From d63bc08fa89d372766f877556ea67571560c9c9d Mon Sep 17 00:00:00 2001 From: Michael Fornaro <20387402+xUnholy@users.noreply.github.com> Date: Wed, 8 Jan 2025 15:40:46 +1100 Subject: [PATCH] feat: cleanup and add kps Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com> --- .../repositories/helm/kustomization.yaml | 5 - .../helm/openebs-cstor-chart.yaml | 10 -- .../repositories/helm/openebs-jiva-chart.yaml | 10 -- .../repositories/helm/weave-charts.yaml | 11 -- .../addons/repositories/helm/wge-charts.yaml | 12 -- .../repositories/helm/wge-secret.enc.yaml | 42 ------ .../repositories/oci/bitnami-charts.yaml | 80 ++++++++++++ .../home-assistant/app/helmrelease.yaml | 4 - .../home-system/home-assistant/app/pvc.yaml | 3 +- .../base/home-system/home-assistant/ks.yaml | 3 - .../base/home-system/jellyfin/ks.yaml | 2 - .../base/home-system/zigbee2mqtt/app/pvc.yaml | 3 +- .../app/helmrelease.yaml | 36 +++--- .../observability/loki/app/helmrelease.yaml | 12 +- .../base/openebs/cstor/app/cstor-pool.yaml | 120 ------------------ .../base/openebs/cstor/app/helmrelease.yaml | 78 ------------ .../base/openebs/cstor/app/kustomization.yaml | 8 -- .../base/openebs/cstor/app/storageclass.yaml | 41 ------ .../namespaces/base/openebs/cstor/ks.yaml | 17 --- .../base/openebs/jiva/app/helmrelease.yaml | 79 ------------ .../base/openebs/jiva/app/kustomization.yaml | 7 - .../namespaces/base/openebs/jiva/ks.yaml | 17 --- .../crowdsec/app/helmrelease.yaml | 4 +- .../base/velero/velero/app/helmrelease.yaml | 10 -- .../overlays/cluster-0/kustomization.yaml | 4 +- 25 files changed, 111 insertions(+), 507 deletions(-) delete mode 100644 kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-cstor-chart.yaml delete mode 100644 kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-jiva-chart.yaml delete mode 100644 kubernetes/namespaces/base/flux-system/addons/repositories/helm/weave-charts.yaml delete mode 100644 kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-charts.yaml delete mode 100644 kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-secret.enc.yaml delete mode 100644 kubernetes/namespaces/base/openebs/cstor/app/cstor-pool.yaml delete mode 100644 kubernetes/namespaces/base/openebs/cstor/app/helmrelease.yaml delete mode 100644 kubernetes/namespaces/base/openebs/cstor/app/kustomization.yaml delete mode 100644 kubernetes/namespaces/base/openebs/cstor/app/storageclass.yaml delete mode 100644 kubernetes/namespaces/base/openebs/cstor/ks.yaml delete mode 100644 kubernetes/namespaces/base/openebs/jiva/app/helmrelease.yaml delete mode 100644 kubernetes/namespaces/base/openebs/jiva/app/kustomization.yaml delete mode 100644 kubernetes/namespaces/base/openebs/jiva/ks.yaml diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/kustomization.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/kustomization.yaml index c754d35d47..9a9e05c840 100644 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/kustomization.yaml +++ b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/kustomization.yaml @@ -42,8 +42,6 @@ resources: - node-feature-discovery-chart.yaml - oauth2-proxy-chart.yaml - openebs-charts.yaml - - openebs-cstor-chart.yaml - - openebs-jiva-chart.yaml - openfaas-charts.yaml - otel-charts.yaml - postfinance-charts.yaml @@ -55,7 +53,4 @@ resources: - traefik-charts.yaml - vernemq-charts.yaml - vmware-charts.yaml - - weave-charts.yaml - - wge-charts.yaml - - wge-secret.enc.yaml - xunholy-charts.yaml diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-cstor-chart.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-cstor-chart.yaml deleted file mode 100644 index 772500c383..0000000000 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-cstor-chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.raspbernetes.com/source.toolkit.fluxcd.io/helmrepository_v1beta2.json -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: cstor-chart - namespace: flux-system -spec: - interval: 2h - url: https://openebs.github.io/cstor-operators diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-jiva-chart.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-jiva-chart.yaml deleted file mode 100644 index bef8b3feca..0000000000 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/openebs-jiva-chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.raspbernetes.com/source.toolkit.fluxcd.io/helmrepository_v1beta2.json -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: openebs-jiva-chart - namespace: flux-system -spec: - interval: 2h - url: https://openebs.github.io/jiva-operator diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/weave-charts.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/weave-charts.yaml deleted file mode 100644 index d97ef01eed..0000000000 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/weave-charts.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.raspbernetes.com/source.toolkit.fluxcd.io/helmrepository_v1beta2.json -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: weave-charts - namespace: flux-system -spec: - interval: 120m - type: oci - url: oci://ghcr.io/weaveworks/charts diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-charts.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-charts.yaml deleted file mode 100644 index a75de69933..0000000000 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-charts.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.raspbernetes.com/source.toolkit.fluxcd.io/helmrepository_v1beta2.json -apiVersion: source.toolkit.fluxcd.io/v1 -kind: HelmRepository -metadata: - name: wge-charts - namespace: flux-system -spec: - interval: 2h - url: https://charts.dev.wkp.weave.works/releases/charts-v3 - secretRef: - name: wge-credentials diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-secret.enc.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-secret.enc.yaml deleted file mode 100644 index d271424d38..0000000000 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/helm/wge-secret.enc.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: v1 -stringData: - deploy-key: ENC[AES256_GCM,data:iba32onjkSLEzT3zXMrpv/fFj9f9eDGILwBPx/yYLmAMdI0ptjrZsYGbbFimjSN9V2nN37WBZ3TgtZueQN50dyC+laR+SMYXriaztLl8C3XuvFuS3ngr+68AQeXPM3RSIoF3B8QZd4+sGsTNunFmA3OA27Vk80dce30+xgwjSXnPuE61KvvwHzBJNBbnYWZ722+R2wJJzBpbUTA7Om192C2IeDlGtpA1ewEsSmnlLCvtw7BwAapg+T6G1kiAChscDEq8p0FZaHLkyMaF+mCFADSejS9PB9+J5j05Yz0X5/84o8f+YbxQbXbWAHtnOPzmRKW/2B0b2sJbsV8bWU9L6q2+F3DawJanZWYDkhO5nNWH009lu+WLVYRGA49MdIFfm19mGU55QlQBkxpVuvhOkbuEn3nJsFmTJjqYsC2LfhKuNeWqso87Mx2MAPWwyiy0hG7NZb+8mNiAs9CKPP2sqfKR2VjmZOTAVBaIv2pAcy9UCsu827xZi4LO2EsrXmglaSkDksnRx4ODaG49HGsC8gseQV6kJWIBRsntOoz4uU0cAjJsTVolGO0Z67quQH63i2JXJI/Nq2hjtYc24B0x+PHNmyMv199nsKkDdJV1isb0rqABXOV8dpWJ81zxvP5QThL3Ht2Xtm33Pn9kUClr/gczQc4esugw9Ad5IOxQ7gAumF0acjVDnu01gu/aA7205vB0p3lW2MDWs90BN2ypsQCpfU/qNm2o1TG4PTXmJtsFiqIQ3POGniIEr2Odg7B8l0wdcD2u7pdhDgn0/dDeoR1dnHTkPgQ6SF2epNABTuMpO/FC8m/X5v+lP/jSCOWaVlSgz3lNPBM7hgdijk4ADsXEazslDsnJ22tED97V3aM5wuBE98lz/QHLA+eM7Dfkw+afyjQu5NeV0W3BbWrb/88VqhK9TpdW8aNUATc9/avOFso5THbREiQYPUA4Sf2mA0e78Vi6KkuRXAF3F2OUrmDdL96Ze2boeM+YEF2o9yMs40RcheMOnN4YccR1A6d6EMeVxwonbcP1F7KHpxONP3jTFg2dGF0J11hxytiqVFK0T+GoQNAVbrSv1FptfYgA+K9qQionXpvMmvD/Mu9YgYTUnlZOAW/weHP9V+0Ece96C5h6+jlDlPRUPgxGyHBiOzh3xPCD3cZuTIhiSb1nf1BlysP/I84m/Z7MExjeUazh16T5txWOovEmNlHpYenM+zuJLnI5w5bqohwFmJQzc/hRuw0blb1VlTQAW8mvSc0bkRTQctotx3ZED8FJFecDmiCq9WR0Ac8TGKMOtou2CkWBbM9950SHiHn4RnfU7l8DzGVkEaUEtFlknr4zuUgOVJWBjtqHYCYV4VhXlOEH7AFKZcN7VUR1P4l5QTcGNU4T2Sd47wS5Pd53gQcyoU/XAsSUzSb56D+iSUQ+q76obIdWrwBUC3mF3tk7Eu47RxnDSilXM/7xDde8uBAbvyAabJB1XPwCL2XZS1PQFZNgbUaAWABNWZGmLgCoDV3C3lOA+z2Iy8rBsh7nsa7EtOytcrbazqvIElA8XcYhP6aI5nXOSV9AScuzbh5GHoAxyRDj+SEO0gvGET+ciekc7iuUNB0MZsz5cXq12RupTgt3CFpRd2BRaX0NbrYQGKSqui5ZsuKAy3M3gy9dXUsLzjS1YahL4VsyzhdSIvKi7GusHczn3QJlqRBk7sgBuFRMNOgy7zNJyGsb0BlCJC2z9nYOO/3+8YflDJRQ4tcxeopkjhG1WGV/u2ywGDa4PM+b85+2vIFgrSZ2kNBZxA/pfcMW1EVPd71wypxAQ35JTdjIvP6bPnydzh8mF+lzvjbtsMjor9Obz5BbVY9Evfi72jbBP1515/Cw8mrdEFXyW61NoX1MC5PO+iDwECsY5Wjm87Rk3Ayxe0Ai9XbCRPwaYS2ao0H37Ps7kUxoYk7wYHlmd4GlU/B1UIOTh4ky1fhAAFu0xsH3Z+dVyzLJHE9YrONPdmZtvrnOb5xhx5PjPqTF3gHrdaZ2BCrXZC9b8QK6044gqMQiy/JsM+TFk/jIUGZlfmgh0HIpYvoy9F4D2Wck89fvSm+xlyM/Oxx9XToR6YOlAQ04cyxPvEtoYwmkO3zrQTkRoUQA1ghD4gbCdeUEBgHAtBSjH3Z5Av1ZsvGIFybYDU50ax8npEV50IbhGOq06LStVIAoSsbDRpzHliVfmr07V68kFVBumJ7mvfJ/yQTKTtmo0jEc0l268ydizcyGTZblenORnsk1Hq2IA95oW+Bn17OI8yDN,iv:S/G0wyD0mUO3ME9VT6ocmBz2yOt04EP8kMmsl8cU+vo=,tag:DjFVhfARNqcHX0xWwGq9/Q==,type:str] - entitlement: ENC[AES256_GCM,data:+Rh/qnJEfhdRcWsoaEpKGf2hCatC89PpKaMsDhjadgsbXey2mG4Nxp0GxSY+ySmHcyU8dise81GRvG9I1HvdBQf8JTHxAkoAIaVdW1syVCwLt9UPj5U37ZdUndWEwB55HrzJ/j4M0h8qHKuUmbIBGjvtgUDxwWrbZ5k3WjpRDMWPTIUppcO/jQ3U5EdpaRFDUI3SgSBzMTFjVSCx8GyGSDhetBB6kMIingOxzAJBApDW8A0tclSvvHPkYdVCoVxE0QiBuEHJ19p4Xa0GGUs66yq6JV6/VYfxt+kSv6kBFBGYFSTJzO3bn6waRARjWCziFDSv9S/7P4GnavnFm7iJh3sRxFExjnNZvmAZHKdYXzSN00FzKk0E,iv:BgfSjH58VK1ISz4nLmydHvrgzyTvEkw8ssEfO38nkhw=,tag:dGKF+VrIuS3jqJIux2Wm6g==,type:str] - password: ENC[AES256_GCM,data:Nz06YMs3,iv:jVmKYYJ9n921p+VRhO0n2CvJOV+PXC/U9dIt7zhmvzk=,tag:YTH3Mv5L4qg2faxgfA+oQA==,type:str] - username: ENC[AES256_GCM,data:XPeZ,iv:1aJpEZwsN95cXdvwMt5W0RbqFhAGifU9aM2ScdgdKwM=,tag:f63hO41c1MUlkxApCqF+5A==,type:str] -kind: Secret -metadata: - name: wge-credentials - namespace: flux-system -type: Opaque -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-17T21:42:40Z" - mac: ENC[AES256_GCM,data:LepQIJ8tr2tEAZLrEGbUdb2MT6udFSJ2fVPM3uIbq8UYPppzqn8mIxtlloX8fAGVZ78L3yrSD5GacT2OoYXAx0ekPXmkZoB5afLaHWIkY16iUiD4KgNpMLpSk8U4GJQnv+tHH4MvD7c5QQMueM+3WO9eMN/1fMwCHO2RwXwSge4=,iv:XWBcX2uLyBRmfc73a8MW4LFtli01GZ8klm6ddPm7smo=,tag:x/qJn9Ew4z2CAZGrfqzzcA==,type:str] - pgp: - - created_at: "2023-12-13T00:12:53Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMAx42lmLHwoZwAQ//WEWMAXEI/5ywUEgbc2lOWDCXPWvUm0tKf16n5f7dGN6U - LxSvFuHmpjz48VjY/jWFsSzUgf3LhrGQIY92F7wbATApzCiGUNnrHb3r/si8NP8N - o96i/AzQfNdLleDNMjY+iPPakQjXJFfJ0uHS4A/4SQFus+pL1HwLOgcCUG+ZzJfG - Yj6YZM3hb6imKGMPXxpW/VTQL7eEFD8kq0wivW2vnwbYbzVOAj9PDrwq1QgiJV67 - MmDegIG5+xlXGMVvgA2NI/SC13PwB0y26d00d+5/hkutJlMTNBGReTJYANSIMSen - Va4dJbl3JMSupzvb4M2vcH6i2IubBpY27HXh9sVELHD9wQgTCIARkYe2aVI8tQQM - xH5ouvs9oZckJfQXz+1hh6bzPgym/ddS0MsfF0QuGDqku6VE+UimRERMbZRngNyb - gRd7+z3uc62YBbQj1B2tamsRTDifcjOKxaYq3tit46J+WUPllNN87nhpkxreo8SF - 7xsr9QqnFbCe5OXeICbObVwdhPZXqiEhnsl9Frzuq2ZHByW/Ar8Aq5HwQLKNSNLv - THzMePeO/MqB9J3GfFKK41lblY+jPFkgNl8V/BRDne5KI/heg7o9xArPxwlgxHR0 - 2TeyI86DvJvXaQCxU7Xzo3/ZEiaK4veAt0r+vvxu+gDJ/Wuix5YSf4XvKOsQG3vS - XgF1ZvayOIqPTOj8I6vSp2rCm6VwYmrhHIb2T6NB9pG/JRo6sIgOT3c2T1bq4Ojd - bi4LpeMWOHKpGtNbZr4F87d75uMmU9CyWM8iaHX8cKPGLC79Oz1CQcaotB9MgfQ= - =yV3g - -----END PGP MESSAGE----- - fp: 0635B8D34037A9453003FB7B93CAA682FF4C9014 - encrypted_regex: ^(data|stringData)$ - version: 3.7.1 diff --git a/kubernetes/namespaces/base/flux-system/addons/repositories/oci/bitnami-charts.yaml b/kubernetes/namespaces/base/flux-system/addons/repositories/oci/bitnami-charts.yaml index 15cce66d41..89d31da179 100644 --- a/kubernetes/namespaces/base/flux-system/addons/repositories/oci/bitnami-charts.yaml +++ b/kubernetes/namespaces/base/flux-system/addons/repositories/oci/bitnami-charts.yaml @@ -10,3 +10,83 @@ spec: interval: 2h url: oci://registry-1.docker.io/bitnamicharts timeout: 10m + + +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: OCIRepository +metadata: + name: thanos + namespace: flux-system +spec: + interval: 10m + layerSelector: + mediaType: "application/vnd.cncf.helm.chart.content.v1.tar+gzip" + operation: copy + url: oci://registry-1.docker.io/bitnamicharts/thanos + ref: + semver: ">= 15.9.2" +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: thanos-test + namespace: observability +spec: + chartRef: + kind: OCIRepository + name: thanos + namespace: flux-system + driftDetection: + mode: enabled + install: + crds: CreateReplace + createNamespace: true + remediation: + retries: 3 + replace: true + timeout: 10m + interval: 5m + maxHistory: 3 + rollback: + cleanupOnFail: true + force: true + recreate: true + test: + enable: true + uninstall: + deletionPropagation: background + keepHistory: false + upgrade: + cleanupOnFail: true + crds: CreateReplace + remediation: + remediateLastFailure: true + retries: 3 + strategy: rollback + values: + compactor: + enabled: false + image: + repository: thanosio/thanos + tag: v0.29.0 + metrics: + enabled: true + objstoreConfig: + config: + bucket: thanos-raspbernetes-storage + type: GCS + query: + dnsDiscovery: + sidecarsNamespace: observability + sidecarsService: kube-prometheus-stack-thanos-discovery + podAntiAffinityPreset: hard + replicaCount: 3 + replicaLabel: + - __replica__ + queryFrontend: + enabled: false + serviceMonitor: + enabled: true + valuesFrom: + - kind: Secret + name: thanos-objstore-config diff --git a/kubernetes/namespaces/base/home-system/home-assistant/app/helmrelease.yaml b/kubernetes/namespaces/base/home-system/home-assistant/app/helmrelease.yaml index 601d8ae967..4c720eca18 100644 --- a/kubernetes/namespaces/base/home-system/home-assistant/app/helmrelease.yaml +++ b/kubernetes/namespaces/base/home-system/home-assistant/app/helmrelease.yaml @@ -41,10 +41,6 @@ spec: driftDetection: mode: enabled maxHistory: 3 - # TODO: Reenable when cstor is stable - # dependsOn: - # - name: cstor - # namespace: openebs values: controllers: home-assistant: diff --git a/kubernetes/namespaces/base/home-system/home-assistant/app/pvc.yaml b/kubernetes/namespaces/base/home-system/home-assistant/app/pvc.yaml index 6686c96959..b6c43257ec 100644 --- a/kubernetes/namespaces/base/home-system/home-assistant/app/pvc.yaml +++ b/kubernetes/namespaces/base/home-system/home-assistant/app/pvc.yaml @@ -9,4 +9,5 @@ spec: resources: requests: storage: 2Gi - storageClassName: cstor-replica-raspberry-pi-pool + # TODO: Use the new storage class + # storageClassName: cstor-replica-raspberry-pi-pool diff --git a/kubernetes/namespaces/base/home-system/home-assistant/ks.yaml b/kubernetes/namespaces/base/home-system/home-assistant/ks.yaml index bffed331f8..5134f1b663 100644 --- a/kubernetes/namespaces/base/home-system/home-assistant/ks.yaml +++ b/kubernetes/namespaces/base/home-system/home-assistant/ks.yaml @@ -18,8 +18,5 @@ spec: kind: OCIRepository name: cluster dependsOn: - # TODO: Reenable when cstor is stable - # - name: cstor - # namespace: flux-system - name: istiod namespace: flux-system diff --git a/kubernetes/namespaces/base/home-system/jellyfin/ks.yaml b/kubernetes/namespaces/base/home-system/jellyfin/ks.yaml index cb640e291d..c458f5a4f5 100644 --- a/kubernetes/namespaces/base/home-system/jellyfin/ks.yaml +++ b/kubernetes/namespaces/base/home-system/jellyfin/ks.yaml @@ -18,7 +18,5 @@ spec: kind: OCIRepository name: cluster dependsOn: - - name: cstor - namespace: flux-system - name: istiod namespace: flux-system diff --git a/kubernetes/namespaces/base/home-system/zigbee2mqtt/app/pvc.yaml b/kubernetes/namespaces/base/home-system/zigbee2mqtt/app/pvc.yaml index b7fa2d2de5..3a8cc3cfb7 100644 --- a/kubernetes/namespaces/base/home-system/zigbee2mqtt/app/pvc.yaml +++ b/kubernetes/namespaces/base/home-system/zigbee2mqtt/app/pvc.yaml @@ -9,4 +9,5 @@ spec: resources: requests: storage: 1Gi - storageClassName: cstor-replica-raspberry-pi-pool + # TODO: Use the new storage class + # storageClassName: cstor-replica-raspberry-pi-pool diff --git a/kubernetes/namespaces/base/observability/kube-prometheus-stack/app/helmrelease.yaml b/kubernetes/namespaces/base/observability/kube-prometheus-stack/app/helmrelease.yaml index 36cb5dfcc4..1132408660 100644 --- a/kubernetes/namespaces/base/observability/kube-prometheus-stack/app/helmrelease.yaml +++ b/kubernetes/namespaces/base/observability/kube-prometheus-stack/app/helmrelease.yaml @@ -48,8 +48,8 @@ spec: mode: enabled maxHistory: 3 dependsOn: - - name: thanos - namespace: observability + # - name: thanos + # namespace: observability - name: grafana namespace: observability timeout: 30m @@ -73,10 +73,10 @@ spec: limits: memory: 50Mi prometheus: - thanosService: - enabled: true - thanosServiceMonitor: - enabled: true + # thanosService: + # enabled: true + # thanosServiceMonitor: + # enabled: true ## Settings affecting prometheusSpec ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/api.md#prometheusspec prometheusSpec: @@ -103,18 +103,18 @@ spec: cpu: 1000m limits: memory: 6294M - # Thanos chart will generate the secret: thanos - thanos: - objectStorageConfig: - name: thanos-objstore-secret - key: objstore.yml - # Resources allocated based on Robusta KRR output - resources: - requests: - memory: 128Mi - cpu: 10m - limits: - memory: 160Mi + # # Thanos chart will generate the secret: thanos + # thanos: + # objectStorageConfig: + # name: thanos-objstore-secret + # key: objstore.yml + # # Resources allocated based on Robusta KRR output + # resources: + # requests: + # memory: 128Mi + # cpu: 10m + # limits: + # memory: 160Mi ruleSelectorNilUsesHelmValues: false serviceMonitorSelectorNilUsesHelmValues: false podMonitorSelectorNilUsesHelmValues: false diff --git a/kubernetes/namespaces/base/observability/loki/app/helmrelease.yaml b/kubernetes/namespaces/base/observability/loki/app/helmrelease.yaml index e47ceec339..a163039333 100644 --- a/kubernetes/namespaces/base/observability/loki/app/helmrelease.yaml +++ b/kubernetes/namespaces/base/observability/loki/app/helmrelease.yaml @@ -79,16 +79,16 @@ spec: enabled: false read: replicas: 1 - persistence: - storageClass: cstor-replica-raspberry-pi-pool + # persistence: + # storageClass: cstor-replica-raspberry-pi-pool write: replicas: 1 - persistence: - storageClass: cstor-replica-raspberry-pi-pool + # persistence: + # storageClass: cstor-replica-raspberry-pi-pool backend: replicas: 1 - persistence: - storageClass: cstor-replica-raspberry-pi-pool + # persistence: + # storageClass: cstor-replica-raspberry-pi-pool monitoring: dashboards: annotations: diff --git a/kubernetes/namespaces/base/openebs/cstor/app/cstor-pool.yaml b/kubernetes/namespaces/base/openebs/cstor/app/cstor-pool.yaml deleted file mode 100644 index beac817ad4..0000000000 --- a/kubernetes/namespaces/base/openebs/cstor/app/cstor-pool.yaml +++ /dev/null @@ -1,120 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.raspbernetes.com/cstor.openebs.io/cstorpoolcluster_v1.json -apiVersion: cstor.openebs.io/v1 -kind: CStorPoolCluster -metadata: - name: raspberry-pi-pool - namespace: openebs -spec: - pools: - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-4c334b831bed63235040ca0574cffb61 - nodeSelector: - # Node: 192.168.50.121 - kubernetes.io/hostname: talos-68d-4xw - poolConfig: - dataRaidGroupType: stripe - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-4352666a832edd9877b097126abc889e - nodeSelector: - # Node: 192.168.50.122 - kubernetes.io/hostname: talos-7bc-nqq - poolConfig: - dataRaidGroupType: stripe - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-36cc66a50bada9a929353f63cd7fd12d - nodeSelector: - # Node: 192.168.50.123 - kubernetes.io/hostname: talos-0fh-2l7 - poolConfig: - dataRaidGroupType: stripe - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-5b98fdfc56090fa66247617ef4617c8b - nodeSelector: - # Node: 192.168.50.124 - kubernetes.io/hostname: talos-kij-6zp - poolConfig: - dataRaidGroupType: stripe ---- -# yaml-language-server: $schema=https://kubernetes-schemas.raspbernetes.com/cstor.openebs.io/cstorpoolcluster_v1.json -apiVersion: cstor.openebs.io/v1 -kind: CStorPoolCluster -metadata: - name: protectli-pool - namespace: openebs -spec: - pools: - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-d927170f4a23e068303412511ac35261 - nodeSelector: - # Node: 192.168.50.114 - kubernetes.io/hostname: talos-5s9-qvx - poolConfig: - dataRaidGroupType: stripe - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-aaa22940b01ac7dc7d13188123c9f10e - nodeSelector: - # Node: 192.168.50.115 - kubernetes.io/hostname: talos-84m-ipl - poolConfig: - dataRaidGroupType: stripe - - dataRaidGroups: - - blockDevices: - - blockDeviceName: sparse-cfe8df7ce0f9e8ebfff1f11604951bd4 - nodeSelector: - # Node: 192.168.50.116 - kubernetes.io/hostname: talos-t0i-0gi - poolConfig: - dataRaidGroupType: stripe ---- -# Note: Disabled as I've removed the Talos extension for iscsi ---- -# apiVersion: cstor.openebs.io/v1 -# kind: CStorPoolCluster -# metadata: -# name: protectli-controlplane-pool -# namespace: openebs -# spec: -# pools: -# - dataRaidGroups: -# - blockDevices: -# - blockDeviceName: sparse-3ca714cbe9fb31a4fb95c7839b949f02 -# nodeSelector: -# # Node: 192.168.50.111 -# kubernetes.io/hostname: talos-l8f-coe -# poolConfig: -# dataRaidGroupType: stripe -# tolerations: -# - effect: NoSchedule -# key: node-role.kubernetes.io/control-plane -# operator: Exists -# - dataRaidGroups: -# - blockDevices: -# - blockDeviceName: sparse-2f6d4da6960a137e091ee47d6cbb1b68 -# nodeSelector: -# # Node: 192.168.50.112 -# kubernetes.io/hostname: talos-glk-v19 -# poolConfig: -# dataRaidGroupType: stripe -# tolerations: -# - effect: NoSchedule -# key: node-role.kubernetes.io/control-plane -# operator: Exists -# - dataRaidGroups: -# - blockDevices: -# - blockDeviceName: sparse-46edad1fa40ff6b5e88981afede8a270 -# nodeSelector: -# # Node: 192.168.50.113 -# kubernetes.io/hostname: talos-00j-q6t -# poolConfig: -# dataRaidGroupType: stripe -# tolerations: -# - effect: NoSchedule -# key: node-role.kubernetes.io/control-plane -# operator: Exists diff --git a/kubernetes/namespaces/base/openebs/cstor/app/helmrelease.yaml b/kubernetes/namespaces/base/openebs/cstor/app/helmrelease.yaml deleted file mode 100644 index f0c97f3063..0000000000 --- a/kubernetes/namespaces/base/openebs/cstor/app/helmrelease.yaml +++ /dev/null @@ -1,78 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: cstor - namespace: openebs -spec: - interval: 5m - chart: - spec: - chart: cstor - version: 3.6.0 - sourceRef: - kind: HelmRepository - name: cstor-chart - namespace: flux-system - interval: 10m - install: - timeout: 30m - replace: true - crds: CreateReplace - createNamespace: true - remediation: - retries: 3 - upgrade: - remediation: - remediateLastFailure: true - retries: 3 - strategy: rollback - cleanupOnFail: true - crds: CreateReplace - test: - enable: true - rollback: - recreate: true - force: true - cleanupOnFail: true - uninstall: - keepHistory: false - driftDetection: - mode: enabled - maxHistory: 3 - values: - # Required when using the same device that hosts the OS FS partition - openebs-ndm: - ndm: - sparse: - count: '1' - nodeSelector: - openebs.io/storage: "true" - featureGates: - APIService: - # Required to allow HostPID - # Ref: https://github.com/openebs/node-disk-manager/blob/da2a5b9eb773047a20c131a8802499299ea3135f/deploy/helm/charts/templates/daemonset.yaml#L31 - enabled: true - postRenderers: - - kustomize: - patchesJson6902: - - target: - version: v1 - kind: DaemonSet - name: cstor-csi-node - patch: - - op: add - path: /spec/template/spec/hostPID - value: true - - target: - kind: ConfigMap - name: openebs-cstor-csi-iscsiadm - patch: - - op: replace - path: /data/iscsiadm - value: | - #!/bin/sh - iscsid_pid=$(pgrep iscsid) - - nsenter --mount="/proc/${iscsid_pid}/ns/mnt" --net="/proc/${iscsid_pid}/ns/net" -- /usr/local/sbin/iscsiadm "$@" diff --git a/kubernetes/namespaces/base/openebs/cstor/app/kustomization.yaml b/kubernetes/namespaces/base/openebs/cstor/app/kustomization.yaml deleted file mode 100644 index 4682617e97..0000000000 --- a/kubernetes/namespaces/base/openebs/cstor/app/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - helmrelease.yaml - - storageclass.yaml diff --git a/kubernetes/namespaces/base/openebs/cstor/app/storageclass.yaml b/kubernetes/namespaces/base/openebs/cstor/app/storageclass.yaml deleted file mode 100644 index 91a68507be..0000000000 --- a/kubernetes/namespaces/base/openebs/cstor/app/storageclass.yaml +++ /dev/null @@ -1,41 +0,0 @@ ---- -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: cstor-replica-raspberry-pi-pool - annotations: - storageclass.kubernetes.io/is-default-class: 'true' -provisioner: cstor.csi.openebs.io -allowVolumeExpansion: true -parameters: - cas-type: cstor - cstorPoolCluster: raspberry-pi-pool - replicaCount: '3' ---- -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: cstor-replica-protectli-pool - annotations: - storageclass.kubernetes.io/is-default-class: 'false' -provisioner: cstor.csi.openebs.io -allowVolumeExpansion: true -parameters: - cas-type: cstor - cstorPoolCluster: protectli-pool - replicaCount: '3' ---- -# Note: Disabled as I've removed the Talos extension for iscsi ---- -# kind: StorageClass -# apiVersion: storage.k8s.io/v1 -# metadata: -# name: cstor-replica-protectli-controlplane-pool -# annotations: -# storageclass.kubernetes.io/is-default-class: 'true' -# provisioner: cstor.csi.openebs.io -# allowVolumeExpansion: true -# parameters: -# cas-type: cstor -# cstorPoolCluster: protectli-controlplane-pool -# replicaCount: '3' diff --git a/kubernetes/namespaces/base/openebs/cstor/ks.yaml b/kubernetes/namespaces/base/openebs/cstor/ks.yaml deleted file mode 100644 index 141750100a..0000000000 --- a/kubernetes/namespaces/base/openebs/cstor/ks.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: cstor - namespace: flux-system -spec: - interval: 30m - retryInterval: 1m - timeout: 10m - path: "./namespaces/base/openebs/cstor/app" - prune: false - wait: true - sourceRef: - kind: OCIRepository - name: cluster diff --git a/kubernetes/namespaces/base/openebs/jiva/app/helmrelease.yaml b/kubernetes/namespaces/base/openebs/jiva/app/helmrelease.yaml deleted file mode 100644 index f649090106..0000000000 --- a/kubernetes/namespaces/base/openebs/jiva/app/helmrelease.yaml +++ /dev/null @@ -1,79 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: jiva - namespace: openebs -spec: - interval: 5m - chart: - spec: - chart: jiva - version: 3.6.0 - sourceRef: - kind: HelmRepository - name: openebs-jiva-chart - namespace: flux-system - interval: 10m - install: - timeout: 10m - replace: true - crds: CreateReplace - createNamespace: true - remediation: - retries: 3 - upgrade: - remediation: - remediateLastFailure: true - retries: 3 - strategy: rollback - cleanupOnFail: true - crds: CreateReplace - test: - enable: true - rollback: - recreate: true - force: true - cleanupOnFail: true - uninstall: - keepHistory: false - driftDetection: - mode: enabled - maxHistory: 3 - values: - localpv-provisioner: - # Note: Nodes have been manually set with this custom label, EG. "kubectl label nodes openebs.io/storage=true" - deviceClass: - nodeAffinityLabels: - - "openebs.io/storage" - hostpathClass: - nodeAffinityLabels: - - "openebs.io/storage" - # TODO: This is only temporarily set to 1 - defaultPolicy: - replicas: 1 - # Required: Must enable hostPID for JIVA to work on Talos - # https://www.talos.dev/v1.2/kubernetes-guides/configuration/replicated-local-storage-with-openebs-jiva/ - postRenderers: - - kustomize: - patchesJson6902: - - target: - version: v1 - kind: DaemonSet - name: jiva-csi-node - patch: - - op: add - path: /spec/template/spec/hostPID - value: true - - target: - kind: ConfigMap - name: openebs-jiva-csi-iscsiadm - patch: - - op: replace - path: /data/iscsiadm - value: | - #!/bin/sh - iscsid_pid=$(pgrep iscsid) - - nsenter --mount="/proc/${iscsid_pid}/ns/mnt" --net="/proc/${iscsid_pid}/ns/net" -- /usr/local/sbin/iscsiadm "$@" diff --git a/kubernetes/namespaces/base/openebs/jiva/app/kustomization.yaml b/kubernetes/namespaces/base/openebs/jiva/app/kustomization.yaml deleted file mode 100644 index 1889392e19..0000000000 --- a/kubernetes/namespaces/base/openebs/jiva/app/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - helmrelease.yaml diff --git a/kubernetes/namespaces/base/openebs/jiva/ks.yaml b/kubernetes/namespaces/base/openebs/jiva/ks.yaml deleted file mode 100644 index 0a6c55a2da..0000000000 --- a/kubernetes/namespaces/base/openebs/jiva/ks.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: jiva - namespace: flux-system -spec: - interval: 30m - retryInterval: 1m - timeout: 10m - path: "./namespaces/base/openebs/jiva/app" - prune: false - wait: true - sourceRef: - kind: OCIRepository - name: cluster diff --git a/kubernetes/namespaces/base/security-system/crowdsec/app/helmrelease.yaml b/kubernetes/namespaces/base/security-system/crowdsec/app/helmrelease.yaml index 13dc3a57a1..ca1bbf8901 100644 --- a/kubernetes/namespaces/base/security-system/crowdsec/app/helmrelease.yaml +++ b/kubernetes/namespaces/base/security-system/crowdsec/app/helmrelease.yaml @@ -65,13 +65,13 @@ spec: enabled: false accessModes: - ReadWriteOnce - storageClassName: "cstor-replica-raspberry-pi-pool" + # storageClassName: "cstor-replica-raspberry-pi-pool" size: 1Gi config: enabled: true accessModes: - ReadWriteOnce - storageClassName: "cstor-replica-raspberry-pi-pool" + # storageClassName: "cstor-replica-raspberry-pi-pool" size: 100Mi agent: acquisition: diff --git a/kubernetes/namespaces/base/velero/velero/app/helmrelease.yaml b/kubernetes/namespaces/base/velero/velero/app/helmrelease.yaml index 749cc7d8d9..75e097edd0 100644 --- a/kubernetes/namespaces/base/velero/velero/app/helmrelease.yaml +++ b/kubernetes/namespaces/base/velero/velero/app/helmrelease.yaml @@ -82,16 +82,6 @@ spec: - name: default provider: gcp bucket: raspbernetes-velero-backups - # Parameters for the `default` VolumeSnapshotLocation. See - # https://velero.io/docs/v1.5/api-types/volumesnapshotlocation/ - volumeSnapshotLocation: - - name: default - provider: openebs.io/cstor-blockstore - config: - bucket: raspbernetes-openebs-backups - prefix: cstor - namespace: openebs - provider: gcp # Backup schedules to create. schedules: daily-backup: diff --git a/kubernetes/namespaces/overlays/cluster-0/kustomization.yaml b/kubernetes/namespaces/overlays/cluster-0/kustomization.yaml index 62d0f1c5d1..74e0108803 100644 --- a/kubernetes/namespaces/overlays/cluster-0/kustomization.yaml +++ b/kubernetes/namespaces/overlays/cluster-0/kustomization.yaml @@ -75,16 +75,14 @@ resources: # - ../../base/observability/jaeger/ks.yaml # - ../../base/observability/kiali/ks.yaml - ../../base/observability/kromgo/ks.yaml - # - ../../base/observability/kube-prometheus-stack/ks.yaml + - ../../base/observability/kube-prometheus-stack/ks.yaml # Deprecated: loki-stack # - ../../base/observability/loki-stack/ks.yaml # - ../../base/observability/loki/ks.yaml # - ../../base/observability/otel/ks.yaml - ../../base/observability/thanos/ks.yaml # - ../../base/observability/vpa/ks.yaml - # - ../../base/openebs/cstor/ks.yaml # - ../../base/openebs/mayastor/ks.yaml - # - ../../base/openebs/jiva/ks.yaml # - ../../base/openfaas/openfaas/ks.yaml # - ../../base/rook-ceph/rook-ceph-operator/ks.yaml # - ../../base/security-system/kyverno/ks.yaml