mirror of
https://github.com/outbackdingo/cozystack.git
synced 2026-01-28 18:18:41 +00:00
Andrei Kvapil
9
packages/apps/tenant/templates/_helpers.tpl
Normal file
9
packages/apps/tenant/templates/_helpers.tpl
Normal file
@@ -0,0 +1,9 @@
|
||||
{{- define "tenant.name" -}}
|
||||
{{- if ne (len (splitList "-" .Release.Name)) 1 }}
|
||||
{{- fail (printf "Release name should not contain dashes: %s" .Release.Name) }}
|
||||
{{- end }}
|
||||
{{- printf "tenant-%s" .Release.Name }}
|
||||
{{- if and (ne .Release.Namespace "tenant-root") (hasPrefix "tenant-" .Release.Namespace) }}
|
||||
{{- printf "%s-%s" .Release.Namespace .Release.Name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
21
packages/apps/tenant/templates/addresses.yaml
Normal file
21
packages/apps/tenant/templates/addresses.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: addresses
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
labels:
|
||||
cozystack.io/ui: "true"
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
spec:
|
||||
chart:
|
||||
spec:
|
||||
chart: cozy-addresses
|
||||
reconcileStrategy: Revision
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: cozystack-extra
|
||||
namespace: cozy-public
|
||||
version: 0.1.0
|
||||
interval: 1m0s
|
||||
timeout: 5m0s
|
||||
34
packages/apps/tenant/templates/etcd.yaml
Normal file
34
packages/apps/tenant/templates/etcd.yaml
Normal file
@@ -0,0 +1,34 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: etcd
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
labels:
|
||||
cozystack.io/ui: "true"
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
spec:
|
||||
chart:
|
||||
spec:
|
||||
chart: cozy-etcd
|
||||
reconcileStrategy: Revision
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: cozystack-extra
|
||||
namespace: cozy-public
|
||||
version: 0.1.0
|
||||
interval: 1m0s
|
||||
timeout: 5m0s
|
||||
values:
|
||||
metricsStorages:
|
||||
- name: shortterm
|
||||
retentionPeriod: "3d"
|
||||
deduplicationInterval: "5m"
|
||||
storage: 10Gi
|
||||
- name: longterm
|
||||
retentionPeriod: "14d"
|
||||
deduplicationInterval: "15s"
|
||||
storage: 10Gi
|
||||
|
||||
oncall:
|
||||
enabled: false
|
||||
22
packages/apps/tenant/templates/ingress.yaml
Normal file
22
packages/apps/tenant/templates/ingress.yaml
Normal file
@@ -0,0 +1,22 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: ingress
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
labels:
|
||||
cozystack.io/ui: "true"
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
spec:
|
||||
chart:
|
||||
spec:
|
||||
chart: cozy-ingress
|
||||
reconcileStrategy: Revision
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: cozystack-extra
|
||||
namespace: cozy-public
|
||||
version: 0.1.0
|
||||
interval: 1m0s
|
||||
timeout: 5m0s
|
||||
values: {}
|
||||
34
packages/apps/tenant/templates/monitoring.yaml
Normal file
34
packages/apps/tenant/templates/monitoring.yaml
Normal file
@@ -0,0 +1,34 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: monitoring
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
labels:
|
||||
cozystack.io/ui: "true"
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
spec:
|
||||
chart:
|
||||
spec:
|
||||
chart: cozy-monitoring
|
||||
reconcileStrategy: Revision
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: cozystack-extra
|
||||
namespace: cozy-public
|
||||
version: 0.1.0
|
||||
interval: 1m0s
|
||||
timeout: 5m0s
|
||||
values:
|
||||
metricsStorages:
|
||||
- name: shortterm
|
||||
retentionPeriod: "3d"
|
||||
deduplicationInterval: "5m"
|
||||
storage: 10Gi
|
||||
- name: longterm
|
||||
retentionPeriod: "14d"
|
||||
deduplicationInterval: "15s"
|
||||
storage: 10Gi
|
||||
|
||||
oncall:
|
||||
enabled: false
|
||||
@@ -1,36 +1,41 @@
|
||||
{{- if ne (len (splitList "-" .Release.Name)) 1 }}
|
||||
{{- fail (printf "Release name should not contain dashes: %s" .Release.Name) }}
|
||||
{{- end }}
|
||||
{{- $tenantName := (printf "tenant-%s" .Release.Name) }}
|
||||
{{- if and (ne .Release.Namespace "tenant-root") (hasPrefix "tenant-" .Release.Namespace) }}
|
||||
{{- $tenantName = (printf "%s-%s" .Release.Namespace .Release.Name) }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
{{- if hasPrefix "tenant-" .Release.Namespace }}
|
||||
{{- $existingNS := lookup "v1" "Namespace" "" .Release.Namespace }}
|
||||
{{- if $existingNS }}
|
||||
ownerReferences:
|
||||
- apiVersion: v1
|
||||
blockOwnerDeletion: true
|
||||
controller: true
|
||||
kind: Namespace
|
||||
name: {{ .Release.Namespace }}
|
||||
uid: {{ $existingNS.metadata.uid }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
namespace: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
namespace: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
annotations:
|
||||
kubernetes.io/service-account.name: {{ $tenantName }}
|
||||
kubernetes.io/service-account.name: {{ include "tenant.name" . }}
|
||||
type: kubernetes.io/service-account-token
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
namespace: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["*"]
|
||||
@@ -42,8 +47,8 @@ rules:
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
namespace: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
subjects:
|
||||
{{- if ne .Release.Namespace "tenant-root" }}
|
||||
- kind: ServiceAccount
|
||||
@@ -61,17 +66,17 @@ subjects:
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- kind: ServiceAccount
|
||||
name: {{ $tenantName }}
|
||||
namespace: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: cozy-public
|
||||
rules:
|
||||
- apiGroups: ["source.toolkit.fluxcd.io"]
|
||||
@@ -84,13 +89,13 @@ rules:
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: cozy-public
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ $tenantName }}
|
||||
namespace: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
namespace: {{ include "tenant.name" . }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ $tenantName }}
|
||||
name: {{ include "tenant.name" . }}
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
||||
7
packages/apps/tenant/values.yaml
Normal file
7
packages/apps/tenant/values.yaml
Normal file
@@ -0,0 +1,7 @@
|
||||
ownEtcd: false
|
||||
ownMonitoring: false
|
||||
ownIngress: false
|
||||
ownAddresses: false
|
||||
|
||||
domain: example.org
|
||||
storageClass: linstor-lvm
|
||||
@@ -1,14 +1,14 @@
|
||||
{
|
||||
"containerimage.config.digest": "sha256:ebdd696428a92af919a25f7c5027490ba40c81dfc171aa24017594daba0117b6",
|
||||
"containerimage.config.digest": "sha256:dd8460f8246e5c91bce19e507be5b1074662a9edaec0e8dd2ddd0f31b1011faf",
|
||||
"containerimage.descriptor": {
|
||||
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
|
||||
"digest": "sha256:092089b46a3fac5eb389a2ff14553f72ea7665837e62722d23113f8cd772f1e7",
|
||||
"digest": "sha256:88967f46141e47b773947b38315a518536550ead4eb43bfc265b954b8697aee4",
|
||||
"size": 2074,
|
||||
"platform": {
|
||||
"architecture": "amd64",
|
||||
"os": "linux"
|
||||
}
|
||||
},
|
||||
"containerimage.digest": "sha256:092089b46a3fac5eb389a2ff14553f72ea7665837e62722d23113f8cd772f1e7",
|
||||
"containerimage.digest": "sha256:88967f46141e47b773947b38315a518536550ead4eb43bfc265b954b8697aee4",
|
||||
"image.name": "ghcr.io/aenix-io/cozystack/installer:latest"
|
||||
}
|
||||
2
packages/extra/addresses/Chart.yaml
Normal file
2
packages/extra/addresses/Chart.yaml
Normal file
@@ -0,0 +1,2 @@
|
||||
name: cozy-addresses
|
||||
version: 1.0.0
|
||||
4
packages/extra/addresses/values.yaml
Normal file
4
packages/extra/addresses/values.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
pools:
|
||||
- name: local
|
||||
addresses:
|
||||
- 192.168.100.200-192.168.100.250
|
||||
23
packages/extra/etcd/.helmignore
Normal file
23
packages/extra/etcd/.helmignore
Normal file
@@ -0,0 +1,23 @@
|
||||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
||||
25
packages/extra/etcd/Chart.yaml
Normal file
25
packages/extra/etcd/Chart.yaml
Normal file
@@ -0,0 +1,25 @@
|
||||
apiVersion: v2
|
||||
name: cozy-etcd
|
||||
description: Managed Redis service
|
||||
icon: https://cdn4.iconfinder.com/data/icons/redis-2/1451/Untitled-2-512.png
|
||||
|
||||
# A chart can be either an 'application' or a 'library' chart.
|
||||
#
|
||||
# Application charts are a collection of templates that can be packaged into versioned archives
|
||||
# to be deployed.
|
||||
#
|
||||
# Library charts provide useful utilities or functions for the chart developer. They're included as
|
||||
# a dependency of application charts to inject those utilities and functions into the rendering
|
||||
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
|
||||
type: application
|
||||
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 0.1.1
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "1.16.0"
|
||||
52
packages/extra/etcd/templates/redisfailover.yaml
Normal file
52
packages/extra/etcd/templates/redisfailover.yaml
Normal file
@@ -0,0 +1,52 @@
|
||||
apiVersion: databases.spotahome.com/v1
|
||||
kind: RedisFailover
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
labels:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
spec:
|
||||
sentinel:
|
||||
replicas: 3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
limits:
|
||||
memory: 100Mi
|
||||
redis:
|
||||
replicas: 3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 150m
|
||||
memory: 400Mi
|
||||
limits:
|
||||
cpu: 2
|
||||
memory: 1000Mi
|
||||
{{- with .Values.size }}
|
||||
storage:
|
||||
persistentVolumeClaim:
|
||||
metadata:
|
||||
name: redisfailover-persistent-data
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ . }}
|
||||
{{- end }}
|
||||
exporter:
|
||||
enabled: true
|
||||
image: oliver006/redis_exporter:v1.55.0-alpine
|
||||
args:
|
||||
- --web.telemetry-path
|
||||
- /metrics
|
||||
env:
|
||||
- name: REDIS_EXPORTER_LOG_FORMAT
|
||||
value: txt
|
||||
customConfig:
|
||||
- tcp-keepalive 0
|
||||
- loglevel notice
|
||||
{{- if not .Values.size }}
|
||||
- appendonly no
|
||||
- save ""
|
||||
{{- end }}
|
||||
25
packages/extra/etcd/templates/service.yaml
Normal file
25
packages/extra/etcd/templates/service.yaml
Normal file
@@ -0,0 +1,25 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-external-lb
|
||||
labels:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
annotations:
|
||||
metallb.universe.tf/address-pool: {{ .Values.primaryService.ipPool }}
|
||||
metallb.universe.tf/ip-allocated-from-pool: {{ .Values.primaryService.ipPool }}
|
||||
metallb.universe.tf/loadBalancerIPs: {{ .Values.primaryService.ipAddress }}
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
externalTrafficPolicy: Local
|
||||
allocateLoadBalancerNodePorts: false
|
||||
selector:
|
||||
app.kubernetes.io/component: redis
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: redis-failover
|
||||
redisfailovers-role: master
|
||||
ports:
|
||||
- name: redis
|
||||
port: 6379
|
||||
targetPort: redis
|
||||
47
packages/extra/etcd/templates/servicescrape.yaml
Normal file
47
packages/extra/etcd/templates/servicescrape.yaml
Normal file
@@ -0,0 +1,47 @@
|
||||
apiVersion: operator.victoriametrics.com/v1beta1
|
||||
kind: VMServiceScrape
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
labels:
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
spec:
|
||||
jobLabel: jobLabel
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
endpoints:
|
||||
- metricRelabelConfigs:
|
||||
relabelConfigs:
|
||||
- replacement: redis
|
||||
targetLabel: job
|
||||
- sourceLabels: [__meta_kubernetes_pod_node_name]
|
||||
targetLabel: node
|
||||
- replacement: cluster
|
||||
targetLabel: tier
|
||||
- target_label: service
|
||||
replacement: {{ .Release.Name }}
|
||||
port: metrics
|
||||
jobLabel: jobLabel
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Release.Name }}-metrics
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-metrics
|
||||
labels:
|
||||
app: {{ .Release.Name }}-metrics
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
annotations:
|
||||
spec:
|
||||
selector:
|
||||
app.kubernetes.io/component: redis
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: redis-failover
|
||||
ports:
|
||||
- name: metrics
|
||||
port: 9121
|
||||
targetPort: metrics
|
||||
4
packages/extra/etcd/values.yaml
Normal file
4
packages/extra/etcd/values.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
size: 5Gi
|
||||
primaryService:
|
||||
ipPool: private-ips
|
||||
ipAddress: 10.100.255.24
|
||||
2
packages/extra/ingress/Chart.yaml
Normal file
2
packages/extra/ingress/Chart.yaml
Normal file
@@ -0,0 +1,2 @@
|
||||
name: cozy-ingress
|
||||
version: 1.0.0
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user