Housekeeping
This commit is contained in:
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
*.sensitive.yml
|
*.sensitive.yml
|
||||||
|
*.sensitive.yaml
|
||||||
|
@ -11,13 +11,10 @@ spec:
|
|||||||
sources:
|
sources:
|
||||||
- repoURL: https://argoproj.github.io/argo-helm
|
- repoURL: https://argoproj.github.io/argo-helm
|
||||||
chart: argo-cd
|
chart: argo-cd
|
||||||
targetRevision: 7.8.13
|
targetRevision: 8.1.2
|
||||||
helm:
|
helm:
|
||||||
valueFiles:
|
valueFiles:
|
||||||
- $values/system/ArgoCD/values.yaml
|
- $values/system/ArgoCD/values.yaml
|
||||||
- repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog
|
- repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog
|
||||||
targetRevision: master
|
targetRevision: HEAD
|
||||||
ref: values
|
ref: values
|
||||||
# - repoURL: https://github.com/djpbessems/Kubernetes.K3s.installLog
|
|
||||||
# targetRevision: master
|
|
||||||
# ref: values
|
|
||||||
|
@ -2,10 +2,9 @@ configs:
|
|||||||
params:
|
params:
|
||||||
server.insecure: true
|
server.insecure: true
|
||||||
global:
|
global:
|
||||||
domain: gitops.spamasaurus.com
|
domain: gitops.lab.spamasaurus.com
|
||||||
server:
|
server:
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
annotations:
|
annotations:
|
||||||
# traefik.ingress.kubernetes.io/router.middlewares: security-headers@file,compression@file
|
|
||||||
traefik.ingress.kubernetes.io/router.middlewares: security-headers@file
|
traefik.ingress.kubernetes.io/router.middlewares: security-headers@file
|
||||||
|
@ -1,29 +0,0 @@
|
|||||||
apiVersion: apps/v1
|
|
||||||
kind: DaemonSet
|
|
||||||
metadata:
|
|
||||||
name: inotify-limits
|
|
||||||
namespace: kube-system
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: inotify-limits
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
name: inotify-limits
|
|
||||||
labels:
|
|
||||||
app: inotify-limits
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: inotify-limits
|
|
||||||
image: bv11-cr01.bessems.eu/proxy/library/alpine
|
|
||||||
imagePullPolicy: Always
|
|
||||||
securityContext:
|
|
||||||
privileged: true
|
|
||||||
command:
|
|
||||||
- "/bin/sh"
|
|
||||||
- "-c"
|
|
||||||
args:
|
|
||||||
- |
|
|
||||||
echo 'fs.inotify.max_user_watches=524288' | tee /etc/sysctl.conf;
|
|
||||||
echo 'fs.inotify.max_user_instances=512' | tee /etc/sysctl.conf;
|
|
||||||
sysctl -p && tail -f /dev/null
|
|
@ -1,21 +0,0 @@
|
|||||||
configuration:
|
|
||||||
blockingPodSelector:
|
|
||||||
- io.drone=true
|
|
||||||
|
|
||||||
timeZone: Europe/Amsterdam
|
|
||||||
startTime: 02:00
|
|
||||||
endTime: 04:30
|
|
||||||
|
|
||||||
extraEnvVars:
|
|
||||||
- name: KURED_NOTIFY_URL
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: kured-secret
|
|
||||||
key: notifyUrl
|
|
||||||
|
|
||||||
hostNetwork: false
|
|
||||||
|
|
||||||
#metrics:
|
|
||||||
# create: false
|
|
||||||
#service:
|
|
||||||
# create: false
|
|
@ -1,23 +0,0 @@
|
|||||||
{
|
|
||||||
"kind": "SealedSecret",
|
|
||||||
"apiVersion": "bitnami.com/v1alpha1",
|
|
||||||
"metadata": {
|
|
||||||
"name": "kured-secret",
|
|
||||||
"namespace": "kured",
|
|
||||||
"creationTimestamp": null
|
|
||||||
},
|
|
||||||
"spec": {
|
|
||||||
"template": {
|
|
||||||
"metadata": {
|
|
||||||
"name": "kured-secret",
|
|
||||||
"namespace": "kured",
|
|
||||||
"creationTimestamp": null
|
|
||||||
},
|
|
||||||
"type": "Opaque",
|
|
||||||
"data": null
|
|
||||||
},
|
|
||||||
"encryptedData": {
|
|
||||||
"notifyUrl": "AgAIIpIfkWK7JEkR0NrxvznV5a49UReEAvWJosNg+Lhe3rD+Z+TkpnRyuPkyfbwousSPHbwos5f02USUhsdxUjKP8BhEtvAzVlcFkktLhk7HHx+PUpr572oyDhrnHuwG6hhWVvnQph7hc+KUvqV6xKPF6zc+S7EtW0i0OapkenHvtItqw5/LZQ2C7FSEaXTxHS6TJkJd9505bcsq2vzRBaylHFytqsWA46OwgAVc1GB6wxDzBzM/uzWSUygJLAViyi+v4epHprf5siIsn7rjX71KFv9C/mNwlNS7feCSkaUOREzwdIOUaRxUSacauDPoE1adk+83ymAy87kn098Ctv4qgPgiu3k+nlqA3lLG0Vx/SlALNYgus53FCBrXXo50H3liZ7BOsRh8C3l7PWKQ4mMwNh3GN6yTBEdEEft3CEPl0l+EZ/WiLUKysetAezzWsLxjzII4igSR+t5j6PPW0iFGdKxFL+Q+K/WOrn9OIynKvlFy7EPZEqzm8lThBXO97r/O37ypGUCIK04Wj+vtfKhWTNhWycNVmsbt96g/ODHFzgJC0F7fwAfx+VBpDMg/BpNQeG9mm1Qc6fFMyQYHwoarXRXExqPn8fMxxPuU+EdxfioqSvcdLB31hAJcS+/39xEZT/YQtPWTZzQCkbwBweQWJdEuYudv7TnI4focpLu6/uaavoiGTCUcz4NHqGAGukrP2Lxk25sZwGSWNUEblcqfzx+4DyRllqAefLhRCI0OZmjiZ3Lwzb/xY0vypM3c+fxqnZhlPR4eGhPHSaQ="
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,21 +0,0 @@
|
|||||||
apiVersion: upgrade.cattle.io/v1
|
|
||||||
kind: Plan
|
|
||||||
metadata:
|
|
||||||
name: agent-plan
|
|
||||||
namespace: system-upgrade
|
|
||||||
spec:
|
|
||||||
concurrency: 1
|
|
||||||
cordon: true
|
|
||||||
nodeSelector:
|
|
||||||
matchExpressions:
|
|
||||||
- key: node-role.kubernetes.io/master
|
|
||||||
operator: DoesNotExist
|
|
||||||
prepare:
|
|
||||||
args:
|
|
||||||
- prepare
|
|
||||||
- server-plan
|
|
||||||
image: rancher/k3s-upgrade
|
|
||||||
serviceAccountName: system-upgrade
|
|
||||||
upgrade:
|
|
||||||
image: rancher/k3s-upgrade
|
|
||||||
channel: https://update.k3s.io/v1-release/channels/stable
|
|
@ -1,18 +0,0 @@
|
|||||||
apiVersion: upgrade.cattle.io/v1
|
|
||||||
kind: Plan
|
|
||||||
metadata:
|
|
||||||
name: server-plan
|
|
||||||
namespace: system-upgrade
|
|
||||||
spec:
|
|
||||||
concurrency: 1
|
|
||||||
cordon: true
|
|
||||||
nodeSelector:
|
|
||||||
matchExpressions:
|
|
||||||
- key: node-role.kubernetes.io/master
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- "true"
|
|
||||||
serviceAccountName: system-upgrade
|
|
||||||
upgrade:
|
|
||||||
image: rancher/k3s-upgrade
|
|
||||||
channel: https://update.k3s.io/v1-release/channels/stable
|
|
@ -1,17 +0,0 @@
|
|||||||
apiVersion: argoproj.io/v1alpha1
|
|
||||||
kind: Application
|
|
||||||
metadata:
|
|
||||||
name: kube-vip
|
|
||||||
namespace: argo-cd
|
|
||||||
spec:
|
|
||||||
destination:
|
|
||||||
namespace: kube-system
|
|
||||||
server: https://kubernetes.default.svc
|
|
||||||
project: default
|
|
||||||
source:
|
|
||||||
path: system/kube-vip
|
|
||||||
repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog.git
|
|
||||||
targetRevision: HEAD
|
|
||||||
syncPolicy:
|
|
||||||
automated:
|
|
||||||
selfHeal: true
|
|
@ -1,87 +0,0 @@
|
|||||||
apiVersion: apps/v1
|
|
||||||
kind: DaemonSet
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: kube-vip-ds
|
|
||||||
app.kubernetes.io/version: v0.9.1
|
|
||||||
name: kube-vip-ds
|
|
||||||
namespace: kube-system
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app.kubernetes.io/name: kube-vip-ds
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
creationTimestamp: null
|
|
||||||
labels:
|
|
||||||
app.kubernetes.io/name: kube-vip-ds
|
|
||||||
app.kubernetes.io/version: v0.9.1
|
|
||||||
spec:
|
|
||||||
affinity:
|
|
||||||
nodeAffinity:
|
|
||||||
requiredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
nodeSelectorTerms:
|
|
||||||
- matchExpressions:
|
|
||||||
- key: node-role.kubernetes.io/master
|
|
||||||
operator: Exists
|
|
||||||
- matchExpressions:
|
|
||||||
- key: node-role.kubernetes.io/control-plane
|
|
||||||
operator: Exists
|
|
||||||
containers:
|
|
||||||
- args:
|
|
||||||
- manager
|
|
||||||
env:
|
|
||||||
- name: vip_arp
|
|
||||||
value: "true"
|
|
||||||
- name: port
|
|
||||||
value: "6443"
|
|
||||||
- name: vip_nodename
|
|
||||||
valueFrom:
|
|
||||||
fieldRef:
|
|
||||||
fieldPath: spec.nodeName
|
|
||||||
- name: vip_interface
|
|
||||||
value: eth0
|
|
||||||
- name: vip_cidr
|
|
||||||
value: "32"
|
|
||||||
- name: dns_mode
|
|
||||||
value: first
|
|
||||||
- name: cp_enable
|
|
||||||
value: "true"
|
|
||||||
- name: cp_namespace
|
|
||||||
value: kube-system
|
|
||||||
- name: svc_enable
|
|
||||||
value: "true"
|
|
||||||
- name: svc_leasename
|
|
||||||
value: plndr-svcs-lock
|
|
||||||
- name: vip_leaderelection
|
|
||||||
value: "true"
|
|
||||||
- name: vip_leasename
|
|
||||||
value: plndr-cp-lock
|
|
||||||
- name: vip_leaseduration
|
|
||||||
value: "5"
|
|
||||||
- name: vip_renewdeadline
|
|
||||||
value: "3"
|
|
||||||
- name: vip_retryperiod
|
|
||||||
value: "1"
|
|
||||||
- name: address
|
|
||||||
value: 192.168.154.240
|
|
||||||
- name: prometheus_server
|
|
||||||
value: :2112
|
|
||||||
image: ghcr.io/kube-vip/kube-vip:v0.9.1
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
name: kube-vip
|
|
||||||
resources: {}
|
|
||||||
securityContext:
|
|
||||||
capabilities:
|
|
||||||
add:
|
|
||||||
- NET_ADMIN
|
|
||||||
- NET_RAW
|
|
||||||
hostNetwork: true
|
|
||||||
serviceAccountName: kube-vip
|
|
||||||
tolerations:
|
|
||||||
- effect: NoSchedule
|
|
||||||
operator: Exists
|
|
||||||
- effect: NoExecute
|
|
||||||
operator: Exists
|
|
||||||
updateStrategy: {}
|
|
Reference in New Issue
Block a user