Migrate Istio completely (#7)

Reviewed-on: https://git.badhouseplants.net/badhouseplants/k8s-cluster-config/pulls/7
This commit is contained in:
Nikolai Rodionov 2023-02-19 10:18:26 +00:00
parent de6599ac2b
commit 18109afec3
9 changed files with 97 additions and 3 deletions

View File

@ -0,0 +1,31 @@
---
service:
type: LoadBalancer
ports:
- name: minecraft
port: 25565
protocol: TCP
targetPort: 25565
- name: ssh-gitea
port: 22
protocol: TCP
targetPort: 22
- name: http2
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443
- name: tcp
port: 1194
protocol: TCP
targetPort: 1194
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 200m
memory: 1024Mi

View File

@ -0,0 +1,7 @@
---
pilot:
resources:
requests:
cpu: 50m
memory: 2048Mi

View File

@ -1,3 +1,4 @@
---
storageClassName: longhorn
openvpn:
server: "tcp://195.201.250.50:1194"

View File

@ -1,3 +1,3 @@
#kubectl get all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings -l app.kubernetes.io/managed-by=Helm -l app.kubernetes.io/instance=cert-manager -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name | while read -r var1 var2; do kubectl annotate $var1 $var2 "meta.helm.sh/release-namespace"="cert-manager" "meta.helm.sh/release-name"="cert-manager" --overwrite; done
kubectl get sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=istio-base -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="istio-system" "meta.helm.sh/release-name"="istio-base" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done
kubectl get EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=istiod -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="istio-system" "meta.helm.sh/release-name"="istiod" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done

View File

@ -0,0 +1,17 @@
---
service:
type: LoadBalancer
ports:
- name: status-port
port: 15021
protocol: TCP
targetPort: 15021
- name: http2
port: 80
protocol: TCP
targetPort: 80
- name: https
port: 443
protocol: TCP
targetPort: 443

View File

@ -0,0 +1,7 @@
---
pilot:
resources:
requests:
cpu: 50m
memory: 256Mi

View File

@ -1,3 +1,4 @@
---
storageClassName: microk8s-hostpath
openvpn:
server: "tcp://91.232.225.63:1194"

View File

@ -16,6 +16,16 @@ releases:
namespace: istio-system
createNamespace: false
- <<: *istio-gateway
installed: true
namespace: istio-system
createNamespace: false
- <<: *istiod
installed: true
namespace: istio-system
createNamespace: false
- <<: *cert-manager
installed: true
namespace: cert-manager

View File

@ -37,13 +37,33 @@ templates:
set:
- name: installCRDs
value: true
# ----------------------------
# -- Istio
# ----------------------------
istio-version:
version: 1.16.1
istio-base: &istio-base
name: istio-base
chart: istio/base
version: 1.16.1
inherit:
- template: crd-management-hook
- template: istio-version
istio-gateway: &istio-gateway
name: istio-gateway
chart: istio/gateway
values:
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
inherit:
- template: istio-version
istiod: &istiod
name: istiod
chart: istio/istiod
values:
- "{{ .Environment.Name }}/values/values.{{ .Release.Name }}.yaml"
inherit:
- template: istio-version
openvpn: &openvpn
name: openvpn