This is an automated email from the ASF dual-hosted git repository.
csantanapr pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git
The following commit(s) were added to refs/heads/master by this push:
new 46580db Final removal of non-Helm based deployment (#239)
46580db is described below
commit 46580dba4f0b0d64e809fd09d9c003b17b8620d9
Author: David Grove <[email protected]>
AuthorDate: Tue Jul 3 09:34:39 2018 -0400
Final removal of non-Helm based deployment (#239)
Helm-based deployment has strictly more capabilities than the non-Helm
based configuration files. We already stopped testing the non-Helm
deployment and it has now become out-of-date with the upstream code
base. Therefore it is time to remove the old style files to reduce
maintenance costs and avoid user confusion.
---
kubernetes/README.md | 82 --------
kubernetes/apigateway/README.md | 29 ---
kubernetes/apigateway/apigateway.yml | 94 ---------
kubernetes/cluster-setup/README.md | 102 ---------
kubernetes/cluster-setup/auth.guest | 1 -
kubernetes/cluster-setup/auth.whisk.system | 1 -
kubernetes/cluster-setup/config.env | 5 -
kubernetes/cluster-setup/limits.env | 5 -
kubernetes/cluster-setup/namespace.yml | 9 -
kubernetes/cluster-setup/persistent-volumes.yml | 167 ---------------
.../cluster-setup/runtimes-minimal-travis.json | 38 ----
kubernetes/cluster-setup/runtimes.json | 127 -----------
kubernetes/cluster-setup/services.yml | 102 ---------
kubernetes/controller/README.md | 58 -----
kubernetes/controller/controller.env | 2 -
kubernetes/controller/controller.yml | 233 ---------------------
kubernetes/couchdb/README.md | 77 -------
kubernetes/couchdb/couchdb.yml | 143 -------------
kubernetes/ingress/README.md | 179 ----------------
kubernetes/ingress/ingress-ibm.yml | 27 ---
kubernetes/ingress/ingress-simple.yml | 15 --
kubernetes/invoker/README.md | 141 -------------
kubernetes/invoker/invoker-agent.yml | 107 ----------
kubernetes/invoker/invoker-dcf.env | 9 -
kubernetes/invoker/invoker-dcf.yml | 206 ------------------
kubernetes/invoker/invoker-k8scf.env | 9 -
kubernetes/invoker/invoker-k8scf.yml | 211 -------------------
kubernetes/kafka/README.md | 53 -----
kubernetes/kafka/kafka.yml | 124 -----------
kubernetes/loadtest/README.md | 43 ----
kubernetes/loadtest/loadtest-latency-internal.yml | 60 ------
kubernetes/loadtest/loadtest-latency.yml | 57 -----
kubernetes/loadtest/loadtest-throughput.yml | 61 ------
kubernetes/nginx/README.md | 126 -----------
kubernetes/nginx/certs.sh | 18 --
kubernetes/nginx/nginx.conf | 99 ---------
kubernetes/nginx/nginx.yml | 81 -------
kubernetes/openwhisk-catalog/README.md | 33 ---
kubernetes/openwhisk-catalog/install-catalog.yml | 34 ---
kubernetes/package-kafka/README.md | 64 ------
kubernetes/package-kafka/kafkapkginstaller.yml | 57 -----
kubernetes/package-kafka/kafkaprovider.yml | 57 -----
kubernetes/routemgmt/README.md | 32 ---
kubernetes/routemgmt/install-routemgmt.yml | 42 ----
kubernetes/zookeeper/README.md | 29 ---
kubernetes/zookeeper/zookeeper.yml | 109 ----------
46 files changed, 3358 deletions(-)
diff --git a/kubernetes/README.md b/kubernetes/README.md
deleted file mode 100644
index 4b5b355..0000000
--- a/kubernetes/README.md
+++ /dev/null
@@ -1,82 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-# Manual deployment of OpenWhisk on Kubernetes
-
-This file documents the pre-Helm procedures for deploying OpenWhisk on
-Kubernetes. We no longer recommend using this process, but there are
-still a few configuration wrinkles that have not yet been ported to the
-Helm chart.
-
-## Initial Cluster Configuration
-
-* Follow the steps for initial [Cluster Setup](cluster-setup)
-* Configure your [Ingresses](ingress), including configuring the wsk CLI.
-
-## Configure or Deploy CouchDB
-
-Do one of the following:
-* For development and testing purposes, this repo includes a configuration
- for deploying a [non-replicated CouchDB instance](couchdb)
- within the Kubernetes cluster.
-* For a production level CouchDB instance, take a look at the main
- OpenWhisk [documentation for configuring
CouchDB](https://github.com/apache/incubator-openwhisk/blob/master/tools/db/README.md).
- You will need to define the db.auth secret and db.config configmap as
described in the [CouchDB README.md](couchdb/README.md)
- to match your database deployment and create a CouchDB service instance
- that forwards connections to your external database.
-
-## Deploy Remaining Components
-
-To deploy OpenWhisk on Kubernetes, you must deploy its components in
-an order that respects their dependencies. Detailed instructions and
-the supporting configuration files can be found in the kubernetes
-directory tree. Follow the instructions for each step in order.
-
-* Deploy [ApiGateway](apigateway)
-* Deploy [Zookeeper](zookeeper)
-* Deploy [Kafka](kafka)
-* Deploy [Controller](controller)
-* Deploy [Invoker](invoker)
-* Deploy [Nginx](nginx)
-
-## Install system actions and the openwhisk catalog
-
-* Install [RouteMgmt](routemgmt)
-* Install [Package Catalog](openwhisk-catalog)
-
-## Verify
-
-Your OpenWhisk installation should now be usable. You can test it by following
-[these
instructions](https://github.com/apache/incubator-openwhisk/blob/master/docs/actions.md)
-to define and invoke a sample OpenWhisk action in your favorite programming
language.
-
-Note: if you installed self-signed certificates when you configured Nginx, you
will need to use `wsk -i` to suppress certificate checking. This works around
`cannot validate certificate` errors from the `wsk` CLI.
-
-# Cleanup
-
-At some point there might be a need to cleanup the Kubernetes environment.
-For this, we want to delete all the OpenWhisk deployments, services, jobs
-and whatever else might be there. This is easily accomplished by
-deleting the `openwhisk` namespace and all persistent volumes labeled with
-pv-owner=openwhisk:
-
-```
-kubectl delete namespace openwhisk
-kubectl delete persistentvolume -lpv-owner=openwhisk
-```
diff --git a/kubernetes/apigateway/README.md b/kubernetes/apigateway/README.md
deleted file mode 100644
index 0cedf24..0000000
--- a/kubernetes/apigateway/README.md
+++ /dev/null
@@ -1,29 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-ApiGateway
------
-
-# Deploying
-
-To deploy the ApiGateway, you only need to run the following command:
-
-```
-kubectl apply -f apigateway.yml
-```
diff --git a/kubernetes/apigateway/apigateway.yml
b/kubernetes/apigateway/apigateway.yml
deleted file mode 100644
index b746759..0000000
--- a/kubernetes/apigateway/apigateway.yml
+++ /dev/null
@@ -1,94 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: apigateway
- namespace: openwhisk
- labels:
- name: apigateway
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: apigateway
- spec:
- restartPolicy: Always
-
- affinity:
- # prefer to not run on an invoker node (only prefer because of single
node clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- # prefer to run on a control-plane node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - control-plane
- # do not allow more than 1 apigateway instance to run on a node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - apigateway
- topologyKey: "kubernetes.io/hostname"
- volumes:
- - name: redis-data
- persistentVolumeClaim:
- claimName: pv-apigateway-01
- initContainers:
- - name: redis-init
- image: busybox
- command:
- - chown
- - -v
- - -R
- - 999:999
- - /data
- volumeMounts:
- - mountPath: /data
- name: redis-data
- readOnly: false
- containers:
- - name: redis
- imagePullPolicy: IfNotPresent
- image: redis:3.2
- volumeMounts:
- - mountPath: /data
- name: redis-data
- readOnly: false
- - name: apigateway
- imagePullPolicy: Always
- image: openwhisk/apigateway
- ports:
- - name: mgmt
- containerPort: 8080
- - name: api
- containerPort: 9000
- env:
- - name: "REDIS_HOST"
- value: "127.0.0.1"
- - name: "REDIS_PORT"
- value: "6379"
- - name: "PUBLIC_GATEWAY_URL"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: apigw_url
diff --git a/kubernetes/cluster-setup/README.md
b/kubernetes/cluster-setup/README.md
deleted file mode 100644
index fb3a730..0000000
--- a/kubernetes/cluster-setup/README.md
+++ /dev/null
@@ -1,102 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Cluster Setup
--------------
-
-Before deploying the components of OpenWhisk to a Kubernetes cluster,
-some initial configuration must be done to create a namespace
-and authorization secrets that are used by the deployments and
-services that make up OpenWhisk.
-
-Perform the following steps to prepare your cluster for OpenWhisk.
-
-### Create the openwhisk namespace
-
-```
-kubectl apply -f namespace.yml
-```
-
-### Create services
-
-```
-kubectl apply -f services.yml
-```
-
-### Configure system-wide version information and settings
-
-Edit config.env as needed to set the appropriate values for your
-deployment, then create the configmap whisk.config:
-
-```
-kubectl -n openwhisk create cm whisk.config --from-env-file=config.env
-```
-
-### Configure the set of supported runtimes
-
-The file runtimes.json describes the supported action runtimes for
-this installation of OpenWhisk. The default file is identical to the
-one found in the upstream ansible/files/runtime.json. After making
-any desired changes, install it in a configmap with
-
-```
-kubectl -n openwhisk create cm whisk.runtimes
--from-file=runtimes=runtimes.json
-```
-
-### Configure limits for actions and triggers
-
-Edit limits.env as needed to set the appropriate values for your
-deployment, then create the configmap whisk.limits:
-
-```
-kubectl -n openwhisk create cm whisk.limits --from-env-file=limits.env
-```
-
-### Create authorization secrets
-
-The command below installs the default guest and system authorization
-credentials from the upstream open source project. In production
-deployments, you should obviously use private credentials to create
-these secrets. The whisk.auth secret is used in subsequent deployment
-steps to authorize pods to install actions and packages into the
-deployed OpenWhisk. If it is not defined those steps will fail.
-
-```
-kubectl -n openwhisk create secret generic whisk.auth
--from-file=system=auth.whisk.system --from-file=guest=auth.guest
-
-```
-
-### Create persistent volumes
-
-Several of the OpenWhisk implementation components you will deploy in
-subsequent steps require persistent storage to maintain their state
-across crashes and restarts. The general mechanism in Kubernetes for
-specifying storage needs and binding available storage to pods is
-to match Persistent Volumes to Persistent Volume Claims.
-
-The file persistent-volumes.yml file lists the PersistentVolume
-resources you will need to create and defines them in a manner
-appropriate for running OpenWhisk on minikube. If you are not
-deploying on minikube, you may need to edit this file to select
-PersistentVolume types provided by your cloud provider. After
-optionally editing the file, apply it with:
-
-```
-kubectl apply -f persistent-volumes.yml
-```
diff --git a/kubernetes/cluster-setup/auth.guest
b/kubernetes/cluster-setup/auth.guest
deleted file mode 100644
index 3156274..0000000
--- a/kubernetes/cluster-setup/auth.guest
+++ /dev/null
@@ -1 +0,0 @@
-23bc46b1-71f6-4ed5-8c54-816aa4f8c502:123zO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwP
diff --git a/kubernetes/cluster-setup/auth.whisk.system
b/kubernetes/cluster-setup/auth.whisk.system
deleted file mode 100644
index e44545b..0000000
--- a/kubernetes/cluster-setup/auth.whisk.system
+++ /dev/null
@@ -1 +0,0 @@
-789c46b1-71f6-4ed5-8c54-816aa4f8c502:abczO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwP
diff --git a/kubernetes/cluster-setup/config.env
b/kubernetes/cluster-setup/config.env
deleted file mode 100644
index 1de7a56..0000000
--- a/kubernetes/cluster-setup/config.env
+++ /dev/null
@@ -1,5 +0,0 @@
-whisk_version_name=OpenWhisk
-whisk_version_date=2018-01-01T00:00:00Z
-whisk_version_tag=latest
-whisk_cli_version_tag=latest
-whisk_system_namespace=/whisk.system
diff --git a/kubernetes/cluster-setup/limits.env
b/kubernetes/cluster-setup/limits.env
deleted file mode 100644
index 87f319f..0000000
--- a/kubernetes/cluster-setup/limits.env
+++ /dev/null
@@ -1,5 +0,0 @@
-actions_invokes_perMinute=60
-actions_invokes_concurrent=30
-actions_invokes_concurrentInSystem=5000
-actions_sequence_maxLength=50
-triggers_fires_perMinute=60
diff --git a/kubernetes/cluster-setup/namespace.yml
b/kubernetes/cluster-setup/namespace.yml
deleted file mode 100644
index 75dfb80..0000000
--- a/kubernetes/cluster-setup/namespace.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-kind: Namespace
-apiVersion: v1
-metadata:
- name: openwhisk
- labels:
- name: openwhisk
diff --git a/kubernetes/cluster-setup/persistent-volumes.yml
b/kubernetes/cluster-setup/persistent-volumes.yml
deleted file mode 100644
index 16fe723..0000000
--- a/kubernetes/cluster-setup/persistent-volumes.yml
+++ /dev/null
@@ -1,167 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: pv-apigateway-01
- labels:
- pv-owner: openwhisk
- pv-usage: pv-apigateway
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- capacity:
- storage: 1Gi
- hostPath:
- path: /data/pv-apigateway-01/
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: pv-apigateway-01
- namespace: openwhisk
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 1Gi
- selector:
- matchLabels:
- pv-usage: pv-apigateway
-
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: pv-couchdb-01
- labels:
- pv-owner: openwhisk
- pv-usage: pv-couchdb
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- capacity:
- storage: 2Gi
- hostPath:
- path: /data/pv-couchdb-01/
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: pv-couchdb-01
- namespace: openwhisk
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 2Gi
- selector:
- matchLabels:
- pv-usage: pv-couchdb
-
-
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: pv-kafka-01
- labels:
- pv-owner: openwhisk
- pv-usage: pv-kafka
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- capacity:
- storage: 2Gi
- hostPath:
- path: /data/pv-kafka-01/
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: pv-kafka-01
- namespace: openwhisk
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 2Gi
- selector:
- matchLabels:
- pv-usage: pv-kafka
-
-
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: pv-zookeeper-data-01
- labels:
- pv-owner: openwhisk
- pv-usage: pv-zookeeper-data
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- capacity:
- storage: 1Gi
- hostPath:
- path: /data/pv-zookeeper-01/
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: pv-zookeeper-data-01
- namespace: openwhisk
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 1Gi
- selector:
- matchLabels:
- pv-usage: pv-zookeeper-data
----
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: pv-zookeeper-datalog-01
- labels:
- pv-owner: openwhisk
- pv-usage: pv-zookeeper-datalog
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- capacity:
- storage: 1Gi
- hostPath:
- path: /data/pv-zookeeper-01/
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: pv-zookeeper-datalog-01
- namespace: openwhisk
-spec:
- storageClassName: manual
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 1Gi
- selector:
- matchLabels:
- pv-usage: pv-zookeeper-datalog
diff --git a/kubernetes/cluster-setup/runtimes-minimal-travis.json
b/kubernetes/cluster-setup/runtimes-minimal-travis.json
deleted file mode 100644
index f299044..0000000
--- a/kubernetes/cluster-setup/runtimes-minimal-travis.json
+++ /dev/null
@@ -1,38 +0,0 @@
-{
- "runtimes": {
- "nodejs": [
- {
- "kind": "nodejs:6",
- "default": true,
- "image": {
- "prefix": "openwhisk",
- "name": "nodejs6action",
- "tag": "latest"
- },
- "deprecated": false,
- "stemCells": [{
- "count": 2,
- "memory": "256 MB"
- }]
- }
- ],
- "python": [
- {
- "kind": "python:3",
- "image": {
- "prefix": "openwhisk",
- "name": "python3action",
- "tag": "latest"
- },
- "deprecated": false
- }
- ]
- },
- "blackboxes": [
- {
- "prefix": "openwhisk",
- "name": "dockerskeleton",
- "tag": "latest"
- }
- ]
-}
diff --git a/kubernetes/cluster-setup/runtimes.json
b/kubernetes/cluster-setup/runtimes.json
deleted file mode 100644
index 17b9326..0000000
--- a/kubernetes/cluster-setup/runtimes.json
+++ /dev/null
@@ -1,127 +0,0 @@
-{
- "runtimes": {
- "nodejs": [
- {
- "kind": "nodejs",
- "image": {
- "prefix": "openwhisk",
- "name": "nodejsaction",
- "tag": "latest"
- },
- "deprecated": true
- },
- {
- "kind": "nodejs:6",
- "default": true,
- "image": {
- "prefix": "openwhisk",
- "name": "nodejs6action",
- "tag": "latest"
- },
- "deprecated": false,
- "stemCells": [{
- "count": 2,
- "memory": "256 MB"
- }]
- },
- {
- "kind": "nodejs:8",
- "default": false,
- "image": {
- "prefix": "openwhisk",
- "name": "action-nodejs-v8",
- "tag": "latest"
- },
- "deprecated": false
- }
- ],
- "python": [
- {
- "kind": "python",
- "image": {
- "prefix": "openwhisk",
- "name": "python2action",
- "tag": "latest"
- },
- "deprecated": false
- },
- {
- "kind": "python:2",
- "default": true,
- "image": {
- "prefix": "openwhisk",
- "name": "python2action",
- "tag": "latest"
- },
- "deprecated": false
- },
- {
- "kind": "python:3",
- "image": {
- "prefix": "openwhisk",
- "name": "python3action",
- "tag": "latest"
- },
- "deprecated": false
- }
- ],
- "swift": [
- {
- "kind": "swift:3.1.1",
- "image": {
- "prefix": "openwhisk",
- "name": "action-swift-v3.1.1",
- "tag": "latest"
- },
- "deprecated": false
- },
- {
- "kind": "swift:4.1",
- "default": true,
- "image": {
- "prefix": "openwhisk",
- "name": "action-swift-v4.1",
- "tag": "latest"
- },
- "deprecated": false
- }
- ],
- "java": [
- {
- "kind": "java",
- "default": true,
- "image": {
- "prefix": "openwhisk",
- "name": "java8action",
- "tag": "latest"
- },
- "deprecated": false,
- "attached": {
- "attachmentName": "jarfile",
- "attachmentType": "application/java-archive"
- },
- "sentinelledLogs": false,
- "requireMain": true
- }
- ],
- "php": [
- {
- "kind": "php:7.1",
- "default": true,
- "deprecated": false,
- "image": {
- "prefix": "openwhisk",
- "name": "action-php-v7.1",
- "tag": "latest"
- }
- }
- ]
- },
- "blackboxes": [
- {
- "prefix": "openwhisk",
- "name": "dockerskeleton",
- "tag": "latest"
- }
- ]
-}
diff --git a/kubernetes/cluster-setup/services.yml
b/kubernetes/cluster-setup/services.yml
deleted file mode 100644
index 2d82850..0000000
--- a/kubernetes/cluster-setup/services.yml
+++ /dev/null
@@ -1,102 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-########
-# First define services that are exposed via Ingresses to the outside world
-########
----
-apiVersion: v1
-kind: Service
-metadata:
- name: nginx
- namespace: openwhisk
- labels:
- name: nginx
-spec:
- type: NodePort
- selector:
- name: nginx
- ports:
- - port: 80
- targetPort: 80
- name: http
- - port: 443
- targetPort: 443
- name: https-api
- - port: 8443
- targetPort: 8443
- name: https-admin
----
-apiVersion: v1
-kind: Service
-metadata:
- name: apigateway
- namespace: openwhisk
- labels:
- name: apigateway
-spec:
- type: NodePort
- selector:
- name: apigateway
- ports:
- - port: 8080
- targetPort: 8080
- name: mgmt
- - port: 9000
- targetPort: 9000
- name: api
-
-########
-# Second define internal services used by the OpenWhisk implementation
-########
----
-apiVersion: v1
-kind: Service
-metadata:
- name: controller
- namespace: openwhisk
- labels:
- name: controller
-spec:
- selector:
- name: controller
- ports:
- - port: 8080
- targetPort: 8080
- name: http
----
-apiVersion: v1
-kind: Service
-metadata:
- name: kafka
- namespace: openwhisk
- labels:
- name: kafka
-spec:
- selector:
- name: kafka
- ports:
- - port: 9092
- targetPort: 9092
- name: kafka
----
-apiVersion: v1
-kind: Service
-metadata:
- name: zookeeper
- namespace: openwhisk
- labels:
- name: zookeeper
-spec:
- selector:
- name: zookeeper
- ports:
- - port: 2181
- targetPort: 2181
- name: zookeeper
- - port: 2888
- targetPort: 2888
- name: server
- - port: 3888
- targetPort: 3888
- name: leader-election
diff --git a/kubernetes/controller/README.md b/kubernetes/controller/README.md
deleted file mode 100644
index 56d58d7..0000000
--- a/kubernetes/controller/README.md
+++ /dev/null
@@ -1,58 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Controller
-----------
-
-# Deploying
-
-## Create config map
-
-Edit controller.env as needed to set the appropriate values for your
-deployment, then create the configmap controller.config:
-
-```
-kubectl -n openwhisk create cm controller.config --from-env-file=controller.env
-```
-
-## Deploy Controller
-
-The Controller is deployed as a [StatefulSet][StatefulSet] because
-each instance needs to know which index it is and we need stable pod
-names to support Akka clustering. The Controller can be deployed with:
-
-```
-kubectl apply -f controller.yml
-```
-
-# Controller Deployment Changes
-## Changing the Controller Count
-
-By default, only a single controller is deployed (HA disabled).
-
-Changing the number of controllers and/or enabling HA currently requires a
complete
-redeployment of the controller stateful set. You will need to update
-the number of replicas
-[here](https://github.com/apache/incubator-openwhisk-deploy-kube/tree/master/kubernetes/controller/controller.yml#L10)
-and the values of the various variables for controller HA and Akka
-clustering
-[here](https://github.com/apache/incubator-openwhisk-deploy-kube/tree/master/kubernetes/controller/controller.yml#L30-L39)
-and then redeploy.
-
-[StatefulSet]:
https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/
diff --git a/kubernetes/controller/controller.env
b/kubernetes/controller/controller.env
deleted file mode 100644
index 4f79daa..0000000
--- a/kubernetes/controller/controller.env
+++ /dev/null
@@ -1,2 +0,0 @@
-java_opts=-Xmx2g
-controller_opts=
diff --git a/kubernetes/controller/controller.yml
b/kubernetes/controller/controller.yml
deleted file mode 100644
index 55d4ca2..0000000
--- a/kubernetes/controller/controller.yml
+++ /dev/null
@@ -1,233 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: controller
- namespace: openwhisk
- labels:
- name: controller
-spec:
- replicas: 1
- serviceName: "controller"
- template:
- metadata:
- labels:
- name: controller
- spec:
- restartPolicy: Always
-
- affinity:
- # prefer to not run on an invoker node (only prefer because of single
node clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- # prefer to run on a control-plane node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - control-plane
- # do not allow more than 1 controller instance to run on a node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - controller
- topologyKey: "kubernetes.io/hostname"
-
- containers:
- - name: controller
- imagePullPolicy: Always
- image: openwhisk/controller
- command: ["/bin/bash", "-c", "COMPONENT_NAME=$(hostname | cut -d'-'
-f2) /init.sh `hostname | cut -d'-' -f2`"]
- ports:
- - name: controller
- containerPort: 8080
- env:
- # Properties for controller HA configuration
- # Must change these if changing number of replicas
- - name: "CONTROLLER_LOCALBOOKKEEPING"
- value: "TRUE"
- - name: "CONTROLLER_HA"
- value: "FALSE"
- - name: "CONTROLLER_INSTANCES"
- value: "1"
- - name: "AKKA_CLUSTER_SEED_NODES"
- value: "controller-0.controller.openwhisk"
- - name: "CONFIG_akka_actor_provider"
- value: "cluster"
-
- # extra JVM arguments
- - name: "JAVA_OPTS"
- valueFrom:
- configMapKeyRef:
- name: controller.config
- key: java_opts
-
- # extra controller arguments
- - name: "CONTROLLER_OPTS"
- valueFrom:
- configMapKeyRef:
- name: controller.config
- key: controller_opts
-
- # action runtimes
- - name: "RUNTIMES_MANIFEST"
- valueFrom:
- configMapKeyRef:
- name: whisk.runtimes
- key: runtimes
-
- # deployment version information
- - name: "WHISK_VERSION_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.config
- key: whisk_version_name
- - name: "WHISK_VERSION_DATE"
- valueFrom:
- configMapKeyRef:
- name: whisk.config
- key: whisk_version_date
- - name: "WHISK_VERSION_BUILDNO"
- valueFrom:
- configMapKeyRef:
- name: whisk.config
- key: whisk_version_tag
-
- # specify limits
- - name: "LIMITS_ACTIONS_INVOKES_PERMINUTE"
- valueFrom:
- configMapKeyRef:
- name: whisk.limits
- key: actions_invokes_perMinute
- - name: "LIMITS_ACTIONS_INVOKES_CONCURRENT"
- valueFrom:
- configMapKeyRef:
- name: whisk.limits
- key: actions_invokes_concurrent
- - name: "LIMITS_ACTIONS_INVOKES_CONCURRENTINSYSTEM"
- valueFrom:
- configMapKeyRef:
- name: whisk.limits
- key: actions_invokes_concurrentInSystem
- - name: "LIMITS_TRIGGERS_FIRES_PERMINUTE"
- valueFrom:
- configMapKeyRef:
- name: whisk.limits
- key: triggers_fires_perMinute
- - name: "LIMITS_ACTIONS_SEQUENCE_MAXLENGTH"
- valueFrom:
- configMapKeyRef:
- name: whisk.limits
- key: actions_sequence_maxLength
-
- # properties for Kafka connection
- - name: "KAFKA_HOSTS"
- value: "$(KAFKA_SERVICE_HOST):$(KAFKA_SERVICE_PORT_KAFKA)"
-
- # properties for DB connection
- - name: "CONFIG_whisk_couchdb_username"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_username
- - name: "CONFIG_whisk_couchdb_password"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_password
- - name: "CONFIG_whisk_couchdb_protocol"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_protocol
- - name: "CONFIG_whisk_couchdb_host"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_host
- - name: "CONFIG_whisk_couchdb_port"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_port
- - name: "CONFIG_whisk_couchdb_provider"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_provider
- - name: "CONFIG_whisk_couchdb_databases_WhiskActivation"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_activations
- - name: "CONFIG_whisk_couchdb_databases_WhiskEntity"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_actions
- - name: "CONFIG_whisk_couchdb_databases_WhiskAuth"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_auths
-
- # must match port used in livenessProbe below
- - name: "PORT"
- value: "8080"
-
- livenessProbe:
- httpGet:
- path: "/ping"
- port: 8080
- scheme: "HTTP"
- initialDelaySeconds: 5
- periodSeconds: 10
- timeoutSeconds: 1
-
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: controller-netpol
- namespace: openwhisk
-spec:
- podSelector:
- matchLabels:
- name: controller
- ingress:
- # Allow nginx and any pod with access=controller to connect to controller
- - from:
- - podSelector:
- matchLabels:
- name: nginx
- - podSelector:
- matchLabels:
- access: controller
- ports:
- - port: 8080
- # Controllers can connect to each other
- - from:
- - podSelector:
- matchLabels:
- name: controller
- ports:
- - port: 8080
- - port: 2552
diff --git a/kubernetes/couchdb/README.md b/kubernetes/couchdb/README.md
deleted file mode 100644
index 4885bb2..0000000
--- a/kubernetes/couchdb/README.md
+++ /dev/null
@@ -1,77 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-CouchDB
------
-
-# Deploying
-
-## Create secret and configmap
-
-The db.auth secret and db.config configmap contain authorization and
-configuration information for the CouchDB instance being used for this
-OpenWhisk deployment. The db.auth secret is expected to define two
-keys: db_username and db_password. The db.config configmap is expected
-to define the following keys: db_protocol, db_provider, db_host, db_port,
-db_prefix, db_whisk_activations, db_whisk_actions, and db_whisk_auths.
-The commands below create them with default values; adjust as needed for
-your deployment.
-
-```
-kubectl -n openwhisk create secret generic db.auth
--from-literal=db_username=whisk_admin --from-literal=db_password=some_passw0rd
-```
-
-```
-kubectl -n openwhisk create configmap db.config
--from-literal=db_protocol=http --from-literal=db_provider=CouchDB
--from-literal=db_host=couchdb.openwhisk.svc.cluster.local
--from-literal=db_port=5984
--from-literal=db_whisk_activations=test_activations
--from-literal=db_whisk_actions=test_whisks
--from-literal=db_whisk_auths=test_subjects --from-literal=db_prefix=test_
-```
-
-## Deploy the CouchDB pod
-
-To deploy CouchDB, you first need to create the CouchDB
-Pod. This can be done by running:
-
-```
-kubectl apply -f couchdb.yml
-```
-
-If the persistent volume mounted as /opt/couchdb/data in the
-pod already has been initialized with an OpenWhisk CouchDB
-database, then the pod will simply use it. If an initialized
-database is not found, then the pod will go through the
-process of pulling the OpenWhisk git repo and running some of the
-ansible playbooks for configuring CouchDB.
-
-**NOTE** the pod will say running as soon as the start command runs,
-but that does not mean that CouchDB is really running and ready to
-use. If a new database actually needs to be created and initialized,
-it typically takes about a minute until setup has completed and
-the database is actually usable. Examine the pods logs with
-
-```
-kubectl -n openwhisk logs -lname=couchdb
-```
-
-and look for the line:
-
-```
-successfully setup and configured CouchDB for OpenWhisk
-```
-
-This indicates that the CouchDB instance is fully configured and ready to use.
-
diff --git a/kubernetes/couchdb/couchdb.yml b/kubernetes/couchdb/couchdb.yml
deleted file mode 100644
index 65a47de..0000000
--- a/kubernetes/couchdb/couchdb.yml
+++ /dev/null
@@ -1,143 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-# The couchdb service is defined here instead of in cluster-config/services
-# because some deployments will not put the database within the kube cluster.
----
-apiVersion: v1
-kind: Service
-metadata:
- name: couchdb
- namespace: openwhisk
- labels:
- name: couchdb
-spec:
- selector:
- name: couchdb
- ports:
- - port: 5984
- targetPort: 5984
- name: couchdb
-
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: couchdb
- namespace: openwhisk
- labels:
- name: couchdb
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: couchdb
- spec:
- restartPolicy: Always
-
- affinity:
- # prefer to not run on an invoker node (only prefer because of single
node clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- # prefer to run on a control-plane node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - control-plane
- # do not allow more than 1 couchdb instance to run on a given node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - couchdb
- topologyKey: "kubernetes.io/hostname"
-
- volumes:
- - name: couchdb-data
- persistentVolumeClaim:
- claimName: pv-couchdb-01
-
- containers:
- - name: couchdb
- imagePullPolicy: Always
- image: openwhisk/kube-couchdb
- command: ["/init.sh"]
- ports:
- - name: couchdb
- containerPort: 5984
- volumeMounts:
- - mountPath: /opt/couchdb/data
- name: couchdb-data
- env:
- - name: "DB_PREFIX"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_prefix
- - name: "DB_HOST"
- value: "127.0.0.1"
- - name: "COUCHDB_USER"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_username
- - name: "COUCHDB_PASSWORD"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_password
- - name: "DB_PORT"
- value: "5984"
- - name: "NODENAME"
- value: "couchdb0"
- readinessProbe:
- httpGet:
- port: 5984
- # Tempting to say "/$(DB_PREFIX)_activations", but probe runs
- # externally, therefore can't access the container environment...
- path: "/test_activations"
- initialDelaySeconds: 60
- periodSeconds: 10
- failureThreshold: 10
- timeoutSeconds: 1
-
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: couchdb-netpol
- namespace: openwhisk
-spec:
- podSelector:
- matchLabels:
- name: couchdb
- ingress:
- # Allow controller, invoker, and any pod with access=db to connect to couchdb
- - from:
- - podSelector:
- matchLabels:
- name: controller
- - podSelector:
- matchLabels:
- name: invoker
- - podSelector:
- matchLabels:
- access: db
- ports:
- - port: 5984
diff --git a/kubernetes/ingress/README.md b/kubernetes/ingress/README.md
deleted file mode 100644
index db72342..0000000
--- a/kubernetes/ingress/README.md
+++ /dev/null
@@ -1,179 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Ingress
--------
-
-The goal of this step is to define a Kubernetes Ingress that will make
-OpenWhisk available outside of your Kubernetes cluster. In the
-commands given in the Configuration Steps, replace API_HOST with the
-actual value for your Ingress as determined by the detailed
-instructions in the appropriate subsection of Possible Ingress Types.
-
-# Configuration Steps
-
-1. Create an Ingress, thus determining a value you should use for
-API_HOST. If you are deploying on minikube, follow the instructions for
-the NodePort ingress. Unfortunately, the exact details of configuring
-an Ingress vary across cloud providers. The detailed instructions
-[below](#possible-ingress-types) describe multiple possible Ingress
-configurations. We welcome contributions from the community to
-describe how to configure Ingress for additional cloud providers.
-
-2. Record the value of API_HOST and APIGW_URL in a Kubernetes configmap
-for later use within the OpenWhisk deployment. Note that API_HOST is
-expected to be either a host or host:port pair, but APIGW_URL is
-expected to be a URL, including protocol (http or https depending on
-your ingress):
-```
-kubectl -n openwhisk create configmap whisk.ingress
--from-literal=api_host=API_HOST --from-literal=apigw_url=APIGW_URL
-```
-
-3. Configure the OpenWhisk CLI, wsk, by setting the auth and apihost
-properties (if you don't already have the wsk cli, follow the
-instructions [here](https://github.com/apache/incubator-openwhisk-cli)
-to get it).
-
-```
-wsk property set --auth `cat ../cluster-setup/auth.guest` --apihost API_HOST
-```
-
-# Possible Ingress Types
-
-
-## NodePort
-
-When it was deployed, the apigateway and nginx services were
-configured to expose themselves via a NodePort
-[see](https://github.com/apache/incubator-openwhisk-deploy-kube/tree/master/kubernetes/cluster-setup/services.yml#L13)
with a dynamically assigned port number. If you want
-a specific port number to be assigned to these services, you can cause
-this to happen by adding a `nodePort:` field to some or all of the [`port:`
-stanzas](https://github.com/apache/incubator-openwhisk-deploy-kube/tree/master/kubernetes/cluster-setup/services.yml#L17-L25)
and redeploying the service.
-By determining the IP address of a worker node and the exposed port
-numbers, you can determine your API_HOST and APIGW_URL. There are no
-additional files to apply. TLS termination is handled by the nginx
-service.
-
- 1. Obtain the IP address of the Kubernetes nodes. If you are using minikube,
use the command
-```
- minikube ip
- ```
- otherwise use
- ```
- kubectl get nodes
- ```
-
- 2. Obtain the public port for https port of the openwhisk.nginx Service
- ```
-kubectl -n openwhisk describe service nginx | grep https-api | grep NodePort|
awk '{print $3}' | cut -d'/' -f1
- ```
-
-Use IP_ADDR:PUBLIC_PORT as your API_HOST
-
-3. Obtain the public port for https port of the openwhisk.apigateway Service
- ```
-kubectl -n openwhisk describe service apigateway | grep mgmt | grep NodePort|
awk '{print $3}' | cut -d'/' -f1
- ```
-
-Use http://IP_ADDR:PUBLIC_PORT as your APIGW_URL
-
-
-## Simple Service Ingress
-
-A basic ingress that simply connects through to the nginx
-service. With this ingress, TLS termination will be handled by the
-OpenWhisk nginx service.
-
-```
-kubectl apply -f ingress-simple.yml
-````
-
-Use `kubectl get ingress` to determine the IP address and port to use
-to define API_HOST for a simple service ingress.
-
-## IBM Cloud
-
-### IBM Cloud Lite cluster
-
-The only available ingress method for a Lite cluster is to use a
-NodePort (see above). By determining the IP address of a worker node
-and the exposed port number, you can determine your API_HOST. There
-are no additional files to apply. TLS termination is handled by the
-nginx service.
-
- 1. Obtain the Public IP address of the sole worker node.
-
- ```
-bx cs workers <my-cluster>
- ```
-
- 2. Obtain the public port for https port of the openwhisk.nginx Service
-
- ```
-kubectl -n openwhisk describe service nginx | grep https-api | grep NodePort|
awk '{print $3}' | cut -d'/' -f1
- ```
-Use PublicIP:PORT as your API_HOST
-
-3. Obtain the public port for https port of the openwhisk.apigateway Service
-
- ```
-kubectl -n openwhisk describe service apigateway | grep mgmt | grep NodePort|
awk '{print $3}' | cut -d'/' -f1
- ```
-
-Use http://IP_ADDR:PUBLIC_PORT as your APIGW_URL
-
-### IBM Cloud standard cluster
-
-A template file ingress-ibm.yml is provided. You will need to edit
-this file to replace <ibmdomain> and <ibmtlssecret> with the correct
-values for your cluster. Note that <ibmdomain> appears twice in the
-template file.
-
-To determine this values, run the command
-```
-bx cs cluster-get <mycluster>
-```
-The CLI output will look something like
-```
-bx cs cluster-get <mycluster>
-Retrieving cluster <mycluster>...
-OK
-Name: <mycluster>
-ID: b9c6b00dc0aa487f97123440b4895f2d
-Created: 2017-04-26T19:47:08+0000
-State: normal
-Master URL: https://169.57.40.165:1931
-Ingress subdomain: <ibmdomain>
-Ingress secret: <ibmtlssecret>
-Workers: 3
-```
-You can see the IBM-provided domain in the Ingress subdomain and the
-IBM-provided certificate in the Ingress secret field.
-
-After editing the template file, deploy it.
-```
-kubectl apply -f ingress-ibm.yml
-```
-
-Your API_HOST will be <ibmdomain>/openwhisk
-Your APIGW_URL will be https://<ibmdomain>/apigateway
-
-## Other cloud providers
-
-Please submit Pull Requests with instructions for other cloud providers.
diff --git a/kubernetes/ingress/ingress-ibm.yml
b/kubernetes/ingress/ingress-ibm.yml
deleted file mode 100644
index 959f8fe..0000000
--- a/kubernetes/ingress/ingress-ibm.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
- name: ow-ingress
- namespace: openwhisk
- annotations:
- ingress.bluemix.net/rewrite-path: "serviceName=nginx
rewrite=/;serviceName=apigateway rewrite=/"
-spec:
- tls:
- - hosts:
- - <ibmdomain>
- secretName: <ibmtlssecret>
- rules:
- - host: <ibmdomain>
- http:
- paths:
- - path: /openwhisk/
- backend:
- serviceName: nginx
- servicePort: http
- - path: /apigateway/
- backend:
- serviceName: apigateway
- servicePort: mgmt
diff --git a/kubernetes/ingress/ingress-simple.yml
b/kubernetes/ingress/ingress-simple.yml
deleted file mode 100644
index 14162eb..0000000
--- a/kubernetes/ingress/ingress-simple.yml
+++ /dev/null
@@ -1,15 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
- name: ow-ingress
- namespace: openwhisk
-spec:
- backend:
- serviceName: nginx
- servicePort: https-api
- backend:
- serviceName: apigateway
- servicePort: mgmt
diff --git a/kubernetes/invoker/README.md b/kubernetes/invoker/README.md
deleted file mode 100644
index c47361b..0000000
--- a/kubernetes/invoker/README.md
+++ /dev/null
@@ -1,141 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Invoker
--------
-
-# Overview
-
-The Invoker is responsible for creating and managing the containers
-that OpenWhisk creates to execute the user defined functions. A key
-function of the Invoker is to manage a cache of available warm
-containers to minimize cold starts of user functions.
-Architecturally, we support two options for deploying the Invoker
-component on Kubernetes (selected by picking a
-`ContainerFactoryProviderSPI` for your deployment).
- 1. `DockerContainerFactory` matches the architecture used by the
- non-Kubernetes deployments of OpenWhisk. In this approach, an
- Invoker instance runs on every Kubernetes worker node that is
- being used to execute user functions. The Invoker directly
- communicates with the docker daemon running on the worker node
- to create and manage the user function containers. The primary
- advantages of this configuration are lower latency on container
- management operations and robustness of the code paths being
- used (since they are the same as in the default system). The
- primary disadvantage is that it does not leverage Kubernetes to
- simplify resource management, security configuration, etc. for
- user containers.
- 2. `KubernetesContainerFactory` is a truly Kubernetes-native design
- where although the Invoker is still responsible for managing the
- cache of available user containers, the Invoker relies on Kubernetes to
- create, schedule, and manage the Pods that contain the user function
- containers. The pros and cons of this design are roughly the
- inverse of `DockerContainerFactory`. Kubernetes pod management
- operations have higher latency and exercise newer code paths in
- the Invoker. However, this design fully leverages Kubernetes to
- manage the execution resources for user functions.
-
-# Deploying
-
-## Label the worker nodes
-
-In either approach, it is desirable to indicate which worker nodes
-should be used to execute user containers. Do this by labeling each
-node with `openwhisk-role=invoker`. For a single node cluster, simply do
-```
-kubectl label nodes --all openwhisk-role=invoker
-```
-If you have a multi-node cluster, for each node <INVOKER_NODE_NAME>
-you want to be an invoker, execute
-```
-$ kubectl label nodes <INVOKER_NODE_NAME> openwhisk-role=invoker
-```
-
-## Deploying using the DockerContainerFactory
-
-### Create the invoker.config config map
-
-Edit invoker-dcf.env to make any customizations needed for your
-deployment, create the config map:
-```
-kubectl -n openwhisk create cm invoker.config --from-env-file=invoker-dcf.env
-```
-
-### Deploy the Invoker as a DaemonSet
-
-This will deploy an Invoker instance on every Kubernetes worker node
-labeled with openwhisk-role=invoker.
-```
-kubectl apply -f invoker-dcf.yml
-```
-
-## Deploying using the KubernetesContainerFactory
-
-The KubernetesContainerFactory can be deployed with an additional
-invokerAgent that implements container suspend/resume operations on
-behalf of a remote Invoker. The instructions here included deploying
-the invokerAgent. If you do not want to do this, skip deploying the
-invokerAgent daemonset and edit invoker-k8scf.yml to set
-`CONFIG_whisk_kubernetes_invokerAgent_enabled` to `FALSE`.
-
-### Create the invoker.config config map
-
-Edit invoker-k8scf.env to make any customizations needed for your
-deployment, create the config map:
-```
-kubectl -n openwhisk create cm invoker.config --from-env-file=invoker-k8scf.env
-```
-
-### Deploy the invokerAgent Daemonset
-```
-kubectl apply -f invoker-agent.yml
-```
-Wait for all of the invoker-agent pods to be running. This might take a
-couple of minutes because the invoker-agent also prefetches the docker images
-for the default set of user action runtimes by doing docker pulls as an
-init container.
-
-### Deploy the Invoker as a StatefulSet
-
-By default, this will deploy a single Invoker instance. Optionally
-edit invoker-k8scf.yml to change the number of Invoker replicas and
-then do:
-```
-kubectl apply -f invoker-k8scf.yml
-```
-
-
-# Troubleshooting
-## No invokers are deployed with DockerContainerFactory
-
-Verify that you actually have at least one node with the label
openwhisk-role=invoker.
-
-## Invokers containers fail to start with volume mounting problems
-
-To execute the containers for user actions, OpenWhisk relies on part
-of the underlying infrastructure that Kubernetes is running on. When
-deploying the Invoker for OpenWhisk, it mounts the host's Docker
-socket and several other system-specific directories related to
-Docker. This enables efficient container management, but it also also
-means that the default volume hostPath values assume that the Kubernetes worker
-node image is Ubuntu. If containers fail to start with errors related
-mounting`/sys/fs/cgroup`, `/run/runc`,`/var/lib/docker/containers`, or
-`/var/run/docker.sock`, then you will need to change the corresponding
-value in [invoker-dcf.yml](invoker-dcf.yml) to match the host operating system
-running on your Kubernetes worker node.
diff --git a/kubernetes/invoker/invoker-agent.yml
b/kubernetes/invoker/invoker-agent.yml
deleted file mode 100644
index 32f958a..0000000
--- a/kubernetes/invoker/invoker-agent.yml
+++ /dev/null
@@ -1,107 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: extensions/v1beta1
-kind: DaemonSet
-metadata:
- name: invoker-agent
- namespace: openwhisk
- labels:
- name: invoker-agent
-spec:
- template:
- metadata:
- labels:
- name: invoker-agent
- spec:
- restartPolicy: Always
- hostNetwork: true
-
- # run only on nodes labeled with openwhisk-role=invoker
- # TODO: disabled affinity until user-action pods are
- # created with the same affinity rules.
- # Requires extension to upstream kube java client
- # affinity:
- # nodeAffinity:
- # requiredDuringSchedulingIgnoredDuringExecution:
- # nodeSelectorTerms:
- # - matchExpressions:
- # - key: openwhisk-role
- # operator: In
- # values:
- # - invoker
-
- volumes:
- - name: cgroup
- hostPath:
- path: "/sys/fs/cgroup"
- - name: runc
- hostPath:
- path: "/run/runc"
- - name: dockerrootdir
- hostPath:
- path: "/var/lib/docker/containers"
- - name: dockersock
- hostPath:
- path: "/var/run/docker.sock"
- - name: userlogs
- emptyDir: {}
-
- initContainers:
- - name: docker-pull-runtimes
- imagePullPolicy: Always
- image: openwhisk/kube-docker-pull
- volumeMounts:
- - name: dockersock
- mountPath: "/var/run/docker.sock"
- env:
- # action runtimes
- - name: "RUNTIMES_MANIFEST"
- valueFrom:
- configMapKeyRef:
- name: whisk.runtimes
- key: runtimes
-
- containers:
- - name: invoker-agent
- imagePullPolicy: Always
- image: openwhisk/kube-invoker-agent
- securityContext:
- privileged: true
- ports:
- # IANA port 3233 "whisker" for "WhiskerControl" ;)
- - name: agent
- containerPort: 3233
- hostPort: 3233
- volumeMounts:
- - name: cgroup
- mountPath: "/sys/fs/cgroup"
- - name: runc
- mountPath: "/run/runc"
- - name: dockersock
- mountPath: "/var/run/docker.sock"
- - name: dockerrootdir
- mountPath: "/containers"
- - name: userlogs
- mountPath: "/action-logs"
- env:
-
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: invoker-agent-netpol
- namespace: openwhisk
-spec:
- podSelector:
- matchLabels:
- name: invoker-agent
- ingress:
- # Allow invoker to connect to invoker-agent
- - from:
- - podSelector:
- matchLabels:
- name: invoker
- ports:
- - port: 3233
diff --git a/kubernetes/invoker/invoker-dcf.env
b/kubernetes/invoker/invoker-dcf.env
deleted file mode 100644
index ac1346f..0000000
--- a/kubernetes/invoker/invoker-dcf.env
+++ /dev/null
@@ -1,9 +0,0 @@
-java_opts=-Xmx2g
-Dwhisk.spi.ContainerFactoryProvider=whisk.core.containerpool.docker.DockerContainerFactoryProvider
-invoker_opts=
-invoker_container_network=bridge
-invoker_container_dns=
-invoker_use_runc=false
-docker_image_prefix=openwhisk
-docker_image_tag=latest
-docker_registry=
-invoker_logs_dir=
diff --git a/kubernetes/invoker/invoker-dcf.yml
b/kubernetes/invoker/invoker-dcf.yml
deleted file mode 100644
index 28d8c98..0000000
--- a/kubernetes/invoker/invoker-dcf.yml
+++ /dev/null
@@ -1,206 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: extensions/v1beta1
-kind: DaemonSet
-metadata:
- name: invoker
- namespace: openwhisk
- labels:
- name: invoker
-spec:
- template:
- metadata:
- labels:
- name: invoker
- spec:
- restartPolicy: Always
-
- # run only on nodes labeled with openwhisk-role=invoker
- affinity:
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- nodeSelectorTerms:
- - matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - invoker
-
- volumes:
- - name: cgroup
- hostPath:
- path: "/sys/fs/cgroup"
- - name: runc
- hostPath:
- path: "/run/runc"
- - name: dockerrootdir
- hostPath:
- path: "/var/lib/docker/containers"
- - name: dockersock
- hostPath:
- path: "/var/run/docker.sock"
-
- initContainers:
- - name: docker-pull-runtimes
- imagePullPolicy: Always
- image: openwhisk/kube-docker-pull
- volumeMounts:
- - name: dockersock
- mountPath: "/var/run/docker.sock"
- env:
- # action runtimes
- - name: "RUNTIMES_MANIFEST"
- valueFrom:
- configMapKeyRef:
- name: whisk.runtimes
- key: runtimes
-
- containers:
- - name: invoker
- imagePullPolicy: Always
- image: openwhisk/invoker
- command: [ "/bin/bash", "-c", "COMPONENT_NAME=$(hostname | cut -d'-'
-f2) /init.sh" ]
- ports:
- - name: invoker
- containerPort: 8080
- volumeMounts:
- - name: cgroup
- mountPath: "/sys/fs/cgroup"
- - name: runc
- mountPath: "/run/runc"
- - name: dockersock
- mountPath: "/var/run/docker.sock"
- - name: dockerrootdir
- mountPath: "/containers"
- env:
- - name: "PORT"
- value: "8080"
-
- # Invoker name is name of the Kube node when using DaemonSet
- - name: "INVOKER_NAME"
- valueFrom:
- fieldRef:
- fieldPath: spec.nodeName
-
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
-
- # Docker-related options
- - name: "INVOKER_CONTAINER_NETWORK"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_container_network
- - name: "INVOKER_CONTAINER_DNS"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_container_dns
- - name: "CONFIG_whisk_docker_containerFactory_useRunc"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_use_runc
- - name: "DOCKER_IMAGE_PREFIX"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: docker_image_prefix
- - name: "DOCKER_IMAGE_TAG"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: docker_image_tag
- - name: "DOCKER_REGISTRY"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: docker_registry
-
- # action runtimes
- - name: "RUNTIMES_MANIFEST"
- valueFrom:
- configMapKeyRef:
- name: whisk.runtimes
- key: runtimes
-
- # extra JVM arguments
- - name: "JAVA_OPTS"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: java_opts
-
- # extra Invoker arguments
- - name: "INVOKER_OPTS"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_opts
-
- # Recommend using "" because logs should go to stdout on kube
- - name: "WHISK_LOGS_DIR"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_logs_dir
-
- # properties for Kafka connection
- - name: "KAFKA_HOSTS"
- value: "$(KAFKA_SERVICE_HOST):$(KAFKA_SERVICE_PORT_KAFKA)"
-
- # properties for zookeeper connection
- - name: "ZOOKEEPER_HOSTS"
- value:
"$(ZOOKEEPER_SERVICE_HOST):$(ZOOKEEPER_SERVICE_PORT_ZOOKEEPER)"
-
- # properties for DB connection
- - name: "CONFIG_whisk_couchdb_username"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_username
- - name: "CONFIG_whisk_couchdb_password"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_password
- - name: "CONFIG_whisk_couchdb_protocol"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_protocol
- - name: "CONFIG_whisk_couchdb_host"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_host
- - name: "CONFIG_whisk_couchdb_port"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_port
- - name: "CONFIG_whisk_couchdb_provider"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_provider
- - name: "CONFIG_whisk_couchdb_databases_WhiskActivation"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_activations
- - name: "CONFIG_whisk_couchdb_databases_WhiskEntity"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_actions
- - name: "CONFIG_whisk_couchdb_databases_WhiskAuth"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_auths
diff --git a/kubernetes/invoker/invoker-k8scf.env
b/kubernetes/invoker/invoker-k8scf.env
deleted file mode 100644
index 2cd03bf..0000000
--- a/kubernetes/invoker/invoker-k8scf.env
+++ /dev/null
@@ -1,9 +0,0 @@
-java_opts=-Xmx2g -Dkubernetes.master=https://$KUBERNETES_SERVICE_HOST
-Dwhisk.spi.ContainerFactoryProvider=whisk.core.containerpool.kubernetes.KubernetesContainerFactoryProvider
-invoker_opts=
-invoker_container_network=bridge
-invoker_container_dns=
-invoker_use_runc=false
-docker_image_prefix=openwhisk
-docker_image_tag=latest
-docker_registry=
-invoker_logs_dir=
diff --git a/kubernetes/invoker/invoker-k8scf.yml
b/kubernetes/invoker/invoker-k8scf.yml
deleted file mode 100644
index 3ce7e1d..0000000
--- a/kubernetes/invoker/invoker-k8scf.yml
+++ /dev/null
@@ -1,211 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- namespace: openwhisk
- name: invoker
-
----
-kind: Role
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- namespace: openwhisk
- name: invoker
-rules:
-- apiGroups: ["extensions"]
- resources: ["deployments"]
- verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
-- apiGroups: [""]
- resources: ["pods"]
- verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
-- apiGroups: [""]
- resources: ["pods/log"]
- verbs: ["get", "list"]
-
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: invoker-rbac
- namespace: openwhisk
-subjects:
-- kind: ServiceAccount
- name: invoker
- namespace: openwhisk
-roleRef:
- kind: Role
- name: invoker
- apiGroup: rbac.authorization.k8s.io
-
----
-apiVersion: apps/v1beta1
-kind: StatefulSet
-metadata:
- name: invoker
- namespace: openwhisk
- labels:
- name: invoker
-spec:
- replicas: 1
- serviceName: invoker
- template:
- metadata:
- labels:
- name: invoker
- spec:
- serviceAccountName: invoker
- restartPolicy: Always
-
- affinity:
- # prefer to run on an invoker node (only prefer because of single node
clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - invoker
- # do not allow more than 1 invoker instance to run on a node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - invoker
- topologyKey: "kubernetes.io/hostname"
-
- containers:
- - name: invoker
- imagePullPolicy: Always
- image: openwhisk/invoker
- command: [ "/bin/bash", "-c", "COMPONENT_NAME=$(hostname | cut -d'-'
-f2) /init.sh" ]
- ports:
- - name: invoker
- containerPort: 8080
- env:
- - name: "PORT"
- value: "8080"
-
- # Invoker name is name of pod (invoker-0, invoker-1, etc).
- - name: "INVOKER_NAME"
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
-
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
-
- # Enable invoker-agent
- - name: "CONFIG_whisk_kubernetes_invokerAgent_enabled"
- value: "TRUE"
-
- # Docker-related options
- - name: "CONFIG_whisk_docker_containerFactory_useRunc"
- value: "FALSE"
- - name: "DOCKER_IMAGE_PREFIX"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: docker_image_prefix
- - name: "DOCKER_IMAGE_TAG"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: docker_image_tag
- - name: "DOCKER_REGISTRY"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: docker_registry
-
- # action runtimes
- - name: "RUNTIMES_MANIFEST"
- valueFrom:
- configMapKeyRef:
- name: whisk.runtimes
- key: runtimes
-
- # extra JVM arguments
- - name: "JAVA_OPTS"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: java_opts
-
- # extra Invoker arguments
- - name: "INVOKER_OPTS"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_opts
-
- # Recommend using "" because logs should go to stdout on kube
- - name: "WHISK_LOGS_DIR"
- valueFrom:
- configMapKeyRef:
- name: invoker.config
- key: invoker_logs_dir
-
- # properties for Kafka connection
- - name: "KAFKA_HOSTS"
- value: "$(KAFKA_SERVICE_HOST):$(KAFKA_SERVICE_PORT_KAFKA)"
-
- # properties for zookeeper connection
- - name: "ZOOKEEPER_HOSTS"
- value:
"$(ZOOKEEPER_SERVICE_HOST):$(ZOOKEEPER_SERVICE_PORT_ZOOKEEPER)"
-
- # properties for DB connection
- - name: "CONFIG_whisk_couchdb_username"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_username
- - name: "CONFIG_whisk_couchdb_password"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_password
- - name: "CONFIG_whisk_couchdb_protocol"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_protocol
- - name: "CONFIG_whisk_couchdb_host"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_host
- - name: "CONFIG_whisk_couchdb_port"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_port
- - name: "CONFIG_whisk_couchdb_provider"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_provider
- - name: "CONFIG_whisk_couchdb_databases_WhiskActivation"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_activations
- - name: "CONFIG_whisk_couchdb_databases_WhiskEntity"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_actions
- - name: "CONFIG_whisk_couchdb_databases_WhiskAuth"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_whisk_auths
diff --git a/kubernetes/kafka/README.md b/kubernetes/kafka/README.md
deleted file mode 100644
index 3b22f0a..0000000
--- a/kubernetes/kafka/README.md
+++ /dev/null
@@ -1,53 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Kafka
------
-
-# Deploying
-
-To deploy Kafka, you will need to make sure that
[Zookeeper](../zookeeper/README.md)
-is deployed. Otherwise Kafka will keep crashing since
-it cannot sync to a cluster. To actually deploy Kafka,
-just run:
-
-```
-kubectl apply -f kafka.yml
-```
-
-# Troubleshooting
-## Networking errors
-
-When inspecting kafka logs of various components and they are not able to
-send/receive message then Kafka is the usual problem. There are issues
-when Kube Pods cannot communicate with themselves over a Kube Service.
-Setting a network to promiscous mode can be the solution will enable network
-traffic to route in a loop back to itself. E.g:
-
-```
-ip link set docker0 promisc on
-```
-
-**NOTE** The `docker0` network in the example above is the Pod network.
-If you were using a CNI, then you would need to upgrade the CNI netowrk.
-
-These fixes are of course only temporary fixes that can be used
-when developing OpenWhisk on Kube. To deploy Kubernetes without the
-need for for setting the network up with this manual fix, you need
-to setup the Kubelet with `--hairpin-mode`.
diff --git a/kubernetes/kafka/kafka.yml b/kubernetes/kafka/kafka.yml
deleted file mode 100644
index 535ed12..0000000
--- a/kubernetes/kafka/kafka.yml
+++ /dev/null
@@ -1,124 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: kafka
- namespace: openwhisk
- labels:
- name: kafka
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: kafka
- spec:
- restartPolicy: Always
- volumes:
- - name: kafka-data
- persistentVolumeClaim:
- claimName: pv-kafka-01
-
- affinity:
- # prefer to not run on an invoker node (only prefer because of single
node clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- # prefer to run on a control-plane node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - control-plane
- # do not allow more than 1 kafka instance to run on a given node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - kafka
- topologyKey: "kubernetes.io/hostname"
- # prefer to co-locate with a zookeeper pod since we communicate
frequently
- podAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 10
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - zookeeper
- topologyKey: "kubernetes.io/hostname"
-
- containers:
- - name: kafka
- imagePullPolicy: IfNotPresent
- image: wurstmeister/kafka:0.11.0.1
- volumeMounts:
- - mountPath: /kafka
- name: kafka-data
- ports:
- - name: kafka
- containerPort: 9092
- env:
- - name: "KAFKA_BROKER_ID"
- value: "0"
- - name: "KAFKA_ADVERTISED_HOST_NAME"
- value: "$(KAFKA_SERVICE_HOST)"
- - name: "KAFKA_ADVERTISED_PORT"
- value: "$(KAFKA_SERVICE_PORT_KAFKA)"
- - name: "KAFKA_HOST_NAME"
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: "KAFKA_PORT"
- value: "$(KAFKA_SERVICE_PORT_KAFKA)"
-
- # zookeeper info
- - name: "KAFKA_ZOOKEEPER_CONNECT"
- value:
"$(ZOOKEEPER_SERVICE_HOST):$(ZOOKEEPER_SERVICE_PORT_ZOOKEEPER)"
-
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: kafka-netpol
- namespace: openwhisk
-spec:
- podSelector:
- matchLabels:
- name: kafka
- ingress:
- # Allow invoker and controller to connect to kafka
- - from:
- - podSelector:
- matchLabels:
- name: controller
- - podSelector:
- matchLabels:
- name: invoker
- ports:
- - port: 9092
- # kafkas can connect to each other
- - from:
- - podSelector:
- matchLabels:
- name: kafka
- ports:
- - port: 9092
diff --git a/kubernetes/loadtest/README.md b/kubernetes/loadtest/README.md
deleted file mode 100644
index 81d71b0..0000000
--- a/kubernetes/loadtest/README.md
+++ /dev/null
@@ -1,43 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-LoadTest
------
-
-A collection of jobs to do performance testing
-against openwhisk deployed on kube, based on
-the code in apache/incubator-openwhisk-performance.git.
-
-The jobs are intended to run in the openwhisk namespace in the same
-cluster as the system under test to eliminate external network
-latency.
-
-# Preparing
-
-The Jobs assume the noopLatency and noopThroughput actions are already
-created in the default namespace. These actions are simple noops
-(for example a JavaScript action whose body is `function main(){return {};}`).
-
-# Runnning
-
-To run one of the Jobs, edit the yml to adjust test parameters and then
-
-```
-kubectl apply -f loadtest-latency.yml
-```
diff --git a/kubernetes/loadtest/loadtest-latency-internal.yml
b/kubernetes/loadtest/loadtest-latency-internal.yml
deleted file mode 100644
index 0b77c16..0000000
--- a/kubernetes/loadtest/loadtest-latency-internal.yml
+++ /dev/null
@@ -1,60 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-# This Job measures internal latency (no ingress, no TLS termination) by
-# hitting the controller service directly.
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: loadtest-latency-internal
- namespace: openwhisk
-spec:
- activeDeadlineSeconds: 3600
- template:
- metadata:
- name: loadtest-latency-internal
- labels:
- access: controller
- spec:
- affinity:
- # do not run on a node that openwhisk is actually using
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- - control-plane
- - edge
- # prefer to run on a loadtest node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - loadtest
- containers:
- - name: loadtest
- image: markusthoemmes/loadtest
- env:
- # number of samples to gather
- - name: "NUM_SAMPLES"
- value: "10000"
- # base64 encoding of default auth.guest credentials
- - name: "ENCODED_AUTH"
- value:
"MjNiYzQ2YjEtNzFmNi00ZWQ1LThjNTQtODE2YWE0ZjhjNTAyOjEyM3pPM3haQ0xyTU42djJCS0sxZFhZRnBYbFBrY2NPRnFtMTJDZEFzTWdSVTRWck5aOWx5R1ZDR3VNREdJd1A="
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- command: ["loadtest"]
- args: ["-n", "$(NUM_SAMPLES)", "-k", "-m", "POST", "-H",
"Authorization: basic $(ENCODED_AUTH)",
"http://$(CONTROLLER_SERVICE_HOST):$(CONTROLLER_SERVICE_PORT)/api/v1/namespaces/_/actions/noopLatency?blocking=true"]
- restartPolicy: Never
diff --git a/kubernetes/loadtest/loadtest-latency.yml
b/kubernetes/loadtest/loadtest-latency.yml
deleted file mode 100644
index 213086c..0000000
--- a/kubernetes/loadtest/loadtest-latency.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-# This Job measures end-to-end latency by hitting the public ingress.
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: loadtest-latency
- namespace: openwhisk
-spec:
- activeDeadlineSeconds: 3600
- template:
- metadata:
- name: loadtest-latency
- spec:
- affinity:
- # do not run on a node that openwhisk is actually using
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- - control-plane
- - edge
- # prefer to run on a loadtest node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - loadtest
- containers:
- - name: loadtest
- image: markusthoemmes/loadtest
- env:
- # number of samples to gather
- - name: "NUM_SAMPLES"
- value: "10000"
- # base64 encoding of default auth.guest credentials
- - name: "ENCODED_AUTH"
- value:
"MjNiYzQ2YjEtNzFmNi00ZWQ1LThjNTQtODE2YWE0ZjhjNTAyOjEyM3pPM3haQ0xyTU42djJCS0sxZFhZRnBYbFBrY2NPRnFtMTJDZEFzTWdSVTRWck5aOWx5R1ZDR3VNREdJd1A="
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- command: ["loadtest"]
- args: ["-n", "$(NUM_SAMPLES)", "-k", "-m", "POST", "-H",
"Authorization: basic $(ENCODED_AUTH)",
"$(WHISK_API_HOST_NAME)/api/v1/namespaces/_/actions/noopLatency?blocking=true"]
- restartPolicy: Never
diff --git a/kubernetes/loadtest/loadtest-throughput.yml
b/kubernetes/loadtest/loadtest-throughput.yml
deleted file mode 100644
index 5a9ca11..0000000
--- a/kubernetes/loadtest/loadtest-throughput.yml
+++ /dev/null
@@ -1,61 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-# This Job measures throughput obtainable by hitting the public ingress.
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: loadtest-throughput-512x1024x300sec
- namespace: openwhisk
-spec:
- activeDeadlineSeconds: 3600
- template:
- metadata:
- name: loadtest-throughput-512x1024x300sec
- spec:
- affinity:
- # do not run on a node that openwhisk is actually using
- nodeAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- - control-plane
- - edge
- # prefer to run on a loadtest node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - loadtest
- containers:
- - name: loadtest
- image: williamyeh/wrk
- env:
- # number of samples to gather
- - name: "DURATION"
- value: "300"
- - name: "CONCURRENCY"
- value: "1024"
- - name: "NUM_CORES"
- value: "512"
- # base64 encoding of default auth.guest credentials
- - name: "ENCODED_AUTH"
- value:
"MjNiYzQ2YjEtNzFmNi00ZWQ1LThjNTQtODE2YWE0ZjhjNTAyOjEyM3pPM3haQ0xyTU42djJCS0sxZFhZRnBYbFBrY2NPRnFtMTJDZEFzTWdSVTRWck5aOWx5R1ZDR3VNREdJd1A="
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- command: ["/bin/sh"]
- args: ["-c", "echo wrk.method = \\\"POST\\\" > post.lua; wrk --threads
$(NUM_CORES) --connections $(CONCURRENCY) --duration $(DURATION) --header
\"Authorization: basic $(ENCODED_AUTH)\"
$(WHISK_API_HOST_NAME)/api/v1/namespaces/_/actions/noopThroughput?blocking=true
--latency --timeout 10s --script post.lua"]
- restartPolicy: Never
diff --git a/kubernetes/nginx/README.md b/kubernetes/nginx/README.md
deleted file mode 100644
index 0306585..0000000
--- a/kubernetes/nginx/README.md
+++ /dev/null
@@ -1,126 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Nginx
------
-
-# Deploy Nginx
-
-Depending on how you are deploying OpenWhisk, the Nginx pod
-may or may not need to support handling TLS termination
-for incoming requests. In production deployments, TLS termination
-will be handled by an Ingress placed in front of the Nginx service.
-In dev/test scenarios or when deploying on a single node cluster, it
-is likely that you will use a basic Ingress that does not handle TLS
-termination and therefore will need Nginx to handle it.
-
-The instructions below configure Nginx with self-signed certificates
-to enable basic TLS termination for dev/test. If TLS termination is
-being handled by the Ingress, you can optionally skip generating the
-certificate, chop the ssl configuration and port 443 from nginx.conf,
-and eliminate the secret from nginx.yml. If you have real
-certificates, you can modify nginx.conf with the proper hostname and
-install them instead of the self-signed ones generated below.
-
-## Generate self-signed certificates
-
-* `certs.sh` can be used to generate self signed certs for OpenWhisk.
- By default, the current `nginx.conf` file expects the server url
- to use `localhost`. To generate a self signed cert with the same
- hostname for testing purposes just run:
-
- ```
- certs.sh localhost
- ```
-
- If you want to modify the domain name, make sure to update the
- [nginx.conf](nginx.conf) file appropriately.
-
-## Create Nginx Secrets
-
-With the generated certs for Nginx or your own certificates, you
-should now be able to create the nginx Secrets. To create the Secrets
-resource in the OpenWhisk namespace run the following command:
-
-```
-kubectl -n openwhisk create secret tls nginx --cert=certs/cert.pem
--key=certs/key.pem
-```
-
-## Create Nginx ConfigMap
-
-To create the ConfigMap in the OpenWhisk namespace with the `nginx.conf`
-file, run the following command:
-
-```
-kubectl -n openwhisk create configmap nginx --from-file=nginx.conf
-```
-
-## Deploying Nginx
-
-After successfully [creating the nginx ConfigMap](#create-nginx-configmap)
-and [creating the Secrets](#create-nginx-secrets)
-you will be able to create the Nginx Service and Deployment.
-
-```
-kubectl apply -f nginx.yml
-```
-
-# Deployment Changes
-## Update Nginx ConfigMap
-
-To update the nginx ConfigMap:
-
-```
-kubectl -n openwhisk edit cm nginx -o yaml
-```
-
-Kubernetes will then go through and update any deployed Nginx
-instances. Updating all of the keys defined in the nginx
-ConfigMap.
-
-## Update Nginx Secrets
-
-When updating the nginx Secrets, you will need to have the
-actual yaml file. To obtain the generated YAML file run:
-
-```
-kubectl -n openwhisk get secrets nginx -o yaml > nginx_secrets.yml
-```
-
-Then you can manually edit the fields by hand. Remember that the
-values in a secrets file are base64 encoded values. Also, you
-will need to remove a couple of fields from the `metadata` section.
-
-```
- creationTimestamp: 2017-06-21T15:39:56Z
- resourceVersion: "2156"
- selfLink: /api/v1/namespaces/openwhisk/configmaps/nginx
- uid: e0585576-5697-11e7-aef9-080027a9c6c9
-```
-
-When you have finished editing the yaml file, run:
-
-```
-kubectl replace -f nginx_secrets.yml
-```
-
-Kubernetes will then go through an update any deployed Nginx
-instances. Updating all of the keys defined in the nginx
-Secrets.
-
diff --git a/kubernetes/nginx/certs.sh b/kubernetes/nginx/certs.sh
deleted file mode 100755
index 6d22070..0000000
--- a/kubernetes/nginx/certs.sh
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-set -ex
-
-if [ -z "$1" ]; then
-cat <<- EndOfMessage
- First argument should be the domain for the OpenWhisk deployment.
- Note: By default the Nginx config file assumes the pattern '*.openwhisk'.
-EndOfMessage
-
-exit 1
-fi
-
-mkdir -p certs
-
-openssl req -x509 -newkey rsa:2048 -keyout certs/key.pem -out certs/cert.pem
-nodes -subj "/CN=$1" -days 365
diff --git a/kubernetes/nginx/nginx.conf b/kubernetes/nginx/nginx.conf
deleted file mode 100644
index 22ddcba..0000000
--- a/kubernetes/nginx/nginx.conf
+++ /dev/null
@@ -1,99 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-worker_rlimit_nofile 4096;
-
-events {
- worker_connections 4096;
-}
-
-http {
- client_max_body_size 50M;
-
- rewrite_log on;
- log_format combined-upstream '$remote_addr - $remote_user [$time_local] '
- '$request $status $body_bytes_sent '
- '$http_referer $http_user_agent $upstream_addr';
- access_log /logs/nginx_access.log combined-upstream;
-
- server {
- listen 80;
- listen 443 default ssl;
-
- # match namespace, note while OpenWhisk allows a richer character set
for a
- # namespace, not all those characters are permitted in the (sub)domain
name;
- # if namespace does not match, no vanity URL rewriting takes place.
- server_name ~^(?<namespace>[0-9a-zA-Z-]+)\.localhost$;
-
- ssl_session_cache shared:SSL:1m;
- ssl_session_timeout 10m;
- ssl_certificate /etc/nginx/certs/tls.crt;
- ssl_certificate_key /etc/nginx/certs/tls.key;
- ssl_verify_client off;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_ciphers RC4:HIGH:!aNULL:!MD5;
- ssl_prefer_server_ciphers on;
- proxy_ssl_verify off;
- proxy_ssl_session_reuse on;
-
- # Hack to convince nginx to dynamically resolve the dns entry.
- # Required to get HA for controller to work. See issue #77.
- resolver kube-dns.kube-system;
- set $controller controller.openwhisk.svc.cluster.local;
-
- # proxy to the web action path
- location / {
- if ($namespace) {
- rewrite /(.*) /api/v1/web/${namespace}/$1 break;
- }
- proxy_pass http://$controller:8080;
- proxy_read_timeout 75s; # 70+5 additional seconds to allow
controller to terminate request
- }
-
- # proxy to 'public/html' web action by convention
- location = / {
- if ($namespace) {
- rewrite ^ /api/v1/web/${namespace}/public/index.html break;
- }
- proxy_pass http://$controller:8080;
- proxy_read_timeout 75s; # 70+5 additional seconds to allow
controller to terminate request
- }
-
- location /blackbox.tar.gz {
- return 301
https://github.com/apache/incubator-openwhisk-runtime-docker/releases/download/sdk%400.1.0/blackbox-0.1.0.tar.gz;
- }
- # leaving this for a while for clients out there to update to the new
endpoint
- location /blackbox-0.1.0.tar.gz {
- return 301 /blackbox.tar.gz;
- }
-
- location /OpenWhiskIOSStarterApp.zip {
- return 301
https://github.com/openwhisk/openwhisk-client-swift/releases/download/0.2.3/starterapp-0.2.3.zip;
- }
-
- # redirect requests for specific binaries to the matching one from the
latest openwhisk-cli release.
- location /cli/go/download/linux/amd64 {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/download/latest/OpenWhisk_CLI-latest-linux-amd64.tgz;
- }
- location /cli/go/download/linux/386 {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/download/latest/OpenWhisk_CLI-latest-linux-386.tgz;
- }
- location /cli/go/download/mac/amd64 {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/download/latest/OpenWhisk_CLI-latest-mac-amd64.zip;
- }
- location /cli/go/download/mac/386 {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/download/latest/OpenWhisk_CLI-latest-mac-386.zip;
- }
- location /cli/go/download/windows/amd64 {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/download/latest/OpenWhisk_CLI-latest-windows-amd64.zip;
- }
- location /cli/go/download/windows/386 {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/download/latest/OpenWhisk_CLI-latest-windows-386.zip;
- }
-
- # redirect top-level cli downloads to the latest openwhisk-cli release.
- location /cli/go/download {
- return 301
https://github.com/apache/incubator-openwhisk-cli/releases/latest;
- }
- }
-}
diff --git a/kubernetes/nginx/nginx.yml b/kubernetes/nginx/nginx.yml
deleted file mode 100644
index db4cc66..0000000
--- a/kubernetes/nginx/nginx.yml
+++ /dev/null
@@ -1,81 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: nginx
- namespace: openwhisk
- labels:
- name: nginx
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: nginx
- spec:
- restartPolicy: Always
-
- affinity:
- # prefer to not run on an invoker node (only prefer because of single
node clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- # prefer to run on an edge node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - edge
- # do not allow more than 1 nginx instance to run on a given node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - nginx
- topologyKey: "kubernetes.io/hostname"
-
- volumes:
- - name: nginx-certs
- secret:
- secretName: nginx
- - name: nginx-conf
- configMap:
- name: nginx
- - name: logs
- emptyDir: {}
-
- containers:
- - name: nginx
- imagePullPolicy: IfNotPresent
- image: nginx:1.11
- ports:
- - name: http
- containerPort: 80
- - name: http-api
- containerPort: 443
- - name: https-admin
- containerPort: 8443
- volumeMounts:
- - name: nginx-conf
- mountPath: "/etc/nginx/nginx.conf"
- subPath: "nginx.conf"
- - name: nginx-certs
- mountPath: "/etc/nginx/certs"
- - name: logs
- mountPath: "/logs"
diff --git a/kubernetes/openwhisk-catalog/README.md
b/kubernetes/openwhisk-catalog/README.md
deleted file mode 100644
index b1cf30a..0000000
--- a/kubernetes/openwhisk-catalog/README.md
+++ /dev/null
@@ -1,33 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-OpenWhisk Catalog
------
-
-Once the system is deployed, we need to run a Job to install all the
-standard package catalog from incubator-openwhisk-catalog into the
-/whisk.system namespace.
-
-# Deploying
-
-To run the Job, you just need to run:
-
-```
-kubectl apply -f install-catalog.yml
-```
diff --git a/kubernetes/openwhisk-catalog/install-catalog.yml
b/kubernetes/openwhisk-catalog/install-catalog.yml
deleted file mode 100644
index b4c38f3..0000000
--- a/kubernetes/openwhisk-catalog/install-catalog.yml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: install-catalog
- namespace: openwhisk
-spec:
- activeDeadlineSeconds: 600
- template:
- metadata:
- name: install-catalog
- spec:
- containers:
- - name: catalog
- image: openwhisk/kube-openwhisk-catalog
- env:
- - name: "WHISK_CLI_VERSION"
- valueFrom:
- configMapKeyRef:
- name: whisk.config
- key: whisk_cli_version_tag
- - name: "WHISK_AUTH"
- valueFrom:
- secretKeyRef:
- name: whisk.auth
- key: system
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- restartPolicy: Never
diff --git a/kubernetes/package-kafka/README.md
b/kubernetes/package-kafka/README.md
deleted file mode 100644
index ce3eebe..0000000
--- a/kubernetes/package-kafka/README.md
+++ /dev/null
@@ -1,64 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-# Deploy kafka package to Apache OpenWhisk
-
-This project is to deploy kafka package to local Apache OpenWhisk on a K8s
using YAML file.
-
-## Prerequisite
-Edit package-kafka.env as needed to set the appropriate values for your
deployment, then create the configmap packages.kafkaprovider:
-```
-kubectl -n openwhisk create cm packages.kafkaprovider
--from-literal=kafkapkg_db_prefix=mq
-```
-
-The deployment also has dependencies to secret `whisk.auth` and `db.auth`, and
configmap `whisk.ingress`. Make sure you have these settings before you start
the deployment.
-
-## Step 1. Install kafka provider
-Note, if you are using an external CouchDB or Cloudant database for your
deployment, you will need to edit the definition of DB_URL in kafkaprovider.yml.
-
-```
-kubectl apply -f kafkaprovider.yml
-```
-
-## Step 2. Install messaging package to your local Apache OpenWhisk
-```
-kubectl apply -f kafkapkginstaller.yml
-```
-
-## Verify your Kafka package
-Get the description of your Kafka package by:
-```
-wsk package get /whisk.system/messaging --summary -i
-```
-Create a kafka package binding:
-```
-wsk package bind /whisk.system/messaging myKafkaPkg -p brokers
"[\"kafka_host1:9093\", \"kafka_host2:9093\"]" -i
-```
-Create a trigger:
-```
-wsk trigger create MyKafkaTrigger -f myKafkaPkg/kafkaFeed -p topic in-topic -i
-```
-Send a message to kafka topic by invoking the action `kafkaProduce`:
-```
-wsk action invoke myKafkaPkg/kafkaProduce -p topic in-topic -p value "this is
a message" -i
-```
-Check activation log to see `MyKafkaTrigger` is triggered when a new message
is sent.
-```
-wsk activation poll -i
-```
diff --git a/kubernetes/package-kafka/kafkapkginstaller.yml
b/kubernetes/package-kafka/kafkapkginstaller.yml
deleted file mode 100644
index 3ddf198..0000000
--- a/kubernetes/package-kafka/kafkapkginstaller.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: kafkapkginstaller
- namespace: openwhisk
- labels:
- name: kafkapkginstaller
-spec:
- template:
- metadata:
- labels:
- name: kafkapkginstaller
- spec:
- restartPolicy: Never
- containers:
- - name: kafkapkginstaller
- imagePullPolicy: IfNotPresent
- image: openwhisk/kube-kafkapkginstaller
- env:
- - name: "APIHOST"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- - name: "DB_HOST"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_host
- - name: "DB_PORT"
- valueFrom:
- configMapKeyRef:
- name: db.config
- key: db_port
- - name: "DB_USERNAME"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_username
- - name: "DB_PASSWORD"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_password
- - name: "DB_PREFIX"
- valueFrom:
- configMapKeyRef:
- name: packages.kafkaprovider
- key: kafkapkg_db_prefix
- - name: "AUTH"
- valueFrom:
- secretKeyRef:
- name: whisk.auth
- key: system
diff --git a/kubernetes/package-kafka/kafkaprovider.yml
b/kubernetes/package-kafka/kafkaprovider.yml
deleted file mode 100644
index 9bc4cfc..0000000
--- a/kubernetes/package-kafka/kafkaprovider.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: kafkaprovider
- namespace: openwhisk
- labels:
- name: kafkaprovider
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: kafkaprovider
- access: db
- spec:
- restartPolicy: Always
- containers:
- - name: kafkaprovider
- imagePullPolicy: IfNotPresent
- image: openwhisk/kafkaprovider
- ports:
- - name: kafkaprovider
- containerPort: 8080
- env:
- - name: "DB_URL"
- value:
"http://$(COUCHDB_SERVICE_HOST):$(COUCHDB_SERVICE_PORT_COUCHDB)"
- - name: "DB_USER"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_username
- - name: "DB_PASS"
- valueFrom:
- secretKeyRef:
- name: db.auth
- key: db_password
- - name: "DB_PREFIX"
- valueFrom:
- configMapKeyRef:
- name: packages.kafkaprovider
- key: kafkapkg_db_prefix
- - name: "LOCAL_DEV"
- value: "true"
- - name: "ROUTER_HOST"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- - name: "ENDPOINT_AUTH"
- valueFrom:
- secretKeyRef:
- name: whisk.auth
- key: system
diff --git a/kubernetes/routemgmt/README.md b/kubernetes/routemgmt/README.md
deleted file mode 100644
index 9d06c2f..0000000
--- a/kubernetes/routemgmt/README.md
+++ /dev/null
@@ -1,32 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Route Management
------
-
-Once the system is deployed, we need to run a job
-to install packages that support route management.
-
-# Deploying
-
-To run the Job, you just need to run:
-
-```
-kubectl apply -f install-routemgmt.yml
-```
diff --git a/kubernetes/routemgmt/install-routemgmt.yml
b/kubernetes/routemgmt/install-routemgmt.yml
deleted file mode 100644
index 8bb0a5b..0000000
--- a/kubernetes/routemgmt/install-routemgmt.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: install-routemgmt
- namespace: openwhisk
-spec:
- activeDeadlineSeconds: 600
- template:
- metadata:
- name: install-routemgmt
- spec:
- containers:
- - name: routemgmt
- image: openwhisk/kube-routemgmt
- env:
- - name: "WHISK_CLI_VERSION"
- valueFrom:
- configMapKeyRef:
- name: whisk.config
- key: whisk_cli_version_tag
- - name: "WHISK_AUTH"
- valueFrom:
- secretKeyRef:
- name: whisk.auth
- key: system
- - name: "WHISK_API_HOST_NAME"
- valueFrom:
- configMapKeyRef:
- name: whisk.ingress
- key: api_host
- - name: "WHISK_NAMESPACE"
- valueFrom:
- configMapKeyRef:
- name: whisk.config
- key: whisk_system_namespace
- - name: "WHISK_API_GATEWAY_HOST_V2"
- value:
"http://$(APIGATEWAY_SERVICE_HOST):$(APIGATEWAY_SERVICE_PORT_API)/v2"
-
- restartPolicy: Never
diff --git a/kubernetes/zookeeper/README.md b/kubernetes/zookeeper/README.md
deleted file mode 100644
index 1050765..0000000
--- a/kubernetes/zookeeper/README.md
+++ /dev/null
@@ -1,29 +0,0 @@
-<!--
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
--->
-
-Zookeeper
------
-
-# Deploying
-
-To deploy Zookeeper, you just need to run:
-
-```
-kubectl apply -f zookeeper.yml
-```
diff --git a/kubernetes/zookeeper/zookeeper.yml
b/kubernetes/zookeeper/zookeeper.yml
deleted file mode 100644
index e91696c..0000000
--- a/kubernetes/zookeeper/zookeeper.yml
+++ /dev/null
@@ -1,109 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
- name: zookeeper
- namespace: openwhisk
- labels:
- name: zookeeper
-spec:
- replicas: 1
- template:
- metadata:
- labels:
- name: zookeeper
- spec:
- restartPolicy: Always
- volumes:
- - name: zk-data
- persistentVolumeClaim:
- claimName: pv-zookeeper-data-01
- - name: zk-datalog
- persistentVolumeClaim:
- claimName: pv-zookeeper-datalog-01
-
- affinity:
- # prefer to not run on an invoker node (only prefer because of single
node clusters)
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: NotIn
- values:
- - invoker
- # prefer to run on a control-plane node
- nodeAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 50
- preference:
- matchExpressions:
- - key: openwhisk-role
- operator: In
- values:
- - control-plane
- # do not allow more than 1 zookeeper instance to run on a given node
- podAntiAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: name
- operator: In
- values:
- - zookeeper
- topologyKey: "kubernetes.io/hostname"
-
- containers:
- - name: zookeeper
- image: zookeeper:3.4
- imagePullPolicy: IfNotPresent
- ports:
- - name: zookeeper
- containerPort: 2181
- - name: server
- containerPort: 2888
- - name: leader-election
- containerPort: 3888
- volumeMounts:
- - mountPath: /data
- name: zk-data
- - mountPath: /datalog
- name: zk-datalog
- env:
- - name: "ZOO_DATA_DIR"
- value: /data
- - name: "ZOO_DATA_LOG_DIR"
- value: /datalog
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
- name: zookeeper-netpol
- namespace: openwhisk
-spec:
- podSelector:
- matchLabels:
- name: zookeeper
- ingress:
- # Allow kafka and invoker to connect to zookeeper
- - from:
- - podSelector:
- matchLabels:
- name: kafka
- - podSelector:
- matchLabels:
- name: invoker
- ports:
- - port: 2181
- # zookeepers can connect to each other
- - from:
- - podSelector:
- matchLabels:
- name: zookeeper
- ports:
- - port: 2181
- - port: 2888
- - port: 3888
