Update Traefik; Migrate Harbor PV->SC

2020-09-23 15:35:17 +02:00 · 2020-09-23 15:35:17 +02:00 · c6e0dfb6d1
commit c6e0dfb6d1
parent 51e42ce1f3
6 changed files with 71 additions and 219 deletions
--- a/README.md
+++ b/README.md
@ -29,7 +29,13 @@ kubectl apply -f system/UpgradeController/plan-Server.yml -f system/UpgradeContr

 ### 1) Persistent storage

-SMB (CIFS) `FlexVolume`:
+#### 1.1) SMB (CIFS) `CSI-driver`:
+See https://github.com/kubernetes-csi/csi-driver-smb:
+```
+curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/deploy/install-driver.sh | bash -s master --
+```
+
+#### 1.2) SMB (CIFS) `FlexVolume`:
 ```
 curl -Ls https://github.com/juliohm1978/kubernetes-cifs-volumedriver/blob/master/install.yaml -o storage/flexVolSMB/daemonSet-flexVolSMB.yml
 ```
@ -203,10 +209,10 @@ kubectl exec -i guacamole-<pod-id> --container mysql -- mysql -uguacamole -pguac
 kubectl rollout restart deployment guacamole
 ```
 ##### 4.7) [Harbor](https://goharbor.io/)    <small>(container image registry)</small>
-Create `ingressRoute` and `persistentVolumeClaim`
+Create `ingressRoute` and `storageClass`
 ```
 kubectl apply -f services/Harbor/ingressRoute-Harbor.yml
-kubectl apply -f services/Harbor/persistentVolumeClaim_Harbor.yml
+kubectl apply -f services/Harbor/storageClass-Harbor.yml
 ```
 Install Helm chart
 ```
--- a/ingress/Traefik2.x/chart-values.yml
+++ b/ingress/Traefik2.x/chart-values.yml
@ -1,3 +1,7 @@
+image:
+  name: traefik
+  tag: 2.2.11
+
 ports:
  rtmp:
    port: 1935
--- a/services/Harbor/chart-values.yml
+++ b/services/Harbor/chart-values.yml
@ -11,32 +11,26 @@ persistence:
  resourcePolicy: "keep"
  persistentVolumeClaim:
    registry:
-      existingClaim: "flexvolsmb-harbor-registry"
-      storageClass: "-"
+      storageClass: "harbor"
      accessMode: ReadWriteMany
      size: 5Gi
    chartmuseum:
-      existingClaim: "flexvolsmb-harbor-chartmuseum"
-      storageClass: "-"
+      storageClass: "harbor"
      accessMode: ReadWriteMany
      size: 5Gi
    jobservice:
-      existingClaim: "flexvolsmb-harbor-jobservice"
-      storageClass: "-"
+      storageClass: "harbor"
      accessMode: ReadWriteMany
      size: 1Gi
    database:
-      existingClaim: "flexvolsmb-harbor-database"
-      storageClass: "-"
+      storageClass: "harbor-db"
      accessMode: ReadWriteMany
      size: 1Gi
    redis:
-      existingClaim: "flexvolsmb-harbor-redis"
-      storageClass: "-"
+      storageClass: "harbor-db"
      accessMode: ReadWriteMany
      size: 1Gi
    trivy:
-      existingClaim: "flexvolsmb-harbor-trivy"
-      storageClass: "-"
+      storageClass: "harbor"
      accessMode: ReadWriteMany
      size: 1Gi
--- a/services/Harbor/persistentVolumeClaim_Harbor.yml
+++ b/services/Harbor/persistentVolumeClaim_Harbor.yml
@ -1,204 +0,0 @@
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: flexvolsmb-harbor-chartmuseum
-  namespace: harbor
-spec:
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-chartmuseum
-  flexVolume:
-    driver: mount/smb
-    secretRef:
-      name: smb-secret
-      namespace: default
-    options:
-      opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
-      server: 192.168.11.225
-      share: /K3s.Volumes/harbor/chartmuseum
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: flexvolsmb-harbor-chartmuseum
-  namespace: harbor
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-chartmuseum
-  resources:
-    requests:
-      storage: 10Gi
---
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: flexvolsmb-harbor-database
-  namespace: harbor
-spec:
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-database
-  flexVolume:
-    driver: mount/smb
-    secretRef:
-      name: smb-secret
-      namespace: default
-    options:
-      opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
-      server: 192.168.11.225
-      share: /K3s.Volumes/harbor/database
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: flexvolsmb-harbor-database
-  namespace: harbor
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-database
-  resources:
-    requests:
-      storage: 10Gi
---
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: flexvolsmb-harbor-jobservice
-  namespace: harbor
-spec:
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-jobservice
-  flexVolume:
-    driver: mount/smb
-    secretRef:
-      name: smb-secret
-      namespace: default
-    options:
-      opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
-      server: 192.168.11.225
-      share: /K3s.Volumes/harbor/jobservice
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: flexvolsmb-harbor-jobservice
-  namespace: harbor
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-jobservice
-  resources:
-    requests:
-      storage: 10Gi
---
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: flexvolsmb-harbor-redis
-  namespace: harbor
-spec:
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-redis
-  flexVolume:
-    driver: mount/smb
-    secretRef:
-      name: smb-secret
-      namespace: default
-    options:
-      opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,iocharset=utf8,nobrl
-      server: 192.168.11.225
-      share: /K3s.Volumes/harbor/redis
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: flexvolsmb-harbor-redis
-  namespace: harbor
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-redis
-  resources:
-    requests:
-      storage: 10Gi
---
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: flexvolsmb-harbor-registry
-  namespace: harbor
-spec:
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-registry
-  flexVolume:
-    driver: mount/smb
-    secretRef:
-      name: smb-secret
-      namespace: default
-    options:
-      opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
-      server: 192.168.11.225
-      share: /K3s.Volumes/harbor/registry
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: flexvolsmb-harbor-registry
-  namespace: harbor
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-registry
-  resources:
-    requests:
-      storage: 10Gi
---
-apiVersion: v1
-kind: PersistentVolume
-metadata:
-  name: flexvolsmb-harbor-trivy
-  namespace: harbor
-spec:
-  capacity:
-    storage: 10Gi
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-trivy
-  flexVolume:
-    driver: mount/smb
-    secretRef:
-      name: smb-secret
-      namespace: default
-    options:
-      opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
-      server: 192.168.11.225
-      share: /K3s.Volumes/harbor/trivy
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: flexvolsmb-harbor-trivy
-  namespace: harbor
-spec:
-  accessModes:
-    - ReadWriteMany
-  storageClassName: flexvolsmb-harbor-trivy
-  resources:
-    requests:
-      storage: 10Gi
-
--- a/services/Harbor/storageClass-Harbor.yml
+++ b/services/Harbor/storageClass-Harbor.yml
@ -0,0 +1,35 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: harbor
+provisioner: smb.csi.k8s.io
+parameters:
+  source: "//192.168.11.225/K3s.StorageClass/harbor"
+  csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
+  csi.storage.k8s.io/node-stage-secret-namespace: "default"
+  createSubDir: "true"  # optional: create a sub dir for new volume
+reclaimPolicy: Retain  # only retain is supported
+volumeBindingMode: Immediate
+mountOptions:
+  - dir_mode=0777
+  - file_mode=0777
+  - uid=10000
+  - gid=10000
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: harbor-db
+provisioner: smb.csi.k8s.io
+parameters:
+  source: "//192.168.11.225/K3s.StorageClass/harbor-db"
+  csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
+  csi.storage.k8s.io/node-stage-secret-namespace: "default"
+  createSubDir: "true"  # optional: create a sub dir for new volume
+reclaimPolicy: Retain  # only retain is supported
+volumeBindingMode: Immediate
+mountOptions:
+  - dir_mode=0700
+  - file_mode=0700
+  - uid=999
+  - gid=999
--- a/storage/csi-driver-smb/storageClass-SMB.yml.example
+++ b/storage/csi-driver-smb/storageClass-SMB.yml.example
@ -0,0 +1,17 @@
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: <name>
+provisioner: smb.csi.k8s.io
+parameters:
+  source: "//192.168.11.225/K3s.StorageClass/<name>"
+  csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
+  csi.storage.k8s.io/node-stage-secret-namespace: "default"
+  createSubDir: "true"  # optional: create a sub dir for new volume
+reclaimPolicy: Retain  # only retain is supported
+volumeBindingMode: Immediate
+mountOptions:
+  - dir_mode=0700
+  - file_mode=0700
+  - uid=1001
+  - gid=1001