badhouseplants/k8s-deployment
4
0
Fork 0
Code Issues 3 Pull Requests 16 Actions Packages Projects Releases Activity

Migrate databases

Browse Source
This commit is contained in:
Nikolai Rodionov 2025-04-07 13:42:14 +02:00
parent b2f546f0b7
commit 64d523f302
No known key found for this signature in database
GPG Key ID: 0639A45505F3BFA6
18 changed files with 113 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.sops.yaml
View File

@ -8,3 +8,7 @@ creation_rules:
key_groups:
- age:
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8
- path_regex: common/values/secrets.*
key_groups:
- age:
- age1vzkv97n2p7gfkw8dyx8ctz2kumattz89th2jq47zyjyrarmnssysdkw9v8

2
common/environments.yaml
View File

@ -2,7 +2,7 @@ environments:
badhouseplants:
kubeContext: badhouseplants
values:
#- ./common/values/values.badhouseplants.yaml
- ./common/values/values.badhouseplants.yaml
- base:
enabled: true
- velero:

13
common/templates.yaml
View File

@ -1,3 +1,6 @@
helmDefaults:
kubeContext: "{{ .StateValues.kubeContext }}"
templates:
# ---------------------------
# -- Hooks
@ -39,19 +42,19 @@ templates:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/secrets.{{ `{{ .Release.Name }}` }}.yaml'
common-values:
values:
- '{{ requiredEnv "PWD" }}/values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
- '../values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
common-values-tpl:
values:
- '{{ requiredEnv "PWD" }}/values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
- '../values/common/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
env-values:
values:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.yaml'
env-values-tpl:
values:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/values.gotmpl'
env-secrets:
secrets:
- '{{ requiredEnv "PWD" }}/values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/secrets.yaml'
- '../values/{{ .Environment.Name }}/{{ `{{ .Release.Namespace }}` }}/{{ `{{ .Release.Name }}` }}/secrets.yaml'
# ----------------------------
# -- Extensions
# ----------------------------

6
helmfile.yaml
View File

@ -1,6 +0,0 @@
bases:
- ./common/environments.yaml
- ./common/templates.yaml
- ./helmfiles/base.yaml
- ./helmfiles/system.yaml
- ./helmfiles/platform.yaml

22
helmfile.yaml.gotmpl Normal file
View File

@ -0,0 +1,22 @@
---
bases:
- ./common/environments.yaml
---
helmfiles:
- path: ./helmfiles/base.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/system.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/platform.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}
- path: ./helmfiles/databases.yaml
values:
- kubeContext: "{{ .Environment.KubeContext }}"
- {{ toYaml .Environment.Values | nindent 8 }}

7
helmfiles/base.yaml
View File

@ -1,7 +1,10 @@
bases:
- ../common/templates.yaml
releases:
# -- This one must be executed with --take-ownership at least once
- name: namespaces
chart: ./charts/namespaces
chart: ../charts/namespaces
namespace: kube-system
createNamespace: false
inherit:
@ -9,7 +12,7 @@ releases:
- template: env-secrets
- name: roles
chart: ./charts/roles
chart: ../charts/roles
namespace: kube-system
createNamespace: false
needs:

45
helmfiles/databases.yaml Normal file
View File

@ -0,0 +1,45 @@
bases:
- ../common/templates.yaml
repositories:
- name: bitnami
url: registry-1.docker.io/bitnamicharts
oci: true
- name: bedag
url: https://bedag.github.io/helm-charts/
commonLabels:
installation: databases
releases:
- name: redis
chart: bitnami/redis
namespace: databases
condition: redis.enabled
version: 20.11.3
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- name: postgres16
labels:
bundle: postgres
namespace: databases
chart: bitnami/postgresql
condition: postgres16.enabled
version: 15.5.38
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets
- name: postgres17
labels:
bundle: postgres
namespace: databases
chart: bitnami/postgresql
condition: postgres17.enabled
version: 16.3.4
inherit:
- template: common-values-tpl
- template: env-values
- template: env-secrets

3
helmfiles/platform.yaml
View File

@ -1,3 +1,6 @@
bases:
- ../common/templates.yaml
repositories:
- name: keel
url: https://keel-hq.github.io/keel/

9
helmfiles/system.yaml
View File

@ -1,3 +1,6 @@
bases:
- ../common/templates.yaml
repositories:
- name: coredns
url: https://coredns.github.io/helm
@ -54,7 +57,7 @@ releases:
- template: common-values-tpl
- name: issuer
chart: ./charts/issuer
chart: ../charts/issuer
namespace: kube-system
missingFileHandler: Warn
needs:
@ -85,7 +88,7 @@ releases:
- kyverno/kyverno
- name: custom-kyverno-policies
chart: ./kustomizations/kyverno/{{ .Environment.Name }}
chart: ../kustomizations/kyverno/{{ .Environment.Name }}
namespace: kyverno
needs:
- kyverno/kyverno
@ -102,7 +105,7 @@ releases:
- template: common-values-tpl
- name: metallb-resources
chart: ./charts/metallb-resources
chart: ../charts/metallb-resources
version: 2.0.0
condition: base.enabled
namespace: kube-system

0
values/badhouseplants/secrets.postgres16.yaml → values/badhouseplants/databases/postgres16/secrets.yaml
View File

2
values/badhouseplants/values.postgres16.yaml → values/badhouseplants/databases/postgres16/values.yaml
View File

@ -9,7 +9,7 @@ metrics:
primary:
persistence:
size: 2Gi
resources:
resources:
limits:
ephemeral-storage: 1Gi
memory: 512Mi

0
values/badhouseplants/secrets.postgres17.yaml → values/badhouseplants/databases/postgres17/secrets.yaml
View File

0
values/badhouseplants/values.postgres17.yaml → values/badhouseplants/databases/postgres17/values.yaml
View File

0
values/badhouseplants/secrets.redis.yaml → values/badhouseplants/databases/redis/secrets.yaml
View File

0
values/badhouseplants/values.redis.yaml → values/badhouseplants/databases/redis/values.yaml
View File

6
values/common/databases/postgres16/values.gotmpl Normal file
View File

@ -0,0 +1,6 @@
global:
imageRegistry: {{ .Values.registry }}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true

6
values/common/databases/postgres17/values.gotmpl Normal file
View File

@ -0,0 +1,6 @@
global:
imageRegistry: {{ .Values.registry }}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true

6
values/common/databases/redis/values.gotmpl Normal file
View File

@ -0,0 +1,6 @@
global:
imageRegistry: {{ .Values.registry}}
imagePullSecrets:
- regcred
security:
allowInsecureImages: true