--- apiVersion: v1 kind: ServiceAccount metadata: name: helm-emqxs-551 namespace: ynejpt --- apiVersion: v1 kind: ConfigMap metadata: name: helm-emqxs-551-env namespace: ynejpt labels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 data: EMQX_CLUSTER__K8S__APISERVER: "https://kubernetes.default.svc.cluster.local:443" EMQX_NAME: "helm-emqxs-551" EMQX_CLUSTER__DISCOVERY: "k8s" EMQX_CLUSTER__K8S__APP_NAME: "helm-emqxs-551" EMQX_CLUSTER__K8S__SERVICE_NAME: "helm-emqxs-551-headless" EMQX_CLUSTER__K8S__ADDRESS_TYPE: "dns" EMQX_CLUSTER__K8S__namespace: "ynejpt" EMQX_CLUSTER__K8S__SUFFIX: "svc.cluster.local" EMQX_ALLOW_ANONYMOUS: "false" EMQX_ACL_NOMATCH: "deny" --- apiVersion: v1 kind: ConfigMap metadata: name: helm-emqxs-551-cm namespace: ynejpt labels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 data: emqx_auth_username.conf: |- auth.user.1.username = cmlc auth.user.1.password = odD8#Ve7.B auth.user.password_hash = sha256 acl.conf: |- {allow, {user, "admin"}, pubsub, ["admin/#"]}. {allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}. {allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}. {deny, all, subscribe, ["$SYS/#", {eq, "#"}]}. {allow, all}. loaded_plugins: |- {emqx_auth_username,true}. {emqx_management, true}. {emqx_recon, true}. {emqx_retainer, false}. {emqx_dashboard, true}. {emqx_telemetry, true}. {emqx_rule_engine, true}. {emqx_bridge_mqtt, false}. --- apiVersion: apps/v1 kind: StatefulSet metadata: name: helm-emqxs-551 namespace: ynejpt labels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: replicas: 1 serviceName: helm-emqxs-551-headless updateStrategy: type: RollingUpdate selector: matchLabels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster template: metadata: labels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: affinity: { } imagePullSecrets: - name: harborsecret serviceAccountName: helm-emqxs-551 containers: - name: helm-emqxs-551 image: 192.168.118.14:8033/cmii/emqx:5.5.1 imagePullPolicy: Always ports: - name: mqtt containerPort: 1883 - name: mqttssl containerPort: 8883 - name: mgmt containerPort: 8081 - name: ws containerPort: 8083 - name: wss containerPort: 8084 - name: dashboard containerPort: 18083 - name: ekka containerPort: 4370 envFrom: - configMapRef: name: helm-emqxs-551-env resources: { } volumeMounts: - name: emqx-data mountPath: "/opt/emqx/data/mnesia" readOnly: false - name: helm-emqxs-551-cm mountPath: "/opt/emqx/etc/plugins/emqx_auth_username.conf" subPath: emqx_auth_username.conf readOnly: false # - name: helm-emqxs-551-cm # mountPath: "/opt/emqx/etc/acl.conf" # subPath: "acl.conf" # readOnly: false - name: helm-emqxs-551-cm mountPath: "/opt/emqx/data/loaded_plugins" subPath: loaded_plugins readOnly: false volumes: - name: emqx-data persistentVolumeClaim: claimName: helm-emqxs-551 - name: helm-emqxs-551-cm configMap: name: helm-emqxs-551-cm items: - key: emqx_auth_username.conf path: emqx_auth_username.conf - key: acl.conf path: acl.conf - key: loaded_plugins path: loaded_plugins --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: helm-emqxs-551 namespace: ynejpt rules: - apiGroups: - "" resources: - endpoints verbs: - get - watch - list --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: helm-emqxs-551 namespace: ynejpt subjects: - kind: ServiceAccount name: helm-emqxs-551 namespace: ynejpt roleRef: kind: Role name: helm-emqxs-551 apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Service metadata: name: helm-emqxs-551 namespace: ynejpt labels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: type: NodePort selector: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster ports: - port: 1883 name: mqtt targetPort: 1883 nodePort: 32883 - port: 18083 name: dashboard targetPort: 18083 nodePort: 38185 - port: 8083 name: mqtt-websocket targetPort: 8083 nodePort: 38183 --- apiVersion: v1 kind: Service metadata: name: helm-emqxs-551-headless namespace: ynejpt labels: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: type: ClusterIP clusterIP: None selector: cmii.type: middleware cmii.app: helm-emqxs-551 cmii.emqx.architecture: cluster ports: - name: mqtt port: 1883 protocol: TCP targetPort: 1883 - name: mqttssl port: 8883 protocol: TCP targetPort: 8883 - name: mgmt port: 8081 protocol: TCP targetPort: 8081 - name: websocket port: 8083 protocol: TCP targetPort: 8083 - name: wss port: 8084 protocol: TCP targetPort: 8084 - name: dashboard port: 18083 protocol: TCP targetPort: 18083 - name: ekka port: 4370 protocol: TCP targetPort: 4370 --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: helm-emqxs-551 namespace: ynejpt labels: cmii.type: middleware-base cmii.app: helm-emqxs-551 helm.sh/chart: all-persistence-volume-claims-1.1.0 app.kubernetes.io/version: 5.7.0 spec: storageClassName: nfs-prod-distribute accessModes: - ReadWriteMany volumeMode: Filesystem resources: requests: storage: 20Gi ---