deployment working so far

Dockerfile

@@ -32,7 +32,7 @@ RUN \
 EXPOSE 20169/udp
 USER nobody
 
-CMD [ "/usr/local/bin/sink20169", "-v" ]
+CMD [ "/usr/local/bin/sink20169", "-v", "-d" ]
 
   
 

deployment/deploy.yml

@@ -1,12 +1,34 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  namespace: mainscnt
+  name: deny-all-but-dns
+spec:
+  podSelector:
+    matchLabels: {}
+  policyTypes:
+    - Egress
+    - Ingress
+  egress:
+    - to:
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: kube-system
+      ports:
+        - protocol: UDP
+          port: 53
+        - protocol: TCP
+          port: 53
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: sinkserver
+  namespace: mainscnt
   labels:
     app: sinkserver
 spec:
-  replicas: 3
+  replicas: 1
   selector:
     matchLabels:
       app: sinkserver
@@ -15,11 +37,9 @@ spec:
       labels:
         app: sinkserver
     spec:
-      imagePullSecrets:
-        - name: hottis-registry-creds
       containers:
         - name: sinkserver
-          image: registry.hottis.de/mainscnt/sinkserver:314b9a42
+          image: wollud1969/sinkserver:e5f9d3e3
           ports:
             - containerPort: 20169
               protocol: UDP
@@ -39,6 +59,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: sinkserver
+  namespace: mainscnt
   labels:
     app: sinkserver
 spec:
@@ -49,6 +70,72 @@ spec:
     - protocol: UDP
       port: 20169
       targetPort: 20169
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-database-sinkserver
+  namespace: database
+spec:
+  podSelector:
+    matchLabels:
+      app: timescaledb
+  policyTypes:
+    - Ingress
+  ingress:
+    - from:
+      - podSelector:
+          matchLabels:
+            app: sinkserver
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: mainscnt
+      ports:
+        - protocol: TCP
+          port: 5432
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-sinkserver-database
+  namespace: mainscnt
+spec:
+  podSelector:
+    matchLabels:
+      app: sinkserver
+  policyTypes:
+    - Egress
+  egress:
+    - to:
+      - podSelector:
+          matchLabels:
+            app: timescaledb
+      - namespaceSelector:
+          matchLabels:
+            kubernetes.io/metadata.name: database
+      ports:
+        - protocol: TCP
+          port: 5432
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-sinkserver-ingress
+  namespace: mainscnt
+spec:
+  podSelector:
+    matchLabels:
+      app: sinkserver
+  policyTypes:
+    - Ingress
+  ingress:
+    - from:
+      - ipBlock:
+          cidr: 0.0.0.0/0
+      ports:
+        - protocol: UDP
+          port: 20169
+
 
 
 

deployment/namespace.yml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: mainscnt

schema/create.sql

@@ -0,0 +1,30 @@
+create sequence device_s;
+
+CREATE TABLE device_t (
+    id integer DEFAULT nextval('device_s') NOT NULL,
+    deviceid character varying(64) NOT NULL,
+    sharedsecret character varying(31) NOT NULL,
+    location character varying(128) NOT NULL,
+    active boolean DEFAULT false NOT NULL,
+    contact character varying(128),
+    flaky boolean DEFAULT false NOT NULL,
+    CONSTRAINT device_t_sharedsecret_check CHECK ((char_length((sharedsecret)::text) = 31))
+);
+
+ALTER TABLE ONLY device_t
+    ADD CONSTRAINT device_t_deviceid_key UNIQUE (deviceid);
+
+ALTER TABLE ONLY device_t
+    ADD CONSTRAINT device_t_pkey PRIMARY KEY (id);
+
+CREATE TABLE mainsfrequency (
+    "time" timestamp without time zone NOT NULL,
+    host text,
+    location text,
+    freq double precision,
+    valid smallint DEFAULT 1 NOT NULL
+);
+
+select create_hypertable('mainsfrequency', 'time');
+
+