98 lines
4.3 KiB
Python
98 lines
4.3 KiB
Python
from diagrams import Cluster, Diagram, Edge
|
||
from diagrams.k8s.network import Ingress
|
||
from diagrams.k8s.compute import Deployment, StatefulSet
|
||
from diagrams.k8s.storage import PVC, StorageClass
|
||
from diagrams.onprem.network import Opnsense
|
||
from diagrams.onprem.certificates import CertManager
|
||
from diagrams.onprem.proxmox import ProxmoxVE
|
||
from diagrams.onprem.vcs import Gitea
|
||
from diagrams.generic.os import Windows
|
||
|
||
graph_attr = {
|
||
"fontsize": "13",
|
||
"pad": "0.6",
|
||
"nodesep": "0.5",
|
||
"ranksep": "1.0",
|
||
"splines": "ortho",
|
||
}
|
||
|
||
with Diagram(
|
||
"ExpertFab Infrastruktur",
|
||
filename="k8s_cluster",
|
||
outformat="png",
|
||
show=False,
|
||
direction="TB",
|
||
graph_attr=graph_attr,
|
||
):
|
||
# ── Physische Ebene ───────────────────────────────────────────────────────
|
||
with Cluster("Proxmox Cluster efproxcl02 – 95.156.232.42"):
|
||
|
||
with Cluster("efproxcl02n01 – 64 vCPU / 128 GB"):
|
||
fw = Opnsense("efscfw01\nOPNsense / FW\n10.42.70.1")
|
||
n01_kctl = ProxmoxVE("efsckubctl\nK3s control plane")
|
||
n01_kn02 = ProxmoxVE("efsckubnode02\nK3s worker")
|
||
n01_smtp = ProxmoxVE("efsmtprelay")
|
||
n01_trade = ProxmoxVE("eftrade01")
|
||
n01_git = Gitea("efgit01 / Gitea\ngit.expertfab.de")
|
||
|
||
with Cluster("efproxcl02n02 – 64 vCPU / 128 GB"):
|
||
n02_kn1 = ProxmoxVE("efsckubnode1\nK3s worker")
|
||
n02_af = ProxmoxVE("efscairflow01\nAirflow")
|
||
n02_veeam = ProxmoxVE("efscveeam01\nVeeam Backup")
|
||
n02_dc = Windows("efscdc01\nDomain Controller")
|
||
n02_print = ProxmoxVE("efscprint01\nPrintserver")
|
||
n02_moni = ProxmoxVE("efscmoni01\nMonitoring")
|
||
|
||
# ── Logische K3s-Ebene ────────────────────────────────────────────────────
|
||
# K3s läuft auf: efsckubctl (control) + efsckubnode1 + efsckubnode02
|
||
with Cluster("K3s Cluster (efsckubctl · efsckubnode1 · efsckubnode02)"):
|
||
|
||
cert = CertManager("cert-manager\nLet's Encrypt")
|
||
traefik = Ingress("Traefik Ingress\n10.42.71.60")
|
||
cert >> traefik
|
||
|
||
with Cluster("erpnext – expertfab.de / www.expertfab.de"):
|
||
nginx = Deployment("Nginx")
|
||
gunicorn = Deployment("Gunicorn")
|
||
workers = Deployment("Workers\ndefault / short / long")
|
||
mariadb = StatefulSet("MariaDB 10.6")
|
||
df_cache = Deployment("DragonflyDB\ncache")
|
||
df_queue = Deployment("DragonflyDB\nqueue")
|
||
nginx >> gunicorn >> workers
|
||
[gunicorn, workers] >> mariadb
|
||
[gunicorn, workers] >> df_cache
|
||
workers >> df_queue
|
||
|
||
with Cluster("paperless – docs.expertfab.de"):
|
||
paperless = Deployment("Paperless-NGX")
|
||
|
||
with Cluster("zitadel – auth.expertfab.de"):
|
||
zitadel = Deployment("Zitadel")
|
||
|
||
with Cluster("rabbitmq – api.expertfab.de"):
|
||
fastapi = Deployment("FastAPI")
|
||
|
||
with Cluster("coworkbase – coworkbase.de"):
|
||
cowork = Deployment("Coworkbase")
|
||
|
||
with Cluster("qubicticker – qubicticker.qchief.io"):
|
||
ticker = Deployment("Qubicticker")
|
||
|
||
traefik >> [nginx, paperless, zitadel, fastapi, cowork, ticker]
|
||
|
||
with Cluster("Longhorn Storage"):
|
||
sc = StorageClass("longhorn")
|
||
pvc_mariadb = PVC("MariaDB 10 Gi RWO")
|
||
pvc_sites = PVC("Sites 10 Gi RWX")
|
||
pvc_logs = PVC("Logs 5 Gi RWX")
|
||
pvc_queue = PVC("Queue 2 Gi RWO")
|
||
sc >> [pvc_mariadb, pvc_sites, pvc_logs, pvc_queue]
|
||
mariadb >> Edge(style="dashed") >> pvc_mariadb
|
||
gunicorn >> Edge(style="dashed") >> pvc_sites
|
||
nginx >> Edge(style="dashed") >> pvc_logs
|
||
df_queue >> Edge(style="dashed") >> pvc_queue
|
||
|
||
# ── Verbindungen ──────────────────────────────────────────────────────────
|
||
fw >> traefik
|
||
n01_git >> Edge(label="image pull", style="dashed") >> nginx
|