From 6a9254da3341247c903c90d1ecf99a7ad4f2d76e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Sat, 29 Jul 2023 09:19:42 +0300 Subject: [PATCH] Clean up Etherpad --- etherpad/README.md | 9 +-- etherpad/application.yml | 105 -------------------------------- etherpad/networkpolicy-base.yml | 1 - 3 files changed, 1 insertion(+), 114 deletions(-) delete mode 120000 etherpad/networkpolicy-base.yml diff --git a/etherpad/README.md b/etherpad/README.md index 36204d8..c1a60cf 100644 --- a/etherpad/README.md +++ b/etherpad/README.md @@ -1,12 +1,5 @@ To apply changes: ``` -kubectl apply -n etherpad -f application.yml -f networkpolicy-base.yml +kubectl apply -n etherpad -f application.yml ``` - -Initialize MySQL secrets: - -``` -kubectl create secret generic -n etherpad mariadb-secrets \ - --from-literal=MYSQL_ROOT_PASSWORD=$(cat /dev/urandom | base64 | head -c 30) \ - --from-literal=MYSQL_PASSWORD=$(cat /dev/urandom | base64 | head -c 30) diff --git a/etherpad/application.yml b/etherpad/application.yml index 1104f88..abb4678 100644 --- a/etherpad/application.yml +++ b/etherpad/application.yml @@ -97,108 +97,3 @@ spec: tls: - hosts: - "*.k-space.ee" ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: etherpad - namespace: etherpad -spec: - podSelector: - matchLabels: - app: etherpad - policyTypes: - - Ingress - - Egress - ingress: - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: traefik - ports: - - protocol: TCP - port: 9001 - egress: - - to: - - ipBlock: - cidr: 172.20.36.1/32 - ports: - - protocol: TCP - port: 3306 ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: mysql-operator -spec: - podSelector: - matchLabels: - app: etherpad - policyTypes: - - Ingress - - Egress - ingress: - - # TODO: Not sure why mysql-operator needs to be able to connect - from: - - namespaceSelector: - matchExpressions: - - key: kubernetes.io/metadata.name - operator: In - values: - - mysql-operator - ports: - - protocol: TCP - port: 3306 - - # Allow connecting from other MySQL pods in same namespace - from: - - podSelector: - matchLabels: - app.kubernetes.io/managed-by: mysql-operator - ports: - - protocol: TCP - port: 3306 - egress: - - # Allow connecting to other MySQL pods in same namespace - to: - - podSelector: - matchLabels: - app.kubernetes.io/managed-by: mysql-operator - ports: - - protocol: TCP - port: 3306 ---- -apiVersion: mysql.oracle.com/v2 -kind: InnoDBCluster -metadata: - name: mysql-cluster -spec: - secretName: mysql-secrets - instances: 3 - router: - instances: 1 - tlsUseSelfSigned: true - datadirVolumeClaimTemplate: - storageClassName: local-path - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "10Gi" - podSpec: - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app.kubernetes.io/managed-by - operator: In - values: - - mysql-operator - topologyKey: kubernetes.io/hostname - nodeSelector: - dedicated: storage - tolerations: - - key: dedicated - operator: Equal - value: storage - effect: NoSchedule diff --git a/etherpad/networkpolicy-base.yml b/etherpad/networkpolicy-base.yml deleted file mode 120000 index e84a698..0000000 --- a/etherpad/networkpolicy-base.yml +++ /dev/null @@ -1 +0,0 @@ -../shared/networkpolicy-base.yml \ No newline at end of file