djpbessems/Packer.Images
Archived
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: djpbessems:8764634ea04c9a8c4e7e98102548715193b104ba
Branches Tags
djpbessems:master djpbessems:Appliance.AirgappedK8s-1.27.x djpbessems:Appliance.AirgappedK8s-1.26.x djpbessems:Appliance.AirgappedK8s-1.25.x djpbessems:Test_SemRel djpbessems:UbuntuServer22.04 djpbessems:UbuntuServer20.04 djpbessems:Windows10 djpbessems:Server2019 djpbessems:ADDS
djpbessems:K8s_1.25.9-v1.0.0 djpbessems:v1.0.0
..
compare: djpbessems:75309bdf11d9351a00243e58ef577b669c03ad3f
Branches Tags
djpbessems:Appliance.AirgappedK8s-1.27.x djpbessems:Appliance.AirgappedK8s-1.26.x djpbessems:Appliance.AirgappedK8s-1.25.x djpbessems:Test_SemRel djpbessems:UbuntuServer22.04 djpbessems:UbuntuServer20.04 djpbessems:Windows10 djpbessems:master djpbessems:Server2019 djpbessems:ADDS
djpbessems:K8s_1.25.9-v1.0.0 djpbessems:v1.0.0

2 Commits
8764634ea0 ... 75309bdf11

Author SHA1 Message Date
djpbessems
75309bdf11 feat: Upgrade components
Some checks failed
Container & Helm chart / Linting (push) Successful in 1m31s
Details
Container & Helm chart / Semantic Release (Dry-run) (push) Successful in 2m19s
Details
Container & Helm chart / Kubernetes Bootstrap Appliance (push) Failing after 1s
Details
2024-06-07 12:22:53 +10:00
djpbessems
1469ba08d8 build: Change export target directory 2024-06-07 12:22:22 +10:00
2 changed files with 71 additions and 52 deletions
Expand all files Collapse all files

121
ansible/vars/metacluster.yml
View File

@@ -56,44 +56,50 @@ components:
argo-cd:
helm:
version: 5.27.4 # (= ArgoCD v2.6.7)
version: 6.7.7 # (=ArgoCD v.2.10.5)
chart: argo/argo-cd
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
chart_values: !unsafe |
configs:
cm:
resource.compareoptions: |
ignoreAggregatedRoles: true
resource.customizations.ignoreDifferences.all: |
jsonPointers:
- /spec/conversion/webhook/clientConfig/caBundle
params:
server.insecure: true
secret:
argocdServerAdminPassword: "{{ vapp['metacluster.password'] | password_hash('bcrypt') }}"
global:
domain: gitops.{{ vapp['metacluster.fqdn'] | lower }}
server:
extraArgs:
- --insecure
ingress:
enabled: true
hosts:
- gitops.{{ vapp['metacluster.fqdn'] }}
cert-manager:
helm:
version: 1.13.1
version: 1.14.4
chart: jetstack/cert-manager
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
# chart_values: !unsafe |
# installCRDs: true
chart_values: !unsafe |
installCRDs: true
clusterapi:
management:
version:
# Must match the version referenced at `dependencies.static_binaries[.filename==clusterctl].url`
base: v1.5.1
base: v1.6.3
# Must match the version referenced at `components.cert-manager.helm.version`
cert_manager: v1.13.1
infrastructure_vsphere: v1.8.1
ipam_incluster: v0.1.0-alpha.3
cert_manager: v1.14.4
infrastructure_vsphere: v1.9.2
ipam_incluster: v0.1.0
# Refer to `https://console.cloud.google.com/gcr/images/cloud-provider-vsphere/GLOBAL/cpi/release/manager` for available tags
cpi_vsphere: v1.27.0
cpi_vsphere: v1.30.1
workload:
version:
calico: v3.26.2
k8s: v1.27.1
calico: v3.27.3
k8s: v1.30.1
node_template:
url: https://{{ repo_username }}:{{ repo_password }}@sn.itch.fyi/Repository/rel/ubuntu-2204-kube-v1.27.1.ova
@@ -131,7 +137,7 @@ components:
gitea:
helm:
version: v7.0.2 # (= Gitea v1.18.3)
version: v10.1.3 # (= Gitea v1.21.7)
chart: gitea-charts/gitea
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | sed '/:/!s/$/:latest/'
chart_values: !unsafe |
@@ -149,21 +155,33 @@ components:
admin:
username: administrator
password: "{{ vapp['metacluster.password'] }}"
email: admin@{{ vapp['metacluster.fqdn'] }}
email: administrator@{{ vapp['metacluster.fqdn'] | lower }}
config:
cache:
ADAPTER: memory
server:
OFFLINE_MODE: true
PROTOCOL: http
ROOT_URL: https://git.{{ vapp['metacluster.fqdn'] }}/
ROOT_URL: https://git.{{ vapp['metacluster.fqdn'] | lower }}/
session:
PROVIDER: db
image:
pullPolicy: IfNotPresent
ingress:
enabled: true
hosts:
- host: git.{{ vapp['metacluster.fqdn'] }}
- host: git.{{ vapp['metacluster.fqdn'] | lower }}
paths:
- path: /
pathType: Prefix
postgresql:
enabled: true
image:
tag: 16.1.0-debian-11-r25
postgresql-ha:
enabled: false
redis-cluster:
enabled: false
service:
ssh:
type: ClusterIP
@@ -172,7 +190,7 @@ components:
harbor:
helm:
version: 1.11.0 # (= Harbor v2.7.0)
version: 1.14.1 # (= Harbor v2.10.1)
chart: harbor/harbor
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
chart_values: !unsafe |
@@ -180,11 +198,11 @@ components:
ingress:
annotations: {}
hosts:
core: registry.{{ vapp['metacluster.fqdn'] }}
core: registry.{{ vapp['metacluster.fqdn'] | lower }}
tls:
certSource: none
enabled: false
externalURL: https://registry.{{ vapp['metacluster.fqdn'] }}
externalURL: https://registry.{{ vapp['metacluster.fqdn'] | lower }}
harborAdminPassword: "{{ vapp['metacluster.password'] }}"
notary:
enabled: false
@@ -229,23 +247,30 @@ components:
kubevip:
# Must match the version referenced at `dependencies.container_images`
version: v0.5.8
version: v0.6.3
longhorn:
helm:
version: 1.4.1
version: 1.5.4
chart: longhorn/longhorn
parse_logic: cat values.yaml | yq eval '.. | select(has("repository")) | .repository + ":" + .tag'
chart_values: !unsafe |
defaultSettings:
allowNodeDrainWithLastHealthyReplica: true
concurrentReplicaRebuildPerNodeLimit: 10
defaultDataPath: /mnt/blockstorage
defaultReplicaCount: 1
logLevel: Info
nodeDrainPolicy: block-for-eviction-if-contains-last-replica
replicaSoftAntiAffinity: true
priorityClass: system-node-critical
storageOverProvisioningPercentage: 200
storageReservedPercentageForDefaultDisk: 0
ingress:
enabled: true
host: storage.{{ vapp['metacluster.fqdn'] }}
persistence:
defaultClassReplicaCount: 1
host: storage.{{ vapp['metacluster.fqdn'] | lower }}
longhornManager:
priorityClass: system-node-critical
longhornDriver:
priorityClass: system-node-critical
pinniped:
helm:
@@ -270,22 +295,14 @@ components:
step-certificates:
helm:
version: 1.23.0
version: 1.25.2 # (= step-ca v0.25.2)
chart: smallstep/step-certificates
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sed '/:/!s/$/:latest/' | sort -u
chart_values: !unsafe |
ca:
dns: ca.{{ vapp['metacluster.fqdn'] }},step-certificates.step-ca.svc.cluster.local,127.0.0.1
password: "{{ vapp['metacluster.password'] }}"
provisioner:
name: admin
password: "{{ vapp['metacluster.password'] }}"
inject:
secrets:
ca_password: "{{ vapp['metacluster.password'] | b64encode }}"
provisioner_password: "{{ vapp['metacluster.password'] | b64encode }}"
service:
targetPort: 9000
dependencies:
@@ -301,41 +318,43 @@ dependencies:
container_images:
# This should match the image tag referenced at `platform.packaged_components[.name==traefik].config`
- busybox:1
- ghcr.io/kube-vip/kube-vip:v0.5.8
- ghcr.io/kube-vip/kube-vip:v0.6.3
# The following list is generated by running the following commands:
# $ clusterctl init -i vsphere:<version> [...]
# $ clusterctl generate cluster <name> [...] | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)' | sort -u
- gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.27.0
- gcr.io/cloud-provider-vsphere/csi/release/driver:v2.1.0
- gcr.io/cloud-provider-vsphere/csi/release/syncer:v2.1.0
- quay.io/k8scsi/csi-attacher:v3.0.0
- quay.io/k8scsi/csi-node-driver-registrar:v2.0.1
- quay.io/k8scsi/csi-provisioner:v2.0.0
- quay.io/k8scsi/livenessprobe:v2.1.0
- gcr.io/cloud-provider-vsphere/csi/release/driver:v3.1.0
- gcr.io/cloud-provider-vsphere/csi/release/syncer:v3.1.0
- registry.k8s.io/sig-storage/csi-attacher:v4.3.0
- registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0
- registry.k8s.io/sig-storage/csi-provisioner:v3.5.0
- registry.k8s.io/sig-storage/csi-resizer:v1.8.0
- registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2
- registry.k8s.io/sig-storage/livenessprobe:v2.10.0
static_binaries:
- filename: clusterctl
url: https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.5.1/clusterctl-linux-amd64
url: https://github.com/kubernetes-sigs/cluster-api/releases/download/v1.6.3/clusterctl-linux-amd64
- filename: govc
url: https://github.com/vmware/govmomi/releases/download/v0.29.0/govc_Linux_x86_64.tar.gz
url: https://github.com/vmware/govmomi/releases/download/v0.36.3/govc_Linux_x86_64.tar.gz
archive: compressed
- filename: helm
url: https://get.helm.sh/helm-v3.10.2-linux-amd64.tar.gz
url: https://get.helm.sh/helm-v3.14.3-linux-amd64.tar.gz
archive: compressed
extra_opts: --strip-components=1
- filename: kubectl-slice
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.5/kubectl-slice_linux_x86_64.tar.gz
url: https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.2.9/kubectl-slice_linux_x86_64.tar.gz
archive: compressed
- filename: pinniped
url: https://github.com/vmware-tanzu/pinniped/releases/download/v0.25.0/pinniped-cli-linux-amd64
- filename: skopeo
url: https://code.spamasaurus.com/api/packages/djpbessems/generic/skopeo/v1.12.0/skopeo_linux_amd64
- filename: step
url: https://dl.step.sm/gh-release/cli/gh-release-header/v0.23.0/step_linux_0.23.0_amd64.tar.gz
url: https://dl.step.sm/gh-release/cli/gh-release-header/v0.25.2/step_linux_0.25.2_amd64.tar.gz
archive: compressed
extra_opts: --strip-components=2
- filename: yq
url: http://github.com/mikefarah/yq/releases/download/v4.30.5/yq_linux_amd64
url: https://github.com/mikefarah/yq/releases/download/v4.43.1/yq_linux_amd64
packages:
apt:

2
packer/source.pkr.hcl
View File

@@ -56,6 +56,6 @@ source "vsphere-iso" "ubuntu" {
remove_cdrom = true
export {
output_directory = "/scratch"
output_directory = "/data/scratch"
}
}