--- # Source: all-middleware/charts/emqx/templates/cluster/rbac-cluster.yaml apiVersion: v1 kind: ServiceAccount metadata: name: helm-emqxs namespace: cmii-s1 --- # Source: all-middleware/charts/emqx/templates/cluster/configmap-cluster.yaml apiVersion: v1 kind: ConfigMap metadata: name: helm-emqxs-env namespace: cmii-s1 labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "3.2.1" data: EMQX_CLUSTER__K8S__ADDRESS_TYPE: hostname EMQX_CLUSTER__K8S__APISERVER: https://kubernetes.default.svc:443 EMQX_CLUSTER__K8S__SUFFIX: svc.cluster.local EMQX_NAME: helm-emqxs EMQX_CLUSTER__K8S__APP_NAME: helm-emqxs EMQX_CLUSTER__DISCOVERY: k8s EMQX_CLUSTER__K8S__SERVICE_NAME: helm-emqxs-headless EMQX_CLUSTER__K8S__NAMESPACE: cmii-s1 EMQX_ALLOW_ANONYMOUS: "false" EMQX_ACL_NOMATCH: "deny" --- # Source: all-middleware/charts/emqx/templates/cluster/configmap-cluster.yaml apiVersion: v1 kind: ConfigMap metadata: name: helm-emqxs-cm namespace: cmii-s1 labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "3.2.1" data: emqx_auth_username.conf: |- auth.user.1.username = cmlc auth.user.1.password = odD8#Ve7.B auth.user.password_hash = sha256 acl.conf: |- {allow, {user, "admin"}, pubsub, ["admin/#"]}. {allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}. {allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}. {deny, all, subscribe, ["$SYS/#", {eq, "#"}]}. {allow, all}. loaded_plugins: |- {emqx_auth_username,true}. {emqx_management, true}. {emqx_recon, true}. {emqx_retainer, false}. {emqx_dashboard, true}. {emqx_telemetry, true}. {emqx_rule_engine, true}. {emqx_bridge_mqtt, false}. --- # Source: all-middleware/charts/emqx/templates/cluster/rbac-cluster.yaml kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: helm-emqxs namespace: cmii-s1 rules: - apiGroups: - "" resources: - endpoints verbs: - get - watch - list --- # Source: all-middleware/charts/emqx/templates/cluster/rbac-cluster.yaml kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: helm-emqxs namespace: cmii-s1 subjects: - kind: ServiceAccount name: helm-emqxs namespace: cmii-s1 roleRef: kind: Role name: helm-emqxs apiGroup: rbac.authorization.k8s.io --- # Source: all-middleware/charts/emqx/templates/cluster/svc-cluster.yaml apiVersion: v1 kind: Service metadata: name: helm-emqxs namespace: cmii-s1 labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "3.2.1" spec: type: NodePort selector: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster ports: - port: 1883 name: mqtt targetPort: 1883 nodePort: 38883 - port: 18083 name: dashboard targetPort: 18083 nodePort: 33024 - port: 8083 name: mqtt-websocket targetPort: 8083 nodePort: 36805 --- # Source: all-middleware/charts/emqx/templates/cluster/svc-headless.yaml apiVersion: v1 kind: Service metadata: name: helm-emqxs-headless namespace: cmii-s1 labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "3.2.1" spec: type: ClusterIP clusterIP: None selector: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster ports: - name: mqtt port: 1883 protocol: TCP targetPort: 1883 - name: mqttssl port: 8883 protocol: TCP targetPort: 8883 - name: mgmt port: 8081 protocol: TCP targetPort: 8081 - name: websocket port: 8083 protocol: TCP targetPort: 8083 - name: wss port: 8084 protocol: TCP targetPort: 8084 - name: dashboard port: 18083 protocol: TCP targetPort: 18083 - name: ekka port: 4370 protocol: TCP targetPort: 4370 --- # Source: all-middleware/charts/emqx/templates/cluster/statefulset-cluster.yaml apiVersion: apps/v1 kind: StatefulSet metadata: name: helm-emqxs namespace: cmii-s1 labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "3.2.1" spec: replicas: 3 serviceName: helm-emqxs-headless updateStrategy: type: RollingUpdate selector: matchLabels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster template: metadata: labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "3.2.1" spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: uavcloud.env operator: In values: - "demo" serviceAccountName: helm-emqxs containers: - name: helm-emqxs image: "harbor.cdcyy.com.cn/cmii/emqx:4.2.12" imagePullPolicy: Always ports: - name: mqtt containerPort: 1883 - name: mqttssl containerPort: 8883 - name: mgmt containerPort: 8081 - name: ws containerPort: 8083 - name: wss containerPort: 8084 - name: dashboard containerPort: 18083 - name: ekka containerPort: 4370 envFrom: - configMapRef: name: helm-emqxs-env resources: limits: cpu: "1" memory: 2Gi requests: cpu: 300m memory: 1Gi readinessProbe: httpGet: path: /status port: 8081 initialDelaySeconds: 5 periodSeconds: 5 volumeMounts: - name: emqx-data mountPath: "/opt/emqx/data/mnesia" readOnly: false - name: helm-emqxs-cm mountPath: "/opt/emqx/etc/plugins/emqx_auth_username.conf" subPath: emqx_auth_username.conf readOnly: false - name: helm-emqxs-cm mountPath: "/opt/emqx/etc/acl.conf" subPath: "acl.conf" readOnly: false - name: helm-emqxs-cm mountPath: "/opt/emqx/data/loaded_plugins" subPath: loaded_plugins readOnly: false volumes: - name: emqx-data persistentVolumeClaim: claimName: helm-emqxs - name: helm-emqxs-cm configMap: name: helm-emqxs-cm items: - key: emqx_auth_username.conf path: emqx_auth_username.conf - key: acl.conf path: acl.conf - key: loaded_plugins path: loaded_plugins