diff --git a/bootstrap/AGENTS.md b/bootstrap/AGENTS.md new file mode 100644 index 0000000..0e9d988 --- /dev/null +++ b/bootstrap/AGENTS.md @@ -0,0 +1,49 @@ +# AGENTS.md + +> [!NOTE] +> This directory handles the **bootstrapping and provisioning** of the Haumdaucher Kubernetes cluster using **Kubespray**. + +## Project Overview +* **Tool**: [Kubespray](https://github.com/kubernetes-sigs/kubespray) (Ansible-based). +* **Method**: The local `inventory/` is the source of truth, which is synced into a checked-out Kubespray repository. +* **Idempotency**: The process is designed to be repeatable. The `kubespray` folder is treated as ephemeral and is re-created by `init.sh`. + +## Workflow & Scripts +The core workflow is encapsulated in `init.sh`. + +### `init.sh` +**Purpose**: Prepares the environment and Kubespray for deployment. +**Actions**: +1. **Clean Slate**: Deletes existing `kubespray/` directory. +2. **Clone**: Clones Kubespray (version defined in variable `VERSION`, e.g., `release-2.27`). +3. **Environment**: Sets up Python virtualenv via `pyenv` and installs `requirements.txt`. +4. **Sync**: Copies local `./inventory/` configurations into `./kubespray/inventory/`. + +### Usage +1. **Source the script**: + ```bash + source init.sh + ``` +2. **Deploy / Upgrade**: + After sourcing, go to the `kubespray` directory and run the Ansible playbooks as instructed by the script output. + * **Standard Run**: + ```bash + cd kubespray + ansible-playbook -i inventory/prod/inventory.ini cluster.yml + ``` + * **Forced Upgrade**: + ```bash + cd kubespray + ansible-playbook -i inventory/prod/inventory.ini -e upgrade_cluster_setup=true cluster.yml + ``` + +## Directory Structure +* `init.sh`: The entry point script. **Source of truth for Kubespray version.** +* `inventory/`: Contains cluster inventory configurations (hosts, variables). **Edit this, not the one in `kubespray/`**. +* `kubespray/`: (Ignored/Ephemeral) The checked-out Kubespray repository. **Do not edit files here directly**; they will be overwritten. + +## Configuration Updates +To upgrade Kubespray or change cluster config: +1. **Version Upgrade**: Update `VERSION` in `init.sh` (e.g., to `release-2.28`). +2. **Config Changes**: Modify files in `./inventory/`. +3. **Apply**: Run `source init.sh` then execute the Ansible playbook. \ No newline at end of file diff --git a/bootstrap/GEMINI.md b/bootstrap/GEMINI.md deleted file mode 100644 index ed27030..0000000 --- a/bootstrap/GEMINI.md +++ /dev/null @@ -1,17 +0,0 @@ -# Purpose - -This project configures a Kubernetes cluster utilizing Kubespray with a Vagrant-based development environment. - -# Current task - -Currently Kubespray `release-2.26`is used. I want you to: -* Read the changelog of Kubespray 2.27 here: https://github.com/kubernetes-sigs/kubespray/releases -* Analyze changes for this new version 2.27. -* MOdify the inventory files in "./inventory" to fit those changes. -* MOdify "init.sh" script and write "release-2.27" as the new version to be used. - -# Folder structure - -* `./init.sh` - Bootstrap script to set up the environment. The variable `release` defines the Kubespray version to be used. -* `./inventory/` - Directory containing inventory configurations for the Kubernetes cluster. It also contains variables on the Kubeernetes version. -* `./kubespray/` a checked out clone of the Kubespray repository with a specific version. We do not edit files in this sub folder. The "inventory folder from current sub folder will be synced into this "kubespray" folder. \ No newline at end of file diff --git a/k8s/README.md b/k8s/README.md index a75bd02..f1f7594 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -160,8 +160,20 @@ USER='moritz' PASSWORD='xxx' docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD # # -helm upgrade --install --create-namespace docker-registry stable/docker-registry -n development -f development/registry.secret.yaml -##kubectl apply -f development/registry.secret.yaml +# 1. Add the modern repo +helm repo add twuni https://twuni.github.io/docker-registry.helm +helm repo update + +# 2. Install the new one +helm upgrade --install docker-registry twuni/docker-registry \ + --namespace development \ + --create-namespace \ + -f development/registry.secret.yaml + +### 3. Verification +Once deployed, verify you can login from your local machine: +```bash +docker login registry.haumdaucher.de -u moritz ``` ### creating docker-pull-secret @@ -169,14 +181,14 @@ helm upgrade --install --create-namespace docker-registry stable/docker-registry Create credentials secret [according to docu](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line): ```sh -namespaces="datalab moritz web" +namespaces="datalab moritz web haumdaucher" # the following is ONLY required to update the secret file!! for i in $( echo $namespaces ) ; do kubectl create secret docker-registry registry-haumdaucher-de \ -n $i \ --docker-server=registry.haumdaucher.de \ --docker-username=moritz \ - --docker-password='xxx' \ + --docker-password='xxxxxxx' \ --docker-email=moritz@moritzgraf.de \ --dry-run -o yaml > ./${i}/docker-pull.yaml.secret done @@ -352,7 +364,7 @@ helm repo update helm upgrade --install robusta robusta/robusta -n robusta -f ./robusta/robusta.yaml ``` -## gitea +## gitea (old, no longer existant, do not use) In case my PRs have been accepted this is no longer necessary: @@ -370,6 +382,23 @@ helm upgrade --install gitea ./gitea-chart -n development -f development/gitea.s helm upgrade --install gitea-phpmyadmin bitnami/phpmyadmin -n development -f development/gitea-phpmyadmin.yml ``` +## gitea (new set up) + +Chart used: [https://gitea.com/gitea/helm-gitea](https://gitea.com/gitea/helm-gitea) + +History: Manually deleted the old git server and reapplied a new one. + +```sh +# 1. Add/Update Repo +helm repo add gitea-charts https://dl.gitea.com/charts/ +helm repo update + +# 2. Install +helm upgrade --install gitea gitea-charts/gitea \ + --namespace development \ + -f development/gitea.secret.yml +``` + ### backup & restore See the backup cronjob in the `/backup/` folder. @@ -705,7 +734,7 @@ Using helm chart from [https://github.com/8gears/n8n-helm-chart](https://github. kubectl create ns n8n helm upgrade --cleanup-on-fail --install mop-n8n \ oci://8gears.container-registry.com/library/n8n \ ---namespace n8n --values n8n/n8n.secret.yml --version 1.0.15 +--namespace n8n --values n8n/n8n.secret.yml --version 2.0.1 ``` To verify installation was correcet, use the following command: