Bước 6 - Cài đặt và cấu hình các thành phần tiên quyết

# Install rabbitMQ cluster operator
helm upgrade --install rabbitmq-cluster-operator oci://glasswallhub.azurecr.io/docker/bitnamicharts/rabbitmq-cluster-operator \
  --atomic \
  --version 4.4.23 \
  --set global.imageRegistry=glasswallhub.azurecr.io \
  --set global.imagePullSecrets[0]=acr-secret \
  --set global.security.allowInsecureImages=true \
  --set msgTopologyOperator.fullnameOverride=rabbitmq-messaging-topology-operator \
  --set clusterOperator.image.tag=2.15.0-debian-12-r0 \
  --set msgTopologyOperator.image.tag=1.17.2-debian-12-r0 \
  --set credentialUpdaterImage.tag=1.0.7-debian-12-r0 \
  --set rabbitmqImage.tag=4.1.1-debian-12-r2 \
  --set clusterOperator.watchAllNamespaces=false \
  --set clusterOperator.watchNamespaces={cdrplatform} \
  --set msgTopologyOperator.watchAllNamespaces=false \
  --set msgTopologyOperator.watchNamespaces={cdrplatform} \
  --set clusterOperator.resources.requests.cpu=100m \
  --set clusterOperator.resources.requests.memory=256Mi \
  --set clusterOperator.resources.limits.cpu=100m \
  --set clusterOperator.resources.limits.memory=256Mi \
  --set msgTopologyOperator.resources.requests.cpu=100m \
  --set msgTopologyOperator.resources.requests.memory=256Mi \
  --set msgTopologyOperator.resources.limits.cpu=100m \
  --set msgTopologyOperator.resources.limits.memory=256Mi

# Install keda
helm upgrade --install keda "oci://glasswallhub.azurecr.io/ghcr/home-operations/charts-mirror/keda" --atomic \
  --set global.image.registry="glasswallhub.azurecr.io/ghcr" \
  --set imagePullSecrets[0].name=acr-secret \
  --version 2.17.2

# Install nginx ingress controller
helm upgrade --install nginx-ingress oci://glasswallhub.azurecr.io/k8s/ingress-nginx/charts/ingress-nginx --atomic \
  --set imagePullSecrets[0].name=acr-secret \
  --set global.image.registry="glasswallhub.azurecr.io" \
  --set controller.image.image="k8s/ingress-nginx/controller" \
  --set controller.admissionWebhooks.patch.image.image="k8s/ingress-nginx/kube-webhook-certgen" \
  --set controller.image.digest=null \
  --set controller.admissionWebhooks.patch.image.digest=null \
  --set controller.service.annotations."service\.beta\.kubernetes\.io/azure-load-balancer-health-probe-request-path"=/healthz \
  --version 4.12.8

# Install External Secrets Operator
helm upgrade --install external-secrets oci://glasswallhub.azurecr.io/ghcr/external-secrets/charts/external-secrets \
  --set imagePullSecrets[0].name=acr-secret \
  --set webhook.imagePullSecrets[0].name=acr-secret \
  --set certController.imagePullSecrets[0].name=acr-secret \
  --set image.repository="glasswallhub.azurecr.io/ghcr/external-secrets/external-secrets" \
  --set webhook.image.repository="glasswallhub.azurecr.io/ghcr/external-secrets/external-secrets" \
  --set certController.image.repository="glasswallhub.azurecr.io/ghcr/external-secrets/external-secrets" \
  --version 0.16.1 \
  --set image.tag=v0.9.11 \
  --set installCRDs=true \
  --atomic

# Install Glasswall Halo External Secrets
helm upgrade --install cdrplatform-external-secrets cdrplatform-external-secrets -n cdrplatform --atomic --create-namespace \
  --set cloud_providers.oracle.enabled=true \
  --set cloud_providers.oracle.vault=${vault_ocid} \
  --set cloud_providers.oracle.region=${oracle_region} \
  --set cloud_providers.oracle.secretName="${vault_secret_name}"

# Install MongoDB kubernetes operator

helm install community-operator mongodb/community-operator --namespace ${operator_namespace} \
  --set operator.version=0.13.0 \
  --set agent.version=12.0.25.7724-1 \
  --atomic

helm pull bitnami/rabbitmq-cluster-operator --untar
kubectl apply -f rabbitmq-cluster-operator/crds/