djpbessems/Kubernetes.K3s.installLog
djpbessems/Kubernetes.K3s.installLog
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Linkerd++;Overseerr++;TfState++;rebase DroneCI to prevent deadlock

Browse Source
This commit is contained in:
Danny Bessems 2021-02-02 10:51:38 +01:00
parent 6852cd28e4
commit 9225b83080
6 changed files with 3717 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ingress/Traefik2.x/chart-values.yml
View File

@ -1,6 +1,6 @@
image: image:
name: bv11-cr01.bessems.eu/proxy/library/traefik name: bv11-cr01.bessems.eu/proxy/library/traefik
tag: 2.3.7 # tag: '2.4'
ports: ports:
rtmp: rtmp:

46
services/DroneCI/deploy-DroneCI.yml
View File

@ -39,7 +39,8 @@ spec:
serviceAccountName: drone serviceAccountName: drone
containers: containers:
- name: drone - name: drone
image: bv11-cr01.bessems.eu/proxy/drone/drone:latest # image: bv11-cr01.bessems.eu/proxy/drone/drone:latest
image: drone/drone:latest
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-server"] command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-server"]
env: env:
- name: DRONE_SERVER_PROTO - name: DRONE_SERVER_PROTO
@ -67,7 +68,8 @@ spec:
- mountPath: /data - mountPath: /data
name: flexvolsmb-drone-data name: flexvolsmb-drone-data
- name: drone-runner - name: drone-runner
image: bv11-cr01.bessems.eu/proxy/drone/drone-runner-kube:latest # image: bv11-cr01.bessems.eu/proxy/drone/drone-runner-kube:latest
image: drone/drone-runner-kube:latest
command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-runner-kube"] command: ["sh", "-c", ". /vault/secrets/drone && /bin/drone-runner-kube"]
ports: ports:
- containerPort: 3000 - containerPort: 3000
@ -76,6 +78,10 @@ spec:
value: 'ci.spamasaurus.com' value: 'ci.spamasaurus.com'
- name: DRONE_RPC_PROTO - name: DRONE_RPC_PROTO
value: 'https' value: 'https'
- name: DRONE_RUNNER_CAPACITY
value: '2'
- name: DRONE_RUNNER_MAX_PROCS
value: '3'
volumes: volumes:
- name: flexvolsmb-drone-output - name: flexvolsmb-drone-output
persistentVolumeClaim: persistentVolumeClaim:
@ -142,11 +148,43 @@ spec:
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
metadata:
name: flexvolsmb-drone-certs
spec:
capacity:
storage: 100Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-certs
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/traefikcertsdumper/export
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-drone-certs
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-drone-certs
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: PersistentVolume
metadata: metadata:
name: flexvolsmb-drone-output name: flexvolsmb-drone-output
spec: spec:
capacity: capacity:
storage: 1Gi storage: 100Gi
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany
storageClassName: flexvolsmb-drone-output storageClassName: flexvolsmb-drone-output
@ -170,7 +208,7 @@ spec:
storageClassName: flexvolsmb-drone-output storageClassName: flexvolsmb-drone-output
resources: resources:
requests: requests:
storage: 1Gi storage: 100Gi
--- ---
kind: Role kind: Role
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1

3473
services/Linkerd/deploy-Linkerd.yml Normal file
View File

File diff suppressed because it is too large Load Diff

19
services/Linkerd/ingressRoute-Linkerd.yml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: linkerd
namespace: linkerd
spec:
entryPoints:
- websecure
routes:
- match: Host(`mesh.spamasaurus.com`)
kind: Rule
services:
- name: linkerd-web
port: 8084
namespace: linkerd
middlewares:
- name: 2fa-authentication@file
- name: security-headers@file
- name: compression@file

103
services/PVR/deploy-Overseerr.yml Normal file
View File

@ -0,0 +1,103 @@
apiVersion: v1
kind: Service
metadata:
name: overseerr
namespace: pvr
spec:
ports:
- protocol: TCP
name: web
port: 5055
selector:
app: overseerr
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: overseerr
namespace: pvr
labels:
app: overseerr
spec:
replicas: 1
selector:
matchLabels:
app: overseerr
template:
metadata:
labels:
app: overseerr
spec:
containers:
- name: overseerr
image: bv11-cr01.bessems.eu/proxy/sctx/overseerr
ports:
- name: web
containerPort: 5055
volumeMounts:
- mountPath: /app/config
name: flexvolsmb-overseerr-config
volumes:
- name: flexvolsmb-overseerr-config
persistentVolumeClaim:
claimName: flexvolsmb-overseerr-config
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: overseerr
namespace: pvr
spec:
entryPoints:
- websecure
routes:
- match: Host(`requests.pvr.spamasaurus.com`)
kind: Rule
services:
- name: overseerr
port: 5055
middlewares:
- name: 2fa-authentication@file
- name: security-headers@file
- name: compression@file
tls:
options:
name: defaults@file
certResolver: default
domains:
- main: '*.pvr.spamasaurus.com'
sans:
- 'pvr.spamasaurus.com'
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-overseerr-config
namespace: pvr
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-overseerr-config
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0777,dir_mode=0777,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/overseerr/config
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-overseerr-config
namespace: pvr
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-overseerr-config
resources:
requests:
storage: 1Gi

79
services/TfState/deploy-TfState.yml Normal file
View File

@ -0,0 +1,79 @@
apiVersion: v1
kind: Service
metadata:
name: tfstate
spec:
ports:
- protocol: TCP
name: db
port: 5432
selector:
app: tfstate
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tfstate
labels:
app: tfstate
spec:
replicas: 1
selector:
matchLabels:
app: tfstate
template:
metadata:
labels:
app: tfstate
spec:
containers:
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:alpine
env:
- name: POSTGRES_USER
value: terraform
- name: POSTGRES_PASSWORD
value: terraform
- name: POSTGRES_DB
value: terraform_backend
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-tfstate-db
volumes:
- name: flexvolsmb-tfstate-db
persistentVolumeClaim:
claimName: flexvolsmb-tfstate-db
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-tfstate-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-tfstate-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/tfstate/db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-tfstate-db
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-tfstate-db
resources:
requests:
storage: 1Gi