xavor/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

arreglado apolo kubevirt y cosillas

Browse Source
This commit is contained in:
Xavor
2025-08-31 10:35:16 +02:00
parent 0fc9bbb2c0
commit 01cbdf2a1d
23 changed files with 64 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apolo/deployments/deploy-app6.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: app6 app.kubernetes.io/component: app6
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: app6 - name: app6
image: harbor.c2et.com/xrf-ssl/xrf-app6:6.0 image: harbor.c2et.net/apolo/xrf-app6:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: tcp-app6 - name: tcp-app6

4
apolo/deployments/deploy-colossus.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: colossus app.kubernetes.io/component: colossus
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: colossus - name: colossus
image: harbor.c2et.com/xrf-ssl/xrf-webcolossus:6.0 image: harbor.c2et.net/apolo/xrf-webcolossus:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: http - name: http

4
apolo/deployments/deploy-consumer.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: consumer app.kubernetes.io/component: consumer
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: consumer - name: consumer
image: harbor.c2et.com/xrf-ssl/xrf-consumer:6.0 image: harbor.c2et.net/apolo/xrf-consumer:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- secretRef: - secretRef:

4
apolo/deployments/deploy-drone.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: drone app.kubernetes.io/component: drone
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: drone - name: drone
image: harbor.c2et.com/xrf-ssl/xrf-drone:6.0 image: harbor.c2et.net/apolo/xrf-drone:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
# Si Drone necesita otras vars del backend, puedes añadir: # Si Drone necesita otras vars del backend, puedes añadir:
# envFrom: # envFrom:

6
apolo/deployments/deploy-ejabberd.yaml
View File

@@ -20,9 +20,7 @@ spec:
app.kubernetes.io/component: ejabberd app.kubernetes.io/component: ejabberd
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
# >>> Asegura permisos/ownership en volúmenes
securityContext: securityContext:
runAsUser: 9000 runAsUser: 9000
runAsGroup: 9000 runAsGroup: 9000
@@ -62,7 +60,7 @@ spec:
containers: containers:
- name: ejabberd - name: ejabberd
image: harbor.c2et.com/xrf-ssl/xrf-ejabberd:6.0 image: harbor.c2et.net/apolo/xrf-ejabberd:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- secretRef: - secretRef:

4
apolo/deployments/deploy-kms.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: kurento app.kubernetes.io/component: kurento
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: kurento-media-server - name: kurento-media-server
image: harbor.c2et.com/xrf-ssl/xrf-kurento-media-server:6.0 image: harbor.c2et.net/apolo/xrf-kurento-media-server:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- configMapRef: - configMapRef:

4
apolo/deployments/deploy-kurento-api.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: kurento-api app.kubernetes.io/component: kurento-api
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: kurento-api - name: kurento-api
image: harbor.c2et.com/xrf-ssl/xrf-kurento-api:6.0 image: harbor.c2et.net/apolo/xrf-kurento-api:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- configMapRef: - configMapRef:

4
apolo/deployments/deploy-mediamtx.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: media app.kubernetes.io/component: media
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: mediamtx - name: mediamtx
image: harbor.c2et.com/xrf-ssl/xrf-media-server:6.0 image: harbor.c2et.net/apolo/xrf-media-server:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- configMapRef: - configMapRef:

4
apolo/deployments/deploy-nakama.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: nakama app.kubernetes.io/component: nakama
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: nakama - name: nakama
image: harbor.c2et.com/xrf-ssl/xrf-nakama:6.0 image: harbor.c2et.net/apolo/xrf-nakama:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: http - name: http

4
apolo/deployments/deploy-php.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: php app.kubernetes.io/component: php
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: php-fpm - name: php-fpm
image: harbor.c2et.com/xrf-ssl/xrf-php:6.0 image: harbor.c2et.net/apolo/xrf-php:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: php-fpm - name: php-fpm

4
apolo/deployments/deploy-portal.yaml
View File

@@ -20,11 +20,11 @@ spec:
app.kubernetes.io/component: portal app.kubernetes.io/component: portal
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
# Contenedor de la app (como venías) # Contenedor de la app (como venías)
- name: portal - name: portal
image: harbor.c2et.com/xrf-ssl/xrf-portal-https:6.0 image: harbor.c2et.net/apolo/xrf-portal-https:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: app - name: app

4
apolo/deployments/deploy-postgres.yaml
View File

@@ -20,7 +20,7 @@ spec:
app.kubernetes.io/component: postgres app.kubernetes.io/component: postgres
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
securityContext: securityContext:
fsGroup: 999 fsGroup: 999
initContainers: initContainers:
@@ -40,7 +40,7 @@ spec:
runAsUser: 0 runAsUser: 0
containers: containers:
- name: postgres - name: postgres
image: harbor.c2et.com/xrf-ssl/xrf-db:6.0 image: harbor.c2et.net/apolo/xrf-db:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
securityContext: securityContext:
runAsUser: 999 runAsUser: 999

4
apolo/deployments/deploy-rabbitmq.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: rabbitmq app.kubernetes.io/component: rabbitmq
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: rabbitmq - name: rabbitmq
image: harbor.c2et.com/xrf-ssl/xrf-rabbitmq:6.0 image: harbor.c2et.net/apolo/xrf-rabbitmq:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- secretRef: - secretRef:

4
apolo/deployments/deploy-streamer.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: streamer app.kubernetes.io/component: streamer
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: streamer - name: streamer
image: harbor.c2et.com/xrf-ssl/xrf-streamer-server:6.0 image: harbor.c2et.net/apolo/xrf-streamer-server:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
command: ["npm","start"] command: ["npm","start"]
envFrom: envFrom:

4
apolo/deployments/deploy-web.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: web app.kubernetes.io/component: web
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: nginx - name: nginx
image: harbor.c2et.com/xrf-ssl/xrf-web:6.0 image: harbor.c2et.net/apolo/xrf-web:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
envFrom: envFrom:
- configMapRef: - configMapRef:

4
apolo/deployments/deploy-websocket.yaml
View File

@@ -20,10 +20,10 @@ spec:
app.kubernetes.io/component: websocket app.kubernetes.io/component: websocket
spec: spec:
imagePullSecrets: imagePullSecrets:
- name: harbor-cred - name: harbor-cred-apolo
containers: containers:
- name: websocket - name: websocket
image: harbor.c2et.com/xrf-ssl/xrf-websocket:6.0 image: harbor.c2et.net/apolo/xrf-websocket:6.0
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- name: ws - name: ws

3
apolo/kustomization.yaml
View File

@@ -18,7 +18,6 @@ resources:
- certs/certificate-meeting.yaml - certs/certificate-meeting.yaml
# ConfigMaps # ConfigMaps
- configmaps/configmap-coredns.yaml
- configmaps/configmap-ejabberd-inetrc.yaml - configmaps/configmap-ejabberd-inetrc.yaml
- configmaps/configmap-ejabberd.yaml - configmaps/configmap-ejabberd.yaml
- configmaps/configmap-kms-api.yaml - configmaps/configmap-kms-api.yaml
@@ -49,7 +48,6 @@ resources:
- deployments/deploy-app6.yaml - deployments/deploy-app6.yaml
- deployments/deploy-colossus.yaml - deployments/deploy-colossus.yaml
- deployments/deploy-consumer.yaml - deployments/deploy-consumer.yaml
- deployments/deploy-coredns.yaml
- deployments/deploy-drone.yaml - deployments/deploy-drone.yaml
- deployments/deploy-ejabberd.yaml - deployments/deploy-ejabberd.yaml
- deployments/deploy-kms.yaml - deployments/deploy-kms.yaml
@@ -68,7 +66,6 @@ resources:
- services/svc-aliases-compose.yaml - services/svc-aliases-compose.yaml
- services/svc-app6.yaml - services/svc-app6.yaml
- services/svc-colossus.yaml - services/svc-colossus.yaml
- services/svc-coredns.yaml
- services/svc-ejabberd.yaml - services/svc-ejabberd.yaml
- services/svc-kms.yaml - services/svc-kms.yaml
- services/svc-kurento-api.yaml - services/svc-kurento-api.yaml

4
apolo/secrets/secret-harbor-cred.yaml
View File

@@ -1,9 +1,9 @@
apiVersion: v1 apiVersion: v1
data: data:
.dockerconfigjson: eyJhdXRocyI6eyJoYXJib3IuYzJldC5jb20iOnsidXNlcm5hbWUiOiJ4YXZvciIsInBhc3N3b3JkIjoiTUBuYWJvMjAyNSIsImVtYWlsIjoibm8tcmVwbHlAYzJldC5jb20iLCJhdXRoIjoiZUdGMmIzSTZUVUJ1WVdKdk1qQXlOUT09In19fQ== .dockerconfigjson: eyJhdXRocyI6eyJoYXJib3IuYzJldC5uZXQiOnsidXNlcm5hbWUiOiJ4YXZvciIsInBhc3N3b3JkIjoiTUBuYWJvMjAyNSIsImVtYWlsIjoieGF2b3JAaG90bWFpbC5lcyIsImF1dGgiOiJlR0YyYjNJNlRVQnVZV0p2TWpBeU5RPT0ifX19
kind: Secret kind: Secret
metadata: metadata:
creationTimestamp: null creationTimestamp: null
name: harbor-cred name: harbor-cred
namespace: apolo namespace: guacamole
type: kubernetes.io/dockerconfigjson type: kubernetes.io/dockerconfigjson

9
apolo/secrets/secret-harbor-cred.yaml.old Normal file
View File

@@ -0,0 +1,9 @@
apiVersion: v1
data:
.dockerconfigjson: eyJhdXRocyI6eyJoYXJib3IuYzJldC5jb20iOnsidXNlcm5hbWUiOiJ4YXZvciIsInBhc3N3b3JkIjoiTUBuYWJvMjAyNSIsImVtYWlsIjoibm8tcmVwbHlAYzJldC5jb20iLCJhdXRoIjoiZUdGMmIzSTZUVUJ1WVdKdk1qQXlOUT09In19fQ==
kind: Secret
metadata:
creationTimestamp: null
name: harbor-cred
namespace: apolo
type: kubernetes.io/dockerconfigjson

1
ingress-nginx/kustomization.yaml
View File

@@ -6,4 +6,5 @@ resources:
- configmap/configmap.yaml - configmap/configmap.yaml
- deployments/deployment.yaml - deployments/deployment.yaml
- services/service.yaml - services/service.yaml
- services/service-srv.yaml
- ingressclass/ingressclass.yaml - ingressclass/ingressclass.yaml

0
ingress-nginx/services/service-200.yaml → ingress-nginx/services/service-srv.yaml
View File

14
kubevirt/certs/kubevirt-certs.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: kubevirt.io/v1
kind: KubeVirt
metadata:
name: kubevirt
namespace: kubevirt
spec:
certificateRotateStrategy:
selfSigned:
ca:
duration: "26280h" # 3 años
renewBefore: "720h" # 30 días antes
server:
duration: "8760h" # 1 año
renewBefore: "240h" # 10 días antes

12
readme.md
View File

@@ -155,19 +155,19 @@ Este repositorio contiene los **manifiestos, scripts y documentación** para des
| `Networking` | ✅ Completado | probado Multus, flannel y MetalLB y validado | - | - | | `Networking` | ✅ Completado | probado Multus, flannel y MetalLB y validado | - | - |
| `Ingress` | ✅ Completado Nginx | Nginx funcionando | - | - | | `Ingress` | ✅ Completado Nginx | Nginx funcionando | - | - |
| `Volumenes persistentes` | ✅ Completado | Rook Ceph a 4 nodos, falta ampliar a 5 nodos | [https://ceph.c2et.net](https://ceph.c2et.net/) | admin / Pozuelo12345 | | `Volumenes persistentes` | ✅ Completado | Rook Ceph a 4 nodos, falta ampliar a 5 nodos | [https://ceph.c2et.net](https://ceph.c2et.net/) | admin / Pozuelo12345 |
| `Volumenes persistentes` | ✅ Completado | Driver para las cabinas de almacenamiendo DEEL Powervault | | | | `Volumenes persistentes` | ✅ Completado | Driver para las cabinas de almacenamiendo DEEL Powervault | | |
| `Maquinas Virtuales` | | Desplegado kubevirt, dashboard e isoserver | [https://kubevirt.c2et.net](https://kubevirt.c2et.net/) <br>[https://isoserver.c2et.net](https://isoserver.c2et.net/) | - | | `Maquinas Virtuales` | ✅ Completado | Desplegado kubevirt, dashboard e isoserver | [https://kubevirt.c2et.net](https://kubevirt.c2et.net/) <br>[https://isoserver.c2et.net](https://isoserver.c2et.net/) | - |
| `Wireguard` | ✅ Completado | Funcionando | [https://wireguard.c2et.net](https://wireguard.c2et.net/) | Pozuelo12345 | | `Wireguard` | ✅ Completado | Funcionando | [https://wireguard.c2et.net](https://wireguard.c2et.net/) | Pozuelo12345 |
| `CoreDNS` | ✅ Completado | Funcionando | | | | `CoreDNS` | ✅ Completado | Funcionando | | |
| `Apolo` | | Funcionando | [https://portal.apolo.c2et.net](https://portal.apolo.c2et.net/) | admin / 123456 | | `Apolo` | ✅ Completado | Funcionando | [https://portal.apolo.c2et.net](https://portal.apolo.c2et.net/) | admin / 123456 |
| `Gitea` | ✅ Completado | Funcionando | [https://git.c2et.net](https://git.c2et.net) | | | `Gitea` | ✅ Completado | Funcionando | [https://git.c2et.net](https://git.c2et.net) | |
| `Harbor` | ✅ Completado | Funcionando | [https://harbor.c2et.net](https://harbor.c2et.net) | | | `Harbor` | ✅ Completado | Funcionando | [https://harbor.c2et.net](https://harbor.c2et.net) | |
| `Guacamole` | ✅ Completado | Funcionando | [https://heimdall.c2et.net](https://heimdall.c2et.net) | guacadmin / guacadmin | | `Guacamole` | ✅ Completado | Funcionando | [https://heimdall.c2et.net](https://heimdall.c2et.net) | guacadmin / guacadmin |
| `VSCode` | ✅ Completado | Funcionando | [https://vscode.c2et.net](https://vscode.c2et.net) | Pozuelo12345 | | `VSCode` | ✅ Completado | Funcionando | [https://vscode.c2et.net](https://vscode.c2et.net) | Pozuelo12345 |
| `Tileserver-GL` | | Funcionando | [https://mapas.c2et.net](https://mapas.c2et.net) | | | `Tileserver-GL` | | Funcionando | [https://mapas.c2et.net](https://mapas.c2et.net) | |
| `External` | ✅ Completado | Funcionando | [https://admin.firewall.c2et.net](https://admin.firewall.c2et.net) <br>[https://admin.powervault1.c2et.net](https://admin.powervault1.c2et.net)<br> [https://admin.powervault2.c2et.net](https://admin.powervault2.c2et.net) | | | `External` | ✅ Completado | Funcionando | [https://admin.firewall.c2et.net](https://admin.firewall.c2et.net) <br>[https://admin.powervault1.c2et.net](https://admin.powervault1.c2et.net)<br> [https://admin.powervault2.c2et.net](https://admin.powervault2.c2et.net) | |
| `Argos Core` | ✅ Completado | Funcionando | [https://argos.panel.c2et.net/](https://argos.panel.c2et.net) | | | `Argos Core` | ✅ Completado | Funcionando | [https://argos.panel.c2et.net/](https://argos.panel.c2et.net) | |
| `Velero` | ✅ Completado | Funcionando | | | | `Velero` | ✅ Completado | Funcionando | | |
--- ---