Prepare the arm cluster

This commit is contained in:
Nikolai Rodionov 2023-10-18 16:51:42 +02:00
parent 63df23af17
commit 70101a1c3f
No known key found for this signature in database
GPG Key ID: 19DB54039EBF8F10
9 changed files with 137 additions and 64 deletions

View File

@ -2,3 +2,4 @@ create_crb:
kubectl create clusterrolebinding drone-deployer-workaround \ kubectl create clusterrolebinding drone-deployer-workaround \
--clusterrole=cluster-admin \ --clusterrole=cluster-admin \
--serviceaccount=drone-service:default --serviceaccount=drone-service:default

View File

@ -5,42 +5,42 @@ releases:
- <<: *drone - <<: *drone
installed: true installed: true
namespace: drone-service namespace: drone-service
createNamespace: false createNamespace: true
- <<: *drone-runner-docker - <<: *drone-runner-docker
installed: true installed: true
namespace: drone-service namespace: drone-service
createNamespace: false createNamespace: true
- <<: *longhorn - <<: *longhorn
installed: true installed: true
namespace: longhorn-system namespace: longhorn-system
createNamespace: false createNamespace: true
- <<: *argocd - <<: *argocd
installed: true installed: true
namespace: argo-system namespace: argo-system
createNamespace: false createNamespace: true
- <<: *nrodionov - <<: *nrodionov
installed: true installed: true
namespace: nrodionov-application namespace: nrodionov-application
createNamespace: false createNamespace: true
- <<: *minecraft - <<: *minecraft
installed: true installed: true
namespace: minecraft-application namespace: minecraft-application
createNamespace: false createNamespace: true
- <<: *gitea - <<: *gitea
installed: true installed: true
namespace: gitea-service namespace: gitea-service
createNamespace: false createNamespace: true
- <<: *funkwhale - <<: *funkwhale
installed: true installed: true
namespace: funkwhale-application namespace: funkwhale-application
createNamespace: false createNamespace: true
- <<: *prometheus - <<: *prometheus
installed: true installed: true
@ -50,12 +50,12 @@ releases:
- <<: *loki - <<: *loki
installed: false installed: false
namespace: monitoring-system namespace: monitoring-system
createNamespace: false createNamespace: true
- <<: *promtail - <<: *promtail
installed: false installed: false
namespace: monitoring-system namespace: monitoring-system
createNamespace: false createNamespace: true
- <<: *bitwarden - <<: *bitwarden
installed: true installed: true
@ -92,10 +92,6 @@ releases:
namespace: mail-service namespace: mail-service
createNamespace: true createNamespace: true
- <<: *istio-gateway-resources
installed: true
namespace: istio-system
createNamespace: false}
bases: bases:
- ../environments.yaml - ../environments.yaml

View File

@ -5,9 +5,9 @@ defaultSettings:
guaranteedReplicaManagerCPU: 6 guaranteedReplicaManagerCPU: 6
storageOverProvisioningPercentage: 300 storageOverProvisioningPercentage: 300
storageMinimalAvailablePercentage: 5 storageMinimalAvailablePercentage: 5
defaultDataPath: /media-longhorn defaultDataPath: /media/longhorn
csi: csi:
kubeletRootDir: /var/snap/microk8s/common/var/lib/kubelet kubeletRootDir: /var/lib/kubelet
persistence: persistence:
defaultClassReplicaCount: 1 defaultClassReplicaCount: 3
enablePSP: false enablePSP: false

View File

@ -0,0 +1,4 @@
ext-ipaddresspool:
enabled: true
name: badhouseplants-addresspool
addresses: 195.201.250.50-195.201.250.50

View File

@ -0,0 +1,14 @@
---
ext-ipaddresspool:
templates:
- |
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: "{{ .Values.name }}"
spec:
addresses:
- "{{ .Values.addresses }}"
autoAssign: true
avoidBuggyIPs: false

View File

@ -1,5 +1,5 @@
environments: environments:
badhouseplants: badhouseplants:
kubeContext: badhouseplants kubeContext: badhouseplants-arm
etersoft: etersoft:
kubeContext: etersoft kubeContext: etersoft

View File

@ -0,0 +1,4 @@
ext-ipaddresspool:
enabled: true
name: etersoft-addresspool
addresses: 91.232.225.63-91.232.225.63

View File

@ -9,42 +9,51 @@ releases:
- <<: *metrics-server - <<: *metrics-server
installed: true installed: true
namespace: kube-system namespace: kube-system
createNamespace: false createNamespace: true
- <<: *istio-base - <<: *istio-base
installed: true installed: true
namespace: istio-system namespace: istio-system
createNamespace: false createNamespace: true
- <<: *istio-gateway - <<: *istio-gateway
installed: true installed: true
namespace: istio-system namespace: istio-system
createNamespace: false createNamespace: true
- <<: *istio-gateway-resources
installed: true
namespace: istio-system
createNamespace: true
- <<: *istiod - <<: *istiod
installed: true installed: true
namespace: istio-system namespace: istio-system
createNamespace: false createNamespace: true
- <<: *cert-manager - <<: *cert-manager
installed: true installed: true
namespace: cert-manager namespace: cert-manager
createNamespace: false createNamespace: true
- <<: *minio - <<: *minio
installed: true installed: true
namespace: minio-service namespace: minio-service
createNamespace: false createNamespace: true
- <<: *openvpn - <<: *openvpn
installed: true installed: true
namespace: openvpn-service namespace: openvpn-service
createNamespace: false createNamespace: true
- <<: *metallb - <<: *metallb
installed: true installed: true
namespace: metallb-system namespace: metallb-system
createNamespace: true createNamespace: true
- <<: *metallb-resources
installed: true
namespace: metallb-system
helmfiles: helmfiles:
- path: {{.Environment.Name }}/helmfile.yaml - path: {{.Environment.Name }}/helmfile.yaml

View File

@ -87,15 +87,32 @@ templates:
alias: ext-database alias: ext-database
values: values:
- '{{ requiredEnv "PWD" }}/common/values.database.yaml' - '{{ requiredEnv "PWD" }}/common/values.database.yaml'
# ----------------------------
ext-ipaddresspool:
dependencies:
- chart: bedag/raw
version: 2.0.0
alias: ext-ipaddresspool
values:
- '{{ requiredEnv "PWD" }}/common/values.ipaddresspool.yaml'
# -------------------------------------------------------------------
# -- Releases # -- Releases
# ---------------------------- # -------------------------------------------------------------------
# -- System # -- System
# ---------------------------- # -- This is what has to be installed first. Without those releases
# -- cluster can't function
# -------------------------------------------------------------------
common-system:
labels:
layer: system
metrics-server: &metrics-server metrics-server: &metrics-server
name: metrics-server name: metrics-server
chart: metrics-server/metrics-server chart: metrics-server/metrics-server
version: 3.11.0 version: 3.11.0
inherit:
- template: common-system
values: values:
- common/values.{{ .Release.Name }}.yaml - common/values.{{ .Release.Name }}.yaml
@ -103,20 +120,84 @@ templates:
name: metallb name: metallb
chart: metallb/metallb chart: metallb/metallb
version: 0.13.11 version: 0.13.11
inherit:
- template: common-system
metallb-resources: &metallb-resources
name: metallb-resources
chart: bedag/raw
version: 2.0.0
needs:
- metallb
inherit:
- template: default-env-values
- template: ext-ipaddresspool
- template: common-system
cert-manager: &cert-manager cert-manager: &cert-manager
name: cert-manager name: cert-manager
chart: jetstack/cert-manager chart: jetstack/cert-manager
version: 1.13.1 version: 1.13.1
inherit:
- template: common-system
set: set:
- name: installCRDs - name: installCRDs
value: true value: true
longhorn: &longhorn longhorn: &longhorn
name: longhorn name: longhorn
chart: longhorn/longhorn chart: longhorn/longhorn
version: 1.5.1 version: 1.5.1
inherit: inherit:
- template: default-env-values - template: default-env-values
- template: common-system
# ----------------------------
# -- Istio
# ----------------------------
common-istio:
labels:
bundle: istio
version: 1.19.3
inherit:
- template: common-system
istio-base: &istio-base
name: istio-base
chart: istio/base
inherit:
- template: crd-management-hook
- template: common-istio
istio-gateway: &istio-gateway
name: istio-ingressgateway
chart: istio/gateway
needs:
- istio-base
- metallb-system/metallb-resources
inherit:
- template: common-istio
- template: default-env-values
istiod: &istiod
name: istiod
chart: istio/istiod
needs:
- istio-base
inherit:
- template: common-istio
- template: default-env-values
istio-gateway-resources: &istio-gateway-resources
name: istio-gateway-resources
chart: bedag/raw
version: 2.0.0
needs:
- istio-base
inherit:
- template: ext-istio-gateway
- template: default-env-values
- template: common-system
argocd: &argocd argocd: &argocd
name: argocd name: argocd
@ -157,42 +238,6 @@ templates:
inherit: inherit:
- template: monitoring-common - template: monitoring-common
- template: default-env-values - template: default-env-values
# ----------------------------
# -- Istio
# ----------------------------
istio-common:
labels:
bundle: istio
version: 1.19.3
istio-base: &istio-base
name: istio-base
chart: istio/base
inherit:
- template: crd-management-hook
- template: istio-common
istio-gateway: &istio-gateway
name: istio-ingressgateway
chart: istio/gateway
inherit:
- template: istio-common
- template: default-env-values
istio-gateway-resources: &istio-gateway-resources
name: istio-gateway-resources
chart: bedag/raw
version: 2.0.0
inherit:
- template: ext-istio-gateway
- template: default-env-values
istiod: &istiod
name: istiod
chart: istio/istiod
inherit:
- template: istio-common
- template: default-env-values
# ---------------------------- # ----------------------------
# -- Applications # -- Applications