moritz
/
infrapuzzle
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adding recent AGENTS file and recent README

This commit is contained in:
Moritz Graf 2026-02-07 08:58:47 +01:00
parent ffa0140d0b
commit cb36f4606c
3 changed files with 84 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
bootstrap/AGENTS.md Normal file
View File

@ -0,0 +1,49 @@
# AGENTS.md
> [!NOTE]
> This directory handles the **bootstrapping and provisioning** of the Haumdaucher Kubernetes cluster using **Kubespray**.
## Project Overview
* **Tool**: [Kubespray](https://github.com/kubernetes-sigs/kubespray) (Ansible-based).
* **Method**: The local `inventory/` is the source of truth, which is synced into a checked-out Kubespray repository.
* **Idempotency**: The process is designed to be repeatable. The `kubespray` folder is treated as ephemeral and is re-created by `init.sh`.
## Workflow & Scripts
The core workflow is encapsulated in `init.sh`.
### `init.sh`
**Purpose**: Prepares the environment and Kubespray for deployment.
**Actions**:
1. **Clean Slate**: Deletes existing `kubespray/` directory.
2. **Clone**: Clones Kubespray (version defined in variable `VERSION`, e.g., `release-2.27`).
3. **Environment**: Sets up Python virtualenv via `pyenv` and installs `requirements.txt`.
4. **Sync**: Copies local `./inventory/` configurations into `./kubespray/inventory/`.
### Usage
1. **Source the script**:
```bash
source init.sh
```
2. **Deploy / Upgrade**:
After sourcing, go to the `kubespray` directory and run the Ansible playbooks as instructed by the script output.
* **Standard Run**:
```bash
cd kubespray
ansible-playbook -i inventory/prod/inventory.ini cluster.yml
```
* **Forced Upgrade**:
```bash
cd kubespray
ansible-playbook -i inventory/prod/inventory.ini -e upgrade_cluster_setup=true cluster.yml
```
## Directory Structure
* `init.sh`: The entry point script. **Source of truth for Kubespray version.**
* `inventory/`: Contains cluster inventory configurations (hosts, variables). **Edit this, not the one in `kubespray/`**.
* `kubespray/`: (Ignored/Ephemeral) The checked-out Kubespray repository. **Do not edit files here directly**; they will be overwritten.
## Configuration Updates
To upgrade Kubespray or change cluster config:
1. **Version Upgrade**: Update `VERSION` in `init.sh` (e.g., to `release-2.28`).
2. **Config Changes**: Modify files in `./inventory/`.
3. **Apply**: Run `source init.sh` then execute the Ansible playbook.

17
bootstrap/GEMINI.md
View File

@ -1,17 +0,0 @@
# Purpose
This project configures a Kubernetes cluster utilizing Kubespray with a Vagrant-based development environment.
# Current task
Currently Kubespray `release-2.26`is used. I want you to:
* Read the changelog of Kubespray 2.27 here: https://github.com/kubernetes-sigs/kubespray/releases
* Analyze changes for this new version 2.27.
* MOdify the inventory files in "./inventory" to fit those changes.
* MOdify "init.sh" script and write "release-2.27" as the new version to be used.
# Folder structure
* `./init.sh` - Bootstrap script to set up the environment. The variable `release` defines the Kubespray version to be used.
* `./inventory/` - Directory containing inventory configurations for the Kubernetes cluster. It also contains variables on the Kubeernetes version.
* `./kubespray/` a checked out clone of the Kubespray repository with a specific version. We do not edit files in this sub folder. The "inventory folder from current sub folder will be synced into this "kubespray" folder.

41
k8s/README.md
View File

@ -160,8 +160,20 @@ USER='moritz'
PASSWORD='xxx' PASSWORD='xxx'
docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD
# # # #
helm upgrade --install --create-namespace docker-registry stable/docker-registry -n development -f development/registry.secret.yaml # 1. Add the modern repo
##kubectl apply -f development/registry.secret.yaml helm repo add twuni https://twuni.github.io/docker-registry.helm
helm repo update
# 2. Install the new one
helm upgrade --install docker-registry twuni/docker-registry \
--namespace development \
--create-namespace \
-f development/registry.secret.yaml
### 3. Verification
Once deployed, verify you can login from your local machine:
```bash
docker login registry.haumdaucher.de -u moritz
``` ```
### creating docker-pull-secret ### creating docker-pull-secret
@ -169,14 +181,14 @@ helm upgrade --install --create-namespace docker-registry stable/docker-registry
Create credentials secret [according to docu](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line): Create credentials secret [according to docu](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-secret-by-providing-credentials-on-the-command-line):
```sh ```sh
namespaces="datalab moritz web" namespaces="datalab moritz web haumdaucher"
# the following is ONLY required to update the secret file!! # the following is ONLY required to update the secret file!!
for i in $( echo $namespaces ) ; do for i in $( echo $namespaces ) ; do
kubectl create secret docker-registry registry-haumdaucher-de \ kubectl create secret docker-registry registry-haumdaucher-de \
-n $i \ -n $i \
--docker-server=registry.haumdaucher.de \ --docker-server=registry.haumdaucher.de \
--docker-username=moritz \ --docker-username=moritz \
--docker-password='xxx' \ --docker-password='xxxxxxx' \
--docker-email=moritz@moritzgraf.de \ --docker-email=moritz@moritzgraf.de \
--dry-run -o yaml > ./${i}/docker-pull.yaml.secret --dry-run -o yaml > ./${i}/docker-pull.yaml.secret
done done
@ -352,7 +364,7 @@ helm repo update
helm upgrade --install robusta robusta/robusta -n robusta -f ./robusta/robusta.yaml helm upgrade --install robusta robusta/robusta -n robusta -f ./robusta/robusta.yaml
``` ```
## gitea ## gitea (old, no longer existant, do not use)
In case my PRs have been accepted this is no longer necessary: In case my PRs have been accepted this is no longer necessary:
@ -370,6 +382,23 @@ helm upgrade --install gitea ./gitea-chart -n development -f development/gitea.s
helm upgrade --install gitea-phpmyadmin bitnami/phpmyadmin -n development -f development/gitea-phpmyadmin.yml helm upgrade --install gitea-phpmyadmin bitnami/phpmyadmin -n development -f development/gitea-phpmyadmin.yml
``` ```
## gitea (new set up)
Chart used: [https://gitea.com/gitea/helm-gitea](https://gitea.com/gitea/helm-gitea)
History: Manually deleted the old git server and reapplied a new one.
```sh
# 1. Add/Update Repo
helm repo add gitea-charts https://dl.gitea.com/charts/
helm repo update
# 2. Install
helm upgrade --install gitea gitea-charts/gitea \
--namespace development \
-f development/gitea.secret.yml
```
### backup & restore ### backup & restore
See the backup cronjob in the `/backup/` folder. See the backup cronjob in the `/backup/` folder.
@ -705,7 +734,7 @@ Using helm chart from [https://github.com/8gears/n8n-helm-chart](https://github.
kubectl create ns n8n kubectl create ns n8n
helm upgrade --cleanup-on-fail --install mop-n8n \ helm upgrade --cleanup-on-fail --install mop-n8n \
oci://8gears.container-registry.com/library/n8n \ oci://8gears.container-registry.com/library/n8n \
--namespace n8n --values n8n/n8n.secret.yml --version 1.0.15 --namespace n8n --values n8n/n8n.secret.yml --version 2.0.1
``` ```
To verify installation was correcet, use the following command: To verify installation was correcet, use the following command: