 100644 index 0000000..1f7b990 --- /dev/null +++ b/cluster2/pvc-mongo.yaml @@ -0,0 +1,62 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo1-data + namespace: cluster2 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo2-data + namespace: cluster2 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo-rs1-data + namespace: cluster2 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo-rs2-data + namespace: cluster2 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongo-rs3-data + namespace: cluster2 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + + + diff --git a/cluster2/secrets-mongo.yaml b/cluster2/secrets-mongo.yaml new file mode 100644 index 0000000..9f4e98e --- /dev/null +++ b/cluster2/secrets-mongo.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cluster2-mongo-secret + namespace: cluster2 +type: Opaque +stringData: + MONGO_INITDB_ROOT_USERNAME: admin + MONGO_INITDB_ROOT_PASSWORD: adminpass + + + diff --git a/elk-stack/configmap-elasticsearch.yaml b/elk-stack/configmap-elasticsearch.yaml new file mode 100644 index 0000000..c2df5e2 --- /dev/null +++ b/elk-stack/configmap-elasticsearch.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: elasticsearch-config + namespace: elk-stack +data: + elasticsearch.yml: | + cluster.name: "elk-cluster" + network.host: 0.0.0.0 + xpack.security.enabled: false + xpack.security.enrollment.enabled: false + xpack.security.http.ssl.enabled: false + xpack.security.transport.ssl.enabled: false + discovery.type: single-node + + diff --git a/elk-stack/configmap-kibana.yaml b/elk-stack/configmap-kibana.yaml new file mode 100644 index 0000000..50f7181 --- /dev/null +++ b/elk-stack/configmap-kibana.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kibana-config + namespace: elk-stack +data: + kibana.yml: | + server.host: "0.0.0.0" + server.name: "kibana" + elasticsearch.hosts: ["http://elasticsearch:9200"] + xpack.security.enabled: false + + diff --git a/elk-stack/configmap-logstash.yaml b/elk-stack/configmap-logstash.yaml new file mode 100644 index 0000000..c4e9b01 --- /dev/null +++ b/elk-stack/configmap-logstash.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: logstash-config + namespace: elk-stack +data: + logstash.yml: | + http.host: "0.0.0.0" + xpack.monitoring.elasticsearch.hosts: ["http://elasticsearch:9200"] + pipeline.conf: | + input { + beats { + port => 5044 + } + tcp { + port => 5000 + codec => json + } + } + + filter { + if [message] =~ /^\s*$/ { + drop { } + } + } + + output { + elasticsearch { + hosts => ["http://elasticsearch:9200"] + index => "%{[source_type]}-%{+YYYY.MM.dd}" + } + stdout { + codec => rubydebug + } + } + + diff --git a/elk-stack/deployment-kibana.yaml b/elk-stack/deployment-kibana.yaml new file mode 100644 index 0000000..1ffb82b --- /dev/null +++ b/elk-stack/deployment-kibana.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kibana + namespace: elk-stack +spec: + replicas: 1 + selector: + matchLabels: + app: kibana + template: + metadata: + labels: + app: kibana + spec: + containers: + - name: kibana + image: docker.elastic.co/kibana/kibana:8.11.0 + ports: + - containerPort: 5601 + volumeMounts: + - name: kibana-config + mountPath: /usr/share/kibana/config/kibana.yml + subPath: kibana.yml + volumes: + - name: kibana-config + configMap: + name: kibana-config +--- +apiVersion: v1 +kind: Service +metadata: + name: kibana + namespace: elk-stack +spec: + type: NodePort + selector: + app: kibana + ports: + - name: http + port: 5601 + targetPort: 5601 + nodePort: 30001 + + diff --git a/elk-stack/deployment-logstash.yaml b/elk-stack/deployment-logstash.yaml new file mode 100644 index 0000000..a724533 --- /dev/null +++ b/elk-stack/deployment-logstash.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: logstash + namespace: elk-stack +spec: + replicas: 1 + selector: + matchLabels: + app: logstash + template: + metadata: + labels: + app: logstash + spec: + containers: + - name: logstash + image: docker.elastic.co/logstash/logstash:8.11.0 + ports: + - containerPort: 5044 + - containerPort: 5000 + - containerPort: 9600 + env: + - name: LS_JAVA_OPTS + value: "-Xms256m -Xmx256m" + volumeMounts: + - name: logstash-config + mountPath: /usr/share/logstash/config/logstash.yml + subPath: logstash.yml + - name: logstash-pipeline + mountPath: /usr/share/logstash/pipeline/pipeline.conf + subPath: pipeline.conf + volumes: + - name: logstash-config + configMap: + name: logstash-config + - name: logstash-pipeline + configMap: + name: logstash-config +--- +apiVersion: v1 +kind: Service +metadata: + name: logstash + namespace: elk-stack +spec: + type: ClusterIP + selector: + app: logstash + ports: + - name: beats + port: 5044 + targetPort: 5044 + - name: tcp + port: 5000 + targetPort: 5000 + - name: monitoring + port: 9600 + targetPort: 9600 + + diff --git a/elk-stack/namespace.yaml b/elk-stack/namespace.yaml new file mode 100644 index 0000000..706ba7a --- /dev/null +++ b/elk-stack/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: elk-stack + + diff --git a/elk-stack/pvc-elasticsearch.yaml b/elk-stack/pvc-elasticsearch.yaml new file mode 100644 index 0000000..729306b --- /dev/null +++ b/elk-stack/pvc-elasticsearch.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: elasticsearch-data + namespace: elk-stack +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + + diff --git a/elk-stack/statefulset-elasticsearch.yaml b/elk-stack/statefulset-elasticsearch.yaml new file mode 100644 index 0000000..8108895 --- /dev/null +++ b/elk-stack/statefulset-elasticsearch.yaml @@ -0,0 +1,61 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: elasticsearch + namespace: elk-stack +spec: + serviceName: elasticsearch + replicas: 1 + selector: + matchLabels: + app: elasticsearch + template: + metadata: + labels: + app: elasticsearch + spec: + containers: + - name: elasticsearch + image: docker.elastic.co/elasticsearch/elasticsearch:8.11.0 + ports: + - containerPort: 9200 + - containerPort: 9300 + env: + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: "false" + - name: ES_JAVA_OPTS + value: "-Xms512m -Xmx512m" + volumeMounts: + - name: elasticsearch-data + mountPath: /usr/share/elasticsearch/data + - name: elasticsearch-config + mountPath: /usr/share/elasticsearch/config/elasticsearch.yml + subPath: elasticsearch.yml + volumes: + - name: elasticsearch-data + persistentVolumeClaim: + claimName: elasticsearch-data + - name: elasticsearch-config + configMap: + name: elasticsearch-config +--- +apiVersion: v1 +kind: Service +metadata: + name: elasticsearch + namespace: elk-stack +spec: + type: ClusterIP + selector: + app: elasticsearch + ports: + - name: http + port: 9200 + targetPort: 9200 + - name: transport + port: 9300 + targetPort: 9300 + + diff --git a/genearator-stack/configmap-generators.yaml b/genearator-stack/configmap-generators.yaml new file mode 100644 index 0000000..c265f70 --- /dev/null +++ b/genearator-stack/configmap-generators.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: generators-config + namespace: genearator-stack +data: + GENERATE_INTERVAL: "5" + EXPORT_INTERVAL: "60" + + diff --git a/genearator-stack/deployment-mongo-generator.yaml b/genearator-stack/deployment-mongo-generator.yaml new file mode 100644 index 0000000..3456ed9 --- /dev/null +++ b/genearator-stack/deployment-mongo-generator.yaml @@ -0,0 +1,81 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mongo-generator + namespace: genearator-stack +spec: + replicas: 1 + selector: + matchLabels: + app: mongo-generator + template: + metadata: + labels: + app: mongo-generator + spec: + containers: + - name: mongo-generator + image: vadzik/mongo-generator:latest + env: + - name: LOGSTASH_HOST + valueFrom: + secretKeyRef: + name: generators-secret + key: LOGSTASH_HOST + - name: LOGSTASH_PORT + valueFrom: + secretKeyRef: + name: generators-secret + key: LOGSTASH_PORT + - name: GENERATE_INTERVAL + valueFrom: + configMapKeyRef: + name: generators-config + key: GENERATE_INTERVAL + - name: EXPORT_INTERVAL + valueFrom: + configMapKeyRef: + name: generators-config + key: EXPORT_INTERVAL + - name: MONGO1_HOST + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO1_HOST + - name: MONGO1_PORT + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO1_PORT + - name: MONGO1_USER + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO1_USER + - name: MONGO1_PASSWORD + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO1_PASSWORD + - name: MONGO2_HOST + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO2_HOST + - name: MONGO2_PORT + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO2_PORT + - name: MONGO2_USER + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO2_USER + - name: MONGO2_PASSWORD + valueFrom: + secretKeyRef: + name: generators-secret + key: MONGO2_PASSWORD + + diff --git a/genearator-stack/deployment-pg-generator.yaml b/genearator-stack/deployment-pg-generator.yaml new file mode 100644 index 0000000..5d00074 --- /dev/null +++ b/genearator-stack/deployment-pg-generator.yaml @@ -0,0 +1,91 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pg-generator + namespace: genearator-stack +spec: + replicas: 1 + selector: + matchLabels: + app: pg-generator + template: + metadata: + labels: + app: pg-generator + spec: + containers: + - name: pg-generator + image: vadzik/pg-generator:latest + env: + - name: LOGSTASH_HOST + valueFrom: + secretKeyRef: + name: generators-secret + key: LOGSTASH_HOST + - name: LOGSTASH_PORT + valueFrom: + secretKeyRef: + name: generators-secret + key: LOGSTASH_PORT + - name: GENERATE_INTERVAL + valueFrom: + configMapKeyRef: + name: generators-config + key: GENERATE_INTERVAL + - name: EXPORT_INTERVAL + valueFrom: + configMapKeyRef: + name: generators-config + key: EXPORT_INTERVAL + - name: DB1_HOST + valueFrom: + secretKeyRef: + name: generators-secret + key: DB1_HOST + - name: DB1_PORT + valueFrom: + secretKeyRef: + name: generators-secret + key: DB1_PORT + - name: DB1_NAME + valueFrom: + secretKeyRef: + name: generators-secret + key: DB1_NAME + - name: DB1_USER + valueFrom: + secretKeyRef: + name: generators-secret + key: DB1_USER + - name: DB1_PASSWORD + valueFrom: + secretKeyRef: + name: generators-secret + key: DB1_PASSWORD + - name: DB2_HOST + valueFrom: + secretKeyRef: + name: generators-secret + key: DB2_HOST + - name: DB2_PORT + valueFrom: + secretKeyRef: + name: generators-secret + key: DB2_PORT + - name: DB2_NAME + valueFrom: + secretKeyRef: + name: generators-secret + key: DB2_NAME + - name: DB2_USER + valueFrom: + secretKeyRef: + name: generators-secret + key: DB2_USER + - name: DB2_PASSWORD + valueFrom: + secretKeyRef: + name: generators-secret + key: DB2_PASSWORD + + diff --git a/genearator-stack/namespace.yaml b/genearator-stack/namespace.yaml new file mode 100644 index 0000000..b0bb9ea --- /dev/null +++ b/genearator-stack/namespace.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: genearator-stack + + diff --git a/genearator-stack/secrets-generators.yaml b/genearator-stack/secrets-generators.yaml new file mode 100644 index 0000000..5679344 --- /dev/null +++ b/genearator-stack/secrets-generators.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: Secret +metadata: + name: generators-secret + namespace: genearator-stack +type: Opaque +stringData: + LOGSTASH_HOST: logstash.elk-stack.svc.cluster.local + LOGSTASH_PORT: "5000" + DB1_HOST: db1.cluster1.svc.cluster.local + DB1_PORT: "5432" + DB1_NAME: database1 + DB1_USER: postgres + DB1_PASSWORD: postgres123 + DB2_HOST: db2.cluster1.svc.cluster.local + DB2_PORT: "5432" + DB2_NAME: database2 + DB2_USER: postgres + DB2_PASSWORD: postgres123 + MONGO1_HOST: mongo1.cluster2.svc.cluster.local + MONGO1_PORT: "27017" + MONGO1_USER: admin + MONGO1_PASSWORD: adminpass + MONGO2_HOST: mongo2.cluster2.svc.cluster.local + MONGO2_PORT: "27017" + MONGO2_USER: admin + MONGO2_PASSWORD: adminpass + +