Compare commits
10 commits
8ad13a63af
...
a6c78aa4d7
| Author | SHA1 | Date | |
|---|---|---|---|
|
a6c78aa4d7 | ||
6d381fed6d
|
|||
|
2effae21fd
|
|||
|
551ff7ce1e
|
|||
|
2ed2c69a33
|
|||
|
0ed95db434
|
|||
|
b68309f66f
|
|||
|
2208c1ebdd
|
|||
|
5147b845a3
|
|||
|
599a939792
|
7 changed files with 190 additions and 38 deletions
31
apps/cluster-infrastructure/cilium.yaml
Normal file
31
apps/cluster-infrastructure/cilium.yaml
Normal file
|
|
@ -0,0 +1,31 @@
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: cilium
|
||||||
|
namespace: argocd
|
||||||
|
annotations:
|
||||||
|
argocd.argoproj.io/sync-wave: "-1000"
|
||||||
|
spec:
|
||||||
|
project: cluster-infrastructure
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
source:
|
||||||
|
chart: cilium
|
||||||
|
repoURL: https://helm.cilium.io/
|
||||||
|
targetRevision: 1.14.4
|
||||||
|
helm:
|
||||||
|
releaseName: cilium
|
||||||
|
valuesObject:
|
||||||
|
kubeProxyReplacement: true
|
||||||
|
k8sServiceHost: cthulhu.k8s.vxm.cz
|
||||||
|
k8sServicePort: 6443
|
||||||
|
hubble:
|
||||||
|
relay:
|
||||||
|
enabled: true
|
||||||
|
ui:
|
||||||
|
enabled: true
|
||||||
|
destination:
|
||||||
|
server: "https://kubernetes.default.svc"
|
||||||
|
namespace: kube-system
|
||||||
44
apps/cluster-infrastructure/hetzner-ccm.yaml
Normal file
44
apps/cluster-infrastructure/hetzner-ccm.yaml
Normal file
|
|
@ -0,0 +1,44 @@
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: hetzner-ccm
|
||||||
|
namespace: argocd
|
||||||
|
annotations:
|
||||||
|
argocd.argoproj.io/sync-wave: "10"
|
||||||
|
spec:
|
||||||
|
project: cluster-infrastructure
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
source:
|
||||||
|
chart: hcloud-cloud-controller-manager
|
||||||
|
repoURL: https://charts.hetzner.cloud
|
||||||
|
targetRevision: 1.19.0
|
||||||
|
helm:
|
||||||
|
releaseName: hetzner-ccm
|
||||||
|
valuesObject:
|
||||||
|
nameOverride: hetzner-ccm
|
||||||
|
replicaCount: 2
|
||||||
|
# Since version 1.19.0, the CCM supports also Hetzner Robot (bare metal)
|
||||||
|
robot:
|
||||||
|
enabled: true
|
||||||
|
env:
|
||||||
|
HCLOUD_TOKEN:
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hetzner-cloud-token
|
||||||
|
key: cloud-token
|
||||||
|
ROBOT_USER:
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hetzner-robot-credentials
|
||||||
|
key: robot-user
|
||||||
|
ROBOT_PASSWORD:
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: hetzner-robot-credentials
|
||||||
|
key: robot-password
|
||||||
|
destination:
|
||||||
|
server: "https://kubernetes.default.svc"
|
||||||
|
namespace: kube-system
|
||||||
48
apps/cluster-infrastructure/ingress-nginx.yaml
Normal file
48
apps/cluster-infrastructure/ingress-nginx.yaml
Normal file
|
|
@ -0,0 +1,48 @@
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: ingress-nginx
|
||||||
|
namespace: argocd
|
||||||
|
annotations:
|
||||||
|
argocd.argoproj.io/sync-wave: "-1000"
|
||||||
|
spec:
|
||||||
|
project: cluster-infrastructure
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=true
|
||||||
|
source:
|
||||||
|
chart: ingress-nginx
|
||||||
|
repoURL: https://kubernetes.github.io/ingress-nginx
|
||||||
|
targetRevision: 4.8.4
|
||||||
|
helm:
|
||||||
|
releaseName: ingress-nginx
|
||||||
|
valuesObject:
|
||||||
|
ingressClassResource:
|
||||||
|
default: true
|
||||||
|
controller:
|
||||||
|
kind: DaemonSet
|
||||||
|
updateStrategy:
|
||||||
|
type: RollingUpdate
|
||||||
|
rollingUpdate:
|
||||||
|
maxUnavailable: 1
|
||||||
|
service:
|
||||||
|
type: NodePort
|
||||||
|
nodePorts:
|
||||||
|
http: 32080
|
||||||
|
https: 32443
|
||||||
|
hostPort:
|
||||||
|
enabled: true
|
||||||
|
metrics:
|
||||||
|
enabled: true
|
||||||
|
serviceMonitor:
|
||||||
|
enabled: false
|
||||||
|
config:
|
||||||
|
allow-snippet-annotations: "true"
|
||||||
|
generate-request-id: "true"
|
||||||
|
use-proxy-protocol: "true"
|
||||||
|
destination:
|
||||||
|
server: "https://kubernetes.default.svc"
|
||||||
|
namespace: ingress-nginx
|
||||||
|
|
@ -1,37 +0,0 @@
|
||||||
apiVersion: argoproj.io/v1alpha1
|
|
||||||
kind: Application
|
|
||||||
metadata:
|
|
||||||
name: minio-operator
|
|
||||||
namespace: argocd
|
|
||||||
annotations:
|
|
||||||
argocd.argoproj.io/sync-wave: "10"
|
|
||||||
spec:
|
|
||||||
project: cluster-infrastructure
|
|
||||||
syncPolicy:
|
|
||||||
automated:
|
|
||||||
prune: true
|
|
||||||
selfHeal: true
|
|
||||||
syncOptions:
|
|
||||||
- CreateNamespace=true
|
|
||||||
source:
|
|
||||||
chart: operator
|
|
||||||
repoURL: https://operator.min.io
|
|
||||||
targetRevision: 5.0.10
|
|
||||||
helm:
|
|
||||||
releaseName: minio-operator
|
|
||||||
valuesObject:
|
|
||||||
console:
|
|
||||||
replicaCount: 2
|
|
||||||
ingress:
|
|
||||||
enabled: true
|
|
||||||
ingressClassName: nginx
|
|
||||||
annotations:
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
||||||
host: console.minio.cthulhunetes.net
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- console.minio.ops.cthulhunetes.net
|
|
||||||
secretName: minio-console-ingress-tls
|
|
||||||
destination:
|
|
||||||
server: "https://kubernetes.default.svc"
|
|
||||||
namespace: minio-operator
|
|
||||||
55
apps/shared-resources/redis.yaml
Normal file
55
apps/shared-resources/redis.yaml
Normal file
|
|
@ -0,0 +1,55 @@
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: redis
|
||||||
|
namespace: argocd
|
||||||
|
annotations:
|
||||||
|
argocd.argoproj.io/sync-wave: "20"
|
||||||
|
spec:
|
||||||
|
project: shared-resources
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
|
syncOptions:
|
||||||
|
- CreateNamespace=true
|
||||||
|
source:
|
||||||
|
chart: redis-ha
|
||||||
|
repoURL: https://dandydeveloper.github.io/charts
|
||||||
|
targetRevision: 4.23.0
|
||||||
|
helm:
|
||||||
|
releaseName: redis
|
||||||
|
valuesObject:
|
||||||
|
fullnameOverride: redis
|
||||||
|
replicas: 3
|
||||||
|
hardAntiAffinity: true
|
||||||
|
persistentVolume:
|
||||||
|
enabled: true
|
||||||
|
size: 10Gi
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteOnce
|
||||||
|
storageClass: longhorn-static
|
||||||
|
redis:
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 500m
|
||||||
|
memory: 4Gi
|
||||||
|
requests:
|
||||||
|
cpu: 200m
|
||||||
|
memory: 4Gi
|
||||||
|
haproxy:
|
||||||
|
enabled: true
|
||||||
|
replicas: 3
|
||||||
|
hardAntiAffinity: true
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
cpu: 400m
|
||||||
|
memory: 1Gi
|
||||||
|
requests:
|
||||||
|
cpu: 200m
|
||||||
|
memory: 1Gi
|
||||||
|
exporter:
|
||||||
|
enabled: true
|
||||||
|
destination:
|
||||||
|
server: "https://kubernetes.default.svc"
|
||||||
|
namespace: redis
|
||||||
|
|
@ -37,4 +37,4 @@ spec:
|
||||||
affinity:
|
affinity:
|
||||||
enablePodAntiAffinity: true
|
enablePodAntiAffinity: true
|
||||||
topologyKey: topology.kubernetes.io/zone # default: kubernetes.io/hostname
|
topologyKey: topology.kubernetes.io/zone # default: kubernetes.io/hostname
|
||||||
podAntiAffinityType: required
|
podAntiAffinityType: preferred
|
||||||
|
|
|
||||||
11
renovate.json
Normal file
11
renovate.json
Normal file
|
|
@ -0,0 +1,11 @@
|
||||||
|
{
|
||||||
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
|
"extends": [
|
||||||
|
"local>vojtechmares/renovate-config"
|
||||||
|
],
|
||||||
|
"argocd": {
|
||||||
|
"fileMatch": [
|
||||||
|
"apps\/.+\\.yaml$"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in a new issue