From 1d8528b31260c1d044c504893aae9dabcb28169c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Tue, 27 Aug 2024 12:41:04 +0300 Subject: [PATCH] argocd: Move to DragonflyDB and add resource customizations --- argocd/redis.yaml | 50 ++++++++++++++++++++++++++++++++++++++++++++++ argocd/values.yaml | 32 ++++++++++++++--------------- 2 files changed, 66 insertions(+), 16 deletions(-) create mode 100644 argocd/redis.yaml diff --git a/argocd/redis.yaml b/argocd/redis.yaml new file mode 100644 index 0000000..075c308 --- /dev/null +++ b/argocd/redis.yaml @@ -0,0 +1,50 @@ +--- +apiVersion: codemowers.cloud/v1beta1 +kind: SecretClaim +metadata: + name: argocd-redis + namespace: argocd +spec: + size: 32 + mapping: + - key: redis-password + value: "%(plaintext)s" + - key: REDIS_URI + value: "redis://:%(plaintext)s@argocd-redis" +--- +apiVersion: dragonflydb.io/v1alpha1 +kind: Dragonfly +metadata: + name: argocd-redis + namespace: argocd +spec: + authentication: + passwordFromSecret: + key: redis-password + name: argocd-redis + replicas: 3 + resources: + limits: + cpu: 1000m + memory: 1Gi + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: topology.kubernetes.io/zone + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app: argocd-redis + app.kubernetes.io/part-of: dragonfly +--- +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: argocd-redis + namespace: argocd +spec: + selector: + matchLabels: + app: argocd-redis + app.kubernetes.io/part-of: dragonfly + podMetricsEndpoints: + - port: admin diff --git a/argocd/values.yaml b/argocd/values.yaml index 9b632e3..eafa19d 100644 --- a/argocd/values.yaml +++ b/argocd/values.yaml @@ -5,9 +5,13 @@ global: dex: enabled: false -# Maybe one day switch to Redis HA? +redis: + enabled: false redis-ha: enabled: false +externalRedis: + host: argocd-redis + existingSecret: argocd-redis server: # HTTPS is implemented by Traefik @@ -23,20 +27,6 @@ server: - hosts: - "*.k-space.ee" - configfucked: - resource.customizations: | - # https://github.com/argoproj/argo-cd/issues/1704 - networking.k8s.io/Ingress: - health.lua: | - hs = {} - hs.status = "Healthy" - return hs - apiextensions.k8s.io/CustomResourceDefinition: - ignoreDifferences: | - jsonPointers: - - "x-kubernetes-validations" - - metrics: enabled: true @@ -81,7 +71,17 @@ configs: p, role:developers, applications, update, default/camtiler, allow cm: admin.enabled: "false" - + resource.customizations: | + # https://github.com/argoproj/argo-cd/issues/1704 + networking.k8s.io/Ingress: + health.lua: | + hs = {} + hs.status = "Healthy" + return hs + apiextensions.k8s.io/CustomResourceDefinition: + ignoreDifferences: | + jsonPointers: + - "x-kubernetes-validations" oidc.config: | name: OpenID Connect issuer: https://auth.k-space.ee/