feat: Switch to longhorn

clusters/testing/kustomization.yaml

@@ -6,7 +6,7 @@ resources:
   - ../../controllers/cilium/cilium.yaml
   - ../../controllers/cert-manager/cert-manager.yaml
   - ../../controllers/spegel/spegel.yaml
-  - ../../controllers/openebs/openebs.yaml
+  - ../../controllers/longhorn/longhorn.yaml
   - ../../configs/artifacts.yaml
   - ../../configs/letsencrypt/letsencrypt.yaml
   - ../../configs/certificates/certificates.yaml

controllers/artifacts.yaml

@@ -29,3 +29,8 @@ spec:
       copy:
         - from: "@foundation/controllers/openebs/**"
           to: "@artifact/"
+    - name: longhorn
+      originRevision: "@foundation"
+      copy:
+        - from: "@foundation/controllers/longhorn/**"
+          to: "@artifact/"

controllers/longhorn/helm-release.yaml

@@ -0,0 +1,38 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: longhorn
+  namespace: longhorn-system
+spec:
+  interval: 12h
+  install:
+    strategy:
+      name: RetryOnFailure
+      retryInterval: 2m
+  upgrade:
+    strategy:
+      name: RetryOnFailure
+      retryInterval: 3m
+  chart:
+    spec:
+      chart: longhorn
+      # TODO: Is it safe to upgrade automatically to 1.x?
+      version: "1.10.x"
+      sourceRef:
+        kind: HelmRepository
+        name: longhorn
+      interval: 24h
+  values:
+    # TODO: These settings are specific to testing
+    defaultSettings:
+      defaultReplicaCount: 1
+      defaultDataPath: /var/mnt/longhorn
+      replicaAutoBalance: best-effort
+      defaultDataLocality: best-effort
+      freezeFilesystemForSnapshot: true
+      storageReservedPercentageForDefaultDisk: 0
+      storageMinimalAvailablePercentage: 10
+      storageOverProvisioningPercentage: 25
+    persistence:
+      defaultClassReplicaCount: 1
+      defaultDataLocality: best-effort

controllers/longhorn/helm-repository.yaml

@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: longhorn
+  namespace: longhorn-system
+spec:
+  interval: 24h
+  url: https://charts.longhorn.io

controllers/longhorn/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - helm-repository.yaml
+  - helm-release.yaml

controllers/longhorn/longhorn.yaml

@@ -0,0 +1,15 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: longhorn
+  namespace: flux-system
+spec:
+  interval: 1h
+  retryInterval: 2m
+  timeout: 5m
+  sourceRef:
+    kind: ExternalArtifact
+    name: longhorn
+  path: ./
+  prune: true
+  wait: true

controllers/longhorn/namespace.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: longhorn-system
+  labels:
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/warn: privileged
+    pod-security.kubernetes.io/audit: privileged