Migrate Istio completely (#7)
Reviewed-on: https://git.badhouseplants.net/badhouseplants/k8s-cluster-config/pulls/7
This commit is contained in:
parent
de6599ac2b
commit
18109afec3
31
badhouseplants/values/values.istio-gateway.yaml
Normal file
31
badhouseplants/values/values.istio-gateway.yaml
Normal file
@ -0,0 +1,31 @@
|
||||
---
|
||||
service:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: minecraft
|
||||
port: 25565
|
||||
protocol: TCP
|
||||
targetPort: 25565
|
||||
- name: ssh-gitea
|
||||
port: 22
|
||||
protocol: TCP
|
||||
targetPort: 22
|
||||
- name: http2
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 80
|
||||
- name: https
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 443
|
||||
- name: tcp
|
||||
port: 1194
|
||||
protocol: TCP
|
||||
targetPort: 1194
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
limits:
|
||||
cpu: 200m
|
||||
memory: 1024Mi
|
7
badhouseplants/values/values.istiod.yaml
Normal file
7
badhouseplants/values/values.istiod.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
pilot:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 2048Mi
|
||||
|
@ -1,3 +1,4 @@
|
||||
---
|
||||
storageClassName: longhorn
|
||||
openvpn:
|
||||
server: "tcp://195.201.250.50:1194"
|
||||
|
@ -1,3 +1,3 @@
|
||||
#kubectl get all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings -l app.kubernetes.io/managed-by=Helm -l app.kubernetes.io/instance=cert-manager -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name | while read -r var1 var2; do kubectl annotate $var1 $var2 "meta.helm.sh/release-namespace"="cert-manager" "meta.helm.sh/release-name"="cert-manager" --overwrite; done
|
||||
|
||||
kubectl get sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=istio-base -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="istio-system" "meta.helm.sh/release-name"="istio-base" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done
|
||||
kubectl get EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=istiod -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="istio-system" "meta.helm.sh/release-name"="istiod" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done
|
||||
|
17
etersoft/values/values.istio-gateway.yaml
Normal file
17
etersoft/values/values.istio-gateway.yaml
Normal file
@ -0,0 +1,17 @@
|
||||
---
|
||||
service:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: status-port
|
||||
port: 15021
|
||||
protocol: TCP
|
||||
targetPort: 15021
|
||||
- name: http2
|
||||
port: 80
|
||||
protocol: TCP
|
||||
targetPort: 80
|
||||
- name: https
|
||||
port: 443
|
||||
protocol: TCP
|
||||
targetPort: 443
|
||||
|
7
etersoft/values/values.istiod.yaml
Normal file
7
etersoft/values/values.istiod.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
pilot:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
||||
|
@ -1,3 +1,4 @@
|
||||
---
|
||||
storageClassName: microk8s-hostpath
|
||||
openvpn:
|
||||
server: "tcp://91.232.225.63:1194"
|
||||
|
@ -16,6 +16,16 @@ releases:
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *istio-gateway
|
||||
installed: true
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *istiod
|
||||
installed: true
|
||||
namespace: istio-system
|
||||
createNamespace: false
|
||||
|
||||
- <<: *cert-manager
|
||||
installed: true
|
||||
namespace: cert-manager
|
||||
|
@ -37,13 +37,33 @@ templates:
|
||||
set:
|
||||
- name: installCRDs
|
||||
value: true
|
||||
|
||||
# ----------------------------
|
||||
# -- Istio
|
||||
# ----------------------------
|
||||
istio-version:
|
||||
version: 1.16.1
|
||||
istio-base: &istio-base
|
||||
name: istio-base
|
||||
chart: istio/base
|
||||
version: 1.16.1
|
||||
inherit:
|
||||
- template: crd-management-hook
|
||||
- template: istio-version
|
||||
|
||||
istio-gateway: &istio-gateway
|
||||
name: istio-gateway
|
||||
chart: istio/gateway
|
||||
values:
|
||||
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
|
||||
inherit:
|
||||
- template: istio-version
|
||||
|
||||
istiod: &istiod
|
||||
name: istiod
|
||||
chart: istio/istiod
|
||||
values:
|
||||
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
|
||||
inherit:
|
||||
- template: istio-version
|
||||
|
||||
openvpn: &openvpn
|
||||
name: openvpn
|
||||
|
Reference in New Issue
Block a user