diff --git a/kubernetes/apps/database/influx/app/helmrelease.yaml b/kubernetes/apps/database/influx/app/helmrelease.yaml new file mode 100644 index 000000000..ee5478a2e --- /dev/null +++ b/kubernetes/apps/database/influx/app/helmrelease.yaml @@ -0,0 +1,84 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: influx +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 2.5.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + values: + defaultPodOptions: + automountServiceAccountToken: false + controllers: + main: + annotations: + reloader.stakater.com/auto: "true" + containers: + main: + image: + repository: docker.io/library/influxdb + tag: 2.7-alpine + resources: + requests: + cpu: 100m + memory: 128M + limits: + memory: 384M + probes: + liveness: &health + enabled: true + custom: true + spec: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + httpGet: + path: /health + port: 8086 + readiness: *health + startup: + enabled: true + custom: true + spec: + initialDelaySeconds: 0 + timeoutSeconds: 1 + periodSeconds: 5 + failureThreshold: 30 + httpGet: + path: /health + port: 8086 + service: + main: + ports: + http: + enabled: false + influx: + enabled: true + port: 8086 + ingress: + main: + enabled: false + persistence: + config: + enabled: true + existingClaim: influx + globalMounts: + - path: /var/lib/influxdb2 diff --git a/kubernetes/apps/database/influx/app/kustomization.yaml b/kubernetes/apps/database/influx/app/kustomization.yaml new file mode 100644 index 000000000..adec24621 --- /dev/null +++ b/kubernetes/apps/database/influx/app/kustomization.yaml @@ -0,0 +1,7 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/SchemaStore/schemastore/master/src/schemas/json/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml + - ../../../../templates/volsync diff --git a/kubernetes/apps/database/influx/ks.yaml b/kubernetes/apps/database/influx/ks.yaml new file mode 100644 index 000000000..575776776 --- /dev/null +++ b/kubernetes/apps/database/influx/ks.yaml @@ -0,0 +1,28 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app influx + namespace: flux-system +spec: + targetNamespace: database + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/database/influx/app + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + dependsOn: + - name: external-secrets-stores + - name: volsync + wait: true + interval: 30m + retryInterval: 1m + timeout: 15m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 10Gi diff --git a/kubernetes/apps/database/kustomization.yaml b/kubernetes/apps/database/kustomization.yaml index fd1bf3475..e6de73c29 100644 --- a/kubernetes/apps/database/kustomization.yaml +++ b/kubernetes/apps/database/kustomization.yaml @@ -7,4 +7,5 @@ resources: - ./namespace.yaml # Flux-Kustomizations - ./cloudnative-pg/ks.yaml + - ./influx/ks.yaml - ./redis/ks.yaml diff --git a/kubernetes/apps/monitoring/kustomization.yaml b/kubernetes/apps/monitoring/kustomization.yaml index c2cb45a79..1df390351 100644 --- a/kubernetes/apps/monitoring/kustomization.yaml +++ b/kubernetes/apps/monitoring/kustomization.yaml @@ -10,5 +10,6 @@ resources: - ./grafana/ks.yaml - ./kube-prometheus-stack/ks.yaml - ./loki/ks.yaml + - ./scrutiny/ks.yaml - ./thanos/ks.yaml - ./vector/ks.yaml diff --git a/kubernetes/apps/monitoring/scrutiny/app/helmrelease.yaml b/kubernetes/apps/monitoring/scrutiny/app/helmrelease.yaml new file mode 100644 index 000000000..56875adf9 --- /dev/null +++ b/kubernetes/apps/monitoring/scrutiny/app/helmrelease.yaml @@ -0,0 +1,132 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: &app scrutiny + namespace: monitoring +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 2.5.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + maxHistory: 2 + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + values: + defaultPodOptions: + automountServiceAccountToken: false + securityContext: + privileged: true + # capabilities: + # add: ["SYS_RAWIO"] # allow access to smartctl + controllers: + main: + containers: + main: + image: + repository: ghcr.io/analogj/scrutiny + tag: master-web + env: + TZ: ${TIMEZONE} + SCRUTINY_WEB_INFLUXDB_HOST: influx.database.svc.cluster.local + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + memory: 128Mi + service: + main: + ports: + http: + port: &port 8080 + ingress: + main: + enabled: true + className: nginx + annotations: + hajimari.io/icon: mdi:harddiskstatus + hosts: + - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" + paths: + - path: / + service: + name: main + port: http + tls: + - hosts: + - *host + probes: + liveness: + enabled: true + custom: true + spec: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + httpGet: + path: /api/health + port: *port + readiness: + enabled: true + custom: true + spec: + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + httpGet: + path: /api/health + port: *port + startup: + enabled: true + custom: true + spec: + initialDelaySeconds: 0 + timeoutSeconds: 1 + periodSeconds: 5 + failureThreshold: 30 + httpGet: + path: /api/health + port: *port + persistence: + config: + enabled: true + existingClaim: *app + globalMounts: + - path: /opt/scrutiny/config + udev: + enabled: true + type: hostPath + hostPath: /run/udev + readOnly: true + globalMounts: + - path: /run/udev + nvme0n1: + enabled: true + type: hostPath + hostPath: /dev/nvme0n1 + readOnly: true + globalMounts: + - path: /dev/nvme0n1 + sda: + enabled: true + type: hostPath + hostPath: /dev/sda + readOnly: true + globalMounts: + - path: /dev/sda diff --git a/kubernetes/apps/monitoring/scrutiny/app/kustomization.yaml b/kubernetes/apps/monitoring/scrutiny/app/kustomization.yaml new file mode 100644 index 000000000..c57b74823 --- /dev/null +++ b/kubernetes/apps/monitoring/scrutiny/app/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helmrelease.yaml + - ../../../../templates/volsync diff --git a/kubernetes/apps/monitoring/scrutiny/collector/helmrelease.yaml b/kubernetes/apps/monitoring/scrutiny/collector/helmrelease.yaml new file mode 100644 index 000000000..b6cc6568d --- /dev/null +++ b/kubernetes/apps/monitoring/scrutiny/collector/helmrelease.yaml @@ -0,0 +1,73 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: &app scrutiny-collector + namespace: monitoring +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 2.5.0 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + maxHistory: 2 + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + dependsOn: + - name: scrutiny + values: + defaultPodOptions: + automountServiceAccountToken: false + securityContext: + privileged: true + # capabilities: + # add: ["SYS_RAWIO"] # allow access to smartctl + controllers: + main: + type: daemonset + containers: + main: + image: + repository: ghcr.io/analogj/scrutiny + tag: master-collector + env: + COLLECTOR_API_ENDPOINT: http://scrutiny.monitoring.svc.cluster.local:8080 + COLLECTOR_HOST_ID: + valueFrom: + fieldRef: + fieldPath: spec.nodeName + TZ: ${TIMEZONE} + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + memory: 128Mi + service: + main: + enabled: false + persistence: + config: + enabled: true + type: emptyDir + globalMounts: + - path: /opt/scrutiny/config + udev: + enabled: true + type: hostPath + hostPath: /run/udev + readOnly: true + globalMounts: + - path: /run/udev diff --git a/kubernetes/apps/monitoring/scrutiny/collector/kustomization.yaml b/kubernetes/apps/monitoring/scrutiny/collector/kustomization.yaml new file mode 100644 index 000000000..4fd939d44 --- /dev/null +++ b/kubernetes/apps/monitoring/scrutiny/collector/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helmrelease.yaml diff --git a/kubernetes/apps/monitoring/scrutiny/ks.yaml b/kubernetes/apps/monitoring/scrutiny/ks.yaml new file mode 100644 index 000000000..c69ec40db --- /dev/null +++ b/kubernetes/apps/monitoring/scrutiny/ks.yaml @@ -0,0 +1,52 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app scrutiny + namespace: flux-system +spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: rook-ceph-cluster + - name: volsync + path: ./kubernetes/apps/monitoring/scrutiny/app + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app scrutiny-collector + namespace: flux-system +spec: + targetNamespace: monitoring + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/monitoring/scrutiny/collector + prune: true + sourceRef: + kind: GitRepository + name: home-ops-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app