From bacef8d4387ad22bc1e7809cf8166e3158053a90 Mon Sep 17 00:00:00 2001 From: Erki Aas Date: Sun, 8 Sep 2024 23:54:32 +0300 Subject: [PATCH] remove logmower --- argocd/applications/logmower.yaml | 20 -- logmower/application.yml | 382 ------------------------------ logmower/networkpolicy-base.yml | 1 - 3 files changed, 403 deletions(-) delete mode 100644 argocd/applications/logmower.yaml delete mode 100644 logmower/application.yml delete mode 120000 logmower/networkpolicy-base.yml diff --git a/argocd/applications/logmower.yaml b/argocd/applications/logmower.yaml deleted file mode 100644 index fcb29a5..0000000 --- a/argocd/applications/logmower.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: logmower - namespace: argocd -spec: - project: k-space.ee - source: - repoURL: 'git@git.k-space.ee:k-space/kube.git' - path: logmower - targetRevision: HEAD - destination: - server: 'https://kubernetes.default.svc' - namespace: logmower - syncPolicy: - automated: - prune: true - syncOptions: - - CreateNamespace=true diff --git a/logmower/application.yml b/logmower/application.yml deleted file mode 100644 index 8618f41..0000000 --- a/logmower/application.yml +++ /dev/null @@ -1,382 +0,0 @@ ---- -apiVersion: codemowers.cloud/v1beta1 -kind: OIDCMiddlewareClient -metadata: - name: frontend -spec: - displayName: Kubernetes pod log aggregator - uri: 'https://log.k-space.ee' - allowedGroups: - - k-space:kubernetes:developers - - k-space:kubernetes:admins - headerMapping: - email: Remote-Email - groups: Remote-Groups - name: Remote-Name - user: Remote-Username ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: logmower-shipper -spec: - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 50% - selector: - matchLabels: - app: logmower-shipper - template: - metadata: - labels: - app: logmower-shipper - spec: - serviceAccountName: logmower-shipper - containers: - - name: logmower-shipper - image: logmower/shipper:latest - env: - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: MONGO_URI - valueFrom: - secretKeyRef: - name: logmower-mongodb-application-readwrite - key: connectionString.standard - ports: - - containerPort: 8000 - name: metrics - securityContext: - readOnlyRootFilesystem: true - command: - - /app/log_shipper.py - - --parse-json - - --normalize-log-level - - --stream-to-log-level - - --merge-top-level - - --max-collection-size - - "10000000000" - resources: - limits: - memory: 200Mi - requests: - cpu: 100m - memory: 100Mi - volumeMounts: - - name: etcmachineid - mountPath: /etc/machine-id - readOnly: true - - name: varlog - mountPath: /var/log - readOnly: true - volumes: - - name: etcmachineid - hostPath: - path: /etc/machine-id - - name: varlog - hostPath: - path: /var/log - tolerations: - - operator: "Exists" - effect: "NoSchedule" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: logging-logmower-shipper -subjects: - - kind: ServiceAccount - name: logmower-shipper - namespace: logmower -roleRef: - kind: ClusterRole - name: filebeat - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: logmower-shipper - labels: - app: logmower-shipper ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: logmower-shipper -spec: - podSelector: - matchLabels: - app: logmower-shipper - policyTypes: - - Ingress - - Egress - ingress: - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: monitoring - podSelector: - matchLabels: - app.kubernetes.io/name: prometheus - egress: - - to: - - podSelector: - matchLabels: - app: logmower-mongodb-svc - ports: - - port: 27017 ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: logmower-eventsource -spec: - podSelector: - matchLabels: - app: logmower-eventsource - policyTypes: - - Ingress - - Egress - egress: - - to: - - podSelector: - matchLabels: - app: logmower-mongodb-svc - ingress: - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: traefik - podSelector: - matchLabels: - app.kubernetes.io/name: traefik ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: logmower-frontend -spec: - podSelector: - matchLabels: - app: logmower-frontend - policyTypes: - - Ingress - - Egress - ingress: - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: traefik - podSelector: - matchLabels: - app.kubernetes.io/name: traefik ---- -apiVersion: monitoring.coreos.com/v1 -kind: PodMonitor -metadata: - name: logmower-shipper -spec: - selector: - matchLabels: - app: logmower-shipper - podMetricsEndpoints: - - port: metrics ---- -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: logmower-shipper -spec: - groups: - - name: logmower-shipper - rules: - - alert: LogmowerSingleInsertionErrors - annotations: - summary: Logmower shipper is having issues submitting log records - to database - expr: rate(logmower_insertion_error_count_total[30m]) > 0 - for: 0m - labels: - severity: warning - - alert: LogmowerBulkInsertionErrors - annotations: - summary: Logmower shipper is having issues submitting log records - to database - expr: rate(logmower_bulk_insertion_error_count_total[30m]) > 0 - for: 0m - labels: - severity: warning - - alert: LogmowerHighDatabaseLatency - annotations: - summary: Database operations are slow - expr: histogram_quantile(0.95, logmower_database_operation_latency_bucket) > 10 - for: 1m - labels: - severity: warning ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: logmower - annotations: - kubernetes.io/ingress.class: traefik - cert-manager.io/cluster-issuer: default - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: logmower-frontend@kubernetescrd - traefik.ingress.kubernetes.io/router.tls: "true" - external-dns.alpha.kubernetes.io/target: traefik.k-space.ee -spec: - rules: - - host: log.k-space.ee - http: - paths: - - pathType: Prefix - path: "/events" - backend: - service: - name: logmower-eventsource - port: - number: 3002 - - pathType: Prefix - path: "/" - backend: - service: - name: logmower-frontend - port: - number: 8080 - tls: - - hosts: - - "*.k-space.ee" ---- -apiVersion: v1 -kind: Service -metadata: - name: logmower-eventsource -spec: - type: ClusterIP - selector: - app: logmower-eventsource - ports: - - protocol: TCP - port: 3002 ---- -apiVersion: v1 -kind: Service -metadata: - name: logmower-frontend -spec: - type: ClusterIP - selector: - app: logmower-frontend - ports: - - protocol: TCP - port: 8080 ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: logmower-frontend -spec: - selector: - matchLabels: - app: logmower-frontend - template: - metadata: - labels: - app: logmower-frontend - spec: - containers: - - name: logmower-frontend - image: logmower/frontend:latest - ports: - - containerPort: 8080 - name: http - securityContext: - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - resources: - limits: - memory: 50Mi - requests: - cpu: 1m - memory: 20Mi - volumeMounts: - - name : nginx-cache - mountPath: /var/cache/nginx/ - - name : nginx-config - mountPath: /var/config/nginx/ - - name: var-run - mountPath: /var/run/ - volumes: - - emptyDir: {} - name: nginx-cache - - emptyDir: {} - name: nginx-config - - emptyDir: {} - name: var-run ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: logmower-eventsource -spec: - selector: - matchLabels: - app: logmower-eventsource - template: - metadata: - labels: - app: logmower-eventsource - spec: - containers: - - name: logmower-eventsource - image: logmower/eventsource:latest - ports: - - containerPort: 3002 - name: nodejs - securityContext: - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 1000 - resources: - limits: - cpu: 500m - memory: 200Mi - requests: - cpu: 10m - memory: 100Mi - env: - - name: MONGODB_HOST - valueFrom: - secretKeyRef: - name: logmower-mongodb-application-readonly - key: connectionString.standard ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: logmower-mongodb -spec: - podSelector: - matchLabels: - app: logmower-mongodb-svc - policyTypes: - - Ingress - - Egress - ingress: - - from: - - podSelector: {} - ports: - - port: 27017 - egress: - - to: - - podSelector: - matchLabels: - app: logmower-mongodb-svc - ports: - - port: 27017 diff --git a/logmower/networkpolicy-base.yml b/logmower/networkpolicy-base.yml deleted file mode 120000 index e84a698..0000000 --- a/logmower/networkpolicy-base.yml +++ /dev/null @@ -1 +0,0 @@ -../shared/networkpolicy-base.yml \ No newline at end of file