From 5423a8ae51a3007279282632e9dc2d24bb6eb707 Mon Sep 17 00:00:00 2001 From: Dmitry Mishin Date: Tue, 11 Feb 2020 10:45:22 -0800 Subject: [PATCH] examples: adding simple kubernetes example --- examples/kubernetes/README.md | 26 +++++ examples/kubernetes/deployment.yaml | 143 +++++++++++++++++++++++++++ examples/kubernetes/jvb-service.yaml | 17 ++++ examples/kubernetes/web-service.yaml | 32 ++++++ 4 files changed, 218 insertions(+) create mode 100644 examples/kubernetes/README.md create mode 100644 examples/kubernetes/deployment.yaml create mode 100644 examples/kubernetes/jvb-service.yaml create mode 100644 examples/kubernetes/web-service.yaml diff --git a/examples/kubernetes/README.md b/examples/kubernetes/README.md new file mode 100644 index 0000000..8158dbc --- /dev/null +++ b/examples/kubernetes/README.md @@ -0,0 +1,26 @@ +# Install guide for kubernetes + +This guide will deploy jitsi in the most simple way: as several containers in a single pod. This is enough to start in case your hardware is enough. If you need to scale components to severa instance, you'll have to modify it to use several services and pods. + +Create a namespace to deploy jitsi to: + +`kubectl create namespace jitsi` + +Add the secret with secret values (replace `...` with some random strings): + +`kubectl create secret generic jitsi-config --from-literal=JICOFO_COMPONENT_SECRET=... --from-literal=JICOFO_AUTH_PASSWORD=... --from-literal=JVB_AUTH_PASSWORD=... ` + +Deploy the service to listen for JVB UDP traffic on all cluster nodes port 30300: + +`kubectl create -f jvb-service.yaml` + +Now we can deploy the rest of the application: + +`kubectl create -f deployment.yaml` + +To expose the webapp, we can use Ingress (replace the `host` value with your actual hostname): + +`kubectl create -f web-service.yaml` + +You can either use "https" or "http" service port, depending on whether your ingress allows self-signed certs. + diff --git a/examples/kubernetes/deployment.yaml b/examples/kubernetes/deployment.yaml new file mode 100644 index 0000000..144585f --- /dev/null +++ b/examples/kubernetes/deployment.yaml @@ -0,0 +1,143 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + k8s-app: jitsi + name: jitsi + namespace: jitsi +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + k8s-app: jitsi + template: + metadata: + labels: + k8s-app: jitsi + spec: + containers: + - name: jicofo + image: jitsi/jicofo + imagePullPolicy: Always + env: + - name: XMPP_SERVER + value: localhost + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET + valueFrom: + secretKeyRef: + name: jitsi-config + key: JICOFO_COMPONENT_SECRET + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD + valueFrom: + secretKeyRef: + name: jitsi-config + key: JICOFO_AUTH_PASSWORD + - name: TZ + value: America/Los_Angeles + - name: JVB_BREWERY_MUC + value: jvbbrewery + - name: prosody + image: jitsi/prosody + imagePullPolicy: Always + env: + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JICOFO_COMPONENT_SECRET + valueFrom: + secretKeyRef: + name: jitsi-config + key: JICOFO_COMPONENT_SECRET + - name: JVB_AUTH_USER + value: jvb + - name: JVB_AUTH_PASSWORD + valueFrom: + secretKeyRef: + name: jitsi-config + key: JVB_AUTH_PASSWORD + - name: JICOFO_AUTH_USER + value: focus + - name: JICOFO_AUTH_PASSWORD + valueFrom: + secretKeyRef: + name: jitsi-config + key: JICOFO_AUTH_PASSWORD + - name: TZ + value: America/Los_Angeles + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: web + image: jitsi/web + imagePullPolicy: Always + env: + - name: XMPP_SERVER + value: localhost + - name: JICOFO_AUTH_USER + value: focus + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: XMPP_BOSH_URL_BASE + value: http://127.0.0.1:5280 + - name: XMPP_MUC_DOMAIN + value: muc.meet.jitsi + - name: TZ + value: America/Los_Angeles + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: jvb + image: jitsi/jvb + imagePullPolicy: Always + env: + - name: XMPP_SERVER + value: localhost + - name: DOCKER_HOST_ADDRESS + value: + - name: XMPP_DOMAIN + value: meet.jitsi + - name: XMPP_AUTH_DOMAIN + value: auth.meet.jitsi + - name: XMPP_INTERNAL_MUC_DOMAIN + value: internal-muc.meet.jitsi + - name: JVB_STUN_SERVERS + value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302 + - name: JICOFO_AUTH_USER + value: focus + - name: JVB_TCP_HARVESTER_DISABLED + value: "true" + - name: JVB_AUTH_USER + value: jvb + - name: JVB_PORT + value: "30300" + - name: JVB_AUTH_PASSWORD + valueFrom: + secretKeyRef: + name: jitsi-config + key: JVB_AUTH_PASSWORD + - name: JICOFO_AUTH_PASSWORD + valueFrom: + secretKeyRef: + name: jitsi-config + key: JICOFO_AUTH_PASSWORD + - name: JVB_BREWERY_MUC + value: jvbbrewery + - name: TZ + value: America/Los_Angeles diff --git a/examples/kubernetes/jvb-service.yaml b/examples/kubernetes/jvb-service.yaml new file mode 100644 index 0000000..6cf1434 --- /dev/null +++ b/examples/kubernetes/jvb-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + service: jvb + name: jvb-udp + namespace: jitsi +spec: + type: NodePort + externalTrafficPolicy: Cluster + ports: + - port: 30300 + protocol: UDP + targetPort: 30300 + nodePort: 30300 + selector: + k8s-app: jitsi diff --git a/examples/kubernetes/web-service.yaml b/examples/kubernetes/web-service.yaml new file mode 100644 index 0000000..37b07bc --- /dev/null +++ b/examples/kubernetes/web-service.yaml @@ -0,0 +1,32 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + service: web + name: web + namespace: jitsi +spec: + ports: + - name: "http" + port: 80 + targetPort: 80 + - name: "https" + port: 443 + targetPort: 443 + selector: + k8s-app: jitsi +--- + apiVersion: networking.k8s.io/v1beta1 + kind: Ingress + metadata: + name: jitsi + namespace: jitsi + spec: + rules: + - host: ... + http: + paths: + - path: / + backend: + serviceName: web + servicePort: https \ No newline at end of file