-
Notifications
You must be signed in to change notification settings - Fork 49
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
29 changed files
with
5,918 additions
and
1,200 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
/charts | ||
/values.access.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
/deploy.sh | ||
/values.access.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
dependencies: | ||
- name: oauth2-proxy | ||
repository: https://oauth2-proxy.github.io/manifests | ||
version: 7.5.4 | ||
- name: kubernetes-dashboard | ||
repository: https://kubernetes.github.io/dashboard/ | ||
version: 7.4.0 | ||
- name: oauth2-proxy | ||
repository: https://oauth2-proxy.github.io/manifests | ||
version: 7.5.4 | ||
digest: sha256:37a86e8b0854b6090b21099d03ab45bdb2d850025d9c3ef9183987ff62ca6ba9 | ||
generated: "2024-05-16T20:32:46.083755883Z" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
apiVersion: v2 | ||
name: ecamp3-logging | ||
description: Helm chart for deploying ops-dashboard cluster | ||
home: https://github.com/ecamp/ecamp3 | ||
|
||
# A chart can be either an 'application' or a 'library' chart. | ||
# | ||
# Application charts are a collection of templates that can be packaged into versioned archives | ||
# to be deployed. | ||
# | ||
# Library charts provide useful utilities or functions for the chart developer. They're included as | ||
# a dependency of application charts to inject those utilities and functions into the rendering | ||
# pipeline. Library charts do not define any templates and therefore cannot be deployed. | ||
type: application | ||
|
||
# This is the chart version. This version number should be incremented each time you make changes | ||
# to the chart and its templates, including the app version. | ||
# Versions are expected to follow Semantic Versioning (https://semver.org/) | ||
version: 0.1.0 | ||
|
||
# This is the version number of the application being deployed. This version number should be | ||
# incremented each time you make changes to the application. Versions are not expected to | ||
# follow Semantic Versioning. They should reflect the version the application is using. | ||
appVersion: 0.1.0 | ||
|
||
dependencies: | ||
- name: oauth2-proxy | ||
alias: grafana-proxy | ||
version: 7.5.4 | ||
repository: https://oauth2-proxy.github.io/manifests | ||
- name: kubernetes-dashboard | ||
version: 7.4.0 | ||
repository: https://kubernetes.github.io/dashboard/ | ||
- name: oauth2-proxy | ||
alias: kubernetes-dashboard-proxy | ||
version: 7.5.4 | ||
repository: https://oauth2-proxy.github.io/manifests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# ops-dashboard | ||
|
||
This is a helm chart to deploy an oauth2-proxy and a homer dashboard. | ||
Then the ecamp3-developers can use their github login | ||
to see our applications like graphana, kibana, kubernetes-dashboard... | ||
|
||
## Prerequisites | ||
|
||
You need the oauth2-proxy helm chart: | ||
|
||
```shell | ||
helm repo add oauth2-proxy https://oauth2-proxy.github.io/manifests | ||
helm repo update | ||
``` | ||
|
||
You also need the kubernetes-dashboard helm chart: | ||
|
||
```shell | ||
helm repo add kubernetes-dashboard https://kubernetes.github.io/dashboard/ | ||
helm repo update | ||
``` | ||
|
||
## Deployment | ||
|
||
First, make sure you don't overwrite the configuration currently applied: | ||
|
||
```shell | ||
helm get values ops-dashboard | ||
``` | ||
|
||
Fill in the values for values.access.yaml according to demo.values.access.yaml | ||
|
||
```shell | ||
cp demo.values.access.yaml values.access.yaml | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
grafana-proxy: | ||
ingress: | ||
hosts: | ||
# dev, stage or prod grafana url | ||
- dev-grafana.ecamp3.ch | ||
extraArgs: | ||
# dev, stage or prod grafana url | ||
whitelist-domain: dev-grafana.ecamp3.ch | ||
config: | ||
# OAuth client ID | ||
clientID: "" | ||
# OAuth client secret | ||
clientSecret: "" | ||
# Create a new secret with the following command | ||
# openssl rand -base64 32 | head -c 32 | base64 | ||
cookieSecret: "" | ||
kubernetes-dashboard-proxy: | ||
ingress: | ||
hosts: | ||
# dev, stage or prod kubernetes-dashboard url | ||
- dev-kubernetes-dashboard.ecamp3.ch | ||
extraArgs: | ||
# dev, stage or prod kubernetes-dashboard url | ||
whitelist-domain: dev-kubernetes-dashboard.ecamp3.ch | ||
config: | ||
# OAuth client ID | ||
clientID: "" | ||
# OAuth client secret | ||
clientSecret: "" | ||
# use the same cookieSecret as above | ||
cookieSecret: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
|
||
SCRIPT_DIR=$(realpath "$(dirname "$0")") | ||
cd $SCRIPT_DIR | ||
|
||
# to debug: --dry-run --debug | ||
helm dep build && helm upgrade --install ops-dashboard --namespace=ops-dashboard --create-namespace $SCRIPT_DIR --values $SCRIPT_DIR/values.yaml --values $SCRIPT_DIR/values.access.yaml |
13 changes: 13 additions & 0 deletions
13
.ops/ops-dashboard/templates/kubernetes_dashboard_cluster_admin_cluster_role_binding.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
apiVersion: rbac.authorization.k8s.io/v1 | ||
kind: ClusterRoleBinding | ||
metadata: | ||
name: kubernetes-dashboard-admin-user | ||
namespace: {{ .Release.Namespace }} | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: ClusterRole | ||
name: cluster-admin | ||
subjects: | ||
- kind: ServiceAccount | ||
name: kubernetes-dashboard-admin-user | ||
namespace: {{ .Release.Namespace }} |
5 changes: 5 additions & 0 deletions
5
.ops/ops-dashboard/templates/kubernetes_dashboard_cluster_admin_user.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
apiVersion: v1 | ||
kind: ServiceAccount | ||
metadata: | ||
name: kubernetes-dashboard-admin-user | ||
namespace: {{ .Release.Namespace }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
grafana-proxy: | ||
ingress: | ||
enabled: true | ||
className: nginx | ||
extraArgs: | ||
provider: github | ||
github-org: ecamp | ||
upstream: http://kube-prometheus-stack-grafana.kube-prometheus-stack.svc.cluster.local:80 | ||
kubernetes-dashboard-proxy: | ||
ingress: | ||
enabled: true | ||
className: nginx | ||
extraArgs: | ||
provider: github | ||
github-org: ecamp | ||
upstream: https://ops-dashboard-kong-proxy.ops-dashboard.svc.cluster.local | ||
ssl-upstream-insecure-skip-verify: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.