222 lines
8.7 KiB
Markdown
222 lines
8.7 KiB
Markdown
# Smart City Martinique - Déploiement Kubernetes
|
|
|
|
## Architecture
|
|
|
|
```
|
|
┌─────────────────────────────────────────────────────────┐
|
|
│ TRAEFIK (Ingress) │
|
|
│ ports 80/443 │
|
|
└─────────────────────────────────────────────────────────┘
|
|
│
|
|
┌─────────────────────────────────┼─────────────────────────────────┐
|
|
│ │ │
|
|
┌────▼────┐ ┌──────────┐ ┌──────────▼──────────┐ ┌─────────────────┐
|
|
│ Airflow │ │ Kafka │ │ Data & Storage │ │ Monitoring │
|
|
│ │ │ Cluster │ │ │ │ │
|
|
│ web │ │ 3 brokers│ │ PostgreSQL HA │ │ Prometheus │
|
|
│ sched │ │ connect │ │ Redis Cluster │ │ Grafana │
|
|
│ worker │ │ ui │ │ MinIO │ │ Loki │
|
|
└─────────┘ └──────────┘ │ ClickHouse │ │ Promtail │
|
|
│ StarRocks │ └─────────────────┘
|
|
┌──────────┐ ┌──────────┐ │ Trino │
|
|
│ Flink │ │ IoT │ │ Delta Lake │ ┌─────────────────┐
|
|
│ │ │ │ │ DuckDB │ │ BI & Analytics │
|
|
│ jobmgr │ │ EMQX │ └─────────────────────┘ │ │
|
|
│ taskmgr │ │ Mosquitto│ │ Superset │
|
|
└──────────┘ │ Node-RED │ ┌─────────────────────┐ │ Metabase │
|
|
│ phpIPAM │ │ Git & Notebooks │ │ MindsDB │
|
|
┌──────────┐ │ ChirpStk │ │ │ └─────────────────┘
|
|
│ GIS │ └──────────┘ │ Gitea │
|
|
│ │ │ JupyterHub │ ┌─────────────────┐
|
|
│ MapStore │ ┌──────────┐ │ Zeppelin │ │ Web Apps │
|
|
│ GeoServer│ │ ODK │ └─────────────────────┘ │ │
|
|
│ FROST │ │ │ │ Smart App │
|
|
│ Stellio │ │ nginx │ ┌─────────────────────┐ │ Streamlit │
|
|
│ FIWARE │ │ service │ │ Data Collection │ │ Kepler │
|
|
└──────────┘ │ postgres │ │ │ └─────────────────┘
|
|
└──────────┘ │ Telegraf │
|
|
│ InfluxDB │
|
|
│ Simulator │
|
|
└─────────────────────┘
|
|
```
|
|
|
|
## Prérequis
|
|
|
|
### Cluster Kubernetes
|
|
- 3 nœuds minimum (1 master + 2 workers)
|
|
- Kubernetes 1.28+
|
|
- containerd
|
|
- Cilium (CNI)
|
|
|
|
### Serveur NFS
|
|
- 1 serveur NFS pour le stockage persistant
|
|
- Minimum 500Go d'espace disque
|
|
|
|
### Outils
|
|
- kubectl
|
|
- helm
|
|
- ansible 2.15+
|
|
- ansible-galaxy collection install kubernetes.core
|
|
|
|
## Installation
|
|
|
|
### 1. Cloner le repository
|
|
|
|
```bash
|
|
git clone https://gitea.digitribe.fr/eric/smart-city-digital-twin-martinique.git
|
|
cd smart-city-digital-twin-martinique/helms
|
|
```
|
|
|
|
### 2. Configurer l'inventory
|
|
|
|
Éditer `inventory/hosts.yml` avec les IPs de vos nœuds :
|
|
|
|
```yaml
|
|
k8s_masters:
|
|
hosts:
|
|
k8s-master-1:
|
|
ansible_host: "192.168.1.100"
|
|
k8s_workers:
|
|
hosts:
|
|
k8s-worker-1:
|
|
ansible_host: "192.168.1.101"
|
|
k8s-worker-2:
|
|
ansible_host: "192.168.1.102"
|
|
nfs_server:
|
|
hosts:
|
|
nfs-1:
|
|
ansible_host: "192.168.1.200"
|
|
```
|
|
|
|
### 3. Configurer les variables
|
|
|
|
Éditer `group_vars/all.yml` selon vos besoins (ressources, domaines, etc.)
|
|
|
|
### 4. Chiffrer les secrets
|
|
|
|
```bash
|
|
ansible-vault encrypt group_vars/vault.yml
|
|
```
|
|
|
|
### 5. Déployer
|
|
|
|
```bash
|
|
# Déployer toute la stack
|
|
ansible-playbook deploy.yml --ask-vault-pass
|
|
|
|
# Déployer un service spécifique
|
|
ansible-playbook deploy.yml --tags clickhouse --ask-vault-pass
|
|
ansible-playbook deploy.yml --tags trino --ask-vault-pass
|
|
ansible-playbook deploy.yml --tags streamlit --ask-vault-pass
|
|
ansible-playbook deploy.yml --tags kafka --ask-vault-pass
|
|
ansible-playbook deploy.yml --tags monitoring --ask-vault-pass
|
|
```
|
|
|
|
### 6. Vérifier
|
|
|
|
```bash
|
|
kubectl get pods --all-namespaces
|
|
kubectl get ingress --all-namespaces
|
|
```
|
|
|
|
## Services déployés
|
|
|
|
| Service | Domaine | Namespace | Helm Chart |
|
|
|---------|---------|-----------|------------|
|
|
| Airflow | airflow.digitribe.fr | airflow | apache/airflow |
|
|
| Kafka | kafka.digitribe.fr | kafka | strimzi/kafka-operator |
|
|
| Flink | flink.digitribe.fr | flink | apache/flink-kubernetes-operator |
|
|
| ClickHouse | clickhouse.digitribe.fr | clickhouse | bitnami/clickhouse |
|
|
| StarRocks | starrocks.digitribe.fr | starrocks | starrocks/starrocks-community |
|
|
| Trino | trino.digitribe.fr | trino | trinodb/trino |
|
|
| Delta Lake | deltalake.digitribe.fr | deltalake | delta-io/delta-lake |
|
|
| Streamlit | streamlit.digitribe.fr | streamlit | streamlit/streamlit |
|
|
| DuckDB | duckdb.digitribe.fr | duckdb | duckdb/duckdb |
|
|
| EMQX | emqx.digitribe.fr | iot | emqx/emqx-operator |
|
|
| Mosquitto | mqtt.digitribe.fr | iot | k8s-at-home/mosquitto |
|
|
| Node-RED | nodered.digitribe.fr | iot | k8s-at-home/node-red |
|
|
| phpIPAM | phpipam.digitribe.fr | phpipam | phpipam/phpipam |
|
|
| ChirpStack | chirpstack.digitribe.fr | iot | chirpstack/chirpstack |
|
|
| Gitea | gitea.digitribe.fr | gitea | gitea/gitea |
|
|
| JupyterHub | jupyter.digitribe.fr | jupyterhub | jupyterhub/jupyterhub |
|
|
| Zeppelin | zeppelin.digitribe.fr | default | apache/zeppelin |
|
|
| Superset | superset.digitribe.fr | superset | apache/superset |
|
|
| Metabase | metabase.digitribe.fr | metabase | bitnami/metabase |
|
|
| MindsDB | mindsdb.digitribe.fr | mindsdb | bitnami/mindsdb |
|
|
| ODK Central | odk.digitribe.fr | odk | odk/odk-central |
|
|
| MapStore | mapstore.digitribe.fr | mapstore | geosolutionsit/mapstore |
|
|
| GeoServer | geoserver.digitribe.fr | geoserver | kartoza/geoserver |
|
|
| FROST | frost.digitribe.fr | iot | fraunhoferiosb/frost-server |
|
|
| Smart App | smartapp.digitribe.fr | smartapp | custom |
|
|
| Grafana | grafana.digitribe.fr | monitoring | grafana/grafana |
|
|
| MinIO | minio.digitribe.fr | default | bitnami/minio |
|
|
|
|
## Commandes utiles
|
|
|
|
```bash
|
|
# Lister tous les pods
|
|
kubectl get pods --all-namespaces
|
|
|
|
# Voir les logs d'un pod
|
|
kubectl logs -f <pod-name> -n <namespace>
|
|
|
|
# Voir les événements
|
|
kubectl get events --all-namespaces --sort-by='.lastTimestamp'
|
|
|
|
# Voir les ingress
|
|
kubectl get ingress --all-namespaces
|
|
|
|
# Voir les PVC
|
|
kubectl get pvc --all-namespaces
|
|
|
|
# Redéployer un service
|
|
ansible-playbook deploy.yml --tags <service> --ask-vault-pass
|
|
|
|
# Supprimer un service
|
|
kubectl delete namespace <namespace>
|
|
|
|
# Supprimer toute la stack
|
|
ansible-playbook undeploy.yml
|
|
```
|
|
|
|
## Troubleshooting
|
|
|
|
### Pod en CrashLoopBackOff
|
|
```bash
|
|
kubectl describe pod <pod-name> -n <namespace>
|
|
kubectl logs <pod-name> -n <namespace> --previous
|
|
```
|
|
|
|
### PVC en Pending
|
|
```bash
|
|
kubectl get storageclass
|
|
kubectl get pv
|
|
kubectl describe pvc <pvc-name> -n <namespace>
|
|
```
|
|
|
|
### Ingress non accessible
|
|
```bash
|
|
kubectl get ingress -n <namespace>
|
|
kubectl describe ingress <ingress-name> -n <namespace>
|
|
kubectl logs -f deployment/traefik -n traefik
|
|
```
|
|
|
|
## Maintenance
|
|
|
|
### Backup
|
|
Les sauvegardes sont configurées via Velero :
|
|
```bash
|
|
kubectl get schedules -n velero
|
|
kubectl get backups -n velero
|
|
```
|
|
|
|
### Mise à jour d'un service
|
|
```bash
|
|
ansible-playbook deploy.yml --tags <service> --ask-vault-pass
|
|
```
|
|
|
|
### Scaling
|
|
```bash
|
|
kubectl scale deployment <deployment> --replicas=<n> -n <namespace>
|
|
```
|