def basic_vault_agent_architecture():
with Diagram(name="Vault Agent Architecture", show=False, direction="LR"):
with Cluster("Control Plane"):
apiserver = APIServer()
with Cluster("Vault"):
svc = Service(":8200")
certs_secret = Secret("Certs Secret")
vault_configmap = ConfigMap("Vault Config")
vault = Vault("Vault")
file_backend = PV("Encrypted Store")
vault >> file_backend
vault >> Edge() << svc
vault << certs_secret
vault << vault_configmap
with Cluster("Secure Pod"):
vault_agent = Custom("Vault Agent", crio_icon)
vault_init_agent = Custom("Init Vault Agent", crio_icon)
manual = [vault_init_agent, vault_agent]
app_container = Custom("App", crio_icon)
inMemory = Vol("In Memory")
manual >> inMemory
app_container << inMemory
manual << svc << manual >> Edge() << app_container
apiserver >> Edge() << vault
def general(c):
with Diagram('Context', filename='general', show=False, graph_attr={'pad': '0.0'}):
_ = NS('astrid-kube')
_cb_pod = Pod('CB')
_cb_deploy = Deployment('CB')
with Cluster('Services'):
_srvs = [Service('elasticsearch-service'),
Service('kafka-service'), Service('cb-manager-service'), Service('kibana')]
with Cluster('Storage'):
_strg = PVC('elasticsearch-pv-volume') >> PV('elasticsearch-pv')
_srvs >> _cb_pod << _cb_deploy << _strg
def general(c):
with Diagram('general', show=False):
_ = NS('astrid-kube')
_cb_pod = Pod('CB')
_cb_deploy = Deployment('CB')
with Cluster('Services'):
_srvs = [
Service('elasticsearch-service'),
Service('kafka-service'),
Service('cb-manager-service')
]
with Cluster('Storage'):
_strg = PVC('elasticsearch-pv-volume') >> PV('elasticsearch-pv')
_srvs >> _cb_pod << _cb_deploy << _strg
def k8s(name):
with Cluster(name):
with Cluster('ns: onepanel'):
svc_core = Service('core')
pd_core = Pod('core-*')
dep_core = Deployment('core')
dep_core >> pd_core
svc_core >> pd_core
svc_core_ui = Service('core-ui')
pd_core_ui = Pod('core-ui-*')
dep_core_ui = Deployment('core-ui')
dep_core_ui >> pd_core_ui
svc_core_ui >> pd_core_ui
with Cluster('ns: istio-system'):
ing = Ingress('istio-ingressgateway')
# cert = Secret('TLS')
with Cluster('ns: my-project'):
with Cluster('Workspace'):
svc_workspace = Service('jupyterlab')
pd_workspace = Pod('jupyterlab-*')
pv_workspace = PV('jupyterlab-data-0')
sts_workspace = StatefulSet('jupyterlab')
sts_workspace >> pd_workspace
pd_workspace - pv_workspace
svc_workspace >> pd_workspace
# with Cluster('ns: cert-manager'):
# certmanager = Pod('cert-manager')
# certmanager >> cert
ing >> [svc_core, svc_core_ui, svc_workspace]
node_1 = Node('node-1')
node_2 = Node('node-2')
node_3 = Node('node-2')
pd_core - node_1
pd_core - node_2
pd_core_ui - node_1
pd_core_ui - node_2
pd_workspace - node_3
return node_1, node_2, node_3, ing, pd_core, pv_workspace
# kubernetes-diagram.py
# run the cmd: python3 cyri-lan-archi-diagram.py to generate the png file.
from diagrams import Cluster, Diagram
from diagrams.generic.network import Switch, Router
from diagrams.generic.storage import Storage
from diagrams.k8s.compute import Pod
from diagrams.k8s.network import Ingress, Service
from diagrams.k8s.storage import PV, PVC, StorageClass
from diagrams.elastic.elasticsearch import Elasticsearch, Logstash, Kibana
from diagrams.oci.connectivity import DNS
from diagrams.onprem.compute import Server, Nomad
with Diagram("Kubernetes Diagram", show=False):
synology = DNS("reverse DNS")
with Cluster("RaspberryPi4 + K3S"):
ingress = Ingress("cyri.intra")
svc = Service("services")
pvc = PVC("pv claim")
with Cluster("apps"):
logstash = Logstash("logstash-oss")
elasticsearch = Elasticsearch("elasticsearch")
squid = Server("squid")
elk = [elasticsearch - logstash - Kibana("kibana")]
with Cluster("local-storage"):
pv = [StorageClass("storage class") >> PV("persistent volume")]
k8s = ingress >> svc
k8s >> squid >> pvc << pv
k8s >> logstash >> pvc << pv
synology << ingress
from diagrams import Cluster, Diagram
from diagrams.k8s.compute import Pod, DaemonSet
from diagrams.k8s.storage import PV, PVC, StorageClass
with Diagram("Persistent Storage for a Pod", show=False):
with Cluster("k8s"):
pod = Pod("d1")
pvc = PVC("pvc-1")
pv = PV("pvc-[uuid]")
sc = StorageClass("fast")
ds = DaemonSet("StorageOS")
pod >> pvc << pv << sc >> ds
with Cluster("Deployments",graph_attr={"fontsize": "67"}):
ing_chartmuseum = Nginx("Ingress")
#ing_deck = Nginx("deck")
#ing_hook = Nginx("hook")
#ing_crier = Nginx("crier")
with Cluster("Registries",graph_attr={"fontsize": "47"}):
with Cluster("Nexus"):
svc_nexus = custom.Custom("Nexus","assets/img/logos/logo_nexus.png")
pod_nexus = Pod("nexus")
secret_nexus = Secret("nexus")
token_nexus = Secret("default-token")
sa_nexus = ServiceAccount("default")
data_volume = PVC("nexus-data-volume")
config_volume_nexus = PV("nexus")
configmap_nexus = ConfigMap("nexus")
pod_nexus - Edge(color="gray", style="dashed") - secret_nexus - Edge(color="gray", style="dashed") - token_nexus - Edge(color="gray", style="dashed") - sa_nexus
pod_nexus - Edge(color="gray", style="dashed") - config_volume_nexus
svc_nexus >> pod_nexus
with Cluster("Chartmusem"):
svc_chartmuseum = custom.Custom("Chartmuseum","assets/img/logos/logo_chartmuseum.png")
pod = Pod("chartmuseum")
secret = Secret("chartmuseum")
token = Secret("default-token")
sa = ServiceAccount("default")
from diagrams import Cluster, Diagram
from diagrams.k8s.compute import Pod, StatefulSet
from diagrams.k8s.network import Service
from diagrams.k8s.storage import PV, PVC, StorageClass
with Diagram("Stateful Architecture", show=False):
with Cluster("Apps"):
svc = Service("svc")
sts = StatefulSet("sts")
apps = []
for _ in range(3):
pod = Pod("pod")
pvc = PVC("pvc")
pod - sts - pvc
apps.append(svc >> pod >> pvc)
apps << PV("pv") << StorageClass("sc")
from diagrams import Diagram, Cluster
from diagrams.k8s.network import Ingress, Service
from diagrams.k8s.compute import StatefulSet, Pod
from diagrams.k8s.storage import PV
from diagrams.k8s.infra import Node
with Diagram("Standard Kubernetes Install", show=False, direction="LR"):
ing = Ingress("trow.io")
svc = Service("trow-svc")
ing >> svc
pod = Pod("trow")
StatefulSet("trow-set") - pod
pod - PV("data-vol")
svc >> pod
with Cluster("Nodes"):
workers = [Node("Node 1"), Node("Node 2"), Node("Node 3")]
workers >> ing
from diagrams import Cluster, Diagram, Edge
from diagrams.k8s.compute import Pod, DaemonSet
from diagrams.k8s.storage import PV, PVC, StorageClass
with Diagram("Persistent Storage with replica for a Pod", show=False):
with Cluster("k8s"):
pod = Pod("d2")
pvc = PVC("pvc-2")
pv1 = PV("pvc-[uuid] (primary)")
pv2 = PV("pvc-[uuid] (replica)")
sc = StorageClass("storageos-rep-1")
ds = DaemonSet("StorageOS")
pod >> pvc
pvc << pv1 << sc
pvc - Edge(color="red", style="dotted") - pv2
pv2 - Edge(color="brown", style="dotted") - sc
sc >> ds
def main():
graph_attr = {"fontsize": "45", "bgcolor": "white"}
with Diagram("Deployment-0",
graph_attr=graph_attr,
show=False,
filename="img/deployment-0",
outformat="png",
direction="LR"):
with Cluster("Backup"):
velero = Backup("Velero")
with Cluster("Storage"):
with Cluster("OpeneEBS"):
with Cluster("node from pod"):
node = Server("node n")
with Cluster("Pod + Volume"):
hostpath = Pod("openebs-hostpath")
hostpath_pv = PV("LocalPV")
hostpath >> PVC("claim") >> hostpath_pv >> Edge(
color="darkred") >> node
hostpath >> node
velero >> Edge(color="darkred", style="dashed") << hostpath_pv
with Cluster("Longhorn"):
with Cluster("Storage nodes"):
nodes = [
Server("node-3"),
Server("node-2"),
Server("node-1")
]
with Cluster("Pod + Volume"):
longhorn = Pod("longhorn")
longhorn_pv = PV("Replicated")
longhorn >> PVC("claim") >> longhorn_pv >> Edge(
color="blue") >> nodes
velero >> Edge(color="blue", style="dashed") << longhorn_pv
with Cluster("Internet"):
internet = Internet("HTTP clients")
certprovider = Internet("Cert provider")
lan = Server("LAN")
s3 = S3("S3")
s3 >> Edge(color="blue") << velero
with Cluster("Ingress"):
with Cluster("MetalLB"):
metallb1 = LoadBalancing("IP1")
metallb2 = LoadBalancing("IP2")
certprovider >> Edge(color="darkred") >> metallb1
with Cluster("NGINX"):
ingress_ext = Nginx("External")
ingress_int = Nginx("Internal")
with Cluster("Certificates"):
certmanager = CertificateManager("cert-manager")
certissuer = CertificateManager("cert-issuer")
certmanager >> certissuer
ingress_ext >> Edge(color="red", label="acme") >> certmanager
ingress_ext << Edge(color="red",
label="cert-secret") << certmanager
internet >> Edge(color="blue") >> metallb1 >> Edge(
color="darkgreen") >> ingress_ext
certprovider << Edge(color="red", style="dashed",
label="http-01") << certissuer
lan >> Edge(color="blue") >> metallb2 >> Edge(
color="darkgreen") >> ingress_int
from diagrams import Cluster, Diagram, Edge
from diagrams.k8s.compute import Pod, DaemonSet
from diagrams.k8s.storage import PV, PVC, StorageClass
with Diagram("foodmag-app overview", show=False):
with Cluster("k8s"):
ds = DaemonSet("StorageOS")
sc = StorageClass("storageos-rep-1")
pvc = PV("pvc-[uuid]")
pvp = PV("pvc-[uuid]")
with Cluster("namespace: foodmag-app"):
cms = Pod("drupal")
sql = Pod("postgresql")
pvcc = PVC("pvc-cms")
pvcp = PVC("pvc-sql")
# cms >> sql
cms >> pvcc
sql >> pvcp
pvcc << pvc << sc
pvcp << pvp << sc
sc >> ds
ing_chartmuseum = Nginx("Ingress")
#ing_deck = Nginx("deck")
#ing_hook = Nginx("hook")
#ing_crier = Nginx("crier")
with Cluster("Registries", graph_attr={"fontsize": "47"}):
with Cluster("Nexus"):
svc_nexus = custom.Custom("Nexus",
"assets/img/logos/logo_nexus.png")
pod_nexus = Pod("nexus")
secret_nexus = Secret("nexus")
token_nexus = Secret("default-token")
sa_nexus = ServiceAccount("default")
data_volume = PVC("nexus-data-volume")
config_volume_nexus = PV("nexus")
configmap_nexus = ConfigMap("nexus")
pod_nexus - Edge(
color="gray", style="dashed") - secret_nexus - Edge(
color="gray", style="dashed") - token_nexus - Edge(
color="gray", style="dashed") - sa_nexus
pod_nexus - Edge(color="gray",
style="dashed") - config_volume_nexus
svc_nexus >> pod_nexus
with Cluster("Chartmusem"):
svc_chartmuseum = custom.Custom(
"Chartmuseum", "assets/img/logos/logo_chartmuseum.png")