From 0149a02e4cdb828d303eda85a272449aa1ab7198 Mon Sep 17 00:00:00 2001 From: Vegard Hagen Date: Sat, 4 Jan 2025 21:33:20 +0100 Subject: [PATCH] feat(netbird): replace dashboard helm chart with plain manifests imho the chart doesn't add much here --- k8s/infra/vpn/kustomization.yaml | 4 --- k8s/infra/vpn/netbird/agent/daemon-set.yaml | 8 ++--- .../backend/patches/add-relay-config.yaml | 2 +- .../vpn/netbird/dashboard/deployment.yaml | 35 +++++++++++++++++++ .../vpn/netbird/dashboard/kustomization.yaml | 24 ++++++++----- k8s/infra/vpn/netbird/dashboard/svc.yaml | 13 +++++++ k8s/infra/vpn/netbird/dashboard/values.yaml | 16 --------- k8s/infra/vpn/netbird/http-route.yaml | 4 +-- k8s/infra/vpn/netbird/kustomization.yaml | 3 +- k8s/infra/vpn/netbird/relay/deployment.yaml | 9 ++--- k8s/infra/vpn/netbird/relay/svc.yaml | 9 +++-- 11 files changed, 79 insertions(+), 48 deletions(-) create mode 100644 k8s/infra/vpn/netbird/dashboard/deployment.yaml create mode 100644 k8s/infra/vpn/netbird/dashboard/svc.yaml delete mode 100644 k8s/infra/vpn/netbird/dashboard/values.yaml diff --git a/k8s/infra/vpn/kustomization.yaml b/k8s/infra/vpn/kustomization.yaml index 3a4ad68..4a274ef 100644 --- a/k8s/infra/vpn/kustomization.yaml +++ b/k8s/infra/vpn/kustomization.yaml @@ -1,9 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -metadata: - labels: - dev.stonegarden: vpn - app.kubernetes.io/managed-by: argocd resources: - project.yaml diff --git a/k8s/infra/vpn/netbird/agent/daemon-set.yaml b/k8s/infra/vpn/netbird/agent/daemon-set.yaml index 5b6501d..a0d6724 100644 --- a/k8s/infra/vpn/netbird/agent/daemon-set.yaml +++ b/k8s/infra/vpn/netbird/agent/daemon-set.yaml @@ -1,22 +1,22 @@ apiVersion: apps/v1 kind: DaemonSet metadata: - name: netbird-agent + name: agent namespace: netbird spec: selector: matchLabels: - app: netbird + app: agent template: metadata: labels: - app: netbird + app: agent spec: securityContext: seccompProfile: type: RuntimeDefault containers: - - name: netbird + - name: agent image: docker.io/netbirdio/netbird:0.35.2 # renovate: docker=docker.io/netbirdio/netbird imagePullPolicy: IfNotPresent securityContext: diff --git a/k8s/infra/vpn/netbird/backend/patches/add-relay-config.yaml b/k8s/infra/vpn/netbird/backend/patches/add-relay-config.yaml index 68f6a34..2c23f63 100644 --- a/k8s/infra/vpn/netbird/backend/patches/add-relay-config.yaml +++ b/k8s/infra/vpn/netbird/backend/patches/add-relay-config.yaml @@ -63,7 +63,7 @@ data: "Domain": "${NETBIRD_AUTH_DEVICE_AUTH_AUTHORITY}", "TokenEndpoint": "${NETBIRD_AUTH_DEVICE_AUTH_TOKEN_ENDPOINT}", "Scope": "${NETBIRD_AUTH_DEVICE_AUTH_SCOPE}", - "UseIDToken": ${NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN:-false} + "UseIDToken": "${NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN:-false}" } }, "Relay": { diff --git a/k8s/infra/vpn/netbird/dashboard/deployment.yaml b/k8s/infra/vpn/netbird/dashboard/deployment.yaml new file mode 100644 index 0000000..a80afc3 --- /dev/null +++ b/k8s/infra/vpn/netbird/dashboard/deployment.yaml @@ -0,0 +1,35 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dashboard + namespace: netbird +spec: + selector: + matchLabels: + app.kubernetes.io/name: dashboard + template: + metadata: + labels: + app.kubernetes.io/name: dashboard + spec: + containers: + - name: dashboard + image: docker.io/netbirdio/dashboard:v2.8.2 # renovate: docker=docker.io/netbirdio/dashboard + envFrom: + - configMapRef: + name: dashboard-config + ports: + - name: http + containerPort: 80 + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + resources: + requests: + memory: 32Mi + cpu: 10m + limits: + memory: 128Mi + cpu: 2000m \ No newline at end of file diff --git a/k8s/infra/vpn/netbird/dashboard/kustomization.yaml b/k8s/infra/vpn/netbird/dashboard/kustomization.yaml index f83e3ca..c70d50c 100644 --- a/k8s/infra/vpn/netbird/dashboard/kustomization.yaml +++ b/k8s/infra/vpn/netbird/dashboard/kustomization.yaml @@ -1,15 +1,21 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: netbird + +configMapGenerator: + - name: dashboard-config + namespace: netbird + literals: + # variables: https://github.com/netbirdio/dashboard/blob/main/config.json + - AUTH_AUDIENCE="netbird-dashboard" + - AUTH_AUTHORITY="https://keycloak.stonegarden.dev/realms/homelab" + - AUTH_CLIENT_ID="netbird-dashboard" + - AUTH_SUPPORTED_SCOPES="openid profile email offline_access netbird-api" + - USE_AUTH0="false" + - NETBIRD_MGMT_API_ENDPOINT="https://netbird.stonegarden.dev" + - NETBIRD_MGMT_GRPC_API_ENDPOINT="https://netbird.stonegarden.dev" resources: + - deployment.yaml + - svc.yaml - x-oidc-client.yaml - oidc-scopes.yaml - -helmCharts: - - name: netbird-dashboard - repo: https://charts.jaconi.io - releaseName: netbird-dashboard - namespace: netbird - version: 1.0.0 - valuesFile: values.yaml diff --git a/k8s/infra/vpn/netbird/dashboard/svc.yaml b/k8s/infra/vpn/netbird/dashboard/svc.yaml new file mode 100644 index 0000000..b52b456 --- /dev/null +++ b/k8s/infra/vpn/netbird/dashboard/svc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: dashboard + namespace: netbird +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: dashboard + ports: + - name: http + port: 80 + targetPort: http diff --git a/k8s/infra/vpn/netbird/dashboard/values.yaml b/k8s/infra/vpn/netbird/dashboard/values.yaml deleted file mode 100644 index f0f102d..0000000 --- a/k8s/infra/vpn/netbird/dashboard/values.yaml +++ /dev/null @@ -1,16 +0,0 @@ -image: - tag: v2.8.2 # renovate: docker=docker.io/netbirdio/dashboard - -auth: - authority: https://keycloak.stonegarden.dev/realms/homelab - audience: netbird-dashboard - clientID: netbird-dashboard - supportedScopes: openid profile email offline_access netbird-api - userIDClaim: sub - -netbird: - managementApiEndpoint: https://netbird.stonegarden.dev - managementGrpcApiEndpoint: https://netbird.stonegarden.dev - -ingress: - enabled: false diff --git a/k8s/infra/vpn/netbird/http-route.yaml b/k8s/infra/vpn/netbird/http-route.yaml index fe9bd25..e48d182 100644 --- a/k8s/infra/vpn/netbird/http-route.yaml +++ b/k8s/infra/vpn/netbird/http-route.yaml @@ -13,14 +13,14 @@ spec: - "netbird.stonegarden.dev" rules: - backendRefs: - - name: netbird-dashboard + - name: dashboard port: 80 matches: - path: type: PathPrefix value: / - backendRefs: - - name: netbird-relay + - name: relay port: 80 matches: - path: diff --git a/k8s/infra/vpn/netbird/kustomization.yaml b/k8s/infra/vpn/netbird/kustomization.yaml index 6ce285b..fdbbdcb 100644 --- a/k8s/infra/vpn/netbird/kustomization.yaml +++ b/k8s/infra/vpn/netbird/kustomization.yaml @@ -1,6 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -namespace: netbird +#commonLabels: +# - app.kubernetes.io/part-of: netbird resources: - ns.yaml diff --git a/k8s/infra/vpn/netbird/relay/deployment.yaml b/k8s/infra/vpn/netbird/relay/deployment.yaml index e7a2b00..fdabca4 100644 --- a/k8s/infra/vpn/netbird/relay/deployment.yaml +++ b/k8s/infra/vpn/netbird/relay/deployment.yaml @@ -1,19 +1,16 @@ apiVersion: apps/v1 kind: Deployment metadata: - labels: - app.kubernetes.io/name: netbird-relay - name: netbird-relay + name: relay namespace: netbird spec: selector: matchLabels: - app.kubernetes.io/name: netbird-relay + app.kubernetes.io/name: relay template: metadata: labels: - app.kubernetes.io/instance: netbird-relay - app.kubernetes.io/name: netbird-relay + app.kubernetes.io/name: relay spec: containers: - image: netbirdio/relay:0.35.2 # renovate: docker=netbirdio/relay diff --git a/k8s/infra/vpn/netbird/relay/svc.yaml b/k8s/infra/vpn/netbird/relay/svc.yaml index 72bece6..6f06f4e 100644 --- a/k8s/infra/vpn/netbird/relay/svc.yaml +++ b/k8s/infra/vpn/netbird/relay/svc.yaml @@ -1,16 +1,15 @@ apiVersion: v1 kind: Service metadata: - name: netbird-relay + name: relay namespace: netbird labels: - app.kubernetes.io/name: netbird-relay + app.kubernetes.io/name: relay spec: type: ClusterIP selector: - app.kubernetes.io/name: netbird-relay + app.kubernetes.io/name: relay ports: - name: relay port: 80 - protocol: TCP - targetPort: 80 + targetPort: relay