diff --git a/docs/DocK8.md b/docs/DocK8.md index 1daaee4..298dbf9 100644 --- a/docs/DocK8.md +++ b/docs/DocK8.md @@ -1,4 +1,4 @@ -# Fonctionnement de docker +# Fonctionnement de docker et K8' exemple : - ../config/prometheus.yml:/etc/prometheus/prometheus.yml:ro VS - '/etc/prometheus/alert_rules.yml' @@ -15,40 +15,6 @@ C’est Docker qui gère ce pont entre ton système (Windows) et le conteneur (L ✅ Le nom prometheus dans le chemin cible n’a pas besoin d’exister : c’est juste un répertoire Linux standard pour les configs. -# fonctionnement de kubern8s - -Les espaces de noms argocd et devops-demo ont été supprimés après le reset du cluster. - -✅ Cet ordre suit les bonnes pratiques : Namespace → ConfigMap/Secret → Service → Deployment. - -les commandes à exécuter dans l'ordre après un reset de cluster pour éviter les erreurs : - -1 - Créer les espaces de noms : -- kubectl create namespace devops-demo -- kubectl create namespace argocd - -2 - Créer les ConfigMap et Secrets : - -- kubectl create configmap app-config -n devops-demo --from-literal=APP_NAME=devops-app -- kubectl create secret tls nginx-tls -n devops-demo --cert="C:\DevOpsProject\config\certs\localhost.crt" --key="C:\DevOpsProject\config\certs\localhost.key" - -3 - Appliquer les Services (dépendances des Deployments) : - -- kubectl apply -f C:\DevOpsProject\kubernetes\manifests\service.yaml -n devops-demo (sauf si les services sont inclus dans le fichier deployment) - -4 - Appliquer les Deployments : - -- kubectl apply -f C:\DevOpsProject\kubernetes\manifests\deployment.yaml -n devops-demo - -5 - Installer ArgoCD : - -- kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml - -6 - Tester (par défaut OBLIGATOIRE après chaque redemarage) : - -- kubectl port-forward svc/argocd-server -n argocd 8080:443 (et laisser cette fenetre active OBLIGATOIRE sinon ça marche pas) - -- kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | base64 --decode (dans un nouveau terminal et wsl) # erreur courantes sur windows : diff --git a/docs/ProcédureGit.md b/docs/ProcédureGit.md index a5029e1..064f71a 100644 --- a/docs/ProcédureGit.md +++ b/docs/ProcédureGit.md @@ -9,13 +9,18 @@ cd C:\DevOpsProject\scripts\ .\start_other_ctnrs.ps1 + - Redémarrer le namespace K8 + kubectl apply -f C:\DevOpsProject\kubernetes\manifests\namespace.yaml + + - Redémarrer les autres espaces de noms + kubectl apply -f C:\DevOpsProject\kubernetes\manifests\ + + + # Pour afficher tous les conteneurs Docker, ainsi que les nœuds et pods Kubernetes : - Conteneurs Docker docker ps -a - - - Nœuds Kubernetes - kubectl get nodes - + - Pods Kubernetes kubectl get pods --all-namespaces diff --git a/gitea/gitea-data/gitea/indexers/issues.bleve/store/root.bolt b/gitea/gitea-data/gitea/indexers/issues.bleve/store/root.bolt index b8d0b4a..619d77e 100644 Binary files a/gitea/gitea-data/gitea/indexers/issues.bleve/store/root.bolt and b/gitea/gitea-data/gitea/indexers/issues.bleve/store/root.bolt differ diff --git a/gitea/gitea-data/gitea/queues/common/000077.log b/gitea/gitea-data/gitea/queues/common/000081.log similarity index 100% rename from gitea/gitea-data/gitea/queues/common/000077.log rename to gitea/gitea-data/gitea/queues/common/000081.log diff --git a/gitea/gitea-data/gitea/queues/common/CURRENT b/gitea/gitea-data/gitea/queues/common/CURRENT index 741d918..d4b9a0f 100644 --- a/gitea/gitea-data/gitea/queues/common/CURRENT +++ b/gitea/gitea-data/gitea/queues/common/CURRENT @@ -1 +1 @@ -MANIFEST-000078 +MANIFEST-000082 diff --git a/gitea/gitea-data/gitea/queues/common/CURRENT.bak b/gitea/gitea-data/gitea/queues/common/CURRENT.bak index f24fe8e..e73ded3 100644 --- a/gitea/gitea-data/gitea/queues/common/CURRENT.bak +++ b/gitea/gitea-data/gitea/queues/common/CURRENT.bak @@ -1 +1 @@ -MANIFEST-000076 +MANIFEST-000080 diff --git a/gitea/gitea-data/gitea/queues/common/LOG b/gitea/gitea-data/gitea/queues/common/LOG index de896b6..b6f2223 100644 --- a/gitea/gitea-data/gitea/queues/common/LOG +++ b/gitea/gitea-data/gitea/queues/common/LOG @@ -334,3 +334,21 @@ 09:36:15.880495 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00] 09:36:15.938267 db@janitor F·3 G·0 09:36:15.938461 db@open done T·71.478044ms +=============== Feb 2, 2026 (UTC) =============== +10:21:38.602985 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +10:21:38.614655 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00] +10:21:38.615122 db@open opening +10:21:38.619673 journal@recovery F·1 +10:21:38.619916 journal@recovery recovering @75 +10:21:38.623108 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00] +10:21:38.679337 db@janitor F·3 G·0 +10:21:38.679957 db@open done T·64.626868ms +=============== Feb 2, 2026 (UTC) =============== +11:06:42.511840 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +11:06:42.524304 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00] +11:06:42.524891 db@open opening +11:06:42.529643 journal@recovery F·1 +11:06:42.541882 journal@recovery recovering @77 +11:06:42.558143 version@stat F·[0 1] S·577B[0B 577B] Sc·[0.00 0.00] +11:06:42.599126 db@janitor F·3 G·0 +11:06:42.599291 db@open done T·74.244422ms diff --git a/gitea/gitea-data/gitea/queues/common/MANIFEST-000078 b/gitea/gitea-data/gitea/queues/common/MANIFEST-000082 similarity index 100% rename from gitea/gitea-data/gitea/queues/common/MANIFEST-000078 rename to gitea/gitea-data/gitea/queues/common/MANIFEST-000082 diff --git a/kubernetes/manifests/deployment.yaml b/kubernetes/manifests/deployment.yaml index 0f2015f..8a46bb1 100644 --- a/kubernetes/manifests/deployment.yaml +++ b/kubernetes/manifests/deployment.yaml @@ -69,60 +69,3 @@ spec: protocol: TCP name: http type: NodePort ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nginx-proxy - namespace: devops-demo - labels: - app: nginx-proxy -spec: - replicas: 1 - selector: - matchLabels: - app: nginx-proxy - template: - metadata: - labels: - app: nginx-proxy - spec: - containers: - - name: nginx - image: nginx:latest - ports: - - containerPort: 80 - - containerPort: 443 - volumeMounts: - - name: nginx-config - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - - name: certs - mountPath: /etc/nginx/certs - volumes: - - name: nginx-config - configMap: - name: nginx-config - - name: certs - secret: - secretName: nginx-tls - ---- -apiVersion: v1 -kind: Service -metadata: - name: nginx-service - namespace: devops-demo -spec: - selector: - app: nginx-proxy - ports: - - port: 80 - targetPort: 80 - protocol: TCP - name: http - - port: 443 - targetPort: 443 - protocol: TCP - name: https - type: NodePort \ No newline at end of file diff --git a/kubernetes/manifests/nginx-proxy.yaml b/kubernetes/manifests/nginx-proxy.yaml index 6e134e4..556b7fe 100644 --- a/kubernetes/manifests/nginx-proxy.yaml +++ b/kubernetes/manifests/nginx-proxy.yaml @@ -23,17 +23,17 @@ spec: - containerPort: 443 volumeMounts: - name: config - mountPath: /mnt/c/DevOpsProject/config/nginx.conf + mountPath: /etc/nginx/nginx.conf subPath: nginx.conf - name: certs - mountPath: /mnt/c/DevOpsProject/config/certs + mountPath: /etc/nginx/certs volumes: - - name: config - configMap: - name: nginx-config - - name: certs - secret: - secretName: nginx-tls + - name: config + configMap: + name: nginx-config + - name: certs + secret: + secretName: nginx-tls --- apiVersion: v1 kind: Service @@ -51,5 +51,5 @@ spec: - name: https protocol: TCP port: 443 - targetPort: 443 + targetPort: 443 type: NodePort \ No newline at end of file diff --git a/scripts/GenerKubConf.ps1 b/scripts/GenerKubConf.ps1 index e427980..7d64e82 100644 --- a/scripts/GenerKubConf.ps1 +++ b/scripts/GenerKubConf.ps1 @@ -1,11 +1,17 @@ -# Activer le proxy +# Installer le dashboard Kubernetes s'il n'existe pas +kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml 2>$null + +# Démarrer le proxy Kubernetes Start-Process kubectl -ArgumentList "proxy" -WindowStyle Hidden -# Créer le ServiceAccount -kubectl create serviceaccount dashboard-admin -n kubernetes-dashboard --force +# Attendre que le proxy soit prêt +Start-Sleep -Seconds 5 -# Lui donner les droits admin -kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin --force +# Créer le ServiceAccount (pas de --force, gestion propre) +if ($(kubectl get serviceaccount dashboard-admin -n kubernetes-dashboard -o name) -eq $null) { + kubectl create serviceaccount dashboard-admin -n kubernetes-dashboard + kubectl create clusterrolebinding dashboard-admin --clusterrole=cluster-admin --serviceaccount=kubernetes-dashboard:dashboard-admin +} # Générer le jeton $Token = kubectl create token dashboard-admin -n kubernetes-dashboard @@ -15,7 +21,7 @@ $ClusterName = kubectl config current-context $Server = kubectl config view -o jsonpath="{.clusters[?(@.name==`"$ClusterName`")].cluster.server}" $CACert = kubectl config view -o jsonpath="{.clusters[?(@.name==`"$ClusterName`")].cluster.certificate-authority-data}" -# Générer le kubeconfig avec token uniquement (pas de certificats) +# Générer le kubeconfig $Kubeconfig = @" apiVersion: v1 kind: Config @@ -40,5 +46,10 @@ users: $Kubeconfig | Out-File -FilePath "C:\DevOpsProject\scripts\dashboard.kubeconfig" -Encoding UTF8 Write-Host "✅ kubeconfig généré : C:\DevOpsProject\scripts\dashboard.kubeconfig" -Write-Host "Accédez au dashboard : http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/" -Write-Host "→ Choisissez 'Kubeconfig' et sélectionnez le fichier." \ No newline at end of file + +# Ouvrir le navigateur +$Url = "http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/" +Start-Process $Url + +Write-Host "🌐 Dashboard ouvert dans le navigateur." +Write-Host "→ Choisissez 'Kubeconfig' et sélectionnez le fichier généré." \ No newline at end of file diff --git a/scripts/dashboard.kubeconfig b/scripts/dashboard.kubeconfig index e9d1447..b9af9b4 100644 --- a/scripts/dashboard.kubeconfig +++ b/scripts/dashboard.kubeconfig @@ -3,7 +3,7 @@ kind: Config clusters: - name: docker-desktop cluster: - server: https://kubernetes.docker.internal:6443 + server: https://127.0.0.1:53514 certificate-authority-data: DATA+OMITTED contexts: - name: docker-desktop @@ -14,4 +14,4 @@ current-context: docker-desktop users: - name: dashboard-admin user: - token: eyJhbGciOiJSUzI1NiIsImtpZCI6Ikt1VTA5b0ZjYXNUS050T1ZkVFRhTVlIRXBzLU9MMEdnaWZqdDZjSTRLRDAifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzY5MTAxMDkxLCJpYXQiOjE3NjkwOTc0OTEsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwianRpIjoiZmY1MTZiZmQtNTE2Mi00ZjFlLWFjNzEtMTg5ODQ5Yzg1Y2E0Iiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJkYXNoYm9hcmQtYWRtaW4iLCJ1aWQiOiI5NDM4MGYwNy05ZTQ0LTQxOTAtOTc5Zi00M2Q0NTQyMDk2ZTEifX0sIm5iZiI6MTc2OTA5NzQ5MSwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.C1d-ptxZRymbqpyuy2AWRMilcnWDc63XAN7eYcTQkeuJGb6CNqF0uefYpzBNumdBmyjlkGlRfeCezLjJ4G1_jP_H5c3VWx8temZWDJYOAXRVNogD7ebdLJ21lvRWFXcT_m4Sttp__ysjYX6gi0EuKOC7srWIthfaHC-1n9yXlyCDUtwSPrxoIkvmh___hrIIzLHlq1wsQpIZ_FqE9P9MYV_zhRc1X5YL9wIVDAmwJ1nYzF0KEgmR5cVNHTHr-ri7oLcxjvRgQkwtbdAXRRfUP99MnEzq27sskcZ430UZQfXO2VH9gaUkMqu035yqCEmUueDNc5eYPzsBTtD9tOM5mw + token: eyJhbGciOiJSUzI1NiIsImtpZCI6IjZNb3dVQlFNem1oMHlycEpOZlQ3azNoNngwemlFUnNnSlJuT2V1ZVB4Z00ifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzcwMDQxMTQxLCJpYXQiOjE3NzAwMzc1NDEsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwianRpIjoiNDMzMGMwODctZjA2ZC00ZWQyLWFhNzgtOTIzMGYzYmM1Y2EyIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJkYXNoYm9hcmQtYWRtaW4iLCJ1aWQiOiJmYmMyOTIxOS00NjI4LTQ1M2EtOGY5Ny02Y2UxZWMwZTZlZjEifX0sIm5iZiI6MTc3MDAzNzU0MSwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmVybmV0ZXMtZGFzaGJvYXJkOmRhc2hib2FyZC1hZG1pbiJ9.gz0Roz8B4zz1HJ2YuDhhPGa6LD6Co9jm38tCXyIqwQl2imFbvSJwn8yf3YYXINfp_k09gJBVH4cUSif8DhgR-9k587N6OOWYrt5XjIlggssd9QC8v3NZv6yLaIoUV2PMFDgyDX33pGGHr_6VCSC7yoRxbyahTLnLVjA9XurvR66EA9IDje6xSpJ3iB5YqFqGYsy6Q4gcVhYQtXr6Q_UZoiiBeYQH-C66-N5RheGIxJuIQMpfIm_5644ZH8ddz3g3uLkmwCI15TSNGRL0NOSUploCytxXuiqqZSrJDeq4yyTMDhYUtK4_sUOpZFT26gzWuEPSQCq77zUXJdA9-7dbxA diff --git a/scripts/start-argocd.ps1 b/scripts/start-argocd.ps1 new file mode 100644 index 0000000..f911aeb --- /dev/null +++ b/scripts/start-argocd.ps1 @@ -0,0 +1,49 @@ +# === 1. Appliquer le namespace principal d'abord === +Write-Host "🚀 Création du namespace devops-demo..." +kubectl apply -f C:\DevOpsProject\kubernetes\manifests\namespace.yaml + +# Attendre que le namespace soit actif +Write-Host "⏳ Attente que le namespace devops-demo soit prêt..." +kubectl wait --for=condition=Active namespace/devops-demo --timeout=60s + +# === 2. Appliquer les ConfigMap et Secret (préalables à nginx) === +Write-Host "📦 Création du ConfigMap et Secret pour Nginx..." +kubectl apply -f C:\DevOpsProject\kubernetes\manifests\configmap.yaml +kubectl create secret generic nginx-tls --from-file=C:\DevOpsProject\config\certs -n devops-demo --dry-run=client -o yaml | kubectl apply -f - + +# === 3. Appliquer tous les autres manifests (y compris nginx-proxy.yaml) === +Write-Host "🔄 Application des déploiements (app, db, nginx-proxy)..." +kubectl apply -f C:\DevOpsProject\kubernetes\manifests + +# === 4. Attendre que nginx-proxy soit prêt (dépendance critique) === +Write-Host "⏳ Attente que nginx-proxy soit en état Ready..." +kubectl wait --for=condition=ready pod -l app=nginx-proxy -n devops-demo --timeout=120s + +# === 5. Installer ArgoCD si ce n'est pas déjà fait === +if ($(kubectl get namespace argocd -o name) -eq $null) { + Write-Host "🎯 Installation d'ArgoCD..." + kubectl create namespace argocd + kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml +} + +# Attendre que ArgoCD soit disponible +Write-Host "⏳ Attente du déploiement d'ArgoCD..." +kubectl wait --for=condition=available --timeout=180s -n argocd deployment/argocd-server + +# === 6. Récupérer le mot de passe admin === +$Password = kubectl get secret argocd-initial-admin-secret -n argocd -o jsonpath="{.data.password}" | ForEach-Object { [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($_)) } + +# === 7. Lancer le port-forward pour ArgoCD === +Start-Process kubectl -ArgumentList "port-forward svc/argocd-server -n argocd 8080:443" -WindowStyle Hidden + +# === 8. Ouvrir l'interface ArgoCD dans le navigateur === +Start-Sleep -Seconds 5 +$Url = "https://localhost:8080" +Start-Process $Url + +# === Résumé final === +Write-Host "✅ Restauration terminée !" +Write-Host "🌐 Accès ArgoCD : $Url" +Write-Host "👤 Utilisateur : admin" +Write-Host "🔑 Mot de passe : $Password" +Write-Host "💡 Acceptez le certificat auto-signé dans le navigateur." \ No newline at end of file