--- apiVersion: v1 kind: ServiceAccount metadata: name: helm-emqxs namespace: uavcloud-devflight --- apiVersion: v1 kind: ConfigMap metadata: name: helm-emqxs-env namespace: uavcloud-devflight labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 data: EMQX_CLUSTER__K8S__APISERVER: "https://kubernetes.default.svc.cluster.local:443" EMQX_NAME: "helm-emqxs" EMQX_CLUSTER__DISCOVERY: "k8s" EMQX_CLUSTER__K8S__APP_NAME: "helm-emqxs" EMQX_CLUSTER__K8S__SERVICE_NAME: "helm-emqxs-headless" EMQX_CLUSTER__K8S__ADDRESS_TYPE: "dns" EMQX_CLUSTER__K8S__namespace: "uavcloud-devflight" EMQX_CLUSTER__K8S__SUFFIX: "svc.cluster.local" EMQX_ALLOW_ANONYMOUS: "false" EMQX_ACL_NOMATCH: "deny" --- apiVersion: v1 kind: ConfigMap metadata: name: helm-emqxs-cm namespace: uavcloud-devflight labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 data: emqx_auth_username.conf: |- auth.user.1.username = cmlc auth.user.1.password = 4YPk*DS%+5 auth.user.password_hash = sha256 acl.conf: |- {allow, {user, "admin"}, pubsub, ["admin/#"]}. {allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}. {allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}. {deny, all, subscribe, ["$SYS/#", {eq, "#"}]}. {allow, all}. loaded_plugins: |- {emqx_auth_username,true}. {emqx_management, true}. {emqx_recon, true}. {emqx_retainer, false}. {emqx_dashboard, true}. {emqx_telemetry, true}. {emqx_rule_engine, true}. {emqx_bridge_mqtt, false}. --- apiVersion: apps/v1 kind: StatefulSet metadata: name: helm-emqxs namespace: uavcloud-devflight labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: replicas: 1 serviceName: helm-emqxs-headless updateStrategy: type: RollingUpdate selector: matchLabels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster template: metadata: labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: affinity: { } imagePullSecrets: - name: harborsecret serviceAccountName: helm-emqxs containers: - name: helm-emqxs image: chongqingcis-9b4a3da9.ecis.chongqing-1.cmecloud.cn/cmii/emqx:5.5.1 imagePullPolicy: Always ports: - name: mqtt containerPort: 1883 - name: mqttssl containerPort: 8883 - name: mgmt containerPort: 8081 - name: ws containerPort: 8083 - name: wss containerPort: 8084 - name: dashboard containerPort: 18083 - name: ekka containerPort: 4370 envFrom: - configMapRef: name: helm-emqxs-env resources: { } volumeMounts: - name: emqx-data mountPath: "/opt/emqx/data/mnesia" readOnly: false - name: helm-emqxs-cm mountPath: "/opt/emqx/etc/plugins/emqx_auth_username.conf" subPath: emqx_auth_username.conf readOnly: false # - name: helm-emqxs-cm # mountPath: "/opt/emqx/etc/acl.conf" # subPath: "acl.conf" # readOnly: false - name: helm-emqxs-cm mountPath: "/opt/emqx/data/loaded_plugins" subPath: loaded_plugins readOnly: false volumes: - name: emqx-data persistentVolumeClaim: claimName: helm-emqxs - name: helm-emqxs-cm configMap: name: helm-emqxs-cm items: - key: emqx_auth_username.conf path: emqx_auth_username.conf - key: acl.conf path: acl.conf - key: loaded_plugins path: loaded_plugins --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: helm-emqxs namespace: uavcloud-devflight rules: - apiGroups: - "" resources: - endpoints verbs: - get - watch - list --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: helm-emqxs namespace: uavcloud-devflight subjects: - kind: ServiceAccount name: helm-emqxs namespace: uavcloud-devflight roleRef: kind: Role name: helm-emqxs apiGroup: rbac.authorization.k8s.io --- apiVersion: v1 kind: Service metadata: name: helm-emqxs namespace: uavcloud-devflight labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: type: NodePort selector: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster ports: - port: 1883 name: mqtt targetPort: 1883 nodePort: 31884 - port: 18083 name: dashboard targetPort: 18083 nodePort: 38086 - port: 8083 name: mqtt-websocket targetPort: 8083 nodePort: 38084 --- apiVersion: v1 kind: Service metadata: name: helm-emqxs-headless namespace: uavcloud-devflight labels: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster helm.sh/chart: emqx-1.1.0 app.kubernetes.io/managed-by: octopus-control app.kubernetes.io/version: 5.6.0 spec: type: ClusterIP clusterIP: None selector: cmii.type: middleware cmii.app: helm-emqxs cmii.emqx.architecture: cluster ports: - name: mqtt port: 1883 protocol: TCP targetPort: 1883 - name: mqttssl port: 8883 protocol: TCP targetPort: 8883 - name: mgmt port: 8081 protocol: TCP targetPort: 8081 - name: websocket port: 8083 protocol: TCP targetPort: 8083 - name: wss port: 8084 protocol: TCP targetPort: 8084 - name: dashboard port: 18083 protocol: TCP targetPort: 18083 - name: ekka port: 4370 protocol: TCP targetPort: 4370