First part of migrating to openebs

2020-04-24 00:03:47 +02:00 · 2020-04-24 00:03:47 +02:00 · f6186e7484
parent fdca02ab23
commit f6186e7484
7 changed files with 57 additions and 69 deletions
--- a/k8s/README.md
+++ b/k8s/README.md
@ -27,23 +27,18 @@ kubectl patch deployment $DEPLOYMENT -n $NAMESPACE -p "{\"spec\": {\"template\":
 ## namespaces

 ```sh
-namespaces="flux cert-manager nginx-ingress infrapuzzle kuard auth nextcloud datalab web development longhorn-system tt-rss backup"
+namespaces="flux cert-manager nginx-ingress infrapuzzle kuard auth nextcloud datalab web development tt-rss backup monitoring"
 for i in $( echo $NAMESPACES ) ; do
  k create ns $i
 done
 ```

-## [helm-operator](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md)
+## helm repositories

-As I use helm extensively, using the helm-operator was a logical step. [See documentation for installation.](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md)
-
-```bash
-$ helm repo add fluxcd https://charts.fluxcd.io
-$ helm repo update
-$ kubectl apply -f https://raw.githubusercontent.com/fluxcd/helm-operator/master/deploy/crds.yaml
-$ helm upgrade -i helm-operator fluxcd/helm-operator \
-    --namespace flux \
-    --set helm.versions=v3
+```sh
+helm repo add stable https://kubernetes-charts.storage.googleapis.com
+helm repo add jetstack https://charts.jetstack.io
+helm repo update
 ```

 ## [ingress-controller](https://github.com/helm/charts/tree/master/stable/nginx-ingress)
@ -51,7 +46,7 @@ $ helm upgrade -i helm-operator fluxcd/helm-operator \
 Apply with helm-operator:

 ```bash
-$ kubectl apply -f nginx-ingress/ingress.yaml
+helm upgrade nginx-ingress stable/nginx-ingress -n nginx-ingress -f nginx-ingress/nginx-ingress.yaml
 ```

 ## [cert-manager](https://cert-manager.io/docs/tutorials/acme/ingress/)
@ -59,8 +54,10 @@ $ kubectl apply -f nginx-ingress/ingress.yaml
 Apply with helm-operator:

 ```bash
+helm upgrade cert-manager jetstack/cert-manager -n cert-manager -f cert-manager/cert-manager.yaml
+# probably not even needed:
 $ kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/master/deploy/manifests/00-crds.yaml
-$ kubectl apply -f cert-manager/cert-manager.yaml
+# this is required:
 $ kubectl apply -f cert-manager/staging-issuer.yaml
 $ kubectl apply -f cert-manager/production-issuer.yaml
 ```
@ -73,13 +70,16 @@ $ kubectl apply -f kuard
 $ kubectl delete -f kuard
 ```

-## longhorn-system
+## Add private docker registry

 ```sh
-# on node:
-sudo yum install -y iscsi-initiator-utils
-# locally
-kubectl apply -f longhorn-system/longhorn.yaml
+# create secret base64 encoded and put it in htpasswd helm chart
+USER='moritz'
+PASSWORD='xxx'
+docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD
+# #
+helm upgrade --install docker-registry stable/docker-registry -n development -f development/registry.secret.yaml
+##kubectl apply -f development/registry.secret.yaml
 ```

 ## rstudio
@ -91,16 +91,7 @@ kubectl apply -f datalab/rstudio.yaml
 ```


-## Add private docker registry

-```sh
-# create secret base64 encoded and put it in htpasswd helm chart
-USER='moritz'
-PASSWORD='xxx'
-docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD
-# 
-kubectl apply -f development/registry.secret.yaml
-```

 ### creating docker-pull-secret

@ -137,6 +128,12 @@ kubectl apply -f tt-rss/
 kubectl apply -f minio
 ```

+## monitoring
+
+```sh
+
+```
+
 ## auth

 Including:
--- a/k8s/cert-manager/cert-manager.yaml
+++ b/k8s/cert-manager/cert-manager.yaml
@ -1,22 +1,9 @@
 # status: implemented

-apiVersion: helm.fluxcd.io/v1
-kind: HelmRelease
-metadata:
-  name: helm-cert-manager
-  namespace: flux
-spec:
-  releaseName: cert-manager
-  targetNamespace: cert-manager
-  chart:
-    repository: https://charts.jetstack.io
-    version: v0.14.1
-    name: cert-manager
-  values:
-    replicaCount: 1
-    webhook:
-      replicaCount: 1
-    podLabels:
-      app: cert-manager
-    prometheus:
-      enabled: false
+replicaCount: 1
+webhook:
+  replicaCount: 1
+podLabels:
+  app: cert-manager
+prometheus:
+  enabled: false
--- a/k8s/datalab/redeploy.yaml
+++ b/k8s/datalab/redeploy.yaml
@ -72,7 +72,7 @@ spec:
          - name: "hub-moritzgraf-de"
          containers:
          - name: redeploy-corona
-            image: hub.moritzgraf.de:5000/redeploy:latest
+            image: registry.haumdaucher.de/redeploy:latest
            env:
            - name: DEPLOYMENT
              value: "corona"
--- a/k8s/datalab/rstudio.yaml
+++ b/k8s/datalab/rstudio.yaml
@ -56,7 +56,7 @@ metadata:
 spec:
  accessModes:
    - ReadWriteOnce
-  storageClassName: longhorn
+  storageClassName: openebs-hostpath
  resources:
    requests:
      storage: 10Gi
--- a/k8s/development/registry.secret.yaml
+++ b/k8s/development/registry.secret.yaml
--- a/k8s/nginx-ingress/nginx-ingress.yaml
+++ b/k8s/nginx-ingress/nginx-ingress.yaml
@ -1,22 +1,9 @@
 # status: implemented

-apiVersion: helm.fluxcd.io/v1
-kind: HelmRelease
-metadata:
-  name: helm-nginx-ingress
-  namespace: flux
-spec:
-  releaseName: nginx-ingress
-  targetNamespace: nginx-ingress
-  chart:
-    repository: https://kubernetes-charts.storage.googleapis.com
-    version: 1.35.0
-    name: nginx-ingress
-  values:
-    controller:
-      hostNetwork: true
-      kind: DaemonSet
-      daemonset:
-        useHostPort: true
-      dnsPolicy: ClusterFirstWithHostNet
-      reportNodeInternalIp: true
+controller:
+  hostNetwork: true
+  kind: DaemonSet
+  daemonset:
+    useHostPort: true
+  dnsPolicy: ClusterFirstWithHostNet
+  reportNodeInternalIp: true
--- a/k8s/openebs/openebs.yml
+++ b/k8s/openebs/openebs.yml
@ -0,0 +1,17 @@
+# # status: implemented
+
+apiVersion: helm.fluxcd.io/v1
+kind: HelmRelease
+metadata:
+  name: helm-openebs
+  namespace: flux
+spec:
+  releaseName: openebs
+  targetNamespace: openebs
+  chart:
+    repository: https://kubernetes-charts.storage.googleapis.com
+    version: 1.9.0
+    name: openebs
+  values:
+    analytics:
+      enabled: false