examples: adding simple kubernetes example

2020-02-11 10:45:22 -08:00 · 2020-02-11 10:45:22 -08:00 · 5423a8ae51
parent 6eebabdc24
commit 5423a8ae51
4 changed files with 218 additions and 0 deletions
--- a/examples/kubernetes/README.md
+++ b/examples/kubernetes/README.md
@ -0,0 +1,26 @@
+# Install guide for kubernetes
+
+This guide will deploy jitsi in the most simple way: as several containers in a single pod. This is enough to start in case your hardware is enough. If you need to scale components to severa instance, you'll have to modify it to use several services and pods.
+
+Create a namespace to deploy jitsi to:
+
+`kubectl create namespace jitsi`
+
+Add the secret with secret values (replace `...` with some random strings):
+
+`kubectl create secret generic jitsi-config --from-literal=JICOFO_COMPONENT_SECRET=... --from-literal=JICOFO_AUTH_PASSWORD=... --from-literal=JVB_AUTH_PASSWORD=... `
+
+Deploy the service to listen for JVB UDP traffic on all cluster nodes port 30300:
+
+`kubectl create -f jvb-service.yaml`
+
+Now we can deploy the rest of the application:
+
+`kubectl create -f deployment.yaml`
+
+To expose the webapp, we can use Ingress (replace the `host` value with your actual hostname):
+
+`kubectl create -f web-service.yaml`
+
+You can either use "https" or "http" service port, depending on whether your ingress allows self-signed certs.
+
--- a/examples/kubernetes/deployment.yaml
+++ b/examples/kubernetes/deployment.yaml
@ -0,0 +1,143 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    k8s-app: jitsi
+  name: jitsi
+  namespace: jitsi
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      k8s-app: jitsi
+  template:
+    metadata:
+      labels:
+        k8s-app: jitsi
+    spec:
+      containers:
+        - name: jicofo
+          image: jitsi/jicofo
+          imagePullPolicy: Always
+          env:
+            - name: XMPP_SERVER
+              value: localhost
+            - name: XMPP_DOMAIN
+              value: meet.jitsi
+            - name: XMPP_AUTH_DOMAIN
+              value: auth.meet.jitsi
+            - name: XMPP_INTERNAL_MUC_DOMAIN
+              value: internal-muc.meet.jitsi
+            - name: JICOFO_COMPONENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JICOFO_COMPONENT_SECRET
+            - name: JICOFO_AUTH_USER
+              value: focus
+            - name: JICOFO_AUTH_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JICOFO_AUTH_PASSWORD
+            - name: TZ
+              value: America/Los_Angeles
+            - name: JVB_BREWERY_MUC
+              value: jvbbrewery
+        - name: prosody
+          image: jitsi/prosody
+          imagePullPolicy: Always
+          env:
+            - name: XMPP_DOMAIN
+              value: meet.jitsi
+            - name: XMPP_AUTH_DOMAIN
+              value: auth.meet.jitsi
+            - name: XMPP_MUC_DOMAIN
+              value: muc.meet.jitsi
+            - name: XMPP_INTERNAL_MUC_DOMAIN
+              value: internal-muc.meet.jitsi
+            - name: JICOFO_COMPONENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JICOFO_COMPONENT_SECRET
+            - name: JVB_AUTH_USER
+              value: jvb
+            - name: JVB_AUTH_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JVB_AUTH_PASSWORD
+            - name: JICOFO_AUTH_USER
+              value: focus
+            - name: JICOFO_AUTH_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JICOFO_AUTH_PASSWORD
+            - name: TZ
+              value: America/Los_Angeles
+            - name: JVB_TCP_HARVESTER_DISABLED
+              value: "true"
+        - name: web
+          image: jitsi/web
+          imagePullPolicy: Always
+          env:
+            - name: XMPP_SERVER
+              value: localhost
+            - name: JICOFO_AUTH_USER
+              value: focus
+            - name: XMPP_DOMAIN
+              value: meet.jitsi
+            - name: XMPP_AUTH_DOMAIN
+              value: auth.meet.jitsi
+            - name: XMPP_INTERNAL_MUC_DOMAIN
+              value: internal-muc.meet.jitsi
+            - name: XMPP_BOSH_URL_BASE
+              value: http://127.0.0.1:5280
+            - name: XMPP_MUC_DOMAIN
+              value: muc.meet.jitsi
+            - name: TZ
+              value: America/Los_Angeles
+            - name: JVB_TCP_HARVESTER_DISABLED
+              value: "true"
+        - name: jvb
+          image: jitsi/jvb
+          imagePullPolicy: Always
+          env:
+            - name: XMPP_SERVER
+              value: localhost
+            - name: DOCKER_HOST_ADDRESS
+              value: <Set the address for any node in the cluster here>
+            - name: XMPP_DOMAIN
+              value: meet.jitsi
+            - name: XMPP_AUTH_DOMAIN
+              value: auth.meet.jitsi
+            - name: XMPP_INTERNAL_MUC_DOMAIN
+              value: internal-muc.meet.jitsi
+            - name: JVB_STUN_SERVERS
+              value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
+            - name: JICOFO_AUTH_USER
+              value: focus
+            - name: JVB_TCP_HARVESTER_DISABLED
+              value: "true"
+            - name: JVB_AUTH_USER
+              value: jvb
+            - name: JVB_PORT
+              value: "30300"
+            - name: JVB_AUTH_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JVB_AUTH_PASSWORD
+            - name: JICOFO_AUTH_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: jitsi-config
+                  key: JICOFO_AUTH_PASSWORD
+            - name: JVB_BREWERY_MUC
+              value: jvbbrewery
+            - name: TZ
+              value: America/Los_Angeles
--- a/examples/kubernetes/jvb-service.yaml
+++ b/examples/kubernetes/jvb-service.yaml
@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    service: jvb
+  name: jvb-udp
+  namespace: jitsi
+spec:
+  type: NodePort
+  externalTrafficPolicy: Cluster
+  ports:
+  - port: 30300
+    protocol: UDP
+    targetPort: 30300
+    nodePort: 30300
+  selector:
+    k8s-app: jitsi
--- a/examples/kubernetes/web-service.yaml
+++ b/examples/kubernetes/web-service.yaml
@ -0,0 +1,32 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    service: web
+  name: web
+  namespace: jitsi
+spec:
+  ports:
+  - name: "http"
+    port: 80
+    targetPort: 80
+  - name: "https"
+    port: 443
+    targetPort: 443
+  selector:
+    k8s-app: jitsi
+---
+ apiVersion: networking.k8s.io/v1beta1
+ kind: Ingress
+ metadata:
+   name: jitsi
+   namespace: jitsi
+ spec:
+  rules:
+  - host: ...
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: web
+          servicePort: https