updated

kubesphere/ks-console-ingress.yml

@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: kubesphere-dashboard-ingress
+  namespace: kubesphere-system
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+spec:
+  ingressClassName: "nginx"
+  rules:
+  - host: dashboard.helm.uz
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: ks-console
+            port:
+              number: 80
+  tls:
+  - hosts:
+    - dashboard.helm.uz
+    secretName: ks-console-tls

kubesphere/prod-cluster.yaml

@@ -0,0 +1,187 @@
+apiVersion: kubekey.kubesphere.io/v1alpha2
+kind: Cluster
+metadata:
+  name: devops-journey
+spec:
+  hosts:
+  - {name: master, address: 10.128.0.17, internalAddress: 10.128.0.17, user: root, privateKeyPath: "~/.ssh/id_rsa"}
+  - {name: node1, address: 10.128.0.18, internalAddress: 10.128.0.18, user: root, privateKeyPath: "~/.ssh/id_rsa"}
+  - {name: node2, address: 10.128.0.19, internalAddress: 10.128.0.19, user: root, privateKeyPath: "~/.ssh/id_rsa"}
+  - {name: node3, address: 10.128.0.21, internalAddress: 10.128.0.21, user: root, privateKeyPath: "~/.ssh/id_rsa"}
+  roleGroups:
+    etcd:
+    - master
+    control-plane: 
+    - master
+    worker:
+    - node1
+    - node2
+    - node3
+  controlPlaneEndpoint:
+    domain: lb.kubesphere.local
+    address: ""
+    port: 6443
+  kubernetes:
+    version: v1.24.0
+    clusterName: cluster.local
+    autoRenewCerts: true
+    containerManager: containerd
+  etcd:
+    type: kubekey
+  network:
+    plugin: calico
+    kubePodsCIDR: 10.233.64.0/16
+    kubeServiceCIDR: 10.233.0.0/12
+    multusCNI:
+      enabled: true
+  registry:
+    privateRegistry: ""
+    namespaceOverride: ""
+    registryMirrors: []
+    insecureRegistries: []
+  addons: []
+
+---
+
+apiVersion: installer.kubesphere.io/v1alpha1
+kind: ClusterConfiguration
+metadata:
+  name: ks-installer
+  namespace: kubesphere-system
+  labels:
+    version: v3.3.0
+spec:
+  persistence:
+    storageClass: ""
+  authentication:
+    jwtSecret: ""
+  zone: ""
+  local_registry: ""
+  namespace_override: ""
+  etcd:
+    monitoring: true
+    endpointIps: localhost
+    port: 2379
+    tlsEnable: true
+  common:
+    core:
+      console:
+        enableMultiLogin: true
+        port: 30880
+        type: NodePort
+    redis:
+      enabled: true
+      volumeSize: 4Gi
+    openldap:
+      enabled: true
+      volumeSize: 3Gi
+    minio:
+      volumeSize: 25Gi
+    monitoring:
+      endpoint: http://prometheus-operated.kubesphere-monitoring-system.svc:9090
+      GPUMonitoring:
+        enabled: true
+    gpu:
+      kinds:
+      - resourceName: "nvidia.com/gpu"
+        resourceType: "GPU"
+        default: true
+      - resourceName: "amd.com/gpu"
+        resourceType: "GPU"
+
+    es:
+      elasticsearchMasterReplicas: 1   # The total number of master nodes. Even numbers are not allowed.
+      elasticsearchDataReplicas: 1     # The total number of data nodes.
+      elasticsearchMasterVolumeSize: 6Gi   # The volume size of Elasticsearch master nodes.
+      elasticsearchDataVolumeSize: 25Gi
+      logMaxAge: 7
+      elkPrefix: logstash 
+      basicAuth:
+        enabled: true
+        username: "admin"
+        password: "L23uscxn1239"
+      tls:
+        enabled: true
+      monitoring:
+        enabled: true
+      kibana:
+        enabled: true
+  alerting:
+    enabled: true
+  auditing:
+    enabled: true
+  devops:
+    enabled: true
+    jenkinsMemoryLim: 2Gi
+    jenkinsMemoryReq: 1500Mi
+    jenkinsVolumeSize: 8Gi
+    jenkinsJavaOpts_Xms: 1200m
+    jenkinsJavaOpts_Xmx: 1600m
+    jenkinsJavaOpts_MaxRAM: 2g
+  events:
+    enabled: true
+  logging:
+    enabled: true
+    containerruntime: containerd 
+    logsidecar:
+      enabled: true
+      replicas: 2
+  metrics_server:
+    enabled: true
+  monitoring:
+    storageClass: ""
+    node_exporter:
+      port: 9100
+    gpu:
+      nvidia_dcgm_exporter:
+        enabled: true
+  multicluster:
+    clusterRole: host # Agar bu klaster asosiy bo'lsa, "host" deb belgilang
+    monitoring:
+      enabled: true
+      aggregation: true # Ko'p klasterlardan monitoring ma'lumotlarini yig'ish
+  network:
+    networkpolicy:
+      enabled: true
+    ippool:
+      type: calico
+    topology:
+      type: weave-scope
+  openpitrix:
+    store:
+      enabled: true
+  servicemesh:
+    enabled: true
+    istio:
+      components:
+        ingressGateways:
+        - name: istio-ingressgateway
+          enabled: true
+        egressGateways:
+        - name: istio-egressgateway
+          enabled: true
+        cni:
+          enabled: true
+        telementry:
+          enabled: true
+        tracing:
+          enabled: true
+        kiali:
+          enabled: true
+  edgeruntime:
+    enabled: false
+    kubeedge:
+      enabled: false
+      cloudCore:
+        cloudHub:
+          advertiseAddress:
+            - ""
+        service:
+          cloudhubNodePort: "30000"
+          cloudhubQuicNodePort: "30001"
+          cloudhubHttpsNodePort: "30002"
+          cloudstreamNodePort: "30003"
+          tunnelNodePort: "30004"
+        hostNetWork: true
+  terminal:
+    timeout: 600