refactor(istio-resource): Move all istio resource to helmfile

This commit is contained in:
Nikolai Rodionov 2023-04-17 11:10:48 +02:00
parent 777d88fa38
commit f1a860f97b
No known key found for this signature in database
GPG Key ID: 19DB54039EBF8F10
13 changed files with 195 additions and 26 deletions

View File

@ -1,4 +1,18 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: argocd-http
gateway: badhouseplants-net
kind: http
hostname: argo.badhouseplants.net
service: argocd-server
port: 80
controller:
resources:
limits:

View File

@ -1,3 +1,16 @@
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: drone-http
gateway: badhouseplants-net
kind: http
hostname: drone.badhouseplants.net
service: drone
port: 8080
env:
DRONE_SERVER_HOST: drone.badhouseplants.net
DRONE_SERVER_PROTO: https

View File

@ -1,4 +1,18 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: funkwhale-http
gateway: badhouseplants-net
kind: http
hostname: funkwhale.badhouseplants.net
service: funkwhale
port: 80
replicaCount: 1
celery:
worker:

View File

@ -1,37 +1,25 @@
---
ns:
enabled: true
name: gitea-service
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: gitea-http
kind: http
gateway: badhouseplants-net
hostname: git.badhouseplants.net
service: gitea-http
port: 3000
templates:
- |
{{ range .Values.istio }}
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: {{ .name }}
spec:
gateways:
- "istio-system/{{ .gateway }}"
hosts:
- {{ .hostname }}
http:
- match:
- uri:
prefix: /
route:
- destination:
host: {{ .service }}
port:
number: {{ .port }}
{{ end }}
- name: gitea-ssh
kind: tcp
gateway: badhouseplants-ssh
hostname: "*"
port_match: 22
service: gitea-ssh
port: 22
replicaCount: 1
clusterDomain: cluster.local

View File

@ -10,6 +10,20 @@ service-account:
app: minecraft-minecraft-metrics
endpoints:
port: metrics
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: minecraft-tcp
gateway: badhouseplants-minecraft
kind: tcp
port_match: 25565
host: "*"
service: minecraft-minecraft
port: 25565
# --------------------------------------------------
# -- Main values
# --------------------------------------------------

View File

@ -1,4 +1,18 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: nrodionov-http
gateway: nrodionov-info
kind: http
hostname: dev.nrodionov.info
service: nrodionov-wordpress
port: 8080
rootUser: 'overlord'
replicas: 1
mode: standalone

View File

@ -1,3 +1,18 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: minio-http
gateway: badhouseplants-net
kind: http
hostname: minio.badhouseplants.net
service: minio-console
port: 9001
wordpressBlogName: Николай Николаевич Родионов
wordpressUsername: admin
wordpressFirstName: Nikolai

View File

@ -1,4 +1,19 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: openvpn-tcp
gateway: badhouseplants-vpn
kind: tcp
port_match: 1194
host: "*"
service: openvpn
port: 1194
storageClassName: longhorn
openvpn:
server: "tcp://195.201.250.50:1194"

View File

@ -3,4 +3,4 @@
argo_instance=$1
helm_name=$2
helm_ns=$3
kubectl get CustomResourceDefinition,PersistentVolumeClaim,EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=$argo_instance -l helm.sh/chart=longhorn-1.4.0 -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="$helm_ns" "meta.helm.sh/release-name"="$helm_name" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done
kubectl get CustomResourceDefinition,PersistentVolumeClaim,EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=$argo_instance -l helm.sh/chart=longhorn-1.4.0 -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namewspace"="$helm_ns" "meta.helm.sh/release-name"="$helm_name" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done

36
common/values.istio.yaml Normal file
View File

@ -0,0 +1,36 @@
---
istio:
templates:
- |
{{ range .Values.istio }}
---
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: {{ .name }}
spec:
gateways:
- "istio-system/{{ .gateway }}"
hosts:
- {{ .hostname | quote }}
{{- if eq .kind "http" }}
http:
- match:
- uri:
prefix: /
route:
- destination:
host: {{ .service }}
port:
number: {{ .port }}
{{- else if eq .kind "tcp" }}
tcp:
- match:
- port: {{ .port_match }}
route:
- destination:
host: {{ .service }}
port:
number: {{ .port }}
{{ end }}
{{ end }}

View File

@ -1,4 +1,23 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: minio-http
gateway: badhouseplants-net
kind: http
hostname: min.e.badhouseplants.net
service: minio-console
port: 9001
- name: s3-http
gateway: badhouseplants-net
kind: http
hostname: s3.e.badhouseplants.net
service: minio
port: 9000
rootUser: 'overlord'
replicas: 1
mode: standalone

View File

@ -1,4 +1,19 @@
---
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
istio:
enabled: true
istio:
- name: openvpn-tcp
gateway: etersoft-vp
kind: tcp
port_match: 1194
host: "*"
service: openvpn
port: 1194
storageClassName: microk8s-hostpath
openvpn:
server: "tcp://91.232.225.63:1194"

View File

@ -92,6 +92,7 @@ templates:
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource
# ----------------------------
# -- Istio
# ----------------------------
@ -130,6 +131,8 @@ templates:
version: 1.0.3
inherit:
- template: default-env-values
- template: ext-istio-resource
drone: &drone
name: drone
@ -138,6 +141,7 @@ templates:
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource
drone-runner-kube: &drone-runner-kube
name: drone-runner-kube
@ -154,6 +158,8 @@ templates:
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource
minio: &minio
name: minio
@ -162,6 +168,8 @@ templates:
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource
minecraft: &minecraft
name: minecraft
@ -169,6 +177,8 @@ templates:
version: 4.7.3
inherit:
- template: default-env-values
- template: ext-istio-resource
gitea: &gitea
name: gitea
@ -186,3 +196,5 @@ templates:
inherit:
- template: default-env-values
- template: default-env-secrets
- template: ext-istio-resource