1 files changed, 195 insertions, 0 deletions

diff --git a/k8s-resource/tsg-diagnose.yaml b/k8s-resource/tsg-diagnose.yaml
new file mode 100644
index 0000000..42dd29d
--- /dev/null
+++ b/k8s-resource/tsg-diagnose.yaml
@@ -0,0 +1,195 @@
+---
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  namespace: tsg-os-system
+  name: br-dign-client
+spec:
+  config: '{
+            "cniVersion": "0.3.0",
+            "type": "bridge",
+            "bridge": "br_dign_c",
+            "ipam": {
+                "type": "host-local",
+                "ranges": [
+                    [ {
+                         "subnet": "192.0.2.0/24",
+                         "rangeStart": "192.0.2.211",
+                         "rangeEnd": "192.0.2.220",
+                         "gateway": "192.0.2.1"
+                    } ]
+                ]
+            }
+        }'
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  namespace: tsg-os-system
+  name: dign-client
+  labels:
+    app: dign-client
+
+spec:
+  selector:
+    matchLabels:
+      app: dign-client
+  template:
+    metadata:
+      labels:
+        app: dign-client
+      annotations:
+        k8s.v1.cni.cncf.io/networks: br-dign-client
+    spec:
+      containers:
+      - name: dign-client
+        image: "registry.gdnt-cloud.website/tsg/diagnose/client:latest"
+        imagePullPolicy: Never
+        workingDir: /opt/dign_client
+        command: ["/bin/sh", "-c", "update-ca-certificates; tail -f /dev/null"]
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - name: localtime-node
+          mountPath: /etc/localtime
+          readOnly: true
+        - name: ca-cert-file
+          mountPath: /usr/local/share/ca-certificates
+        - name: log-path
+          mountPath: /opt/dign_client/log
+        - name: config-path
+          mountPath: /opt/dign_client/etc/client.conf
+          subPath: "client.conf"
+        - name: share-path
+          mountPath: /opt/dign_client/share
+
+
+      volumes:
+      - name: localtime-node
+        hostPath:
+          path: /etc/localtime
+      - name: ca-cert-file
+        hostPath:
+          path: /opt/tsg/tsg-diagnose/etc/.certs_import/certs/sets/current/gen/crt
+      - name: log-path
+        hostPath:
+          path: /opt/tsg/tsg-diagnose/log
+      - name: config-path
+        hostPath:
+          path: /opt/tsg/tsg-diagnose/etc
+      - name: share-path
+        hostPath:
+          path: /opt/tsg/clixon/share
+---
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  namespace: tsg-os-system
+  name: br-dign-server
+spec:
+  config: '{
+            "cniVersion": "0.3.0",
+            "type": "bridge",
+            "bridge": "br_dign_s",
+            "ipam": {
+                "type": "host-local",
+                "ranges": [
+                    [ {
+                         "subnet": "192.0.2.0/24",
+                         "rangeStart": "192.0.2.201",
+                         "rangeEnd": "192.0.2.210",
+                         "gateway": "192.0.2.1"
+                    } ]
+                ]
+            }
+        }'
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  namespace: tsg-os-system
+  name: dign-server
+  labels:
+    app: dign-server
+
+spec:
+  selector:
+    matchLabels:
+      app: dign-server
+  template:
+    metadata:
+      labels:
+        app: dign-server
+      annotations:
+        k8s.v1.cni.cncf.io/networks: br-dign-server
+
+    spec:
+      containers:
+      - name: dign-server-dns
+        image: "registry.gdnt-cloud.website/tsg/diagnose/server-dns:latest"
+        imagePullPolicy: Never
+        command: ["/bin/sh", "-c", "echo 66.66.66.66  www.1testanswer-cname.com >> /etc/hosts; webproc -c /etc/dnsmasq.conf -- dnsmasq --no-daemon"]
+        securityContext:
+          privileged: true
+        livenessProbe:
+          exec:
+            command:
+            - ifconfig
+            - net1
+          initialDelaySeconds: 5
+          periodSeconds: 5
+        volumeMounts:
+        - name: localtime-node
+          mountPath: /etc/localtime
+          readOnly: true
+        - name: config-path
+          mountPath: /etc/dnsmasq.conf
+          subPath: dnsmasq.conf
+          readOnly: true
+
+      - name: dign-server-web
+        image: "registry.gdnt-cloud.website/tsg/diagnose/server-web:latest"
+        imagePullPolicy: Never
+        command: ["/bin/bash", "-c", "make inside-docker;nginx;tail -f /dev/null"]
+        securityContext:
+          privileged: true
+        livenessProbe:
+          exec:
+            command:
+            - ifconfig
+            - net1
+          initialDelaySeconds: 5
+          periodSeconds: 5
+        volumeMounts:
+        - name: localtime-node
+          mountPath: /etc/localtime
+          readOnly: true
+        - name: certs-path
+          mountPath: /badssl.com/certs
+          readOnly: true
+        - name: common-path
+          mountPath: /badssl.com/common
+          readOnly: true
+
+      initContainers:
+      - name: tsg-dign-init
+        image: "registry.gdnt-cloud.website/tsg/diagnose/server-dns:latest"
+        imagePullPolicy: Never
+        command: ["/bin/sh","-c","i=1;while [ \"$i\" -le 64 ]; do ip_suffix=$(( i + 100 ));ifconfig net1:$i 192.0.2.$ip_suffix;i=$(( i + 1 ));done;"]
+        securityContext:
+          privileged: true
+
+      volumes:
+      - name: localtime-node
+        hostPath:
+          path: /etc/localtime
+      - name: config-path
+        hostPath:
+          path: /opt/tsg/tsg-diagnose/etc/
+      - name: certs-path
+        hostPath:
+          path: /opt/tsg/tsg-diagnose/etc/.certs_import/certs
+      - name: common-path
+        hostPath:
+          path: /opt/tsg/tsg-diagnose/etc/.certs_import/common
+---
\ No newline at end of file