djpbessems/Kubernetes.K3s.installLog
djpbessems/Kubernetes.K3s.installLog
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update Traefik; Migrate Harbor PV->SC

Browse Source
This commit is contained in:
Danny Bessems 2020-09-23 15:35:17 +02:00
parent 51e42ce1f3
commit c6e0dfb6d1
6 changed files with 71 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -29,7 +29,13 @@ kubectl apply -f system/UpgradeController/plan-Server.yml -f system/UpgradeContr
### 1) Persistent storage ### 1) Persistent storage
SMB (CIFS) `FlexVolume`: #### 1.1) SMB (CIFS) `CSI-driver`:
See https://github.com/kubernetes-csi/csi-driver-smb:
```
curl -skSL https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/deploy/install-driver.sh | bash -s master --
```
#### 1.2) SMB (CIFS) `FlexVolume`:
``` ```
curl -Ls https://github.com/juliohm1978/kubernetes-cifs-volumedriver/blob/master/install.yaml -o storage/flexVolSMB/daemonSet-flexVolSMB.yml curl -Ls https://github.com/juliohm1978/kubernetes-cifs-volumedriver/blob/master/install.yaml -o storage/flexVolSMB/daemonSet-flexVolSMB.yml
``` ```
@ -203,10 +209,10 @@ kubectl exec -i guacamole-<pod-id> --container mysql -- mysql -uguacamole -pguac
kubectl rollout restart deployment guacamole kubectl rollout restart deployment guacamole
``` ```
##### 4.7) [Harbor](https://goharbor.io/) <small>(container image registry)</small> ##### 4.7) [Harbor](https://goharbor.io/) <small>(container image registry)</small>
Create `ingressRoute` and `persistentVolumeClaim` Create `ingressRoute` and `storageClass`
``` ```
kubectl apply -f services/Harbor/ingressRoute-Harbor.yml kubectl apply -f services/Harbor/ingressRoute-Harbor.yml
kubectl apply -f services/Harbor/persistentVolumeClaim_Harbor.yml kubectl apply -f services/Harbor/storageClass-Harbor.yml
``` ```
Install Helm chart Install Helm chart
``` ```

4
ingress/Traefik2.x/chart-values.yml
View File

@ -1,3 +1,7 @@
image:
name: traefik
tag: 2.2.11
ports: ports:
rtmp: rtmp:
port: 1935 port: 1935

18
services/Harbor/chart-values.yml
View File

@ -11,32 +11,26 @@ persistence:
resourcePolicy: "keep" resourcePolicy: "keep"
persistentVolumeClaim: persistentVolumeClaim:
registry: registry:
existingClaim: "flexvolsmb-harbor-registry" storageClass: "harbor"
storageClass: "-"
accessMode: ReadWriteMany accessMode: ReadWriteMany
size: 5Gi size: 5Gi
chartmuseum: chartmuseum:
existingClaim: "flexvolsmb-harbor-chartmuseum" storageClass: "harbor"
storageClass: "-"
accessMode: ReadWriteMany accessMode: ReadWriteMany
size: 5Gi size: 5Gi
jobservice: jobservice:
existingClaim: "flexvolsmb-harbor-jobservice" storageClass: "harbor"
storageClass: "-"
accessMode: ReadWriteMany accessMode: ReadWriteMany
size: 1Gi size: 1Gi
database: database:
existingClaim: "flexvolsmb-harbor-database" storageClass: "harbor-db"
storageClass: "-"
accessMode: ReadWriteMany accessMode: ReadWriteMany
size: 1Gi size: 1Gi
redis: redis:
existingClaim: "flexvolsmb-harbor-redis" storageClass: "harbor-db"
storageClass: "-"
accessMode: ReadWriteMany accessMode: ReadWriteMany
size: 1Gi size: 1Gi
trivy: trivy:
existingClaim: "flexvolsmb-harbor-trivy" storageClass: "harbor"
storageClass: "-"
accessMode: ReadWriteMany accessMode: ReadWriteMany
size: 1Gi size: 1Gi

204
services/Harbor/persistentVolumeClaim_Harbor.yml
View File

@ -1,204 +0,0 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-chartmuseum
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-chartmuseum
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/chartmuseum
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-chartmuseum
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-chartmuseum
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-database
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-database
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=999,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/database
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-database
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-database
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-jobservice
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-jobservice
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/jobservice
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-jobservice
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-jobservice
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-redis
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-redis
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/redis
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-redis
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-redis
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-registry
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-registry
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/registry
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-registry
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-registry
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-harbor-trivy
namespace: harbor
spec:
capacity:
storage: 10Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-trivy
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
namespace: default
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=10000,gid=10000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/harbor/trivy
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-harbor-trivy
namespace: harbor
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-harbor-trivy
resources:
requests:
storage: 10Gi

35
services/Harbor/storageClass-Harbor.yml Normal file
View File

@ -0,0 +1,35 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: harbor
provisioner: smb.csi.k8s.io
parameters:
source: "//192.168.11.225/K3s.StorageClass/harbor"
csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
csi.storage.k8s.io/node-stage-secret-namespace: "default"
createSubDir: "true" # optional: create a sub dir for new volume
reclaimPolicy: Retain # only retain is supported
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=10000
- gid=10000
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: harbor-db
provisioner: smb.csi.k8s.io
parameters:
source: "//192.168.11.225/K3s.StorageClass/harbor-db"
csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
csi.storage.k8s.io/node-stage-secret-namespace: "default"
createSubDir: "true" # optional: create a sub dir for new volume
reclaimPolicy: Retain # only retain is supported
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0700
- file_mode=0700
- uid=999
- gid=999

17
storage/csi-driver-smb/storageClass-SMB.yml.example Normal file
View File

@ -0,0 +1,17 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: <name>
provisioner: smb.csi.k8s.io
parameters:
source: "//192.168.11.225/K3s.StorageClass/<name>"
csi.storage.k8s.io/node-stage-secret-name: "smb-credentials"
csi.storage.k8s.io/node-stage-secret-namespace: "default"
createSubDir: "true" # optional: create a sub dir for new volume
reclaimPolicy: Retain # only retain is supported
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0700
- file_mode=0700
- uid=1001
- gid=1001