alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Alex Lebens
2024-05-22 12:49:28 -05:00
commit 35b77bb0df
219 changed files with 9997 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
clusters/cl01tl/storage/cloudnative-pg/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v2
name: cloudnative-pg
version: 0.0.1
sources:
- https://github.com/cloudnative-pg/cloudnative-pg
- https://github.com/cloudnative-pg/charts
dependencies:
- name: cloudnative-pg
version: 0.21.2
repository: https://cloudnative-pg.io/charts/
appVersion: "1.23.1"

4
clusters/cl01tl/storage/cloudnative-pg/values.yaml Normal file
View File

@@ -0,0 +1,4 @@
cloudnative-pg:
replicaCount: 2
monitoring:
podMonitorEnabled: true

11
clusters/cl01tl/storage/democratic-csi-synology-iscsi/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v2
name: democratic-csi-synology-iscsi
version: 0.0.1
sources:
- https://github.com/democratic-csi/democratic-csi
- https://github.com/democratic-csi/charts
dependencies:
- name: democratic-csi
repository: https://democratic-csi.github.io/charts/
version: 0.14.6
appVersion: 0.14.5

23
clusters/cl01tl/storage/democratic-csi-synology-iscsi/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,23 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: synology-iscsi-config-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: {{ .Release.Name }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: driver-config-file.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /synology/config
metadataPolicy: None
property: driver-config-file.yaml

37
clusters/cl01tl/storage/democratic-csi-synology-iscsi/values.yaml Normal file
View File

@@ -0,0 +1,37 @@
democratic-csi:
driver:
existingConfigSecret: synology-iscsi-config-secret
config:
driver: synology-iscsi
csiDriver:
name: "org.democratic-csi.iscsi-synology"
controller:
enabled: true
rbac:
enabled: true
replicaCount: 2
storageClasses:
- name: synology-iscsi-delete
defaultClass: false
reclaimPolicy: Delete
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
fsType: ext4
- name: synology-iscsi-retain
defaultClass: false
reclaimPolicy: Retain
volumeBindingMode: Immediate
allowVolumeExpansion: true
parameters:
fsType: ext4
node:
hostPID: true
driver:
extraEnv:
- name: ISCSIADM_HOST_STRATEGY
value: nsenter
- name: ISCSIADM_HOST_PATH
value: /usr/local/sbin/iscsiadm
iscsiDirHostPath: /usr/local/etc/iscsi
iscsiDirHostPathType: ""

11
clusters/cl01tl/storage/local-path-provisioner/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v2
name: local-path-provisioner
version: 1.0.0
sources:
- https://github.com/rancher/local-path-provisioner
- https://github.com/rancher/local-path-provisioner/tree/master/deploy/chart/local-path-provisioner
dependencies:
- name: local-path-provisioner
version: 0.0.26
repository: https://charts.containeroo.ch
appVersion: 0.0.26

42
clusters/cl01tl/storage/local-path-provisioner/values.yaml Normal file
View File

@@ -0,0 +1,42 @@
local-static-provisioner:
image:
repository: rancher/local-path-provisioner
tag: v0.0.26
storageClass:
create: true
defaultClass: false
defaultVolumeType: hostPath
name: local-path
reclaimPolicy: Delete
volumeBindingMode: WaitForFirstConsumer
nodePathMap:
- node: talos-di4-2sr
paths:
- /var/local-path-provisioner
- node: talos-pqo-s7t
paths:
- /var/local-path-provisioner
- node: talos-89d-c5v
paths:
- /var/local-path-provisioner
affinity:
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- talos-di4-2sr
- talos-pqo-s7t
- talos-89d-c5v
configmap:
name: local-path-config
setup: |-
#!/bin/sh
set -eu
mkdir -m 0777 -p "$VOL_DIR"
teardown: |-
#!/bin/sh
set -eu
rm -rf "$VOL_DIR"

11
clusters/cl01tl/storage/minio-operator/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v2
name: minio-operator
version: 1.0.0
sources:
- https://github.com/minio/operator
- https://github.com/minio/operator/blob/master/helm/operator/Chart.yaml
dependencies:
- name: operator
version: 5.0.15
repository: https://operator.min.io
appVersion: v5.0.14

24
clusters/cl01tl/storage/minio-operator/values.yaml Normal file
View File

@@ -0,0 +1,24 @@
operator:
operator:
env:
- name: OPERATOR_STS_ENABLED
value: "off"
- name: MINIO_CONSOLE_TLS_ENABLE
value: "off"
console:
enabled: true
ingress:
enabled: true
ingressClassName: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: letsencrypt-issuer
tls:
- secretName: minio-secret-tls
hosts:
- minio.alexlebens.net
host: minio.alexlebens.net
path: /
pathType: Prefix
number: 9090

11
clusters/cl01tl/storage/nfs/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
apiVersion: v2
name: nfs-subdir-external-provisioner
version: 0.0.1
sources:
- https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner
- https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner/tree/master/charts/nfs-subdir-external-provisioner
dependencies:
- name: nfs-subdir-external-provisioner
version: 4.0.18
repository: https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/
appVersion: 4.0.18

8
clusters/cl01tl/storage/nfs/values.yaml Normal file
View File

@@ -0,0 +1,8 @@
nfs-subdir-external-provisioner:
nfs:
server: 192.168.1.194
path: /volume2/Talos
mountOptions:
- hard
- vers=4
- minorversion=1

14
clusters/cl01tl/storage/rook-ceph/Chart.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v2
name: rook-ceph
version: 0.0.3
sources:
- https://github.com/rook/rook
- https://github.com/rook/rook/tree/master/deploy/charts
dependencies:
- name: rook-ceph
version: v1.14.3
repository: https://charts.rook.io/release
- name: rook-ceph-cluster
version: v1.14.3
repository: https://charts.rook.io/release
appVersion: v1.14.0

192
clusters/cl01tl/storage/rook-ceph/values.yaml Normal file
View File

@@ -0,0 +1,192 @@
rook-ceph:
crds:
enabled: true
csi:
enableRbdDriver: true
enableCephfsDriver: true
enableCSIHostNetwork: true
enableCephfsSnapshotter: true
enableNFSSnapshotter: true
enableRBDSnapshotter: true
enablePluginSelinuxHostMount: false
enableCSIEncryption: false
enableMetadata: true
provisionerReplicas: 3
clusterName:
logLevel: 0
serviceMonitor:
enabled: true
interval: 5s
csiAddons:
enabled: false
nfs:
enabled: false
topology:
enabled: false
enableDiscoveryDaemon: true
scaleDownOperator: false
monitoring:
enabled: true
rook-ceph-cluster:
operatorNamespace: rook-ceph
toolbox:
enabled: true
monitoring:
enabled: true
createPrometheusRules: true
pspEnable: false
cephClusterSpec:
cephVersion:
# https://quay.io/repository/ceph/ceph?tab=tags
image: quay.io/ceph/ceph:v18.2.2-20240311
allowUnsupported: false
dataDirHostPath: /var/lib/rook
skipUpgradeChecks: false
continueUpgradeAfterChecksEvenIfNotHealthy: false
waitTimeoutForHealthyOSDInMinutes: 10
mon:
count: 3
allowMultiplePerNode: false
mgr:
count: 1
allowMultiplePerNode: false
modules:
- name: pg_autoscaler
enabled: true
- name: rook
enabled: true
dashboard:
enabled: true
ssl: false
network:
connections:
encryption:
enabled: true
compression:
enabled: true
requireMsgr2: true
crashCollector:
disable: false
logCollector:
enabled: true
periodicity: daily
maxLogSize: 500M
cleanupPolicy:
confirmation: ""
placement:
all:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/rook-osd-node
operator: Exists
mon:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/rook-control-node
operator: Exists
- key: node-role.kubernetes.io/control-plane
operator: Exists
tolerations:
- key: node-role.kubernetes.io/rook-control-node
operator: Exists
- key: node-role.kubernetes.io/control-plane
operator: Exists
resources:
mgr:
limits:
cpu: "1000m"
memory: "1Gi"
requests:
cpu: "500m"
memory: "1Gi"
mon:
limits:
cpu: "2000m"
memory: "2Gi"
requests:
cpu: "1000m"
memory: "2Gi"
osd:
limits:
cpu: "2000m"
memory: "4Gi"
requests:
cpu: "1000m"
memory: "4Gi"
prepareosd:
requests:
cpu: "500m"
memory: "50Mi"
removeOSDsIfOutAndSafeToRemove: false
storage:
useAllNodes: true
useAllDevices: true
deviceFilter: sda
config:
osdsPerDevice: "1"
csi:
readAffinity:
enabled: true
ingress:
dashboard:
ingressClassName: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: letsencrypt-issuer
host:
name: ceph.alexlebens.net
path: /
tls:
- secretName: rook-secret-tls
hosts:
- ceph.alexlebens.net
rules:
- host: ceph.alexlebens.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: rook-ceph-mgr-dashboard
port:
name: http-dashboard
cephBlockPools:
- name: ceph-blockpool
spec:
failureDomain: host
replicated:
size: 3
enableRBDStats: false
storageClass:
enabled: true
name: ceph-block
isDefault: true
reclaimPolicy: Retain
allowVolumeExpansion: true
volumeBindingMode: "Immediate"
parameters:
imageFormat: "2"
imageFeatures: layering,exclusive-lock,object-map,fast-diff
csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner
csi.storage.k8s.io/provisioner-secret-namespace: "{{ .Release.Namespace }}"
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner
csi.storage.k8s.io/controller-expand-secret-namespace: "{{ .Release.Namespace }}"
csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node
csi.storage.k8s.io/node-stage-secret-namespace: "{{ .Release.Namespace }}"
csi.storage.k8s.io/fstype: ext4
cephBlockPoolsVolumeSnapshotClass:
enabled: true
name: ceph-blockpool-snapshot
isDefault: false
deletionPolicy: Retain
cephFileSystems:
cephFileSystemVolumeSnapshotClass:
enabled: false
cephObjectStores: