From 5abc90152e8307cef251481d9ea5ba6dc9965380 Mon Sep 17 00:00:00 2001 From: Ryan Cuda Date: Fri, 17 Apr 2026 18:00:02 -0700 Subject: [PATCH] first commit --- 01-namespace.yaml | 8 +++ 02-pvc.yaml | 15 ++++++ 03-deployment.yaml | 106 +++++++++++++++++++++++++++++++++++++ 04-svc.yaml | 55 +++++++++++++++++++ 05-sa.yaml | 8 +++ 06-clusterrole.yaml | 16 ++++++ 07-clusterrolebinding.yaml | 12 +++++ README.md | 34 ++++++++++++ 8 files changed, 254 insertions(+) create mode 100644 01-namespace.yaml create mode 100644 02-pvc.yaml create mode 100644 03-deployment.yaml create mode 100644 04-svc.yaml create mode 100644 05-sa.yaml create mode 100644 06-clusterrole.yaml create mode 100644 07-clusterrolebinding.yaml create mode 100644 README.md diff --git a/01-namespace.yaml b/01-namespace.yaml new file mode 100644 index 0000000..1253fb3 --- /dev/null +++ b/01-namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: + labels: + kubernetes.io/metadata.name: minecraft + name: minecraft +--- diff --git a/02-pvc.yaml b/02-pvc.yaml new file mode 100644 index 0000000..d70e725 --- /dev/null +++ b/02-pvc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + annotations: + name: minecraft-data + namespace: minecraft +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 100Gi + volumeMode: Filesystem + storageClassName: ocs-storagecluster-cephfs +--- diff --git a/03-deployment.yaml b/03-deployment.yaml new file mode 100644 index 0000000..9ffb708 --- /dev/null +++ b/03-deployment.yaml @@ -0,0 +1,106 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + labels: + app: minecraft + app.kubernetes.io/component: minecraft + app.kubernetes.io/instance: minecraft + name: minecraft + namespace: minecraft +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + deployment: minecraft + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + deployment: minecraft + spec: + containers: + - env: + - name: EULA + value: "true" + - name: MOTD + value: Minecraft on Openshift + - name: GAME_MODE + value: creative + - name: ONLINE_MODE + value: "false" + image: gitea.lab.cudanet.org/cudanet/minecraft/minecraft:1.21.11 + imagePullPolicy: IfNotPresent + name: minecraft + ports: + - containerPort: 25565 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: minecraft-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: minecraft + serviceAccountName: minecraft + terminationGracePeriodSeconds: 30 + volumes: + - name: minecraft-data + persistentVolumeClaim: + claimName: minecraft-data +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + labels: + app: geysermc + app.kubernetes.io/component: geysermc + app.kubernetes.io/instance: geysermc + name: geysermc + namespace: minecraft +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + deployment: geysermc + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + creationTimestamp: null + labels: + deployment: geysermc + spec: + containers: + - image: gitea.lab.cudanet.org/cudanet/minecraft/geysermc:1.21.11 + imagePullPolicy: IfNotPresent + name: geysermc + ports: + - containerPort: 19132 + protocol: UDP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 diff --git a/04-svc.yaml b/04-svc.yaml new file mode 100644 index 0000000..6ffe2d8 --- /dev/null +++ b/04-svc.yaml @@ -0,0 +1,55 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + metallb.universe.tf/ip-allocated-from-pool: prod-ocp-101-200 + metallb.universe.tf/allow-shared-ip: minecraft + labels: + app: minecraft + app.kubernetes.io/component: minecraft + app.kubernetes.io/instance: minecraft + name: minecraft + namespace: minecraft +spec: + allocateLoadBalancerNodePorts: true + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 25565 + protocol: TCP + targetPort: 25565 + selector: + deployment: minecraft + sessionAffinity: None + type: LoadBalancer +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + metallb.universe.tf/allow-shared-ip: minecraft + metallb.universe.tf/ip-allocated-from-pool: prod-ocp-101-200 + labels: + app: geysermc + app.kubernetes.io/component: geysermc + app.kubernetes.io/instance: geysermc + name: geysermc + namespace: minecraft +spec: + allocateLoadBalancerNodePorts: true + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 19132 + protocol: UDP + targetPort: 19132 + selector: + deployment: geysermc + sessionAffinity: None + type: LoadBalancer diff --git a/05-sa.yaml b/05-sa.yaml new file mode 100644 index 0000000..0919349 --- /dev/null +++ b/05-sa.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: minecraft + namespace: minecraft + labels: + app: minecraft +--- diff --git a/06-clusterrole.yaml b/06-clusterrole.yaml new file mode 100644 index 0000000..306ac94 --- /dev/null +++ b/06-clusterrole.yaml @@ -0,0 +1,16 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: minecraft-anyuid + labels: + app: minecraft +rules: +- apiGroups: + - security.openshift.io + resourceNames: + - anyuid + resources: + - securitycontextconstraints + verbs: + - use +--- diff --git a/07-clusterrolebinding.yaml b/07-clusterrolebinding.yaml new file mode 100644 index 0000000..c4ac47e --- /dev/null +++ b/07-clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: minecraft-anyuid +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:openshift:scc:anyuid +subjects: +- kind: ServiceAccount + name: minecraft + namespace: minecraft diff --git a/README.md b/README.md new file mode 100644 index 0000000..34143f4 --- /dev/null +++ b/README.md @@ -0,0 +1,34 @@ +# minecraft + +``` +YAML=$(ls | grep yaml | sort) +for y in $YAML; do oc apply -f $y; done +``` + +# UPDATE 8/30/2023: + +new ServiceAccount, ClusterRole and ClusterRoleBinding created, now it doesn't rely on having to manually add an scc to the SA post deployment. Much cleaner and easier to manage. + +Then in order to restore the backup of the 'pirate ship' server, you need to do some trickery. You'll need to let the generic server come up, then you need copy the file 'minecraft.tar.gz' to the debug pod, erase the contents of /data, extract the tarball into /data, fix permissions and then bounce the pod. + +``` +oc get pod + +NAME READY STATUS RESTARTS AGE +minecraft-7cdb5fc967-mjchg 1/1 Running 0 2m39s + +oc debug minecraft-7cdb5fc967-mjchg +# from within the debug pod +# rm -rfv /data/* + +oc cp minecraft.tar.gz minecraft-7cdb5fc967-mjchg:/data/ + +# from within the debug pod +# tar xf minecraft.tar.gz +# chown -vR minecraft:minecraft /data +# chmod -vR 777 /data +# exit + +oc delete pod minecraft-7cdb5fc967-mjchg +``` +