diff --git a/argocd/templates/keycloak.yaml b/argocd/templates/keycloak.yaml deleted file mode 100644 index e5452a4..0000000 --- a/argocd/templates/keycloak.yaml +++ /dev/null @@ -1,21 +0,0 @@ -#apiVersion: argoproj.io/v1alpha1 -#kind: Application -#metadata: -# name: keycloak -# namespace: argocd -#spec: -# project: default -# source: -# repoURL: https://github.com/DeveloperDurp/homelab.git -# targetRevision: main -# path: keycloak -# destination: -# namespace: keycloak -# name: in-cluster -# syncPolicy: -# automated: -# prune: true -# selfHeal: true -# syncOptions: -# - CreateNamespace=true -# diff --git a/argocd/templates/longhorn-system.yaml b/argocd/templates/longhorn-system.yaml deleted file mode 100644 index 5c6ba45..0000000 --- a/argocd/templates/longhorn-system.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: longhorn-system - namespace: argocd -spec: - project: default - source: - repoURL: https://github.com/DeveloperDurp/homelab.git - targetRevision: main - path: longhorn-system - directory: - recurse: true - destination: - server: https://kubernetes.default.svc - namespace: longhorn-system - syncPolicy: - automated: - prune: true - selfHeal: true - syncOptions: - - CreateNamespace=true diff --git a/longhorn-system/Chart.yaml b/longhorn-system/Chart.yaml deleted file mode 100644 index 0d76656..0000000 --- a/longhorn-system/Chart.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v2 -name: longhorn-system -description: A Helm chart for Kubernetes -type: application - -version: 0.1.0 -appVersion: "1.16.0" diff --git a/longhorn-system/templates/deployment.yaml b/longhorn-system/templates/deployment.yaml deleted file mode 100644 index 76e4fe2..0000000 --- a/longhorn-system/templates/deployment.yaml +++ /dev/null @@ -1,1264 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: longhorn-service-account - namespace: longhorn-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: longhorn-role -rules: -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - "*" -- apiGroups: [""] - resources: ["pods", "events", "persistentvolumes", "persistentvolumeclaims","persistentvolumeclaims/status", "nodes", "proxy/nodes", "pods/log", "secrets", "services", "endpoints", "configmaps"] - verbs: ["*"] -- apiGroups: [""] - resources: ["namespaces"] - verbs: ["get", "list"] -- apiGroups: ["apps"] - resources: ["daemonsets", "statefulsets", "deployments"] - verbs: ["*"] -- apiGroups: ["batch"] - resources: ["jobs", "cronjobs"] - verbs: ["*"] -- apiGroups: ["policy"] - resources: ["poddisruptionbudgets"] - verbs: ["*"] -- apiGroups: ["scheduling.k8s.io"] - resources: ["priorityclasses"] - verbs: ["watch", "list"] -- apiGroups: ["storage.k8s.io"] - resources: ["storageclasses", "volumeattachments", "volumeattachments/status", "csinodes", "csidrivers"] - verbs: ["*"] -- apiGroups: ["snapshot.storage.k8s.io"] - resources: ["volumesnapshotclasses", "volumesnapshots", "volumesnapshotcontents", "volumesnapshotcontents/status"] - verbs: ["*"] -- apiGroups: ["longhorn.io"] - resources: ["volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings", - "engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status", - "sharemanagers", "sharemanagers/status", "backingimages", "backingimages/status", - "backingimagemanagers", "backingimagemanagers/status", "backingimagedatasources", "backingimagedatasources/status", - "backuptargets", "backuptargets/status", "backupvolumes", "backupvolumes/status", "backups", "backups/status", - "recurringjobs", "recurringjobs/status"] - verbs: ["*"] -- apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["*"] -- apiGroups: ["metrics.k8s.io"] - resources: ["pods", "nodes"] - verbs: ["get", "list"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: longhorn-bind -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: longhorn-role -subjects: -- kind: ServiceAccount - name: longhorn-service-account - namespace: longhorn-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: Engine - name: engines.longhorn.io -spec: - group: longhorn.io - names: - kind: Engine - listKind: EngineList - plural: engines - shortNames: - - lhe - singular: engine - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The current state of the engine - jsonPath: .status.currentState - - name: Node - type: string - description: The node that the engine is on - jsonPath: .spec.nodeID - - name: InstanceManager - type: string - description: The instance manager of the engine - jsonPath: .status.instanceManagerName - - name: Image - type: string - description: The current image of the engine - jsonPath: .status.currentImage - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: Replica - name: replicas.longhorn.io -spec: - group: longhorn.io - names: - kind: Replica - listKind: ReplicaList - plural: replicas - shortNames: - - lhr - singular: replica - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The current state of the replica - jsonPath: .status.currentState - - name: Node - type: string - description: The node that the replica is on - jsonPath: .spec.nodeID - - name: Disk - type: string - description: The disk that the replica is on - jsonPath: .spec.diskID - - name: InstanceManager - type: string - description: The instance manager of the replica - jsonPath: .status.instanceManagerName - - name: Image - type: string - description: The current image of the replica - jsonPath: .status.currentImage - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: Setting - name: settings.longhorn.io -spec: - group: longhorn.io - names: - kind: Setting - listKind: SettingList - plural: settings - shortNames: - - lhs - singular: setting - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - x-kubernetes-preserve-unknown-fields: true - additionalPrinterColumns: - - name: Value - type: string - description: The value of the setting - jsonPath: .value - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: Volume - name: volumes.longhorn.io -spec: - group: longhorn.io - names: - kind: Volume - listKind: VolumeList - plural: volumes - shortNames: - - lhv - singular: volume - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The state of the volume - jsonPath: .status.state - - name: Robustness - type: string - description: The robustness of the volume - jsonPath: .status.robustness - - name: Scheduled - type: string - description: The scheduled condition of the volume - jsonPath: .status.conditions['scheduled']['status'] - - name: Size - type: string - description: The size of the volume - jsonPath: .spec.size - - name: Node - type: string - description: The node that the volume is currently attaching to - jsonPath: .status.currentNodeID - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: EngineImage - name: engineimages.longhorn.io -spec: - group: longhorn.io - names: - kind: EngineImage - listKind: EngineImageList - plural: engineimages - shortNames: - - lhei - singular: engineimage - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: State of the engine image - jsonPath: .status.state - - name: Image - type: string - description: The Longhorn engine image - jsonPath: .spec.image - - name: RefCount - type: integer - description: Number of volumes are using the engine image - jsonPath: .status.refCount - - name: BuildDate - type: date - description: The build date of the engine image - jsonPath: .status.buildDate - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: Node - name: nodes.longhorn.io -spec: - group: longhorn.io - names: - kind: Node - listKind: NodeList - plural: nodes - shortNames: - - lhn - singular: node - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: Ready - type: string - description: Indicate whether the node is ready - jsonPath: .status.conditions['Ready']['status'] - - name: AllowScheduling - type: boolean - description: Indicate whether the user disabled/enabled replica scheduling for the node - jsonPath: .spec.allowScheduling - - name: Schedulable - type: string - description: Indicate whether Longhorn can schedule replicas on the node - jsonPath: .status.conditions['Schedulable']['status'] - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: InstanceManager - name: instancemanagers.longhorn.io -spec: - group: longhorn.io - names: - kind: InstanceManager - listKind: InstanceManagerList - plural: instancemanagers - shortNames: - - lhim - singular: instancemanager - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The state of the instance manager - jsonPath: .status.currentState - - name: Type - type: string - description: The type of the instance manager (engine or replica) - jsonPath: .spec.type - - name: Node - type: string - description: The node that the instance manager is running on - jsonPath: .spec.nodeID - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: ShareManager - name: sharemanagers.longhorn.io -spec: - group: longhorn.io - names: - kind: ShareManager - listKind: ShareManagerList - plural: sharemanagers - shortNames: - - lhsm - singular: sharemanager - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The state of the share manager - jsonPath: .status.state - - name: Node - type: string - description: The node that the share manager is owned by - jsonPath: .status.ownerID - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: BackingImage - name: backingimages.longhorn.io -spec: - group: longhorn.io - names: - kind: BackingImage - listKind: BackingImageList - plural: backingimages - shortNames: - - lhbi - singular: backingimage - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: Image - type: string - description: The backing image name - jsonPath: .spec.image - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: BackingImageManager - name: backingimagemanagers.longhorn.io -spec: - group: longhorn.io - names: - kind: BackingImageManager - listKind: BackingImageManagerList - plural: backingimagemanagers - shortNames: - - lhbim - singular: backingimagemanager - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The current state of the manager - jsonPath: .status.currentState - - name: Image - type: string - description: The image the manager pod will use - jsonPath: .spec.image - - name: Node - type: string - description: The node the manager is on - jsonPath: .spec.nodeID - - name: DiskUUID - type: string - description: The disk the manager is responsible for - jsonPath: .spec.diskUUID - - name: DiskPath - type: string - description: The disk path the manager is using - jsonPath: .spec.diskPath - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: BackingImageDataSource - name: backingimagedatasources.longhorn.io -spec: - group: longhorn.io - names: - kind: BackingImageDataSource - listKind: BackingImageDataSourceList - plural: backingimagedatasources - shortNames: - - lhbids - singular: backingimagedatasource - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: State - type: string - description: The current state of the pod used to provisione the backing image file from source - jsonPath: .status.currentState - - name: SourceType - type: string - description: The data source type - jsonPath: .spec.sourceType - - name: Node - type: string - description: The node the backing image file will be prepared on - jsonPath: .spec.nodeID - - name: DiskUUID - type: string - description: The disk the backing image file will be prepared on - jsonPath: .spec.diskUUID - - name: Age - type: date - jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: BackupTarget - name: backuptargets.longhorn.io -spec: - group: longhorn.io - names: - kind: BackupTarget - listKind: BackupTargetList - plural: backuptargets - shortNames: - - lhbt - singular: backuptarget - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: URL - type: string - description: The backup target URL - jsonPath: .spec.backupTargetURL - - name: Credential - type: string - description: The backup target credential secret - jsonPath: .spec.credentialSecret - - name: Interval - type: string - description: The backup target poll interval - jsonPath: .spec.pollInterval - - name: Available - type: boolean - description: Indicate whether the backup target is available or not - jsonPath: .status.available - - name: LastSyncedAt - type: string - description: The backup target last synced time - jsonPath: .status.lastSyncedAt ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: BackupVolume - name: backupvolumes.longhorn.io -spec: - group: longhorn.io - names: - kind: BackupVolume - listKind: BackupVolumeList - plural: backupvolumes - shortNames: - - lhbv - singular: backupvolume - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: CreatedAt - type: string - description: The backup volume creation time - jsonPath: .status.createdAt - - name: LastBackupName - type: string - description: The backup volume last backup name - jsonPath: .status.lastBackupName - - name: LastBackupAt - type: string - description: The backup volume last backup time - jsonPath: .status.lastBackupAt - - name: LastSyncedAt - type: string - description: The backup volume last synced time - jsonPath: .status.lastSyncedAt ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: Backup - name: backups.longhorn.io -spec: - group: longhorn.io - names: - kind: Backup - listKind: BackupList - plural: backups - shortNames: - - lhb - singular: backup - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: SnapshotName - type: string - description: The snapshot name - jsonPath: .status.snapshotName - - name: SnapshotSize - type: string - description: The snapshot size - jsonPath: .status.size - - name: SnapshotCreatedAt - type: string - description: The snapshot creation time - jsonPath: .status.snapshotCreatedAt - - name: State - type: string - description: The backup state - jsonPath: .status.state - - name: LastSyncedAt - type: string - description: The backup last synced time - jsonPath: .status.lastSyncedAt ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - longhorn-manager: RecurringJob - name: recurringjobs.longhorn.io -spec: - group: longhorn.io - names: - kind: RecurringJob - listKind: RecurringJobList - plural: recurringjobs - shortNames: - - lhrj - singular: recurringjob - scope: Namespaced - versions: - - name: v1beta1 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - metadata: - type: object - properties: - name: - type: string - spec: - type: object - properties: - groups: - type: array - items: - type: string - task: - type: string - pattern: "^snapshot|backup$" - cron: - type: string - retain: - type: integer - concurrency: - type: integer - labels: - x-kubernetes-preserve-unknown-fields: true - status: - x-kubernetes-preserve-unknown-fields: true - subresources: - status: {} - additionalPrinterColumns: - - name: Groups - type: string - description: Sets groupings to the jobs. When set to "default" group will be added to the volume label when no other job label exist in volume. - jsonPath: .spec.groups - - name: Task - type: string - description: Should be one of "backup" or "snapshot". - jsonPath: .spec.task - - name: Cron - type: string - description: The cron expression represents recurring job scheduling. - jsonPath: .spec.cron - - name: Retain - type: integer - description: The number of snapshots/backups to keep for the volume. - jsonPath: .spec.retain - - name: Concurrency - type: integer - description: The concurrent job to run by each cron job. - jsonPath: .spec.concurrency - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - - name: Labels - type: string - description: Specify the labels - jsonPath: .spec.labels ---- ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: longhorn-default-setting - namespace: longhorn-system -data: - default-setting.yaml: |- - backup-target: S3://longhorn@us-east-1/ - backup-target-credential-secret: longhorn-backup-token-secret - allow-recurring-job-while-volume-detached: - create-default-disk-labeled-nodes: - default-data-path: - replica-soft-anti-affinity: - replica-auto-balance: - storage-over-provisioning-percentage: - storage-minimal-available-percentage: - upgrade-checker: - default-replica-count: - default-data-locality: - default-longhorn-static-storage-class: - backupstore-poll-interval: - taint-toleration: - system-managed-components-node-selector: - priority-class: - auto-salvage: - auto-delete-pod-when-volume-detached-unexpectedly: - disable-scheduling-on-cordoned-node: - replica-zone-soft-anti-affinity: - node-down-pod-deletion-policy: - allow-node-drain-with-last-healthy-replica: - mkfs-ext4-parameters: - disable-replica-rebuild: - replica-replenishment-wait-interval: - concurrent-replica-rebuild-per-node-limit: - disable-revision-counter: - system-managed-pods-image-pull-policy: - allow-volume-creation-with-degraded-availability: - auto-cleanup-system-generated-snapshot: - concurrent-automatic-engine-upgrade-per-node-limit: - backing-image-cleanup-wait-interval: - backing-image-recovery-wait-interval: - guaranteed-engine-manager-cpu: - guaranteed-replica-manager-cpu: ---- -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: longhorn-psp -spec: - privileged: true - allowPrivilegeEscalation: true - requiredDropCapabilities: - - NET_RAW - allowedCapabilities: - - SYS_ADMIN - hostNetwork: false - hostIPC: false - hostPID: true - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - fsGroup: - rule: RunAsAny - supplementalGroups: - rule: RunAsAny - volumes: - - configMap - - downwardAPI - - emptyDir - - secret - - projected - - hostPath ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: longhorn-psp-role - namespace: longhorn-system -rules: - - apiGroups: - - policy - resources: - - podsecuritypolicies - verbs: - - use - resourceNames: - - longhorn-psp ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: longhorn-psp-binding - namespace: longhorn-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: longhorn-psp-role -subjects: - - kind: ServiceAccount - name: longhorn-service-account - namespace: longhorn-system - - kind: ServiceAccount - name: default - namespace: longhorn-system ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: longhorn-storageclass - namespace: longhorn-system -data: - storageclass.yaml: | - kind: StorageClass - apiVersion: storage.k8s.io/v1 - metadata: - name: longhorn - provisioner: driver.longhorn.io - allowVolumeExpansion: true - reclaimPolicy: Retain - volumeBindingMode: Immediate - parameters: - fsType: "ext4" - numberOfReplicas: "1" - staleReplicaTimeout: "2880" - fromBackup: "" - recurringJobs: '[ - { - "name":"backup", - "task":"backup", - "cron":"0 */6 * * *", - "retain":24 - } - ]' - - # backingImage: "bi-test" - # backingImageDataSourceType: "download" - # backingImageDataSourceParameters: '{"url": "https://backing-image-example.s3-region.amazonaws.com/test-backing-image"}' - # backingImageChecksum: "SHA512 checksum of the backing image" - # diskSelector: "ssd,fast" - # nodeSelector: "storage,fast" - # recurringJobSelector: '[{"name":"snap-group", "isGroup":true}, - # {"name":"backup", "isGroup":false}]' ---- -apiVersion: apps/v1 -kind: DaemonSet -metadata: - labels: - app: longhorn-manager - name: longhorn-manager - namespace: longhorn-system -spec: - selector: - matchLabels: - app: longhorn-manager - template: - metadata: - labels: - app: longhorn-manager - spec: - containers: - - name: longhorn-manager - image: longhornio/longhorn-manager:v1.2.4 - imagePullPolicy: IfNotPresent - securityContext: - privileged: true - command: - - longhorn-manager - - -d - - daemon - - --engine-image - - longhornio/longhorn-engine:v1.2.4 - - --instance-manager-image - - longhornio/longhorn-instance-manager:v1_20220303 - - --share-manager-image - - longhornio/longhorn-share-manager:v1_20211020 - - --backing-image-manager-image - - longhornio/backing-image-manager:v2_20210820 - - --manager-image - - longhornio/longhorn-manager:v1.2.4 - - --service-account - - longhorn-service-account - ports: - - containerPort: 9500 - name: manager - readinessProbe: - tcpSocket: - port: 9500 - volumeMounts: - - name: dev - mountPath: /host/dev/ - - name: proc - mountPath: /host/proc/ - - name: longhorn - mountPath: /var/lib/longhorn/ - mountPropagation: Bidirectional - - name: longhorn-default-setting - mountPath: /var/lib/longhorn-setting/ - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - # Should be: mount path of the volume longhorn-default-setting + the key of the configmap data in 04-default-setting.yaml - - name: DEFAULT_SETTING_PATH - value: /var/lib/longhorn-setting/default-setting.yaml - volumes: - - name: dev - hostPath: - path: /dev/ - - name: proc - hostPath: - path: /proc/ - - name: longhorn - hostPath: - path: /var/lib/longhorn/ - - name: longhorn-default-setting - configMap: - name: longhorn-default-setting -# imagePullSecrets: -# - name: "" -# priorityClassName: -# tolerations: -# - key: "key" -# operator: "Equal" -# value: "value" -# effect: "NoSchedule" -# nodeSelector: -# label-key1: "label-value1" -# label-key2: "label-value2" - serviceAccountName: longhorn-service-account - updateStrategy: - rollingUpdate: - maxUnavailable: "100%" ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: longhorn-manager - name: longhorn-backend - namespace: longhorn-system -spec: - type: ClusterIP - sessionAffinity: ClientIP - selector: - app: longhorn-manager - ports: - - name: manager - port: 9500 - targetPort: manager ---- -apiVersion: v1 -kind: Service -metadata: - name: longhorn-engine-manager - namespace: longhorn-system -spec: - clusterIP: None - selector: - longhorn.io/component: instance-manager - longhorn.io/instance-manager-type: engine ---- -apiVersion: v1 -kind: Service -metadata: - name: longhorn-replica-manager - namespace: longhorn-system -spec: - clusterIP: None - selector: - longhorn.io/component: instance-manager - longhorn.io/instance-manager-type: replica ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: longhorn-ui - name: longhorn-ui - namespace: longhorn-system -spec: - replicas: 1 - selector: - matchLabels: - app: longhorn-ui - template: - metadata: - labels: - app: longhorn-ui - spec: - containers: - - name: longhorn-ui - image: longhornio/longhorn-ui:v1.2.4 - imagePullPolicy: IfNotPresent - volumeMounts: - - name : nginx-cache - mountPath: /var/cache/nginx/ - - name : nginx-config - mountPath: /var/config/nginx/ - - name: var-run - mountPath: /var/run/ - ports: - - containerPort: 8000 - name: http - env: - - name: LONGHORN_MANAGER_IP - value: "http://longhorn-backend:9500" - volumes: - - emptyDir: {} - name: nginx-cache - - emptyDir: {} - name: nginx-config - - emptyDir: {} - name: var-run -# imagePullSecrets: -# - name: "" -# priorityClassName: -# tolerations: -# - key: "key" -# operator: "Equal" -# value: "value" -# effect: "NoSchedule" -# nodeSelector: -# label-key1: "label-value1" -# label-key2: "label-value2" ---- -kind: Service -apiVersion: v1 -metadata: - labels: - app: longhorn-ui - name: longhorn-frontend - namespace: longhorn-system -spec: - type: ClusterIP - selector: - app: longhorn-ui - ports: - - name: http - port: 80 - targetPort: http - nodePort: null ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: longhorn-driver-deployer - namespace: longhorn-system -spec: - replicas: 1 - selector: - matchLabels: - app: longhorn-driver-deployer - template: - metadata: - labels: - app: longhorn-driver-deployer - spec: - initContainers: - - name: wait-longhorn-manager - image: longhornio/longhorn-manager:v1.2.4 - command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" http://longhorn-backend:9500/v1) != "200" ]; do echo waiting; sleep 2; done'] - containers: - - name: longhorn-driver-deployer - image: longhornio/longhorn-manager:v1.2.4 - imagePullPolicy: IfNotPresent - command: - - longhorn-manager - - -d - - deploy-driver - - --manager-image - - longhornio/longhorn-manager:v1.2.4 - - --manager-url - - http://longhorn-backend:9500/v1 - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: SERVICE_ACCOUNT - valueFrom: - fieldRef: - fieldPath: spec.serviceAccountName - # Manually set root directory for csi - #- name: KUBELET_ROOT_DIR - # value: /var/lib/rancher/k3s/agent/kubelet - # For AirGap Installation - # Replace PREFIX with your private registry - #- name: CSI_ATTACHER_IMAGE - # value: PREFIX/csi-attacher:v3.2.1 - #- name: CSI_PROVISIONER_IMAGE - # value: PREFIX/csi-provisioner:v2.1.2 - #- name: CSI_NODE_DRIVER_REGISTRAR_IMAGE - # value: PREFIX/csi-node-driver-registrar:v2.3.0 - #- name: CSI_RESIZER_IMAGE - # value: PREFIX/csi-resizer:v1.2.0 - #- name: CSI_SNAPSHOTTER_IMAGE - # value: PREFIX/csi-snapshotter:v3.0.3 - # Manually specify number of CSI attacher replicas - #- name: CSI_ATTACHER_REPLICA_COUNT - # value: "3" - # Manually specify number of CSI provisioner replicas - #- name: CSI_PROVISIONER_REPLICA_COUNT - # value: "3" - #- name: CSI_RESIZER_REPLICA_COUNT - # value: "3" - #- name: CSI_SNAPSHOTTER_REPLICA_COUNT - # value: "3" -# imagePullSecrets: -# - name: "" -# priorityClassName: -# tolerations: -# - key: "key" -# operator: "Equal" -# value: "value" -# effect: "NoSchedule" -# nodeSelector: -# label-key1: "label-value1" -# label-key2: "label-value2" - serviceAccountName: longhorn-service-account - securityContext: - runAsUser: 0 ---- diff --git a/longhorn-system/templates/ingress.yaml b/longhorn-system/templates/ingress.yaml deleted file mode 100644 index 112c40a..0000000 --- a/longhorn-system/templates/ingress.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: longhorn-ingress - annotations: - kubernetes.io/ingress.class: nginx - cert-manager.io/cluster-issuer: letsencrypt-production - nginx.ingress.kubernetes.io/auth-url: |- - http://ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx - nginx.ingress.kubernetes.io/auth-signin: |- - https://longhorn.durp.info/outpost.goauthentik.io/start?rd=$escaped_request_uri - nginx.ingress.kubernetes.io/auth-response-headers: |- - Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid - nginx.ingress.kubernetes.io/auth-snippet: | - proxy_set_header X-Forwarded-Host $http_host; - nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16" -spec: - rules: - - host: longhorn.durp.info - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: longhorn-frontend - port: - number: 80 - - path: /outpost.goauthentik.io - pathType: Prefix - backend: - service: - name: ak-outpost-authentik-embedded-outpost - port: - number: 9000 - tls: - - hosts: - - longhorn.durp.info - secretName: longhorn-tls - - ---- - -kind: Service -apiVersion: v1 -metadata: - name: ak-outpost-authentik-embedded-outpost -spec: - type: ExternalName - externalName: ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local diff --git a/longhorn-system/templates/longhorn-minio-sealed.yaml b/longhorn-system/templates/longhorn-minio-sealed.yaml deleted file mode 100644 index b5b9b2c..0000000 --- a/longhorn-system/templates/longhorn-minio-sealed.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: longhorn-backup-token-secret - namespace: longhorn-system -spec: - encryptedData: - AWS_ACCESS_KEY_ID: AgBymd0rPV936HYhBzhVoS9+yyJUUnmvFR3Z8a69J5gYILnwwLYpTLNwrNt442S0/gqmsH6ndU2l3SoCxXGdv/yf4WUIA2v++IclJFhSGmvzxqv+UKM6KzLJ6ECaibVcBOhJxYbmwG+qkNjhTKn9CK2IJx5xN4p0WQL/aU8DZYnb3YB/bZscQlZVzJ+27QCeU0SDOIV3b7X56hz+075bo1awHnKc1uvnxe9uz+Lr5UipJhrSM/IHFfFhtl5SyPRyF6Tz0LGRrxd9uKPy1MAoEnYXO9MvoUJi1DEGtbZnp8QH1WCpu+Hl+gyKnkqJh+mmkdxcCqo36fTHbSA7acQ/rtzYYnJbLXg5vy3GxfN1MByVE5yg9CLiAu7CPl4hMwlR5WM/obEHiMEKl5ukzjTI4MN4eF/NZNwC/8kmGnoyNL2EQJHPFj1VpQk7CuKKNO/YDD2DGh0Hw1ysTiAXUV1u5sM6k5MzdmG16zddbK5jdZw09SfoprwMWxFDQrPFDRF1H0rbGurLf/1BxaRn34Klz+mAKDARtxZ5PyLn2WDbuoF79Odwt3dqHbXqXTGJvqb7A2wUe+2eDpcR0bv8ruwq8E4MfJLoDahgEH4NXYwvF/6OS0oUEpfQaHzA4C63y9Vs2w9kUopFwNRa/vRUlxXv8ZIHsIUVnWkQycrukE9fzO+5Dlp/uYT7yhltJjRgBWx8qzsXz9v3ebEnut1Smiv3LyaF - AWS_ENDPOINTS: AgCVb6ge099ScIfgWttv+Pj/s9UP5JNWQRValqTCYOVgenbIcNZC9YkYSItg2QQQpZaGcbp4URxHJJd6fLarZNjXrdWaqIRMzWiyhLmGWsMfyhmYNhzsq8vzZEjYX/9GhsJyZRP3fz8lm6YojBSUJ60hOc5jRCbqtS5EJjUkkH7zwRdt1iKueNkjc9EnkhS/bs/x4BcwNiAPYCfUoyOWFtyZXQnGUFZgGqcFbkam3K/NrbahnckHdGCZAdDH5h4DTv/EZzU9tsHFl4oxlzYNQzm3xjMe2JrftJBAAv3Nfqlo4PXA9q+FURhGhSTwSfRWDEWlLDRnEVWTGGeNT2SBQCdrcV3MzhC49mbD0X/jGMJlbtl5ol5N7bN5Ft3X5zVpATHT2d+3SkByt1nL/aTa2VKoGwUUnkaEs2BkPVD3ErzWlHiDkVROgRAdhCx8LNGJP57Li7lmvc1JeH0map4RpfW72CRiGTnCicIS9663VZErHbNKNhun3YbS+GykLFURUu6l47c5RX1qiF3TOYbFA+SocBUUoe6OzgIKSiU35F0wHH0S2CwOx9qfl2JAKyAdRcsDCEdh/0ZWmCU5Oloml9Igooirt41tbEMV/IqvHO8EGNX+Xgt7IcLJ56yzoAs8Ng1oTFERu4FjjNnpQr4ph2s/TZsutls9VgagJs/U0TcCyib+olWCCweW5YAH0VLOkYF6CCJO67+kI6Rw0yuF1yisgrYVCNbHx1wRFg== - AWS_SECRET_ACCESS_KEY: AgA4GmNtldp7PK35ra7HwavACWRZ03jr/3GLAiEB/Ff5Cmc0A3cjj+Mb4/+xUf11DS07AWlCs3aIcnyQ7DRtdQChIUK1ZYnDRPMBz/uH6BbIrWlqlDz5wRg5GZ5pUrK9hHxa9cj3MBaJIjl5WnPuFszFwz2y5LkeghiVIsy4zgFbvKyyE4HNR2lZFmzihH384JlYhm60zXu8+nTvIlRx/8AHxLvnXCld94odbSzd91+Vj5FN6I+05BiGqlAM4jzU9eUBKMckOKig22JXQIPIeMjYUh59J59OPK3UxC/+SFUWcr4hZBskM9KLF9OCb145C73yZBNFBkE4VgoKb+YcvgzdS6NrzzId+E22lubwEBHN8SYpWFihtZmjUzg/Dx0/w5IDkXROUK0zuxuj67OuzLFkgBR0F7+yqZXsf5ysYhW1z3ibeppfhzTTwiwN2JdWLc+fAt0UsHWv9GH7+ryGQ/Yq+w/3o6wWcBWCe5CU7bEu4rDQ8hdrwftTvBYrQziU4PaAk9AOMg0tMoGPWv06Kzf7wTPhVTAxdBuOMJNmkWDzs0RIMEf0V+MyVqZ36TlSg45RriX+Zv7TUnkrHiuhBFtkFj2muCP9SeaoPxFn4YGT2J4p3LNYY/2YGhaofQYFbmyb2IFSGViLe5jf0M4vM2i08CvKT1hH8cX6agEYK/TOU1DXkLPz6F2ir2W10v6AF2Eml94ZIFEB8jn5FKVHItnvYqEu+wB9wk0pCcQV4VDjQg== - template: - data: null - metadata: - creationTimestamp: null - name: longhorn-backup-token-secret - namespace: longhorn-system - diff --git a/longhorn-system/values.yaml b/longhorn-system/values.yaml deleted file mode 100644 index e69de29..0000000