From 2041f5f80a1c1473ce439bcd39139cb2c5109376 Mon Sep 17 00:00:00 2001 From: Priit Laes Date: Sat, 12 Jul 2025 20:23:08 +0300 Subject: [PATCH] frigate: Migrate to Kustomize --- frigate/README.md | 11 +- frigate/application.yml | 309 ------------------------------------- frigate/kustomization.yaml | 21 +++ frigate/values.yaml | 58 ------- 4 files changed, 28 insertions(+), 371 deletions(-) delete mode 100644 frigate/application.yml create mode 100644 frigate/kustomization.yaml diff --git a/frigate/README.md b/frigate/README.md index ae7843d..232ef82 100644 --- a/frigate/README.md +++ b/frigate/README.md @@ -1,5 +1,8 @@ -``` -helm repo add blakeblackshear https://blakeblackshear.github.io/blakeshome-charts/ -helm template -n frigate --release-name frigate blakeblackshear/frigate --include-crds -f values.yaml > application.yml -kubectl apply -n frigate -f application.yml -f auth.yml -f rabbitmq.yml -f storage-class.yml -f storage.yml -f transcode.yml +# Frigate + +# Deployment +With ArgoCD. Render it locally: + +```sh +kustomize build . --enable-helm ``` diff --git a/frigate/application.yml b/frigate/application.yml deleted file mode 100644 index 59f4436..0000000 --- a/frigate/application.yml +++ /dev/null @@ -1,309 +0,0 @@ ---- -# Source: frigate/templates/configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: frigate - namespace: frigate - labels: - app.kubernetes.io/name: frigate - helm.sh/chart: frigate-7.8.0 - app.kubernetes.io/instance: frigate - app.kubernetes.io/managed-by: Helm -data: - config.yml: | - mqtt: - host: frigate-mqtt - port: 1883 - topic_prefix: frigate - client_id: frigate - user: '{FRIGATE_MQTT_USERNAME}' - password: '{FRIGATE_MQTT_PASSWORD}' - stats_interval: 60 - - detectors: - coral: - type: edgetpu - device: usb - #cpu1: - #type: cpu - #ov: - # type: openvino - # device: CPU - - model: - width: 300 - height: 300 - input_tensor: nhwc - input_pixel_format: bgr - path: /openvino-model/ssdlite_mobilenet_v2.xml - labelmap_path: /openvino-model/coco_91cl_bkgr.txt - - record: - enabled: True - retain: - days: 3 - mode: motion - events: - retain: - default: 30 - mode: motion - - cameras: - server_room: - ffmpeg: - inputs: - - path: rtsp://go2rtc:8554/server_room - roles: - - detect - - rtmp - - record - chaos: - ffmpeg: - inputs: - - path: rtsp://go2rtc:8554/chaos - roles: - - detect - - rtmp - - record - cyber: - ffmpeg: - inputs: - - path: rtsp://go2rtc:8554/cyber - roles: - - detect - - rtmp - - record - workshop: - ffmpeg: - inputs: - - path: rtsp://go2rtc:8554/workshop - roles: - - detect - - rtmp - - record ---- -# Source: frigate/templates/config-pvc.yaml -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: frigate-config - labels: - app.kubernetes.io/name: frigate - helm.sh/chart: frigate-7.8.0 - app.kubernetes.io/instance: frigate - app.kubernetes.io/managed-by: Helm -spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "1000Mi" - storageClassName: "longhorn" ---- -# Source: frigate/templates/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: frigate - labels: - app.kubernetes.io/name: frigate - helm.sh/chart: frigate-7.8.0 - app.kubernetes.io/instance: frigate - app.kubernetes.io/version: "0.14.1" - app.kubernetes.io/managed-by: Helm -spec: - type: ClusterIP - ipFamilyPolicy: SingleStack - ports: - - name: http - port: 5000 - protocol: TCP - targetPort: http - - - name: http-auth - port: 8971 - protocol: TCP - targetPort: http-auth - - name: rtmp - port: 1935 - protocol: TCP - targetPort: rtmp - - - name: rtsp - port: 8554 - protocol: TCP - targetPort: rtsp - - - name: webrtc-tcp - port: 8555 - protocol: TCP - targetPort: webrtc-tcp - - name: webrtc-udp - port: 8555 - protocol: UDP - targetPort: webrtc-udp - selector: - app.kubernetes.io/name: frigate - app.kubernetes.io/instance: frigate ---- -# Source: frigate/templates/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: frigate - labels: - app.kubernetes.io/name: frigate - helm.sh/chart: frigate-7.8.0 - app.kubernetes.io/instance: frigate - app.kubernetes.io/version: "0.14.1" - app.kubernetes.io/managed-by: Helm -spec: - replicas: 1 - revisionHistoryLimit: 3 - strategy: - type: Recreate - selector: - matchLabels: - app.kubernetes.io/name: frigate - app.kubernetes.io/instance: frigate - template: - metadata: - labels: - app.kubernetes.io/name: frigate - app.kubernetes.io/instance: frigate - annotations: - checksum/configmap: c03d767c7ef736f9d27d13a90ca868c5d4666b6e3e37b73b3e3b74be088dfff2 - spec: - initContainers: - - name: copyconfig - image: "ghcr.io/blakeblackshear/frigate:0.14.1" - imagePullPolicy: IfNotPresent - volumeMounts: - - mountPath: /config.yml - subPath: config.yml - name: configmap - - mountPath: /config - name: config - command: [ "cp" ] - args: [ "-v", "/config.yml", "/config/config.yml" ] - containers: - - name: frigate - image: "ghcr.io/blakeblackshear/frigate:0.14.1" - imagePullPolicy: IfNotPresent - securityContext: - privileged: true - ports: - - name: http - containerPort: 5000 - protocol: TCP - - name: http-auth - containerPort: 8971 - protocol: TCP - - name: rtmp - containerPort: 1935 - protocol: TCP - - name: rtsp - containerPort: 8554 - protocol: TCP - - name: webrtc-udp - containerPort: 8555 - protocol: UDP - - name: webrtc-tcp - containerPort: 8555 - protocol: TCP - - name: go2rtc-admin - containerPort: 1984 - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - scheme: HTTP - initialDelaySeconds: 30 - failureThreshold: 5 - timeoutSeconds: 10 - readinessProbe: - httpGet: - path: / - port: http - scheme: HTTP - initialDelaySeconds: 30 - failureThreshold: 5 - timeoutSeconds: 10 - env: - envFrom: - - secretRef: - name: frigate-rstp-credentials - - secretRef: - name: frigate-mqtt-credentials - volumeMounts: - - mountPath: /dev/bus/usb - name: coral-dev - - mountPath: /config - name: config - - mountPath: /data - name: data - - mountPath: /media - name: media - - name: dshm - mountPath: /dev/shm - - name: tmp - mountPath: /tmp - resources: - {} - volumes: - - name: configmap - configMap: - name: frigate - - name: coral-dev - hostPath: - path: /dev/bus/usb - - name: config - persistentVolumeClaim: - claimName: frigate-config - - name: data - emptyDir: {} - - name: media - persistentVolumeClaim: - claimName: frigate-storage - - name: dshm - emptyDir: - medium: Memory - sizeLimit: 4Gi - - name: tmp - emptyDir: - medium: Memory - sizeLimit: 4Gi ---- -# Source: frigate/templates/ingress.yaml -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: frigate - labels: - app.kubernetes.io/name: frigate - helm.sh/chart: frigate-7.8.0 - app.kubernetes.io/instance: frigate - app.kubernetes.io/version: "0.14.1" - app.kubernetes.io/managed-by: Helm - annotations: - external-dns.alpha.kubernetes.io/target: traefik.k-space.ee - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.middlewares: frigate-frigate@kubernetescrd -spec: - tls: - - hosts: - - "*.k-space.ee" - secretName: - rules: - - host: "frigate.k-space.ee" - http: - paths: - - path: / - pathType: "ImplementationSpecific" - backend: - service: - name: frigate - port: - name: http diff --git a/frigate/kustomization.yaml b/frigate/kustomization.yaml new file mode 100644 index 0000000..0155f07 --- /dev/null +++ b/frigate/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: frigate + +# spec: https://kubectl.docs.kubernetes.io/references/kustomize/builtins/#_helmchartinflationgenerator_ +helmCharts: +- includeCRDs: true + name: &name frigate + releaseName: *name + repo: https://blakeblackshear.github.io/blakeshome-charts/ + valuesFile: values.yaml + version: 7.8.0 + +resources: +- ssh://git@git.k-space.ee/secretspace/kube/frigate # secrets (.env): frigate-mqtt-secret / frigate-rtsp-secret +- ./auth.yml +- ./rabbitmq.yml +- ./storage-class.yml +- ./storage.yml +- ./transcode.yml diff --git a/frigate/values.yaml b/frigate/values.yaml index 92fda4f..62166d3 100644 --- a/frigate/values.yaml +++ b/frigate/values.yaml @@ -1,26 +1,3 @@ -# Default values for frigate. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# -- upgrade strategy type (e.g. Recreate or RollingUpdate) -strategyType: Recreate - -image: - # -- Docker registry/repository to pull the image from - repository: ghcr.io/blakeblackshear/frigate - # -- Overrides the default tag (appVersion) used in Chart.yaml ([Docker Hub](https://hub.docker.com/r/blakeblackshear/frigate/tags?page=1)) - tag: - # -- Docker image pull policy - pullPolicy: IfNotPresent - -# -- Docker image pull policy -imagePullSecrets: [] - -# -- additional ENV variables to set. Prefix with FRIGATE_ to target Frigate configuration values -env: {} - # TZ: UTC - -# -- set environment variables from Secret(s) envFromSecrets: # secrets are required before `helm install` - frigate-rstp-credentials @@ -32,14 +9,6 @@ coral: # -- path on the host to which to mount the Coral device hostPath: /dev/bus/usb -gpu: - nvidia: - # -- Enables NVIDIA GPU compatibility. Must also use the "amd64nvidia" tagged image - enabled: false - - # -- Overrides the default runtimeClassName - runtimeClassName: - # -- amount of shared memory to use for caching shmSize: 4Gi @@ -121,33 +90,6 @@ config: | - rtmp - record -# Probes configuration -probes: - liveness: - enabled: true - initialDelaySeconds: 30 - failureThreshold: 5 - timeoutSeconds: 10 - readiness: - enabled: true - initialDelaySeconds: 30 - failureThreshold: 5 - timeoutSeconds: 10 - startup: - enabled: false - failureThreshold: 30 - periodSeconds: 10 - -service: - type: ClusterIP - port: 5000 - annotations: {} - labels: {} - loadBalancerIP: - ipFamilyPolicy: SingleStack - ipFamilies: [] - - ingress: enabled: true annotations: