DeveloperDurp/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
DeveloperDurp
2025-05-07 15:06:27 -05:00
parent a66bd5f10a
commit 1463788a5e
6 changed files with 268 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/newcluster.yaml
View File

@@ -1,2 +1,2 @@
argocd login --insecure argocd login --insecure
argocd cluster add <cluster> --name<name> argocd cluster add default --name prd --yes --kubeconfig ~/Documents/config-prd

12
dmz/longhorn/Chart.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v2
name: longhorn-system
description: A Helm chart for Kubernetes
type: application
version: 0.1.0
appVersion: "1.16.0"
dependencies:
- name: longhorn
repository: https://charts.longhorn.io
version: 1.7.2

32
dmz/longhorn/templates/ingress.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: longhorn-ingress
annotations:
cert-manager.io/cluster-issuer: vault-issuer
spec:
entryPoints:
- websecure
routes:
- match: Host(`longhorn.dmz.durp.info`) && PathPrefix(`/`)
kind: Rule
services:
- name: longhorn-frontend
port: 80
tls:
secretName: longhorn-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: longhorn-tls
spec:
secretName: longhorn-tls
issuerRef:
name: vault-issuer
kind: ClusterIssuer
commonName: "longhorn.dmz.durp.info"
dnsNames:
- "longhorn.dmz.durp.info"

30
dmz/longhorn/templates/secrets.yaml Normal file
View File

@@ -0,0 +1,30 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: vault
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: external-longhorn-backup-token-secret
spec:
secretStoreRef:
name: vault
kind: ClusterSecretStore
target:
name: longhorn-backup-token-secret
data:
- secretKey: AWS_ACCESS_KEY_ID
remoteRef:
key: kv/longhorn/backup
property: AWS_ACCESS_KEY_ID
- secretKey: AWS_ENDPOINTS
remoteRef:
key: kv/longhorn/backup
property: AWS_ENDPOINTS
- secretKey: AWS_SECRET_ACCESS_KEY
remoteRef:
key: kv/longhorn/backup
property: AWS_SECRET_ACCESS_KEY

192
dmz/longhorn/values.yaml Normal file
View File

@@ -0,0 +1,192 @@
longhorn:
global:
cattle:
systemDefaultRegistry: ""
image:
longhorn:
engine:
repository: longhornio/longhorn-engine
manager:
repository: longhornio/longhorn-manager
ui:
repository: longhornio/longhorn-ui
instanceManager:
repository: longhornio/longhorn-instance-manager
shareManager:
repository: longhornio/longhorn-share-manager
backingImageManager:
repository: longhornio/backing-image-manager
csi:
attacher:
repository: longhornio/csi-attacher
provisioner:
repository: longhornio/csi-provisioner
nodeDriverRegistrar:
repository: longhornio/csi-node-driver-registrar
resizer:
repository: longhornio/csi-resizer
snapshotter:
repository: longhornio/csi-snapshotter
pullPolicy: Always
service:
ui:
type: ClusterIP
nodePort: null
manager:
type: ClusterIP
nodePort: ""
loadBalancerIP: ""
loadBalancerSourceRanges: ""
persistence:
defaultClass: true
defaultFsType: ext4
defaultClassReplicaCount: 3
defaultDataLocality: disabled # best-effort otherwise
reclaimPolicy: Delete
migratable: false
recurringJobSelector:
enable: true
jobList: '[
{
"name":"backup",
"task":"backup",
"cron":"0 0 * * *",
"retain":24
}
]'
backingImage:
enable: false
name: ~
dataSourceType: ~
dataSourceParameters: ~
expectedChecksum: ~
csi:
kubeletRootDir: ~
attacherReplicaCount: ~
provisionerReplicaCount: ~
resizerReplicaCount: ~
snapshotterReplicaCount: ~
defaultSettings:
backupTarget: S3://longhorn-master@us-east-1/
backupTargetCredentialSecret: longhorn-backup-token-secret
allowRecurringJobWhileVolumeDetached: ~
createDefaultDiskLabeledNodes: ~
defaultDataPath: ~
defaultDataLocality: ~
replicaSoftAntiAffinity: ~
replicaAutoBalance: ~
storageOverProvisioningPercentage: ~
storageMinimalAvailablePercentage: ~
upgradeChecker: ~
defaultReplicaCount: ~
defaultLonghornStaticStorageClass: longhorn
backupstorePollInterval: ~
taintToleration: ~
systemManagedComponentsNodeSelector: ~
priorityClass: ~
autoSalvage: ~
autoDeletePodWhenVolumeDetachedUnexpectedly: ~
disableSchedulingOnCordonedNode: ~
replicaZoneSoftAntiAffinity: ~
nodeDownPodDeletionPolicy: ~
allowNodeDrainWithLastHealthyReplica: ~
mkfsExt4Parameters: ~
disableReplicaRebuild: ~
replicaReplenishmentWaitInterval: ~
concurrentReplicaRebuildPerNodeLimit: ~
disableRevisionCounter: ~
systemManagedPodsImagePullPolicy: ~
allowVolumeCreationWithDegradedAvailability: ~
autoCleanupSystemGeneratedSnapshot: ~
concurrentAutomaticEngineUpgradePerNodeLimit: ~
backingImageCleanupWaitInterval: ~
backingImageRecoveryWaitInterval: ~
guaranteedEngineManagerCPU: ~
guaranteedReplicaManagerCPU: ~
kubernetesClusterAutoscalerEnabled: ~
orphanAutoDeletion: ~
storageNetwork: ~
privateRegistry:
createSecret: ~
registryUrl: ~
registryUser: ~
registryPasswd: ~
registrySecret: ~
longhornManager:
priorityClass: ~
tolerations: []
## If you want to set tolerations for Longhorn Manager DaemonSet, delete the `[]` in the line above
## and uncomment this example block
# - key: "key"
# operator: "Equal"
# value: "value"
# effect: "NoSchedule"
nodeSelector: {}
## If you want to set node selector for Longhorn Manager DaemonSet, delete the `{}` in the line above
## and uncomment this example block
# label-key1: "label-value1"
# label-key2: "label-value2"
longhornDriver:
priorityClass: ~
tolerations: []
## If you want to set tolerations for Longhorn Driver Deployer Deployment, delete the `[]` in the line above
## and uncomment this example block
# - key: "key"
# operator: "Equal"
# value: "value"
# effect: "NoSchedule"
nodeSelector: {}
## If you want to set node selector for Longhorn Driver Deployer Deployment, delete the `{}` in the line above
## and uncomment this example block
# label-key1: "label-value1"
# label-key2: "label-value2"
longhornUI:
priorityClass: ~
tolerations: []
## If you want to set tolerations for Longhorn UI Deployment, delete the `[]` in the line above
## and uncomment this example block
# - key: "key"
# operator: "Equal"
# value: "value"
# effect: "NoSchedule"
nodeSelector: {}
## If you want to set node selector for Longhorn UI Deployment, delete the `{}` in the line above
## and uncomment this example block
# label-key1: "label-value1"
# label-key2: "label-value2"
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
#
ingress:
enabled: false
## Specify override namespace, specifically this is useful for using longhorn as sub-chart
## and its release namespace is not the `longhorn-system`
namespaceOverride: ""
# Annotations to add to the Longhorn Manager DaemonSet Pods. Optional.
annotations: {}
serviceAccount:
# Annotations to add to the service account
annotations: {}

2
infra/longhorn/templates/ingress.yaml
View File

@@ -3,7 +3,7 @@ kind: IngressRoute
metadata: metadata:
name: longhorn-ingress name: longhorn-ingress
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-production cert-manager.io/cluster-issuer: vault-issuer
spec: spec:
entryPoints: entryPoints:
- websecure - websecure