7.1 KiB
7.1 KiB
helm repo add jaconi https://charts.jaconi.io
helm repo update
fullnameOverride: "netbird"
config:
database:
DB_TYPE: postgres
HOST: postgres-postgresql.postgres.svc.cluster.local
PORT: 5432
NAME: netbird
USER: netbird_user
PASSWD: password
relay:
enabled: true
config:
NB_EXPOSED_ADDRESS: "netbird-relay.netbird.svc.cluster.local:33080"
signal:
enabled: true
management:
enabled: true
config:
NETBIRD_SIGNAL_URI: "netbird-signal.netbird.svc.cluster.local:10000"
NETBIRD_SIGNAL_PROTOCOL: "https"
NETBIRD_RELAY_DOMAIN: "netbird-relay.netbird.svc.cluster.local"
NETBIRD_RELAY_PORT: "33080"
NETBIRD_STUN_URI: "stun:netbird-signal.netbird.svc.cluster.local:3478"
NETBIRD_TURN_URI: "turn:netbird-signal.netbird.svc.cluster.local:3478"
dashboard:
enabled: true
service:
type: ClusterIP
ingress:
enabled: false
openssl rand -hex 32
kubectl create secret generic netbird-relay-secret \
-n netbird \
--from-literal=netbird-relay-secret-key="8626c1ed1c8cfcb13df6c65819042771a2bf7a280c16f0ba54abea8cde7b560d"
helm install netbird jaconi/netbird \
-n netbird \
--create-namespace \
-f netbird-values.yaml
or
helm upgrade netbird jaconi/netbird \
-n netbird \
-f netbird-values.yaml
kubectl -n netbird get pods
kubectl -n netbird get svc
kubectl -n netbird get ingress
vim netbird-dashboard-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: netbird-dashboard
namespace: netbird
labels:
app: netbird-dashboard
spec:
replicas: 1
selector:
matchLabels:
app: netbird-dashboard
template:
metadata:
labels:
app: netbird-dashboard
spec:
containers:
- name: dashboard
image: netbirdio/dashboard:0.45.1
ports:
- containerPort: 80
env:
- name: NB_MANAGEMENT_API_ENDPOINT
value: "http://netbird.local:30830"
vim netbird-dashboard-service.yaml
apiVersion: v1
kind: Service
metadata:
name: netbird-dashboard
namespace: netbird
spec:
selector:
app: netbird-dashboard
ports:
- protocol: TCP
port: 80
targetPort: 80
type: ClusterIP
vim netbird-dashboard-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: netbird-dashboard
namespace: netbird
spec:
ingressClassName: nginx
rules:
- host: netbird.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: netbird-dashboard
port:
number: 80
kubectl apply -f netbird-dashboard-deployment.yaml
kubectl apply -f netbird-dashboard-service.yaml
kubectl apply -f netbird-dashboard-ingress.yaml
C:\Windows\System32\drivers\etc\hosts
k8s
vim netbird-application.yaml
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: netbird # как будет называться приложение в ArgoCD
namespace: argocd # namespace, где установлен ArgoCD
spec:
project: default
source:
repoURL: https://charts.jaconi.io # тот самый helm repo
chart: netbird # имя чарта
targetRevision: "*" # можно зафиксировать версию, пока пусть будет любая
helm:
releaseName: netbird # как будто ты делал "helm install netbird ..."
values: |-
fullnameOverride: "netbird"
config:
database:
DB_TYPE: postgres
HOST: postgres-postgresql.postgres.svc.cluster.local
PORT: 5432
NAME: netbird
USER: netbird_user
PASSWD: password
relay:
enabled: true
config:
NB_EXPOSED_ADDRESS: "netbird-relay.netbird.svc.cluster.local:33080"
signal:
enabled: true
management:
enabled: true
config:
NETBIRD_SIGNAL_URI: "netbird-signal.netbird.svc.cluster.local:10000"
NETBIRD_SIGNAL_PROTOCOL: "https"
NETBIRD_RELAY_DOMAIN: "netbird-relay.netbird.svc.cluster.local"
NETBIRD_RELAY_PORT: "33080"
NETBIRD_STUN_URI: "stun:netbird-signal.netbird.svc.cluster.local:3478"
NETBIRD_TURN_URI: "turn:netbird-signal.netbird.svc.cluster.local:3478"
dashboard:
enabled: true
service:
type: ClusterIP
ingress:
enabled: true
className: nginx
hosts:
- host: netbird.local
paths:
- path: /
pathType: Prefix
destination:
server: https://kubernetes.default.svc
namespace: netbird # сюда чарты будут ставиться
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
kubectl apply -f netbird-application.yaml -n argocd
kubectl create namespace netbird || true
kubectl create secret generic netbird-relay-secret \
-n netbird \
--from-literal=netbird-relay-secret-key="8626c1ed1c8cfcb13df6c65819042771a2bf7a280c16f0ba54abea8cde7b560d"
helm repo add jaconi https://charts.jaconi.io
helm repo update
vim netbird-dashboard-values.yaml
image:
# Версия образа UI; есть тег v2.22.2 на Docker Hub
# см. netbirdio/dashboard:v2.22.2 :contentReference[oaicite:2]{index=2}
tag: v2.22.2
auth:
# OIDC-провайдер (например, Keycloak)
authority: https://keycloak.example.com/realms/homelab
audience: netbird
clientID: netbird
supportedScopes: >
openid profile email offline_access netbird-api
netbird:
# HTTP API management-сервиса NetBird (тот же, к которому коннектятся клиенты)
managementApiEndpoint: https://netbird.example.com
# gRPC endpoint того же сервиса
managementGrpcApiEndpoint: https://netbird.example.com
ingress:
enabled: true
className: nginx
annotations:
# Пример для cert-manager, можно убрать если не используешь
cert-manager.io/cluster-issuer: letsencrypt
hosts:
- host: netbird.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: netbird-tls-certificate
hosts:
- netbird.example.com
# namespace можно выбрать любой, но обычно используют netbird
kubectl create namespace netbird --dry-run=client -o yaml | kubectl apply -f -
helm install netbird-dashboard jaconi/netbird-dashboard \
--namespace netbird \
--values netbird-dashboard-values.yaml