Add nginx ingress config to k8s services (#472)

Update README in accordance to latest changes. Add gRPC load balancing setup. Add healthcheck to k8s setup. Signed-off-by: Aleksandar Novakovic <aleksandar.novakovic@mainflux.com>
absmach · Nov 27, 2018 · 16be533 · 16be533
1 parent c897803
commit 16be533
Show file tree

Hide file tree

Showing 11 changed files with 390 additions and 224 deletions.
diff --git a/k8s/README.md b/k8s/README.md
@@ -5,18 +5,14 @@ Scripts to deploy Mainflux on Kubernetes (https://kubernetes.io). Work in progre
 
 ### 1. Setup NATS
 
-- Update `nats.conf` according to your needs.
+- To setup NATS cluster on k8s we recommend using [NATS operator](https://github.com/nats-io/nats-operator). NATS cluster should be deployed on namespace `nats-io` under the name `nats-cluster`.
 
-- Create Kubernetes configmap to store NATS configuration:
+### 2. Setup gRPC services Istio sidecar
 
-```
-kubectl create configmap nats-config --from-file=k8s/nats/nats.conf
-```
-
-- Deploy NATS:
+- To load balance gRPC services we recommend using [Istio](https://istio.io/docs/setup/kubernetes/download-release/) sidecar. In order to use automatic inject you should run following command:
 
 ```
-kubectl create -f k8s/nats/nats.yml
+kubectl create -f k8s/mainflux/namespace.yml
 ```
 
 ### 2. Setup Users service
@@ -60,6 +56,7 @@ kubectl create -f k8s/mainflux/normalizer.yml
 - Deploy adapter service:
 
 ```
+kubectl create -f k8s/mainflux/tcp-services.yml
 kubectl create -f k8s/mainflux/<adapter_service_name>.yml
 ```
 
@@ -71,26 +68,6 @@ kubectl create -f k8s/mainflux/<adapter_service_name>.yml
 kubectl create -f k8s/mainflux/dashflux.yml
 ```
 
-### 7. Setup NginX Reverse Proxy for Mainflux Services
-
-- Create TLS server side certificate and keys:
-
-```
-kubectl create secret generic mainflux-secret --from-file=k8s/nginx/ssl/certs/mainflux-server.crt --from-file=k8s/nginx/ssl/certs/mainflux-server.key --from-file=k8s/nginx/ssl/dhparam.pem
-```
-
-- Create Kubernetes configmap to store NginX configuration:
-
-```
-kubectl create configmap mainflux-nginx-config --from-file=k8s/nginx/nginx.conf
-```
-
-- Deploy NginX service:
-
-```
-kubectl create -f k8s/nginx/nginx.yml
-```
-
-### 8. Configure Internet Access
+### 7. Configure Internet Access
 
-Configure NAT on your Firewall to forward ports 80 (HTTP) and 443 (HTTPS) to mainflux-nginx service
+Configure NAT on your Firewall to forward ports 80 (HTTP) and 443 (HTTPS) to nginx ingress service
diff --git a/k8s/mainflux/http.yml b/k8s/mainflux/http.yml
@@ -1,11 +1,66 @@
-apiVersion: apps/v1beta1 
-kind: Deployment 
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: http-adapter
+  namespace: grpc-services
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  tls:
+  - hosts:
+    - mainflux-iot.ha.rs
+    secretName: mainflux-secret
+  rules:
+  - host: mainflux-iot.ha.rs
+    http:
+      paths:
+      - path: /http
+        backend:
+          serviceName: http-adapter
+          servicePort: 8185
+---
+apiVersion: v1
+kind: Service
 metadata:
   name: http-adapter
+  namespace: grpc-services
   labels:
-    component: http-adapter 
+    component: http-adapter
+spec:
+  type: LoadBalancer
+  selector:
+    component: http-adapter
+  ports:
+  - port: 8185
+    name: http
+---
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: http-adapter
+  namespace: grpc-services
+spec:
+  scaleTargetRef:
+    apiVersion: extensions/v1beta1
+    kind: Deployment
+    name: http-adapter
+  minReplicas: 3
+  maxReplicas: 10
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      targetAverageUtilization: 80
+---
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: http-adapter
+  namespace: grpc-services
+  labels:
+    component: http-adapter
 spec:
-  replicas: 3
   template:
     metadata:
       labels:
@@ -14,27 +69,18 @@ spec:
       containers:
       - name: mainflux-http
         image: mainflux/http:latest
-        imagePullPolicy: Always
         ports:
         - containerPort: 8185
         env:
         - name: MF_THINGS_URL
           value: "things:8183"
         - name: MF_NATS_URL
-          value: "nats://nats:4222"
+          value: "nats://nats-cluster.nats-io:4222"
         - name:  MF_HTTP_ADAPTER_PORT
           value: "8185"
----
-apiVersion: v1 
-kind: Service 
-metadata:
-  name: http-adapter
-  labels:
-    component: http-adapter 
-spec:
-  selector:
-    component: http-adapter
-  ports:
-  - port: 8185
-  type: LoadBalancer
-
+        livenessProbe:
+          httpGet:
+            path: /version
+            port: 8185
+          initialDelaySeconds: 3
+          periodSeconds: 3
diff --git a/k8s/mainflux/mqtt.yml b/k8s/mainflux/mqtt.yml
@@ -1,11 +1,64 @@
-apiVersion: apps/v1beta1 
-kind: Deployment 
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: mqtt-adapter
+  namespace: grpc-services
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  rules:
+  - host: mainflux-iot.ha.rs
+    http:
+      paths:
+      - path: /mqtt
+        backend:
+          serviceName: mqtt-adapter
+          servicePort: 8880
+---
+apiVersion: v1
+kind: Service
 metadata:
   name: mqtt-adapter
+  namespace: grpc-services
   labels:
-    component: mqtt-adapter 
+    component: mqtt-adapter
+spec:
+  selector:
+    component: mqtt-adapter
+  ports:
+  - port: 1883
+    name: mqtt
+  - port: 8880
+    name: ws
+  type: LoadBalancer
+---
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: mqtt-adapter
+  namespace: grpc-services
+spec:
+  scaleTargetRef:
+    apiVersion: extensions/v1beta1
+    kind: Deployment
+    name: mqtt-adapter
+  minReplicas: 3
+  maxReplicas: 10
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      targetAverageUtilization: 80
+---
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: mqtt-adapter
+  namespace: grpc-services
+  labels:
+    component: mqtt-adapter
 spec:
-  replicas: 3
   template:
     metadata:
       labels:
@@ -24,20 +77,10 @@ spec:
         - name: MF_THINGS_URL
           value: "things:8183"
         - name: MF_NATS_URL
-          value: "nats://nats:4222"
----
-apiVersion: v1 
-kind: Service 
-metadata:
-  name: mqtt-adapter
-  labels:
-    component: mqtt-adapter 
-spec:
-  selector:
-    component: mqtt-adapter
-  ports:
-  - port: 1883
-    name: mqtt
-  - port: 8880
-    name: ws
-  type: LoadBalancer
+          value: "nats://nats-cluster.nats-io:4222"
+        - name: MF_MQTT_REDIS_HOST
+          value: "redis-master.redis"
+        - name: MF_MQTT_REDIS_PORT
+          value: "6379"
+        - name: MF_MQTT_REDIS_PASS
+          value: "piIUITrNMc"
diff --git a/k8s/mainflux/namespace.yml b/k8s/mainflux/namespace.yml
@@ -0,0 +1,8 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: "grpc-services"
+  labels:
+    name: "grpc-services"
+    istio-injection: "enabled"
diff --git a/k8s/mainflux/normalizer.yml b/k8s/mainflux/normalizer.yml
@@ -1,11 +1,42 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: normalizer
+  labels:
+    component: normalizer
+spec:
+  selector:
+    component: normalizer
+  ports:
+  - port: 8184
+    name: http
+---
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: normalizer
+  namespace: grpc-services
+spec:
+  scaleTargetRef:
+    apiVersion: extensions/v1beta1
+    kind: Deployment
+    name: normalizer
+  minReplicas: 3
+  maxReplicas: 10
+  metrics:
+  - type: Resource
+    resource:
+      name: cpu
+      targetAverageUtilization: 80
+---
 apiVersion: apps/v1beta1
 kind: Deployment
 metadata:
   name: normalizer
   labels:
     component: normalizer
 spec:
-  replicas: 3
   template:
     metadata:
       labels:
@@ -17,19 +48,12 @@ spec:
         imagePullPolicy: Always
         env:
         - name: MF_NATS_URL
-          value: "nats://nats:4222"
+          value: "nats://nats-cluster.nats-io:4222"
         - name: MF_NORMALIZER_PORT
           value: "8184"
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: normalizer
-  labels:
-    component: normalizer
-spec:
-  selector:
-    component: normalizer
-  ports:
-  - port: 8184
-  clusterIP: None
+        livenessProbe:
+          httpGet:
+            path: /version
+            port: 8184
+          initialDelaySeconds: 3
+          periodSeconds: 3
diff --git a/k8s/mainflux/tcp-services.yml b/k8s/mainflux/tcp-services.yml
@@ -0,0 +1,8 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: tcp-services
+  namespace: ingress-nginx
+data:
+  1883: "grpc-services/mqtt-adapter:1883"