diff --git a/apolo/deployments/deploy-app6.yaml b/apolo/deployments/deploy-app6.yaml
index 2b603b2..b88d368 100644
--- a/apolo/deployments/deploy-app6.yaml
+++ b/apolo/deployments/deploy-app6.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: app6
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: app6
- image: harbor.c2et.com/xrf-ssl/xrf-app6:6.0
+ image: harbor.c2et.net/apolo/xrf-app6:6.0
imagePullPolicy: IfNotPresent
ports:
- name: tcp-app6
diff --git a/apolo/deployments/deploy-colossus.yaml b/apolo/deployments/deploy-colossus.yaml
index 7f8d85e..048e203 100644
--- a/apolo/deployments/deploy-colossus.yaml
+++ b/apolo/deployments/deploy-colossus.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: colossus
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: colossus
- image: harbor.c2et.com/xrf-ssl/xrf-webcolossus:6.0
+ image: harbor.c2et.net/apolo/xrf-webcolossus:6.0
imagePullPolicy: IfNotPresent
ports:
- name: http
diff --git a/apolo/deployments/deploy-consumer.yaml b/apolo/deployments/deploy-consumer.yaml
index 2a898ae..6b8bb71 100644
--- a/apolo/deployments/deploy-consumer.yaml
+++ b/apolo/deployments/deploy-consumer.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: consumer
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: consumer
- image: harbor.c2et.com/xrf-ssl/xrf-consumer:6.0
+ image: harbor.c2et.net/apolo/xrf-consumer:6.0
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
diff --git a/apolo/deployments/deploy-drone.yaml b/apolo/deployments/deploy-drone.yaml
index 76cc756..bdf6751 100644
--- a/apolo/deployments/deploy-drone.yaml
+++ b/apolo/deployments/deploy-drone.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: drone
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: drone
- image: harbor.c2et.com/xrf-ssl/xrf-drone:6.0
+ image: harbor.c2et.net/apolo/xrf-drone:6.0
imagePullPolicy: IfNotPresent
# Si Drone necesita otras vars del backend, puedes añadir:
# envFrom:
diff --git a/apolo/deployments/deploy-ejabberd.yaml b/apolo/deployments/deploy-ejabberd.yaml
index 62426e8..72eec9c 100644
--- a/apolo/deployments/deploy-ejabberd.yaml
+++ b/apolo/deployments/deploy-ejabberd.yaml
@@ -20,9 +20,7 @@ spec:
app.kubernetes.io/component: ejabberd
spec:
imagePullSecrets:
- - name: harbor-cred
-
- # >>> Asegura permisos/ownership en volúmenes
+ - name: harbor-cred-apolo
securityContext:
runAsUser: 9000
runAsGroup: 9000
@@ -62,7 +60,7 @@ spec:
containers:
- name: ejabberd
- image: harbor.c2et.com/xrf-ssl/xrf-ejabberd:6.0
+ image: harbor.c2et.net/apolo/xrf-ejabberd:6.0
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
diff --git a/apolo/deployments/deploy-kms.yaml b/apolo/deployments/deploy-kms.yaml
index 15daa8e..7556acc 100644
--- a/apolo/deployments/deploy-kms.yaml
+++ b/apolo/deployments/deploy-kms.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: kurento
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: kurento-media-server
- image: harbor.c2et.com/xrf-ssl/xrf-kurento-media-server:6.0
+ image: harbor.c2et.net/apolo/xrf-kurento-media-server:6.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
diff --git a/apolo/deployments/deploy-kurento-api.yaml b/apolo/deployments/deploy-kurento-api.yaml
index f48a1b6..7a3ccd7 100644
--- a/apolo/deployments/deploy-kurento-api.yaml
+++ b/apolo/deployments/deploy-kurento-api.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: kurento-api
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: kurento-api
- image: harbor.c2et.com/xrf-ssl/xrf-kurento-api:6.0
+ image: harbor.c2et.net/apolo/xrf-kurento-api:6.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
diff --git a/apolo/deployments/deploy-mediamtx.yaml b/apolo/deployments/deploy-mediamtx.yaml
index d15799f..8a66a3a 100644
--- a/apolo/deployments/deploy-mediamtx.yaml
+++ b/apolo/deployments/deploy-mediamtx.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: media
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: mediamtx
- image: harbor.c2et.com/xrf-ssl/xrf-media-server:6.0
+ image: harbor.c2et.net/apolo/xrf-media-server:6.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
diff --git a/apolo/deployments/deploy-nakama.yaml b/apolo/deployments/deploy-nakama.yaml
index 56953e9..3ef81b2 100644
--- a/apolo/deployments/deploy-nakama.yaml
+++ b/apolo/deployments/deploy-nakama.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: nakama
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: nakama
- image: harbor.c2et.com/xrf-ssl/xrf-nakama:6.0
+ image: harbor.c2et.net/apolo/xrf-nakama:6.0
imagePullPolicy: IfNotPresent
ports:
- name: http
diff --git a/apolo/deployments/deploy-php.yaml b/apolo/deployments/deploy-php.yaml
index 5009d76..3e0d44a 100644
--- a/apolo/deployments/deploy-php.yaml
+++ b/apolo/deployments/deploy-php.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: php
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: php-fpm
- image: harbor.c2et.com/xrf-ssl/xrf-php:6.0
+ image: harbor.c2et.net/apolo/xrf-php:6.0
imagePullPolicy: IfNotPresent
ports:
- name: php-fpm
diff --git a/apolo/deployments/deploy-portal.yaml b/apolo/deployments/deploy-portal.yaml
index f28771a..c924a6b 100644
--- a/apolo/deployments/deploy-portal.yaml
+++ b/apolo/deployments/deploy-portal.yaml
@@ -20,11 +20,11 @@ spec:
app.kubernetes.io/component: portal
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
# Contenedor de la app (como venías)
- name: portal
- image: harbor.c2et.com/xrf-ssl/xrf-portal-https:6.0
+ image: harbor.c2et.net/apolo/xrf-portal-https:6.0
imagePullPolicy: IfNotPresent
ports:
- name: app
diff --git a/apolo/deployments/deploy-postgres.yaml b/apolo/deployments/deploy-postgres.yaml
index 990443c..356a990 100644
--- a/apolo/deployments/deploy-postgres.yaml
+++ b/apolo/deployments/deploy-postgres.yaml
@@ -20,7 +20,7 @@ spec:
app.kubernetes.io/component: postgres
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
securityContext:
fsGroup: 999
initContainers:
@@ -40,7 +40,7 @@ spec:
runAsUser: 0
containers:
- name: postgres
- image: harbor.c2et.com/xrf-ssl/xrf-db:6.0
+ image: harbor.c2et.net/apolo/xrf-db:6.0
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 999
diff --git a/apolo/deployments/deploy-rabbitmq.yaml b/apolo/deployments/deploy-rabbitmq.yaml
index 2d3a66a..7e3ea5c 100644
--- a/apolo/deployments/deploy-rabbitmq.yaml
+++ b/apolo/deployments/deploy-rabbitmq.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: rabbitmq
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: rabbitmq
- image: harbor.c2et.com/xrf-ssl/xrf-rabbitmq:6.0
+ image: harbor.c2et.net/apolo/xrf-rabbitmq:6.0
imagePullPolicy: IfNotPresent
envFrom:
- secretRef:
diff --git a/apolo/deployments/deploy-streamer.yaml b/apolo/deployments/deploy-streamer.yaml
index bae9663..4746e8a 100644
--- a/apolo/deployments/deploy-streamer.yaml
+++ b/apolo/deployments/deploy-streamer.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: streamer
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: streamer
- image: harbor.c2et.com/xrf-ssl/xrf-streamer-server:6.0
+ image: harbor.c2et.net/apolo/xrf-streamer-server:6.0
imagePullPolicy: IfNotPresent
command: ["npm","start"]
envFrom:
diff --git a/apolo/deployments/deploy-web.yaml b/apolo/deployments/deploy-web.yaml
index 2838f46..3523156 100644
--- a/apolo/deployments/deploy-web.yaml
+++ b/apolo/deployments/deploy-web.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: web
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: nginx
- image: harbor.c2et.com/xrf-ssl/xrf-web:6.0
+ image: harbor.c2et.net/apolo/xrf-web:6.0
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
diff --git a/apolo/deployments/deploy-websocket.yaml b/apolo/deployments/deploy-websocket.yaml
index b1b8f99..b849356 100644
--- a/apolo/deployments/deploy-websocket.yaml
+++ b/apolo/deployments/deploy-websocket.yaml
@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: websocket
spec:
imagePullSecrets:
- - name: harbor-cred
+ - name: harbor-cred-apolo
containers:
- name: websocket
- image: harbor.c2et.com/xrf-ssl/xrf-websocket:6.0
+ image: harbor.c2et.net/apolo/xrf-websocket:6.0
imagePullPolicy: IfNotPresent
ports:
- name: ws
diff --git a/apolo/kustomization.yaml b/apolo/kustomization.yaml
index e816eda..97233e6 100644
--- a/apolo/kustomization.yaml
+++ b/apolo/kustomization.yaml
@@ -18,7 +18,6 @@ resources:
- certs/certificate-meeting.yaml
# ConfigMaps
- - configmaps/configmap-coredns.yaml
- configmaps/configmap-ejabberd-inetrc.yaml
- configmaps/configmap-ejabberd.yaml
- configmaps/configmap-kms-api.yaml
@@ -49,7 +48,6 @@ resources:
- deployments/deploy-app6.yaml
- deployments/deploy-colossus.yaml
- deployments/deploy-consumer.yaml
- - deployments/deploy-coredns.yaml
- deployments/deploy-drone.yaml
- deployments/deploy-ejabberd.yaml
- deployments/deploy-kms.yaml
@@ -68,7 +66,6 @@ resources:
- services/svc-aliases-compose.yaml
- services/svc-app6.yaml
- services/svc-colossus.yaml
- - services/svc-coredns.yaml
- services/svc-ejabberd.yaml
- services/svc-kms.yaml
- services/svc-kurento-api.yaml
diff --git a/apolo/secrets/secret-harbor-cred.yaml b/apolo/secrets/secret-harbor-cred.yaml
index 775414c..854d307 100644
--- a/apolo/secrets/secret-harbor-cred.yaml
+++ b/apolo/secrets/secret-harbor-cred.yaml
@@ -1,9 +1,9 @@
apiVersion: v1
data:
- .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3IuYzJldC5jb20iOnsidXNlcm5hbWUiOiJ4YXZvciIsInBhc3N3b3JkIjoiTUBuYWJvMjAyNSIsImVtYWlsIjoibm8tcmVwbHlAYzJldC5jb20iLCJhdXRoIjoiZUdGMmIzSTZUVUJ1WVdKdk1qQXlOUT09In19fQ==
+ .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3IuYzJldC5uZXQiOnsidXNlcm5hbWUiOiJ4YXZvciIsInBhc3N3b3JkIjoiTUBuYWJvMjAyNSIsImVtYWlsIjoieGF2b3JAaG90bWFpbC5lcyIsImF1dGgiOiJlR0YyYjNJNlRVQnVZV0p2TWpBeU5RPT0ifX19
kind: Secret
metadata:
creationTimestamp: null
name: harbor-cred
- namespace: apolo
+ namespace: guacamole
type: kubernetes.io/dockerconfigjson
diff --git a/apolo/secrets/secret-harbor-cred.yaml.old b/apolo/secrets/secret-harbor-cred.yaml.old
new file mode 100644
index 0000000..775414c
--- /dev/null
+++ b/apolo/secrets/secret-harbor-cred.yaml.old
@@ -0,0 +1,9 @@
+apiVersion: v1
+data:
+ .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3IuYzJldC5jb20iOnsidXNlcm5hbWUiOiJ4YXZvciIsInBhc3N3b3JkIjoiTUBuYWJvMjAyNSIsImVtYWlsIjoibm8tcmVwbHlAYzJldC5jb20iLCJhdXRoIjoiZUdGMmIzSTZUVUJ1WVdKdk1qQXlOUT09In19fQ==
+kind: Secret
+metadata:
+ creationTimestamp: null
+ name: harbor-cred
+ namespace: apolo
+type: kubernetes.io/dockerconfigjson
diff --git a/ingress-nginx/kustomization.yaml b/ingress-nginx/kustomization.yaml
index 8c49d9d..e949ad1 100644
--- a/ingress-nginx/kustomization.yaml
+++ b/ingress-nginx/kustomization.yaml
@@ -6,4 +6,5 @@ resources:
- configmap/configmap.yaml
- deployments/deployment.yaml
- services/service.yaml
+ - services/service-srv.yaml
- ingressclass/ingressclass.yaml
diff --git a/ingress-nginx/services/service-200.yaml b/ingress-nginx/services/service-srv.yaml
similarity index 100%
rename from ingress-nginx/services/service-200.yaml
rename to ingress-nginx/services/service-srv.yaml
diff --git a/kubevirt/certs/kubevirt-certs.yaml b/kubevirt/certs/kubevirt-certs.yaml
new file mode 100644
index 0000000..4a1660d
--- /dev/null
+++ b/kubevirt/certs/kubevirt-certs.yaml
@@ -0,0 +1,14 @@
+apiVersion: kubevirt.io/v1
+kind: KubeVirt
+metadata:
+ name: kubevirt
+ namespace: kubevirt
+spec:
+ certificateRotateStrategy:
+ selfSigned:
+ ca:
+ duration: "26280h" # 3 años
+ renewBefore: "720h" # 30 días antes
+ server:
+ duration: "8760h" # 1 año
+ renewBefore: "240h" # 10 días antes
diff --git a/readme.md b/readme.md
index 873782a..83f9c33 100644
--- a/readme.md
+++ b/readme.md
@@ -155,19 +155,19 @@ Este repositorio contiene los **manifiestos, scripts y documentación** para des
| `Networking` | ✅ Completado | probado Multus, flannel y MetalLB y validado | - | - |
| `Ingress` | ✅ Completado Nginx | Nginx funcionando | - | - |
| `Volumenes persistentes` | ✅ Completado | Rook Ceph a 4 nodos, falta ampliar a 5 nodos | [https://ceph.c2et.net](https://ceph.c2et.net/) | admin / Pozuelo12345 |
-| `Volumenes persistentes` | ✅ Completado | Driver para las cabinas de almacenamiendo DEEL Powervault | | |
-| `Maquinas Virtuales` | | Desplegado kubevirt, dashboard e isoserver | [https://kubevirt.c2et.net](https://kubevirt.c2et.net/)
[https://isoserver.c2et.net](https://isoserver.c2et.net/) | - |
+| `Volumenes persistentes` | ✅ Completado | Driver para las cabinas de almacenamiendo DEEL Powervault | | |
+| `Maquinas Virtuales` | ✅ Completado | Desplegado kubevirt, dashboard e isoserver | [https://kubevirt.c2et.net](https://kubevirt.c2et.net/)
[https://isoserver.c2et.net](https://isoserver.c2et.net/) | - |
| `Wireguard` | ✅ Completado | Funcionando | [https://wireguard.c2et.net](https://wireguard.c2et.net/) | Pozuelo12345 |
| `CoreDNS` | ✅ Completado | Funcionando | | |
-| `Apolo` | | Funcionando | [https://portal.apolo.c2et.net](https://portal.apolo.c2et.net/) | admin / 123456 |
+| `Apolo` | ✅ Completado | Funcionando | [https://portal.apolo.c2et.net](https://portal.apolo.c2et.net/) | admin / 123456 |
| `Gitea` | ✅ Completado | Funcionando | [https://git.c2et.net](https://git.c2et.net) | |
| `Harbor` | ✅ Completado | Funcionando | [https://harbor.c2et.net](https://harbor.c2et.net) | |
-| `Guacamole` | ✅ Completado | Funcionando | [https://heimdall.c2et.net](https://heimdall.c2et.net) | guacadmin / guacadmin |
-| `VSCode` | ✅ Completado | Funcionando | [https://vscode.c2et.net](https://vscode.c2et.net) | Pozuelo12345 |
+| `Guacamole` | ✅ Completado | Funcionando | [https://heimdall.c2et.net](https://heimdall.c2et.net) | guacadmin / guacadmin |
+| `VSCode` | ✅ Completado | Funcionando | [https://vscode.c2et.net](https://vscode.c2et.net) | Pozuelo12345 |
| `Tileserver-GL` | | Funcionando | [https://mapas.c2et.net](https://mapas.c2et.net) | |
| `External` | ✅ Completado | Funcionando | [https://admin.firewall.c2et.net](https://admin.firewall.c2et.net)
[https://admin.powervault1.c2et.net](https://admin.powervault1.c2et.net)
[https://admin.powervault2.c2et.net](https://admin.powervault2.c2et.net) | |
| `Argos Core` | ✅ Completado | Funcionando | [https://argos.panel.c2et.net/](https://argos.panel.c2et.net) | |
-| `Velero` | ✅ Completado | Funcionando | | |
+| `Velero` | ✅ Completado | Funcionando | | |
---