djpbessems/Kubernetes.K3s.installLog
djpbessems
/
Kubernetes.K3s.installLog
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update Traefik; Migrate Harbor PV->SC

This commit is contained in:
Danny Bessems 2020-09-23 15:35:17 +02:00
parent 51e42ce1f3
commit c6e0dfb6d1
6 changed files with 71 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -29,7 +29,13 @@ kubectl apply -f system/UpgradeController/plan-Server.yml -f system/UpgradeContr
### 1) Persistent storage
SMB (CIFS) `FlexVolume`:
#### 1.1) SMB (CIFS) `CSI-driver`:
See https://github.com/kubernetes-csi/csi-driver-smb:
```
curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/deploy/install-driver.sh | bash -s master --
```
#### 1.2) SMB (CIFS) `FlexVolume`:
```
curl -Ls https://github.com/juliohm1978/kubernetes-cifs-volumedriver/blob/master/install.yaml -o storage/flexVolSMB/daemonSet-flexVolSMB.yml
```
@ -203,10 +209,10 @@ kubectl exec -i guacamole-<pod-id> --container mysql -- mysql -uguacamole -pguac
kubectl rollout restart deployment guacamole
```
##### 4.7) [Harbor](https://goharbor.io/) <small>(container image registry)</small>
Create `ingressRoute` and `persistentVolumeClaim`
Create `ingressRoute` and `storageClass`
```
kubectl apply -f services/Harbor/ingressRoute-Harbor.yml
kubectl apply -f services/Harbor/persistentVolumeClaim_Harbor.yml
kubectl apply -f services/Harbor/storageClass-Harbor.yml
```
Install Helm chart
```

4
ingress/Traefik2.x/chart-values.yml
View File

@ -1,3 +1,7 @@
image:
name: traefik
tag: 2.2.11
ports:
rtmp:
port: 1935

18
services/Harbor/chart-values.yml
View File

@ -11,32 +11,26 @@ persistence:
resourcePolicy: "keep"
persistentVolumeClaim:
registry:
existingClaim: "flexvolsmb-harbor-registry"
storageClass: "-"
storageClass: "harbor"
accessMode: ReadWriteMany
size: 5Gi
chartmuseum:
existingClaim: "flexvolsmb-harbor-chartmuseum"
storageClass: "-"
storageClass: "harbor"
accessMode: ReadWriteMany
size: 5Gi
jobservice:
existingClaim: "flexvolsmb-harbor-jobservice"
storageClass: "-"
storageClass: "harbor"
accessMode: ReadWriteMany
size: 1Gi
database:
existingClaim: "flexvolsmb-harbor-database"
storageClass: "-"
storageClass: "harbor-db"
accessMode: ReadWriteMany
size: 1Gi
redis:
existingClaim: "flexvolsmb-harbor-redis"
storageClass: "-"
storageClass: "harbor-db"
accessMode: ReadWriteMany
size: 1Gi
trivy:
existingClaim: "flexvolsmb-harbor-trivy"
storageClass: "-"
storageClass: "harbor"
accessMode: ReadWriteMany
size: 1Gi

204
services/Harbor/persistentVolumeClaim_Harbor.yml
View File

@ -1,204 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-chartmuseum
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-chartmuseum
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/chartmuseum
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-chartmuseum
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-chartmuseum
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-database
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-database
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/database
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-database
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-database
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-jobservice
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-jobservice
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/jobservice
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-jobservice
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-jobservice
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-redis
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-redis
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/redis
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-redis
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-redis
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-registry
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-registry
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/registry
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-registry
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-registry
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-trivy
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-trivy
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/trivy
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-trivy
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-trivy
resources:
requests:
storage: 10Gi

35
services/Harbor/storageClass-Harbor.yml Normal file
View File

@ -0,0 +1,35 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: harbor
provisioner: smb.csi.k8s.io
parameters:
source: "//192.168.11.225/K3s.StorageClass/harbor"
csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
csi.storage.k8s.io/node-stage-secret-namespace: "default"
createSubDir: "true" # optional: create a sub dir for new volume
reclaimPolicy: Retain # only retain is supported
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=10000
- gid=10000
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: harbor-db
provisioner: smb.csi.k8s.io
parameters:
source: "//192.168.11.225/K3s.StorageClass/harbor-db"
csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
csi.storage.k8s.io/node-stage-secret-namespace: "default"
createSubDir: "true" # optional: create a sub dir for new volume
reclaimPolicy: Retain # only retain is supported
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0700
- file_mode=0700
- uid=999
- gid=999

17
storage/csi-driver-smb/storageClass-SMB.yml.example Normal file
View File

@ -0,0 +1,17 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: <name>
provisioner: smb.csi.k8s.io
parameters:
source: "//192.168.11.225/K3s.StorageClass/<name>"
csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
csi.storage.k8s.io/node-stage-secret-namespace: "default"
createSubDir: "true" # optional: create a sub dir for new volume
reclaimPolicy: Retain # only retain is supported
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0700
- file_mode=0700
- uid=1001
- gid=1001