Compare commits
	
		
			2 Commits
		
	
	
		
			main
			...
			prepare-ar
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|   | 3463f91c77 | ||
|   | 70101a1c3f | 
							
								
								
									
										1
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										1
									
								
								Makefile
									
									
									
									
									
								
							| @@ -2,3 +2,4 @@ create_crb: | ||||
| 	kubectl create clusterrolebinding drone-deployer-workaround \ | ||||
| 		--clusterrole=cluster-admin  \ | ||||
|   	--serviceaccount=drone-service:default | ||||
|  | ||||
|   | ||||
| @@ -5,42 +5,42 @@ releases: | ||||
|   - <<: *drone | ||||
|     installed: true | ||||
|     namespace: drone-service | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *drone-runner-docker | ||||
|     installed: true | ||||
|     namespace: drone-service | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *longhorn | ||||
|     installed: true | ||||
|     installed: false | ||||
|     namespace: longhorn-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *argocd | ||||
|     installed: true | ||||
|     namespace: argo-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *nrodionov | ||||
|     installed: true | ||||
|     namespace: nrodionov-application | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *minecraft | ||||
|     installed: true | ||||
|     namespace: minecraft-application | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *gitea | ||||
|     installed: true | ||||
|     namespace: gitea-service | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *funkwhale | ||||
|     installed: true | ||||
|     namespace: funkwhale-application | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *prometheus | ||||
|     installed: true | ||||
| @@ -50,12 +50,12 @@ releases: | ||||
|   - <<: *loki | ||||
|     installed: false | ||||
|     namespace: monitoring-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *promtail | ||||
|     installed: false | ||||
|     namespace: monitoring-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *bitwarden | ||||
|     installed: true | ||||
| @@ -92,10 +92,6 @@ releases: | ||||
|     namespace: mail-service | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *istio-gateway-resources | ||||
|     installed: true | ||||
|     namespace: istio-system | ||||
|     createNamespace: false} | ||||
|  | ||||
| bases: | ||||
|   - ../environments.yaml | ||||
|   | ||||
| @@ -21,10 +21,6 @@ service: | ||||
|       port: 1194 | ||||
|       protocol: TCP | ||||
|       targetPort: 1194 | ||||
|     - name: tcp | ||||
|       port: 25 | ||||
|       protocol: TCP | ||||
|       targetPort: 25 | ||||
|     # ----------- | ||||
|     # -- Email | ||||
|     # ----------- | ||||
|   | ||||
| @@ -5,9 +5,9 @@ defaultSettings: | ||||
|   guaranteedReplicaManagerCPU: 6 | ||||
|   storageOverProvisioningPercentage: 300 | ||||
|   storageMinimalAvailablePercentage: 5 | ||||
|   defaultDataPath: /media-longhorn | ||||
|   defaultDataPath: /media/longhorn | ||||
| csi: | ||||
|   kubeletRootDir: /var/snap/microk8s/common/var/lib/kubelet | ||||
|   kubeletRootDir: /var/lib/kubelet | ||||
| persistence: | ||||
|   defaultClassReplicaCount: 1 | ||||
|   defaultClassReplicaCount: 3 | ||||
| enablePSP: false | ||||
|   | ||||
							
								
								
									
										4
									
								
								badhouseplants/values/values.metallb-resources.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								badhouseplants/values/values.metallb-resources.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| ext-ipaddresspool: | ||||
|   enabled: true | ||||
|   name: badhouseplants-addresspool | ||||
|   addresses: 195.201.250.50-195.201.250.50 | ||||
| @@ -17,7 +17,7 @@ istio: | ||||
| image: | ||||
|   tag: v2.6.5-xor-4.0.0beta08 | ||||
| storage: | ||||
|   class: longhorn | ||||
|   class: default | ||||
|   size: 512Mi | ||||
|  | ||||
| openvpn: | ||||
|   | ||||
							
								
								
									
										144
									
								
								badhouseplants/values/values.rook-ceph-cluster.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										144
									
								
								badhouseplants/values/values.rook-ceph-cluster.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,144 @@ | ||||
| # This is a YAML-formatted file. | ||||
| # Declare variables to be passed into your templates. | ||||
|  | ||||
| # -- Namespace of the main rook operator | ||||
| operatorNamespace: rook-ceph | ||||
|  | ||||
| # -- The metadata.name of the CephCluster CR | ||||
| # @default -- The same as the namespace | ||||
| clusterName: | ||||
|  | ||||
| # -- Optional override of the target kubernetes version | ||||
| kubeVersion: | ||||
|  | ||||
| # -- Cluster ceph.conf override | ||||
| configOverride: | ||||
| # configOverride: | | ||||
| #   [global] | ||||
| #   mon_allow_pool_delete = true | ||||
| #   osd_pool_default_size = 3 | ||||
| #   osd_pool_default_min_size = 2 | ||||
|  | ||||
| # Installs a debugging toolbox deployment | ||||
| toolbox: | ||||
|   # -- Enable Ceph debugging pod deployment. See [toolbox](../Troubleshooting/ceph-toolbox.md) | ||||
|   enabled: false | ||||
|   # -- Toolbox image, defaults to the image used by the Ceph cluster | ||||
|   image: #quay.io/ceph/ceph:v17.2.6 | ||||
|   # -- Toolbox tolerations | ||||
|   tolerations: [] | ||||
|   # -- Toolbox affinity | ||||
|   affinity: {} | ||||
|   # -- Toolbox container security context | ||||
|   containerSecurityContext: | ||||
|     runAsNonRoot: true | ||||
|     runAsUser: 2016 | ||||
|     runAsGroup: 2016 | ||||
|     capabilities: | ||||
|       drop: ["ALL"] | ||||
|   # -- Toolbox resources | ||||
|   resources: | ||||
|     limits: | ||||
|       cpu: "500m" | ||||
|       memory: "1Gi" | ||||
|     requests: | ||||
|       cpu: "100m" | ||||
|       memory: "128Mi" | ||||
|   # -- Set the priority class for the toolbox if desired | ||||
|   priorityClassName: | ||||
|  | ||||
| monitoring: | ||||
|   # -- Enable Prometheus integration, will also create necessary RBAC rules to allow Operator to create ServiceMonitors. | ||||
|   # Monitoring requires Prometheus to be pre-installed | ||||
|   enabled: false | ||||
|   # -- Whether to create the Prometheus rules for Ceph alerts | ||||
|   createPrometheusRules: false | ||||
|   # -- The namespace in which to create the prometheus rules, if different from the rook cluster namespace. | ||||
|   # If you have multiple rook-ceph clusters in the same k8s cluster, choose the same namespace (ideally, namespace with prometheus | ||||
|   # deployed) to set rulesNamespaceOverride for all the clusters. Otherwise, you will get duplicate alerts with multiple alert definitions. | ||||
|   rulesNamespaceOverride: | ||||
|   # Monitoring settings for external clusters: | ||||
|   # externalMgrEndpoints: <list of endpoints> | ||||
|   # externalMgrPrometheusPort: <port> | ||||
|   # allow adding custom labels and annotations to the prometheus rule | ||||
|   prometheusRule: | ||||
|     # -- Labels applied to PrometheusRule | ||||
|     labels: {} | ||||
|     # -- Annotations applied to PrometheusRule | ||||
|     annotations: {} | ||||
|  | ||||
| # -- Create & use PSP resources. Set this to the same value as the rook-ceph chart. | ||||
| pspEnable: false | ||||
|  | ||||
| # imagePullSecrets option allow to pull docker images from private docker registry. Option will be passed to all service accounts. | ||||
| # imagePullSecrets: | ||||
| # - name: my-registry-secret | ||||
|  | ||||
| # All values below are taken from the CephCluster CRD | ||||
| # -- Cluster configuration. | ||||
| # @default -- See [below](#ceph-cluster-spec) | ||||
| cephClusterSpec: | ||||
|   resources: | ||||
|     mgr: | ||||
|       limits: | ||||
|         memory: "1Gi" | ||||
|       requests: | ||||
|         cpu: "200m" | ||||
|         memory: "512Mi" | ||||
|     mon: | ||||
|       limits: | ||||
|         memory: "2Gi" | ||||
|       requests: | ||||
|         cpu: "250m" | ||||
|         memory: "1Gi" | ||||
|     osd: | ||||
|       requests: | ||||
|         cpu: "200m" | ||||
|         memory: "4Gi" | ||||
|     prepareosd: | ||||
|       # limits: It is not recommended to set limits on the OSD prepare job | ||||
|       #         since it's a one-time burst for memory that must be allowed to | ||||
|       #         complete without an OOM kill.  Note however that if a k8s | ||||
|       #         limitRange guardrail is defined external to Rook, the lack of | ||||
|       #         a limit here may result in a sync failure, in which case a | ||||
|       #         limit should be added.  1200Mi may suffice for up to 15Ti | ||||
|       #         OSDs ; for larger devices 2Gi may be required. | ||||
|       #         cf. https://github.com/rook/rook/pull/11103 | ||||
|       requests: | ||||
|         cpu: "500m" | ||||
|         memory: "50Mi" | ||||
|     mgr-sidecar: | ||||
|       limits: | ||||
|         cpu: "500m" | ||||
|         memory: "100Mi" | ||||
|       requests: | ||||
|         cpu: "100m" | ||||
|         memory: "40Mi" | ||||
|     crashcollector: | ||||
|       limits: | ||||
|         cpu: "500m" | ||||
|         memory: "60Mi" | ||||
|       requests: | ||||
|         cpu: "100m" | ||||
|         memory: "60Mi" | ||||
|     logcollector: | ||||
|       limits: | ||||
|         cpu: "500m" | ||||
|         memory: "1Gi" | ||||
|       requests: | ||||
|         cpu: "100m" | ||||
|         memory: "100Mi" | ||||
|     cleanup: | ||||
|       limits: | ||||
|         cpu: "500m" | ||||
|         memory: "1Gi" | ||||
|       requests: | ||||
|         cpu: "500m" | ||||
|         memory: "100Mi" | ||||
|     exporter: | ||||
|       limits: | ||||
|         cpu: "250m" | ||||
|         memory: "128Mi" | ||||
|       requests: | ||||
|         cpu: "50m" | ||||
|         memory: "50Mi" | ||||
							
								
								
									
										14
									
								
								common/values.ipaddresspool.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										14
									
								
								common/values.ipaddresspool.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,14 @@ | ||||
| --- | ||||
| ext-ipaddresspool: | ||||
|   templates: | ||||
|     - | | ||||
|         --- | ||||
|         apiVersion: metallb.io/v1beta1 | ||||
|         kind: IPAddressPool | ||||
|         metadata: | ||||
|           name: "{{ .Values.name }}" | ||||
|         spec: | ||||
|           addresses: | ||||
|             - "{{ .Values.addresses }}" | ||||
|           autoAssign: true | ||||
|           avoidBuggyIPs: false | ||||
| @@ -1,5 +1,5 @@ | ||||
| environments: | ||||
|   badhouseplants: | ||||
|     kubeContext: badhouseplants | ||||
|     kubeContext: badhouseplants-arm | ||||
|   etersoft: | ||||
|     kubeContext: etersoft | ||||
|   | ||||
							
								
								
									
										4
									
								
								etersoft/values/values.metallb-resources.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								etersoft/values/values.metallb-resources.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,4 @@ | ||||
| ext-ipaddresspool: | ||||
|   enabled: true | ||||
|   name: etersoft-addresspool | ||||
|   addresses: 91.232.225.63-91.232.225.63 | ||||
| @@ -7,44 +7,53 @@ bases: | ||||
|  | ||||
| releases: | ||||
|   - <<: *metrics-server | ||||
|     installed: true | ||||
|     installed: false | ||||
|     namespace: kube-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *istio-base | ||||
|     installed: true | ||||
|     namespace: istio-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|    | ||||
|   - <<: *istio-gateway | ||||
|     installed: true | ||||
|     namespace: istio-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *istio-gateway-resources | ||||
|     installed: true | ||||
|     namespace: istio-system | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *istiod | ||||
|     installed: true | ||||
|     namespace: istio-system | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *cert-manager | ||||
|     installed: true | ||||
|     namespace: cert-manager | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *minio | ||||
|     installed: true | ||||
|     namespace: minio-service | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *openvpn | ||||
|     installed: true | ||||
|     namespace: openvpn-service | ||||
|     createNamespace: false | ||||
|     createNamespace: true | ||||
|    | ||||
|   - <<: *metallb | ||||
|     installed: true | ||||
|     namespace: metallb-system | ||||
|     createNamespace: true | ||||
|  | ||||
|   - <<: *metallb-resources | ||||
|     installed: true | ||||
|     namespace: metallb-system | ||||
|  | ||||
| helmfiles: | ||||
|   - path: {{.Environment.Name }}/helmfile.yaml | ||||
|   | ||||
							
								
								
									
										123
									
								
								releases.yaml
									
									
									
									
									
								
							
							
						
						
									
										123
									
								
								releases.yaml
									
									
									
									
									
								
							| @@ -87,15 +87,32 @@ templates: | ||||
|       alias: ext-database | ||||
|     values: | ||||
|       - '{{ requiredEnv "PWD" }}/common/values.database.yaml' | ||||
|   # ---------------------------- | ||||
|  | ||||
|   ext-ipaddresspool: | ||||
|     dependencies: | ||||
|     - chart: bedag/raw | ||||
|       version: 2.0.0 | ||||
|       alias: ext-ipaddresspool | ||||
|     values: | ||||
|       - '{{ requiredEnv "PWD" }}/common/values.ipaddresspool.yaml' | ||||
|  | ||||
|   # ------------------------------------------------------------------- | ||||
|   # -- Releases | ||||
|   # ---------------------------- | ||||
|   # ------------------------------------------------------------------- | ||||
|   # -- System | ||||
|   # ---------------------------- | ||||
|   # -- This is what has to be installed first. Without those releases | ||||
|   # --  cluster can't function | ||||
|   # ------------------------------------------------------------------- | ||||
|   common-system: | ||||
|     labels: | ||||
|       layer: system | ||||
|  | ||||
|   metrics-server: &metrics-server | ||||
|     name: metrics-server | ||||
|     chart: metrics-server/metrics-server | ||||
|     version: 3.11.0 | ||||
|     inherit: | ||||
|       - template: common-system | ||||
|     values: | ||||
|       - common/values.{{ .Release.Name }}.yaml | ||||
|  | ||||
| @@ -103,20 +120,84 @@ templates: | ||||
|     name: metallb | ||||
|     chart: metallb/metallb | ||||
|     version: 0.13.11 | ||||
|     inherit: | ||||
|       - template: common-system | ||||
|  | ||||
|   metallb-resources: &metallb-resources | ||||
|     name: metallb-resources | ||||
|     chart: bedag/raw | ||||
|     version: 2.0.0 | ||||
|     needs:  | ||||
|       - metallb | ||||
|     inherit:  | ||||
|       - template: default-env-values | ||||
|       - template: ext-ipaddresspool | ||||
|       - template: common-system | ||||
|  | ||||
|   cert-manager: &cert-manager | ||||
|     name: cert-manager | ||||
|     chart: jetstack/cert-manager | ||||
|     version: 1.13.1 | ||||
|     inherit:  | ||||
|       - template: common-system | ||||
|     set: | ||||
|       - name: installCRDs | ||||
|         value: true | ||||
|    | ||||
|   longhorn: &longhorn | ||||
|     name: longhorn | ||||
|     chart: longhorn/longhorn | ||||
|     version: 1.5.1 | ||||
|     inherit: | ||||
|       - template: default-env-values | ||||
|       - template: common-system | ||||
|  | ||||
|   # ---------------------------- | ||||
|   # -- Istio | ||||
|   # ---------------------------- | ||||
|   common-istio: | ||||
|     labels: | ||||
|       bundle: istio | ||||
|     version: 1.19.3 | ||||
|     inherit:  | ||||
|       - template: common-system | ||||
|  | ||||
|   istio-base: &istio-base | ||||
|     name: istio-base | ||||
|     chart: istio/base | ||||
|     inherit: | ||||
|       - template: crd-management-hook | ||||
|       - template: common-istio | ||||
|  | ||||
|   istio-gateway: &istio-gateway | ||||
|     name: istio-ingressgateway | ||||
|     chart: istio/gateway | ||||
|     needs: | ||||
|       - istio-base | ||||
|       - metallb-system/metallb-resources | ||||
|     inherit: | ||||
|       - template: common-istio | ||||
|       - template: default-env-values | ||||
|  | ||||
|   istiod: &istiod | ||||
|     name: istiod | ||||
|     chart: istio/istiod | ||||
|     needs: | ||||
|       - istio-base | ||||
|     inherit: | ||||
|       - template: common-istio | ||||
|       - template: default-env-values | ||||
|  | ||||
|   istio-gateway-resources: &istio-gateway-resources | ||||
|     name: istio-gateway-resources | ||||
|     chart: bedag/raw | ||||
|     version: 2.0.0 | ||||
|     needs: | ||||
|       - istio-base | ||||
|     inherit: | ||||
|       - template: ext-istio-gateway | ||||
|       - template: default-env-values | ||||
|       - template: common-system | ||||
|  | ||||
|   argocd: &argocd | ||||
|     name: argocd | ||||
| @@ -157,42 +238,6 @@ templates: | ||||
|     inherit: | ||||
|       - template: monitoring-common | ||||
|       - template: default-env-values | ||||
|   # ---------------------------- | ||||
|   # -- Istio | ||||
|   # ---------------------------- | ||||
|   istio-common: | ||||
|     labels: | ||||
|       bundle: istio | ||||
|     version: 1.19.3 | ||||
|  | ||||
|   istio-base: &istio-base | ||||
|     name: istio-base | ||||
|     chart: istio/base | ||||
|     inherit: | ||||
|       - template: crd-management-hook | ||||
|       - template: istio-common | ||||
|  | ||||
|   istio-gateway: &istio-gateway | ||||
|     name: istio-ingressgateway | ||||
|     chart: istio/gateway | ||||
|     inherit: | ||||
|       - template: istio-common | ||||
|       - template: default-env-values | ||||
|  | ||||
|   istio-gateway-resources: &istio-gateway-resources | ||||
|     name: istio-gateway-resources | ||||
|     chart: bedag/raw | ||||
|     version: 2.0.0 | ||||
|     inherit: | ||||
|       - template: ext-istio-gateway | ||||
|       - template: default-env-values | ||||
|  | ||||
|   istiod: &istiod | ||||
|     name: istiod | ||||
|     chart: istio/istiod | ||||
|     inherit: | ||||
|       - template: istio-common | ||||
|       - template: default-env-values | ||||
|  | ||||
|   # ---------------------------- | ||||
|   # -- Applications | ||||
|   | ||||
		Reference in New Issue
	
	Block a user