From 3dfa8e3203fc10055bb96023fb563003ebc64e32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Wed, 14 Dec 2022 19:29:13 +0200 Subject: [PATCH] camtiler: Clean ups --- camtiler/application.yml | 93 ++++++++++++++++++---------- tigera-operator/tigera-operator.yaml | 34 ++-------- 2 files changed, 68 insertions(+), 59 deletions(-) diff --git a/camtiler/application.yml b/camtiler/application.yml index 3df86d3..de296e7 100644 --- a/camtiler/application.yml +++ b/camtiler/application.yml @@ -8,7 +8,7 @@ metadata: keel.sh/trigger: poll spec: revisionHistoryLimit: 0 - replicas: 1 + replicas: 2 selector: matchLabels: &selectorLabels app.kubernetes.io/name: camtiler @@ -41,13 +41,15 @@ kind: Deployment metadata: name: logmower-frontend spec: + revisionHistoryLimit: 0 + replicas: 2 selector: - matchLabels: - app: logmower-frontend + matchLabels: &selectorLabels + app.kubernetes.io/name: camtiler + component: logmower-frontend template: metadata: - labels: - app: logmower-frontend + labels: *selectorLabels spec: containers: - name: logmower-frontend @@ -61,13 +63,15 @@ kind: Deployment metadata: name: logmower-eventsource spec: + revisionHistoryLimit: 0 + replicas: 2 selector: - matchLabels: - app: logmower-eventsource + matchLabels: &selectorLabels + app.kubernetes.io/name: camtiler + component: logmower-eventsource template: metadata: - labels: - app: logmower-eventsource + labels: *selectorLabels spec: containers: - name: logmower-eventsource @@ -86,23 +90,25 @@ spec: - name: BACKEND value: 'camtiler' - name: BACKEND_BROKER_URL - value: 'http://camera-event-broker' + value: 'http://logmower-event-broker' --- apiVersion: apps/v1 kind: Deployment metadata: - name: camera-event-broker + name: logmower-event-broker spec: + revisionHistoryLimit: 0 + replicas: 5 selector: - matchLabels: - app: camera-event-broker + matchLabels: &selectorLabels + app.kubernetes.io/name: camtiler + component: logmower-event-broker template: metadata: - labels: - app: camera-event-broker + labels: *selectorLabels spec: containers: - - name: camera-event-broker + - name: logmower-event-broker image: harbor.k-space.ee/k-space/camera-event-broker ports: - containerPort: 3000 @@ -133,7 +139,8 @@ metadata: spec: type: ClusterIP selector: - app: logmower-frontend + app.kubernetes.io/name: camtiler + component: logmower-frontend ports: - protocol: TCP port: 8080 @@ -145,7 +152,8 @@ metadata: spec: type: ClusterIP selector: - app: logmower-eventsource + app.kubernetes.io/name: camtiler + component: logmower-eventsource ports: - protocol: TCP port: 3002 @@ -153,11 +161,12 @@ spec: apiVersion: v1 kind: Service metadata: - name: camera-event-broker + name: logmower-event-broker spec: type: ClusterIP selector: - app: camera-event-broker + app.kubernetes.io/name: camtiler + component: logmower-event-broker ports: - protocol: TCP port: 80 @@ -344,12 +353,12 @@ spec: apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: - name: log-viewer-backend + name: logmower-eventsource spec: podSelector: matchLabels: app.kubernetes.io/name: camtiler - component: log-viewer-backend + component: logmower-eventsource policyTypes: - Ingress - Egress @@ -358,14 +367,9 @@ spec: - podSelector: matchLabels: app: mongodb-svc - - to: - # Minio access via Traefik's public endpoint - - namespaceSelector: + - podSelector: matchLabels: - kubernetes.io/metadata.name: traefik - podSelector: - matchLabels: - app.kubernetes.io/name: traefik + component: logmower-event-broker ingress: - from: - namespaceSelector: @@ -378,12 +382,39 @@ spec: apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: - name: log-viewer-frontend + name: logmower-event-broker spec: podSelector: matchLabels: app.kubernetes.io/name: camtiler - component: log-viewer-frontend + component: logmower-event-broker + policyTypes: + - Ingress + - Egress + egress: + - to: + # Minio access via Traefik's public endpoint + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: traefik + podSelector: + matchLabels: + app.kubernetes.io/name: traefik + ingress: + - from: + - podSelector: + matchLabels: + component: logmower-eventsource +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: logmower-frontend +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: camtiler + component: logmower-frontend policyTypes: - Ingress - Egress diff --git a/tigera-operator/tigera-operator.yaml b/tigera-operator/tigera-operator.yaml index 48b9b1a..eb66fd0 100644 --- a/tigera-operator/tigera-operator.yaml +++ b/tigera-operator/tigera-operator.yaml @@ -805,11 +805,6 @@ spec: node appears to use the IP of the ingress node; this requires a permissive L2 network. [Default: Tunnel]' type: string - bpfHostConntrackBypass: - description: 'BPFHostConntrackBypass Controls whether to bypass Linux - conntrack in BPF mode for workloads and services. [Default: true - - bypass Linux conntrack]' - type: boolean bpfKubeProxyEndpointSlicesEnabled: description: BPFKubeProxyEndpointSlicesEnabled in BPF mode, controls whether Felix's embedded kube-proxy accepts EndpointSlices or not. @@ -1342,8 +1337,8 @@ spec: type: boolean vxlanEnabled: description: 'VXLANEnabled overrides whether Felix should create the - VXLAN tunnel device for IPv4 VXLAN networking. Optional as Felix - determines this based on the existing IP pools. [Default: nil (unset)]' + VXLAN tunnel device for VXLAN networking. Optional as Felix determines + this based on the existing IP pools. [Default: nil (unset)]' type: boolean vxlanMTU: description: 'VXLANMTU is the MTU to set on the IPv4 VXLAN tunnel @@ -2776,7 +2771,7 @@ spec: for internal use only.' type: boolean natOutgoing: - description: When natOutgoing is true, packets sent from Calico networked + description: When nat-outgoing is true, packets sent from Calico networked containers in this pool to destinations outside of this pool will be masqueraded. type: boolean @@ -9651,14 +9646,6 @@ spec: type: string type: object type: array - fipsMode: - description: 'FIPSMode uses images and features only that are using - FIPS 140-2 validated cryptographic modules and standards. Default: - Disabled' - enum: - - Enabled - - Disabled - type: string flexVolumePath: description: FlexVolumePath optionally specifies a custom path for FlexVolume. If not specified, FlexVolume will be enabled by default. @@ -9702,7 +9689,7 @@ spec: kubeletVolumePluginPath: description: 'KubeletVolumePluginPath optionally specifies enablement of Calico CSI plugin. If not specified, CSI will be enabled by default. - If set to ''None'', CSI will be disabled. Default: /var/lib/kubelet' + If set to "None", CSI will be disabled. Default: /var/lib/kubelet' type: string kubernetesProvider: description: KubernetesProvider specifies a particular provider of @@ -15811,14 +15798,6 @@ spec: type: string type: object type: array - fipsMode: - description: 'FIPSMode uses images and features only that are - using FIPS 140-2 validated cryptographic modules and standards. - Default: Disabled' - enum: - - Enabled - - Disabled - type: string flexVolumePath: description: FlexVolumePath optionally specifies a custom path for FlexVolume. If not specified, FlexVolume will be enabled @@ -15861,9 +15840,8 @@ spec: type: array kubeletVolumePluginPath: description: 'KubeletVolumePluginPath optionally specifies enablement - of Calico CSI plugin. If not specified, CSI will be enabled - by default. If set to ''None'', CSI will be disabled. Default: - /var/lib/kubelet' + of Calico CSI plugin. If not specified, CSI will be enabled by default. + If set to "None", CSI will be disabled. Default: /var/lib/kubelet' type: string kubernetesProvider: description: KubernetesProvider specifies a particular provider