github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-28 18:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
198 Commits 141 Branches 83 Tags
release-0.10
Commit Graph

67 Commits

Author SHA1 Message Date
Andrei Kvapil
91b0499ae2 Prepare release v0.10.4 2024-08-09 14:51:30 +02:00
Andrei Kvapil
4a885ab0e7 fix network-policies 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-08-09 12:50:09 +02:00
Andrei Kvapil
f81be0758e Prepare release v0.10.3 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-08-08 22:04:27 +02:00
Andrei Kvapil
0864020afa Fix hardcoded values in ingress resource (#269) 2024-08-08 20:58:37 +02:00
Andrei Kvapil
0619e3d7f4 Fix ingress forward both 80 and 443 ports to tenant clusters (#243) 2024-07-30 19:25:31 +02:00
Andrei Kvapil
ac11056e0a Prepare release v0.10.1 (#238) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-26 13:58:08 +02:00
Andrei Kvapil
32f22adb26 ingress forward both 80 and 443 ports to tenant clusters (#235) 
We need to separate HTTP and HTTPS traffic and send them into tenant
clusters.
Currently traffic was sending only on HTTPS port, this PR enables HTTP
traffic forwarding.

Nginx ingress does not support setting correct upstream according to
type of traffic (http or https)
There are set of issues in upstream.

- https://github.com/kubernetes/ingress-nginx/issues/1655
- https://github.com/kubernetes/ingress-nginx/issues/9061
- https://github.com/kubernetes/ingress-nginx/issues/11334

Good to know that we found reliable workaround

fixes:
https://github.com/aenix-io/cozystack/issues/209#issuecomment-2215021489
 2024-07-26 12:01:28 +02:00
Andrei Kvapil
4c5a37d75b Kubernetes: fix node-role labels propogation (#234) 
fixes https://github.com/aenix-io/cozystack/issues/209
 2024-07-26 12:01:13 +02:00
Andrei Kvapil
7ad3725dad Fix kubelet garbage collection and introduce ephemeralStorage parameter (#239) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-26 12:00:42 +02:00
Andrei Kvapil
e97160918f Prepare release v0.10.0 (#230) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-23 18:58:08 +02:00
Andrei Kvapil
d0758692d1 Fix Kafka topics creation (#231) 
this PR fixes an error:
```spec.replicas: Invalid value: "string": spec.replicas in body must be of type integer```

---------

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-23 12:15:16 +02:00
Andrei Kvapil
bad59ec444 Add option to enable dashboard in ingress-nginx (#229) 
Add option to enable dashboard in ingress

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-22 23:35:16 +02:00
Andrei Kvapil
ceefae03e9 Add network policies to enforce tenant isolation (#228) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-22 23:32:54 +02:00
Andrei Kvapil
5b39ced0a1 Add NATS (#224) 
Very basic NATS application

![Screenshot 2024-07-19 at 14 33
54](https://github.com/user-attachments/assets/3e4e1df3-b548-434e-aaca-a09fb2642284)

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-22 23:31:56 +02:00
Andrei Kvapil
ec283c33a4 postgres: automatically set schema permissions (#216) 
This PR refactors postgress configuration script:
- Added event trigger on creating new schemas for automatically set
owner
- Refactored logic for fixing permissions for all objects in all schemas

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-22 23:31:32 +02:00
Marian Koreniuk
9bbdb11aab Merge pull request #218 from aenix-io/logos 
Ship all logos with Cozystack
 2024-07-18 19:53:20 +02:00
Andrei Kvapil
bbd2ca81a3 fix: ferretdb set schedma owner (#220) 
undefined
 2024-07-17 12:48:43 +02:00
Andrei Kvapil
e265e8bc43 Ship all logos with Cozystack 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-16 17:31:52 +02:00
Andrei Kvapil
4ffa861534 add ferretdb 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-16 10:23:27 +02:00
Andrei Kvapil
5bbc488e9c Prepare release 0.9.0 (#207) 2024-07-10 20:25:29 +02:00
Andrei Kvapil
4cbc8a2c33 Upgrade tenant Kubernetes v1.30.1 (#206) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-08 22:51:50 +02:00
Andrei Kvapil
9709059fb7 kubernetes: Allow upgrading existing node groups (#205) 
This PR introduces change to allow upgrading existing node groups for
tenant Kubernetes cluster:

This fixes the error:
```
Status: Failed (UpgradeFailed: Helm upgrade failed for release tenant-test0/kubernetes-test0 with chart kubernetes@0.3.0: cannot patch "kubernetes-test0-md0" with kind KubevirtMachineTemplate: admission webhook "validation.kubevirtmachinetemplate.infrastructure.cluster.x-k8s.io" denied the request: KubevirtMachineTemplateSpec is immutable)
```

This is done by generating unique names for KubevirtMachineTemplate
based on hash from spec. Old KubevirtMachineTemplates keep existing in
the cluster until some MachineSet continues using them.

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-08 22:49:35 +02:00
Andrei Kvapil
3ac170184e Fix: kafka replicas and partitions (#192) 
Fix kafka app to unhardcode partitions number
fixes problem with unability to specify number of partitions and
replicas for them

also possible fixes https://github.com/aenix-io/cozystack/issues/163

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-04 14:16:23 +02:00
Andrei Kvapil
15478a8807 Prepare release v0.8.0 (#194) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-07-04 10:32:26 +02:00
Kingdon Barrett
2ab9a386cd Fine-tuning Flux configuration (#196) 
Fix #195

Don't set the `interval` so short on HelmReleases, with this many
HelmReleases that really hamstrings the control plane.

Also, copy the install/upgrade remediation config from system packages
to the Kubernetes templates for addon packages (cilium, flux, ingress) -
in my testing the ingress-nginx chart fails every time the first time.
Maybe that should be filed as a separate issue, I haven't looked into
detail, it is some issue related to a secret not being created, I think
it said something related to an admission controller.

Looks as though it's a conflict with being installed at the same time as
the cert-manager addon.

Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
 2024-07-04 02:28:57 +02:00
Kingdon Barrett
07384c40f8 Tenant nginx ingress (fixes) (#191) 
I am testing install with this PR #183 and I had some issues, these
should help

---------

Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
 2024-06-28 09:02:41 +02:00
Andrei Kvapil
7462be79be add fluxcd addon 2024-06-26 03:12:21 +02:00
Andrei Kvapil
c01604fb7f fix typo in cert-manager addon 2024-06-26 03:10:09 +02:00
Andrei Kvapil
c22a6792c2 add tenant nginx-ingress 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-06-26 03:09:35 +02:00
Marian Koreniuk
18579abdcd Merge pull request #183 from aenix-io/tenant-nginx-ingress 
Managed tenant nginx ingress controller
 2024-06-25 17:32:31 +02:00
Andrei Kvapil
6bd2d45531 add tenant nginx-ingress 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-06-25 15:50:43 +02:00
Kingdon Barrett
d841a20635 Fix typo (#179) 
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
 2024-06-25 11:53:31 +02:00
Andrei Kvapil
246b44945e add certManager addon 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-06-25 11:08:00 +02:00
Andrei Kvapil
97bd1634a7 Merge branch 'main' into upd-flux 2024-06-24 13:13:54 +02:00
Andrei Kvapil
995dea6f5c postgres: option to enable quorum-based replication 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-06-21 10:12:32 +02:00
Kingdon Barrett
931e39fb5c Upgrade to Flux 2.3.x (#167) 
Signed-off-by: Kingdon Barrett <kingdon+github@tuesdaystudios.com>
Co-authored-by: Andrei Kvapil <kvapss@gmail.com>
 2024-06-17 16:02:32 +02:00
Andrei Kvapil
8019256dfc Fix: clickhouse user login (#160) 2024-05-29 17:57:03 +02:00
Andrei Kvapil
d7cfa53cd4 Prepare release v0.7.0 (#156) 2024-05-29 10:04:22 +02:00
Andrei Kvapil
5f01f30fe7 kubernetes: specify correct dns address (#147) 2024-05-22 08:32:06 +02:00
Andrei Kvapil
6cae6ce8ce kubernetes: enable bpf masqurade and tunnel routing (#144) 2024-05-21 11:22:37 +02:00
Andrei Kvapil
4a97e297d4 postgres: fix users and roles (#138) 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-05-21 02:29:49 +02:00
Marian Koreniuk
6abaf7c0fa switched place -maxdepth im Makefiles (#140) 2024-05-21 02:29:34 +02:00
Andrei Kvapil
007d414f0e Prepare release v0.6.0 (#135) 2024-05-16 16:11:37 +02:00
Andrei Kvapil
7caccec11d upd kubernetes (#134) 
* Allow root login without password

* add ephemeral volumes for containerd and kubelet

* update kubernetes application
 2024-05-16 14:04:00 +02:00
Andrei Kvapil
c0685f4318 Prepare release v0.5.0 (#126) 
* Prepare release v0.5.0

* fix mariadb
 2024-05-10 12:52:57 +02:00
Andrei Kvapil
4da8ac3b77 Add schema generation and remove default values (#110) 
* Add schema generation and remove default values

* fix monitoring schema generation

* fix default values


Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-05-09 10:45:57 +02:00
Andrei Kvapil
53f2365e79 Fix: kubernetes and etcd-operator issues (#119) 
* Fix datastore creation depends on created secrets

* Add basic topologySpreadConstraints

* Fix kubernetes chart post-rendering

* Update release images
 2024-05-06 13:59:43 +02:00
Andrei Kvapil
fca349c641 Update Talos v1.7.1 2024-05-04 07:32:08 +02:00
Andrei Kvapil
0b38599394 Prepare release v0.4.0 
Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
 2024-05-03 23:12:35 +02:00
Andrei Kvapil
0a33950a40 Prepare release v0.4.0 (#115) 2024-05-03 23:02:41 +02:00