====== TeamPass deployment ======
$ kubectl create ns teampass-system
namespace/teampass-system created
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: teampass
namespace: teampass-system
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs-client
resources:
requests:
storage: 4Gi
$ kubectl apply -f pvc-teampass.yaml
persistentvolumeclaim/teampass created
$ kubectl get pvc -n teampass-system
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
teampass Bound pvc-8edc83c7-1ee1-4e5f-88db-3986f69d4a91 4Gi RWO nfs-client 52s
$ cat secret-db.yaml
apiVersion: v1
kind: Secret
metadata:
name: db-secrets
namespace: teampass-system
data:
MYSQL_PASSWORD: WlBmemptd3FaN0xY
MYSQL_ROOT_PASSWORD: WlBmemptd3FaN0xY
$ kubectl apply -f secret-db.yaml
secret/db-secrets created
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: db-teampass
name: db-teampass
namespace: teampass-system
spec:
replicas: 1
selector:
matchLabels:
app: db-teampass
strategy: {}
template:
metadata:
labels:
app: db-teampass
spec:
securityContext:
fsGroup: 1001
runAsUser: 1001
containers:
- env:
- name: MYSQL_DATABASE
value: teampass
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: db-secrets
key: MYSQL_PASSWORD
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: db-secrets
key: MYSQL_ROOT_PASSWORD
- name: MYSQL_USER
value: teampass
image: hub.juntotelecom.com.br/library/mariadb:10.5
imagePullPolicy: IfNotPresent
name: db-teampass
resources: {}
volumeMounts:
- mountPath: /var/lib/mysql
name: db-teampass
volumes:
- name: db-teampass
persistentVolumeClaim:
claimName: teampass
$ kubectl get pods -n teampass-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
db-teampass-5cff5b5985-qqznl 1/1 Running 0 38s 10.244.213.160 kube-worker-02.juntotelecom.com.br
$ kubectl describe pod db-teampass-5cff5b5985-qqznl -n teampass-system
Name: db-teampass-5cff5b5985-qqznl
Namespace: teampass-system
Priority: 0
Node: kube-worker-02.juntotelecom.com.br/172.28.128.100
Start Time: Thu, 19 May 2022 18:30:47 -0300
Labels: app=db-teampass
pod-template-hash=5cff5b5985
Annotations: cni.projectcalico.org/containerID: a37ba8ffb4ec37b2b36bf8100cc043dd5e674c184e90eea3897057455cff9278
cni.projectcalico.org/podIP: 10.244.213.160/32
cni.projectcalico.org/podIPs: 10.244.213.160/32,fd00::e:1334:c75d:e2cb:7edf/128
Status: Running
IP: 10.244.213.160
IPs:
IP: 10.244.213.160
IP: fd00::e:1334:c75d:e2cb:7edf
Controlled By: ReplicaSet/db-teampass-5cff5b5985
Containers:
db-teampass:
Container ID: cri-o://62669318c48e1f3037456d49256de39255bd4d8325d0e1e3392fa0fd1ec144e1
Image: hub.juntotelecom.com.br/library/mariadb:10.5
Image ID: hub.juntotelecom.com.br/library/mariadb@sha256:bca4e8ecce022e54a3c7439287e92fcda1e7e0f1e0e9a7134318636b0063fbf2
Port:
Host Port:
State: Running
Started: Thu, 19 May 2022 18:31:09 -0300
Ready: True
Restart Count: 0
Environment:
MYSQL_DATABASE: teampass
MYSQL_PASSWORD: Optional: false
MYSQL_ROOT_PASSWORD: Optional: false
MYSQL_USER: teampass
Mounts:
/var/lib/mysql from db-teampass (rw)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-bt56s (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
db-teampass:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: teampass
ReadOnly: false
kube-api-access-bt56s:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 82s default-scheduler Successfully assigned teampass-system/db-teampass-5cff5b5985-qqznl to kube-worker-02.juntotelecom.com.br
Normal Pulling 81s kubelet Pulling image "hub.juntotelecom.com.br/library/mariadb:10.5"
Normal Pulled 60s kubelet Successfully pulled image "hub.juntotelecom.com.br/library/mariadb:10.5" in 21.334057491s
Normal Created 60s kubelet Created container db-teampass
Normal Started 60s kubelet Started container db-teampass
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app: db-teampass
name: db-teampass
namespace: teampass-system
spec:
ipFamilies:
- IPv4
- IPv6
ipFamilyPolicy: PreferDualStack
ports:
- name: "3306"
port: 3306
targetPort: 3306
selector:
app: db-teampass
type: ClusterIP
$ kubectl apply -f db-service.yaml
service/db-teampass created
$ kubectl describe service db-teampass -n teampass-system
Name: db-teampass
Namespace: teampass-system
Labels: app=db-teampass
Annotations:
Selector: app=db-teampass
Type: ClusterIP
IP Family Policy: PreferDualStack
IP Families: IPv4,IPv6
IP: 10.96.197.88
IPs: 10.96.197.88,fd00:0:0:100::4baf
Port: 3306 3306/TCP
TargetPort: 3306/TCP
Endpoints: 10.244.213.160:3306
Session Affinity: None
Events:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: teampass-html
namespace: teampass-system
spec:
accessModes:
- ReadWriteOnce
storageClassName: nfs-client
resources:
requests:
storage: 1Gi
$ kubectl apply -f pvc-html.yaml
persistentvolumeclaim/teampass-html created
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: teampass
name: teampass
namespace: teampass-system
spec:
replicas: 1
selector:
matchLabels:
app: teampass
strategy: {}
template:
metadata:
labels:
app: teampass
spec:
containers:
- image: hub.juntotelecom.com.br/library/teampass_teampass-web
name: teampass
ports:
- containerPort: 80
- containerPort: 443
volumeMounts:
- mountPath: /var/www/html
name: teampass-html
restartPolicy: Always
securityContext:
fsGroup: 1001
runAsUser: 1001
volumes:
- name: teampass-html
persistentVolumeClaim:
claimName: teampass-html
$ kubectl apply -f teampass-deploy.yaml
deployment.apps/teampass created
$ kubectl get pods -n teampass-system -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
db-teampass-5cff5b5985-qqznl 1/1 Running 0 18m 10.244.213.160 kube-worker-02.juntotelecom.com.br
teampass-64778bb6c9-lwg4q 1/1 Running 0 61s 10.244.213.161 kube-worker-02.juntotelecom.com.br
$ kubectl describe pod teampass-64778bb6c9-lwg4q -n teampass-system
Name: teampass-64778bb6c9-lwg4q
Namespace: teampass-system
Priority: 0
Node: kube-worker-02.juntotelecom.com.br/172.28.128.100
Start Time: Thu, 19 May 2022 18:48:38 -0300
Labels: app=teampass
pod-template-hash=64778bb6c9
Annotations: cni.projectcalico.org/containerID: cf8fcce01aa26a43b91c5eed4af553108aabc9021c9d780fad7d8bd53735f6c9
cni.projectcalico.org/podIP: 10.244.213.161/32
cni.projectcalico.org/podIPs: 10.244.213.161/32,fd00::e:1334:c75d:e2cb:7ee0/128
Status: Running
IP: 10.244.213.161
IPs:
IP: 10.244.213.161
IP: fd00::e:1334:c75d:e2cb:7ee0
Controlled By: ReplicaSet/teampass-64778bb6c9
Containers:
teampass:
Container ID: cri-o://23c720a8d6e93b61e2289e54825974b02ba23159164ae30962602bdb4bd328b3
Image: hub.juntotelecom.com.br/library/teampass_teampass-web
Image ID: hub.juntotelecom.com.br/library/teampass_teampass-web@sha256:fc89c9b5d7fecfd1807f33ab647d7fc3eca92931125f55ca4e3fb0f89d30f4e5
Ports: 80/TCP, 443/TCP
Host Ports: 0/TCP, 0/TCP
State: Running
Started: Thu, 19 May 2022 18:50:17 -0300
Last State: Terminated
Reason: Error
Exit Code: 2
Started: Thu, 19 May 2022 18:49:15 -0300
Finished: Thu, 19 May 2022 18:50:16 -0300
Ready: True
Restart Count: 1
Environment:
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-kgg69 (ro)
/var/www/html from teampass-html (rw)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
teampass-html:
Type: PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
ClaimName: teampass-html
ReadOnly: false
kube-api-access-kgg69:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional:
DownwardAPI: true
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 101s default-scheduler Successfully assigned teampass-system/teampass-64778bb6c9-lwg4q to kube-worker-02.juntotelecom.com.br
Normal Pulled 64s kubelet Successfully pulled image "hub.juntotelecom.com.br/library/teampass_teampass-web" in 36.141823893s
Normal Pulling 2s (x2 over 100s) kubelet Pulling image "hub.juntotelecom.com.br/library/teampass_teampass-web"
Normal Created 2s (x2 over 64s) kubelet Created container teampass
Normal Started 2s (x2 over 64s) kubelet Started container teampass
Normal Pulled 2s kubelet Successfully pulled image "hub.juntotelecom.com.br/library/teampass_teampass-web" in 352.032935ms
apiVersion: v1
kind: Service
metadata:
annotations:
labels:
app: teampaass
name: teampass
namespace: teampass-system
spec:
ipFamilies:
- IPv4
- IPv6
ipFamilyPolicy: PreferDualStack
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
- name: https
port: 443
protocol: TCP
targetPort: https
selector:
app: teampass
type: ClusterIP
$ kubectl apply -f service-teampass.yaml
service/teampass created
$ kubectl get service -n teampass-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
db-teampass ClusterIP 10.96.197.88 3306/TCP 20m
teampass ClusterIP 10.96.1.44 80/TCP,443/TCP 60s