diff --git a/.github/workflows/ping-bizaar-daemon-repo.yaml b/.github/workflows/ping-bizaar-daemon-repo.yaml
new file mode 100644
index 00000000..531f5d66
--- /dev/null
+++ b/.github/workflows/ping-bizaar-daemon-repo.yaml
@@ -0,0 +1,15 @@
+name: ping-kubemart-daemon-repo
+on: push
+
+jobs:
+ ping-kubemart-daemon-repo:
+ name: Dispatch to kubemart/kubemart-daemon
+ runs-on: ubuntu-20.04
+ steps:
+ - name: Emit repository_dispatch
+ uses: mvasigh/dispatch-action@main
+ with:
+ token: ${{ secrets.GH_PAT }}
+ owner: kubemart
+ repo: kubemart-daemon
+ event_type: ping-from-kubernetes-marketplace-repo
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..cb7eea1a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+.DS_Store
+
+# Any kubeconfig within the repo - could potentially contain auth data
+kubeconfig*
+*kubeconfig
diff --git a/Gemfile.lock b/Gemfile.lock
index 31358f31..edfa3b03 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -10,4 +10,4 @@ DEPENDENCIES
image_size
BUNDLED WITH
- 1.17.3
+ 2.2.3
diff --git a/README.md b/README.md
index 1a978507..a42377d8 100644
--- a/README.md
+++ b/README.md
@@ -85,21 +85,21 @@ Applications support customization through a simple mechanism. This is a user de
The applications can't ask the user for these values, so they must be either a pre-configured value (to keep the `app.yaml` and Civo-specific configuration separate) or one of a range of special values that Civo will inject:
- - CIVO:ALPHANUMERIC(num)
+ - KUBEMART:ALPHANUMERIC(num)
- A random string of alphanumeric characters
num long
- - CIVO:WORDS(num)
+ - KUBEMART:WORDS(num)
- A combination of
num random words, separated by - for use as a readable name
- - CIVO:CLUSTER_NAME
+ - KUBEMART:CLUSTER_NAME
- The name of your Kubernetes cluster
- - CIVO:CLUSTER_ID
+ - KUBEMART:DOMAIN_NAME
- The ID of your Kubernetes cluster (for injecting something.ID.k8s.civo.com as a domain)
- - CIVO:EMAIL_ADDRESS
+ - KUBEMART:EMAIL_ADDRESS
- The email address of your Civo account
- - CIVO:MASTER_IP
+ - KUBEMART:MASTER_IP
- The public IP address of your Kubernetes cluster's master
-**Note:** For `CIVO:ALPHANUMERIC(num)` and `CIVO:WORDS(num)` you can also suffix `:BASE64` (e.g. `CIVO:ALPHANUMERIC(10):BASE64`) to have Civo automatically encode the random values to Base 64 before inserting them in the templates (but the non-Base 64 version is kept to present to the user as a readable/copyable value).
+**Note:** For `KUBEMART:ALPHANUMERIC(num)` and `KUBEMART:WORDS(num)` you can also suffix `:BASE64` (e.g. `KUBEMART:ALPHANUMERIC(10):BASE64`) to have Civo automatically encode the random values to Base 64 before inserting them in the templates (but the non-Base 64 version is kept to present to the user as a readable/copyable value).
These are specified in the `manifest.yaml` like this:
@@ -107,7 +107,7 @@ These are specified in the `manifest.yaml` like this:
configuration:
ACCESS_KEY:
label: "Access key"
- value: "CIVO:ALPHANUMERIC(10)"
+ value: "KUBEMART:ALPHANUMERIC(10)"
```
Another way of customizing applications is to provide plans which will be injected in the same way as the values above, but the UI will provide a choice for which plan to install. These are specified in the `manifest.yaml` like this:
diff --git a/argocd/manifest.yaml b/argocd/manifest.yaml
index 93fed572..a46aaae2 100644
--- a/argocd/manifest.yaml
+++ b/argocd/manifest.yaml
@@ -1,5 +1,6 @@
---
name: argo-cd
+namespace: argocd
title: "Argo CD"
maintainer: "The Argo Project"
description: Declarative continuous deployment for Kubernetes
diff --git a/bitwardenrs/app.yaml b/bitwardenrs/app.yaml
index 4c236441..6a3f27ab 100644
--- a/bitwardenrs/app.yaml
+++ b/bitwardenrs/app.yaml
@@ -1,3 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: bitwardenrs
+---
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
@@ -13,17 +18,18 @@ spec:
name: letsencrypt-prod-bw
# Enable the HTTP-01 challenge provider
solvers:
- - http01:
- ingress:
- class: traefik
+ - http01:
+ ingress:
+ class: traefik
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: bw-pv-claim
+ namespace: bitwardenrs
spec:
accessModes:
- - ReadWriteOnce
+ - ReadWriteOnce
resources:
requests:
storage: $VOLUME_SIZE
@@ -32,6 +38,7 @@ apiVersion: v1
kind: Service
metadata:
name: bw-service
+ namespace: bitwardenrs
spec:
selector:
app: bw
@@ -40,10 +47,19 @@ spec:
port: 80
targetPort: 80
---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: bitwardenrs-database-url
+ namespace: bitwardenrs
+data:
+ DATABASE_URL: dXBkYXRlLXRoaXMtYWZ0ZXItaW5zdGFsbGF0aW9uCg==
+---
apiVersion: apps/v1
kind: Deployment
metadata:
name: bw
+ namespace: bitwardenrs
labels:
app: bw
spec:
@@ -60,40 +76,43 @@ spec:
spec:
containers:
- name: bw
- image: bitwardenrs/server-mysql:1.17.0
+ image: bitwardenrs/server-mysql:1.19.0
imagePullPolicy: IfNotPresent
ports:
- - containerPort: 80
- protocol: TCP
+ - containerPort: 80
+ protocol: TCP
+ env:
+ - name: DATABASE_URL
+ valueFrom:
+ secretKeyRef:
+ name: bitwardenrs-database-url
+ key: DATABASE_URL
volumeMounts:
- - name: bw-persistent-storage
- mountPath: /data
-
+ - name: bw-persistent-storage
+ mountPath: /data
volumes:
- - name: bw-persistent-storage
- persistentVolumeClaim:
- claimName: bw-pv-claim
+ - name: bw-persistent-storage
+ persistentVolumeClaim:
+ claimName: bw-pv-claim
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod-bw
- ingress.kubernetes.io/ssl-redirect: "true"
+ ingress.kubernetes.io/ssl-redirect: "true"
name: bw
+ namespace: bitwardenrs
spec:
tls:
- hosts:
- - bw.$CLUSTER_ID.k8s.civo.com
- secretName: letsencrypt-prod-bw
+ - bw.$DOMAIN_NAME
+ secretName: letsencrypt-prod-bw
rules:
- - host: bw.$CLUSTER_ID.k8s.civo.com
- http:
- paths:
- - backend:
- serviceName: bw-service
- servicePort: 80
-
-
-
+ - host: bw.$DOMAIN_NAME
+ http:
+ paths:
+ - backend:
+ serviceName: bw-service
+ servicePort: 80
diff --git a/bitwardenrs/manifest.yaml b/bitwardenrs/manifest.yaml
index 0fa1fbd8..6224d6fe 100644
--- a/bitwardenrs/manifest.yaml
+++ b/bitwardenrs/manifest.yaml
@@ -1,8 +1,9 @@
---
name: Bitwardenrs
-version: 1.17.0
+namespace: bitwardenrs
+version: 1.19.0
maintainer: keith@hubner.co.uk
-description: Open Source Password Manager (Bitwarden server API implementation written in Rust)
+description: Open Source Password Manager (Bitwarden server API implementation written in Rust)
url: https://github.com/dani-garcia/bitwarden_rs
category: management
dependencies:
@@ -21,9 +22,9 @@ plans:
VOLUME_SIZE:
value: 5Gi
configuration:
- CLUSTER_ID:
+ DOMAIN_NAME:
label: "Cluster ID"
- value: "CIVO:CLUSTER_ID"
+ value: "KUBEMART:DOMAIN_NAME"
EMAIL_ADDRESS:
label: "Email Address"
- value: "CIVO:EMAIL_ADDRESS"
+ value: "KUBEMART:EMAIL_ADDRESS"
diff --git a/bitwardenrs/post_install.md b/bitwardenrs/post_install.md
index 90b53df5..112419b4 100644
--- a/bitwardenrs/post_install.md
+++ b/bitwardenrs/post_install.md
@@ -2,7 +2,7 @@
### This project is not associated with the Bitwarden project nor 8bit Solutions LLC.
-This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
+This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients\*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
### HTTPS
@@ -10,7 +10,4 @@ An ingress is automatically created during the application install. A certificat
### Post installation
-Once you have installed this app you will be able to connect to the web interface via https://rs.YOUR_CLUSTER_ID.k8s.civo.com
-
-
-
+Once you have installed this app you will be able to connect to the web interface via https://rs.DOMAIN_NAME
diff --git a/cert-manager/manifest.yaml b/cert-manager/manifest.yaml
index 5a2155a1..877c9ad5 100644
--- a/cert-manager/manifest.yaml
+++ b/cert-manager/manifest.yaml
@@ -1,5 +1,6 @@
---
name: cert-manager
+namespace: cert-manager
title: "Cert Manager"
version: v1.3.1
maintainer: alex@openfaas.com
diff --git a/cert-manager/uninstall.sh b/cert-manager/uninstall.sh
index 03bcbb33..8bbf5ec4 100755
--- a/cert-manager/uninstall.sh
+++ b/cert-manager/uninstall.sh
@@ -1,4 +1,3 @@
#!/bin/bash
-# Delete the app
-kubectl delete -f cert-manager.yaml
+kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
diff --git a/docker-registry/app.yaml b/docker-registry/app.yaml
index 6f2d16bf..cbec6ce9 100644
--- a/docker-registry/app.yaml
+++ b/docker-registry/app.yaml
@@ -2,7 +2,6 @@ apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
- namespace: default
spec:
acme:
# The ACME server URL
@@ -16,4 +15,4 @@ spec:
solvers:
- http01:
ingress:
- class: traefik
\ No newline at end of file
+ class: traefik
diff --git a/docker-registry/install.sh b/docker-registry/install.sh
index 35fb9c82..8107feb2 100755
--- a/docker-registry/install.sh
+++ b/docker-registry/install.sh
@@ -2,10 +2,15 @@
htpasswd -Bbn $REGISTRY_USERNAME $REGISTRY_PASSWD > /tmp/auth
-kubectl create secret generic auth-ingress --from-file /tmp/auth
+kubectl create ns docker-registry
+
+kubectl -n docker-registry create secret generic auth-ingress --from-file /tmp/auth
+
+helm repo add stable https://charts.helm.sh/stable
-# Update the helm repo
helm repo update
-helm install stable/docker-registry --name private-registry \
- --namespace default --set persistence.enabled=false
+helm upgrade --install \
+ private-registry stable/docker-registry \
+ --namespace docker-registry \
+ --set persistence.enabled=false
diff --git a/docker-registry/manifest.yaml b/docker-registry/manifest.yaml
index 85073640..17604784 100644
--- a/docker-registry/manifest.yaml
+++ b/docker-registry/manifest.yaml
@@ -1,19 +1,19 @@
---
name: docker-registry
+namespace: docker-registry
title: "Docker Registry"
version: ALPHA
maintainer: alejandro@civo.com
description: A registry is a storage and content delivery system, holding named Docker images, available in different tagged versions.
url:
dependencies:
- - Helm
- cert-manager
- Traefik
category: architecture
configuration:
REGISTRY_USERNAME:
label: "Registry username"
- value: "CIVO:EMAIL_ADDRESS"
+ value: "KUBEMART:EMAIL_ADDRESS"
REGISTRY_PASSWD:
label: "Registry password"
- value: "CIVO:ALPHANUMERIC(10)"
+ value: "KUBEMART:ALPHANUMERIC(10)"
diff --git a/docker-registry/post_install.md b/docker-registry/post_install.md
index 9b75efa0..2b5a598f 100644
--- a/docker-registry/post_install.md
+++ b/docker-registry/post_install.md
@@ -4,6 +4,7 @@
This will help you to create a valid certificate for your registry, you need apply this YAML file,
you only need replace only `registry.example.com` by your valid domain
+
```yaml
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
@@ -57,5 +58,5 @@ spec:
serviceName: private-registry-docker-registry
servicePort: 5000
```
-You only need replace only `registry.example.com` by your valid domain.
-This will open up http://registry.example.com (assuming you pointed that non-real domain record to your cluster's IPs) to the whole world.
\ No newline at end of file
+
+You only need replace only `registry.example.com` by your valid domain. This will open up http://registry.example.com (assuming you pointed that non-real domain record to your cluster's IPs) to the whole world.
diff --git a/docker-registry/uninstall.sh b/docker-registry/uninstall.sh
new file mode 100755
index 00000000..4adda919
--- /dev/null
+++ b/docker-registry/uninstall.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+helm --namespace docker-registry delete private-registry
diff --git a/dynamic-pv-scaler/app.yaml b/dynamic-pv-scaler/app.yaml
index e64d7063..27ae5c0f 100644
--- a/dynamic-pv-scaler/app.yaml
+++ b/dynamic-pv-scaler/app.yaml
@@ -1,8 +1,13 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: dynamic-pv-scaler
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: dynamic-pv-scaler
+ namespace: dynamic-pv-scaler
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
@@ -30,6 +35,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: dynamic-pv-scaler
+ namespace: dynamic-pv-scaler
labels:
app: dynamic-pv-scaler
spec:
diff --git a/dynamic-pv-scaler/manifest.yaml b/dynamic-pv-scaler/manifest.yaml
index 82a1e7d1..2a1b3eff 100644
--- a/dynamic-pv-scaler/manifest.yaml
+++ b/dynamic-pv-scaler/manifest.yaml
@@ -1,5 +1,6 @@
---
name: dynamic-pv-scaler
+namespace: dynamic-pv-scaler
title: Dynamic PV Scaler
version: 0.1.0
dependencies:
diff --git a/dynamic-pv-scaler/post-install.md b/dynamic-pv-scaler/post-install.md
index c23184ea..dbaab615 100644
--- a/dynamic-pv-scaler/post-install.md
+++ b/dynamic-pv-scaler/post-install.md
@@ -11,6 +11,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: dynamic-pv-scaler-config
+ namespace: dynamic-pv-scaler
labels:
name: dynamic-pv-scaler-config
app: dynamic-pv-scaler-config
diff --git a/ghost/app.yaml b/ghost/app.yaml
index eff01f71..5604c904 100644
--- a/ghost/app.yaml
+++ b/ghost/app.yaml
@@ -43,7 +43,7 @@ spec:
protocol: TCP
env:
- name: url
- value: http://ghost.$CLUSTER_ID.k8s.civo.com
+ value: http://ghost.$DOMAIN_NAME
livenessProbe:
httpGet:
port: ghost-blog
@@ -87,9 +87,9 @@ metadata:
namespace: ghost
spec:
rules:
- - host: ghost.$CLUSTER_ID.k8s.civo.com
- http:
- paths:
- - backend:
- serviceName: ghost-blog
- servicePort: 80
+ - host: ghost.$DOMAIN_NAME
+ http:
+ paths:
+ - backend:
+ serviceName: ghost-blog
+ servicePort: 80
diff --git a/ghost/manifest.yaml b/ghost/manifest.yaml
index 53e73112..d5db3e39 100644
--- a/ghost/manifest.yaml
+++ b/ghost/manifest.yaml
@@ -1,6 +1,7 @@
---
name: Ghost
version: 4.8.3
+namespace: ghost
maintainer: saka@lnxid.com
description: Ghost is a free and open source blogging platform designed to simplify the process of online publishing for individual bloggers as well as online publications.
url: https://ghost.org/
@@ -19,6 +20,6 @@ plans:
VOLUME_SIZE:
value: 15Gi
configuration:
- CLUSTER_ID:
+ DOMAIN_NAME:
label: "Cluster ID"
- value: "CIVO:CLUSTER_ID"
+ value: "KUBEMART:DOMAIN_NAME"
diff --git a/ghost/post_install.md b/ghost/post_install.md
index 4193edcc..aed30be9 100644
--- a/ghost/post_install.md
+++ b/ghost/post_install.md
@@ -4,23 +4,23 @@ This ghost blog using sqlite as the database backend.
## External Access
-An Ingress is created during the installation process. To access your ghost use `http://ghost.YOUR_CLUSTER_ID.k8s.civo.com`
+An Ingress is created during the installation process. To access your ghost use `http://ghost.DOMAIN_NAME`
## Create Admin User
By default Ghost does not create Admin user during the installation process. In order to access your Ghost Dashboard you will need to create your Ghost Admin user first. This can be done right after your installation process via your browser.
-To access your Ghost registration page simply access your Ghost installation via your browser using the following URL: `http://ghost.YOUR_CLUSTER_ID.k8s.civo.com`, after that follow step below :
+To access your Ghost registration page simply access your Ghost installation via your browser using the following URL: `http://ghost.DOMAIN_NAME`, after that follow step below :
-* Click `Create your account` button.
-* Input your site title, username, email address and desired password ( at least 10 characters ).
-* Invite your friend to Collaborate on your blog. This is optional, If you don't want to invite others just click text `I'll do this later, take me to my site!`.
+- Click `Create your account` button.
+- Input your site title, username, email address and desired password ( at least 10 characters ).
+- Invite your friend to Collaborate on your blog. This is optional, If you don't want to invite others just click text `I'll do this later, take me to my site!`.
## Delete default user created by ghost
By default ghost create user name `Ghost` and create example post in your blog. You can follow this step to delete it.
-* Login to your ghost admin url `http://ghost.YOUR_CLUSTER_ID.k8s.civo.com/ghost`.
+* Login to your ghost admin url `http://ghost.DOMAIN_NAME/ghost`.
* Click the `Staff` menu in the left column.
* In the right column, click the user name `Ghost`.
* Click the option button in the upper right ( in the left of save button ).
@@ -30,14 +30,14 @@ By default ghost create user name `Ghost` and create example post in your blog.
Follow this step to create your first blog post :
-* To begin your first blog post login to ghost admin url `http://ghost.YOUR_CLUSTER_ID.k8s.civo.com/ghost`.
-* Inside the ghost admin menu, click `Posts` menu at the left column. Click `New post` button in the upper right.
-* Write your blog.
-* If you want to publish your blog, click the `publish` button in the upper right. If you want to publish it later, Click the `< Posts` button in the upper left, your article should be automatically saved as draft.
+- To begin your first blog post login to ghost admin url `http://ghost.DOMAIN_NAME/ghost`.
+- Inside the ghost admin menu, click `Posts` menu at the left column. Click `New post` button in the upper right.
+- Write your blog.
+- If you want to publish your blog, click the `publish` button in the upper right. If you want to publish it later, Click the `< Posts` button in the upper left, your article should be automatically saved as draft.
## Modify URL
-If you want to change the url edit with
+If you want to change the url edit with
```
kubectl -n ghost edit ingress ghost-blog
@@ -52,10 +52,10 @@ spec:
template:
spec:
containers:
- - name: ghost-blog
- env:
- - name: url
- value: CHANGE_WITH_YOUR_NEW_URL
+ - name: ghost-blog
+ env:
+ - name: url
+ value: CHANGE_WITH_YOUR_NEW_URL
```
Run the patch command
diff --git a/gitea/app.yaml b/gitea/app.yaml
deleted file mode 100644
index ddbb0d85..00000000
--- a/gitea/app.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- name: gitea
----
-apiVersion: helm.cattle.io/v1
-kind: HelmChart
-metadata:
- name: gitea
- namespace: kube-system
-spec:
- chart: gitea
- version: 2.1.6
- targetNamespace: gitea
- repo: https://dl.gitea.io/charts
- valuesContent: |-
- persistence:
- enabled: false
- gitea:
- admin:
- email: $ADMIN_EMAIL
- password: $ADMIN_PASS
- postgresql:
- persistence:
- enabled: false
diff --git a/gitea/install.sh b/gitea/install.sh
new file mode 100644
index 00000000..24ea7ab2
--- /dev/null
+++ b/gitea/install.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+kubectl create ns gitea
+
+helm repo add gitea-charts https://dl.gitea.io/charts/
+
+helm upgrade --install \
+ gitea gitea-charts/gitea \
+ --namespace gitea \
+ --set persistence.enabled=false \
+ --set gitea.admin.email=$ADMIN_EMAIL \
+ --set gitea.admin.password=$ADMIN_PASS \
+ --set postgresql.persistence.enabled=false
diff --git a/gitea/manifest.yaml b/gitea/manifest.yaml
index cafdfff5..9598d904 100644
--- a/gitea/manifest.yaml
+++ b/gitea/manifest.yaml
@@ -1,5 +1,6 @@
---
name: gitea
+namespace: gitea
title: "Gitea"
version: 1.12.5
maintainer: "@giteaio"
@@ -9,7 +10,7 @@ category: management
configuration:
ADMIN_PASS:
label: "Admin Password"
- value: "CIVO:ALPHANUMERIC(30)"
+ value: "KUBEMART:ALPHANUMERIC(30)"
ADMIN_EMAIL:
label: "Admin Email"
- value: "CIVO:EMAIL_ADDRESS"
+ value: "KUBEMART:EMAIL_ADDRESS"
diff --git a/gitea/uninstall.sh b/gitea/uninstall.sh
index f5a87f4c..bcda0503 100755
--- a/gitea/uninstall.sh
+++ b/gitea/uninstall.sh
@@ -1,4 +1,3 @@
#!/bin/bash
-# Delete the custom CRDs
-kubectl delete -f app.yaml
+helm --namespace gitea uninstall gitea
diff --git a/haproxy/app.yaml b/haproxy/app.yaml
index aae7835c..8411d400 100644
--- a/haproxy/app.yaml
+++ b/haproxy/app.yaml
@@ -2,15 +2,13 @@
apiVersion: v1
kind: Namespace
metadata:
- name: haproxy-controller
-
+ name: haproxy
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: haproxy-ingress-service-account
- namespace: haproxy-controller
-
+ namespace: haproxy
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
@@ -61,13 +59,12 @@ rules:
- create
- patch
- update
-
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: haproxy-ingress-cluster-role-binding
- namespace: haproxy-controller
+ namespace: haproxy
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
@@ -75,8 +72,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: haproxy-ingress-service-account
- namespace: haproxy-controller
-
+ namespace: haproxy
---
apiVersion: v1
kind: ConfigMap
@@ -92,7 +88,7 @@ metadata:
labels:
run: ingress-default-backend
name: ingress-default-backend
- namespace: haproxy-controller
+ namespace: haproxy
spec:
replicas: 1
selector:
@@ -108,7 +104,6 @@ spec:
image: gcr.io/google_containers/defaultbackend:1.0
ports:
- containerPort: 8080
-
---
apiVersion: v1
kind: Service
@@ -116,7 +111,7 @@ metadata:
labels:
run: ingress-default-backend
name: ingress-default-backend
- namespace: haproxy-controller
+ namespace: haproxy
spec:
selector:
run: ingress-default-backend
@@ -125,7 +120,6 @@ spec:
port: 8080
protocol: TCP
targetPort: 8080
-
---
apiVersion: apps/v1
kind: Deployment
@@ -133,7 +127,7 @@ metadata:
labels:
run: haproxy-ingress
name: haproxy-ingress
- namespace: haproxy-controller
+ namespace: haproxy
spec:
replicas: 1
selector:
@@ -201,7 +195,7 @@ metadata:
labels:
run: haproxy-ingress
name: haproxy-ingress
- namespace: haproxy-controller
+ namespace: haproxy
spec:
selector:
run: haproxy-ingress
diff --git a/haproxy/manifest.yaml b/haproxy/manifest.yaml
index a1f84319..cdce116e 100644
--- a/haproxy/manifest.yaml
+++ b/haproxy/manifest.yaml
@@ -1,5 +1,6 @@
---
name: haproxy
+namespace: haproxy
title: "Haproxy"
version: "1.5"
maintainer: alejandro@civo.com, amit2cha@gmail.com
diff --git a/haproxy/post_install.md b/haproxy/post_install.md
index b04daa49..787a4345 100644
--- a/haproxy/post_install.md
+++ b/haproxy/post_install.md
@@ -2,13 +2,13 @@
### External access to your services
-HAProxy is free, open source software that provides a high availability load balancer and proxy server for TCP and HTTP-based applications.To use it for your applications all you have to do is apply a YAML file like the one below to handle ingress:
+HAProxy is free, open source software that provides a high availability load balancer and proxy server for TCP and HTTP-based applications. To use it for your applications all you have to do is apply a YAML file like the one below to handle ingress:
```yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
- name: yourapp-ingress
+ name: your-app-ingress
namespace: default
spec:
rules:
@@ -21,4 +21,4 @@ spec:
servicePort: 8080
```
-This will open up http://www.example.com (assuming you pointed that non-real domain record to your cluster's IPs) to the whole world.
\ No newline at end of file
+This will open up http://www.example.com (assuming you pointed that non-real domain record to your cluster's IPs) to the whole world.
diff --git a/helm/app.yaml b/helm/app.yaml
deleted file mode 100644
index a942b530..00000000
--- a/helm/app.yaml
+++ /dev/null
@@ -1,95 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: tiller
- namespace: kube-system
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- creationTimestamp: null
- labels:
- app: helm
- name: tiller
- name: tiller-deploy
- namespace: kube-system
-spec:
- replicas: 1
- strategy: {}
- selector:
- matchLabels:
- app: helm
- name: tiller
- template:
- metadata:
- creationTimestamp: null
- labels:
- app: helm
- name: tiller
- spec:
- automountServiceAccountToken: true
- serviceAccount: tiller
- containers:
- - env:
- - name: TILLER_NAMESPACE
- value: kube-system
- - name: TILLER_HISTORY_MAX
- value: "0"
- image: gcr.io/kubernetes-helm/tiller:v2.16.5
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /liveness
- port: 44135
- initialDelaySeconds: 1
- timeoutSeconds: 1
- name: tiller
- ports:
- - containerPort: 44134
- name: tiller
- - containerPort: 44135
- name: http
- readinessProbe:
- httpGet:
- path: /readiness
- port: 44135
- initialDelaySeconds: 1
- timeoutSeconds: 1
- resources: {}
-status: {}
-
----
-apiVersion: v1
-kind: Service
-metadata:
- creationTimestamp: null
- labels:
- app: helm
- name: tiller
- name: tiller-deploy
- namespace: kube-system
-spec:
- ports:
- - name: tiller
- port: 44134
- targetPort: tiller
- selector:
- app: helm
- name: tiller
- type: ClusterIP
-status:
- loadBalancer: {}
-
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: tiller
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: cluster-admin
-subjects:
- - kind: ServiceAccount
- name: tiller
- namespace: kube-system
diff --git a/helm/install.sh b/helm/install.sh
deleted file mode 100644
index 1ad25026..00000000
--- a/helm/install.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-
-for (( i=0; i<30; ++i)); do
- kubectl -n kube-system get pods -o=jsonpath='{.items[?(@.metadata.labels.name=="tiller")].status.conditions[*].status}' | grep -v "False" && break
- sleep 1
-done
diff --git a/helm/logo.png b/helm/logo.png
deleted file mode 100644
index d1e0de9f..00000000
Binary files a/helm/logo.png and /dev/null differ
diff --git a/helm/manifest.yaml b/helm/manifest.yaml
deleted file mode 100644
index 32c699c1..00000000
--- a/helm/manifest.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-name: Helm
-version: 2.16.5
-maintainer: hello@civo.com
-description: Helm (tiller) helps you define, install, and upgrade even the most complex Kubernetes application.
-url: https://helm.sh
-category: management
diff --git a/helm/post_install.md b/helm/post_install.md
deleted file mode 100644
index cd1a1ea4..00000000
--- a/helm/post_install.md
+++ /dev/null
@@ -1,9 +0,0 @@
-## Helm - The package manager for Kubernetes
-
-### External access
-
-Helm is available to anyone with the credentials to access your Kubernetes cluster.
-
-### Usage instructions
-
-Helm has [very comprehensive documentation](https://helm.sh/docs/) on all things from writing your own charts to installing, upgrading and deleting applications written as Helm charts.
diff --git a/jaeger/app.yaml b/jaeger/app.yaml
index 26775a0d..05a984fd 100644
--- a/jaeger/app.yaml
+++ b/jaeger/app.yaml
@@ -1,7 +1,7 @@
apiVersion: v1
kind: Namespace
metadata:
- name: observability
+ name: jaeger
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
@@ -9926,14 +9926,14 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: jaeger-operator
- namespace: observability
+ namespace: jaeger
---
## this is a set of basic permissions the Jaeger Operator needs when restricted to work in specific namespaces
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: jaeger-operator
- namespace: observability
+ namespace: jaeger
rules:
## our own custom resources
@@ -10116,11 +10116,11 @@ kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: jaeger-operator
- namespace: observability
+ namespace: jaeger
subjects:
- kind: ServiceAccount
name: jaeger-operator
- namespace: observability
+ namespace: jaeger
roleRef:
kind: Role
name: jaeger-operator
@@ -10130,7 +10130,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: jaeger-operator
- namespace: observability
+ namespace: jaeger
spec:
replicas: 1
selector:
diff --git a/jaeger/manifest.yaml b/jaeger/manifest.yaml
index 89e8738f..e02612e3 100644
--- a/jaeger/manifest.yaml
+++ b/jaeger/manifest.yaml
@@ -1,4 +1,5 @@
name: Jaeger-Operator
+namespace: jaeger
version: "1.2.0"
description: Jaeger-Operator is a Kubernetes Operator implementation of the Jaeger Distributed Tracing tool
dependencies:
diff --git a/jaeger/post_install.md b/jaeger/post_install.md
index 7635fcbc..b111cd51 100644
--- a/jaeger/post_install.md
+++ b/jaeger/post_install.md
@@ -1,19 +1,19 @@
# Running Jaeger
-Once the operator has been installed and deployed, you can start a Jaeger instance by modifying the below snippet for your needs, saving it as jaeger.yaml and running `kubectl apply -f jaeger.yaml`:
+Once the operator has been installed and deployed, you can start a Jaeger instance by modifying the below snippet for your needs, saving it as _jaeger.yaml_ and running `kubectl apply -f jaeger.yaml`:
```yaml
apiVersion: jaegertracing.io/v1
kind: Jaeger
metadata:
name: simplest
- namespace: observability
+ namespace: jaeger
```
-You will then be able to access the Jaeger UI using the IP address of your cluster. This should be displayed when you run `kubectl get -n observability ingress`:
+You will then be able to access the Jaeger UI using the IP address of your cluster. This should be displayed when you run `kubectl get -n jaeger ingress`:
```sh
-$ kubectl get -n observability ingress
+$ kubectl get -n jaeger ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
simplest-query * 80 2m
```
diff --git a/jenkins/app.yaml b/jenkins/app.yaml
index 198d69e0..196a2371 100644
--- a/jenkins/app.yaml
+++ b/jenkins/app.yaml
@@ -1,7 +1,21 @@
+# ********
+# README
+# ********
+# When you are updating Jenkins image e.g. from 2.190.1 to 2.263.3,
+# please also update the version in the init container. There are
+# two (2) occurrence of version number in this file. Update them all.
+# Tip: use `Ctrl/Cmd + F` to search them.
+
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: jenkins
+---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jenkins-pv-claim
+ namespace: jenkins
labels:
type: longhorn
app: jenkins
@@ -16,14 +30,15 @@ apiVersion: v1
kind: Service
metadata:
name: jenkins-frontend
+ namespace: jenkins
spec:
ports:
- - name: jenkins
- port: 8080
- targetPort: 8080
- - name: jenkins-agent
- port: 50000
- targetPort: 50000
+ - name: jenkins
+ port: 8080
+ targetPort: 8080
+ - name: jenkins-agent
+ port: 50000
+ targetPort: 50000
selector:
app: jenkins
clusterIP: None
@@ -32,6 +47,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: jenkins
+ namespace: jenkins
labels:
app: jenkins
spec:
@@ -47,23 +63,37 @@ spec:
app: jenkins
tier: jenkins
spec:
+ initContainers:
+ - name: update-jenkins
+ image: alpine:latest
+ command: ["sh", "-c"]
+ args:
+ - if [ -d "/bitnami/jenkins" ]; then
+ apk add --update curl && rm -rf /var/cache/apk/*;
+ cd /bitnami/jenkins;
+ curl -L https://get.jenkins.io/war-stable/2.190.1/jenkins.war -o jenkins.war;
+ chown -R 1001:1001 .;
+ fi;
+ volumeMounts:
+ - name: jenkins-persistent-storage
+ mountPath: /bitnami
containers:
- - image: bitnami/jenkins:2.190.1-debian-9-r14
- name: jenkins
- env:
- - name: JENKINS_USERNAME
- value: $JENKINS_USERNAME
- - name: JENKINS_PASSWORD
- value: $JENKINS_PASSWORD
- ports:
- - containerPort: 8080
+ - image: bitnami/jenkins:2.190.1-debian-9-r14
name: jenkins
- - containerPort: 50000
- name: jenkins-agent
- volumeMounts:
- - name: jenkins-persistent-storage
- mountPath: /bitnami
+ env:
+ - name: JENKINS_USERNAME
+ value: $JENKINS_USERNAME
+ - name: JENKINS_PASSWORD
+ value: $JENKINS_PASSWORD
+ ports:
+ - containerPort: 8080
+ name: jenkins
+ - containerPort: 50000
+ name: jenkins-agent
+ volumeMounts:
+ - name: jenkins-persistent-storage
+ mountPath: /bitnami
volumes:
- - name: jenkins-persistent-storage
- persistentVolumeClaim:
- claimName: jenkins-pv-claim
+ - name: jenkins-persistent-storage
+ persistentVolumeClaim:
+ claimName: jenkins-pv-claim
diff --git a/jenkins/manifest.yaml b/jenkins/manifest.yaml
index 68b415da..363d5d71 100644
--- a/jenkins/manifest.yaml
+++ b/jenkins/manifest.yaml
@@ -1,5 +1,6 @@
---
name: Jenkins
+namespace: jenkins
version: 2.190.1
maintainer: "@ruanbekker"
description: Jenkins is a Continuous Integration and Delivery server
@@ -21,7 +22,7 @@ plans:
configuration:
JENKINS_USERNAME:
label: "Jenkins username"
- value: "CIVO:ALPHANUMERIC(8)"
+ value: "KUBEMART:ALPHANUMERIC(8)"
JENKINS_PASSWORD:
label: "Jenkins password"
- value: "CIVO:ALPHANUMERIC(30)"
+ value: "KUBEMART:ALPHANUMERIC(30)"
diff --git a/jenkins/post_install.md b/jenkins/post_install.md
index d28b150e..cacfdd7c 100644
--- a/jenkins/post_install.md
+++ b/jenkins/post_install.md
@@ -4,11 +4,12 @@
By default external access to the Jenkins UI port isn't available. This is easily changed by applying the following YAML to apply ingress via traefik to your cluster with `kubectl apply -f jenkins-ingress.yaml` (or whatever you call the file containing the contents below):
-```
+```yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: jenkins-ingress
+ namespace: jenkins
spec:
rules:
- host: jenkins.your-cluster-id.k8s.civo.com
@@ -19,7 +20,7 @@ spec:
servicePort: 8080
```
-This will open up http://jenkins.YOUR_CLUSTER_ID.k8s.civo.com to the whole world. You should lock this down in the [firewall](https://www.civo.com/account/firewalls) automatically created in Civo for your Kubernetes cluster. Locking down the firewall will only affect access from OUTSIDE of your Kubernetes cluster, access from your applications within Kubernetes will not be affected.
+This will open up http://jenkins.DOMAIN_NAME to the whole world. You should lock this down in the [firewall](https://www.civo.com/account/firewalls) automatically created in Civo for your Kubernetes cluster. Locking down the firewall will only affect access from OUTSIDE of your Kubernetes cluster, access from your applications within Kubernetes will not be affected.
### Usage instruction
diff --git a/joomla/app.yaml b/joomla/app.yaml
index b0d13cee..27ce400c 100644
--- a/joomla/app.yaml
+++ b/joomla/app.yaml
@@ -1,3 +1,13 @@
+# ********
+# README
+# ********
+# When you are updating Joomla image e.g. from 3.9.22 to 3.9.24,
+# please also update the version in the init container. There are
+# two (3) occurrence of version number in this file. Update them all.
+# Please also update the download link inside the init container
+# e.g. 3-9-24 for 3.9.24 version.
+# Tip: use `Ctrl/Cmd + F` to search them.
+
apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
@@ -13,17 +23,18 @@ spec:
name: letsencrypt-prod-joomla
# Enable the HTTP-01 challenge provider
solvers:
- - http01:
- ingress:
- class: traefik
+ - http01:
+ ingress:
+ class: traefik
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: joomla-pv-claim
+ namespace: joomla
spec:
accessModes:
- - ReadWriteOnce
+ - ReadWriteOnce
resources:
requests:
storage: $VOLUME_SIZE
@@ -32,6 +43,7 @@ apiVersion: v1
kind: Service
metadata:
name: joomla-service
+ namespace: joomla
spec:
selector:
app: joomla
@@ -44,6 +56,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: joomla
+ namespace: joomla
labels:
app: joomla
spec:
@@ -58,49 +71,69 @@ spec:
labels:
app: joomla
spec:
+ initContainers:
+ - name: update-joomla-files
+ image: joomla:3.9.24
+ command: ["sh", "-c"]
+ args:
+ - if test -f "configuration.php"; then
+ echo "--- start ---";
+ echo "Date & time - $(date)";
+ echo "Current directory - $(pwd)";
+ echo "User - $(whoami)";
+ curl -L https://downloads.joomla.org/cms/joomla3/3-9-24/Joomla_3-9-24-Stable-Full_Package.zip?format=zip --output joomla.zip;
+ apt-get update -y && apt-get install -y unzip;
+ unzip -o joomla.zip;
+ rm -rf joomla.zip;
+ rm -rf installation;
+ chown -R www-data:www-data .;
+ head administrator/manifests/files/joomla.xml;
+ echo "--- end ---";
+ fi;
+ volumeMounts:
+ - name: joomla-persistent-storage
+ mountPath: /var/www/html
containers:
- name: joomla
image: joomla:3.9.24
imagePullPolicy: IfNotPresent
ports:
- - containerPort: 80
- protocol: TCP
+ - containerPort: 80
+ protocol: TCP
volumeMounts:
- - name: joomla-persistent-storage
- mountPath: /var/www/html
+ - name: joomla-persistent-storage
+ mountPath: /var/www/html
env:
- - name: JOOMLA_DB_HOST
- value: mariadb
- - name: JOOMLA_DB_PASSWORD
- valueFrom:
- secretKeyRef:
- name: mysql-pass
- key: MYSQL_ROOT_PASSWORD
+ - name: JOOMLA_DB_HOST
+ value: mariadb.mariadb
+ - name: JOOMLA_DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: mysql-pass
+ key: MYSQL_ROOT_PASSWORD
volumes:
- - name: joomla-persistent-storage
- persistentVolumeClaim:
- claimName: joomla-pv-claim
+ - name: joomla-persistent-storage
+ persistentVolumeClaim:
+ claimName: joomla-pv-claim
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod-joomla
- ingress.kubernetes.io/ssl-redirect: "true"
+ ingress.kubernetes.io/ssl-redirect: "true"
name: joomla
+ namespace: joomla
spec:
tls:
- hosts:
- - joomla.$CLUSTER_ID.k8s.civo.com
- secretName: letsencrypt-prod-joomla
+ - joomla.$DOMAIN_NAME
+ secretName: letsencrypt-prod-joomla
rules:
- - host: joomla.$CLUSTER_ID.k8s.civo.com
- http:
- paths:
- - backend:
- serviceName: joomla-service
- servicePort: 80
-
-
-
+ - host: joomla.$DOMAIN_NAME
+ http:
+ paths:
+ - backend:
+ serviceName: joomla-service
+ servicePort: 80
diff --git a/joomla/manifest.yaml b/joomla/manifest.yaml
index 5711100c..ca2c9cde 100644
--- a/joomla/manifest.yaml
+++ b/joomla/manifest.yaml
@@ -1,5 +1,6 @@
---
name: Joomla
+namespace: joomla
version: 3.9.24
maintainer: keith@hubner.co.uk, amit2cha@gmail.com
description: Popular open source content management system (CMS)
@@ -22,9 +23,9 @@ plans:
VOLUME_SIZE:
value: 20Gi
configuration:
- CLUSTER_ID:
+ DOMAIN_NAME:
label: "Cluster ID"
- value: "CIVO:CLUSTER_ID"
+ value: "KUBEMART:DOMAIN_NAME"
EMAIL_ADDRESS:
label: "Email Address"
- value: "CIVO:EMAIL_ADDRESS"
+ value: "KUBEMART:EMAIL_ADDRESS"
diff --git a/joomla/post_install.md b/joomla/post_install.md
index a13dded7..7f563823 100644
--- a/joomla/post_install.md
+++ b/joomla/post_install.md
@@ -1,15 +1,24 @@
-## Joomla
+## Joomla
### Usage instructions
+### DB Root Password
+
+To retrieve MariaDB root password, run:
+
+```
+$ kubectl -n mariadb get secret mysql-pass -o=jsonpath='{.data.MYSQL_ROOT_PASSWORD}' | base64 -d
+```
+
### DB Setup
+
Before running the setup wizard you will need to create a database and user account in mariadb
```
-$ kubectl exec -it svc/mariadb -- /bin/sh
+$ kubectl -n mariadb exec -it svc/mariadb -- /bin/sh
# mysql -u root -p
-Enter password: YOUR_ROOT_PASSWORD_HERE
+Enter password: enter_db_root_password_here
MariaDB [(none)]> CREATE DATABASE joomla_db;
MariaDB [(none)]> CREATE USER joomla_user identified by 'strong-password';
@@ -20,12 +29,10 @@ MariaDB [(none)]> GRANT ALL ON joomla_db.* TO joomla_user;
An ingress is automatically created during the application install. A certificate using cert manager and lets-encrypt is also applied automatically and registered against your Civo email address and the generated domain name.
-You can access this (replacing the clusterID with your own) via: https://joomla.YOUR_CLUSTER_ID.k8s.civo.com
+You can access this via: https://joomla.DOMAIN_NAME
###
-You should now see the setup page where you can enter the database details created above.
-> Note the database server is called mariadb
-
-
+You should now see the setup page where you can enter the database details created above.
+> Note the database server is called `mariadb.mariadb`
diff --git a/joomla/pre_install.sh b/joomla/pre_install.sh
new file mode 100644
index 00000000..b7912df1
--- /dev/null
+++ b/joomla/pre_install.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# Create namespace
+kubectl create ns joomla
+
+# Copy DB secret from mariadb namespace.
+# Note: the middle "grep" is to remove source "mariadb" namespace from the YAML.
+kubectl get secret mysql-pass -n mariadb -o yaml | grep -v '^\s*namespace:\s' | kubectl apply -n joomla -f -
diff --git a/keptn/install.sh b/keptn/install.sh
old mode 100644
new mode 100755
index 5daede97..f5afac8a
--- a/keptn/install.sh
+++ b/keptn/install.sh
@@ -4,4 +4,4 @@
curl -o keptn.tgz https://storage.googleapis.com/keptn-installer/keptn-0.8.3.tgz
# install the downloaded keptn helm chart
-helm upgrade keptn keptn.tgz --install -n keptn --create-namespace --wait --version=0.8.3 --set=control-plane.apiGatewayNginx.type=LoadBalancer --timeout 10m
\ No newline at end of file
+helm upgrade keptn keptn.tgz --install -n keptn --create-namespace --wait --version=0.8.3 --set=control-plane.apiGatewayNginx.type=LoadBalancer --timeout 10m
diff --git a/keptn/manifest.yaml b/keptn/manifest.yaml
index f42676fa..0f68f853 100644
--- a/keptn/manifest.yaml
+++ b/keptn/manifest.yaml
@@ -1,6 +1,7 @@
---
name: keptn
title: Keptn
+namespace: keptn
version: "0.8.3"
maintainer: gabriel.tanner@dynatrace.com, sangambiradar@hotmail.com
description: Keptn is a control plane for continuous delivery and automated operations. Traefik must not be installed since Keptn exposes itself via Nginx.
diff --git a/keptn/post_install.md b/keptn/post_install.md
index a26b31f1..b52a5f84 100644
--- a/keptn/post_install.md
+++ b/keptn/post_install.md
@@ -3,33 +3,36 @@
### Start using Keptn
1. Download the Keptn CLI:
- ```
- curl -sL https://get.keptn.sh | sudo -E bash
- ```
-1. Before you connect your CLI to your Keptn installation in Civo, make sure that Keptn is ready.
+ ```
+ curl -sL https://get.keptn.sh | sudo -E bash
+ ```
- ```
- kubectl get deploy -n keptn
- ```
+2. Before you connect your CLI to your Keptn installation in Civo, make sure that Keptn is ready.
- If all deployments are ready and available, please proceed to the next step.
+ ```
+ kubectl get deploy -n keptn
+ ```
+ If all deployments are ready and available, please proceed to the next step.
-1. Connect the CLI to the Keptn installation
- ```
- KEPTN_ENDPOINT=http://$(kubectl -n keptn get service api-gateway-nginx -o jsonpath='{$.status.loadBalancer.ingress[0].ip}')/api
- KEPTN_API_TOKEN=$(kubectl get secret keptn-api-token -n keptn -ojsonpath={.data.keptn-api-token} | base64 --decode)
- keptn auth --endpoint=$KEPTN_ENDPOINT --api-token=$KEPTN_API_TOKEN
- ```
+3. Connect the CLI to the Keptn installation
+
+ ```
+ KEPTN_ENDPOINT=http://$(kubectl -n keptn get service api-gateway-nginx -o jsonpath='{$.status.loadBalancer.ingress[0].ip}')/api
+ KEPTN_API_TOKEN=$(kubectl get secret keptn-api-token -n keptn -ojsonpath={.data.keptn-api-token} | base64 --decode)
-1. Access the bridge via:
- ```
- keptn configure bridge --output
- ```
+ keptn auth --endpoint=$KEPTN_ENDPOINT --api-token=$KEPTN_API_TOKEN
+ ```
-1. Follow the [tutorials](https://tutorials.keptn.sh/?cat=quality-gates) to get started! Please note that Keptn is already installed and these parts of the tutorials can be skipped :)
+4. Access the bridge via:
+
+ ```
+ keptn configure bridge --output
+ ```
+
+5. Follow the [tutorials](https://tutorials.keptn.sh/?cat=quality-gates) to get started! Please note that Keptn is already installed and these parts of the tutorials can be skipped :)
## Documentation and tutorials
diff --git a/keptn/uninstall.sh b/keptn/uninstall.sh
new file mode 100644
index 00000000..9e035613
--- /dev/null
+++ b/keptn/uninstall.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+# ============================================================================================
+# Create a kubeconfig file from daemon's service account
+# https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengaddingserviceaccttoken.htm
+# ============================================================================================
+TOKENNAME=`kubectl -n kubemart-system get serviceaccount/kubemart-daemon-svc-acc -o jsonpath='{.secrets[0].name}'`
+TOKEN=`kubectl -n kubemart-system get secret $TOKENNAME -o jsonpath='{.data.token}'| base64 --decode`
+
+kubectl config set-credentials kubemart-daemon-svc-acc --token=$TOKEN
+kubectl config set-context ephemeral --user=kubemart-daemon-svc-acc
+kubectl config use-context ephemeral
+
+# ============================================================================================
+# Uninstall Keptn
+# ============================================================================================
+curl -sL https://get.keptn.sh | bash
+keptn uninstall --yes
diff --git a/kube-hunter/manifest.yaml b/kube-hunter/manifest.yaml
index b0bd4ba5..656b130a 100644
--- a/kube-hunter/manifest.yaml
+++ b/kube-hunter/manifest.yaml
@@ -1,5 +1,6 @@
---
name: kube-hunter
+namespace: kube-hunter
version: latest
maintainer: "@milindchawre"
description: kube-hunter is an open-source tool that hunts for security issues in your Kubernetes clusters.
diff --git a/kube-hunter/post_install.md b/kube-hunter/post_install.md
index 4338f14a..5f80f01b 100644
--- a/kube-hunter/post_install.md
+++ b/kube-hunter/post_install.md
@@ -5,9 +5,11 @@
Here we run kube-hunter in a pod within the cluster. This gives an indication of how exposed your cluster would be in the event that one of your application pods is compromised (through a software vulnerability, for example).
Check the logs of the kube-hunter pod to see the results.
+
```
# Get the pod name
$ kubectl -n kube-hunter describe job kube-hunter
+
# Check the logs
$ kubectl -n kube-hunter logs
```
diff --git a/kube-scan/manifest.yaml b/kube-scan/manifest.yaml
index d6577af5..f43ffc3b 100644
--- a/kube-scan/manifest.yaml
+++ b/kube-scan/manifest.yaml
@@ -1,5 +1,6 @@
---
name: kube-scan
+namespace: kube-scan
version: v20.5
maintainer: "@milindchawre"
description: Kube-scan is risk assessment tool for your kubernetes cluster.
diff --git a/kube-scan/post_install.md b/kube-scan/post_install.md
index 166515eb..b9d06457 100644
--- a/kube-scan/post_install.md
+++ b/kube-scan/post_install.md
@@ -3,9 +3,11 @@
### Usage instruction
We use `kubectl port-forward` to expose kube-scan UI.
+
```
-kubectl port-forward --namespace kube-scan svc/kube-scan-ui 8080:80
+$ kubectl port-forward --namespace kube-scan svc/kube-scan-ui 8080:80
```
+
Now access the kube-scan UI at `http://localhost:8080`
To know more, check the [official guide](https://github.com/octarinesec/kube-scan).
diff --git a/kubei/manifest.yaml b/kubei/manifest.yaml
index 7fb22964..76c9b412 100644
--- a/kubei/manifest.yaml
+++ b/kubei/manifest.yaml
@@ -1,5 +1,6 @@
---
name: Kubei
+namespace: kubei
version: 1.0.7
maintainer: "@milindchawre"
description: Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters.
diff --git a/kubeless/manifest.yaml b/kubeless/manifest.yaml
index 1e98cc14..a8572ac7 100644
--- a/kubeless/manifest.yaml
+++ b/kubeless/manifest.yaml
@@ -1,4 +1,5 @@
name: Kubeless
+namespace: kubeless
version: 1.0.5
maintainer: "@gilsdav"
description: "Kubeless is a Kubernetes-native serverless framework that lets you deploy small bits of code without having to worry about the underlying infrastructure."
diff --git a/kubeless/post_install.md b/kubeless/post_install.md
index 4943f8a1..0b2b22cb 100644
--- a/kubeless/post_install.md
+++ b/kubeless/post_install.md
@@ -5,7 +5,7 @@
By default external access to the Kubeless UI isn't available. This is easily changed by applying the following YAML to your cluster with `kubectl apply -f kubeless-ingress.yaml` (or whatever you call the file containing the contents below):
-```
+```yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
@@ -32,7 +32,7 @@ This will open up `http://ui.kubeless.` to the whole world.
By default external access to the functions isn't available. This is easily changed by applying the following YAML to your cluster with `kubectl apply -f kubeless-functions-ingress.yaml` (or whatever you call the file containing the contents below):
-```
+```yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
@@ -63,4 +63,5 @@ This will open up
to the whole world.
#### Update
+
The same creation `apply` command can be used to update ingress configuration after adding a new function path.
diff --git a/kubeless/uninstall.sh b/kubeless/uninstall.sh
new file mode 100644
index 00000000..644ab755
--- /dev/null
+++ b/kubeless/uninstall.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# Init version
+export RELEASE=v1.0.5
+
+# Install Kubeless
+kubectl delete -f https://github.com/kubeless/kubeless/releases/download/$RELEASE/kubeless-$RELEASE.yaml
+
+# Install Kubeless UI
+kubectl delete -f https://raw.githubusercontent.com/kubeless/kubeless-ui/master/k8s.yaml
+
+# Delete namespace
+kubectl delete ns kubeless
diff --git a/kubenav/app.yaml b/kubenav/app.yaml
deleted file mode 100644
index 61b38463..00000000
--- a/kubenav/app.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- name: kubenav
----
-apiVersion: helm.cattle.io/v1
-kind: HelmChart
-metadata:
- name: kubenav
- namespace: kube-system
-spec:
- chart: kubenav
- targetNamespace: kubenav
- repo: https://kubenav.github.io/helm-repository
diff --git a/kubenav/install.sh b/kubenav/install.sh
new file mode 100644
index 00000000..d667aa2c
--- /dev/null
+++ b/kubenav/install.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+kubectl create ns kubenav
+
+helm repo add kubenav https://kubenav.github.io/helm-repository
+
+helm repo update
+
+helm upgrade --install \
+ kubenav kubenav/kubenav \
+ --namespace kubenav \
+ --version v1.1.0
diff --git a/kubenav/manifest.yaml b/kubenav/manifest.yaml
index ff2a834a..edf646e0 100644
--- a/kubenav/manifest.yaml
+++ b/kubenav/manifest.yaml
@@ -1,4 +1,5 @@
name: Kubenav
+namespace: kubenav
version: "3.1.0"
maintainer: "@si458"
description: "kubenav is the navigator for your Kubernetes clusters right in your browser"
diff --git a/kubenav/uninstall.sh b/kubenav/uninstall.sh
index 042ae3bb..dde40f59 100644
--- a/kubenav/uninstall.sh
+++ b/kubenav/uninstall.sh
@@ -1,7 +1,3 @@
#!/bin/bash
-# Delete the app
-helm delete -f app.yaml
-
-# Delete the namespace
-kubectl delete namespace kubenav
+helm --namespace kubenav delete kubenav
diff --git a/kubernetes-dashboard/manifest.yaml b/kubernetes-dashboard/manifest.yaml
index 91ae7f49..f403b12c 100644
--- a/kubernetes-dashboard/manifest.yaml
+++ b/kubernetes-dashboard/manifest.yaml
@@ -1,5 +1,6 @@
---
name: kubernetes-dashboard
+namespace: kubernetes-dashboard
title: "Kubernetes Dashboard"
version: v2.3.1
maintainer: morgan.lane@outlook.com
diff --git a/kubernetes-dashboard/post_install.md b/kubernetes-dashboard/post_install.md
index 74a85c86..a6411c44 100644
--- a/kubernetes-dashboard/post_install.md
+++ b/kubernetes-dashboard/post_install.md
@@ -5,14 +5,15 @@
In order to access the dashboard, you must obtain the bearer token for the admin service account. To do this, run the following command:
```
-kubectl -n kubernetes-dashboard describe secret admin-user-token | grep ^token
+$ SECRET_NAME=$(kubectl -n kubernetes-dashboard get secret | awk '/^admin-user-token-/{print $1}')
+$ TOKEN=$(kubectl -n kubernetes-dashboard get secret $SECRET_NAME -o jsonpath='{.data.token}' | base64 -d)
+$ echo $TOKEN
```
Once you have that token, you can do a port forward by running:
```
-kubectl -n kubernetes-dashboard port-forward svc/kubernetes-dashboard 8000:443
-
+$ kubectl -n kubernetes-dashboard port-forward svc/kubernetes-dashboard 8000:443
```
The dashboard will now be accessible at the following url:
diff --git a/linkerd/manifest.yaml b/linkerd/manifest.yaml
index b10aae32..0096ad84 100644
--- a/linkerd/manifest.yaml
+++ b/linkerd/manifest.yaml
@@ -1,5 +1,6 @@
---
name: Linkerd
+namespace: linkerd
version: Latest
maintainer: hello@buoyant.io
description: Linkerd is a service mesh, giving you runtime debugging, observability, reliability, and security.
@@ -21,4 +22,4 @@ plans:
- label: "Linkerd with Dashboard & Jaeger"
configuration:
LINKERD:
- value: theworks
\ No newline at end of file
+ value: theworks
diff --git a/linkerd/uninstall.sh b/linkerd/uninstall.sh
new file mode 100755
index 00000000..e9400747
--- /dev/null
+++ b/linkerd/uninstall.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+curl -sL https://run.linkerd.io/install | sh
+export PATH=$PATH:$HOME/.linkerd2/bin
+
+case $LINKERD in
+ linkerdjaeger)
+ linkerd jaeger uninstall | kubectl delete -f -
+ ;;
+ linkerdviz)
+ linkerd viz uninstall | kubectl delete -f -
+ ;;
+ theworks)
+ linkerd viz uninstall | kubectl delete -f -
+ linkerd jaeger uninstall | kubectl delete -f -
+ ;;
+esac
+
+linkerd uninstall | kubectl delete -f -
diff --git a/litmuschaos/manifest.yaml b/litmuschaos/manifest.yaml
index 200bc8af..aefe7aec 100644
--- a/litmuschaos/manifest.yaml
+++ b/litmuschaos/manifest.yaml
@@ -1,6 +1,7 @@
---
name: LitmusChaos
version: 2.0.15-Beta4
+namespace: litmuschaos
maintainer: gdsoumya@chaosnative.com, sayan@chaosnative.com
description: LitmusChaos is a cloud-native Chaos Engineering framework
url: https://github.com/litmuschaos/litmus
diff --git a/longhorn/install.sh b/longhorn/install.sh
index b66ece63..6146e066 100644
--- a/longhorn/install.sh
+++ b/longhorn/install.sh
@@ -1,4 +1,5 @@
#!/bin/sh
kubectl patch storageclass longhorn -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
+
kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"false"}}}'
diff --git a/longhorn/manifest.yaml b/longhorn/manifest.yaml
index e0ce92d0..acf782a2 100644
--- a/longhorn/manifest.yaml
+++ b/longhorn/manifest.yaml
@@ -1,6 +1,7 @@
---
name: Longhorn
version: 1.1.0
+namespace: longhorn-system
maintainer: hello@civo.com
description: Longhorn is a lightweight, reliable, and powerful distributed block storage system for Kubernetes.
url: https://github.com/longhorn/longhorn
diff --git a/longhorn/post_install.md b/longhorn/post_install.md
index acd10f95..8de25ea7 100644
--- a/longhorn/post_install.md
+++ b/longhorn/post_install.md
@@ -8,7 +8,6 @@ Longhorn requires a minimum of 3 nodes to function, if you attempt to install Lo
By default external access to the Longhorn dashboard isn't available. This is easily changed by applying the following YAML to your cluster with `kubectl apply -f longhorn-service.yaml` (or whatever you call the file containing the contents below):
-
```yaml
kind: Service
apiVersion: v1
@@ -21,16 +20,16 @@ spec:
selector:
app: longhorn-ui
ports:
- - port: 8000
- targetPort: 8000
+ - port: 8000
+ targetPort: 8000
type: LoadBalancer
```
-This will open up http://YOUR_CLUSTER_ID.k8s.civo.com:8000/dashboard to the whole world. You should lock this down in the [firewall](https://www.civo.com/account/firewalls) automatically created in Civo for your Kubernetes cluster. Locking down the firewall will only affect access from OUTSIDE of your Kubernetes cluster, access from your applications within Kubernetes will not be affected.
+This will open up http://DOMAIN_NAME:8000/dashboard to the whole world. You should lock this down in the [firewall](https://www.civo.com/account/firewalls) automatically created in Civo for your Kubernetes cluster. Locking down the firewall will only affect access from OUTSIDE of your Kubernetes cluster, access from your applications within Kubernetes will not be affected.
### Usage instructions
-Longhorn will be set as the default storage class. As such, and PersistentVolumeClaim (pvc) will automatically have storage provisioned with Longhorn's defaults. An example of such a request would be:
+Longhorn will be set as the default storage class. As such, and PersistentVolumeClaim (pvc) will automatically have storage provisioned with Longhorn's defaults. An example of such a request would be:
```yaml
apiVersion: v1
@@ -45,7 +44,7 @@ spec:
storage: 1Gi
```
-If you want to have more control over the longhorm volume properties (replica count, etc), create the PersistentVolume first. An example such as `pv.yaml` could be used:
+If you want to have more control over the longhorm volume properties (replica count, etc), create the PersistentVolume first. An example such as `pv.yaml` could be used:
```yaml
apiVersion: v1
@@ -66,8 +65,8 @@ spec:
driver: io.rancher.longhorn
fsType: ext4
volumeAttributes:
- numberOfReplicates: '2'
- staleReplicaTimeout: '20'
+ numberOfReplicates: "2"
+ staleReplicaTimeout: "20"
volumeHandle: mysql-data
```
diff --git a/longhorn/uninstall.sh b/longhorn/uninstall.sh
new file mode 100755
index 00000000..bf202365
--- /dev/null
+++ b/longhorn/uninstall.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+kubectl patch storageclass longhorn -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"false"}}}'
+
+kubectl patch storageclass local-path -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
+
+# https://longhorn.io/docs/1.1.0/deploy/uninstall/#uninstalling-longhorn-using-kubectl
+kubectl create -f https://raw.githubusercontent.com/longhorn/longhorn/v1.1.0/uninstall/uninstall.yaml
+
+kubectl wait --for=condition=complete --timeout=300s job/longhorn-uninstall
+
+kubectl get crds | grep longhorn | cut -d' ' -f1 | xargs -I % sh -c 'kubectl delete crd %'
+
+# https://longhorn.io/docs/1.1.0/deploy/uninstall/#uninstalling-longhorn-using-kubectl
+kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn/v1.1.0/uninstall/uninstall.yaml
diff --git a/maesh/install.sh b/maesh/install.sh
index 61372f8d..cce09d04 100644
--- a/maesh/install.sh
+++ b/maesh/install.sh
@@ -1,5 +1,12 @@
#!/bin/bash
+kubectl create ns maesh
+
helm repo add maesh https://containous.github.io/maesh/charts
+
helm repo update
-helm install --name=maesh --namespace=maesh maesh/maesh
+
+helm upgrade --install \
+ maesh maesh/maesh \
+ --namespace maesh \
+ --version v1.1.0
diff --git a/maesh/manifest.yaml b/maesh/manifest.yaml
index 34cc2aa1..fc951df4 100644
--- a/maesh/manifest.yaml
+++ b/maesh/manifest.yaml
@@ -1,9 +1,8 @@
---
name: Maesh
+namespace: maesh
version: Latest
maintainer: hello@civo.com
description: Maesh is an easy to configure and non-invasive service mesh that allows visibility and management of the traffic flows.
url: https://mae.sh
-dependencies:
- - Helm
category: architecture
diff --git a/maesh/uninstall.sh b/maesh/uninstall.sh
new file mode 100644
index 00000000..80954fe0
--- /dev/null
+++ b/maesh/uninstall.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# Uninstall
+helm --namespace maesh delete maesh
+
+# Delete CRDs
+helm repo add maesh https://containous.github.io/maesh/charts
+helm repo update
+helm pull https://containous.github.io/maesh/charts maesh/maesh
+TAR_FILE=$(ls | grep maesh*.tgz)
+echo "Chart file:" $TAR_FILE
+tar -xvf $TAR_FILE
+kubectl delete -f ./maesh/crds
diff --git a/mariadb/app.yaml b/mariadb/app.yaml
index 9441ec45..b406b62f 100644
--- a/mariadb/app.yaml
+++ b/mariadb/app.yaml
@@ -23,7 +23,7 @@ metadata:
namespace: mariadb
spec:
ports:
- - port: 3306
+ - port: 3306
selector:
app: mariadb
clusterIP: None
@@ -45,21 +45,21 @@ spec:
app: mariadb
spec:
containers:
- - image: mariadb:10.4.7
- name: mariadb
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: mysql-pass
- key: MYSQL_ROOT_PASSWORD
- ports:
- - containerPort: 3306
+ - image: mariadb:10.5.8
name: mariadb
- volumeMounts:
- - name: mariadb-persistent-storage
- mountPath: /var/lib/mysql
+ env:
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: mysql-pass
+ key: MYSQL_ROOT_PASSWORD
+ ports:
+ - containerPort: 3306
+ name: mariadb
+ volumeMounts:
+ - name: mariadb-persistent-storage
+ mountPath: /var/lib/mysql
volumes:
- - name: mariadb-persistent-storage
- persistentVolumeClaim:
- claimName: mariadb-pv-claim
+ - name: mariadb-persistent-storage
+ persistentVolumeClaim:
+ claimName: mariadb-pv-claim
diff --git a/mariadb/manifest.yaml b/mariadb/manifest.yaml
index 1eebe4ed..74285e9c 100644
--- a/mariadb/manifest.yaml
+++ b/mariadb/manifest.yaml
@@ -1,6 +1,7 @@
---
name: MariaDB
-version: 10.4.7
+namespace: mariadb
+version: 10.5.8
maintainer: hello@civo.com
description: MariaDB is a community-developed fork of MySQL intended to remain free under the GNU GPL.
url: https://mariadb.com
diff --git a/mariadb/post_install.md b/mariadb/post_install.md
index ac179d5d..e99f2d3e 100644
--- a/mariadb/post_install.md
+++ b/mariadb/post_install.md
@@ -35,6 +35,6 @@ $ kubectl run tmp-shell --generator=run-pod/v1 --rm -i \
/ # mysql -u root -pYOUR_ROOT_PASSWORD_HERE -h mariadb
mysql> CREATE DATABASE my_application;
-mysql> GRANT ALL ON my_application.* to my_user identified
+mysql> GRANT ALL ON my_application.* to my_user identified
by 'super-strong-password-here';
```
diff --git a/mariadb/pre_install.sh b/mariadb/pre_install.sh
old mode 100644
new mode 100755
index baa0adcc..1a61798e
--- a/mariadb/pre_install.sh
+++ b/mariadb/pre_install.sh
@@ -1,10 +1,8 @@
#!/bin/bash
-kubectl create ns mariadb
-cat < CREATE DATABASE nextcloud_db;
MariaDB [(none)]> CREATE USER nc_user identified by 'strong-password';
@@ -20,12 +29,10 @@ MariaDB [(none)]> GRANT ALL ON nextcloud_db.* TO nc_user;
An ingress is automatically created during the application install. A certificate using cert manager and lets-encrypt is also applied automatically and registered against your email address and the generated domain name.
-You can access this via: https://nextcloud.$DOMAIN_NAME
+You can access this via: https://nextcloud.DOMAIN_NAME
###
-You should now see the setup page where you can enter the database details created above.
-> Note the database server is called mariadb
-
-
+You should now see the setup page where you can enter the database details created above.
+> Note the database server is called mariadb
diff --git a/nodered/app.yaml b/nodered/app.yaml
index 403111a8..b0f10e29 100644
--- a/nodered/app.yaml
+++ b/nodered/app.yaml
@@ -10,7 +10,7 @@ metadata:
namespace: nodered
spec:
accessModes:
- - ReadWriteOnce
+ - ReadWriteOnce
resources:
requests:
storage: $VOLUME_SIZE
@@ -61,9 +61,9 @@ spec:
periodSeconds: 30
timeoutSeconds: 5
volumes:
- - name: data
- persistentVolumeClaim:
- claimName: nodered-pv-claim
+ - name: data
+ persistentVolumeClaim:
+ claimName: nodered-pv-claim
---
apiVersion: v1
kind: Service
@@ -72,9 +72,9 @@ metadata:
namespace: nodered
spec:
ports:
- - name: "http-1880"
- port: 1880
- targetPort: web
+ - name: "http-1880"
+ port: 1880
+ targetPort: web
selector:
app: nodered
---
diff --git a/nodered/post_install.md b/nodered/post_install.md
index 593a7959..ca76a0f6 100644
--- a/nodered/post_install.md
+++ b/nodered/post_install.md
@@ -2,7 +2,7 @@
## External Access
-An Ingress is created during the installation process. To access your Node-RED use http://nodered.$DOMAIN_NAME
+An Ingress is created during the installation process. To access your Node-RED use http://nodered.DOMAIN_NAME
If you want to change the hostname or modify the ingress, edit it with
diff --git a/okteto/install.sh b/okteto/install.sh
index 23f3432c..63b73186 100755
--- a/okteto/install.sh
+++ b/okteto/install.sh
@@ -22,7 +22,7 @@ helm repo update
kubectl create namespace okteto --dry-run=client -o yaml | kubectl apply -f -
kubectl apply -f https://charts.okteto.com/crds.yaml
-helm upgrade --install civo okteto/okteto-enterprise --namespace okteto -f https://raw.githubusercontent.com/civo/kubernetes-marketplace/master/okteto/config.yaml --set email="$email" --set adminToken="$adminToken" --set subdomain="$subdomain" --set ingress.ip=$ingress --version 0.9.2
+helm upgrade --install civo okteto/okteto-enterprise --namespace okteto -f https://raw.githubusercontent.com/civo/kubernetes-marketplace/master/okteto/config.yaml --set email="$email" --set adminToken="$adminToken" --set subdomain="$subdomain" --set ingress.ip=$ingress --version 0.9.6
if [ ! $? -eq 0 ]; then
echo 'failed to install okteto-enterprise'
exit 1
diff --git a/okteto/manifest.yaml b/okteto/manifest.yaml
index e9779cf9..8f11aeb0 100644
--- a/okteto/manifest.yaml
+++ b/okteto/manifest.yaml
@@ -1,9 +1,9 @@
---
name: okteto-enterprise
title: "Okteto Enterprise"
-version: 0.9.2
+version: 0.9.6
maintainer: "@rberrelleza"
-description: Development Platform for Microservices, powered by Kubernetes
+description: Development Environments for your Cloud Native Apps, powered by Kubernetes
url: https://okteto.com/enterprise
category: management
configuration:
diff --git a/okteto/post_install.md b/okteto/post_install.md
index d10429dc..c00de41d 100644
--- a/okteto/post_install.md
+++ b/okteto/post_install.md
@@ -1,8 +1,8 @@
## Okteto Enterprise
-Okteto Enterprise is a Developer Platform for Microservices powered by Kubernetes.
+Thank you for deploying [Okteto Enterprise](https://okteto.com/enterprise) to Civo's Kubernetes service.
-Thank you for deploying [Okteto Enterprise](https://okteto.com/enterprise) to Civo's k3s service.
+Okteto Enterprise gives you Development Environments for your Cloud Native Apps, powered by Kubernetes.
## Obtain access
diff --git a/openfaas/manifest.yaml b/openfaas/manifest.yaml
index c1b85e0d..3249bf6f 100644
--- a/openfaas/manifest.yaml
+++ b/openfaas/manifest.yaml
@@ -1,7 +1,5 @@
name: OpenFaaS
version: 0.18.0
-dependencies:
- - Helm
maintainer: "@openfaasltd"
namespace: openfaas
description: "OpenFaaS makes it easy for developers to deploy event-driven functions and microservices to Kubernetes without repetitive, boiler-plate coding."
diff --git a/portainer/post_install.md b/portainer/post_install.md
index 133454f7..fe38a7f0 100644
--- a/portainer/post_install.md
+++ b/portainer/post_install.md
@@ -4,7 +4,6 @@
By default external access to the Portainer isn't available. This is easily changed by applying the following YAML to your cluster with `kubectl apply -f portainer-ingress.yaml` (or whatever you call the file containing the contents below):
-
```
apiVersion: extensions/v1beta1
kind: Ingress
@@ -21,5 +20,4 @@ spec:
servicePort: 9000
```
-
-This will open up http://portainer.$DOMAIN_NAME to the whole world.
+This will open up http://portainer.DOMAIN_NAME to the whole world.
diff --git a/postgresql/post_install.md b/postgresql/post_install.md
index 6ec03bac..d82f2819 100644
--- a/postgresql/post_install.md
+++ b/postgresql/post_install.md
@@ -33,7 +33,7 @@ $ kubectl run tmp-shell --generator=run-pod/v1 --rm -i \
/ # apk update
/ # apk add postgresql-client
/ # psql -U ADMIN_USERNAME -h postgresql postgresdb
-Password for user 12CNT2Eq6i:
+Password for user 12CNT2Eq6i:
psql (11.5)
Type "help" for help.
diff --git a/rabbitmq/manifest.yaml b/rabbitmq/manifest.yaml
index e01ebcba..b10f2bfc 100644
--- a/rabbitmq/manifest.yaml
+++ b/rabbitmq/manifest.yaml
@@ -1,5 +1,6 @@
---
name: RabbitMQ
+namespace: rabbitmq
version: "3.8.8-management"
maintainer: habil@bozali.com
description: RabbitMQ is an open-source message-broker software that originally implemented the Advanced Message Queuing Protocol.
diff --git a/redis/post_install.md b/redis/post_install.md
index e332f3d1..9c67ea5f 100644
--- a/redis/post_install.md
+++ b/redis/post_install.md
@@ -31,7 +31,7 @@ $ kubectl run tmp-shell --generator=run-pod/v1 --rm -i --tty \
/ # apk update
/ # apk add redis
/ # redis-cli -h redis -a YOUR_PASSWORD_HERE
-redis:6379>
+redis:6379>
```
When you quit the shell the pod for this temporary Alpine container will be deleted.
diff --git a/tekton/post_install.md b/tekton/post_install.md
index 46427c76..06f8e3d0 100644
--- a/tekton/post_install.md
+++ b/tekton/post_install.md
@@ -1,6 +1,6 @@
## Tekton
-This marketplace application installs three components of the Tekton Suite. Those are the core Pipeline, along with Triggers and the Dashboard.
+This marketplace application installs three components of the Tekton Suite. Those are the core Pipeline, along with Triggers and the Dashboard.
### Usage Instructions
@@ -20,7 +20,7 @@ kubectl --namespace tekton-pipelines port-forward svc/tekton-dashboard 9097:9097
### Exposing Trigger EventListeners
-Incoming triggers can be exposed through an Ingress. [The core instructions](https://tekton.dev/docs/triggers/exposing-eventlisteners/) can be used with the following modifications:
+Incoming triggers can be exposed through an Ingress. [The core instructions](https://tekton.dev/docs/triggers/exposing-eventlisteners/) can be used with the following modifications:
1. Skip step one under "Using Nginx Ingress", as the Traefik ingress should work
2. Obtain the event-lister with a `kubectl get el -o=jsonpath='{.status.configuration.generatedName}'` command
@@ -42,4 +42,4 @@ Incoming triggers can be exposed through an Ingress. [The core instructions](ht
servicePort: 8080
```
-This will open up http://eventlistenername.YOUR-DOMAIN-NAME to trigger the service. Ensure your event-listener has the necessary interceptor configuration in place to prevent unauthorized triggering of the pipeline.
+This will open up http://eventlistenername.DOMAIN_NAME to trigger the service. Ensure your event-listener has the necessary interceptor configuration in place to prevent unauthorized triggering of the pipeline.
diff --git a/wordpress/app.yaml b/wordpress/app.yaml
index 23bbe2c0..482e806e 100644
--- a/wordpress/app.yaml
+++ b/wordpress/app.yaml
@@ -1,3 +1,11 @@
+# ********
+# README
+# ********
+# When you are updating WordPress image e.g. from 5.5.0 to 5.5.1,
+# please also update the version in the init container. There are
+# three (3) occurrence of version number in this file. Update them all.
+# Tip: use `Ctrl/Cmd + F` to search them.
+
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
@@ -5,7 +13,7 @@ metadata:
namespace: wordpress
spec:
accessModes:
- - ReadWriteOnce
+ - ReadWriteOnce
resources:
requests:
storage: $VOLUME_SIZE
@@ -16,6 +24,8 @@ metadata:
name: wordpress
namespace: wordpress
spec:
+ strategy:
+ type: Recreate
replicas: 1
selector:
matchLabels:
@@ -51,34 +61,55 @@ spec:
periodSeconds: 10
timeoutSeconds: 5
initContainers:
- - name: prepare-ssl-config
- image: busybox
- command: ["sh", "-c"]
- args:
- - if [ ! -e /var/www/html/civo-init.sh ]; then
- WP_CONFIG_FILE=/var/www/html/wp-config-sample.php;
-
- echo "LINES=\$(cat $WP_CONFIG_FILE | wc -l)" >> /var/www/html/civo-init.sh;
- echo "let LINES=\$LINES-2" >> /var/www/html/civo-init.sh;
- echo "head -\${LINES} wp-config-sample.php > /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
- echo "tail -3 wp-config-sample.php > /tmp/tail_temp.txt" >> /var/www/html/civo-init.sh;
- echo "echo 'if (isset(\$_SERVER[\"HTTP_X_FORWARDED_PROTO\"]) && \$_SERVER[\"HTTP_X_FORWARDED_PROTO\"] === \"https\") {' >> /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
- echo "echo ' \$_SERVER[\"HTTPS\"] = \"on\";' >> /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
- echo "echo '}' >> /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
- echo "cat /tmp/head_temp.txt > $WP_CONFIG_FILE" >> /var/www/html/civo-init.sh;
- echo "cat /tmp/tail_temp.txt >> $WP_CONFIG_FILE" >> /var/www/html/civo-init.sh;
- echo "rm -f /tmp/head_temp.txt /tmp/tail_temp.txt" >> /var/www/html/civo-init.sh;
+ - name: update-wordpress-files
+ image: wordpress:5.5.3
+ command: ["sh", "-c"]
+ args:
+ - if test -f "/var/www/html/wp-config.php"; then
+ echo "--- start ---";
+ echo "Date & time - $(date)";
+ echo "Current directory - $(pwd)";
+ echo "User - $(whoami)";
+ curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar;
+ php wp-cli.phar --info;
+ chmod +x wp-cli.phar;
+ mv wp-cli.phar /usr/local/bin/wp;
+ wp core download --force --allow-root --version=5.5.3;
+ chown -R www-data:www-data .;
+ echo "--- end ---";
+ fi;
+ volumeMounts:
+ - mountPath: /var/www/html
+ name: data
+ subPath: html
+ - name: prepare-ssl-config
+ image: busybox
+ command: ["sh", "-c"]
+ args:
+ - if [ ! -e /var/www/html/civo-init.sh ]; then
+ WP_CONFIG_FILE=/var/www/html/wp-config-sample.php;
- chmod +x /var/www/html/civo-init.sh;
- fi;
- volumeMounts:
- - mountPath: /var/www/html
- name: data
- subPath: html
+ echo "LINES=\$(cat $WP_CONFIG_FILE | wc -l)" >> /var/www/html/civo-init.sh;
+ echo "let LINES=\$LINES-2" >> /var/www/html/civo-init.sh;
+ echo "head -\${LINES} wp-config-sample.php > /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
+ echo "tail -3 wp-config-sample.php > /tmp/tail_temp.txt" >> /var/www/html/civo-init.sh;
+ echo "echo 'if (isset(\$_SERVER[\"HTTP_X_FORWARDED_PROTO\"]) && \$_SERVER[\"HTTP_X_FORWARDED_PROTO\"] === \"https\") {' >> /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
+ echo "echo ' \$_SERVER[\"HTTPS\"] = \"on\";' >> /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
+ echo "echo '}' >> /tmp/head_temp.txt" >> /var/www/html/civo-init.sh;
+ echo "cat /tmp/head_temp.txt > $WP_CONFIG_FILE" >> /var/www/html/civo-init.sh;
+ echo "cat /tmp/tail_temp.txt >> $WP_CONFIG_FILE" >> /var/www/html/civo-init.sh;
+ echo "rm -f /tmp/head_temp.txt /tmp/tail_temp.txt" >> /var/www/html/civo-init.sh;
+
+ chmod +x /var/www/html/civo-init.sh;
+ fi;
+ volumeMounts:
+ - mountPath: /var/www/html
+ name: data
+ subPath: html
volumes:
- - name: data
- persistentVolumeClaim:
- claimName: wordpress-pv-claim
+ - name: data
+ persistentVolumeClaim:
+ claimName: wordpress-pv-claim
---
apiVersion: v1
kind: Service
@@ -87,9 +118,9 @@ metadata:
namespace: wordpress
spec:
ports:
- - name: "http-80"
- port: 80
- targetPort: web
+ - name: "http-80"
+ port: 80
+ targetPort: web
selector:
app: wordpress
---
@@ -100,9 +131,9 @@ metadata:
namespace: wordpress
spec:
rules:
- - host: wordpress.$CLUSTER_ID.k8s.civo.com
- http:
- paths:
- - backend:
- serviceName: wordpress
- servicePort: 80
+ - host: wordpress.$DOMAIN_NAME
+ http:
+ paths:
+ - backend:
+ serviceName: wordpress
+ servicePort: 80
diff --git a/wordpress/post_install.md b/wordpress/post_install.md
index 131cea48..eafa0066 100644
--- a/wordpress/post_install.md
+++ b/wordpress/post_install.md
@@ -1,5 +1,13 @@
# WordPress
+## DB Root Password
+
+To retrieve MariaDB root password, run:
+
+```
+$ kubectl -n mariadb get secret mysql-pass -o=jsonpath='{.data.MYSQL_ROOT_PASSWORD}' | base64 -d
+```
+
## Database Creation
You'll need to create a user and a database in MariaDB before you can configure your Wordpress.
@@ -8,7 +16,7 @@ You'll need to create a user and a database in MariaDB before you can configure
$ kubectl exec -it svc/mariadb -- /bin/sh
# mysql -u root -p
-Enter password: YOUR_ROOT_PASSWORD_HERE
+Enter password: enter_db_root_password_here
MariaDB [(none)]> CREATE DATABASE wordpress_db;
MariaDB [(none)]> CREATE USER wordpress_user identified by 'strong-password';
@@ -19,7 +27,7 @@ MariaDB [(none)]> GRANT ALL ON wordpress_db.* TO wordpress_user;
Traefik works as a proxy server, so you need to alert WordPress of that fact. Without this configuration you'll see a **too many redirects** error when accessing the page.
-To simplify this configuration when the WordPress is installed an script is created to add the required lines to the *wp-config-sample.php*
+To simplify this configuration when the WordPress is installed an script is created to add the required lines to the _wp-config-sample.php_
Use the following command to execute it when your WordPress pod reach running state.
@@ -27,7 +35,7 @@ Use the following command to execute it when your WordPress pod reach running st
kubectl exec -it svc/wordpress -- bash -c /var/www/html/civo-init.sh
```
-After the script execution the following lines will be added to the *wp-config-sample.php* file, and they will be present in wp-config.php after wizard setup.
+After the script execution the following lines will be added to the _wp-config-sample.php_ file, and they will be present in wp-config.php after wizard setup.
```
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
@@ -41,17 +49,18 @@ The first time you access to your WordPress a wizard setup will be loaded. In th
Based on the database creation example above, the fields would be filled like this:
-* **Database Name:** *wordpress_db*
-* **Username:** *wordpress_user*
-* **Password:** *strong-password*
-* **Database Host:** *mariadb*
-* **Table Prefix:** *wp_*
+- **Database Name:** _wordpress_db_
+- **Username:** _wordpress_user_
+- **Password:** _strong-password_
+- **Database Host:** _mariadb_
+- **Table Prefix:** _wp\__
## External Access
-An Ingress is created during the installation process. To access your wordpress use http://wordpress.YOUR_DOMAIN_NAME
+An Ingress is created during the installation process. To access your wordpress use http://wordpress.DOMAIN_NAME
If you want to change the hostname or modify the ingress, edit it with
+
```
kubectl edit ingress wordpress
```
diff --git a/z-app-1/app.yaml b/z-app-1/app.yaml
new file mode 100644
index 00000000..0ee91f87
--- /dev/null
+++ b/z-app-1/app.yaml
@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: z-app-1
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx
+ namespace: z-app-1
+spec:
+ selector:
+ matchLabels:
+ app: nginx
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:latest
+ ports:
+ - containerPort: 80
diff --git a/z-app-1/logo.png b/z-app-1/logo.png
new file mode 100644
index 00000000..a8809467
Binary files /dev/null and b/z-app-1/logo.png differ
diff --git a/z-app-1/manifest.yaml b/z-app-1/manifest.yaml
new file mode 100644
index 00000000..19361ae1
--- /dev/null
+++ b/z-app-1/manifest.yaml
@@ -0,0 +1,10 @@
+---
+name: z-app-1
+title: Test App 1
+version: "0.0.1"
+maintainer: user@example.com
+description: This is Test App 1 description...
+url: https://www.testapp1.com/
+category: management
+dependencies:
+ - z-app-2
diff --git a/z-app-1/post_install.md b/z-app-1/post_install.md
new file mode 100644
index 00000000..b0047fa4
--- /dev/null
+++ b/z-app-1/post_install.md
@@ -0,0 +1 @@
+None
diff --git a/z-app-2/app.yaml b/z-app-2/app.yaml
new file mode 100644
index 00000000..3d0f6260
--- /dev/null
+++ b/z-app-2/app.yaml
@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: z-app-2
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx
+ namespace: z-app-2
+spec:
+ selector:
+ matchLabels:
+ app: nginx
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:latest
+ ports:
+ - containerPort: 80
diff --git a/z-app-2/logo.png b/z-app-2/logo.png
new file mode 100644
index 00000000..7ce2b9a1
Binary files /dev/null and b/z-app-2/logo.png differ
diff --git a/z-app-2/manifest.yaml b/z-app-2/manifest.yaml
new file mode 100644
index 00000000..05459ab4
--- /dev/null
+++ b/z-app-2/manifest.yaml
@@ -0,0 +1,10 @@
+---
+name: z-app-2
+title: Test App 2
+version: "0.0.2"
+maintainer: user@example.com
+description: This is Test App 2 description...
+url: https://www.testapp2.com/
+category: management
+dependencies:
+ - z-app-3
diff --git a/z-app-2/post_install.md b/z-app-2/post_install.md
new file mode 100644
index 00000000..b0047fa4
--- /dev/null
+++ b/z-app-2/post_install.md
@@ -0,0 +1 @@
+None
diff --git a/z-app-3/app.yaml b/z-app-3/app.yaml
new file mode 100644
index 00000000..3563e1ab
--- /dev/null
+++ b/z-app-3/app.yaml
@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: z-app-3
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx
+ namespace: z-app-3
+spec:
+ selector:
+ matchLabels:
+ app: nginx
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:latest
+ ports:
+ - containerPort: 80
diff --git a/z-app-3/logo.png b/z-app-3/logo.png
new file mode 100644
index 00000000..8cb88d5e
Binary files /dev/null and b/z-app-3/logo.png differ
diff --git a/z-app-3/manifest.yaml b/z-app-3/manifest.yaml
new file mode 100644
index 00000000..fd17f9fe
--- /dev/null
+++ b/z-app-3/manifest.yaml
@@ -0,0 +1,10 @@
+---
+name: z-app-3
+title: Test App 3
+version: "0.0.3"
+maintainer: user@example.com
+description: This is Test App 3 description...
+url: https://www.testapp3.com/
+category: architecture
+dependencies:
+ - z-app-4
diff --git a/z-app-3/post_install.md b/z-app-3/post_install.md
new file mode 100644
index 00000000..b0047fa4
--- /dev/null
+++ b/z-app-3/post_install.md
@@ -0,0 +1 @@
+None
diff --git a/z-app-4/app.yaml b/z-app-4/app.yaml
new file mode 100644
index 00000000..8995e813
--- /dev/null
+++ b/z-app-4/app.yaml
@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: z-app-4
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx
+ namespace: z-app-4
+spec:
+ selector:
+ matchLabels:
+ app: nginx
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:latest
+ ports:
+ - containerPort: 80
diff --git a/z-app-4/logo.png b/z-app-4/logo.png
new file mode 100644
index 00000000..01552702
Binary files /dev/null and b/z-app-4/logo.png differ
diff --git a/z-app-4/manifest.yaml b/z-app-4/manifest.yaml
new file mode 100644
index 00000000..a236ba73
--- /dev/null
+++ b/z-app-4/manifest.yaml
@@ -0,0 +1,8 @@
+---
+name: z-app-4
+title: Test App 4
+version: "0.0.4"
+maintainer: user@example.com
+description: This is Test App 4 description...
+url: https://www.testapp4.com/
+category: architecture
diff --git a/z-app-4/post_install.md b/z-app-4/post_install.md
new file mode 100644
index 00000000..b0047fa4
--- /dev/null
+++ b/z-app-4/post_install.md
@@ -0,0 +1 @@
+None
diff --git a/z-nginx/app.yaml b/z-nginx/app.yaml
new file mode 100644
index 00000000..6e1251d0
--- /dev/null
+++ b/z-nginx/app.yaml
@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: z-nginx
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx
+ namespace: z-nginx
+spec:
+ selector:
+ matchLabels:
+ app: nginx
+ replicas: 3
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:latest
+ ports:
+ - containerPort: 80
+ env:
+ - name: RANDOM_WORDS
+ value: $RANDOM_WORDS
+ - name: VERSION
+ value: 0.0.28
diff --git a/z-nginx/logo.png b/z-nginx/logo.png
new file mode 100644
index 00000000..5d542803
Binary files /dev/null and b/z-nginx/logo.png differ
diff --git a/z-nginx/manifest.yaml b/z-nginx/manifest.yaml
new file mode 100644
index 00000000..4d5b12e9
--- /dev/null
+++ b/z-nginx/manifest.yaml
@@ -0,0 +1,13 @@
+---
+name: z-nginx
+title: Nginx Test
+namespace: z-nginx
+version: "0.0.28"
+maintainer: user@example.com
+description: This is Nginx Test app description...
+url: https://www.nginxtestapp.com/
+category: architecture
+configuration:
+ RANDOM_WORDS:
+ label: "Random words"
+ value: "KUBEMART:WORDS(10)"
diff --git a/z-nginx/post_install.md b/z-nginx/post_install.md
new file mode 100644
index 00000000..b0047fa4
--- /dev/null
+++ b/z-nginx/post_install.md
@@ -0,0 +1 @@
+None