shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-10-03 01:00:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: kasten k10

Browse Source
This commit is contained in:
auricom
2022-01-23 00:11:25 +01:00
parent 91dcb23d6f
commit daba51fbc0
12 changed files with 150 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
cluster/apps/kasten-io/k10/backup-pvc.yaml Normal file
View File

@@ -0,0 +1,28 @@
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: k10-backup-v1
spec:
storageClassName: k10-backup-nfs
capacity:
storage: 1Mi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
nfs:
server: "truenas.${SECRET_CLUSTER_DOMAIN_ROOT}"
path: /mnt/storage/backups/kubernetes
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: k10-backup-v1
namespace: kasten-io
spec:
accessModes:
- ReadWriteMany
storageClassName: k10-backup-nfs
resources:
requests:
storage: 1Mi

42
cluster/apps/kasten-io/k10/helm-release.yaml Normal file
View File

@@ -0,0 +1,42 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: k10
namespace: kasten-io
spec:
releaseName: k10
interval: 5m
chart:
spec:
chart: k10
version: 4.5.7
sourceRef:
kind: HelmRepository
name: kasten-charts
namespace: flux-system
interval: 5m
values:
eula:
accept: true
company: auricom
email: auricom@users.noreply.github.com
global:
persistence:
storageClass: rook-ceph-block
auth:
tokenAuth:
enabled: true
clusterName: k8s
ingress:
create: true
class: nginx
host: &host "k10.${SECRET_CLUSTER_DOMAIN}"
urlPath: k10
hosts:
- *host
tls:
enabled: true
secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
grafana:
enabled: false

7
cluster/apps/kasten-io/k10/kustomization.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- helm-release.yaml
- backup-pvc.yaml
- monitoring

6
cluster/apps/kasten-io/k10/monitoring/kustomization.yaml Normal file
View File

@@ -0,0 +1,6 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- prometheus-rule.yaml
- service-monitor.yaml

20
cluster/apps/kasten-io/k10/monitoring/prometheus-rule.yaml Normal file
View File

@@ -0,0 +1,20 @@
---
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
labels:
prometheus: k8s
role: alert-rules
name: kasten-io
namespace: kasten-io
spec:
groups:
- name: kasten.rules
rules:
- alert: JobsFailing
annotations:
summary: More than 1 failed K10 jobs occurred for the {{ $labels.policy }} policy in the last 10 minutes
expr: increase(catalog_actions_count{status="failed"}[10m]) > 0
for: 1m
labels:
severity: critical

23
cluster/apps/kasten-io/k10/monitoring/service-monitor.yaml Normal file
View File

@@ -0,0 +1,23 @@
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: k10
namespace: kasten-io
spec:
namespaceSelector:
matchNames:
- kasten-io
selector:
matchLabels:
app: prometheus
endpoints:
- port: http
scheme: http
path: /k10/prometheus/federate
honorLabels: true
interval: 15s
params:
"match[]":
- '{__name__=~"jobs.*"}'
- '{__name__=~"catalog.*"}'

6
cluster/apps/kasten-io/kustomization.yaml Normal file
View File

@@ -0,0 +1,6 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- k10

5
cluster/apps/kasten-io/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: kasten-io

1
cluster/apps/kustomization.yaml
View File

@@ -4,6 +4,7 @@ resources:
- data - data
- development - development
- home-automation - home-automation
- kasten-io
- media - media
- monitoring - monitoring
- networking - networking

2
cluster/apps/secret-reflector/secret-reflector.yaml
View File

@@ -27,7 +27,7 @@ spec:
# source namespace to reflect secret from # source namespace to reflect secret from
namespace_source="networking" namespace_source="networking"
# space delimited namespace where to reflect the secrets to # space delimited namespace where to reflect the secrets to
namespace_destination="data development home-automation media monitoring rook-ceph" namespace_destination="data development home-automation media monitoring rook-ceph kasten-io"
for secret in $secrets; do for secret in $secrets; do
secret_source_content=$(kubectl get secret $secret -n $namespace_source -o json | jq 'del(.metadata.managedFields, .metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)') secret_source_content=$(kubectl get secret $secret -n $namespace_source -o json | jq 'del(.metadata.managedFields, .metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.annotations)')
secret_source_checksum=$(printf '%s' "$secret_source_content" | jq 'del(.metadata.namespace)' | md5sum | awk '{ print $1 }') secret_source_checksum=$(printf '%s' "$secret_source_content" | jq 'del(.metadata.namespace)' | md5sum | awk '{ print $1 }')

10
cluster/base-custom/charts/kasten-charts.yaml Normal file
View File

@@ -0,0 +1,10 @@
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
name: kasten-charts
namespace: flux-system
spec:
interval: 1h
url: https://charts.kasten.io/
timeout: 3m

1
cluster/base-custom/charts/kustomization.yaml
View File

@@ -18,6 +18,7 @@ resources:
- jetstack-charts.yaml - jetstack-charts.yaml
- k8s-at-home.yaml - k8s-at-home.yaml
- k8s-gateway-charts.yaml - k8s-gateway-charts.yaml
- kasten-charts.yaml
- kubernetes-sigs-descheduler-charts.yaml - kubernetes-sigs-descheduler-charts.yaml
- node-feature-discovery.yaml - node-feature-discovery.yaml
- prometheus-community-charts.yaml - prometheus-community-charts.yaml