From aa752797e3852a674cbd73306bcc9dcb6376ded4 Mon Sep 17 00:00:00 2001 From: DeveloperDurp Date: Sat, 3 Dec 2022 05:43:04 -0600 Subject: [PATCH] longhorn helm chart --- argocd/templates/longhorn.yaml | 21 +++ keycloak/Chart.yaml | 11 -- keycloak/templates/keyclock.yaml | 17 --- keycloak/values.yaml | 114 --------------- longhorn/Chart.yaml | 12 ++ longhorn/values.yaml | 236 +++++++++++++++++++++++++++++++ 6 files changed, 269 insertions(+), 142 deletions(-) create mode 100644 argocd/templates/longhorn.yaml delete mode 100644 keycloak/Chart.yaml delete mode 100644 keycloak/templates/keyclock.yaml delete mode 100644 keycloak/values.yaml create mode 100644 longhorn/Chart.yaml create mode 100644 longhorn/values.yaml diff --git a/argocd/templates/longhorn.yaml b/argocd/templates/longhorn.yaml new file mode 100644 index 0000000..10c7a9a --- /dev/null +++ b/argocd/templates/longhorn.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: longhorn + namespace: argocd +spec: + project: default + source: + repoURL: https://github.com/DeveloperDurp/homelab.git + targetRevision: main + path: longhorn + destination: + namespace: longhorn + name: in-cluster + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + diff --git a/keycloak/Chart.yaml b/keycloak/Chart.yaml deleted file mode 100644 index 504fdd9..0000000 --- a/keycloak/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: keycloak -description: A Helm chart for Kubernetes -type: application -version: 0.0.1 -appVersion: 0.0.1 - -dependencies: -- name: keycloak - repository: https://charts.bitnami.com/bitnami - version: 10.1.4 diff --git a/keycloak/templates/keyclock.yaml b/keycloak/templates/keyclock.yaml deleted file mode 100644 index 009625f..0000000 --- a/keycloak/templates/keyclock.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - creationTimestamp: null - name: keycloak-credentials - namespace: keycloak -spec: - encryptedData: - admin-password: AgAahQvC7WJ0AQuDEC1trSxEi2C8AeJwhz1nzH+44V6rt3lxiCjWzDJcIFsnXhQJDk+Cpn9vuyZarIgwUhegpJlkdILURnWa6Zc6XvbDCCBoQ2aqQWvMbG56DZdzK352G+taPny8/wAdXFAsDx3vSG0wfrmIU7Fo1IJKdvdKI204L+zJ8Msvkodoj9gt8Iq1ZkIGYk2jaN5eGuRr2g9qkCMPdInR/Vj9nrlUmS1w9MJv5Jr3djSkTaENucTpaqtl0dtJv7Br7mWZ6QTWKsuVa/UwaIm//wcw+RQh3QHqrau7KOeZdEy3xVJf8w5XkSQam/qcFL5MP1WYzLiuaGvQlsQlaI5ud9bFW/rFerGaOvWxs4elrFQjkxwqegyFPg41s8tTwA0/D46bhetRm+TzhXa/nAgsj9CI53SQhNFRsmNH3gQghsL2C8PS67b+Rk4kJ3XxPFegMRLZqNe55u5dN5eTsNyq0yDLaqf3extTogwtLMB4G68TwFxCVuMecoeRvFitl3WJyDtPGr2fWGhoOr3QzZn8hlw3e5+Kx3w1KATMd1WGonp2w+IIOe8nLMXQDHGAJaCG5u8BNjHhdIRS+0mDHp40jNSdaFlM9OrEpsnfUU25+H3cEn5f2Bd9OYzWWFrOr60CBvG3qIBnMytHOKtXC8vqrhSdtSScgqIqbcYGHFzts/fujc3IUvjeoGyrTGwB3o6DUTxD3+uMNsI= - password: AgBruTBtb5AXviMuqM4eimlN6SwwJaXf3XBKX/2K7oYG8XTMJNq7135imrPULdvgR7rA5RLKXPiE5bZV/kkJhANbJuf/H4g6R0c0eBVEzoM+dlLHN5ktFrwAGaNsAim/UH5CmPATap8QtVfdBmQwBO1fdmCbtXqYJq0yhHSs7XeE+M8b408Sn2tr95i0/8wLqii4/as0B3Ecqrx8g66P0pPcMEsp3CuJTppchIQu35Ty6rKTHrwhcs2OZpfUu0oevAaVQwPulNYQ4tG6y+z2CT1bsJ3W7OS4HnhRtONiG8URlcrFgkBfwYQbofl781DskcjWxIlpOmyFl3m5riWrNHmznhalptScr7Eg+vxPHCeK5XjMD5Rg5z6YYPpfXwmq1rReCv9IWMaMV+0LdaTiU0JTKT6mfJxuZEtwBmU6N4Z00EIGghYFZ/xZ2Ld9jqfOl53QCapv2lqWN26+ZAr8FB7I0qQ7qWp2iMbaoKNZ2YMopjDQm8PEH328GXOuE+pPZM5V6rEw53urJn3pOf1ZUAEzoKo1zOqzU54Scg1xARHQI17RdyiR8+jbzmztV38orpf4jT/srxdPKUZKTI099kt+qB3YAkPrxgESq//fcIme1q2Ox1H3vVQydFRWXrDCXDX8WA1tdwKHBZwBhQJ5DKAXRRSLLXxGqmPG36WZ7du+KfPTIYpq+Mh2Hut750ALZ5XnMnioxc3OTLGzjiY= - postgres-password: AgARK2JKzY8lXbAxBxZYkpjoKPY9wMFgVrVtaZpS5gs0p9M+pRdEhSPVfQxJ/MzrkadBWxaCd3ShracqQLy+WvnCXc3hI65TKKgTp6uwkGppWnKg2AA3JICwMDOdax/U2qbsKXjdbC0XEsRlJBCBaIZ3Tr5cbCx7eZYgg5RsBXGP3rz6joeV30CU6qH2Q466WsdHl7PECyroTwc9uQ1eTB96b5Tw+VS/uJjQv4EP0Yte9ljfxbpQofuf2DmiJCAcDsulJLhebwGVDjAX+sF01NBEJT3Oau3P9MwHDwuoOXZguK/RRE+vrkU/EfnsTaOJhGxgKGGV5DmM5HRkV74ezxbyh44UgkKkhw6SvjX8W8V08eZmBvJXGpsldsIM8QlV9nO+xJWMK9G62HCjL0TZb/QwbaQWXq/7u4Rl0QWtJA7FNdlJwkJhzQXhgMUYXjcC1R22iuq5qYLs/93Q2MMKpOcsyyMo2p/P2mTJSncPPZQjuwSr2WXnGAbMLfYSQ3aiCGJfbB0rRQeMVDv5rvtWlRb6jggycZcfVH2Zxe1ggjRoWT+mUMyIuC4L8MPe6JcZJljbN57499QRZfZM+EfqVT2lkvGokQNyHPF5cpbezbZAFkQCIBwF6C3laPAkwb2Kgk44yf+umznl6hNm8B8JLmkYmLQVZOlyZ++tscPrmD4CQxKJmlawZ8DVODfz8rVrwsd9CLfBd/Fn6iSnJo0= - template: - data: null - metadata: - creationTimestamp: null - name: keycloak-credentials - namespace: keycloak \ No newline at end of file diff --git a/keycloak/values.yaml b/keycloak/values.yaml deleted file mode 100644 index 865d0fb..0000000 --- a/keycloak/values.yaml +++ /dev/null @@ -1,114 +0,0 @@ -keycloak: - - global: - storageClass: nfs-storage - - image: - registry: docker.io - repository: bitnami/keycloak - digest: "" - pullPolicy: Always - pullSecrets: [] - debug: false - auth: - adminUser: user - existingSecret: "keycloak-credentials" - existingSecretPerPassword: {} - - replicaCount: 1 - - containerPorts: - http: 8080 - https: 8443 - - podSecurityContext: - enabled: true - fsGroup: 1001 - - containerSecurityContext: - enabled: true - runAsUser: 1001 - runAsNonRoot: true - - resources: - limits: {} - requests: {} - - livenessProbe: - enabled: true - initialDelaySeconds: 300 - periodSeconds: 1 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - - readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - - startupProbe: - enabled: false - - updateStrategy: - type: RollingUpdate - rollingUpdate: {} - - service: - type: ClusterIP - http: - enabled: true - ports: - http: 80 - https: 443 - - ingress: - enabled: true - ingressClassName: "" - pathType: ImplementationSpecific - hostname: keycloak.durp.info - servicePort: http - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production - kubernetes.io/ingress.class: nginx - tls: - - secretName: keycloak-tls - hosts: - - keycloak.durp.info - selfSigned: false - secrets: [] - extraRules: [] - - - serviceAccount: - create: true - name: "" - automountServiceAccountToken: true - annotations: {} - - postgresql: - enabled: true - auth: - username: bn_keycloak - database: bitnami_keycloak - existingSecret: "keycloak-credentials" - architecture: standalone - - externalDatabase: - host: "" - port: 5432 - user: bn_keycloak - database: bitnami_keycloak - password: "password122" - existingSecret: "" - existingSecretPasswordKey: "" - - cache: - enabled: false - - logging: - output: default - diff --git a/longhorn/Chart.yaml b/longhorn/Chart.yaml new file mode 100644 index 0000000..310c77e --- /dev/null +++ b/longhorn/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v2 +name: longhorn +description: A Helm chart for Kubernetes +type: application + +version: 0.1.0 +appVersion: "1.16.0" + +dependencies: +- name: longhorn + repository: https://charts.longhorn.io + version: 1.3.2 diff --git a/longhorn/values.yaml b/longhorn/values.yaml new file mode 100644 index 0000000..e7ea3b4 --- /dev/null +++ b/longhorn/values.yaml @@ -0,0 +1,236 @@ +longhorn: + + # Default values for longhorn. + # This is a YAML-formatted file. + # Declare variables to be passed into your templates. + global: + cattle: + systemDefaultRegistry: "" + + image: + longhorn: + engine: + repository: longhornio/longhorn-engine + manager: + repository: longhornio/longhorn-manager + ui: + repository: longhornio/longhorn-ui + instanceManager: + repository: longhornio/longhorn-instance-manager + shareManager: + repository: longhornio/longhorn-share-manager + backingImageManager: + repository: longhornio/backing-image-manager + csi: + attacher: + repository: longhornio/csi-attacher + provisioner: + repository: longhornio/csi-provisioner + nodeDriverRegistrar: + repository: longhornio/csi-node-driver-registrar + resizer: + repository: longhornio/csi-resizer + snapshotter: + repository: longhornio/csi-snapshotter + pullPolicy: always + + service: + ui: + type: ClusterIP + nodePort: null + manager: + type: ClusterIP + nodePort: "" + loadBalancerIP: "" + loadBalancerSourceRanges: "" + + persistence: + defaultClass: true + defaultFsType: ext4 + defaultClassReplicaCount: 3 + defaultDataLocality: disabled # best-effort otherwise + reclaimPolicy: Delete + migratable: false + recurringJobSelector: + enable: false + jobList: [] + backingImage: + enable: false + name: ~ + dataSourceType: ~ + dataSourceParameters: ~ + expectedChecksum: ~ + + csi: + kubeletRootDir: ~ + attacherReplicaCount: ~ + provisionerReplicaCount: ~ + resizerReplicaCount: ~ + snapshotterReplicaCount: ~ + + defaultSettings: + backupTarget: ~ + backupTargetCredentialSecret: ~ + allowRecurringJobWhileVolumeDetached: ~ + createDefaultDiskLabeledNodes: ~ + defaultDataPath: ~ + defaultDataLocality: ~ + replicaSoftAntiAffinity: ~ + replicaAutoBalance: ~ + storageOverProvisioningPercentage: ~ + storageMinimalAvailablePercentage: ~ + upgradeChecker: ~ + defaultReplicaCount: ~ + defaultLonghornStaticStorageClass: ~ + backupstorePollInterval: ~ + taintToleration: ~ + systemManagedComponentsNodeSelector: ~ + priorityClass: ~ + autoSalvage: ~ + autoDeletePodWhenVolumeDetachedUnexpectedly: ~ + disableSchedulingOnCordonedNode: ~ + replicaZoneSoftAntiAffinity: ~ + nodeDownPodDeletionPolicy: ~ + allowNodeDrainWithLastHealthyReplica: ~ + mkfsExt4Parameters: ~ + disableReplicaRebuild: ~ + replicaReplenishmentWaitInterval: ~ + concurrentReplicaRebuildPerNodeLimit: ~ + disableRevisionCounter: ~ + systemManagedPodsImagePullPolicy: ~ + allowVolumeCreationWithDegradedAvailability: ~ + autoCleanupSystemGeneratedSnapshot: ~ + concurrentAutomaticEngineUpgradePerNodeLimit: ~ + backingImageCleanupWaitInterval: ~ + backingImageRecoveryWaitInterval: ~ + guaranteedEngineManagerCPU: ~ + guaranteedReplicaManagerCPU: ~ + kubernetesClusterAutoscalerEnabled: ~ + orphanAutoDeletion: ~ + storageNetwork: ~ + privateRegistry: + createSecret: ~ + registryUrl: ~ + registryUser: ~ + registryPasswd: ~ + registrySecret: ~ + + longhornManager: + priorityClass: ~ + tolerations: [] + ## If you want to set tolerations for Longhorn Manager DaemonSet, delete the `[]` in the line above + ## and uncomment this example block + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + nodeSelector: {} + ## If you want to set node selector for Longhorn Manager DaemonSet, delete the `{}` in the line above + ## and uncomment this example block + # label-key1: "label-value1" + # label-key2: "label-value2" + + longhornDriver: + priorityClass: ~ + tolerations: [] + ## If you want to set tolerations for Longhorn Driver Deployer Deployment, delete the `[]` in the line above + ## and uncomment this example block + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + nodeSelector: {} + ## If you want to set node selector for Longhorn Driver Deployer Deployment, delete the `{}` in the line above + ## and uncomment this example block + # label-key1: "label-value1" + # label-key2: "label-value2" + + longhornUI: + priorityClass: ~ + tolerations: [] + ## If you want to set tolerations for Longhorn UI Deployment, delete the `[]` in the line above + ## and uncomment this example block + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + nodeSelector: {} + ## If you want to set node selector for Longhorn UI Deployment, delete the `{}` in the line above + ## and uncomment this example block + # label-key1: "label-value1" + # label-key2: "label-value2" + + resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + # + + ingress: + ## Set to true to enable ingress record generation + enabled: false + + ## Add ingressClassName to the Ingress + ## Can replace the kubernetes.io/ingress.class annotation on v1.18+ + ingressClassName: ~ + + host: sslip.io + + ## Set this to true in order to enable TLS on the ingress record + ## A side effect of this will be that the backend service will be connected at port 443 + tls: false + + ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS + tlsSecret: longhorn.local-tls + + ## If ingress is enabled you can set the default ingress path + ## then you can access the UI by using the following full path {{host}}+{{path}} + path: / + + ## Ingress annotations done as key:value pairs + ## If you're using kube-lego, you will want to add: + ## kubernetes.io/tls-acme: true + ## + ## For a full list of possible ingress annotations, please see + ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md + ## + ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set + annotations: + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: true + + secrets: + ## If you're providing your own certificates, please use this to add the certificates as secrets + ## key and certificate should start with -----BEGIN CERTIFICATE----- or + ## -----BEGIN RSA PRIVATE KEY----- + ## + ## name should line up with a tlsSecret set further up + ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set + ## + ## It is also possible to create and manage the certificates outside of this helm chart + ## Please see README.md for more information + # - name: longhorn.local-tls + # key: + # certificate: + + # Configure a pod security policy in the Longhorn namespace to allow privileged pods + enablePSP: true + + ## Specify override namespace, specifically this is useful for using longhorn as sub-chart + ## and its release namespace is not the `longhorn-system` + namespaceOverride: "" + + # Annotations to add to the Longhorn Manager DaemonSet Pods. Optional. + annotations: {} + + serviceAccount: + # Annotations to add to the service account + annotations: {} + \ No newline at end of file