From 8a84c878de92ca24dab0875d875e867f199e457d Mon Sep 17 00:00:00 2001 From: victor Date: Fri, 10 Nov 2023 16:22:31 +0100 Subject: [PATCH] :tadam: kibana k8 works --- Makefile | 38 ++++++++++++-------------- backend/tools/elastic.py | 7 ++++- delete-kibana-pre-install.sh | 2 ++ deployments/backend.yaml | 2 +- deployments/ekl/elasticsearch.yaml | 10 ++++--- deployments/ekl/kibana.yaml | 44 +++++++++++++++++++++++++----- deployments/frontend.yaml | 2 +- deployments/traefik/ingress.yaml | 18 ++++++------ 8 files changed, 80 insertions(+), 43 deletions(-) diff --git a/Makefile b/Makefile index b23b6d6..30710d8 100644 --- a/Makefile +++ b/Makefile @@ -45,34 +45,32 @@ export BACKEND_PORT=5000 export BACKEND_HOST = backend # frontend dir -export FRONTEND_PORT=3000 -export FRONTEND = ${APP_PATH}/frontend -export FRONTEND_DEV_HOST = frontend-dev -export FILE_FRONTEND_APP_VERSION = $(APP)-$(APP_VERSION)-frontend.tar.gz -export FILE_FRONTEND_DIST_APP_VERSION = $(APP)-$(APP_VERSION)-frontend-dist.tar.gz -export FILE_FRONTEND_DIST_LATEST_VERSION = $(APP)-latest-frontend-dist.tar.gz -export FRONTEND_STATIC_USER = ${APP_PATH}/frontend/static/user # user folder in static folder of frontend - -export VIEWERJS_VERSION=0.5.8 - -export BUILD_DIR = ${APP_PATH}/${APP}-build +export FRONTEND_PORT =3000 +export FRONTEND = ${APP_PATH}/frontend +export FRONTEND_DEV_HOST = frontend-dev +export FILE_FRONTEND_APP_VERSION = $(APP)-$(APP_VERSION)-frontend.tar.gz +export FILE_FRONTEND_DIST_APP_VERSION = $(APP)-$(APP_VERSION)-frontend-dist.tar.gz +export FILE_FRONTEND_DIST_LATEST_VERSION= $(APP)-latest-frontend-dist.tar.gz +export FRONTEND_STATIC_USER = ${APP_PATH}/frontend/static/user # user folder in static folder of frontend +export VIEWERJS_VERSION =0.5.8 +export BUILD_DIR = ${APP_PATH}/${APP}-build # nginx export PORT = 80 -export NGINX = ${APP_PATH}/nginx -export NGINX_TIMEOUT = 30 -export API_USER_LIMIT_RATE=1r/s -export API_USER_BURST=20 nodelay -export API_USER_SCOPE=http_x_forwarded_for +export NGINX = ${APP_PATH}/nginx +export NGINX_TIMEOUT = 30 +export API_USER_LIMIT_RATE =1r/s +export API_USER_BURST =20 nodelay +export API_USER_SCOPE =http_x_forwarded_for export API_GLOBAL_LIMIT_RATE=20r/s -export API_GLOBAL_BURST=200 nodelay +export API_GLOBAL_BURST =200 nodelay # SWIFT -export BUCKET_NAME=${INDEX_NAME} +export BUCKET_NAME =${INDEX_NAME} # this is usefull with most python apps in dev mode because if stdout is # buffered logs do not shows in realtime -PYTHONUNBUFFERED=1 +PYTHONUNBUFFERED =1 -dummy := $(shell touch artifacts) +dummy := $(shell touch artifacts) include ./artifacts export diff --git a/backend/tools/elastic.py b/backend/tools/elastic.py index 7a59c80..502bb47 100644 --- a/backend/tools/elastic.py +++ b/backend/tools/elastic.py @@ -25,12 +25,17 @@ # On établit une connection +# test +# curl -k -X GET -u elastic:elastic "http://elasticsearch-master:9200/_cluster/health?pretty" -vv +# es = Elasticsearch(['https://elastic:elastic@elasticsearch-master:9200'],use_ssl=False) +# es.search(index='bld',body={"query":{"match_all":{}}}) + es = Elasticsearch([{'host': getenv('ES_HOST', 'elasticsearch'), 'port': getenv('ES_PORT', '9200'), 'timeout': 240, 'max_retries': 10, 'retry_on_timeout': True, }], - http_auth=(getenv('ES_USER', 'elasticsearch'), getenv('ES_PSWD', 'elasticsearch'))) + http_auth=(getenv('ES_USER', 'elastic'), getenv('ES_PSWD', 'elastic'))) indices = elasticsearch.client.IndicesClient(es) diff --git a/delete-kibana-pre-install.sh b/delete-kibana-pre-install.sh index 3e0e689..051b1c8 100755 --- a/delete-kibana-pre-install.sh +++ b/delete-kibana-pre-install.sh @@ -8,6 +8,8 @@ kubectl delete configmaps kibana-kibana-helm-scripts -n ridoc kubectl delete -n ridoc secrets kibana-kibana-es-token kubectl delete pods --field-selector status.phase=Failed -n ridoc kubectl delete -n ridoc deployment kibana-kibana +kubectl delete -n ridoc jobs.batch post-delete-kibana-kibana +kubectl delete -n ridoc serviceaccounts post-delete-kibana-kibana for resource in $resource_types; do # List resources with the specified name diff --git a/deployments/backend.yaml b/deployments/backend.yaml index 72a6585..1bd4525 100644 --- a/deployments/backend.yaml +++ b/deployments/backend.yaml @@ -47,7 +47,7 @@ spec: image: logicalspark/docker-tikaserver ports: - containerPort: 9998 - +# Mount secrets elasticsearch-master-certs volumes: - name: data persistentVolumeClaim: diff --git a/deployments/ekl/elasticsearch.yaml b/deployments/ekl/elasticsearch.yaml index 1085d0c..b10c092 100644 --- a/deployments/ekl/elasticsearch.yaml +++ b/deployments/ekl/elasticsearch.yaml @@ -22,15 +22,17 @@ secret: password: "elastic" # generated randomly if not defined -protocol: http -createCert: false +protocol: https +createCert: true # esConfig: # elasticsearch.yml: | # xpack.security.enabled: true -# xpack.security.transport.ssl.enabled: true -# xpack.security.http.ssl.enabled: true +# xpack.security.transport.ssl.enabled: false +# xpack.security.http.ssl.enabled: false +# Config testée +# protocol https,createCert / xpack.ssl false/tru volumeClaimTemplate: accessModes: ["ReadWriteOnce"] resources: diff --git a/deployments/ekl/kibana.yaml b/deployments/ekl/kibana.yaml index 5391891..4367cf3 100644 --- a/deployments/ekl/kibana.yaml +++ b/deployments/ekl/kibana.yaml @@ -1,19 +1,49 @@ -elasticsearchHosts: "http://elasticsearch-master:9200" +elasticsearchHosts: "https://elasticsearch-master:9200" +elasticsearchCertificateSecret: elasticsearch-master-certs +elasticsearchCertificateAuthoritiesFile: ca.crt +elasticsearchCredentialSecret: elasticsearch-master-credentials + imageTag: "7.17.0" replicas: 1 resources: requests: - cpu: "300m" - memory: "0.1Gi" + cpu: "500m" + memory: "1Gi" limits: - cpu: "300m" - memory: "0.5Gi" + cpu: "500m" + memory: "1Gi" + +extraEnvs: + - name: "NODE_OPTIONS" + value: "--max-old-space-size=1800" + - name: SERVER_REWRITEBASEPATH + value: "true" + - name: SERVER_BASEPATH + value: "/kibana" + # - name: "ELASTICSEARCH_USERNAME" + # value: "elastic" + # - name: "ELASTICSEARCH_PASSWORD" + # value: "elastic" + # valueFrom: + # secretKeyRef: elasticsearch-master-credentials + # name: + # key: username + # valueFrom: + # secretKeyRef: elasticsearch-master-credentials + # name: + # key: password # extraEnvs: # - name: "NODE_OPTIONS" # value: "--max-old-space-size=1800" -# healthCheckPath: "/api/status" -# protocol: http +healthCheckPath: "/kibana/app/kibana" +protocol: http +readinessProbe: + failureThreshold: 5 + initialDelaySeconds: 60 + periodSeconds: 30 + successThreshold: 6 + timeoutSeconds: 10 \ No newline at end of file diff --git a/deployments/frontend.yaml b/deployments/frontend.yaml index 986bdd8..8890e61 100644 --- a/deployments/frontend.yaml +++ b/deployments/frontend.yaml @@ -24,7 +24,7 @@ spec: containerPort: 3000 env: - name: APP_VERSION - value: ${APP_VERSION} + value: "${APP_VERSION}" envFrom: - configMapRef: name: env-${INDEX_NAME} diff --git a/deployments/traefik/ingress.yaml b/deployments/traefik/ingress.yaml index 8dba11e..fb8cf21 100644 --- a/deployments/traefik/ingress.yaml +++ b/deployments/traefik/ingress.yaml @@ -21,15 +21,15 @@ spec: middlewares: - name: stripprefix namespace: ridoc - # - match: Host(`kubernetes.ridoc.fr`) && PathPrefix(`/kibana`) - # kind: Rule - # services: - # - name: kibana - # namespace: ridoc - # port: http - # middlewares: - # - name: stripprefix - # namespace: kibana + - match: Host(`kubernetes.ridoc.fr`) && PathPrefix(`/kibana`) + kind: Rule + services: + - name: kibana-kibana + namespace: ridoc + port: http + # middlewares: + # - name: stripprefix + # namespace: ridoc tls: certResolver: le