Compare commits
57 commits
0604e5b575
...
954ce828c0
| Author | SHA1 | Date | |
|---|---|---|---|
| 954ce828c0 | |||
| 5ed2d0c583 | |||
| ba77aa92db | |||
| 2d1a33d17a | |||
| 1168f36571 | |||
| 5cb5107539 | |||
| 3e4fd63f1c | |||
| 7ba4334b23 | |||
| 327f9bc32e | |||
| 00404e59a9 | |||
| 98a31e7e4b | |||
| 3f6a130e58 | |||
| 98ac0beedd | |||
| ddf7df239b | |||
| fd40981ec3 | |||
| 38f70d7e26 | |||
| aa4545a53d | |||
| 21a787e06a | |||
| d43bcd8732 | |||
| 053cee9a3d | |||
| bc21e5b999 | |||
| 02af75408d | |||
| 66ab77a6c4 | |||
| 39b7162d2c | |||
| 64eaf66fd4 | |||
| fad48c2e7a | |||
| dca117e8bc | |||
| 1292fa252e | |||
| acdcbe0e2f | |||
| e75cc17ea2 | |||
| b99b34c545 | |||
| b7a40ffeda | |||
| 0877ff9e4f | |||
| d51008810b | |||
| 71c63bb31f | |||
| 7c7d88ab04 | |||
| f24fdc4e56 | |||
| 43da19c70f | |||
| 92d61457e7 | |||
| 4359716e07 | |||
| 4d2f192a01 | |||
| 54f86f100b | |||
| 03d00df939 | |||
| b09c862403 | |||
| ec34ab2ac6 | |||
| b9ee994658 | |||
| d2f0a6550c | |||
| 8b2c0b2ba2 | |||
| 6908578a1a | |||
| 05636c8612 | |||
| 17034fcad5 | |||
| d5c0631157 | |||
| b5e505ac58 | |||
| 9b01641729 | |||
| 4fe927d03f | |||
| ac81d02ad4 | |||
| c13483fa24 |
10 changed files with 30 additions and 1582 deletions
|
|
@ -23,7 +23,7 @@
|
||||||
"argocd-init\\.yml$"
|
"argocd-init\\.yml$"
|
||||||
],
|
],
|
||||||
"matchStrings": [
|
"matchStrings": [
|
||||||
"\\s+repo:\\s(?<registryUrl>.*)\\n\\s+chart:\\s(?<depName>.*)\\n\\s+version:\\s(?<currentValue>.*)\\n"
|
"\\s+chart:\\s(?<depName>.*)\\n\\s+repo:\\s(?<registryUrl>.*)\\n\\s+version:\\s(?<currentValue>.*)\\n"
|
||||||
],
|
],
|
||||||
"datasourceTemplate": "helm"
|
"datasourceTemplate": "helm"
|
||||||
},
|
},
|
||||||
|
|
@ -35,8 +35,8 @@
|
||||||
],
|
],
|
||||||
"matchStrings": [
|
"matchStrings": [
|
||||||
"\\s+chart::\\s\\\"(?<depName>.*)\\\",",
|
"\\s+chart::\\s\\\"(?<depName>.*)\\\",",
|
||||||
"\\s+version::\\s\\\"(?<currentValue>.*)\\\",",
|
"\\s+repo::\\s\\\"(?<registryUrl>.*)\\\",",
|
||||||
"\\s+repo::\\s\\\"(?<registryUrl>.*)\\\","
|
"\\s+version::\\s\\\"(?<currentValue>.*)\\\","
|
||||||
],
|
],
|
||||||
"matchStringsStrategy": "combination",
|
"matchStringsStrategy": "combination",
|
||||||
"datasourceTemplate": "helm"
|
"datasourceTemplate": "helm"
|
||||||
|
|
@ -49,8 +49,8 @@
|
||||||
],
|
],
|
||||||
"matchStrings": [
|
"matchStrings": [
|
||||||
"\\s+chart::\\s\\\"(?<depName>.*)\\\",",
|
"\\s+chart::\\s\\\"(?<depName>.*)\\\",",
|
||||||
"\\s+\\\"version\\\":\\s\\\"(?<currentValue>.*)\\\",",
|
"\\s+repo::\\s\\\"(?<registryUrl>.*)\\\",",
|
||||||
"\\s+repo::\\s\\\"(?<registryUrl>.*)\\\","
|
"\\s+\\\"version\\\":\\s\\\"(?<currentValue>.*)\\\","
|
||||||
],
|
],
|
||||||
"matchStringsStrategy": "combination",
|
"matchStringsStrategy": "combination",
|
||||||
"datasourceTemplate": "helm"
|
"datasourceTemplate": "helm"
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,6 @@
|
||||||
* [cert-manager](https://cert-manager.io/)
|
* [cert-manager](https://cert-manager.io/)
|
||||||
* selfsigned issuer
|
* selfsigned issuer
|
||||||
* LetsEncrypt issuers (Prod and Staging)
|
* LetsEncrypt issuers (Prod and Staging)
|
||||||
* [prometheus and grafana](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack)
|
|
||||||
* [zabbix-proxy](https://git.zabbix.com/projects/ZT/repos/kubernetes-helm/browse?at=refs%2Fheads%2Frelease%2F6.4)
|
* [zabbix-proxy](https://git.zabbix.com/projects/ZT/repos/kubernetes-helm/browse?at=refs%2Fheads%2Frelease%2F6.4)
|
||||||
* [loki](https://grafana.com/docs/loki/latest/)
|
* [loki](https://grafana.com/docs/loki/latest/)
|
||||||
* [keel](https://keel.sh)
|
* [keel](https://keel.sh)
|
||||||
|
|
|
||||||
|
|
@ -11,11 +11,13 @@ metadata:
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
spec:
|
spec:
|
||||||
# do not change order! (needed for renovate)
|
# do not change order! (needed for renovate)
|
||||||
repo: https://argoproj.github.io/argo-helm
|
|
||||||
chart: argo-cd
|
chart: argo-cd
|
||||||
version: 5.51.6
|
repo: https://argoproj.github.io/argo-helm
|
||||||
|
version: 7.4.3
|
||||||
targetNamespace: argocd
|
targetNamespace: argocd
|
||||||
valuesContent: |-
|
valuesContent: |-
|
||||||
|
server:
|
||||||
|
replicas: 1
|
||||||
applicationSet:
|
applicationSet:
|
||||||
enabled: false
|
enabled: false
|
||||||
notifications:
|
notifications:
|
||||||
|
|
@ -30,13 +32,13 @@ metadata:
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
spec:
|
spec:
|
||||||
# do not change order! (needed for renovate)
|
# do not change order! (needed for renovate)
|
||||||
repo: https://argoproj.github.io/argo-helm
|
|
||||||
chart: argocd-apps
|
chart: argocd-apps
|
||||||
version: 1.4.1
|
repo: https://argoproj.github.io/argo-helm
|
||||||
|
version: 2.0.0
|
||||||
targetNamespace: argocd
|
targetNamespace: argocd
|
||||||
valuesContent: |-
|
valuesContent: |-
|
||||||
projects:
|
projects:
|
||||||
- name: baseline
|
baseline:
|
||||||
namespace: argocd
|
namespace: argocd
|
||||||
finalizers:
|
finalizers:
|
||||||
- resources-finalizer.argocd.argoproj.io
|
- resources-finalizer.argocd.argoproj.io
|
||||||
|
|
@ -49,8 +51,7 @@ spec:
|
||||||
- group: '*'
|
- group: '*'
|
||||||
kind: '*'
|
kind: '*'
|
||||||
applications:
|
applications:
|
||||||
- name: baseline
|
baseline:
|
||||||
namespace: argocd
|
|
||||||
project: baseline
|
project: baseline
|
||||||
finalizers:
|
finalizers:
|
||||||
- resources-finalizer.argocd.argoproj.io
|
- resources-finalizer.argocd.argoproj.io
|
||||||
|
|
|
||||||
|
|
@ -4,9 +4,11 @@ local app = import "../_templates/argocd_app.libsonnet";
|
||||||
app + {
|
app + {
|
||||||
chart:: "cert-manager",
|
chart:: "cert-manager",
|
||||||
repo:: "https://charts.jetstack.io",
|
repo:: "https://charts.jetstack.io",
|
||||||
version:: "1.13.*",
|
version:: "1.15.*",
|
||||||
values:: |||
|
values:: |||
|
||||||
installCRDs: true
|
crds:
|
||||||
|
enabled: true
|
||||||
|
keep: false
|
||||||
|||
|
|||
|
||||||
},
|
},
|
||||||
]
|
]
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@ local app = import "../_templates/argocd_app.libsonnet";
|
||||||
app + {
|
app + {
|
||||||
chart:: "ingress-nginx",
|
chart:: "ingress-nginx",
|
||||||
repo:: "https://kubernetes.github.io/ingress-nginx",
|
repo:: "https://kubernetes.github.io/ingress-nginx",
|
||||||
version:: "4.8.*",
|
version:: "4.11.*",
|
||||||
values:: |||
|
values:: |||
|
||||||
defaultBackend:
|
defaultBackend:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
|
||||||
File diff suppressed because it is too large
Load diff
|
|
@ -1,39 +0,0 @@
|
||||||
local app = import "../../_templates/argocd_app.libsonnet";
|
|
||||||
|
|
||||||
[
|
|
||||||
app + {
|
|
||||||
name:: "loki",
|
|
||||||
namespace:: "metrics",
|
|
||||||
chart:: "loki-stack",
|
|
||||||
repo:: "https://grafana.github.io/helm-charts",
|
|
||||||
version:: "2.9.*",
|
|
||||||
syncOptions:: ["CreateNamespace=true", "Force=true"],
|
|
||||||
values:: |||
|
|
||||||
loki:
|
|
||||||
isDefault: false
|
|
||||||
promtail:
|
|
||||||
extraScrapeConfigs:
|
|
||||||
- job_name: journal
|
|
||||||
journal:
|
|
||||||
path: /var/log/journal
|
|
||||||
max_age: 12h
|
|
||||||
labels:
|
|
||||||
job: systemd-journal
|
|
||||||
relabel_configs:
|
|
||||||
- source_labels:
|
|
||||||
- '__journal__systemd_unit'
|
|
||||||
target_label: 'unit'
|
|
||||||
- source_labels:
|
|
||||||
- '__journal__hostname'
|
|
||||||
target_label: 'hostname'
|
|
||||||
extraVolumes:
|
|
||||||
- name: journal
|
|
||||||
hostPath:
|
|
||||||
path: /var/log/journal
|
|
||||||
extraVolumeMounts:
|
|
||||||
- name: journal
|
|
||||||
mountPath: /var/log/journal
|
|
||||||
readOnly: true
|
|
||||||
|||
|
|
||||||
}
|
|
||||||
]
|
|
||||||
|
|
@ -1,47 +0,0 @@
|
||||||
# see https://blog.ediri.io/kube-prometheus-stack-and-argocd-23-how-to-remove-a-workaround
|
|
||||||
local app = import "../../_templates/argocd_app.libsonnet";
|
|
||||||
|
|
||||||
local vars = {
|
|
||||||
"version": "55.3.1",
|
|
||||||
"namespace": "metrics"
|
|
||||||
};
|
|
||||||
|
|
||||||
[
|
|
||||||
app + {
|
|
||||||
name:: "prometheus-crds",
|
|
||||||
namespace:: vars.namespace,
|
|
||||||
path:: "charts/kube-prometheus-stack/charts/crds/crds",
|
|
||||||
repo:: "https://github.com/prometheus-community/helm-charts.git",
|
|
||||||
version:: "kube-prometheus-stack-" + vars.version,
|
|
||||||
syncOptions:: ["CreateNamespace=true", "Replace=true"],
|
|
||||||
sync_wave:: -1,
|
|
||||||
},
|
|
||||||
app + {
|
|
||||||
name:: "prometheus-grafana",
|
|
||||||
namespace: vars.namespace,
|
|
||||||
chart:: "kube-prometheus-stack",
|
|
||||||
repo:: "https://prometheus-community.github.io/helm-charts",
|
|
||||||
version:: vars.version,
|
|
||||||
skipCrds:: true,
|
|
||||||
values:: |||
|
|
||||||
fullnameOverride: prometheus-stack
|
|
||||||
kubeProxy:
|
|
||||||
enabled: false
|
|
||||||
kubeScheduler:
|
|
||||||
enabled: false
|
|
||||||
kubeControllerManager:
|
|
||||||
enabled: false
|
|
||||||
alertmanager:
|
|
||||||
enabled: false
|
|
||||||
prometheus:
|
|
||||||
prometheusSpec:
|
|
||||||
storageSpec:
|
|
||||||
volumeClaimTemplate:
|
|
||||||
spec:
|
|
||||||
accessModes: ["ReadWriteOnce"]
|
|
||||||
resources:
|
|
||||||
requests:
|
|
||||||
storage: 10Gi
|
|
||||||
|||
|
|
||||||
}
|
|
||||||
]
|
|
||||||
|
|
@ -5,8 +5,8 @@ app + {
|
||||||
name:: "zabbix-proxy",
|
name:: "zabbix-proxy",
|
||||||
namespace:: "monitoring",
|
namespace:: "monitoring",
|
||||||
chart:: "zabbix-helm-chrt",
|
chart:: "zabbix-helm-chrt",
|
||||||
repo:: "https://cdn.zabbix.com/zabbix/integrations/kubernetes-helm/6.4",
|
repo:: "https://cdn.zabbix.com/zabbix/integrations/kubernetes-helm/7.0",
|
||||||
version:: "1.3.*",
|
version:: "0.0.*",
|
||||||
values:: |||
|
values:: |||
|
||||||
zabbixAgent:
|
zabbixAgent:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
- hosts: all
|
- name: Install k3s server
|
||||||
|
hosts: all
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
name: Install k3s server
|
|
||||||
tags: k3s-server
|
tags: k3s-server
|
||||||
tasks:
|
tasks:
|
||||||
- name: Download k3s install script
|
- name: Download k3s install script
|
||||||
|
|
@ -12,7 +12,7 @@
|
||||||
- name: Install k3s server
|
- name: Install k3s server
|
||||||
ansible.builtin.command: "k3s_install.sh"
|
ansible.builtin.command: "k3s_install.sh"
|
||||||
environment:
|
environment:
|
||||||
INSTALL_K3S_CHANNEL: v1.28.4+k3s1
|
INSTALL_K3S_CHANNEL: v1.30.3+k3s1
|
||||||
INSTALL_K3S_EXEC: "--disable traefik"
|
INSTALL_K3S_EXEC: "--disable traefik"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
- name: Start and enable k3s server
|
- name: Start and enable k3s server
|
||||||
|
|
@ -20,15 +20,20 @@
|
||||||
name: k3s
|
name: k3s
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
- name: Add restart cronjob
|
||||||
|
ansible.builtin.cron:
|
||||||
|
name: "restart k3s (and regenerate certs if necessary)"
|
||||||
|
special_time: monthly
|
||||||
|
job: "systemctl restart k3s"
|
||||||
- name: Get kubeconfig
|
- name: Get kubeconfig
|
||||||
ansible.builtin.fetch:
|
ansible.builtin.fetch:
|
||||||
src: /etc/rancher/k3s/k3s.yaml
|
src: /etc/rancher/k3s/k3s.yaml
|
||||||
dest: kubeconfig_{{ ansible_host }}.yml
|
dest: kubeconfig_{{ ansible_host }}.yml
|
||||||
flat: true
|
flat: true
|
||||||
|
|
||||||
- hosts: all
|
- name: Deploy baseline
|
||||||
|
hosts: all
|
||||||
gather_facts: false
|
gather_facts: false
|
||||||
name: Deploy baseline
|
|
||||||
tags: baseline
|
tags: baseline
|
||||||
tasks:
|
tasks:
|
||||||
- name: Copy manifest
|
- name: Copy manifest
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue