diff --git a/cluster/core/storage/kustomization.yaml b/cluster/core/storage/kustomization.yaml index b19655b..48c8f6a 100644 --- a/cluster/core/storage/kustomization.yaml +++ b/cluster/core/storage/kustomization.yaml @@ -1,5 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] -#- ./longhorn +resources: +- ./longhorn #- ./local-path-provisioner \ No newline at end of file diff --git a/cluster/core/storage/longhorn/helm-release.yaml b/cluster/core/storage/longhorn/helm-release.yaml new file mode 100644 index 0000000..b4b5249 --- /dev/null +++ b/cluster/core/storage/longhorn/helm-release.yaml @@ -0,0 +1,32 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: longhorn + namespace: longhorn-system +spec: + interval: 5m + chart: + spec: + chart: longhorn + version: "1.5.1" + sourceRef: + kind: HelmRepository + name: longhorn-charts + namespace: flux-system + + values: + longhornUI: + replicas: 1 + + ingress: + enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-production + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd + host: lnghrn.${SECRET_NEW_DOMAIN} + tls: true + tlsSecret: wildcard-main-tls + + persistence: + defaultClassReplicaCount: 1 # TODO: When the cluster expands, expand the replica count \ No newline at end of file diff --git a/cluster/core/storage/longhorn/helm-repository.yaml b/cluster/core/storage/longhorn/helm-repository.yaml new file mode 100644 index 0000000..768a23f --- /dev/null +++ b/cluster/core/storage/longhorn/helm-repository.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: longhorn-charts + namespace: flux-system +spec: + interval: 1m + url: https://charts.longhorn.io diff --git a/cluster/core/storage/longhorn/helm.yaml b/cluster/core/storage/longhorn/helm.yaml deleted file mode 100644 index 21c1f9c..0000000 --- a/cluster/core/storage/longhorn/helm.yaml +++ /dev/null @@ -1,178 +0,0 @@ -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: longhorn-charts - namespace: flux-system -spec: - interval: 1m - url: https://charts.longhorn.io ---- -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: kyverno-charts - namespace: flux-system -spec: - interval: 1m - url: https://kyverno.github.io/kyverno ---- -apiVersion: source.toolkit.fluxcd.io/v1beta2 -kind: HelmRepository -metadata: - name: raw-charts - namespace: flux-system -spec: - interval: 1m - url: https://buttahtoast.github.io/helm-charts/ ---- -# ================= Release for longhorn ================= -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: longhorn - namespace: longhorn-system -spec: - interval: 5m - chart: - spec: - chart: longhorn - version: '1.4.x' - sourceRef: - kind: HelmRepository - name: longhorn-charts - namespace: flux-system - interval: 1m ---- -# ================= Release for kyverno ================= -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: kyverno - namespace: longhorn-system -spec: - interval: 5m - chart: - spec: - chart: kyverno - version: '2.6.x' - sourceRef: - kind: HelmRepository - name: kyverno-charts - namespace: flux-system - interval: 1m ---- -# ================= Release for incubator/raw ================= -#apiVersion: helm.toolkit.fluxcd.io/v2beta1 -#kind: HelmRelease -#metadata: -# name: raw -# namespace: longhorn-system -#spec: -# interval: 5m -# dependsOn: -# - name: kyverno -# namespace: longhorn-system -# chart: -# spec: -# chart: raw -# version: '2.0.0' -# sourceRef: -# kind: HelmRepository -# name: raw-charts -# namespace: flux-system -# interval: 1m -# values: -# resources: -# - apiVersion: v1 -# kind: ConfigMap -# metadata: -# name: longhorn-custom-path -# namespace: longhorn-system -# data: -# PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin -# - apiVersion: kyverno.io/v1 -# kind: ClusterPolicy -# metadata: -# name: add-host-path-to-longhorn -# annotations: -# policies.kyverno.io/title: Add Environment Variables from ConfigMap -# policies.kyverno.io/subject: Pod -# policies.kyverno.io/category: Other -# policies.kyverno.io/description: >- -# Longhorn invokes executables on the host system, and needs -# to be aware of the host systems PATH. This modifies all -# deployments such that the PATH is explicitly set to support -# NixOS based systems. -# spec: -# rules: -# - name: add-env-vars -# match: -# resources: -# kinds: -# - Pod -# namespaces: -# - longhorn-system -# mutate: -# patchStrategicMerge: -# spec: -# initContainers: -# - (name): "*" -# envFrom: -# - configMapRef: -# name: longhorn-custom-path -# containers: -# - (name): "*" -# envFrom: -# - configMapRef: -# name: longhorn-custom-path - - - - - - - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: longhorn-custom-path - namespace: longhorn-system -data: - PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin ---- -apiVersion: kyverno.io/v1 -kind: ClusterPolicy -metadata: - name: add-host-path-to-longhorn - annotations: - policies.kyverno.io/title: Add Environment Variables from ConfigMap - policies.kyverno.io/subject: Pod - policies.kyverno.io/category: Other - policies.kyverno.io/description: >- - Longhorn invokes executables on the host system, and needs - to be aware of the host systems PATH. This modifies all - deployments such that the PATH is explicitly set to support - NixOS based systems. -spec: - rules: - - name: add-env-vars - match: - resources: - kinds: - - Pod - namespaces: - - longhorn-system - mutate: - patchStrategicMerge: - spec: - initContainers: - - (name): "*" - envFrom: - - configMapRef: - name: longhorn-custom-path - containers: - - (name): "*" - envFrom: - - configMapRef: - name: longhorn-custom-path \ No newline at end of file diff --git a/cluster/core/storage/longhorn/ingress.yaml b/cluster/core/storage/longhorn/ingress.yaml deleted file mode 100644 index c4b7075..0000000 --- a/cluster/core/storage/longhorn/ingress.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: longhorn-ingress - namespace: longhorn-system - annotations: - cert-manager.io/cluster-issuer: letsencrypt-production - traefik.ingress.kubernetes.io/router.entrypoints: websecure -spec: - rules: - - host: "longhorn.${SECRET_DOMAIN}" - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: longhorn - port: - number: 80 \ No newline at end of file diff --git a/cluster/core/storage/longhorn/kustomization.yaml b/cluster/core/storage/longhorn/kustomization.yaml index b104392..9e20722 100644 --- a/cluster/core/storage/longhorn/kustomization.yaml +++ b/cluster/core/storage/longhorn/kustomization.yaml @@ -2,5 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./namespace.yaml -- ./helm.yaml -- ./ingress.yaml \ No newline at end of file +- ./helm-repository.yaml +- ./helm-release.yaml \ No newline at end of file diff --git a/cluster/core/storage/longhorn/namespace.yaml b/cluster/core/storage/longhorn/namespace.yaml index 2bb0005..be5f617 100644 --- a/cluster/core/storage/longhorn/namespace.yaml +++ b/cluster/core/storage/longhorn/namespace.yaml @@ -1,4 +1,6 @@ apiVersion: v1 kind: Namespace metadata: - name: longhorn-system \ No newline at end of file + name: longhorn-system + labels: + name: longhorn-system \ No newline at end of file