Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deploy rook-ceph #5

Merged
merged 3 commits into from
Feb 25, 2024
Merged

deploy rook-ceph #5

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8aa6041
deploy rook-ceph
jgilfoil Feb 25, 2024
33bb91d
clean up flux respository sources
jgilfoil Feb 25, 2024
a038105
remove empty values in rook-ceph-cluster chart
jgilfoil Feb 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions kubernetes/apps/rook-ceph/app/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: rook-ceph-operator
spec:
interval: 30m
timeout: 15m
chart:
spec:
chart: rook-ceph
version: v1.13.3
sourceRef:
kind: HelmRepository
name: rook-ceph
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 3
uninstall:
keepHistory: false
dependsOn:
- name: snapshot-controller
namespace: storage
values:
csi:
cephFSKernelMountOptions: ms_mode=prefer-crc
enableLiveness: true
serviceMonitor:
enabled: true
monitoring:
enabled: true
resources:
requests:
memory: 128Mi # unchangable
cpu: 100m # unchangable
limits: {}
7 changes: 7 additions & 0 deletions kubernetes/apps/rook-ceph/app/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./rook-ceph-dashboard-password.secret.sops.yaml
- ./helmrelease.yaml
27 changes: 27 additions & 0 deletions kubernetes/apps/rook-ceph/app/rook-ceph-dashboard-password.secret.sops.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# yamllint disable
apiVersion: v1
kind: Secret
metadata:
name: rook-ceph-dashboard-password
stringData:
password: ENC[AES256_GCM,data:QXg+80UQp4OEg5lXyk6/cA==,iv:9N8bvoRJ8ANhaG8HQId9+sLcoL3r97FEToo/FZ6evIo=,tag:8xGrcYmfpOwMqstFdC+/Eg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age12rzrdtn8xhd89y23qw4kymxftuylqn5cm522jcn327atent4a40swjcgmj
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIWjliYXU5emg1TnI5SEcv
bjMxTlVVeURpeWV1Qys4V0w1RnNyMzFEL1JVClhiRXpVUjdjQTgzdkNqZ0V1MXkw
K3hQWm9Bb0dKWGtQTXFrNm5wSytIV1EKLS0tIC9IbXpoVFk4NWhrdXNiRFkvYm90
REJGSU5ONXJHWWNXbGE0Q21KdFpsbmcKAibEc4C50OtZiQkGEHEF+YJ9uzHmreFJ
VDsXzxStCsgBUSfG7QxRg2RSlHxsBhu/n27iB+Mcz0P7on5zlCBPXA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-02-25T02:55:34Z"
mac: ENC[AES256_GCM,data:j+bE8tT8Kv7yJBE2zwxr8KU8V4gIf6M2Gh3ZfgAReikDGkJZfvXxueVW51h18GnbMUZ+UUiLXj1cPQHsFIkIUwyK7eMZ5Yd8Gtzg+9GALwoA2MK8n98vBmRb6RjO93UyJuMpTH1AgsEp/5Sqk7UVKxMf2SXcaJihjmaLopGkkmg=,iv:qQg2E49tuE2N0o3PC6J0I6xCoq7onfPDl46yclm7MvU=,tag:Uotdx2lqMxQ4rR2S4fS15w==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.8.1
135 changes: 135 additions & 0 deletions kubernetes/apps/rook-ceph/cluster/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,135 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: rook-ceph-cluster
spec:
interval: 30m
timeout: 15m
chart:
spec:
chart: rook-ceph-cluster
version: v1.13.3
sourceRef:
kind: HelmRepository
name: rook-ceph
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
retries: 3
uninstall:
keepHistory: false
dependsOn:
- name: rook-ceph-operator
namespace: rook-ceph
- name: snapshot-controller
namespace: storage
values:
monitoring:
enabled: true
createPrometheusRules: true
ingress:
dashboard:
ingressClassName: internal
host:
name: &host rook.${SECRET_DOMAIN}
path: /
tls:
- hosts:
- *host
toolbox:
enabled: true
configOverride: |
[global]
bdev_enable_discard = true
bdev_async_discard = true
osd_class_update_on_start = false
cephClusterSpec:
network:
provider: host
connections:
requireMsgr2: true
crashCollector:
disable: false
dashboard:
enabled: true
urlPrefix: /
ssl: false
storage:
useAllNodes: false
useAllDevices: false
config:
osdsPerDevice: "1"
nodes:
- name: odroid-01
devices:
- name: /dev/sda
- name: odroid-02
devices:
- name: /dev/sda
- name: odroid-03
devices:
- name: /dev/sda
placement:
mgr: &placement
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: Exists
mon: *placement
resources:
mgr:
requests:
cpu: 500m
memory: 512Mi
limits:
cpu: 2000m
memory: 2Gi
mon:
requests:
cpu: 1000m
memory: 1Gi
limits:
cpu: 4000m
memory: 4Gi
osd:
requests:
cpu: 1000m
memory: 4Gi
limits:
cpu: 4000m
memory: 8Gi
cephBlockPools:
- name: ceph-blockpool
spec:
failureDomain: host
replicated:
size: 3
storageClass:
enabled: true
name: ceph-block
isDefault: true
reclaimPolicy: Delete
allowVolumeExpansion: true
parameters:
imageFormat: "2"
imageFeatures: layering
csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner
csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner
csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node
csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
csi.storage.k8s.io/fstype: ext4
cephBlockPoolsVolumeSnapshotClass:
enabled: true
name: csi-ceph-blockpool
isDefault: false
deletionPolicy: Delete
7 changes: 7 additions & 0 deletions kubernetes/apps/rook-ceph/cluster/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
# - ./rgw-external.yaml
53 changes: 53 additions & 0 deletions kubernetes/apps/rook-ceph/cluster/rgw-external.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/ceph.rook.io/cephobjectstoreuser_v1.json
apiVersion: ceph.rook.io/v1
kind: CephObjectStoreUser
metadata:
name: cluster-admin
spec:
# Ref: https://rook.io/docs/rook/v1.13/Storage-Configuration/Object-Storage-RGW/object-storage/
store: ceph-objectstore
displayName: Cluster Admin
---
apiVersion: v1
kind: Service
metadata:
name: rook-ceph-rgw-ceph-objectstore-external
namespace: rook-ceph
labels:
app: rook-ceph-rgw
rook_cluster: rook-ceph
rook_object_store: ceph-objectstore
spec:
type: NodePort
selector:
app: rook-ceph-rgw
rook_cluster: rook-ceph
rook_object_store: ceph-objectstore
ports:
- name: rgw
port: 80
protocol: TCP
targetPort: 80
sessionAffinity: None
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: rook-ceph-rgw
spec:
ingressClassName: internal
rules:
- host: &host rook-ceph-rgw.${SECRET_DOMAIN}
http:
paths:
- backend:
service:
name: rook-ceph-rgw-ceph-objectstore-external
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- *host
42 changes: 42 additions & 0 deletions kubernetes/apps/rook-ceph/ks.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app rook-ceph
namespace: flux-system
spec:
targetNamespace: rook-ceph
commonMetadata:
labels:
app.kubernetes.io/name: *app
path: ./kubernetes/apps/rook-ceph/app
prune: false # never should be deleted
sourceRef:
kind: GitRepository
name: home-kubernetes
wait: false
interval: 30m
retryInterval: 5m30s
timeout: 5m
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app rook-ceph-cluster
namespace: flux-system
spec:
targetNamespace: rook-ceph
commonMetadata:
labels:
app.kubernetes.io/name: *app
path: ./kubernetes/apps/rook-ceph/cluster
prune: false # never should be deleted
sourceRef:
kind: GitRepository
name: home-kubernetes
wait: false
interval: 30m
retryInterval: 5m30s
timeout: 15m
9 changes: 9 additions & 0 deletions kubernetes/apps/rook-ceph/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# Pre Flux-Kustomizations
- ./namespace.yaml
# Flux-Kustomizations
- ./ks.yaml
7 changes: 7 additions & 0 deletions kubernetes/apps/rook-ceph/namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: rook-ceph
labels:
kustomize.toolkit.fluxcd.io/prune: disabled
10 changes: 10 additions & 0 deletions kubernetes/flux/repositories/helm/intel.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1beta2.json
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: intel
namespace: flux-system
spec:
interval: 2h
url: https://intel.github.io/helm-charts
6 changes: 1 addition & 5 deletions kubernetes/flux/repositories/helm/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,21 +7,17 @@ resources:
- ./bjw-s.yaml
- ./cilium.yaml
- ./coredns.yaml
- ./csi-driver-nfs.yaml
- ./csi-driver-smb.yaml
- ./descheduler.yaml
- ./external-dns.yaml
- ./grafana.yaml
- ./ingress-nginx.yaml
- ./jetstack.yaml
- ./k8s-gateway.yaml
- ./kubernetes-dashboard.yaml
- ./longhorn.yaml
- ./metrics-server.yaml
- ./openebs.yaml
- ./piraeus.yaml
- ./postfinance.yaml
- ./prometheus-community.yaml
- ./rook-ceph.yaml
- ./stakater.yaml
- ./weave-gitops.yaml
- ./xenitab.yaml
8 changes: 4 additions & 4 deletions .../flux/repositories/helm/weave-gitops.yaml → ...netes/flux/repositories/helm/metallb.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: weave-gitops
name: metallb
namespace: flux-system
spec:
type: oci
interval: 5m
url: oci://ghcr.io/weaveworks/charts
interval: 1h
url: https://metallb.github.io/metallb
timeout: 3m
5 changes: 3 additions & 2 deletions ...lux/repositories/helm/csi-driver-smb.yaml → ...sitories/helm/node-feature-discovery.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,9 @@
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: csi-driver-smb
name: node-feature-discovery
namespace: flux-system
spec:
interval: 1h
url: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-smb/master/charts
url: https://kubernetes-sigs.github.io/node-feature-discovery/charts
timeout: 3m
Loading
Loading