1
0
forked from k-space/kube

Clean up operatorlib related stuff

This commit is contained in:
Lauri Võsandi 2023-08-16 10:39:20 +03:00
parent 49412781ea
commit af83e1783b
25 changed files with 301 additions and 282 deletions

View File

@ -1,7 +1,8 @@
# minio-clusters # minio-clusters
This namespace houses Minio clusters managed by This is namespace for Minio clusters managed by Codemowers' sample
[Codemowers' Operator Bundle](https://github.com/codemowers/operator-bundle) [minio-bucket-operator](https://github.com/codemowers/operatorlib/tree/main/samples/minio-bucket-operator)
which is deployed via [ArgoCD](https://argocd.k-space.ee/applications/argocd/minio-bucket-operator)
To update bump the `image` tag for the classes and issue: To update bump the `image` tag for the classes and issue:

13
minio-clusters/cert.yaml Normal file
View File

@ -0,0 +1,13 @@
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: wildcard-tls
namespace: minio-clusters
spec:
dnsNames:
- "*.minio-clusters.k-space.ee"
issuerRef:
kind: ClusterIssuer
name: default
secretName: wildcard-tls

View File

@ -1,47 +1,19 @@
--- ---
apiVersion: codemowers.io/v1alpha1 apiVersion: codemowers.cloud/v1beta1
kind: ClusterBucketClass kind: MinioBucketClass
metadata: metadata:
name: dedicated name: dedicated
annotations:
kubernetes.io/description: "Dedicated Minio cluster"
spec: spec:
targetNamespace: minio-clusters reclaimPolicy: Retain
description: "Dedicated Minio clusters"
replicas: 4 replicas: 4
storageClass: minio storageClass: minio
podSpec: podSpec:
containers: containers:
- name: minio - name: minio
env: image: docker.io/minio/minio:RELEASE.2023-07-18T17-49-40Z@sha256:8879cd0b0c4087817430e21be3ad909d60e9da62fac3e8d9368d9fde51279229
- name: MINIO_PROMETHEUS_AUTH_TYPE imagePullPolicy: IfNotPresent
value: public
image: minio/minio:RELEASE.2023-02-17T17-52-43Z
args:
- server
- --address
- 0.0.0.0:9000
- --console-address
- 0.0.0.0:9001
ports:
- containerPort: 9000
name: http
- containerPort: 9001
name: console
readinessProbe:
httpGet:
path: /minio/health/ready
port: 9000
initialDelaySeconds: 2
periodSeconds: 5
resources:
requests:
cpu: 300m
memory: 1Gi
limits:
cpu: 4000m
memory: 2Gi
volumeMounts:
- name: data
mountPath: /data
nodeSelector: nodeSelector:
dedicated: storage dedicated: storage
tolerations: tolerations:

View File

@ -1,12 +1,13 @@
--- ---
apiVersion: codemowers.io/v1alpha1 apiVersion: codemowers.cloud/v1beta1
kind: ClusterBucketClass kind: MinioBucketClass
metadata: metadata:
name: external name: external
annotations:
kubernetes.io/description: "External Minio cluster"
spec: spec:
description: "Minio instance running on the ZFS storage box" reclaimPolicy: Retain
targetNamespace: minio-clusters shared: true
targetCluster: external
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
@ -18,8 +19,7 @@ spec:
ports: ports:
- name: http - name: http
protocol: TCP protocol: TCP
port: 80 port: 9000
targetPort: 9000
type: ExternalName type: ExternalName
--- ---
apiVersion: v1 apiVersion: v1
@ -32,8 +32,7 @@ spec:
ports: ports:
- name: http - name: http
protocol: TCP protocol: TCP
port: 80 port: 9001
targetPort: 9001
type: ExternalName type: ExternalName
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
@ -48,7 +47,7 @@ metadata:
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec: spec:
rules: rules:
- host: minio-cluster-external.k-space.ee - host: external.minio-clusters.k-space.ee
http: http:
paths: paths:
- pathType: Prefix - pathType: Prefix
@ -61,6 +60,7 @@ spec:
tls: tls:
- hosts: - hosts:
- "*.k-space.ee" - "*.k-space.ee"
secretName: wildcard-tls
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
@ -74,7 +74,7 @@ metadata:
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec: spec:
rules: rules:
- host: minio-cluster-external-console.k-space.ee - host: external-console.minio-clusters.k-space.ee
http: http:
paths: paths:
- pathType: Prefix - pathType: Prefix
@ -87,3 +87,4 @@ spec:
tls: tls:
- hosts: - hosts:
- "*.k-space.ee" - "*.k-space.ee"
secretName: wildcard-tls

View File

@ -1,48 +1,20 @@
--- ---
apiVersion: codemowers.io/v1alpha1 apiVersion: codemowers.cloud/v1beta1
kind: ClusterBucketClass kind: MinioBucketClass
metadata: metadata:
name: shared name: shared
annotations:
kubernetes.io/description: "Shared Minio cluster"
spec: spec:
description: "Shared Minio cluster" reclaimPolicy: Retain
targetNamespace: minio-clusters shared: true
targetCluster: shared
storageClass: minio
replicas: 4 replicas: 4
storageClass: minio
podSpec: podSpec:
containers: containers:
- name: minio - name: minio
env: image: docker.io/minio/minio:RELEASE.2023-07-18T17-49-40Z@sha256:8879cd0b0c4087817430e21be3ad909d60e9da62fac3e8d9368d9fde51279229
- name: MINIO_PROMETHEUS_AUTH_TYPE imagePullPolicy: IfNotPresent
value: public
image: minio/minio:RELEASE.2023-02-17T17-52-43Z
args:
- server
- --address
- 0.0.0.0:9000
- --console-address
- 0.0.0.0:9001
ports:
- containerPort: 9000
name: http
- containerPort: 9001
name: console
readinessProbe:
httpGet:
path: /minio/health/ready
port: 9000
initialDelaySeconds: 2
periodSeconds: 5
resources:
requests:
cpu: 300m
memory: 1Gi
limits:
cpu: 4000m
memory: 2Gi
volumeMounts:
- name: data
mountPath: /data
nodeSelector: nodeSelector:
dedicated: storage dedicated: storage
tolerations: tolerations:
@ -63,7 +35,7 @@ metadata:
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec: spec:
rules: rules:
- host: minio-cluster-shared.k-space.ee - host: shared.minio-clusters.k-space.ee
http: http:
paths: paths:
- pathType: Prefix - pathType: Prefix
@ -76,6 +48,7 @@ spec:
tls: tls:
- hosts: - hosts:
- "*.k-space.ee" - "*.k-space.ee"
secretName: wildcard-tls
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
@ -89,7 +62,7 @@ metadata:
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec: spec:
rules: rules:
- host: minio-cluster-shared-console.k-space.ee - host: shared-console.minio-clusters.k-space.ee
http: http:
paths: paths:
- pathType: Prefix - pathType: Prefix
@ -102,3 +75,4 @@ spec:
tls: tls:
- hosts: - hosts:
- "*.k-space.ee" - "*.k-space.ee"
secretName: wildcard-tls

View File

@ -1,6 +1,8 @@
# MySQL clusters # MariaDB clusters
This is namespace for MySQL clusters managed by [operatorlib](https://github.com/codemowers/operatorlib/tree/main/samples/mysql-database-operator) This is namespace for MariaDB clusters managed by Codemowers' sample
[mysql-database-operator](https://github.com/codemowers/operatorlib/tree/main/samples/mysql-database-operator)
which is deployed via [ArgoCD](https://argocd.k-space.ee/applications/argocd/mysql-database-operator)
``` ```
kubectl create namespace mysql-clusters kubectl create namespace mysql-clusters

View File

@ -1,63 +1,4 @@
--- ---
apiVersion: codemowers.cloud/v1beta1
kind: MysqlDatabaseClass
metadata:
name: shared
annotations:
kubernetes.io/description: "Shared MySQL cluster"
spec:
reclaimPolicy: Retain
shared: true
replicas: 3
routers: 2
storageClass: mysql
podSpec:
containers:
- name: mariadb
image: mariadb:10.9.7@sha256:198c7a5fea3d7285762042a628fe8f83f0a7ccef559605b4cc9502e65210880b
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage
---
apiVersion: codemowers.cloud/v1beta1
kind: MysqlDatabaseClass
metadata:
name: dedicated
annotations:
kubernetes.io/description: "Dedicated MySQL cluster"
spec:
reclaimPolicy: Retain
replicas: 3
routers: 2
storageClass: mysql
podSpec:
containers:
- name: mariadb
image: mariadb:10.9.7@sha256:198c7a5fea3d7285762042a628fe8f83f0a7ccef559605b4cc9502e65210880b
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage
---
apiVersion: codemowers.cloud/v1beta1
kind: MysqlDatabaseClass
metadata:
name: external
annotations:
kubernetes.io/description: "External MySQL cluster"
spec:
reclaimPolicy: Retain
shared: true
---
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
@ -89,19 +30,15 @@ spec:
containers: containers:
- name: phpmyadmin - name: phpmyadmin
image: phpmyadmin/phpmyadmin image: phpmyadmin/phpmyadmin
volumeMounts:
- name: config
mountPath: /etc/phpmyadmin/config.user.inc.php
subPath: config.user.inc.php
ports: ports:
- name: web - name: web
containerPort: 80 containerPort: 80
protocol: TCP protocol: TCP
env: env:
- name: PMA_HOSTS - name: PMA_HOSTS
value: mysql-cluster-shared.mysql-clusters,mysql-cluster.authelia,mysql-cluster.etherpad,mariadb.authelia,mariadb.nextcloud,172.20.36.1 value: shared.mysql-clusters.svc.cluster.local,external.mysql-clusters.svc.cluster.local
- name: PMA_PORTS - name: PMA_PORTS
value: 6446,6446,6446,3306,3306,3306 value: 3306,3306
- name: PMA_ABSOLUTE_URI - name: PMA_ABSOLUTE_URI
value: https://phpmyadmin.k-space.ee/ value: https://phpmyadmin.k-space.ee/
- name: UPLOAD_LIMIT - name: UPLOAD_LIMIT

View File

@ -0,0 +1,24 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: MysqlDatabaseClass
metadata:
name: dedicated
annotations:
kubernetes.io/description: "Dedicated MySQL cluster"
spec:
reclaimPolicy: Retain
replicas: 3
routers: 2
storageClass: mysql
podSpec:
containers:
- name: mariadb
image: mariadb:10.9.7@sha256:198c7a5fea3d7285762042a628fe8f83f0a7ccef559605b4cc9502e65210880b
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

View File

@ -0,0 +1,22 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: MysqlDatabaseClass
metadata:
name: external
annotations:
kubernetes.io/description: "External MySQL cluster"
spec:
reclaimPolicy: Retain
shared: true
---
apiVersion: v1
kind: Service
metadata:
name: external
spec:
type: ExternalName
externalName: 172.20.36.1
ports:
- name: mysql
port: 3306
protocol: TCP

View File

@ -0,0 +1,25 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: MysqlDatabaseClass
metadata:
name: shared
annotations:
kubernetes.io/description: "Shared MySQL cluster"
spec:
reclaimPolicy: Retain
shared: true
replicas: 3
routers: 2
storageClass: mysql
podSpec:
containers:
- name: mariadb
image: mariadb:10.9.7@sha256:198c7a5fea3d7285762042a628fe8f83f0a7ccef559605b4cc9502e65210880b
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

View File

@ -0,0 +1,11 @@
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: mysql
provisioner: rawfile.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
parameters:
fsType: "xfs"

View File

@ -1,3 +1,8 @@
# Oracle MySQL operator
We have switched to MariaDB operator and this is not actually deployed in the cluster anymore
```
helm template mysql-operator mysql-operator/mysql-operator --namespace mysql-operator --include-crds > application.yml helm template mysql-operator mysql-operator/mysql-operator --namespace mysql-operator --include-crds > application.yml
kubectl apply -n mysql-operator -f application.yml -f application-extras.yml -f networkpolicy-base.yml kubectl apply -n mysql-operator -f application.yml -f application-extras.yml -f networkpolicy-base.yml
```

View File

@ -1,6 +1,8 @@
# Postgres clusters # Postgres clusters
This is namespace for Postgres clusters managed by operator-bundle This is namespace for Postgres clusters managed by Codemowers' sample
[postgres-database-operator](https://github.com/codemowers/operatorlib/tree/main/samples/postgres-database-operator)
which is deployed via [ArgoCD](https://argocd.k-space.ee/applications/argocd/postgres-database-operator)
``` ```
kubectl create namespace postgres-clusters kubectl create namespace postgres-clusters

View File

@ -0,0 +1,23 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: PostgresDatabaseClass
metadata:
name: dedicated
annotations:
kubernetes.io/description: "Dedicated Postgres cluster"
spec:
reclaimPolicy: Retain
replicas: 3
storageClass: postgres
podSpec:
containers:
- name: postgres
image: postgres:13.11@sha256:0f18de936266e03891e186db616e530e0e4365ef5fb300d4bb27318538b80604
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

View File

@ -1,43 +1,4 @@
--- ---
apiVersion: codemowers.io/v1alpha1
kind: ClusterPostgresDatabaseClass
metadata:
name: dedicated
spec:
targetNamespace: postgres-clusters
description: "Dedicated Postgres cluster"
replicas: 3
routers: 2
storageClass: postgres
podSpec:
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage
---
apiVersion: codemowers.io/v1alpha1
kind: ClusterPostgresDatabaseClass
metadata:
name: shared
spec:
targetCluster: shared
targetNamespace: postgres-clusters
description: "Shared Postgres cluster"
replicas: 3
routers: 2
storageClass: postgres
podSpec:
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
@ -74,6 +35,16 @@ spec:
port: 8081 port: 8081
targetPort: 8081 targetPort: 8081
--- ---
apiVersion: codemowers.io/v1alpha1
kind: OIDCGWMiddlewareClient
metadata:
name: pgweb
spec:
displayName: pgweb
uri: 'https://pgweb.k-space.ee'
allowedGroups:
- k-space:floor
---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
@ -84,7 +55,7 @@ metadata:
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.tls: "true"
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
traefik.ingress.kubernetes.io/router.middlewares: traefik-sso@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: postgres-clusters-pgweb@kubernetescrd
spec: spec:
rules: rules:
- host: pgweb.k-space.ee - host: pgweb.k-space.ee

View File

@ -0,0 +1,24 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: PostgresDatabaseClass
metadata:
name: shared
annotations:
kubernetes.io/description: "Shared Postgres cluster"
spec:
reclaimPolicy: Retain
shared: true
replicas: 3
storageClass: postgres
podSpec:
containers:
- name: postgres
image: postgres:13.11@sha256:0f18de936266e03891e186db616e530e0e4365ef5fb300d4bb27318538b80604
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

View File

@ -0,0 +1,11 @@
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: postgres
provisioner: rawfile.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
parameters:
fsType: "xfs"

View File

@ -1,7 +1,8 @@
# Redis clusters # Redis clusters
This is namespace for Redis clusters managed by This is namespace for Redis clusters managed by Codemowers' sample
[Codemowers' Operator Bundle](https://github.com/codemowers/operator-bundle) [redis-operator](https://github.com/codemowers/operatorlib/tree/main/samples/redis-operator)
which is deployed via [ArgoCD](https://argocd.k-space.ee/applications/argocd/redis-operator)
``` ```
kubectl create namespace redis-clusters kubectl create namespace redis-clusters

View File

@ -1,43 +0,0 @@
---
apiVersion: codemowers.io/v1alpha1
kind: ClusterRedisClass
metadata:
name: persistent
spec:
targetNamespace: redis-clusters
description: "Persistent Redis instance"
replicas: 3
storageClass: redis
podSpec:
imagePullPolicy: Never
containers:
- name: redis
image: codemowers/keydb:6.3.2
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage
---
apiVersion: codemowers.io/v1alpha1
kind: ClusterRedisClass
metadata:
name: ephemeral
spec:
targetNamespace: redis-clusters
description: "Ephemeral Redis instance"
replicas: 3
podSpec:
imagePullPolicy: Never
containers:
- name: redis
image: codemowers/keydb:6.3.2
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

18
redis-clusters/cache.yaml Normal file
View File

@ -0,0 +1,18 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: RedisClass
metadata:
name: cache
annotations:
kubernetes.io/description: "Caching Redis instance"
spec:
reclaimPolicy: Delete
replicas: 1
podSpec:
containers:
- name: redis
image: docker.io/library/redis:7.0.11@sha256:1008c73f08e9f913868e2fa2e843212b62ea5bf3c66435d87bc7a6207bc0f1b4
imagePullPolicy: IfNotPresent
args:
- --maxmemory-policy
- volatile-lfu

View File

@ -0,0 +1,22 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: RedisClass
metadata:
name: ephemeral
annotations:
kubernetes.io/description: "Ephemeral Redis cluster"
spec:
reclaimPolicy: Delete
replicas: 3
podSpec:
containers:
- name: redis
image: docker.io/library/redis:7.0.11@sha256:1008c73f08e9f913868e2fa2e843212b62ea5bf3c66435d87bc7a6207bc0f1b4
imagePullPolicy: IfNotPresent
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

View File

@ -0,0 +1,25 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: RedisClass
metadata:
name: persistent
annotations:
kubernetes.io/description: "Persistent Redis instance"
spec:
reclaimPolicy: Retain
replicas: 3
storageClass: redis
podSpec:
containers:
- name: redis
image: docker.io/library/redis:7.0.11@sha256:1008c73f08e9f913868e2fa2e843212b62ea5bf3c66435d87bc7a6207bc0f1b4
imagePullPolicy: IfNotPresent
args:
- --activedefrag yes
nodeSelector:
dedicated: storage
tolerations:
- effect: NoSchedule
key: dedicated
operator: Equal
value: storage

View File

View File

@ -0,0 +1,11 @@
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: redis
provisioner: rawfile.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
parameters:
fsType: "xfs"

View File

@ -12,17 +12,6 @@ parameters:
--- ---
apiVersion: storage.k8s.io/v1 apiVersion: storage.k8s.io/v1
kind: StorageClass kind: StorageClass
metadata:
name: minio
provisioner: rawfile.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
parameters:
fsType: "xfs"
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata: metadata:
name: prometheus name: prometheus
provisioner: rawfile.csi.openebs.io provisioner: rawfile.csi.openebs.io
@ -34,28 +23,6 @@ parameters:
--- ---
apiVersion: storage.k8s.io/v1 apiVersion: storage.k8s.io/v1
kind: StorageClass kind: StorageClass
metadata:
name: postgres
provisioner: rawfile.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
parameters:
fsType: "xfs"
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: mysql
provisioner: rawfile.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: WaitForFirstConsumer
allowVolumeExpansion: true
parameters:
fsType: "xfs"
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata: metadata:
name: woodpecker name: woodpecker
provisioner: driver.longhorn.io provisioner: driver.longhorn.io