def k8s(name):
with Cluster(name):
with Cluster('ns: onepanel'):
svc_core = Service('core')
pd_core = Pod('core-*')
dep_core = Deployment('core')
dep_core >> pd_core
svc_core >> pd_core
svc_core_ui = Service('core-ui')
pd_core_ui = Pod('core-ui-*')
dep_core_ui = Deployment('core-ui')
dep_core_ui >> pd_core_ui
svc_core_ui >> pd_core_ui
with Cluster('ns: istio-system'):
ing = Ingress('istio-ingressgateway')
# cert = Secret('TLS')
with Cluster('ns: my-project'):
with Cluster('Workspace'):
svc_workspace = Service('jupyterlab')
pd_workspace = Pod('jupyterlab-*')
pv_workspace = PV('jupyterlab-data-0')
sts_workspace = StatefulSet('jupyterlab')
sts_workspace >> pd_workspace
pd_workspace - pv_workspace
svc_workspace >> pd_workspace
# with Cluster('ns: cert-manager'):
# certmanager = Pod('cert-manager')
# certmanager >> cert
ing >> [svc_core, svc_core_ui, svc_workspace]
node_1 = Node('node-1')
node_2 = Node('node-2')
node_3 = Node('node-2')
pd_core - node_1
pd_core - node_2
pd_core_ui - node_1
pd_core_ui - node_2
pd_workspace - node_3
return node_1, node_2, node_3, ing, pd_core, pv_workspace
def general(c):
with Diagram('Context', filename='general', show=False, graph_attr={'pad': '0.0'}):
_ = NS('astrid-kube')
_cb_pod = Pod('CB')
_cb_deploy = Deployment('CB')
with Cluster('Services'):
_srvs = [Service('elasticsearch-service'),
Service('kafka-service'), Service('cb-manager-service'), Service('kibana')]
with Cluster('Storage'):
_strg = PVC('elasticsearch-pv-volume') >> PV('elasticsearch-pv')
_srvs >> _cb_pod << _cb_deploy << _strg
def general(c):
with Diagram('general', show=False):
_ = NS('astrid-kube')
_cb_pod = Pod('CB')
_cb_deploy = Deployment('CB')
with Cluster('Services'):
_srvs = [
Service('elasticsearch-service'),
Service('kafka-service'),
Service('cb-manager-service')
]
with Cluster('Storage'):
_strg = PVC('elasticsearch-pv-volume') >> PV('elasticsearch-pv')
_srvs >> _cb_pod << _cb_deploy << _strg
from diagrams import Cluster, Diagram, Edge
from diagrams.k8s.compute import Pod
from diagrams.k8s.compute import Deployment
from diagrams.k8s.compute import ReplicaSet
from diagrams.onprem.container import Docker
with Diagram("kubernetes configuration files", show=False):
depl = Deployment("Deployment")
rs = ReplicaSet("ReplicaSet")
pod = Pod("Pod")
docker = Docker("Container")
depl >> rs >> pod >> docker
with Diagram("Setup a blog on k3s",
show=False,
graph_attr=graph_attr,
node_attr=node_attr,
direction="TB"):
users = Users("Users")
with Cluster("LetsEncrypt API Servers", graph_attr=graph_attr):
letsencrypt = LetsEncrypt("LE SSL Certificate")
with Cluster("BareMetal Server", graph_attr=graph_attr):
with Cluster("K8S Cluster", graph_attr=graph_attr):
with Cluster("NS Cert-Manager", graph_attr=graph_attr):
certificate_request = CertManager("mywebsite.com")
with Cluster("NS www", graph_attr=graph_attr):
website_secret = Secret("mywebsite.com")
with Cluster("Ingress", graph_attr=graph_attr):
ingress = Ingress("https")
with Cluster("Pods", graph_attr=graph_attr):
pod = Pod('website')
with Cluster("Deployment", graph_attr=graph_attr):
pod_deploy = Deployment("website")
with Cluster("RS", graph_attr=graph_attr):
pod_rs = RS("website")
letsencrypt >> website_secret >> ingress
certificate_request >> letsencrypt
users >> ingress >> pod
pod_rs >> pod
pod_deploy >> pod
pod_horologium - Edge(color="gray", style="dashed") - secret_horologium - Edge(color="gray", style="dashed") - sa_horologium
svc_horologium >> pod_horologium
with Cluster("Pipeline"):
pod_pipeline = Pod("pipeline")
token_pipeline = Secret("pipeline-token")
sa_pipeline = ServiceAccount("pipeline")
config_volume_pipeline = PV("config")
pod_pipeline- Edge(color="gray", style="dashed") - token_pipeline
pod_pipeline - Edge(color="gray", style="dashed") - sa_pipeline
pod_pipeline - Edge(color="gray", style="dashed") - config_volume_pipeline
Deployment("pipeline") << Edge(style="bold") << pod_pipeline << Edge(color="orange",style="bold") << ReplicaSet("pipeline") << Edge(style="bold")
with Cluster("Controllerbuild"):
svc_controllerbuild = Service("controllerbuild")
pod_controllerbuild = Pod("controllerbuild")
secret_controllerbuild = Secret("controllerbuild-token")
sa_controllerbuild = ServiceAccount("controllerbuild")
pod_controllerbuild - Edge(color="gray", style="dashed") - secret_controllerbuild - Edge(color="gray", style="dashed") - Edge(color="gray", style="dashed") - sa_controllerbuild
svc_controllerbuild >> pod_controllerbuild
with Cluster("Controllerrole"):
svc_controllerrole = Service("controllerrole")
pod_controllerrole = Pod("controllerrole")
with Cluster("Namespace 'jitsi'"):
n_shards = 2
n_haproxy = 2
haproxy_sts = StatefulSet("haproxy")
haproxy_pods = [Pod(f"haproxy-{j}") for j in range(n_haproxy)]
haproxy_sts >> haproxy_pods
web_service = Service("web")
ingress = Ingress("jitsi.messenger.schule")
ingress >> Service("haproxy") >> haproxy_pods >> web_service
for k in range(n_shards):
with Cluster(f"Shard-{k}"):
web_pod = Pod(f"shard-{k}-web")
prosody_pod = Pod(f"shard-{k}-prosody")
jicofo_pod = Pod(f"shard-{k}-jicofo")
Deployment(f"shard-{k}-prosody") >> prosody_pod
Deployment(f"shard-{k}-jicofo") >> jicofo_pod
web_service >> web_pod
prosody_service = Service(f"shard-{k}-prosody")
prosody_service >> prosody_pod
prosody_service << web_pod
prosody_service << jicofo_pod
n_jvbs = 3
with Cluster(f"Jitsi Videobridge Shard-{k}"):
jvb_pods = [
Pod(f"shard-{k}-jvb-{i}") for i in range(n_jvbs)
]
jvb_services = [
Service(f"shard-{k}-jvb-{i}") for i in range(n_jvbs)
]
from diagrams import Diagram
from diagrams.k8s.compute import Deployment, Pod, ReplicaSet
from diagrams.k8s.network import Service
graph_attr = {
"fontsize": "30",
"bgcolor": "transparent",
"pad": "0.8",
"fixedsize": "shape",
"fontname": "Roboto",
"width": "10.0",
"dpi": "80"
}
with Diagram("single member hazelcast cluster",
show=False,
outformat="png",
graph_attr=graph_attr):
Service() >> Pod() << ReplicaSet() << Deployment()
with Diagram("multiple member hazelcast cluster",
show=False,
outformat="png",
graph_attr=graph_attr):
Service() >> [Pod(), Pod(), Pod()] << ReplicaSet() << Deployment()
from diagrams import Diagram
from diagrams.k8s.compute import DaemonSet, Deployment, Pod, ReplicaSet
from diagrams.k8s.network import Ingress, Service
from diagrams.k8s.podconfig import ConfigMap
from diagrams.k8s.group import Namespace
with Diagram("JupyterHub Kubernetes Architecture", show=False):
nublado_ns = Namespace("nublado")
pp_net = Ingress("/pp")
nb_net = Ingress("/nb")
pp_svc = Service("Prepuller")
pp_deploy = Deployment("Prepuller")
pp_pod = Pod("Prepuller")
pp_ds = DaemonSet("Single image puller")
hub_config = ConfigMap("Hub Config YAML")
hub_svc = Service("JupyterHub")
hub_deploy = Deployment("JupyterHub")
hub_pod = Pod("JupyterHub")
proxy_svc = Service("JupyterHubProxy")
proxy_deploy = Deployment("JupyterHubProxy")
proxy_pod = Pod("JupyterHubProxy")
user_ns = Namespace("nublado-lsptestuser01")
user_lab_pod = Pod("JupyterLab pod")
user_config = ConfigMap("Lab Config YAML + Token")
nublado_ns >> nb_net >> proxy_svc >> proxy_deploy >> proxy_pod >> hub_svc
from diagrams import Diagram, Cluster
from diagrams.k8s.clusterconfig import HPA
from diagrams.k8s.compute import Deployment, Pod, ReplicaSet
from diagrams.k8s.network import Ingress, Service
with Diagram("Exposed Pod with 4 Replicas", show=True):
net = Ingress("releasemanagement.org")
with Cluster("Kube Cluster"):
net >> Service("svc") >> [Pod("pod1"),
Pod("pod2"),
Pod("pod3"),
Pod("Pod4")] << ReplicaSet("rs") << Deployment("dp") << HPA("hpa")
›
from diagrams import Diagram
from diagrams.k8s.clusterconfig import HPA
from diagrams.k8s.compute import Deployment, Pod, ReplicaSet
from diagrams.k8s.network import Ingress, Service
with Diagram("Research", show=False, filename="research"):
net = Ingress("research.cashcowpro.com") >> Service("svc")
pods = [
Pod("api-1"),
Pod("api-2"),
Pod("api-3"),
Pod("worker-1"),
Pod("worker-2"),
Pod("worker-3")
]
net >> pods << ReplicaSet("rs") << Deployment("dp") << HPA("hpa")
from diagrams import Cluster, Diagram, Edge
from diagrams.k8s.compute import Deployment, Pod
from diagrams.k8s.controlplane import API
from diagrams.k8s.group import NS
from diagrams.k8s.podconfig import Secret
from diagrams.oci.compute import OCIR
with Diagram("regcred-injector", show=True):
api = API("Control Plane")
ocir = OCIR("DockerHub")
injector = None
with Cluster("kube-system"):
injector = Deployment("regcred-injector")
secret = Secret("Credential/Certs")
api << Edge(label="1 mutate webhook") << injector << Edge(
label="4 return mutated response") << api
injector >> Edge(label="2 fetch credential") >> secret
with Cluster("default"):
pod = Pod("new-pod")
secret = Secret("regcred")
api >> Edge(label="5 create pod") >> pod >> Edge(
label="6 use registry credential") >> secret
injector >> Edge(label="3 create registry credential") >> secret
pod >> Edge(label="7 authenticated pull") >> ocir
from diagrams import Diagram, Cluster
from diagrams.k8s.group import Namespace
from diagrams.k8s.compute import Deployment, Pod
from diagrams.k8s.network import Service
from diagrams.onprem.monitoring import Prometheus, Grafana
from diagrams.onprem.network import Istio
with Diagram('Observability') as result:
with Cluster('Minikube') as minikube:
with Cluster('default') as app_namespace:
Service('simpleapp-sevice') << Deployment('simpleapp') << Pod('simpleapp') << Istio('proxy')
with Cluster('kube-system') as kube_system:
istio = Istio('config')
istio >> Pod('Kiali')
prom = Prometheus()
prom << Grafana()
prom >> Pod('Jaegar')
if __name__ == "__main__":
result
from diagrams.k8s.storage import PersistentVolume, PersistentVolumeClaim, StorageClass
from diagrams.onprem.client import Client
with Diagram("TRM Exercise Detail", show=False):
with Cluster("GCP"):
# Resources
app_lb_ext = LoadBalancing("App LB (HTTP/external)")
app_lb_int = LoadBalancing("App LB (TCP/internal)")
app_ingress_ext = Ingress("App Ingress (external)")
app_fw = FirewallRules("Firewall")
with Cluster("GKE"):
with Cluster("App Namespace"):
# Resources
app_dep = Deployment("App Deployment")
app_rs = ReplicaSet("App ReplicaSet")
app_replica_set_count = 3
app_pods = [
Pod("App Pod")
for pod in range(0, app_replica_set_count, 1)
]
app_secret = Secret(
"App Secret\n(contains DB credentials & host)")
app_svc_ext = Service("App Service (external)")
app_svc_int = Service("App Service (internal)")
# Relationships
app_dep >> app_rs >> app_pods << app_svc_ext << app_ingress_ext << app_lb_ext << app_fw
# app_pods << app_svc_int << app_lb_int << app_fw
app_secret << app_dep
with Cluster("Tekton Controller"):
tekton_controller = custom.Custom("Tekton",
"assets/img/logos/tekton.png")
pod_tekton_controller = Pod("tekton")
token_tekton_controller = Secret("tekton-pipeline-token")
sa_tekton_controller = ServiceAccount("tekton-pipeline")
config_volume_tekton_controller = PV("config-logging")
pod_tekton_controller - Edge(
color="gray", style="dashed") - token_tekton_controller
pod_tekton_controller - Edge(color="gray",
style="dashed") - sa_tekton_controller
pod_tekton_controller - Edge(
color="gray", style="dashed") - config_volume_tekton_controller
Deployment("tekton-pipeline-controller") << Edge(
style="bold") << pod_tekton_controller << Edge(
color="orange",
style="bold") << ReplicaSet("tekton") << Edge(style="bold")
with Cluster("Controllerbuild"):
svc_controllerbuild = Service("controllerbuild")
pod_controllerbuild = Pod("controllerbuild")
secret_controllerbuild = Secret("controllerbuild-token")
sa_controllerbuild = ServiceAccount("controllerbuild")
pod_controllerbuild - Edge(
color="gray", style="dashed") - secret_controllerbuild - Edge(
color="gray", style="dashed") - Edge(
color="gray", style="dashed") - sa_controllerbuild
#!/usr/bin/env python
from diagrams import Diagram, Cluster
from diagrams.k8s.compute import Deployment
from diagrams.onprem.compute import Server
from diagrams.onprem.network import Internet
from diagrams.onprem.queue import RabbitMQ
with Diagram("mailer", show=False, direction="TB"):
with Cluster("github.com/ViBiOh"):
mailer = Deployment("mailer")
mjml = Deployment("mjml-api")
[Internet("HTTP"), RabbitMQ("AMQP")] >> mailer >> [
mjml,
Server("SMTP"),
]
