Update

Backend/kube-manifests/CronJobs/Dev/1 - Secret.yaml

@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: api-key
-type: Opaque
-data:
-  key: ZG9wX3YxXzJlMmFiMDMxYzNjMjVmMTI4ZjA2MGYwMThiZjM3OTc3YmUyYTc4N2FjMmQ2YmZiMTlhMjBmOTYxYmQ0NGRlYmY=

Backend/kube-manifests/CronJobs/Dev/2 - CronJob.yaml

@@ -1,26 +0,0 @@
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
-  name: kuikwork-cron
-spec:
-  schedule: "*/5 * * * *"
-  concurrencyPolicy: Forbid
-  jobTemplate:
-    spec:
-      template:
-        spec:
-          containers:
-            - name: kuikwork-cron
-              image: juampynr/digital-ocean-cronjob:latest
-              env:
-                - name: DIGITALOCEAN_ACCESS_TOKEN
-                  valueFrom:
-                    secretKeyRef:
-                      name: api-key
-                      key: key
-              command: ["/bin/sh", "-c"]
-              args:
-                - doctl kubernetes cluster kubeconfig save 6c15b3d8-c73f-4881-bc85-2f813b74e4db
-                - POD_NAME=$(kubectl get pods -o=jsonpath='{.items[0].metadata.name}' -n dev-workers-ns -l app=dev-workers-ap)
-                - kubectl exec -n dev-workers-ns POD_NAME -- php -v
-          restartPolicy: OnFailure

Backend/sample-cronjob.yaml

@@ -1,20 +0,0 @@
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
-  name: dev-workers-cronjob
-spec:
-  schedule: "*/1 * * * *"
-  jobTemplate:
-    metadata:
-      name: hello
-    spec:
-      template:
-        spec:
-          containers:
-            - name: hello
-              image: busybox
-              command:
-                - /bin/sh
-                - -c
-                - date; echo Hello from the Kubernetes cluster
-          restartPolicy: OnFailure

Workers/kube-manifests/CronJobs/Dev/1 - Secret.yaml

@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: api-key
-type: Opaque
-data:
-  key: ZG9wX3YxXzJlMmFiMDMxYzNjMjVmMTI4ZjA2MGYwMThiZjM3OTc3YmUyYTc4N2FjMmQ2YmZiMTlhMjBmOTYxYmQ0NGRlYmY=

Workers/kube-manifests/CronJobs/Dev/2 - CronJob.yaml

@@ -1,26 +0,0 @@
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
-  name: kuikwork-cron
-spec:
-  schedule: "*/5 * * * *"
-  concurrencyPolicy: Forbid
-  jobTemplate:
-    spec:
-      template:
-        spec:
-          containers:
-            - name: kuikwork-cron
-              image: juampynr/digital-ocean-cronjob:latest
-              env:
-                - name: DIGITALOCEAN_ACCESS_TOKEN
-                  valueFrom:
-                    secretKeyRef:
-                      name: api-key
-                      key: key
-              command: ["/bin/sh", "-c"]
-              args:
-                - doctl kubernetes cluster kubeconfig save 6c15b3d8-c73f-4881-bc85-2f813b74e4db
-                - POD_NAME=$(kubectl get pods -o=jsonpath='{.items[0].metadata.name}' -n dev-workers-ns -l app=dev-workers-ap)
-                - kubectl exec -n dev-workers-ns POD_NAME -- php -v
-          restartPolicy: OnFailure

Workers/kube-manifests/Dev/.dockerconfigjson

@@ -1,10 +0,0 @@
-{
-    "auths": {
-        "https://registry.gitlab.com": {
-            "username": "kube-puller",
-            "password": "gldt-KsuiWhf3z4qBSyxnMXC8",
-            "email": "jorge.sanchez@articulacion.com.co",
-            "auth": "a3ViZS1wdWxsZXI6Z2xkdC1Lc3VpV2hmM3o0cUJTeXhuTVhDOA=="
-        }
-    }
-}

Workers/kube-manifests/Dev/2 - gitlab-img.yaml

@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: workers-gitlab-img
-  namespace: dev-workers-ns
-type: kubernetes.io/dockerconfigjson
-data:
-  .dockerconfigjson: ewogICAgImF1dGhzIjogewogICAgICAgICJodHRwczovL3JlZ2lzdHJ5LmdpdGxhYi5jb20iOiB7CiAgICAgICAgICAgICJ1c2VybmFtZSI6ICJrdWJlLXB1bGxlciIsCiAgICAgICAgICAgICJwYXNzd29yZCI6ICJnbGR0LUtzdWlXaGYzejRxQlN5eG5NWEM4IiwKICAgICAgICAgICAgImVtYWlsIjogImpvcmdlLnNhbmNoZXpAYXJ0aWN1bGFjaW9uLmNvbS5jbyIsCiAgICAgICAgICAgICJhdXRoIjogImEzVmlaUzF3ZFd4c1pYSTZaMnhrZEMxTGMzVnBWMmhtTTNvMGNVSlRlWGh1VFZoRE9BPT0iCiAgICAgICAgfQogICAgfQp9Cg==

Workers/kube-manifests/Dev/3 - deployment.yaml

@@ -1,30 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: dev-workers-dp
-  namespace: dev-workers-ns
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: dev-workers-ap
-  strategy:
-    type: RollingUpdate
-  template:
-    metadata:
-      labels:
-        app: dev-workers-ap
-    spec:
-      containers:
-        - name: dev-workers-pd
-          image: registry.gitlab.com/articulacion/workers:dev
-          imagePullPolicy: Always
-          resources:
-            requests:
-              memory: "100Mi"
-              cpu: "100m"
-            limits:
-              memory: "150Gi"
-              cpu: "150m"
-      imagePullSecrets:
-        - name: workers-gitlab-img

Workers/kube-manifests/Prod/.dockerconfigjson

@@ -1,10 +0,0 @@
-{
-    "auths": {
-        "https://registry.gitlab.com": {
-            "username": "kube-puller",
-            "password": "gldt-KsuiWhf3z4qBSyxnMXC8",
-            "email": "jorge.sanchez@articulacion.com.co",
-            "auth": "a3ViZS1wdWxsZXI6Z2xkdC1Lc3VpV2hmM3o0cUJTeXhuTVhDOA=="
-        }
-    }
-}

Workers/sample-cronjob.yaml

@@ -1,20 +0,0 @@
-apiVersion: batch/v1beta1
-kind: CronJob
-metadata:
-  name: dev-workers-cronjob
-spec:
-  schedule: "*/1 * * * *"
-  jobTemplate:
-    metadata:
-      name: hello
-    spec:
-      template:
-        spec:
-          containers:
-            - name: hello
-              image: busybox
-              command:
-                - /bin/sh
-                - -c
-                - date; echo Hello from the Kubernetes cluster
-          restartPolicy: OnFailure

Workers/utility-deploy.yaml

@@ -1,37 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: utilities
-  labels:
-    app: utilities
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: utilities
-  template:
-    metadata:
-      labels:
-        app: utilities
-    spec:
-      containers:
-        - name: utilities
-          image: quay.io/sudermanjr/utilities:latest
-          # Just spin & wait forever
-          command: ["/bin/bash", "-c", "--"]
-          args: ["while true; do sleep 30; done;"]
-          securityContext:
-            readOnlyRootFilesystem: true
-            allowPrivilegeEscalation: false
-            runAsNonRoot: true
-            runAsUser: 10324
-            capabilities:
-              drop:
-                - ALL
-          resources:
-            requests:
-              cpu: 30m
-              memory: 64Mi
-            limits:
-              cpu: 100m
-              memory: 128Mi

gitlab-ci-main.yml

@@ -1,91 +0,0 @@
-variables:
-  BUILD_VERSION: $CI_COMMIT_SHORT_SHA
-  IMAGE_NAME: panel-workers
-  FRONT_URL: $FRONT_URL
-  DB_HOST: $DB_HOST
-  DB_PORT: $DB_PORT
-  DB_DATABASE: $DB_DATABASE
-  DB_USERNAME: $DB_USERNAME
-  DB_PASSWORD: $DB_PASSWORD
-
-
-stages:
-  - build_bkp
-  - build
-
-pre_build_image:
-  tags:
-    - workers-dind
-  stage: build_bkp
-  image: docker:25.0.1
-  services:
-    - docker:25.0.1-dind
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
-      variables:
-        IMAGE_TAG: $CI_COMMIT_SHORT_SHA
-  before_script:
-    - echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
-  script:
-    # Building Docker image (tag $CI_COMMIT_SHORT_SHA)...
-    - echo "Building Docker images (tag $CI_COMMIT_SHORT_SHA)..."
-    - docker build
-      --pull
-      --build-arg FRONT_URL=$FRONT_URL
-      --build-arg DB_HOST=$DB_HOST
-      --build-arg DB_PORT=$DB_PORT
-      --build-arg DB_DATABASE=$DB_DATABASE
-      --build-arg DB_USERNAME=$DB_USERNAME
-      --build-arg DB_PASSWORD=$DB_PASSWORD
-      --cache-from $CI_REGISTRY_IMAGE:$IMAGE_TAG
-      --label "org.opencontainers.image.title=$CI_PROJECT_TITLE"
-      --label "org.opencontainers.image.url=$CI_PROJECT_URL"
-      --label "org.opencontainers.image.created=$CI_JOB_STARTED_AT"
-      --label "org.opencontainers.image.revision=$CI_COMMIT_SHA"
-      --label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME"
-      --tag $CI_REGISTRY_IMAGE:$IMAGE_TAG .
-    # Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)...
-    - echo "Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)..."
-    - docker push $CI_REGISTRY_IMAGE:$IMAGE_TAG
-
-build_image:
-  tags:
-    - workers-dind
-  stage: build
-  variables:
-    DOCKER_TLS_CERTDIR: /certs
-  image: docker:25.0.1
-  services:
-    - docker:25.0.1-dind
-  rules:
-    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
-      variables:
-        IMAGE_TAG: latest
-    - if: $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH
-      variables:
-        IMAGE_TAG: $CI_COMMIT_BRANCH
-  before_script:
-    - echo $CI_REGISTRY_PASSWORD | docker login -u $CI_REGISTRY_USER $CI_REGISTRY --password-stdin
-    - echo "tag=$IMAGE_TAG"
-  script:
-    # Building Docker image (tag $IMAGE_TAG)...
-    - echo "Building Docker image (tag $IMAGE_TAG)..."
-    - docker build
-      --pull
-      --build-arg FRONT_URL=$FRONT_URL
-      --build-arg DB_HOST=$DB_HOST
-      --build-arg DB_PORT=$DB_PORT
-      --build-arg DB_DATABASE=$DB_DATABASE
-      --build-arg DB_USERNAME=$DB_USERNAME
-      --build-arg DB_PASSWORD=$DB_PASSWORD
-      --cache-from $CI_REGISTRY_IMAGE:$IMAGE_TAG
-      --label "org.opencontainers.image.title=$CI_PROJECT_TITLE"
-      --label "org.opencontainers.image.url=$CI_PROJECT_URL"
-      --label "org.opencontainers.image.created=$CI_JOB_STARTED_AT"
-      --label "org.opencontainers.image.revision=$CI_COMMIT_SHA"
-      --label "org.opencontainers.image.version=$CI_COMMIT_REF_NAME"
-      --tag $CI_REGISTRY_IMAGE:$IMAGE_TAG .
-    # Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)...
-    - echo "Pushing Docker image to GitLab container registry (tag $IMAGE_TAG)..."
-    - docker push $CI_REGISTRY_IMAGE:$IMAGE_TAG
-

k8s/doctl-kubernetes.sh

@@ -0,0 +1,2 @@
+doctl kubernetes cluster create mind-cluster --region=nyc3 --auto-upgrade=true --node-pool="name=mind;size=s-4vcpu-8gb-amd;count=1;auto-scale=true;min-nodes=1;max-nodes=6" --vpc-uuid="07c765e8-961b-4ee6-90da-b1380a001f8c"
+

k8s/fluentd/1 - cluster-role.yaml

@@ -0,0 +1,8 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fluentd-cluster-role
+rules:
+- apiGroups: [""]
+  resources: ["pods", "namespaces"]
+  verbs: ["get", "list", "watch"]

k8s/fluentd/2 - cluster-role-binding.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fluentd-cluster-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fluentd-cluster-role
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: kube-system

k8s/fluentd/3 - config-map.yaml

@@ -0,0 +1,46 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: fluent-conf
+  namespace: kube-system
+data:
+  fluent.conf: |
+    <source>
+      @type tail
+      path /var/log/containers/*.log
+      pos_file /var/log/containers.log.pos
+      tag kubernetes.*
+      format /^(?<time>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z) (?<stream>stdout|stderr) (?<log>.*)$/
+      time_format %Y-%m-%dT%H:%M:%S.%NZ
+      read_from_head true
+      keep_time_key true
+      exclude_path ["/var/log/containers/fluentd-*.log"]
+    </source>
+
+    <filter kubernetes.**>
+      @type record_transformer
+      enable_ruby true
+      <record>
+        log ${record["log"].gsub(/\\+/, "").gsub(/^F /, "")}  # Elimina escapes y el prefijo "F "
+      </record>
+    </filter>
+
+    <filter kubernetes.**>
+      @type kubernetes_metadata
+      #@type stdout
+    </filter>
+
+    <match kubernetes.**>
+      @type remote_syslog
+      host nblsrv.mind.brm.co
+      port 5513
+      protocol udp
+      tls false
+      tls_verify false
+      <buffer>
+        @type memory
+        flush_interval 10s
+        chunk_limit_size 1MB
+        queue_limit_length 1024
+      </buffer>
+    </match>

k8s/fluentd/3 - deployment-fluentd.yaml

@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: fluentd
+  namespace: kube-system
+  labels:
+    k8s-app: fluentd-logging
+spec:
+  selector:
+    matchLabels:
+      name: fluentd
+  template:
+    metadata:
+      labels:
+        name: fluentd
+    spec:
+      containers:
+        - name: fluentd
+          image: fluent/fluentd-kubernetes-daemonset:v1-debian-syslog
+          env:
+            - name: FLUENT_SYSLOG_HOST
+              value: "nblsrv.mind.brm.co"  # Dirección del servidor syslog
+            - name: FLUENT_SYSLOG_PORT
+              value: "516"  # Puerto del servidor syslog
+            - name: FLUENT_SYSLOG_PROTOCOL
+              value: "tcp"  # Protocolo (tcp, udp o tls)
+            - name: FLUENT_SYSLOG_TLS
+              value: "false"  # Habilitar TLS (true/false)
+            #- name: FLUENT_SYSLOG_TLS_VERIFY
+            #  value: "false"  # Verificar certificado TLS (true/false)
+            # - name: FLUENT_SYSLOG_TLS_CERT_PATH
+            #   value: "/path/to/cert.pem"  # Ruta al certificado TLS (opcional)
+            # - name: FLUENT_SYSLOG_TLS_KEY_PATH
+            #   value: "/path/to/key.pem"  # Ruta a la clave privada TLS (opcional)
+            # - name: FLUENT_SYSLOG_TLS_CA_PATH
+            #   value: "/path/to/ca.pem"  # Ruta al certificado de la CA (opcional)
+          volumeMounts:
+          - name: varlog
+            mountPath: /var/log
+          - name: varlibdockercontainers
+            mountPath: /var/lib/docker/containers
+            readOnly: true
+          - name: fluent-conf
+            mountPath: /fluentd/etc/fluent.conf
+            subPath: fluent.conf
+      imagePullSecrets:
+        - name: ofront-gitlab-img
+      volumes:
+        - name: varlog
+          hostPath:
+            path: /var/log
+        - name: varlibdockercontainers
+          hostPath:
+            path: /var/lib/docker/containers
+        - name: fluent-conf
+          configMap:
+            name: fluent-conf

k8s/ingress-nginx/ingress-nginx.sh

@@ -0,0 +1,2 @@
+kubectl create ns ingress-nginx
+helm upgrade --install ingress-nginx ingress-nginx/ingress-nginx -n ingress-nginx -f nginx-values.yaml

k8s/ingress-nginx/nginx-values.yaml

@@ -0,0 +1,13 @@
+controller:
+  allowSnippetAnnotations: "true"
+  replicaCount: 2
+  config:
+    use-forwarded-headers: true
+  resources:
+    requests:
+      cpu: 250m
+      memory: 150Mi
+  service:
+    annotations:
+      service.beta.kubernetes.io/do-loadbalancer-name: "bop.local"
+      service.beta.kubernetes.io/do-loadbalancer-network: "INTERNAL"

kube-manifests/Dev/Backend/.dockerconfigjson

@@ -0,0 +1,10 @@
+{
+    "auths": {
+        "https://gitea.articulacion.com.co": {
+            "username": "gitea_puller",
+            "password": "NFveF34GBWZSaUv2KWTYiw==",
+            "email": "gitea@articulacion.com.co",
+            "auth": "Z2l0ZWFfcHVsbGVyOk5GdmVGMzRHQldaU2FVdjJLV1RZaXc9PQ=="
+        }
+    }
+}

kube-manifests/Dev/Backend/1 - namespace.yaml

@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: dev-workers-ns
+  name: dev-panel-bk-ns

kube-manifests/Dev/Backend/2 - gitea-img.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: panel-gitea-img
+  namespace: dev-panel-bk-ns
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: ewogICAgImF1dGhzIjogewogICAgICAgICJodHRwczovL2dpdGVhLmFydGljdWxhY2lvbi5jb20uY28iOiB7CiAgICAgICAgICAgICJ1c2VybmFtZSI6ICJnaXRlYV9wdWxsZXIiLAogICAgICAgICAgICAicGFzc3dvcmQiOiAiTkZ2ZUYzNEdCV1pTYVV2MktXVFlpdz09IiwKICAgICAgICAgICAgImVtYWlsIjogImdpdGVhQGFydGljdWxhY2lvbi5jb20uY28iLAogICAgICAgICAgICAiYXV0aCI6ICJaMmwwWldGZmNIVnNiR1Z5T2s1R2RtVkdNelJIUWxkYVUyRlZkakpMVjFSWmFYYzlQUT09IgogICAgICAgIH0KICAgIH0KfQo=

kube-manifests/Dev/Backend/3 - deployment.yaml

@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: dev-panel-bk-dp
+  namespace: dev-panel-bk-ns
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: dev-panel-bk-ap
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: dev-panel-bk-ap
+    spec:
+      containers:
+        - name: dev-panel-bk-pd
+          image: gitea.tars.tools/mind/help_center:dev
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "500Mi"
+              cpu: "250m"
+            limits:
+              memory: "500Mi"
+              cpu: "250m"
+          ports:
+            - name: http
+              containerPort: 80
+              protocol: TCP
+      imagePullSecrets:
+        - name: mind-sos-gitea-img

kube-manifests/Dev/Backend/4 - service-redis.yaml

@@ -0,0 +1,15 @@
+# dev-redis-sos-sr.dev-panel-bk-ns.svc.cluster.local
+apiVersion: v1
+kind: Service
+metadata:
+  name: dev-redis-sos-sr
+  namespace: dev-panel-bk-ns
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 6379
+      targetPort: 6379
+  selector:
+    app: dev-redis-sos-ap
+  type: ClusterIP

kube-manifests/Dev/Backend/4 - service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: dev-panel-bk-sr
+  namespace: dev-panel-bk-ns
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: 80
+  selector:
+    app: dev-panel-bk-ap
+  type: ClusterIP

kube-manifests/Dev/Backend/5 - ingress.yaml

@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: dev-panel-bk-ig
+  namespace: dev-panel-bk-ns
+  annotations:
+    service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
+    service.beta.kubernetes.io/do-loadbalancer-internal: "true"
+    service.beta.kubernetes.io/do-loadbalancer-network: "INTERNAL"
+    nginx.ingress.kubernetes.io/enable-access-log: "true"
+
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: dev-sos.bop.local
+      http:
+        paths:
+          - pathType: Prefix
+            path: "/"
+            backend:
+              service:
+                name: dev-panel-bk-sr
+                port:
+                  number: 80
+

kube-manifests/Prod/Backend/1 - namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: prod-mind-sos-ns

kube-manifests/Prod/Backend/2 - gitea-img.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: mind-sos-gitea-img
+  namespace: prod-mind-sos-ns
+type: kubernetes.io/dockerconfigjson
+data:
+  .dockerconfigjson: ewogICAgImF1dGhzIjogewogICAgICAgICJodHRwczovL2dpdGVhLnRhcnMudG9vbHMiOiB7CiAgICAgICAgICAgICJ1c2VybmFtZSI6ICJnaXRlYV9wdWxsZXIiLAogICAgICAgICAgICAicGFzc3dvcmQiOiAiTkZ2ZUYzNEdCV1pTYVV2MktXVFlpdz09IiwKICAgICAgICAgICAgImVtYWlsIjogImdpdGVhQHRhcnMuZGV2IiwKICAgICAgICAgICAgImF1dGgiOiAiWjJsMFpXRmZjSFZzYkdWeU9rNUdkbVZHTXpSSFFsZGFVMkZWZGpKTFYxUlphWGM5UFE9PSIKICAgICAgICB9CiAgICB9Cn0K

kube-manifests/Prod/Backend/3 - deployment-redis.yaml

@@ -0,0 +1,32 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: prod-redis-sos-dp
+  namespace: prod-mind-sos-ns
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: prod-redis-sos-ap
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: prod-redis-sos-ap
+    spec:
+      containers:
+        - name: prod-redis-sos-pd
+          image: redis:latest
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "100Mi"
+              cpu: "50m"
+            limits:
+              memory: "100Mi"
+              cpu: "50m"
+          ports:
+            - name: redis
+              containerPort: 6379
+              protocol: TCP

kube-manifests/Prod/Backend/3 - deployment.yaml

@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: prod-mind-sos-dp
+  namespace: prod-mind-sos-ns
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: prod-mind-sos-ap
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: prod-mind-sos-ap
+    spec:
+      containers:
+        - name: prod-mind-sos-pd
+          image: gitea.tars.tools/mind/help_center:latest
+          imagePullPolicy: Always
+          resources:
+            requests:
+              memory: "500Mi"
+              cpu: "250m"
+            limits:
+              memory: "500Mi"
+              cpu: "250m"
+          ports:
+            - name: http
+              containerPort: 80
+              protocol: TCP
+      imagePullSecrets:
+        - name: mind-sos-gitea-img

kube-manifests/Prod/Backend/4 - service-redis.yaml

@@ -0,0 +1,15 @@
+# prod-redis-sos-sr.prod-mind-sos-ns.svc.cluster.local
+apiVersion: v1
+kind: Service
+metadata:
+  name: prod-redis-sos-sr
+  namespace: prod-mind-sos-ns
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 6379
+      targetPort: 6379
+  selector:
+    app: prod-redis-sos-ap
+  type: ClusterIP

kube-manifests/Prod/Backend/4 - service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: prod-mind-sos-sr
+  namespace: prod-mind-sos-ns
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: 80
+  selector:
+    app: prod-mind-sos-ap
+  type: ClusterIP

kube-manifests/Prod/Backend/5 - ingress.yaml

@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: prod-mind-sos-ig
+  namespace: prod-mind-sos-ns
+  annotations:
+    service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
+    service.beta.kubernetes.io/do-loadbalancer-internal: "true"
+    service.beta.kubernetes.io/do-loadbalancer-network: "INTERNAL"
+    nginx.ingress.kubernetes.io/enable-access-log: "true"
+
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: sos.bop.local
+      http:
+        paths:
+          - pathType: Prefix
+            path: "/"
+            backend:
+              service:
+                name: prod-mind-sos-sr
+                port:
+                  number: 80
+

kube-manifests/Prod/Backend/6 - hpa.yaml

@@ -0,0 +1,25 @@
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: prod-mind-sos-hpa
+  namespace: prod-mind-sos-ns
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: prod-mind-sos-dp
+  minReplicas: 1
+  maxReplicas: 10
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: 90
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: 90

ssl/star_articulacion_com_co.csr

@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIEtjCCAp4CAQAwcTELMAkGA1UEBhMCQ08xFDASBgNVBAgMC0JvZ290YSBELkMu
+MQ8wDQYDVQQHDAZCb2dvdGExGzAZBgNVBAoMEkFydGljdWxhY2lvbiBTLkEuUzEe
+MBwGA1UEAwwVKi5hcnRpY3VsYWNpb24uY29tLmNvMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqHqvp1JhUUCMvRrBmU8pOfssJ6sMqtbDiv9Ocgl81aiz
+nIa2QIM+8OEYRiC2WM9d2TLTTBNdizWlzsCycMi2PRBi/qbUXOkNqDYxCFwRaGwS
+nWewptQeDtGiQ5Ikn/rALCxgYvaSfMsKzrAZPg/zh0KsyskkQyJfJof08Toqv7tx
+qb98r9tTXR8REI/ZztQZgS0g8pvVMI/uhffbEIu0QthRm0Ze2rDsn0KnDwuyf4WC
+PO1Xws/unpSKlIcDaqs/oqfE3W/oLFmJGHqi7u9hveu/UrfZO4Pr6UAjEbvEW0Wc
+ARTfn4LpU/CvTDHBydnsp1D9ewWQi8gHMPzLPSMGFMGJls67WR8kt+vrUE/HyST2
+c5GmOYQ4tul/0QuIrXnoG8M6QA0XQj+9J++rhcG0UptbpLwbqR14Ln2/6RjYA5oV
+167XoYo6VEuq/SS2UfWSB4469M9p+ZE6UUN97WdlJD2R0mBKCK1XJbc2iKuHOfHw
+IWYA7uZBxvr6PzhGfIVNi/YRVEUry/dVZVpCxbx5l+KSSB/xl4iv2lQbJ8SslVsB
+NbL71Hon2qqpgU7eevF8bdDY9euvtKedP6QEAVj3SL2RpX+FJNBeE6zOU5VpRNJg
+MFvsTUUuwYFEx+ulJXUIqMc7I2nNbrB/zz9KvR0B2Jty7xte7VDfKTiBVUBKR0MC
+AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4ICAQCLxspZskH5JX6/XfH34Ux9ZKGgv+xa
+1ejUL38y2WXpM7nQD1LrVFQctsUoPRkX3PosuTkTU2LddI0211ufTjXMqed3/wEZ
++3wSG+/wdSSTv9VBzVM3y5P0lFIQaQQSuyu6Io+PZjcApYWDXlJM7KK9CnqvnL+u
++rNmnumQ2qjQ+6mC5rHtSQJmxprVRwspNLeWxWo4SAQjAL58qfKS0GjQs8mrKifG
+yl++l++p/KqOwDnsV/Ol3hYWe4S8xtwlRR+CIDQYlQVMKfG36wuTQ+D+8XBJJ0Cb
+IhVfQnRKVR1rxEfrP2xpEepVoG47gKEpYozn+8d7a15FBliPpMwLNiKR8qYvgO4y
+4Xa0Ig8CaOwYJvMEid9oYIxwlxn/RGSDCtxuOQsdwX7dduqBrVVOISc5jcmCtcGE
+XLXG51asbnaOMnsR58OJA4NR320fIv1PUIqS6tl9iqj5VR5pKJHUdgZsF7Ac6DkW
+3e4H5ZsP0CvJWvtUtFpnOA0mnVxV7h0iuflXkPdVTFO/NG7gBtI7ja8QNrksVZls
+OBAu9jHCtNnR6S49Uxf3rl8+bqAP2k5DKfLus5E51AdrKV2a/JqVOWBn9aC8jJqK
+gtMZpRLTs0FiQwcvcTq8B6HbaNKR3Mkyl6lIsN6z7NILPXCqBLn5Ju0VkvZ2Puyc
+K08Kq9a/TPVMYA==
+-----END CERTIFICATE REQUEST-----

ssl/star_articulacion_com_co.key

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCoeq+nUmFRQIy9
+GsGZTyk5+ywnqwyq1sOK/05yCXzVqLOchrZAgz7w4RhGILZYz13ZMtNME12LNaXO
+wLJwyLY9EGL+ptRc6Q2oNjEIXBFobBKdZ7Cm1B4O0aJDkiSf+sAsLGBi9pJ8ywrO
+sBk+D/OHQqzKySRDIl8mh/TxOiq/u3Gpv3yv21NdHxEQj9nO1BmBLSDym9Uwj+6F
+99sQi7RC2FGbRl7asOyfQqcPC7J/hYI87VfCz+6elIqUhwNqqz+ip8Tdb+gsWYkY
+eqLu72G9679St9k7g+vpQCMRu8RbRZwBFN+fgulT8K9MMcHJ2eynUP17BZCLyAcw
+/Ms9IwYUwYmWzrtZHyS36+tQT8fJJPZzkaY5hDi26X/RC4iteegbwzpADRdCP70n
+76uFwbRSm1ukvBupHXgufb/pGNgDmhXXrtehijpUS6r9JLZR9ZIHjjr0z2n5kTpR
+Q33tZ2UkPZHSYEoIrVcltzaIq4c58fAhZgDu5kHG+vo/OEZ8hU2L9hFURSvL91Vl
+WkLFvHmX4pJIH/GXiK/aVBsnxKyVWwE1svvUeifaqqmBTt568Xxt0Nj166+0p50/
+pAQBWPdIvZGlf4Uk0F4TrM5TlWlE0mAwW+xNRS7BgUTH66UldQioxzsjac1usH/P
+P0q9HQHYm3LvG17tUN8pOIFVQEpHQwIDAQABAoICAAIwOpMy0EUxLlG+xOSY94AO
+KzmoakJwwfjOkElr2XX9z5XYCdd2rgedfWrCtZ3GXegJd/h7mcdj3M1sozXKXAdd
+SqixDroJsOzbBb7S61N/+KuHJIkA4UaJd8AJEu2llBkLlw0v5LrQxfPlvQJ3TAr3
+AANyCQC/CTcY+jG4Nzvvhn9vF4KodYYDh32ulO0WGWZxi2vQpjx2PvLW7jY/8LPx
+CnD9J5yG7UJNqBEw1JKFvI/wTY396dYojPruYPTqeoe5vcAE/G7710dN67Gbwsxj
+vO6HIK7kwQvpcFw+AhC6gRL72wauym6NSoVaPsTio5H2Znv0h0gw/nzJJFppzy7b
+gezHFEfu0O3nk4udHJm4Cb9gxrEIUbUC67a9/3k/+4Bqt3/8T0Hx3MF4gLET5Q3V
+M+7EizgTrk48LNLRP42pA8XIKXiYKnGXWpoaWS3dXIWoOQfEKXQCwi9Thn9/dj+G
+464w3P/v3JFWwTP8FcmtieBmWLmaxYE0nckdZOJo6ThGwsjFY8d4wFnUqQKL7Ftf
+DOgMHElsvMndZ9PtoOanTY0bKbOraefbGDe9HjUh5U0Sn+D0WNsQ5LDT2WLXtuQH
+6s1Nn+802si0SjESxR9Ko+X+VOpqS3Zn40KKgr6kWTsoMomvV9gJM4TB9mc20G5O
+ig2VaqipiRqa/EnxuMR5AoIBAQDQOCt9z4IpK3aE18SKoHtJvKpUEWJl4mn5qs2n
+43vluUMpjOSwEcVgtwHW0ERxJZdi1Pw47i1sMDqZhTBQ8svNjbswVoTbsKsqES8o
+JfTGFB+q3I1wcVL1ov4/1TKHl+zfWImnpEFi9RSwyUeWRDlZoYlkKCOEt7z1MZ8e
+23wPmXuIFNqsYJjTEmhWqoiYwePIwFyt+101/HynDclNBdvysD7chg3BZ8GhrQdU
+IehjSaM5lEthd7153My+NPUMCs2O8OmiYGkRjH1DoFaolN6gD3sMBtmw3RmMBGSc
+mBjMMzgM9XpTIWV84gYJDbivyDG7wkRn2Dkpl+XEL5TtiCK/AoIBAQDPI/vOBtJH
+xeo4RJuXYN/WnVel+S5EL9kl58zDbro2grq+Ef1puB/FDQus8kbaJrieD/CGG9WP
+Z36LCSn+VgTD0hyNzjY7jD1kGpl5a/OwFlRTy3iilteVN4v/zW6PuU+5zajKdBkc
+PWrn80wLC5RGUnYtp897Y5fKJFQARv5Q4qQIbAutrePuPnuY53LZgb6VhCl9h5RL
+La50EP9mdftJLe/JU2xeQjZJLfyDzf/jp8Odx08SFaiVanG7n11yZP1LfOajsWy8
+wa5tR+G7EgzPsw5rOtBrzCmgga1qxbsdMZJhbbFYIcRxCeuSHNOLBhxY5Uwhnrz/
+HHpCoXckkrB9AoIBAQChzTRGtKyxr1uPCVhqXSDRAPHfGA89mv69C3R6ZTTPI/LD
+4/+FrpmReUTNl9PHlO2Z2GYTG0piyuuOhsgv7yxeFCgE/QaK7TNlIith6HTYQ6UE
+EhU67mUIClvGYLa+VVm1iUiW4/YHnukwI4kkhOmH9BYepW5MYLdOVfwPb4FtYdhz
+u7jdwMahJqm7xxMUmX6XbpvWewFIxWZcLkNiPg5X/YsrtGQWCbmXGC0cvKioFv3m
+7YzSNckgXGsh12cgr3hi/mSfUIn1IBXrKjqND/obqUv14ZDidj2252cDpNGIRLjm
+oQ8ocEg8Diugd3Av8MJs5B5iD80DvEzI8iyplGNjAoIBAGKMsCRZQno7Qy/6FDx1
+Lomg2i5w2v499YX/PoBMkfOVRttfG73Mh/DsP/3MVsE7YuJwmvJzE6vihWYIuh3z
+NtkjgcpFra+vDRYvQY1vOsUwGnaze3V/Zpnrj4PobQ2cEL5JhmCr07aH0fEA49Dt
+dWHvoaIfEKuXuoPFvOFU5XH+IiSPow7CiIq014DrvMyW2eGwuzyp4HfUCAfYfmp0
+/1TVshuKwSgnQESYyGa8/12EV6EdThVAkLBlsC6fp4nhWlEr319J7n3vd9kuNcsW
+z1mRyu5hUP+4ZqWijKsb3+YHy6jm01Um25scKSOe61ZdVedFUG8+YpTNK62/vDt+
+PtECggEAOl/uaU89es5nC0+CV6fjjYwAVSfWsxGviBJz7YLST3P+20GERWFQeYAj
+aRGDn+OiSEydd6bDehvrxDX5ZsgzZoXeKqcwwcyTv8QuyeSajArcP3nRxty/I4HI
+1RQsLucCUzxkQH0kCQ5qoRNwTiEpk3/CRH9hgw7O2eGHNx8X5n70J8m/+Dr8yHH+
+VcnkyZTnaVPfCrTxwmBktglP1ZKMo04PNyJJV+YATgvDqjLMGytuF6LOxL2yFd0v
+hkGtb4ThrNmFgY6w8F0kx1gh+tqCvaXGJHSKOGXcKV/9vqC2BKPyYYNPbWCwrJZ8
+6f8CP8/zE/sQfInr7bCHI5oMdJKUlg==
+-----END PRIVATE KEY-----