Cleanup
This commit is contained in:
parent
4ce891e2ba
commit
6d79e716f7
32 changed files with 1 additions and 5201 deletions
9
.gitignore
vendored
9
.gitignore
vendored
|
@ -1,12 +1,5 @@
|
|||
k3s-cluster-config.kubeconfig.yaml
|
||||
*.agekey
|
||||
|
||||
.terraform
|
||||
.terraform.tfstate*
|
||||
terraform.tfstate*
|
||||
.env*
|
||||
|
||||
*.tmp
|
||||
*.log
|
||||
*.key
|
||||
.secret*
|
||||
tags
|
||||
|
|
|
@ -1,119 +0,0 @@
|
|||
- name: debug stuff
|
||||
hosts: all
|
||||
tasks:
|
||||
- name: set token fact for k3s-nodes hosts
|
||||
run_once: true
|
||||
with_items: '{{ groups["k3s-nodes"] }}'
|
||||
delegate_to: '{{ item }}'
|
||||
set_fact:
|
||||
fake_hostname: '{{ hostvars[item]["inventory_hostname"] }} for {{ item }}'
|
||||
|
||||
- name: debug token fact for k3s-nodes hosts
|
||||
run_once: true
|
||||
with_items: '{{ groups["k3s-nodes"] }}'
|
||||
delegate_to: '{{ item }}'
|
||||
debug:
|
||||
msg: '{{ hostvars[item]["fake_hostname"] }} for {{ inventory_hostname }}'
|
||||
|
||||
- name: install k3s on k3s-nodes
|
||||
hosts: k3s-nodes
|
||||
gather_facts: yes
|
||||
roles:
|
||||
- role: k3s-node
|
||||
|
||||
# TODO: ensure odd number of k3s-control-nodes hosts
|
||||
|
||||
- name: intialize k3s cluster on first control plane node
|
||||
hosts: k3s-control-nodes[0]
|
||||
tasks:
|
||||
- name: create config directory
|
||||
file:
|
||||
recurse: yes
|
||||
path: /etc/rancher/k3s/
|
||||
state: directory
|
||||
mode: '0700'
|
||||
|
||||
- name: copy initial config
|
||||
become: true
|
||||
copy:
|
||||
src: ./templates/k3s-initial-server-config.yaml
|
||||
dest: /etc/rancher/k3s/config.yaml
|
||||
|
||||
- name: run initial k3s server
|
||||
become: true
|
||||
ansible.builtin.command: systemctl enable --now k3s
|
||||
|
||||
- name: fetch token
|
||||
become: true
|
||||
slurp:
|
||||
src: /var/lib/rancher/k3s/server/node-token
|
||||
register: slurped_k3s_node_token
|
||||
|
||||
- name: set token fact for initial node
|
||||
set_fact:
|
||||
k3s_node_token: '{{ slurped_k3s_node_token.content | b64decode }}'
|
||||
|
||||
- name: configure remaining nodes
|
||||
hosts: k3s-nodes,!k3s-control-nodes[0]
|
||||
gather_facts: no
|
||||
tasks:
|
||||
- name: debug info
|
||||
ansible.builtin.debug:
|
||||
msg: '{{ ansible_facts }}'
|
||||
|
||||
# - name: debug token fact for k3s-nodes hosts
|
||||
# run_once: true
|
||||
# debug:
|
||||
# msg: '{{ hostvars[groups["k3s-control-nodes"][0]]["k3s_node_token"] }}'
|
||||
|
||||
- name: set token fact
|
||||
set_fact:
|
||||
k3s_node_token: '{{ hostvars[groups["k3s-control-nodes"][0]]["k3s_node_token"] }}'
|
||||
|
||||
- name: configure k3s server with token
|
||||
lineinfile:
|
||||
path: /etc/systemd/system/k3s.service.env
|
||||
state: present
|
||||
line: K3S_TOKEN={{ k3s_node_token }}
|
||||
create: yes
|
||||
|
||||
- name: configure k3s agent with token
|
||||
lineinfile:
|
||||
path: /etc/systemd/system/k3s-agent.service.env
|
||||
state: present
|
||||
line: K3S_TOKEN={{ k3s_node_token }}
|
||||
create: yes
|
||||
|
||||
- name: create config directory
|
||||
file:
|
||||
recurse: yes
|
||||
path: /etc/rancher/k3s/
|
||||
state: directory
|
||||
mode: '0700'
|
||||
|
||||
- name: configure k3s server endpoint
|
||||
lineinfile:
|
||||
path: /etc/rancher/k3s/config.yaml
|
||||
state: present
|
||||
line: 'server: https://{{ hostvars[groups["k3s-control-nodes"][0]]["ansible_default_ipv4"]["address"] }}:6443'
|
||||
create: yes
|
||||
|
||||
# TODO: assert token is valid?
|
||||
# - name: debug info2
|
||||
# ansible.builtin.debug:
|
||||
# msg: '{{ k3s_node_token }}'
|
||||
# TODO: wait for initial control node to come up?
|
||||
|
||||
- name: start remaining control nodes
|
||||
hosts: k3s-control-nodes,!k3s-control-nodes[0]
|
||||
tasks:
|
||||
- name: run k3s
|
||||
become: true
|
||||
ansible.builtin.command: systemctl enable --now k3s
|
||||
|
||||
- name: start remaining agent nodes
|
||||
hosts: k3s-agent-nodes
|
||||
tasks:
|
||||
- name: run k3s
|
||||
become: true
|
||||
ansible.builtin.command: systemctl enable --now k3s-agent
|
|
@ -1,20 +0,0 @@
|
|||
k3s-nodes:
|
||||
hosts:
|
||||
"root@10.0.0.87":
|
||||
"root@10.0.0.138":
|
||||
|
||||
vars:
|
||||
ansible_python_interpreter: /usr/bin/python3.10
|
||||
k3s:
|
||||
version: v1.23.3+k3s1
|
||||
|
||||
k3s-control-nodes:
|
||||
hosts:
|
||||
"root@10.0.0.87":
|
||||
|
||||
k3s-agent-nodes:
|
||||
hosts:
|
||||
"root@10.0.0.138":
|
||||
|
||||
vars:
|
||||
k3s_command: agent
|
|
@ -1,29 +0,0 @@
|
|||
---
|
||||
language: python
|
||||
python: "2.7"
|
||||
|
||||
# Use the new container infrastructure
|
||||
sudo: false
|
||||
|
||||
# Install ansible
|
||||
addons:
|
||||
apt:
|
||||
packages:
|
||||
- python-pip
|
||||
|
||||
install:
|
||||
# Install ansible
|
||||
- pip install ansible
|
||||
|
||||
# Check ansible version
|
||||
- ansible --version
|
||||
|
||||
# Create ansible.cfg with correct roles_path
|
||||
- printf '[defaults]\nroles_path=../' >ansible.cfg
|
||||
|
||||
script:
|
||||
# Basic role syntax check
|
||||
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
|
||||
|
||||
notifications:
|
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/
|
|
@ -1,58 +0,0 @@
|
|||
- name: AUR | get package metadata for {{ pkg_name }}
|
||||
connection: local
|
||||
become: no
|
||||
uri: >
|
||||
url=https://aur.archlinux.org/rpc?v=5&type=info&arg={{ pkg_name | mandatory }}
|
||||
return_content=yes
|
||||
timeout=6
|
||||
register: api_info
|
||||
|
||||
- assert:
|
||||
that:
|
||||
- api_info.status == 200
|
||||
- api_info.json is defined
|
||||
- api_info.json.type == 'multiinfo'
|
||||
- api_info.json.resultcount == 1
|
||||
- api_info.json.results is defined
|
||||
|
||||
- name: AUR | download tarball for package {{ pkg_name }}
|
||||
become: no
|
||||
connection: local
|
||||
get_url: >
|
||||
url='https://aur.archlinux.org{{ api_info.json.results[0].URLPath }}'
|
||||
dest='/tmp/'
|
||||
register: aur_tarball
|
||||
|
||||
- name: AUR | cleanup old {{ pkg_name }} builds
|
||||
ansible.builtin.file:
|
||||
path: /tmp/{{ pkg_name }}
|
||||
state: absent
|
||||
|
||||
- name: AUR | upload and extract package {{ pkg_name }} tarball to host
|
||||
become: yes
|
||||
become_user: '{{ makepkg_nonroot_user }}'
|
||||
unarchive: >
|
||||
src={{ aur_tarball.dest }}
|
||||
dest=/tmp/
|
||||
register: extracted_pkg
|
||||
|
||||
- name: AUR | get dependencies and build package {{ pkg_name }}
|
||||
when: extracted_pkg.changed
|
||||
become: yes
|
||||
become_user: '{{ makepkg_nonroot_user }}'
|
||||
command: >
|
||||
makepkg --noconfirm --noprogressbar -mfs
|
||||
chdir=/tmp/{{ pkg_name }}
|
||||
register: aur_makepkg_result
|
||||
|
||||
- shell: 'ls -1 /tmp/{{ pkg_name | quote }} | grep pkg.tar'
|
||||
register: compiled_package_name
|
||||
|
||||
- name: AUR | install {{ pkg_name }} with pacman
|
||||
when: aur_makepkg_result.changed
|
||||
become: yes
|
||||
shell: >
|
||||
pacman --noconfirm --noprogressbar --needed -U {{ compiled_package_name.stdout | quote }}
|
||||
chdir=/tmp/{{ pkg_name }}
|
||||
register: pacman_install_result
|
||||
changed_when: pacman_install_result.stdout is defined and pacman_install_result.stdout.find('there is nothing to do') == -1
|
|
@ -1,9 +0,0 @@
|
|||
# source: https://wiki.archlinux.org/title/Ansible#AUR
|
||||
- user: name=aur_builder
|
||||
|
||||
- lineinfile:
|
||||
path: /etc/sudoers.d/aur_builder-allow-to-sudo-pacman
|
||||
state: present
|
||||
line: "aur_builder ALL=(ALL) NOPASSWD: /usr/bin/pacman"
|
||||
validate: /usr/sbin/visudo -cf %s
|
||||
create: yes
|
|
@ -1,15 +0,0 @@
|
|||
- name: Check if AUR helper ({{ aur_helper_pkg }}) is already installed
|
||||
shell: pacman -Q 2>&1 | grep '^{{ aur_helper_pkg }} ' >/dev/null 2>&1
|
||||
register: is_aur_helper_exist
|
||||
ignore_errors: yes
|
||||
|
||||
# - name: debug is_aur_helper_exist
|
||||
# debug:
|
||||
# msg: '{{ is_aur_helper_exist }}'
|
||||
|
||||
- name: install AUR helper ({{ aur_helper_pkg }})
|
||||
include_tasks: aur.yml
|
||||
when: is_aur_helper_exist.failed
|
||||
vars:
|
||||
makepkg_nonroot_user: aur_builder
|
||||
pkg_name: '{{ aur_helper_pkg }}'
|
|
@ -1,10 +0,0 @@
|
|||
- name: download k3s installer
|
||||
ansible.builtin.get_url:
|
||||
url: https://get.k3s.io
|
||||
dest: /tmp/k3s-installer.sh
|
||||
mode: '0777'
|
||||
|
||||
- name: run k3s installer
|
||||
become: true
|
||||
ansible.builtin.command: >
|
||||
env INSTALL_K3S_EXEC={{ k3s_command | default('server') }} INSTALL_K3S_SKIP_START=true INSTALL_K3S_VERSION="{{ k3s.version }}" sh /tmp/k3s-installer.sh
|
|
@ -1,9 +0,0 @@
|
|||
- include_tasks: ./prepare-host.yml
|
||||
- include_tasks: ./install-k3s.yml
|
||||
|
||||
# TODO: rpi4 loadbalancer? haproxy? metallb?
|
||||
|
||||
# TODO: generate secret
|
||||
# TODO: start first control node
|
||||
# TODO: start remaining control nodes
|
||||
# TODO: start agent nodes
|
|
@ -1,23 +0,0 @@
|
|||
# arch linux
|
||||
- include_tasks: ./create-aur-builder-user.yml
|
||||
when: ansible_facts.os_family == 'Archlinux'
|
||||
|
||||
- include_tasks: ./install-aur-helper.yml
|
||||
when: ansible_facts.os_family == 'Archlinux'
|
||||
vars:
|
||||
aur_helper_pkg: paru-bin
|
||||
|
||||
- include_tasks: ./upgrade-all-packages.yml
|
||||
vars:
|
||||
aur_helper_command: paru
|
||||
|
||||
# TODO: is per-node host-level time sync necessary?
|
||||
|
||||
- name: install necessary utilities for longhorn
|
||||
when: ansible_facts.os_family == 'Archlinux'
|
||||
community.general.pacman:
|
||||
executable: 'paru'
|
||||
name:
|
||||
- nfs-utils
|
||||
- open-iscsi
|
||||
state: present
|
|
@ -1,8 +0,0 @@
|
|||
- name: upgrade all packages
|
||||
when: ansible_facts.os_family == 'Archlinux'
|
||||
community.general.pacman:
|
||||
executable: '{{ aur_helper_command }}'
|
||||
force: yes
|
||||
state: latest
|
||||
update_cache: yes
|
||||
upgrade: yes
|
|
@ -1,30 +0,0 @@
|
|||
- name: purge k3s from k3s-nodes
|
||||
hosts:
|
||||
- k3s-nodes
|
||||
- k3s-control-nodes
|
||||
- k3s-agent-nodes
|
||||
become: true
|
||||
gather_facts: no
|
||||
any_errors_fatal: true
|
||||
tasks:
|
||||
- name: Kill k3s
|
||||
ansible.builtin.command: /usr/local/bin/k3s-killall.sh
|
||||
- name: Uninstall k3s
|
||||
ansible.builtin.command:
|
||||
cmd: /usr/local/bin/k3s-uninstall.sh
|
||||
removes: /usr/local/bin/k3s-uninstall.sh
|
||||
- name: Uninstall k3s agent
|
||||
ansible.builtin.command:
|
||||
cmd: /usr/local/bin/k3s-agent-uninstall.sh
|
||||
removes: /usr/local/bin/k3s-agent-uninstall.sh
|
||||
- name: Gather list of CNI files to delete
|
||||
find:
|
||||
paths: /etc/cni/net.d
|
||||
patterns: "*"
|
||||
register: files_to_delete
|
||||
- name: Delete CNI files
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
state: absent
|
||||
loop: "{{ files_to_delete.files }}"
|
||||
|
|
@ -1,7 +0,0 @@
|
|||
collections:
|
||||
- name: community.general
|
||||
version: 4.4.0
|
||||
- name: community.sops
|
||||
version: 1.2.0
|
||||
- name: ansible.posix
|
||||
version: 1.3.0
|
|
@ -1 +0,0 @@
|
|||
cluster-init: true
|
|
@ -1,32 +0,0 @@
|
|||
hello: ENC[AES256_GCM,data:WRa2G/VPbEab7pAWaJe58iMxMQ3k0pW671e73eaY5MdAUxJDRmijcIi267IDGg==,iv:LGpJ15ogFuvGJBwh3cfHGThct/DKiiUfGi8Kn4biV+M=,tag:LpuYBCVw7ht39qEgcgfJqw==,type:str]
|
||||
example_key: ENC[AES256_GCM,data:3cOB2ySdABOvn3yhkg==,iv:bMTUp1WXDHuLDqrAbR5NIzVHHUw746OMeXoEZ6aWAow=,tag:sRA2h8aRJNwNXFrMdanGzw==,type:str]
|
||||
#ENC[AES256_GCM,data:dP+/OZYhivb7M7v7tBGC7g==,iv:epJJoKQ8Xv4g5Aa4jYXvMuYtiNhXBg/XIBD35ut+AKY=,tag:+fjSkV3k+Fv89v++wnG2kw==,type:comment]
|
||||
example_array:
|
||||
- ENC[AES256_GCM,data:v+Eim64hePvfKUR29Yk=,iv:l/do6zgAy8MIc7x7lyb9kj/29V0V4yFDA0vWsYG16tM=,tag:pKrUwUPDM3/xzzKT+pThMg==,type:str]
|
||||
- ENC[AES256_GCM,data:jfgUnbtQEyYb1kJSLbE=,iv:ELDLS+72aIZuSwHnfD697bP6N7mHJ3iaLRWj+6FSSQw=,tag:ZHxguigP5FWPOEzUcKtHaQ==,type:str]
|
||||
example_number: ENC[AES256_GCM,data:H37w/XGwzcdSHQ==,iv:z74bRD6gmVJr9NAcPRmjjPmZ7X1WEpBSAV/gzWesBgg=,tag:Nrk9CwNQXEPvaoK6lC3DJg==,type:float]
|
||||
example_booleans:
|
||||
- ENC[AES256_GCM,data:8xXjdA==,iv:n0vwMOb2Eu8dE6ca1ycdgrML1UKOY9Gl1RTgIJ+bfGw=,tag:Rgit1wPAQ+YSQmffEn7/sw==,type:bool]
|
||||
- ENC[AES256_GCM,data:JBUqSeg=,iv:VM4SqHzVUlW93aEebiaLIzr1loJV6uFELoPGAZyNiBY=,tag:U/JIvS+gwb8HjfeenajCMw==,type:bool]
|
||||
- ENC[AES256_GCM,data:cPLgZDwCKwrGJKFSFELcqeg5BQWz2g==,iv:JlWnjRLm971L8IUg71yr2HOJzV6V0xz6oPe6sScGchk=,tag:r+AgykXqD9nNwaOl+NlQfA==,type:str]
|
||||
example_name: ENC[AES256_GCM,data:9EQWrTyojQ==,iv:/tgGPH/v49bHW3Vh4qwr2OARBiJTyxNJ//rs9l8p83E=,tag:qqyZ9cP3a/1pko9DoWZyRQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1a8v4ac7l20vly3838el7f4m7t9nt56tlxznzv084ulpltw6k7vyq9gh49q
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBERGxGRXF5OVJLV0RKTDZF
|
||||
UGw0UTBJWWFmVlkraEQyZDZEaXlqdmhUUFZFCjBvSDJWWEhyZEdWR3lLYzQvQ013
|
||||
TzJVVWhQVkYxYUxqOWNxTWRZeHJZN00KLS0tIGhzblZkRmtBeDNJYldKZVBUQTU3
|
||||
Mi9lVkRDNFBrNDNISFIwckFXLzBaQ0UKCjkMUhXLn6IO5aC6At37a+TmVFt09sXa
|
||||
g4hod4hBGGtgEbPi/uCgCMme/E59eLvs6xyhXvJY12PYYdC+xlTu0A==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2022-02-08T03:51:26Z"
|
||||
mac: ENC[AES256_GCM,data:bNXbabUuJD/l6Ab+pjDNZzBU45I1vB9CYhrq6NQ5x6RIjw6gwpSNAjQHFiNwWq9BvRXhuSfbqlNw3F8QjOXO5EOyOwh6BZMvGBEZPB6MQXvhjqmOiBWjuvpmDIIBqj2qPldReQHhyoQ7HLN4LRjNd1vw34GCgcgvjv1Df21eOuQ=,iv:gL7Yt9a5f9ChUFPR1qjmKk25Re02kbxdTEK2qmxYZ0s=,tag:K7MjVm4BWEfOQdi7TV7psg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.1
|
|
@ -1,37 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: my-nginx
|
||||
namespace: default
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
run: my-nginx
|
||||
replicas: 2
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
run: my-nginx
|
||||
spec:
|
||||
containers:
|
||||
- name: my-nginx
|
||||
image: nginx
|
||||
ports:
|
||||
- containerPort: 80
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: my-nginx
|
||||
labels:
|
||||
run: my-nginx
|
||||
namespace: default
|
||||
spec:
|
||||
allocateLoadBalancerNodePorts: false
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- port: 8000
|
||||
targetPort: 80
|
||||
protocol: TCP
|
||||
selector:
|
||||
run: my-nginx
|
File diff suppressed because it is too large
Load diff
|
@ -1,27 +0,0 @@
|
|||
# This manifest was generated by flux. DO NOT EDIT.
|
||||
---
|
||||
apiVersion: source.toolkit.fluxcd.io/v1beta1
|
||||
kind: GitRepository
|
||||
metadata:
|
||||
name: flux-system
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 1m0s
|
||||
ref:
|
||||
branch: master
|
||||
secretRef:
|
||||
name: flux-system
|
||||
url: ssh://git@git.lyte.dev:2222/lytedev/k8s-clusters.git
|
||||
---
|
||||
apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
|
||||
kind: Kustomization
|
||||
metadata:
|
||||
name: flux-system
|
||||
namespace: flux-system
|
||||
spec:
|
||||
interval: 10m0s
|
||||
path: ./cluster/home
|
||||
prune: true
|
||||
sourceRef:
|
||||
kind: GitRepository
|
||||
name: flux-system
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- gotk-components.yaml
|
||||
- gotk-sync.yaml
|
|
@ -1,6 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: longhorn-system
|
||||
labels:
|
||||
name: longhorn-system
|
|
@ -1,32 +0,0 @@
|
|||
apiVersion: source.toolkit.fluxcd.io/v1beta1
|
||||
kind: HelmRepository
|
||||
metadata:
|
||||
name: longhorn
|
||||
namespace: longhorn-system
|
||||
spec:
|
||||
interval: 20m
|
||||
url: https://charts.longhorn.io/
|
||||
---
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: longhorn
|
||||
namespace: longhorn-system
|
||||
spec:
|
||||
interval: 20m
|
||||
chart:
|
||||
spec:
|
||||
chart: longhorn
|
||||
version: 1.2.3
|
||||
sourceRef:
|
||||
apiVersion: source.toolkit.fluxcd.io/v1beta1
|
||||
kind: HelmRepository
|
||||
name: longhorn
|
||||
namespace: longhorn-system
|
||||
interval: 20m
|
||||
install:
|
||||
remediation:
|
||||
retries: 5
|
||||
upgrade:
|
||||
remediation:
|
||||
remediateLastFailure: false
|
|
@ -1,23 +0,0 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
|
@ -1,24 +0,0 @@
|
|||
apiVersion: v2
|
||||
name: chart
|
||||
description: A Helm chart for Kubernetes
|
||||
|
||||
# A chart can be either an 'application' or a 'library' chart.
|
||||
#
|
||||
# Application charts are a collection of templates that can be packaged into versioned archives
|
||||
# to be deployed.
|
||||
#
|
||||
# Library charts provide useful utilities or functions for the chart developer. They're included as
|
||||
# a dependency of application charts to inject those utilities and functions into the rendering
|
||||
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
|
||||
type: application
|
||||
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 0.1.0
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "1.16.0"
|
|
@ -1,22 +0,0 @@
|
|||
1. Get the application URL by running these commands:
|
||||
{{- if .Values.ingress.enabled }}
|
||||
{{- range $host := .Values.ingress.hosts }}
|
||||
{{- range .paths }}
|
||||
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- else if contains "NodePort" .Values.service.type }}
|
||||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "chart.fullname" . }})
|
||||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
|
||||
echo http://$NODE_IP:$NODE_PORT
|
||||
{{- else if contains "LoadBalancer" .Values.service.type }}
|
||||
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
|
||||
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "chart.fullname" . }}'
|
||||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "chart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
|
||||
echo http://$SERVICE_IP:{{ .Values.service.port }}
|
||||
{{- else if contains "ClusterIP" .Values.service.type }}
|
||||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "chart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
|
||||
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
|
||||
echo "Visit http://127.0.0.1:8080 to use your application"
|
||||
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
|
||||
{{- end }}
|
|
@ -1,62 +0,0 @@
|
|||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "chart.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "chart.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "chart.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "chart.labels" -}}
|
||||
helm.sh/chart: {{ include "chart.chart" . }}
|
||||
{{ include "chart.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "chart.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "chart.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "chart.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "chart.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,61 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "chart.fullname" . }}
|
||||
labels:
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
spec:
|
||||
{{- if not .Values.autoscaling.enabled }}
|
||||
replicas: {{ .Values.replicaCount }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "chart.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "chart.selectorLabels" . | nindent 8 }}
|
||||
spec:
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "chart.serviceAccountName" . }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.securityContext | nindent 12 }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 80
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: http
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
|
@ -1,28 +0,0 @@
|
|||
{{- if .Values.autoscaling.enabled }}
|
||||
apiVersion: autoscaling/v2beta1
|
||||
kind: HorizontalPodAutoscaler
|
||||
metadata:
|
||||
name: {{ include "chart.fullname" . }}
|
||||
labels:
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
spec:
|
||||
scaleTargetRef:
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
name: {{ include "chart.fullname" . }}
|
||||
minReplicas: {{ .Values.autoscaling.minReplicas }}
|
||||
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
|
||||
metrics:
|
||||
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: cpu
|
||||
targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
|
||||
{{- end }}
|
||||
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
|
||||
- type: Resource
|
||||
resource:
|
||||
name: memory
|
||||
targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,61 +0,0 @@
|
|||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "chart.fullname" . -}}
|
||||
{{- $svcPort := .Values.service.port -}}
|
||||
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
|
||||
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
|
||||
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
{{- else -}}
|
||||
apiVersion: extensions/v1beta1
|
||||
{{- end }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
||||
ingressClassName: {{ .Values.ingress.className }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range .Values.ingress.hosts }}
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
|
||||
pathType: {{ .pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
service:
|
||||
name: {{ $fullName }}
|
||||
port:
|
||||
number: {{ $svcPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $fullName }}
|
||||
servicePort: {{ $svcPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,15 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "chart.fullname" . }}
|
||||
labels:
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
spec:
|
||||
type: {{ .Values.service.type }}
|
||||
ports:
|
||||
- port: {{ .Values.service.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
{{- include "chart.selectorLabels" . | nindent 4 }}
|
|
@ -1,12 +0,0 @@
|
|||
{{- if .Values.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "chart.serviceAccountName" . }}
|
||||
labels:
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
{{- with .Values.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,15 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: "{{ include "chart.fullname" . }}-test-connection"
|
||||
labels:
|
||||
{{- include "chart.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
"helm.sh/hook": test
|
||||
spec:
|
||||
containers:
|
||||
- name: wget
|
||||
image: busybox
|
||||
command: ['wget']
|
||||
args: ['{{ include "chart.fullname" . }}:{{ .Values.service.port }}']
|
||||
restartPolicy: Never
|
|
@ -1,82 +0,0 @@
|
|||
# Default values for chart.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
image:
|
||||
repository: nginx
|
||||
pullPolicy: IfNotPresent
|
||||
# Overrides the image tag whose default is the chart appVersion.
|
||||
tag: ""
|
||||
|
||||
imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
|
||||
serviceAccount:
|
||||
# Specifies whether a service account should be created
|
||||
create: true
|
||||
# Annotations to add to the service account
|
||||
annotations: {}
|
||||
# The name of the service account to use.
|
||||
# If not set and create is true, a name is generated using the fullname template
|
||||
name: ""
|
||||
|
||||
podAnnotations: {}
|
||||
|
||||
podSecurityContext: {}
|
||||
# fsGroup: 2000
|
||||
|
||||
securityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
# readOnlyRootFilesystem: true
|
||||
# runAsNonRoot: true
|
||||
# runAsUser: 1000
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 80
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
className: ""
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 100
|
||||
targetCPUUtilizationPercentage: 80
|
||||
# targetMemoryUtilizationPercentage: 80
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
affinity: {}
|
Loading…
Reference in a new issue