131 lines
2.6 KiB
YAML
131 lines
2.6 KiB
YAML
# NATS — JetStream-enabled message broker, leafnode-capable
|
|
# JetStream enabled with persistent storage via local-path PVC
|
|
# Unpinned — scheduler places freely
|
|
# NodePorts: 32386 (client), 32387 (websocket), 32388 (monitoring), 32389 (leaf)
|
|
#
|
|
# Deploy:
|
|
# kubectl create secret generic nats-leaf-secret \
|
|
# --namespace <ns> \
|
|
# --from-literal=password="$(openssl rand -base64 32)"
|
|
# kubectl apply -f nats.yaml -n <ns>
|
|
#
|
|
# Internal cluster DNS: nats:4222
|
|
# WebSocket: nats:8080
|
|
# Monitoring: nats:8222
|
|
# Leafnode: nats:7422 (user=leaf, password from secret)
|
|
#
|
|
# Leaf client config snippet (workstation / VPS):
|
|
# leafnodes {
|
|
# remotes = [
|
|
# { urls: ["nats-leaf://leaf:PASSWORD@<any-node-wg-ip>:32389"] }
|
|
# ]
|
|
# }
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: nats-config
|
|
data:
|
|
nats.conf: |
|
|
jetstream {
|
|
store_dir: /data
|
|
}
|
|
|
|
http_port: 8222
|
|
|
|
websocket {
|
|
port: 8080
|
|
no_tls: true
|
|
}
|
|
|
|
leafnodes {
|
|
port: 7422
|
|
authorization {
|
|
user: leaf
|
|
password: $LEAF_PASSWORD
|
|
}
|
|
}
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: nats-pvc
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
storageClassName: local-path
|
|
resources:
|
|
requests:
|
|
storage: 10Gi
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: nats
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: nats
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: nats
|
|
spec:
|
|
containers:
|
|
- name: nats
|
|
image: nats:latest
|
|
args: ["-c", "/etc/nats/nats.conf"]
|
|
env:
|
|
- name: LEAF_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: nats-leaf-secret
|
|
key: password
|
|
ports:
|
|
- containerPort: 4222
|
|
- containerPort: 8080
|
|
- containerPort: 8222
|
|
- containerPort: 7422
|
|
volumeMounts:
|
|
- name: nats-config
|
|
mountPath: /etc/nats
|
|
- name: nats-data
|
|
mountPath: /data
|
|
volumes:
|
|
- name: nats-config
|
|
configMap:
|
|
name: nats-config
|
|
- name: nats-data
|
|
persistentVolumeClaim:
|
|
claimName: nats-pvc
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: nats
|
|
spec:
|
|
selector:
|
|
app: nats
|
|
ports:
|
|
- name: client
|
|
port: 4222
|
|
targetPort: 4222
|
|
nodePort: 32386
|
|
- name: websocket
|
|
port: 8080
|
|
targetPort: 8080
|
|
nodePort: 32387
|
|
- name: monitoring
|
|
port: 8222
|
|
targetPort: 8222
|
|
nodePort: 32388
|
|
- name: leaf
|
|
port: 7422
|
|
targetPort: 7422
|
|
nodePort: 32389
|
|
type: NodePort
|