From 42b82b370e36b7f116a9a05487d797dc4da2799f Mon Sep 17 00:00:00 2001
From: rohow <rohow@foxmail.com>
Date: Thu, 18 Jul 2024 19:17:37 +0800
Subject: [PATCH] =?UTF-8?q?feat(loki):=20=E6=96=B0=E5=A2=9Eloki=E6=97=A5?=
 =?UTF-8?q?=E5=BF=97=E6=90=9C=E9=9B=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/monitor/crowdsec/helmchart.yaml | 15 ++----
 apps/monitor/loki/helmchart.yaml     | 58 +++++++++++++++++++++++
 apps/net/nginx/helmchart.yaml        | 11 +----
 apps/net/xray/xray.yaml              | 69 ++++++++++++++++++++++++++++
 4 files changed, 133 insertions(+), 20 deletions(-)
 create mode 100644 apps/monitor/loki/helmchart.yaml
 create mode 100644 apps/net/xray/xray.yaml

diff --git a/apps/monitor/crowdsec/helmchart.yaml b/apps/monitor/crowdsec/helmchart.yaml
index 5ae829d..17f9334 100644
--- a/apps/monitor/crowdsec/helmchart.yaml
+++ b/apps/monitor/crowdsec/helmchart.yaml
@@ -23,15 +23,8 @@ spec:
           password: nyrHzh9WWlDZzvVw7bDFo74gKb9zsls0Sy7OwRTDWiRTNPQQQkW85taUFAoX2AIC
           sslmode: require
     agent:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-              - matchExpressions:
-                  - key: svccontroller.k3s.cattle.io/enablelb
-                    operator: In
-                    values:
-                      - "true"
+      nodeSelector:
+        svccontroller.k3s.cattle.io/enablelb: "true"
       acquisition:
         - namespace: infra-net
           podName: ingress-nginx-controller-*
@@ -46,10 +39,10 @@ spec:
           preferredDuringSchedulingIgnoredDuringExecution:
             - preference:
                 matchExpressions:
-                  - key: kubernetes.io/hostname
+                  - key: topology.kubernetes.io/region
                     operator: In
                     values:
-                      - alihka
+                      - cn-hk
               weight: 1
       resources:
         limits:
diff --git a/apps/monitor/loki/helmchart.yaml b/apps/monitor/loki/helmchart.yaml
new file mode 100644
index 0000000..a4daa89
--- /dev/null
+++ b/apps/monitor/loki/helmchart.yaml
@@ -0,0 +1,58 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChart
+metadata:
+  name: loki
+  namespace: infra-monitor
+spec:
+  repo: https://grafana.github.io/helm-charts
+  chart: loki
+  targetNamespace: infra-monitor
+  version: 6.7.1
+  valuesContent: |-
+    deploymentMode: SingleBinary
+    gateway:
+      enabled: false
+    lokiCanary:
+      nodeSelector:
+        svccontroller.k3s.cattle.io/enablelb: "true"
+      labelname: name
+      extraArgs:
+        # 降低测试日志生成条数
+        - -interval=30s
+    adminApi:
+      nodeSelector:
+        kubernetes.io/hostname: alihka
+    resultsCache:
+      nodeSelector:
+        kubernetes.io/hostname: alihka
+      allocatedMemory: 1024
+    chunksCache:
+      nodeSelector:
+        kubernetes.io/hostname: alihka
+      allocatedMemory: 1024
+    loki:
+      auth_enabled: false
+      commonConfig:
+        replication_factor: 1
+      limits_config:
+        
+      storage:
+        type: 'filesystem'
+      schemaConfig:
+        configs:
+        - from: "2024-01-01"
+          store: tsdb
+          index:
+            prefix: loki_index_
+            period: 24h
+          object_store: filesystem
+          schema: v13
+    singleBinary:
+      replicas: 1
+    read:
+      replicas: 0
+    backend:
+      replicas: 0
+    write:
+      replicas: 0
+
diff --git a/apps/net/nginx/helmchart.yaml b/apps/net/nginx/helmchart.yaml
index 9c8159e..1498aa1 100644
--- a/apps/net/nginx/helmchart.yaml
+++ b/apps/net/nginx/helmchart.yaml
@@ -11,15 +11,8 @@ spec:
   valuesContent: |-
     fullnameOverride: ingress-nginx
     controller:
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-              - matchExpressions:
-                  - key: svccontroller.k3s.cattle.io/enablelb
-                    operator: In
-                    values:
-                      - "true"
+      nodeSelector:
+        svccontroller.k3s.cattle.io/enablelb: "true"
       tolerations:
         - key: "node-role.kubernetes.io/master"
           operator: "Exists"
diff --git a/apps/net/xray/xray.yaml b/apps/net/xray/xray.yaml
new file mode 100644
index 0000000..cb3e0af
--- /dev/null
+++ b/apps/net/xray/xray.yaml
@@ -0,0 +1,69 @@
+kind: Deployment
+apiVersion: apps/v1
+metadata:
+  name: xray
+  namespace: infra-net
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: xray
+  template:
+    metadata:
+      labels:
+        app: xray
+    spec:
+      volumes:
+        - name: config
+          secret:
+            secretName: config-secret
+      containers:
+        - name: xray
+          image: ghcr.io/xtls/xray-core:latest
+          ports:
+            - name: port
+              containerPort: 443
+              protocol: TCP
+          resources: {}
+          volumeMounts:
+            - name: config
+              readOnly: true
+              mountPath: /etc/xray/config.json
+              subPath: config.json
+
+----------------------------
+kind: Service
+apiVersion: v1
+metadata:
+  name: xray
+  namespace: vpn
+spec:
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 443
+  selector:
+    app: xray
+
+----------------------------
+kind: Ingress
+apiVersion: networking.k8s.io/v1
+metadata:
+  name: xray
+  namespace: infra-net
+  annotations:
+    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
+    nginx.ingress.kubernetes.io/ssl-passthrough: 'true'
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: *.node.dev.cm
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: xray
+                port:
+                  number: 443
\ No newline at end of file