diff --git a/kube/clusters/biohazard/flux/kustomization.yaml b/kube/clusters/biohazard/flux/kustomization.yaml index 46ee3e39..a2756363 100644 --- a/kube/clusters/biohazard/flux/kustomization.yaml +++ b/kube/clusters/biohazard/flux/kustomization.yaml @@ -43,6 +43,7 @@ resources: # - ../../../deploy/apps/renovate/ # - ../../../deploy/apps/kubevirt/ - ../../../deploy/apps/default/ + - ../../../deploy/apps/spegel/ - ../../../deploy/apps/whoogle/ - ../../../deploy/apps/searxng/ - ../../../deploy/apps/cyberchef/ diff --git a/kube/clusters/biohazard/talos/talconfig.yaml b/kube/clusters/biohazard/talos/talconfig.yaml index 9c448039..1e20d7f3 100755 --- a/kube/clusters/biohazard/talos/talconfig.yaml +++ b/kube/clusters/biohazard/talos/talconfig.yaml @@ -84,9 +84,11 @@ nodes: hostname: "chise.${DNS_CLUSTER}" # M720q, i3 4C4T, 32GB RAM, 512GB OS NVMe ipAddress: "${IP_ROUTER_VLAN_K8S_PREFIX}3" networkInterfaces: - - interface: "enp1s0d1" - mtu: 9000 # TODO: switch to 9000 once M720q risers arrive + - mtu: 9000 # TODO: switch to 9000 once M720q risers arrive dhcp: false + deviceSelector: + driver: "mlx4_core" + hardwareAddr: "*:80" vlans: - <<: *m720q-v58 addresses: ["${IP_ROUTER_VLAN_K8S_PREFIX}3/28"] @@ -227,6 +229,20 @@ controlPlane: wsize=131072 nconnect=8 + # patch containerd for spegel (discard) + - &containerdPatches |- + machine: + files: + - op: create + path: /etc/nfsmount.conf + permissions: 0o644 + content: | + [plugins."io.containerd.grpc.v1.cri"] + enable_unprivileged_ports = true + enable_unprivileged_icmp = true + [plugins."io.containerd.grpc.v1.cri".containerd] + discard_unpacked_layers = false + worker: patches: - *kubeletExtraArgs @@ -238,3 +254,4 @@ worker: # TODO: https://github.com/siderolabs/talos/issues/3129 - *encryptedOSD - *nfsMountOptions + - *containerdPatches \ No newline at end of file diff --git a/kube/deploy/apps/spegel/app/hr.yaml b/kube/deploy/apps/spegel/app/hr.yaml new file mode 100644 index 00000000..e078c42b --- /dev/null +++ b/kube/deploy/apps/spegel/app/hr.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: &app spegel + namespace: *app +spec: + chart: + spec: + chart: spegel + version: 2.0.3 + sourceRef: + name: spegel + kind: HelmRepository + namespace: flux-system + values: + spegel: + containerdSock: /run/containerd/containerd.sock + containerdRegistryConfigPath: /etc/cri/conf.d/hosts + serviceMonitor: + enabled: true \ No newline at end of file diff --git a/kube/deploy/apps/spegel/ks.yaml b/kube/deploy/apps/spegel/ks.yaml new file mode 100644 index 00000000..5c30c1cd --- /dev/null +++ b/kube/deploy/apps/spegel/ks.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: spegel-app + namespace: flux-system +spec: + path: ./kube/deploy/apps/spegel/app + dependsOn: [] \ No newline at end of file diff --git a/kube/deploy/apps/spegel/kustomization.yaml b/kube/deploy/apps/spegel/kustomization.yaml new file mode 100644 index 00000000..eab801a8 --- /dev/null +++ b/kube/deploy/apps/spegel/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - repo.yaml + - ks.yaml diff --git a/kube/deploy/apps/spegel/repo.yaml b/kube/deploy/apps/spegel/repo.yaml new file mode 100644 index 00000000..c85806e8 --- /dev/null +++ b/kube/deploy/apps/spegel/repo.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: spegel + namespace: flux-system +spec: + interval: 10m0s + timeout: 3m0s + type: oci + url: oci://ghcr.io/xenitab/helm-charts \ No newline at end of file diff --git a/kube/deploy/core/monitoring/grafana/app/hr.yaml b/kube/deploy/core/monitoring/grafana/app/hr.yaml index 8544222f..5a9310a6 100644 --- a/kube/deploy/core/monitoring/grafana/app/hr.yaml +++ b/kube/deploy/core/monitoring/grafana/app/hr.yaml @@ -153,6 +153,11 @@ spec: kubernetes-pods: url: https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-pods.json datasource: Prometheus + spegel: + # renovate: depName="Spegel" + gnetId: 18089 + revision: 1 + datasource: Prometheus nginx: nginx: url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/nginx.json