From 26fd95dfce416eddfc7b38f4e7e69efe695708c0 Mon Sep 17 00:00:00 2001 From: JJGadgets Date: Thu, 23 Jan 2025 03:32:55 +0800 Subject: [PATCH] feat(z2m): CephFS, Litestream, ks components --- kube/deploy/apps/zigbee2mqtt/app/hr.yaml | 64 +++++++++++++++++-- kube/deploy/apps/zigbee2mqtt/ks.yaml | 28 +++----- .../litestream/template/externalsecret.yaml | 2 +- .../db/litestream/template/kustomization.yaml | 5 +- .../volsync/template/kustomization.yaml | 8 +++ 5 files changed, 79 insertions(+), 28 deletions(-) diff --git a/kube/deploy/apps/zigbee2mqtt/app/hr.yaml b/kube/deploy/apps/zigbee2mqtt/app/hr.yaml index e1abd008..e017f0d9 100644 --- a/kube/deploy/apps/zigbee2mqtt/app/hr.yaml +++ b/kube/deploy/apps/zigbee2mqtt/app/hr.yaml @@ -65,11 +65,11 @@ spec: capabilities: drop: ["ALL"] add: ["NET_BIND_SERVICE"] - resources: - requests: - cpu: "10m" - limits: - memory: "256Mi" + # resources: + # requests: + # cpu: "10m" + # limits: + # memory: "256Mi" probes: liveness: enabled: true @@ -81,6 +81,34 @@ spec: failureThreshold: 300 periodSeconds: 1 initialDelaySeconds: 10 + litestream: &ls + image: + repository: "docker.io/litestream/litestream" + tag: "0.3.13@sha256:027eda2a89a86015b9797d2129d4dd447e8953097b4190e1d5a30b73e76d8d58" + args: ["replicate"] + envFrom: + - secretRef: + name: litestream-secrets + env: &lsenv + DB_PATH: "/config/database.db" + REMOTE_PATH: "zigbee2mqtt/database" + VALIDATION_INTERVAL: "24h" + AGE_PUBKEY: + valueFrom: + secretKeyRef: + name: "litestream-agekey" + key: "AGE_PUBKEY" + AGE_SECRET: + valueFrom: + secretKeyRef: + name: "litestream-agekey" + key: "AGE_SECRET" + securityContext: *sc + initContainers: + 01-litestream-restore: + <<: *ls + args: ["restore", "-if-db-not-exists", "-if-replica-exists", "/config/database.db"] + env: *lsenv service: zigbee2mqtt: controller: zigbee2mqtt @@ -117,6 +145,16 @@ spec: globalMounts: - subPath: configlog path: /config/log + litestream: + type: secret + name: "litestream-secrets" + advancedMounts: + home-assistant: + litestream: &lsmnt + - subPath: "litestream.yml" + path: "/etc/litestream.yml" + readOnly: true + 01-litestream-restore: *lsmnt defaultPodOptions: automountServiceAccountToken: false enableServiceLinks: false @@ -146,3 +184,19 @@ spec: - matchExpressions: - key: fuckoff.home.arpa/zigbee2mqtt operator: DoesNotExist + postRenderers: + - kustomize: + patches: + - target: + kind: Deployment + name: zigbee2mqtt + patch: | + spec: + template: + spec: + resources: + requests: + cpu: 30m + limits: + cpu: 1 + memory: 256Mi diff --git a/kube/deploy/apps/zigbee2mqtt/ks.yaml b/kube/deploy/apps/zigbee2mqtt/ks.yaml index d9e35684..d542bd30 100644 --- a/kube/deploy/apps/zigbee2mqtt/ks.yaml +++ b/kube/deploy/apps/zigbee2mqtt/ks.yaml @@ -9,24 +9,11 @@ metadata: spec: commonMetadata: labels: *l + targetNamespace: "zigbee2mqtt" path: ./kube/deploy/apps/zigbee2mqtt/app - targetNamespace: "zigbee2mqtt" - dependsOn: - - name: zigbee2mqtt-pvc ---- -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: zigbee2mqtt-pvc - namespace: flux-system - labels: &l - app.kubernetes.io/name: "zigbee2mqtt" - pvc.home.arpa/volsync: "true" -spec: - commonMetadata: - labels: *l - path: ./kube/deploy/core/storage/volsync/template - targetNamespace: "zigbee2mqtt" + components: + - ../../../core/db/litestream/template/ + - ../../../core/storage/volsync/template/ dependsOn: - name: 1-core-storage-volsync-app - name: 1-core-storage-snapscheduler-app @@ -35,10 +22,11 @@ spec: substitute: PVC: "zigbee2mqtt-data" SIZE: "1Gi" - SC: &sc "block" + SC: &sc "file" SNAP: *sc - ACCESSMODE: &am "ReadWriteOnce" - SNAP_ACCESSMODE: *am + ACCESSMODE: "ReadWriteMany" + SNAP_ACCESSMODE: "ReadOnlyMany" RUID: &uid "1000" RGID: *uid RFSG: *uid + LS_AGE_ES: "zigbee2mqtt" diff --git a/kube/deploy/core/db/litestream/template/externalsecret.yaml b/kube/deploy/core/db/litestream/template/externalsecret.yaml index 84118ddf..e1a7e524 100644 --- a/kube/deploy/core/db/litestream/template/externalsecret.yaml +++ b/kube/deploy/core/db/litestream/template/externalsecret.yaml @@ -49,7 +49,7 @@ spec: name: 1p dataFrom: - extract: - key: "Litestream - ${CLUSTER_NAME}" + key: "${LS_AGE_ES:=Litestream} - ${CLUSTER_NAME}" target: creationPolicy: Owner deletionPolicy: Retain diff --git a/kube/deploy/core/db/litestream/template/kustomization.yaml b/kube/deploy/core/db/litestream/template/kustomization.yaml index 5d3469d8..00600967 100644 --- a/kube/deploy/core/db/litestream/template/kustomization.yaml +++ b/kube/deploy/core/db/litestream/template/kustomization.yaml @@ -1,5 +1,6 @@ --- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component resources: - ./externalsecret.yaml diff --git a/kube/deploy/core/storage/volsync/template/kustomization.yaml b/kube/deploy/core/storage/volsync/template/kustomization.yaml index da2985c9..5d562730 100644 --- a/kube/deploy/core/storage/volsync/template/kustomization.yaml +++ b/kube/deploy/core/storage/volsync/template/kustomization.yaml @@ -9,3 +9,11 @@ resources: - rdst.yaml - rsrc-r2.yaml # - rsrc-rgw.yaml +--- +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component +resources: + - pvc.yaml + - externalsecret-r2.yaml + - rdst.yaml + - rsrc-r2.yaml