Compare commits
No commits in common. "75309bdf11d9351a00243e58ef577b669c03ad3f" and "8764634ea04c9a8c4e7e98102548715193b104ba" have entirely different histories.
75309bdf11
...
8764634ea0
@ -56,50 +56,44 @@ components:
|
|||||||
|
|
||||||
argo-cd:
|
argo-cd:
|
||||||
helm:
|
helm:
|
||||||
version: 6.7.7 # (=ArgoCD v.2.10.5)
|
version: 5.27.4 # (= ArgoCD v2.6.7)
|
||||||
chart: argo/argo-cd
|
chart: argo/argo-cd
|
||||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||||
chart_values: !unsafe |
|
chart_values: !unsafe |
|
||||||
configs:
|
configs:
|
||||||
cm:
|
|
||||||
resource.compareoptions: |
|
|
||||||
ignoreAggregatedRoles: true
|
|
||||||
resource.customizations.ignoreDifferences.all: |
|
|
||||||
jsonPointers:
|
|
||||||
- /spec/conversion/webhook/clientConfig/caBundle
|
|
||||||
params:
|
|
||||||
server.insecure: true
|
|
||||||
secret:
|
secret:
|
||||||
argocdServerAdminPassword: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}"
|
argocdServerAdminPassword: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}"
|
||||||
global:
|
|
||||||
domain: gitops.{{ vapp['metacluster.fqdn'] | lower }}
|
|
||||||
server:
|
server:
|
||||||
|
extraArgs:
|
||||||
|
- --insecure
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
hosts:
|
||||||
|
- gitops.{{ vapp['metacluster.fqdn'] }}
|
||||||
|
|
||||||
cert-manager:
|
cert-manager:
|
||||||
helm:
|
helm:
|
||||||
version: 1.14.4
|
version: 1.13.1
|
||||||
chart: jetstack/cert-manager
|
chart: jetstack/cert-manager
|
||||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||||
chart_values: !unsafe |
|
# chart_values: !unsafe |
|
||||||
installCRDs: true
|
# installCRDs: true
|
||||||
|
|
||||||
clusterapi:
|
clusterapi:
|
||||||
management:
|
management:
|
||||||
version:
|
version:
|
||||||
# Must match the version referenced at `dependencies.static_binaries[.filename==clusterctl].url`
|
# Must match the version referenced at `dependencies.static_binaries[.filename==clusterctl].url`
|
||||||
base: v1.6.3
|
base: v1.5.1
|
||||||
# Must match the version referenced at `components.cert-manager.helm.version`
|
# Must match the version referenced at `components.cert-manager.helm.version`
|
||||||
cert_manager: v1.14.4
|
cert_manager: v1.13.1
|
||||||
infrastructure_vsphere: v1.9.2
|
infrastructure_vsphere: v1.8.1
|
||||||
ipam_incluster: v0.1.0
|
ipam_incluster: v0.1.0-alpha.3
|
||||||
# Refer to `https://console.cloud.google.com/gcr/images/cloud-provider-vsphere/GLOBAL/cpi/release/manager` for available tags
|
# Refer to `https://console.cloud.google.com/gcr/images/cloud-provider-vsphere/GLOBAL/cpi/release/manager` for available tags
|
||||||
cpi_vsphere: v1.30.1
|
cpi_vsphere: v1.27.0
|
||||||
workload:
|
workload:
|
||||||
version:
|
version:
|
||||||
calico: v3.27.3
|
calico: v3.26.2
|
||||||
k8s: v1.30.1
|
k8s: v1.27.1
|
||||||
node_template:
|
node_template:
|
||||||
url: https://{{ repo_username }}:{{ repo_password }}@sn.itch.fyi/Repository/rel/ubuntu-2204-kube-v1.27.1.ova
|
url: https://{{ repo_username }}:{{ repo_password }}@sn.itch.fyi/Repository/rel/ubuntu-2204-kube-v1.27.1.ova
|
||||||
|
|
||||||
@ -137,7 +131,7 @@ components:
|
|||||||
|
|
||||||
gitea:
|
gitea:
|
||||||
helm:
|
helm:
|
||||||
version: v10.1.3 # (= Gitea v1.21.7)
|
version: v7.0.2 # (= Gitea v1.18.3)
|
||||||
chart: gitea-charts/gitea
|
chart: gitea-charts/gitea
|
||||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/'
|
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/'
|
||||||
chart_values: !unsafe |
|
chart_values: !unsafe |
|
||||||
@ -155,33 +149,21 @@ components:
|
|||||||
admin:
|
admin:
|
||||||
username: administrator
|
username: administrator
|
||||||
password: "{{ vapp['metacluster.password'] }}"
|
password: "{{ vapp['metacluster.password'] }}"
|
||||||
email: administrator@{{ vapp['metacluster.fqdn'] | lower }}
|
email: admin@{{ vapp['metacluster.fqdn'] }}
|
||||||
config:
|
config:
|
||||||
cache:
|
|
||||||
ADAPTER: memory
|
|
||||||
server:
|
server:
|
||||||
OFFLINE_MODE: true
|
OFFLINE_MODE: true
|
||||||
PROTOCOL: http
|
PROTOCOL: http
|
||||||
ROOT_URL: https://git.{{ vapp['metacluster.fqdn'] | lower }}/
|
ROOT_URL: https://git.{{ vapp['metacluster.fqdn'] }}/
|
||||||
session:
|
|
||||||
PROVIDER: db
|
|
||||||
image:
|
image:
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
hosts:
|
hosts:
|
||||||
- host: git.{{ vapp['metacluster.fqdn'] | lower }}
|
- host: git.{{ vapp['metacluster.fqdn'] }}
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
postgresql:
|
|
||||||
enabled: true
|
|
||||||
image:
|
|
||||||
tag: 16.1.0-debian-11-r25
|
|
||||||
postgresql-ha:
|
|
||||||
enabled: false
|
|
||||||
redis-cluster:
|
|
||||||
enabled: false
|
|
||||||
service:
|
service:
|
||||||
ssh:
|
ssh:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
@ -190,7 +172,7 @@ components:
|
|||||||
|
|
||||||
harbor:
|
harbor:
|
||||||
helm:
|
helm:
|
||||||
version: 1.14.1 # (= Harbor v2.10.1)
|
version: 1.11.0 # (= Harbor v2.7.0)
|
||||||
chart: harbor/harbor
|
chart: harbor/harbor
|
||||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||||
chart_values: !unsafe |
|
chart_values: !unsafe |
|
||||||
@ -198,11 +180,11 @@ components:
|
|||||||
ingress:
|
ingress:
|
||||||
annotations: {}
|
annotations: {}
|
||||||
hosts:
|
hosts:
|
||||||
core: registry.{{ vapp['metacluster.fqdn'] | lower }}
|
core: registry.{{ vapp['metacluster.fqdn'] }}
|
||||||
tls:
|
tls:
|
||||||
certSource: none
|
certSource: none
|
||||||
enabled: false
|
enabled: false
|
||||||
externalURL: https://registry.{{ vapp['metacluster.fqdn'] | lower }}
|
externalURL: https://registry.{{ vapp['metacluster.fqdn'] }}
|
||||||
harborAdminPassword: "{{ vapp['metacluster.password'] }}"
|
harborAdminPassword: "{{ vapp['metacluster.password'] }}"
|
||||||
notary:
|
notary:
|
||||||
enabled: false
|
enabled: false
|
||||||
@ -247,30 +229,23 @@ components:
|
|||||||
|
|
||||||
kubevip:
|
kubevip:
|
||||||
# Must match the version referenced at `dependencies.container_images`
|
# Must match the version referenced at `dependencies.container_images`
|
||||||
version: v0.6.3
|
version: v0.5.8
|
||||||
|
|
||||||
longhorn:
|
longhorn:
|
||||||
helm:
|
helm:
|
||||||
version: 1.5.4
|
version: 1.4.1
|
||||||
chart: longhorn/longhorn
|
chart: longhorn/longhorn
|
||||||
parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag'
|
parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag'
|
||||||
chart_values: !unsafe |
|
chart_values: !unsafe |
|
||||||
defaultSettings:
|
defaultSettings:
|
||||||
concurrentReplicaRebuildPerNodeLimit: 10
|
allowNodeDrainWithLastHealthyReplica: true
|
||||||
defaultDataPath: /mnt/blockstorage
|
defaultDataPath: /mnt/blockstorage
|
||||||
logLevel: Info
|
defaultReplicaCount: 1
|
||||||
nodeDrainPolicy: block-for-eviction-if-contains-last-replica
|
|
||||||
replicaSoftAntiAffinity: true
|
|
||||||
priorityClass: system-node-critical
|
|
||||||
storageOverProvisioningPercentage: 200
|
|
||||||
storageReservedPercentageForDefaultDisk: 0
|
|
||||||
ingress:
|
ingress:
|
||||||
enabled: true
|
enabled: true
|
||||||
host: storage.{{ vapp['metacluster.fqdn'] | lower }}
|
host: storage.{{ vapp['metacluster.fqdn'] }}
|
||||||
longhornManager:
|
persistence:
|
||||||
priorityClass: system-node-critical
|
defaultClassReplicaCount: 1
|
||||||
longhornDriver:
|
|
||||||
priorityClass: system-node-critical
|
|
||||||
|
|
||||||
pinniped:
|
pinniped:
|
||||||
helm:
|
helm:
|
||||||
@ -295,14 +270,22 @@ components:
|
|||||||
|
|
||||||
step-certificates:
|
step-certificates:
|
||||||
helm:
|
helm:
|
||||||
version: 1.25.2 # (= step-ca v0.25.2)
|
version: 1.23.0
|
||||||
chart: smallstep/step-certificates
|
chart: smallstep/step-certificates
|
||||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sed '/:/!s/$/:latest/' | sort -u
|
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sed '/:/!s/$/:latest/' | sort -u
|
||||||
chart_values: !unsafe |
|
chart_values: !unsafe |
|
||||||
|
ca:
|
||||||
|
dns: ca.{{ vapp['metacluster.fqdn'] }},step-certificates.step-ca.svc.cluster.local,127.0.0.1
|
||||||
|
password: "{{ vapp['metacluster.password'] }}"
|
||||||
|
provisioner:
|
||||||
|
name: admin
|
||||||
|
password: "{{ vapp['metacluster.password'] }}"
|
||||||
inject:
|
inject:
|
||||||
secrets:
|
secrets:
|
||||||
ca_password: "{{ vapp['metacluster.password'] | b64encode }}"
|
ca_password: "{{ vapp['metacluster.password'] | b64encode }}"
|
||||||
provisioner_password: "{{ vapp['metacluster.password'] | b64encode }}"
|
provisioner_password: "{{ vapp['metacluster.password'] | b64encode }}"
|
||||||
|
service:
|
||||||
|
targetPort: 9000
|
||||||
|
|
||||||
dependencies:
|
dependencies:
|
||||||
|
|
||||||
@ -318,43 +301,41 @@ dependencies:
|
|||||||
container_images:
|
container_images:
|
||||||
# This should match the image tag referenced at `platform.packaged_components[.name==traefik].config`
|
# This should match the image tag referenced at `platform.packaged_components[.name==traefik].config`
|
||||||
- busybox:1
|
- busybox:1
|
||||||
- ghcr.io/kube-vip/kube-vip:v0.6.3
|
- ghcr.io/kube-vip/kube-vip:v0.5.8
|
||||||
# The following list is generated by running the following commands:
|
# The following list is generated by running the following commands:
|
||||||
# $ clusterctl init -i vsphere:<version> [...]
|
# $ clusterctl init -i vsphere:<version> [...]
|
||||||
# $ clusterctl generate cluster <name> [...] | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)' | sort -u
|
# $ clusterctl generate cluster <name> [...] | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)' | sort -u
|
||||||
- gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.27.0
|
- gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.27.0
|
||||||
- gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0
|
- gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0
|
||||||
- gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0
|
- gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0
|
||||||
- registry.k8s.io/sig-storage/csi-attacher:v4.3.0
|
- quay.io/k8scsi/csi-attacher:v3.0.0
|
||||||
- registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0
|
- quay.io/k8scsi/csi-node-driver-registrar:v2.0.1
|
||||||
- registry.k8s.io/sig-storage/csi-provisioner:v3.5.0
|
- quay.io/k8scsi/csi-provisioner:v2.0.0
|
||||||
- registry.k8s.io/sig-storage/csi-resizer:v1.8.0
|
- quay.io/k8scsi/livenessprobe:v2.1.0
|
||||||
- registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2
|
|
||||||
- registry.k8s.io/sig-storage/livenessprobe:v2.10.0
|
|
||||||
|
|
||||||
static_binaries:
|
static_binaries:
|
||||||
- filename: clusterctl
|
- filename: clusterctl
|
||||||
url: https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.3/clusterctl-linux-amd64
|
url: https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.5.1/clusterctl-linux-amd64
|
||||||
- filename: govc
|
- filename: govc
|
||||||
url: https://github.com/vmware/govmomi/releases/download/v0.36.3/govc_Linux_x86_64.tar.gz
|
url: https://github.com/vmware/govmomi/releases/download/v0.29.0/govc_Linux_x86_64.tar.gz
|
||||||
archive: compressed
|
archive: compressed
|
||||||
- filename: helm
|
- filename: helm
|
||||||
url: https://get.helm.sh/helm-v3.14.3-linux-amd64.tar.gz
|
url: https://get.helm.sh/helm-v3.10.2-linux-amd64.tar.gz
|
||||||
archive: compressed
|
archive: compressed
|
||||||
extra_opts: --strip-components=1
|
extra_opts: --strip-components=1
|
||||||
- filename: kubectl-slice
|
- filename: kubectl-slice
|
||||||
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.9/kubectl-slice_linux_x86_64.tar.gz
|
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.5/kubectl-slice_linux_x86_64.tar.gz
|
||||||
archive: compressed
|
archive: compressed
|
||||||
- filename: pinniped
|
- filename: pinniped
|
||||||
url: https://github.com/vmware-tanzu/pinniped/releases/download/v0.25.0/pinniped-cli-linux-amd64
|
url: https://github.com/vmware-tanzu/pinniped/releases/download/v0.25.0/pinniped-cli-linux-amd64
|
||||||
- filename: skopeo
|
- filename: skopeo
|
||||||
url: https://code.spamasaurus.com/api/packages/djpbessems/generic/skopeo/v1.12.0/skopeo_linux_amd64
|
url: https://code.spamasaurus.com/api/packages/djpbessems/generic/skopeo/v1.12.0/skopeo_linux_amd64
|
||||||
- filename: step
|
- filename: step
|
||||||
url: https://dl.step.sm/gh-release/cli/gh-release-header/v0.25.2/step_linux_0.25.2_amd64.tar.gz
|
url: https://dl.step.sm/gh-release/cli/gh-release-header/v0.23.0/step_linux_0.23.0_amd64.tar.gz
|
||||||
archive: compressed
|
archive: compressed
|
||||||
extra_opts: --strip-components=2
|
extra_opts: --strip-components=2
|
||||||
- filename: yq
|
- filename: yq
|
||||||
url: https://github.com/mikefarah/yq/releases/download/v4.43.1/yq_linux_amd64
|
url: http://github.com/mikefarah/yq/releases/download/v4.30.5/yq_linux_amd64
|
||||||
|
|
||||||
packages:
|
packages:
|
||||||
apt:
|
apt:
|
||||||
|
|||||||
@ -56,6 +56,6 @@ source "vsphere-iso" "ubuntu" {
|
|||||||
remove_cdrom = true
|
remove_cdrom = true
|
||||||
|
|
||||||
export {
|
export {
|
||||||
output_directory = "/data/scratch"
|
output_directory = "/scratch"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user