Keep migrating things
This commit is contained in:
parent
4e2a71ebfb
commit
992463b8cd
24
charts/metallb-resources/Chart.yaml
Normal file
24
charts/metallb-resources/Chart.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
apiVersion: v2
|
||||
name: metallb-resources
|
||||
description: A Helm chart for Kubernetes
|
||||
|
||||
# A chart can be either an 'application' or a 'library' chart.
|
||||
#
|
||||
# Application charts are a collection of templates that can be packaged into versioned archives
|
||||
# to be deployed.
|
||||
#
|
||||
# Library charts provide useful utilities or functions for the chart developer. They're included as
|
||||
# a dependency of application charts to inject those utilities and functions into the rendering
|
||||
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
|
||||
type: application
|
||||
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 0.1.0
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "1.16.0"
|
@ -1,7 +1,7 @@
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "root.name" -}}
|
||||
{{- define "metallb-resources.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
@ -10,7 +10,7 @@ Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "root.fullname" -}}
|
||||
{{- define "metallb-resources.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name.
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "root.chart" -}}
|
||||
{{- define "metallb-resources.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "root.labels" -}}
|
||||
helm.sh/chart: {{ include "root.chart" . }}
|
||||
{{ include "root.selectorLabels" . }}
|
||||
{{- define "metallb-resources.labels" -}}
|
||||
helm.sh/chart: {{ include "metallb-resources.chart" . }}
|
||||
{{ include "metallb-resources.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "root.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "root.name" . }}
|
||||
{{- define "metallb-resources.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "metallb-resources.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "root.serviceAccountName" -}}
|
||||
{{- define "metallb-resources.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "root.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- default (include "metallb-resources.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
7
charts/metallb-resources/templates/ip_address_pool.tpl
Normal file
7
charts/metallb-resources/templates/ip_address_pool.tpl
Normal file
@ -0,0 +1,7 @@
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: IPAddressPool
|
||||
metadata:
|
||||
name: {{ include "metallb-resources.fullname" . }}
|
||||
spec:
|
||||
addresses:
|
||||
- {{ .Values.addresses}}
|
1
charts/metallb-resources/values.yaml
Normal file
1
charts/metallb-resources/values.yaml
Normal file
@ -0,0 +1 @@
|
||||
addresses: 1.1.1.1-1.1.1.1
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: flux-system
|
||||
labels:
|
||||
name: flux-system
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: giantswarm-flux
|
||||
labels:
|
||||
name: giantswarm-flux
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: giantswarm
|
||||
labels:
|
||||
name: giantswarm
|
@ -1,5 +0,0 @@
|
||||
resources:
|
||||
- ./giantswarm-flux.yml
|
||||
- ./giantswarm.yml
|
||||
- ./monitoring.yml
|
||||
- ./org-giantswarm.yml
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: monitoring
|
||||
labels:
|
||||
name: monitoring
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: org-giantswarm
|
||||
labels:
|
||||
name: org-giantswarm
|
@ -1,6 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: root
|
||||
description: A Helm chart for Kubernetes
|
||||
type: application
|
||||
version: 0.1.5
|
||||
appVersion: "1.16.0"
|
@ -1,25 +0,0 @@
|
||||
{{ if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }}
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: GitRepository
|
||||
metadata:
|
||||
name: root
|
||||
spec:
|
||||
interval: 30s
|
||||
url: {{ .Values.url }}
|
||||
ref:
|
||||
branch: {{ .Values.branch }}
|
||||
---
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: root
|
||||
spec:
|
||||
interval: 30s
|
||||
targetNamespace: flux-system
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: root
|
||||
path: "."
|
||||
prune: false
|
||||
timeout: 1m
|
||||
{{- end }}
|
@ -1,25 +0,0 @@
|
||||
{{ if .Capabilities.APIVersions.Has "source.toolkit.fluxcd.io/v1" }}
|
||||
apiVersion: source.toolkit.fluxcd.io/v1
|
||||
kind: GitRepository
|
||||
metadata:
|
||||
name: root-self
|
||||
spec:
|
||||
interval: 30s
|
||||
url: {{ .Values.self.url }}
|
||||
ref:
|
||||
branch: {{ .Values.self.branch }}
|
||||
---
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: root-self
|
||||
spec:
|
||||
interval: 30s
|
||||
targetNamespace: flux-system
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: root-self
|
||||
path: "."
|
||||
prune: false
|
||||
timeout: 1m
|
||||
{{- end }}
|
@ -1,5 +0,0 @@
|
||||
url: https://git.badhouseplants.net/giantswarm/cluster-example.git
|
||||
branch: main
|
||||
self:
|
||||
url: git@git.badhouseplants.net:giantswarm/root-config.git
|
||||
branch: master
|
@ -1,23 +0,0 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
@ -1,6 +0,0 @@
|
||||
dependencies:
|
||||
- name: helm-library
|
||||
repository: oci://ghcr.io/allanger/allangers-helm-library
|
||||
version: 0.1.4
|
||||
digest: sha256:6306a6a8d3c51b2b5f37cffa88c3731550da789d1ce2317a83a3f9a657310f8e
|
||||
generated: "2024-10-16T20:01:59.337767+02:00"
|
@ -1,15 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: tf-ocloud
|
||||
type: application
|
||||
version: 0.1.0
|
||||
appVersion: 0.1.5
|
||||
maintainers:
|
||||
- name: allanger
|
||||
email: allanger@zohomail.com
|
||||
url: https://badhouseplants.net
|
||||
dependencies:
|
||||
- name: helm-library
|
||||
version: 0.2.3
|
||||
repository: oci://ghcr.io/allanger/allangers-helm-library
|
||||
annotations:
|
||||
allowed_workload_kinds: "Deployment"
|
Binary file not shown.
@ -1,3 +0,0 @@
|
||||
{{ include "lib.component.workload" . }}
|
||||
{{ include "lib.component.files" . }}
|
||||
{{ include "lib.component.env" . }}
|
@ -1,67 +0,0 @@
|
||||
---
|
||||
workload:
|
||||
kind: Deployment
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
securityContext: {}
|
||||
containers:
|
||||
tf:
|
||||
securityContext: {}
|
||||
image:
|
||||
registry: zot.badhouseplants.net
|
||||
repository: badhouseplants/terraform-ocloud
|
||||
tag: 7eae6ec805bc99618a196abf9d4d2e0fd19f75e6
|
||||
pullPolicy: Always
|
||||
envFrom:
|
||||
- main
|
||||
mounts:
|
||||
files:
|
||||
ocloudkey:
|
||||
path: /src/key.pem
|
||||
subPath: key.pem
|
||||
publickey:
|
||||
path: /src/public_key
|
||||
subPath: public-key
|
||||
privatekey:
|
||||
path: /src/ssh_key
|
||||
subPath: ssh-key
|
||||
tfvars:
|
||||
path: /src/terraform.tfvars
|
||||
subPath: terraform.tfvars
|
||||
extraVolumes:
|
||||
dottf:
|
||||
path: /src/.terraform
|
||||
|
||||
extraVolumes:
|
||||
dottf:
|
||||
emptyDir: {}
|
||||
|
||||
files:
|
||||
ocloudkey:
|
||||
enabled: true
|
||||
sensitive: false
|
||||
remove: []
|
||||
entries:
|
||||
key.pem:
|
||||
data: dummy
|
||||
publickey:
|
||||
enabled: true
|
||||
sensitive: false
|
||||
remove: []
|
||||
entries:
|
||||
public-key:
|
||||
data: dummy
|
||||
privatekey:
|
||||
enabled: true
|
||||
sensitive: false
|
||||
remove: []
|
||||
entries:
|
||||
ssh-key:
|
||||
data: dummy
|
||||
tfvars:
|
||||
enabled: true
|
||||
sensitive: false
|
||||
remove: []
|
||||
entries:
|
||||
terraform.tfvars:
|
||||
data: dummy
|
@ -2,7 +2,7 @@ environments:
|
||||
badhouseplants:
|
||||
kubeContext: badhouseplants
|
||||
values:
|
||||
- ./common/values/values.badhouseplants.yaml
|
||||
#- ./common/values/values.badhouseplants.yaml
|
||||
- base:
|
||||
enabled: true
|
||||
- velero:
|
||||
|
@ -1 +1,2 @@
|
||||
registry: registry.ru.badhouseplants.net
|
||||
registry: registry.ru.badhouseplants.net/containers
|
||||
registry_url: registry.ru.badhouseplants.net
|
||||
|
@ -1,7 +1,7 @@
|
||||
releases:
|
||||
# -- This one must be executed with --take-ownership at least once
|
||||
- name: namespaces
|
||||
chart: ./charts/namespaces/chart
|
||||
chart: ./charts/namespaces
|
||||
namespace: kube-system
|
||||
createNamespace: false
|
||||
inherit:
|
||||
|
@ -11,6 +11,12 @@ repositories:
|
||||
url: https://charts.jetstack.io
|
||||
- name: metallb
|
||||
url: https://metallb.github.io/metallb
|
||||
- name: traefik
|
||||
url: https://traefik.github.io/charts
|
||||
- name: local-path-provisioner
|
||||
url: git+https://github.com/rancher/local-path-provisioner@deploy/chart?ref=master
|
||||
- name: kyverno
|
||||
url: https://kyverno.github.io/kyverno/
|
||||
|
||||
releases:
|
||||
- name: coredns
|
||||
@ -50,7 +56,66 @@ releases:
|
||||
inherit:
|
||||
- template: common-values
|
||||
|
||||
- name: zot
|
||||
- name: local-path-provisioner
|
||||
chart: local-path-provisioner/local-path-provisioner
|
||||
namespace: kube-system
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: kyverno
|
||||
chart: kyverno/kyverno
|
||||
namespace: kyverno
|
||||
version: 3.3.7
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: kyverno-policies
|
||||
chart: kyverno/kyverno-policies
|
||||
namespace: kyverno
|
||||
version: 3.3.4
|
||||
needs:
|
||||
- kyverno/kyverno
|
||||
|
||||
- name: custom-kyverno-policies
|
||||
chart: ./kustomizations/kyverno/{{ .Environment.Name }}
|
||||
namespace: kyverno
|
||||
needs:
|
||||
- kyverno/kyverno
|
||||
|
||||
- name: metallb
|
||||
chart: metallb/metallb
|
||||
namespace: kube-system
|
||||
condition: base.enabled
|
||||
version: 0.14.9
|
||||
needs:
|
||||
- registry/cluster-mirror
|
||||
inherit:
|
||||
- template: common-values
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: metallb-resources
|
||||
chart: ./charts/metallb-resources
|
||||
version: 2.0.0
|
||||
condition: base.enabled
|
||||
namespace: kube-system
|
||||
needs:
|
||||
- kube-system/metallb
|
||||
inherit:
|
||||
- template: env-values
|
||||
|
||||
- name: traefik
|
||||
chart: traefik/traefik
|
||||
version: 34.4.1
|
||||
condition: base.enabled
|
||||
namespace: kube-system
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
- template: common-values
|
||||
- template: env-values
|
||||
|
||||
- name: cluster-mirror
|
||||
chart: zot/zot
|
||||
version: 0.1.67
|
||||
createNamespace: false
|
||||
@ -67,17 +132,6 @@ releases:
|
||||
version: 3.12.2
|
||||
namespace: kube-system
|
||||
needs:
|
||||
- registry/zot
|
||||
- registry/cluster-mirror
|
||||
inherit:
|
||||
- template: common-values-tpl
|
||||
|
||||
- name: metallb
|
||||
chart: metallb/metallb
|
||||
namespace: kube-system
|
||||
condition: base.enabled
|
||||
version: 0.14.9
|
||||
needs:
|
||||
- registry/zot
|
||||
inherit:
|
||||
- template: common-values
|
||||
- template: common-values-tpl
|
||||
|
@ -29,77 +29,11 @@ repositories:
|
||||
url: https://zotregistry.dev/helm-charts/
|
||||
|
||||
releases:
|
||||
- name: cert-manager
|
||||
chart: jetstack/cert-manager
|
||||
version: v1.17.1
|
||||
namespace: kube-system
|
||||
condition: base.enabled
|
||||
missingFileHandler: Warn
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-common-values
|
||||
- template: default-env-values
|
||||
|
||||
- name: issuer
|
||||
chart: '{{ requiredEnv "PWD" }}/charts/issuer'
|
||||
namespace: kube-public
|
||||
missingFileHandler: Warn
|
||||
condition: base.enabled
|
||||
needs:
|
||||
- kube-system/cert-manager
|
||||
inherit:
|
||||
- template: default-common-values
|
||||
- template: default-env-values
|
||||
|
||||
- name: metrics-server
|
||||
chart: metrics-server/metrics-server
|
||||
version: 3.12.2
|
||||
namespace: kube-system
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-common-values
|
||||
|
||||
- name: metallb
|
||||
chart: metallb/metallb
|
||||
namespace: kube-system
|
||||
condition: base.enabled
|
||||
version: 0.14.9
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-common-values
|
||||
|
||||
- name: metallb-resources
|
||||
chart: bedag/raw
|
||||
version: 2.0.0
|
||||
condition: base.enabled
|
||||
namespace: kube-system
|
||||
needs:
|
||||
- kube-system/metallb
|
||||
inherit:
|
||||
- template: ext-metallb
|
||||
- template: default-env-values
|
||||
|
||||
- name: traefik
|
||||
chart: traefik/traefik
|
||||
version: 34.4.1
|
||||
condition: base.enabled
|
||||
namespace: kube-system
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-common-values
|
||||
- template: default-env-values
|
||||
|
||||
- name: velero
|
||||
chart: vmware-tanzu/velero
|
||||
namespace: velero
|
||||
version: 8.5.0
|
||||
condition: velero.enabled
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
@ -110,18 +44,6 @@ releases:
|
||||
condition: openebs.enabled
|
||||
namespace: kube-system
|
||||
version: 4.2.0
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
|
||||
# -- Not versions since it's idnstalled from git
|
||||
- name: local-path-provisioner
|
||||
chart: local-path-provisioner/local-path-provisioner
|
||||
condition: localpath.enabled
|
||||
namespace: kube-system
|
||||
needs:
|
||||
- kube-system/cilium
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
|
||||
@ -150,13 +72,3 @@ releases:
|
||||
- template: default-env-values
|
||||
needs:
|
||||
- istio-system/istio-base
|
||||
|
||||
- name: zot-mirror
|
||||
chart: zot/zot
|
||||
version: 0.1.67
|
||||
createNamespace: false
|
||||
installed: true
|
||||
namespace: kube-system
|
||||
inherit:
|
||||
- template: default-env-values
|
||||
- template: default-env-secrets
|
||||
|
@ -3,6 +3,7 @@ namespaces:
|
||||
- name: kube-system
|
||||
defaultRegcred: true
|
||||
- name: kyverno
|
||||
defaultRegcred: true
|
||||
- name: velero
|
||||
- name: observability
|
||||
- name: databases
|
||||
|
@ -3,22 +3,17 @@ global:
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/jetstack/cert-manager-controller
|
||||
pullPolicy: Always
|
||||
repository: {{ .Values.registry }}/jetstack/cert-manager-controller
|
||||
cainjector:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/jetstack/cert-manager-cainjector
|
||||
pullPolicy: Always
|
||||
repository: {{ .Values.registry }}/jetstack/cert-manager-cainjector
|
||||
webhook:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/jetstack/cert-manager-webhook
|
||||
pullPolicy: Always
|
||||
repository: {{ .Values.registry }}/jetstack/cert-manager-webhook
|
||||
acmesolver:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/jetstack/cert-manager-acmesolver
|
||||
pullPolicy: Always
|
||||
repository: {{ .Values.registry }}/jetstack/cert-manager-acmesolver
|
||||
startupapicheck:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/jetstack/cert-manager-startupapicheck
|
||||
pullPolicy: Always
|
||||
repository: {{ .Values.registry }}/jetstack/cert-manager-startupapicheck
|
||||
{{- end }}
|
||||
|
@ -2,15 +2,15 @@
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/cilium/cilium
|
||||
repository: {{ .Values.registry }}/cilium/cilium
|
||||
useDigest: false
|
||||
envoy:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/cilium/cilium-envoy
|
||||
repository: {{ .Values.registry }}/cilium/cilium-envoy
|
||||
useDigest: false
|
||||
operator:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/cilium/operator
|
||||
repository: {{ .Values.registry }}/cilium/operator
|
||||
useDigest: false
|
||||
hubble:
|
||||
tls:
|
||||
|
@ -1,6 +1,6 @@
|
||||
{{- if not (env "HELMFILE_BOOTSTRAP") }}
|
||||
image:
|
||||
repository: {{ .Values.registry }}/dockerhub/coredns/coredns
|
||||
repository: {{ .Values.registry }}/coredns/coredns
|
||||
pullSecrets:
|
||||
- name: regcred
|
||||
{{- end }}
|
||||
|
@ -0,0 +1,17 @@
|
||||
{{- if not (env "HELMFILE_BOOTSTRAP") }}
|
||||
image:
|
||||
repository: {{ .Values.registry }}/rancher/local-path-provisioner
|
||||
|
||||
helperImage:
|
||||
repository: {{ .Values.registry }}/library/busybox
|
||||
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
{{- end }}
|
||||
|
||||
storageClass:
|
||||
create: true
|
||||
defaultClass: true
|
||||
defaultVolumeType: local
|
||||
reclaimPolicy: Delete
|
||||
volumeBindingMode: Immediate
|
@ -1,13 +1,15 @@
|
||||
{{- if not (env "HELMFILE_BOOTSTRAP") }}
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
|
||||
controller:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/metallb/controller
|
||||
repository: {{ .Values.registry }}/metallb/controller
|
||||
|
||||
speaker:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/metallb/speaker
|
||||
repository: {{ .Values.registry }}/metallb/speaker
|
||||
frr:
|
||||
image:
|
||||
repository: {{ .Values.registry }}/quay/frrouting/frr
|
||||
repository: {{ .Values.registry }}/frrouting/frr
|
||||
{{- end }}
|
||||
|
@ -3,17 +3,20 @@ controller:
|
||||
logLevel: warn
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
# nobody
|
||||
runAsUser: 65534
|
||||
fsGroup: 65534
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 20m
|
||||
memory: 100Mi
|
||||
memory: 150Mi
|
||||
limits:
|
||||
memory: 100Mi
|
||||
memory: 150Mi
|
||||
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
failureThreshold: 3
|
||||
@ -37,9 +40,9 @@ speaker:
|
||||
resources:
|
||||
requests:
|
||||
cpu: 30m
|
||||
memory: 300Mi
|
||||
memory: 350Mi
|
||||
limits:
|
||||
memory: 300Mi
|
||||
memory: 350Mi
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
failureThreshold: 3
|
||||
|
@ -1,5 +1,5 @@
|
||||
image:
|
||||
repository: {{ .Values.registry }}/k8s/metrics-server/metrics-server
|
||||
repository: {{ .Values.registry }}/metrics-server/metrics-server
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
apiService:
|
||||
|
8
values/common/kube-system/traefik/values.gotmpl
Normal file
8
values/common/kube-system/traefik/values.gotmpl
Normal file
@ -0,0 +1,8 @@
|
||||
{{- if not (env "HELMFILE_BOOTSTRAP") }}
|
||||
deployment:
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
|
||||
image:
|
||||
registry: {{ .Values.registry }}/library
|
||||
{{- end }}
|
@ -1,13 +1,11 @@
|
||||
globalArguments:
|
||||
- "--serversTransport.insecureSkipVerify=true"
|
||||
- "--providers.kubernetesingress.ingressendpoint.publishedservice=kube-system/traefik"
|
||||
|
||||
ports:
|
||||
web:
|
||||
redirections:
|
||||
port: websecure
|
||||
|
||||
deployment:
|
||||
replicas: 2
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
image:
|
||||
registry: registry.badhouseplants.net/dockerhub/library
|
7
values/common/kyverno/kyverno/values.gotmpl
Normal file
7
values/common/kyverno/kyverno/values.gotmpl
Normal file
@ -0,0 +1,7 @@
|
||||
{{- if not (env "HELMFILE_BOOTSTRAP") }}
|
||||
global:
|
||||
image:
|
||||
registry: {{ .Values.registry }}
|
||||
imagePullSecrets:
|
||||
- name: regcred
|
||||
{{- end }}
|
@ -12,13 +12,13 @@ ingress:
|
||||
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||
pathtype: Prefix
|
||||
hosts:
|
||||
- host: {{ .Values.registry }}
|
||||
- host: {{ .Values.registry_url }}
|
||||
paths:
|
||||
- path: /
|
||||
tls:
|
||||
- secretName: {{ .Values.registry }}
|
||||
- secretName: {{ .Values.registry_url }}
|
||||
hosts:
|
||||
- {{ .Values.registry }}
|
||||
- {{ .Values.registry_url }}
|
||||
service:
|
||||
type: ClusterIP
|
||||
persistence: true
|
||||
@ -28,6 +28,8 @@ pvc:
|
||||
velero.io/exclude-from-backup: true
|
||||
mountConfig: true
|
||||
mountSecret: true
|
||||
strategy:
|
||||
type: Recreate
|
||||
configFiles:
|
||||
config.json: |-
|
||||
{
|
||||
@ -58,7 +60,7 @@ configFiles:
|
||||
"http": {
|
||||
"address": "0.0.0.0",
|
||||
"port": "5000",
|
||||
"externalUrl": "https://{{ .Values.registry }}",
|
||||
"externalUrl": "https://{{ .Values.registry_url }}",
|
||||
"auth": {
|
||||
"htpasswd": {
|
||||
"path": "/secret/htpasswd"
|
||||
@ -92,7 +94,7 @@ configFiles:
|
||||
}
|
||||
},
|
||||
"log": {
|
||||
"level": "info"
|
||||
"level": "warn"
|
||||
},
|
||||
"extensions": {
|
||||
"scrub": {
|
||||
@ -112,13 +114,38 @@ configFiles:
|
||||
"registries": [
|
||||
{
|
||||
"urls": [
|
||||
"https://docker.io/library",
|
||||
"https://quay.io"
|
||||
],
|
||||
"content": [
|
||||
{
|
||||
"prefix": "**",
|
||||
"destination": "/containers"
|
||||
}
|
||||
],
|
||||
"onDemand": true,
|
||||
"tlsVerify": true
|
||||
},
|
||||
{
|
||||
"urls": [
|
||||
"https://ghcr.io"
|
||||
],
|
||||
"content": [
|
||||
{
|
||||
"prefix": "**",
|
||||
"destination": "/containers"
|
||||
}
|
||||
],
|
||||
"onDemand": true,
|
||||
"tlsVerify": true
|
||||
},
|
||||
{
|
||||
"urls": [
|
||||
"https://docker.io"
|
||||
],
|
||||
"content": [
|
||||
{
|
||||
"prefix": "**",
|
||||
"destination": "/dockerhub"
|
||||
"destination": "/containers"
|
||||
}
|
||||
],
|
||||
"onDemand": true,
|
||||
@ -131,20 +158,7 @@ configFiles:
|
||||
"content": [
|
||||
{
|
||||
"prefix": "**",
|
||||
"destination": "/k8s"
|
||||
}
|
||||
],
|
||||
"onDemand": true,
|
||||
"tlsVerify": true
|
||||
},
|
||||
{
|
||||
"urls": [
|
||||
"https://quay.io"
|
||||
],
|
||||
"content": [
|
||||
{
|
||||
"prefix": "**",
|
||||
"destination": "/quay"
|
||||
"destination": "/containers"
|
||||
}
|
||||
],
|
||||
"onDemand": true,
|
@ -0,0 +1 @@
|
||||
addresses: 91.232.225.63-91.232.225.63
|
@ -4,3 +4,5 @@ namespaces:
|
||||
defaultRegcred: true
|
||||
- name: applications
|
||||
- name: platform
|
||||
- name: kyverno
|
||||
defaultRegcred: true
|
||||
|
@ -1,3 +1,8 @@
|
||||
providers:
|
||||
kubernetesCRD:
|
||||
allowExternalNameServices: true
|
||||
enabled: true
|
||||
|
||||
ports:
|
||||
openvpn:
|
||||
port: 1194
|
||||
@ -17,7 +22,3 @@ ports:
|
||||
default: true
|
||||
exposedPort: 27016
|
||||
protocol: TCP
|
||||
providers: # @schema additionalProperties: false
|
||||
kubernetesCRD:
|
||||
enabled: true
|
||||
allowExternalNameServices: true
|
@ -1,6 +0,0 @@
|
||||
storageClass:
|
||||
create: true
|
||||
defaultClass: true
|
||||
defaultVolumeType: local
|
||||
reclaimPolicy: Delete
|
||||
volumeBindingMode: Immediate
|
Loading…
x
Reference in New Issue
Block a user