diff --git a/k8s/README.md b/k8s/README.md index 458d13e..7c20734 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -27,23 +27,18 @@ kubectl patch deployment $DEPLOYMENT -n $NAMESPACE -p "{\"spec\": {\"template\": ## namespaces ```sh -namespaces="flux cert-manager nginx-ingress infrapuzzle kuard auth nextcloud datalab web development longhorn-system tt-rss backup" +namespaces="flux cert-manager nginx-ingress infrapuzzle kuard auth nextcloud datalab web development tt-rss backup monitoring" for i in $( echo $NAMESPACES ) ; do k create ns $i done ``` -## [helm-operator](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md) +## helm repositories -As I use helm extensively, using the helm-operator was a logical step. [See documentation for installation.](https://github.com/fluxcd/helm-operator/blob/master/chart/helm-operator/README.md) - -```bash -$ helm repo add fluxcd https://charts.fluxcd.io -$ helm repo update -$ kubectl apply -f https://raw.githubusercontent.com/fluxcd/helm-operator/master/deploy/crds.yaml -$ helm upgrade -i helm-operator fluxcd/helm-operator \ - --namespace flux \ - --set helm.versions=v3 +```sh +helm repo add stable https://kubernetes-charts.storage.googleapis.com +helm repo add jetstack https://charts.jetstack.io +helm repo update ``` ## [ingress-controller](https://github.com/helm/charts/tree/master/stable/nginx-ingress) @@ -51,7 +46,7 @@ $ helm upgrade -i helm-operator fluxcd/helm-operator \ Apply with helm-operator: ```bash -$ kubectl apply -f nginx-ingress/ingress.yaml +helm upgrade nginx-ingress stable/nginx-ingress -n nginx-ingress -f nginx-ingress/nginx-ingress.yaml ``` ## [cert-manager](https://cert-manager.io/docs/tutorials/acme/ingress/) @@ -59,8 +54,10 @@ $ kubectl apply -f nginx-ingress/ingress.yaml Apply with helm-operator: ```bash +helm upgrade cert-manager jetstack/cert-manager -n cert-manager -f cert-manager/cert-manager.yaml +# probably not even needed: $ kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/master/deploy/manifests/00-crds.yaml -$ kubectl apply -f cert-manager/cert-manager.yaml +# this is required: $ kubectl apply -f cert-manager/staging-issuer.yaml $ kubectl apply -f cert-manager/production-issuer.yaml ``` @@ -73,13 +70,16 @@ $ kubectl apply -f kuard $ kubectl delete -f kuard ``` -## longhorn-system +## Add private docker registry ```sh -# on node: -sudo yum install -y iscsi-initiator-utils -# locally -kubectl apply -f longhorn-system/longhorn.yaml +# create secret base64 encoded and put it in htpasswd helm chart +USER='moritz' +PASSWORD='xxx' +docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD +# # +helm upgrade --install docker-registry stable/docker-registry -n development -f development/registry.secret.yaml +##kubectl apply -f development/registry.secret.yaml ``` ## rstudio @@ -91,16 +91,7 @@ kubectl apply -f datalab/rstudio.yaml ``` -## Add private docker registry -```sh -# create secret base64 encoded and put it in htpasswd helm chart -USER='moritz' -PASSWORD='xxx' -docker run --entrypoint htpasswd --rm registry:2 -Bbn $USER $PASSWORD -# -kubectl apply -f development/registry.secret.yaml -``` ### creating docker-pull-secret @@ -137,6 +128,12 @@ kubectl apply -f tt-rss/ kubectl apply -f minio ``` +## monitoring + +```sh + +``` + ## auth Including: diff --git a/k8s/cert-manager/cert-manager.yaml b/k8s/cert-manager/cert-manager.yaml index 9bd9c32..d6b117a 100644 --- a/k8s/cert-manager/cert-manager.yaml +++ b/k8s/cert-manager/cert-manager.yaml @@ -1,22 +1,9 @@ # status: implemented -apiVersion: helm.fluxcd.io/v1 -kind: HelmRelease -metadata: - name: helm-cert-manager - namespace: flux -spec: - releaseName: cert-manager - targetNamespace: cert-manager - chart: - repository: https://charts.jetstack.io - version: v0.14.1 - name: cert-manager - values: - replicaCount: 1 - webhook: - replicaCount: 1 - podLabels: - app: cert-manager - prometheus: - enabled: false +replicaCount: 1 +webhook: + replicaCount: 1 +podLabels: + app: cert-manager +prometheus: + enabled: false diff --git a/k8s/datalab/redeploy.yaml b/k8s/datalab/redeploy.yaml index adc29dd..de52472 100644 --- a/k8s/datalab/redeploy.yaml +++ b/k8s/datalab/redeploy.yaml @@ -72,7 +72,7 @@ spec: - name: "hub-moritzgraf-de" containers: - name: redeploy-corona - image: hub.moritzgraf.de:5000/redeploy:latest + image: registry.haumdaucher.de/redeploy:latest env: - name: DEPLOYMENT value: "corona" diff --git a/k8s/datalab/rstudio.yaml b/k8s/datalab/rstudio.yaml index b6dbd33..98f9279 100644 --- a/k8s/datalab/rstudio.yaml +++ b/k8s/datalab/rstudio.yaml @@ -56,7 +56,7 @@ metadata: spec: accessModes: - ReadWriteOnce - storageClassName: longhorn + storageClassName: openebs-hostpath resources: requests: storage: 10Gi diff --git a/k8s/development/registry.secret.yaml b/k8s/development/registry.secret.yaml index 1a078bd..f63cdb3 100644 Binary files a/k8s/development/registry.secret.yaml and b/k8s/development/registry.secret.yaml differ diff --git a/k8s/nginx-ingress/nginx-ingress.yaml b/k8s/nginx-ingress/nginx-ingress.yaml index 01a6911..70cffec 100644 --- a/k8s/nginx-ingress/nginx-ingress.yaml +++ b/k8s/nginx-ingress/nginx-ingress.yaml @@ -1,22 +1,9 @@ # status: implemented -apiVersion: helm.fluxcd.io/v1 -kind: HelmRelease -metadata: - name: helm-nginx-ingress - namespace: flux -spec: - releaseName: nginx-ingress - targetNamespace: nginx-ingress - chart: - repository: https://kubernetes-charts.storage.googleapis.com - version: 1.35.0 - name: nginx-ingress - values: - controller: - hostNetwork: true - kind: DaemonSet - daemonset: - useHostPort: true - dnsPolicy: ClusterFirstWithHostNet - reportNodeInternalIp: true +controller: + hostNetwork: true + kind: DaemonSet + daemonset: + useHostPort: true + dnsPolicy: ClusterFirstWithHostNet + reportNodeInternalIp: true diff --git a/k8s/openebs/openebs.yml b/k8s/openebs/openebs.yml new file mode 100644 index 0000000..a930ff8 --- /dev/null +++ b/k8s/openebs/openebs.yml @@ -0,0 +1,17 @@ +# # status: implemented + +apiVersion: helm.fluxcd.io/v1 +kind: HelmRelease +metadata: + name: helm-openebs + namespace: flux +spec: + releaseName: openebs + targetNamespace: openebs + chart: + repository: https://kubernetes-charts.storage.googleapis.com + version: 1.9.0 + name: openebs + values: + analytics: + enabled: false \ No newline at end of file