diff --git a/kustomize/bases/drone/drone-runner-deployment.yaml b/kustomize/bases/drone/drone-runner-deployment.yaml index 98a15ce..8885ded 100644 --- a/kustomize/bases/drone/drone-runner-deployment.yaml +++ b/kustomize/bases/drone/drone-runner-deployment.yaml @@ -32,6 +32,10 @@ spec: ports: - name: http containerPort: 80 + resources: + requests: + cpu: 2000m + memory: 4Gi --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 diff --git a/kustomize/bases/drone/drone-server-deployment.yaml b/kustomize/bases/drone/drone-server-deployment.yaml index 1563a4c..39feba2 100644 --- a/kustomize/bases/drone/drone-server-deployment.yaml +++ b/kustomize/bases/drone/drone-server-deployment.yaml @@ -41,9 +41,10 @@ spec: secretKeyRef: name: drone-secret key: rpc_secret - ports: - - name: http - containerPort: 80 + resources: + requests: + cpu: 500m + memory: 1Gi --- apiVersion: v1 kind: Service diff --git a/kustomize/bases/gitea/gitea-deployment.yaml b/kustomize/bases/gitea/gitea-deployment.yaml index b73566f..83c939d 100644 --- a/kustomize/bases/gitea/gitea-deployment.yaml +++ b/kustomize/bases/gitea/gitea-deployment.yaml @@ -56,14 +56,18 @@ spec: - name: http containerPort: 3000 - name: ssh - containerPort: 22 + containerPort: 22 + resources: + requests: + cpu: 500m + memory: 1Gi volumeMounts: - - name: gitea-data + - name: gitea-pv mountPath: /data volumes: - - name: gitea-data + - name: gitea-pv persistentVolumeClaim: - claimName: gitea-data + claimName: gitea-pvc # --- # apiVersion: v1 # kind: PersistentVolume @@ -84,7 +88,7 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: gitea-data + name: gitea-pvc labels: app: gitea spec: @@ -93,7 +97,7 @@ spec: - ReadWriteOnce resources: requests: - storage: 100Mi + storage: 10Gi # selector: # matchLabels: # app: gitea diff --git a/kustomize/bases/grafana/grafana-deployment.yaml b/kustomize/bases/grafana/grafana-deployment.yaml index 27d7ae3..0b3bb74 100644 --- a/kustomize/bases/grafana/grafana-deployment.yaml +++ b/kustomize/bases/grafana/grafana-deployment.yaml @@ -20,39 +20,77 @@ spec: - name: GF_AUTH_ANONYMOUS_ENABLED value: "true" - name: GF_AUTH_ANONYMOUS_ORG_ROLE - value: Admin - - name: GF_DATABASE_TYPE - value: postgres - - name: GF_DATABASE_HOST - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: host - - name: GF_DATABASE_NAME - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: database - - name: GF_DATABASE_USER - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: username - - name: GF_DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: password + value: Viewer + # - name: GF_DATABASE_TYPE + # value: postgres + # - name: GF_DATABASE_HOST + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: host + # - name: GF_DATABASE_NAME + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: database + # - name: GF_DATABASE_USER + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: username + # - name: GF_DATABASE_PASSWORD + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: password + readinessProbe: + failureThreshold: 3 + httpGet: + path: /robots.txt + port: 3000 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 3000 + timeoutSeconds: 1 ports: - name: http containerPort: 3000 + resources: + requests: + cpu: 250m + memory: 750Mi volumeMounts: - name: grafana-datasources mountPath: /etc/grafana/provisioning/datasources + - mountPath: /var/lib/grafana + name: grafana-pv volumes: - name: grafana-datasources configMap: name: grafana-datasources + - name: grafana-pv + persistentVolumeClaim: + claimName: grafana-pvc +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: grafana-pvc +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi --- apiVersion: v1 kind: Service @@ -60,7 +98,6 @@ metadata: name: grafana labels: app: grafana - monitor: main spec: selector: app: grafana diff --git a/kustomize/bases/grafana/grafana-ingress.yaml b/kustomize/bases/grafana/grafana-ingress.yaml new file mode 100644 index 0000000..4ed12d9 --- /dev/null +++ b/kustomize/bases/grafana/grafana-ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: grafana + labels: + app: grafana + annotations: + # nginx.ingress.kubernetes.io/rewrite-target: / + # cert-manager.io/cluster-issuer: letsencrypt +spec: + # tls: + # - hosts: + # - ${GRAFANA_EXTERNAL_HOST} + # secretName: letsencrypt-cert + rules: + - host: ${GRAFANA_EXTERNAL_HOST} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: grafana + port: + name: http diff --git a/kustomize/bases/grafana/ingress.yaml b/kustomize/bases/grafana/ingress.yaml deleted file mode 100644 index f259f9d..0000000 --- a/kustomize/bases/grafana/ingress.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: grafana - labels: - app: grafana - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - cert-manager.io/cluster-issuer: letsencrypt -spec: - tls: - - hosts: - - ${GRAFANA_EXTERNAL_HOST} - secretName: letsencrypt-cert - rules: - - host: ${GRAFANA_EXTERNAL_HOST} - http: - paths: - - path: / - backend: - serviceName: grafana - servicePort: http \ No newline at end of file diff --git a/kustomize/bases/grafana/kustomization.yaml b/kustomize/bases/grafana/kustomization.yaml index 2d18da9..0a0bf60 100644 --- a/kustomize/bases/grafana/kustomization.yaml +++ b/kustomize/bases/grafana/kustomization.yaml @@ -1,18 +1,21 @@ resources: - grafana-deployment.yaml - - ingress.yaml + - grafana-ingress.yaml configMapGenerator: - name: grafana-datasources files: - datasources.yaml=provision/datasources.yaml -secretGenerator: - - name: postgres-credentials-secret - type: Opaque - behavior: create - literals: - - host=172.18.1.2:5432 - - database=grafana - - username=grafana - - password=changeme +# secretGenerator: +# - name: postgres-credentials-secret +# type: Opaque +# behavior: create +# literals: +# - host=172.18.1.2:5432 +# - database=grafana +# - username=grafana +# - password=changeme + +# default username: admin +# default password: admin diff --git a/kustomize/overlays/dev/kustomization.yaml b/kustomize/overlays/dev/kustomization.yaml index 0753550..045b361 100644 --- a/kustomize/overlays/dev/kustomization.yaml +++ b/kustomize/overlays/dev/kustomization.yaml @@ -1,7 +1,7 @@ bases: - ../../namespaces/kubernetes-dashboard - ../../namespaces/gitea - # - ../../namespaces/grafana + - ../../namespaces/grafana # - ../../namespaces/nextcloud # resources: