add mandelmap application

00-provisioning/README.md

@@ -49,12 +49,18 @@ After you've checked the ignition files into version control, provision the serv
 
 ```bash
 
+# Terraform?  We roll our own.
+
 # Stop git bash being stupid
 export MSYS_NO_PATHCONV=1
 
 # Be sure to run from 00-provisioning directory
 cd 00-provisioning
 
+# Set your own
+VBOXMANAGE="C:/Program Files/Oracle/VirtualBox/vboxmanage"
+COREOSAPPLIANCEIMAGE="D:/VirtualBox/OVA/fedora-coreos-39.20231119.3.0-virtualbox.x86_64.ova"
+
 # Function to create VirtualBox VM, accepts name of VM as argument
 create_vm() {
     if [ -z "$1" ] || [ -z "$2" ]; then
@@ -64,14 +70,12 @@ create_vm() {
         return
     fi
 
-    VBOX="C:/Program Files/Oracle/VirtualBox/vboxmanage.exe"
-    COREOSAPPLIANCEIMAGE="D:/VirtualBox/OVA/fedora-coreos-39.20231119.3.0-virtualbox.x86_64.ova"
-    "$VBOX" import --vsys 0 --vmname "$1" $COREOSAPPLIANCEIMAGE
-    "$VBOX" modifyvm $1 --nic1 bridged
-    "$VBOX" modifyvm $1 --bridge-adapter1 "Intel(R) Ethernet Controller I225-V"
-    "$VBOX" modifyvm $1 --macaddress1 $2
-    "$VBOX" guestproperty set $1 "/Ignition/Config" "$(cat ignition/$1-boot.json)"
-    "$VBOX" startvm $1 --type headless
+    "$VBOXMANAGE" import --vsys 0 --vmname "$1" $COREOSAPPLIANCEIMAGE
+    "$VBOXMANAGE" modifyvm $1 --nic1 bridged
+    "$VBOXMANAGE" modifyvm $1 --bridge-adapter1 "Intel(R) Ethernet Controller I225-V"
+    "$VBOXMANAGE" modifyvm $1 --macaddress1 $2
+    "$VBOXMANAGE" guestproperty set $1 "/Ignition/Config" "$(cat ignition/$1-boot.json)"
+    "$VBOXMANAGE" startvm $1 --type headless
 }
 
 # Controllers - if doing HA, need at least 3 for Raft concensus

07-nfs-subdir-provisioner/README.md

@@ -0,0 +1,47 @@
+# 07-NFS-Subdir-Provisioner
+
+To support persistent volume claims on NFS external storage, a provisioner can be configured and deployed easily with helm.
+
+```bash
+
+helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
+
+helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner \
+    --set nfs.server=10.69.71.105 \
+    --set nfs.path=/data/nfs
+
+```
+
+
+A PVC can then be created similar to below example:
+
+```yaml
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: myclaim
+spec:
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 1Gi
+  storageClassName: nfs-client
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: mypod
+spec:
+  containers:
+    - name: myfrontend
+      image: nginx
+      volumeMounts:
+      - mountPath: "/var/www/html"
+        name: mypd
+  volumes:
+    - name: mypd
+      persistentVolumeClaim:
+        claimName: myclaim
+```

08-ingress-nginx-controller/README.md

@@ -0,0 +1,54 @@
+# 08-Ingress-Nginx-Controller
+
+```bash
+helm upgrade --install ingress-nginx ingress-nginx   --repo https://kubernetes.github.io/ingress-nginx   --namespace ingress-nginx --create-namespace -f values.yaml
+
+```
+
+Example usage:
+
+```yaml
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: ingress-myservicea
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: myservicea.foo.org
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: myservicea
+          servicePort: 8080
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: ingress-myserviceb
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: myserviceb.foo.org
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: myserviceb
+          servicePort: 8443
+  tls:
+    - hosts:
+      - myserviceb.foo.org
+      secretName: example-tls
+---
+# A secret must also be provided, likely by a cert-manager of some kind
+apiVersion: v1
+kind: Secret
+metadata:
+  name: example-tls
+data:
+  tls.crt: <base64 encoded cert>
+  tls.key: <base64 encoded key>
+type: kubernetes.io/tls
+```

08-ingress-nginx-controller/values.yaml

@@ -0,0 +1,12 @@
+## nginx configuration
+## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/index.md
+
+controller:
+  service:
+    externalIPs: 
+    - "10.69.69.51"
+    nodePorts:
+      # -- Node port allocated for the external HTTP listener. If left empty, the service controller allocates one from the configured node port range.
+      http: "31451"
+      # -- Node port allocated for the external HTTPS listener. If left empty, the service controller allocates one from the configured node port range.
+      https: "31207"

30-applications/mandelmap.yaml

@@ -0,0 +1,60 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: mandelmapper
+  name: mandelmapper
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: mandelmapper
+  strategy: {}
+  template:
+    metadata:
+      labels:
+        app: mandelmapper
+    spec:
+      containers:
+      - image: registry.deadbeef.codes/mandelmapper
+        name: mandelmapper
+        resources:
+          requests:
+            memory: "24Mi"
+            cpu: "50m"
+status: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: mandelmapper
+  name: mandelmapper
+spec:
+  type: NodePort
+  ports:
+  - port: 6161
+    protocol: TCP
+    targetPort: 6161
+  selector:
+    app: mandelmapper
+status:
+  loadBalancer: {}
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-mandelmapper
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: mandelmap.home.stevenpolley.net
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: mandelmapper
+            port:
+              number: 6161