PyPI - raijin-server - Versions diffs - 0.3.3__py3-none-any.whl → 0.3.6__py3-none-any.whl - Mend

raijin-server 0.3.3py3-none-any.whl → 0.3.6py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of raijin-server might be problematic. Click here for more details.

Files changed (18) hide show

raijin_server/__init__.py +1 -1
raijin_server/cli.py +4 -17
raijin_server/modules/__init__.py +4 -5
raijin_server/modules/full_install.py +11 -19
raijin_server/modules/grafana.py +27 -8
raijin_server/modules/harbor.py +685 -0
raijin_server/modules/loki.py +28 -4
raijin_server/modules/minio.py +48 -15
raijin_server/modules/prometheus.py +47 -7
raijin_server/modules/secrets.py +416 -95
{raijin_server-0.3.3.dist-info → raijin_server-0.3.6.dist-info}/METADATA +1 -1
{raijin_server-0.3.3.dist-info → raijin_server-0.3.6.dist-info}/RECORD +16 -17
raijin_server/modules/observability_dashboards.py +0 -233
raijin_server/modules/observability_ingress.py +0 -246
{raijin_server-0.3.3.dist-info → raijin_server-0.3.6.dist-info}/WHEEL +0 -0
{raijin_server-0.3.3.dist-info → raijin_server-0.3.6.dist-info}/entry_points.txt +0 -0
{raijin_server-0.3.3.dist-info → raijin_server-0.3.6.dist-info}/licenses/LICENSE +0 -0
{raijin_server-0.3.3.dist-info → raijin_server-0.3.6.dist-info}/top_level.txt +0 -0

raijin_server/modules/loki.py CHANGED Viewed

@@ -103,6 +103,15 @@ def run(ctx: ExecutionContext) -> None:
     retention_hours = typer.prompt("Retencao de logs em horas", default="168")
     persistence_size = typer.prompt("Tamanho do storage", default="20Gi")
+    # NodePort para acesso via VPN
+    enable_nodeport = typer.confirm(
+        "Habilitar NodePort para acesso via VPN?",
+        default=True
+    )
+    nodeport_port = 30310
+    if enable_nodeport:
+        nodeport_port = int(typer.prompt("Porta NodePort", default="30310"))
     node_name = _detect_node_name(ctx)
@@ -147,6 +156,15 @@ promtail:
       memory: 256Mi
 """
+    # Adiciona NodePort se habilitado
+    if enable_nodeport:
+        values_yaml += f"""
+loki:
+  service:
+    type: NodePort
+    nodePort: {nodeport_port}
+"""
     values_path = Path("/tmp/raijin-loki-values.yaml")
     write_file(values_path, values_yaml, ctx)
@@ -167,7 +185,13 @@ promtail:
         _wait_for_loki_ready(ctx)
     typer.secho("\n✓ Loki Stack instalado com sucesso.", fg=typer.colors.GREEN, bold=True)
-    typer.echo("\nPara acessar Loki via port-forward:")
-    typer.echo("  kubectl -n observability port-forward svc/loki 3100:3100")
-    typer.echo("\nPara verificar logs:")
-    typer.echo("  curl http://localhost:3100/ready")
+    if enable_nodeport:
+        typer.secho("\n🔒 Acesso via VPN + NodePort:", fg=typer.colors.CYAN, bold=True)
+        typer.echo(f"\n  curl http://<VPN_SERVER_IP>:{nodeport_port}/ready")
+        typer.echo(f"\n  Exemplo: curl http://10.8.0.1:{nodeport_port}/ready")
+    else:
+        typer.echo("\nPara acessar Loki via port-forward:")
+        typer.echo("  kubectl -n observability port-forward svc/loki 3100:3100")
+        typer.echo("\nPara verificar logs:")
+        typer.echo("  curl http://localhost:3100/ready")

raijin_server/modules/minio.py CHANGED Viewed

@@ -449,6 +449,18 @@ def run(ctx: ExecutionContext) -> None:
     enable_console = typer.confirm("Habilitar Console Web?", default=True)
+    # NodePort para acesso via VPN
+    enable_nodeport = typer.confirm(
+        "Habilitar NodePort para acesso via VPN?",
+        default=True
+    )
+    api_nodeport = 30900
+    console_nodeport = 30901
+    if enable_nodeport:
+        api_nodeport = int(typer.prompt("Porta NodePort para API S3", default="30900"))
+        if enable_console:
+            console_nodeport = int(typer.prompt("Porta NodePort para Console", default="30901"))
     node_name = _detect_node_name(ctx)
     values = [
@@ -486,13 +498,27 @@ def run(ctx: ExecutionContext) -> None:
     if is_distributed:
         values.append(f"replicas={replicas}")
-    # Console
-    if enable_console:
+    # Service type (NodePort ou ClusterIP)
+    if enable_nodeport:
         values.extend([
-            "consoleService.type=ClusterIP",
-            "consoleIngress.enabled=false",
+            "service.type=NodePort",
+            f"service.nodePort={api_nodeport}",
         ])
+    # Console
+    if enable_console:
+        if enable_nodeport:
+            values.extend([
+                "consoleService.type=NodePort",
+                f"consoleService.nodePort={console_nodeport}",
+                "consoleIngress.enabled=false",
+            ])
+        else:
+            values.extend([
+                "consoleService.type=ClusterIP",
+                "consoleIngress.enabled=false",
+            ])
     helm_upgrade_install(
         release="minio",
         chart="minio",
@@ -514,14 +540,21 @@ def run(ctx: ExecutionContext) -> None:
     typer.echo(f"  Root Password: {root_password}")
     if enable_console:
-        typer.secho("\n🔒 Acesso Seguro ao MinIO Console via VPN:", fg=typer.colors.CYAN, bold=True)
-        typer.echo("\n1. Configure VPN (se ainda não tiver):")
-        typer.echo("   sudo raijin vpn")
-        typer.echo("\n2. Conecte via WireGuard")
-        typer.echo("\n3. Faça port-forward:")
-        typer.echo("   kubectl -n minio port-forward svc/minio-console 9001:9001")
-        typer.echo("\n4. Acesse no navegador:")
-        typer.echo("   http://localhost:9001")
-    typer.echo("\nPara acessar a API S3 (port-forward):")
-    typer.echo("  kubectl -n minio port-forward svc/minio 9000:9000")
+        if enable_nodeport:
+            typer.secho("\n🔒 Acesso ao MinIO Console via VPN:", fg=typer.colors.CYAN, bold=True)
+            typer.echo("\n1. Configure VPN (se ainda não tiver):")
+            typer.echo("   sudo raijin vpn")
+            typer.echo("\n2. Conecte via WireGuard")
+            typer.echo("\n3. Acesse no navegador (IP da VPN):")
+            typer.echo(f"   http://<VPN_SERVER_IP>:{console_nodeport}")
+            typer.echo("\n   Exemplo: http://10.8.0.1:{}".format(console_nodeport))
+        else:
+            typer.secho("\n🔒 Acesso via Port-Forward:", fg=typer.colors.CYAN, bold=True)
+            typer.echo("\n  kubectl -n minio port-forward svc/minio-console 9001:9001")
+            typer.echo("\n  Acesse: http://localhost:9001")
+    if enable_nodeport:
+        typer.echo(f"\nAPI S3 via VPN: http://<VPN_SERVER_IP>:{api_nodeport}")
+    else:
+        typer.echo("\nPara acessar a API S3 (port-forward):")
+        typer.echo("  kubectl -n minio port-forward svc/minio 9000:9000")

raijin_server/modules/prometheus.py CHANGED Viewed

@@ -428,6 +428,17 @@ def run(ctx: ExecutionContext) -> None:
     enable_persistence = typer.confirm(
         "Habilitar PVC para Prometheus e Alertmanager?", default=bool(default_sc)
     )
+    # NodePort para acesso via VPN
+    enable_nodeport = typer.confirm(
+        "Habilitar NodePort para acesso via VPN?",
+        default=True
+    )
+    prometheus_nodeport = 30090
+    alertmanager_nodeport = 30093
+    if enable_nodeport:
+        prometheus_nodeport = int(typer.prompt("Porta NodePort para Prometheus", default="30090"))
+        alertmanager_nodeport = int(typer.prompt("Porta NodePort para Alertmanager", default="30093"))
     # Se habilitou PVC, garante que existe StorageClass disponivel
     if enable_persistence:
@@ -442,31 +453,42 @@ def run(ctx: ExecutionContext) -> None:
         "prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false",
         "prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues=false",
         "defaultRules.create=true",
-        # Tolerations for control-plane nodes
+        # Tolerations for control-plane nodes - Prometheus
         "prometheus.prometheusSpec.tolerations[0].key=node-role.kubernetes.io/control-plane",
         "prometheus.prometheusSpec.tolerations[0].operator=Exists",
         "prometheus.prometheusSpec.tolerations[0].effect=NoSchedule",
         "prometheus.prometheusSpec.tolerations[1].key=node-role.kubernetes.io/master",
         "prometheus.prometheusSpec.tolerations[1].operator=Exists",
         "prometheus.prometheusSpec.tolerations[1].effect=NoSchedule",
+        # Tolerations - Alertmanager
         "alertmanager.alertmanagerSpec.tolerations[0].key=node-role.kubernetes.io/control-plane",
         "alertmanager.alertmanagerSpec.tolerations[0].operator=Exists",
         "alertmanager.alertmanagerSpec.tolerations[0].effect=NoSchedule",
         "alertmanager.alertmanagerSpec.tolerations[1].key=node-role.kubernetes.io/master",
         "alertmanager.alertmanagerSpec.tolerations[1].operator=Exists",
         "alertmanager.alertmanagerSpec.tolerations[1].effect=NoSchedule",
+        # Tolerations - Prometheus Operator
         "prometheusOperator.tolerations[0].key=node-role.kubernetes.io/control-plane",
         "prometheusOperator.tolerations[0].operator=Exists",
         "prometheusOperator.tolerations[0].effect=NoSchedule",
         "prometheusOperator.tolerations[1].key=node-role.kubernetes.io/master",
         "prometheusOperator.tolerations[1].operator=Exists",
         "prometheusOperator.tolerations[1].effect=NoSchedule",
+        # Tolerations - Admission Webhooks (Jobs que criam/atualizam webhooks)
+        "prometheusOperator.admissionWebhooks.patch.tolerations[0].key=node-role.kubernetes.io/control-plane",
+        "prometheusOperator.admissionWebhooks.patch.tolerations[0].operator=Exists",
+        "prometheusOperator.admissionWebhooks.patch.tolerations[0].effect=NoSchedule",
+        "prometheusOperator.admissionWebhooks.patch.tolerations[1].key=node-role.kubernetes.io/master",
+        "prometheusOperator.admissionWebhooks.patch.tolerations[1].operator=Exists",
+        "prometheusOperator.admissionWebhooks.patch.tolerations[1].effect=NoSchedule",
+        # Tolerations - kube-state-metrics
         "kube-state-metrics.tolerations[0].key=node-role.kubernetes.io/control-plane",
         "kube-state-metrics.tolerations[0].operator=Exists",
         "kube-state-metrics.tolerations[0].effect=NoSchedule",
         "kube-state-metrics.tolerations[1].key=node-role.kubernetes.io/master",
         "kube-state-metrics.tolerations[1].operator=Exists",
         "kube-state-metrics.tolerations[1].effect=NoSchedule",
+        # Tolerations - node-exporter
         "prometheus-node-exporter.tolerations[0].key=node-role.kubernetes.io/control-plane",
         "prometheus-node-exporter.tolerations[0].operator=Exists",
         "prometheus-node-exporter.tolerations[0].effect=NoSchedule",
@@ -477,8 +499,15 @@ def run(ctx: ExecutionContext) -> None:
         f"prometheus.prometheusSpec.nodeSelector.kubernetes\\.io/hostname={node_name}",
         f"alertmanager.alertmanagerSpec.nodeSelector.kubernetes\\.io/hostname={node_name}",
         f"prometheusOperator.nodeSelector.kubernetes\\.io/hostname={node_name}",
-    ]
+    ]
+    # NodePort para acesso via VPN
+    if enable_nodeport:
+        values.extend([
+            "prometheus.service.type=NodePort",
+            f"prometheus.service.nodePort={prometheus_nodeport}",
+            "alertmanager.service.type=NodePort",
+            f"alertmanager.service.nodePort={alertmanager_nodeport}",
+        ])
     extra_args = ["--wait", "--timeout", "10m", "--atomic"]
     chart_version = typer.prompt(
@@ -531,7 +560,18 @@ def run(ctx: ExecutionContext) -> None:
         _wait_for_prometheus_ready(ctx, namespace)
     typer.secho("\n✓ kube-prometheus-stack instalado com sucesso.", fg=typer.colors.GREEN, bold=True)
-    typer.echo("\nPara acessar Prometheus via port-forward:")
-    typer.echo(f"  kubectl -n {namespace} port-forward svc/kube-prometheus-stack-prometheus 9090:9090")
-    typer.echo("\nPara acessar Alertmanager via port-forward:")
-    typer.echo(f"  kubectl -n {namespace} port-forward svc/kube-prometheus-stack-alertmanager 9093:9093")
+    if enable_nodeport:
+        typer.secho("\n🔒 Acesso via VPN + NodePort:", fg=typer.colors.CYAN, bold=True)
+        typer.echo("\n1. Configure VPN: sudo raijin vpn")
+        typer.echo("2. Conecte via WireGuard")
+        typer.echo("\nPrometheus:")
+        typer.echo(f"   http://<VPN_SERVER_IP>:{prometheus_nodeport}")
+        typer.echo("\nAlertmanager:")
+        typer.echo(f"   http://<VPN_SERVER_IP>:{alertmanager_nodeport}")
+        typer.echo("\nExemplo: http://10.8.0.1:{} (Prometheus)".format(prometheus_nodeport))
+    else:
+        typer.echo("\nPara acessar Prometheus via port-forward:")
+        typer.echo(f"  kubectl -n {namespace} port-forward svc/kube-prometheus-stack-prometheus 9090:9090")
+        typer.echo("\nPara acessar Alertmanager via port-forward:")
+        typer.echo(f"  kubectl -n {namespace} port-forward svc/kube-prometheus-stack-alertmanager 9093:9093")

raijin-server 0.3.3__py3-none-any.whl → 0.3.6__py3-none-any.whl

Potentially problematic release.

raijin-server 0.3.3py3-none-any.whl → 0.3.6py3-none-any.whl