Restructured infra
All checks were successful
kustomization/cert-manager/3a682516 reconciliation succeeded
kustomization/akri/3a682516 reconciliation succeeded
kustomization/kyverno/3a682516 reconciliation succeeded
kustomization/node-feature-discovery/3a682516 reconciliation succeeded
kustomization/node-feature-discovery-rules/3a682516 reconciliation succeeded
kustomization/velero/3a682516 reconciliation succeeded
kustomization/flux-system/3a682516 reconciliation succeeded
kustomization/letsencrypt/3a682516 reconciliation succeeded
kustomization/topolvm/3a682516 reconciliation succeeded
kustomization/kyverno-policies/3a682516 reconciliation succeeded
kustomization/kube-vip/3a682516 reconciliation succeeded
kustomization/traefik/3a682516 reconciliation succeeded
kustomization/cnpg/3a682516 reconciliation succeeded
kustomization/traefik-middleware/3a682516 reconciliation succeeded
kustomization/lldap/3a682516 reconciliation succeeded
kustomization/authelia/3a682516 reconciliation succeeded
kustomization/apps/3a682516 reconciliation succeeded
kustomization/rook-ceph/3a682516 reconciliation succeeded
kustomization/rook-ceph-cluster/3a682516 reconciliation succeeded
All checks were successful
kustomization/cert-manager/3a682516 reconciliation succeeded
kustomization/akri/3a682516 reconciliation succeeded
kustomization/kyverno/3a682516 reconciliation succeeded
kustomization/node-feature-discovery/3a682516 reconciliation succeeded
kustomization/node-feature-discovery-rules/3a682516 reconciliation succeeded
kustomization/velero/3a682516 reconciliation succeeded
kustomization/flux-system/3a682516 reconciliation succeeded
kustomization/letsencrypt/3a682516 reconciliation succeeded
kustomization/topolvm/3a682516 reconciliation succeeded
kustomization/kyverno-policies/3a682516 reconciliation succeeded
kustomization/kube-vip/3a682516 reconciliation succeeded
kustomization/traefik/3a682516 reconciliation succeeded
kustomization/cnpg/3a682516 reconciliation succeeded
kustomization/traefik-middleware/3a682516 reconciliation succeeded
kustomization/lldap/3a682516 reconciliation succeeded
kustomization/authelia/3a682516 reconciliation succeeded
kustomization/apps/3a682516 reconciliation succeeded
kustomization/rook-ceph/3a682516 reconciliation succeeded
kustomization/rook-ceph-cluster/3a682516 reconciliation succeeded
This commit is contained in:
@@ -0,0 +1,8 @@
|
||||
apiVersion: authelia.huizinga.dev/v1
|
||||
kind: AccessControlRule
|
||||
metadata:
|
||||
name: ceph
|
||||
spec:
|
||||
domain: ceph.${domain}
|
||||
policy: one_factor
|
||||
subject: "group:lldap_admin"
|
||||
18
infra/rook-ceph/rook-ceph-cluster/helm-release.yaml
Normal file
18
infra/rook-ceph/rook-ceph-cluster/helm-release.yaml
Normal file
@@ -0,0 +1,18 @@
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: rook-ceph-cluster
|
||||
spec:
|
||||
chart:
|
||||
spec:
|
||||
chart: rook-ceph-cluster
|
||||
reconcileStrategy: ChartVersion
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: rook-release
|
||||
version: 1.16.3
|
||||
interval: 15m
|
||||
timeout: 5m
|
||||
valuesFrom:
|
||||
- kind: ConfigMap
|
||||
name: rook-cepth-cluster-values
|
||||
14
infra/rook-ceph/rook-ceph-cluster/kustomization.yaml
Normal file
14
infra/rook-ceph/rook-ceph-cluster/kustomization.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: rook-ceph
|
||||
resources:
|
||||
- ./helm-release.yaml
|
||||
- ./access-control-rule.yaml
|
||||
|
||||
configurations:
|
||||
- ../../../common/name-reference/helm-release.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: rook-cepth-cluster-values
|
||||
files:
|
||||
- ./values.yaml
|
||||
48
infra/rook-ceph/rook-ceph-cluster/values.yaml
Normal file
48
infra/rook-ceph/rook-ceph-cluster/values.yaml
Normal file
@@ -0,0 +1,48 @@
|
||||
toolbox:
|
||||
enabled: true
|
||||
# TODO: Not sure we really need this is we have prometheus + grafana set up
|
||||
ingress:
|
||||
dashboard:
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entryPoints: "websecure"
|
||||
traefik.ingress.kubernetes.io/router.middlewares: "authelia-forwardauth-authelia@kubernetescrd"
|
||||
traefik.ingress.kubernetes.io/router.tls: "true"
|
||||
host:
|
||||
name: ceph.${domain}
|
||||
tls:
|
||||
- hosts:
|
||||
- ceph.${domain}
|
||||
secretName: ${domain//./-}-tls
|
||||
# Uncomment once prometheus stack has been added
|
||||
# monitoring:
|
||||
# enabled: true
|
||||
# createPrometheusRules: true
|
||||
cephBlockPoolsVolumeSnapshotClass:
|
||||
enabled: true
|
||||
cephFileSystemVolumeSnapshotClass:
|
||||
enabled: true
|
||||
cephClusterSpec:
|
||||
dashboard:
|
||||
ssl: false
|
||||
storage:
|
||||
useAllDevices: false
|
||||
deviceFilter: "^nvme."
|
||||
resources:
|
||||
mgr:
|
||||
limits:
|
||||
memory: "1Gi"
|
||||
requests:
|
||||
cpu: "50m"
|
||||
memory: "512Mi"
|
||||
mon:
|
||||
limits:
|
||||
memory: "2Gi"
|
||||
requests:
|
||||
cpu: "100m"
|
||||
memory: "1Gi"
|
||||
osd:
|
||||
limits:
|
||||
memory: "2Gi"
|
||||
requests:
|
||||
cpu: "100m"
|
||||
memory: "1Gi"
|
||||
Reference in New Issue
Block a user