diff --git a/Makefile b/Makefile index 255d3f3..0e819c1 100644 --- a/Makefile +++ b/Makefile @@ -1,81 +1,36 @@ -KUSTOMIZE = KUSTOMIZE_PLUGIN_HOME=$(PWD)/plugins kustomize -KUSTOMIZEFLAGS = --enable-alpha-plugins +KUSTOMIZE = kustomize +KUSTOMIZEFLAGS = KUBECTL = kubectl KUBECTLFLAGS = -KUBECTLDIFFFLAGS = +KUBECTLDIFFFLAGS = --server-side=true --force-conflicts KUBECTLAPPLYFLAGS = --server-side=true --force-conflicts --prune SRC := $(shell find kustomize/ -type f) -OUTDIR = build +OUT = build -# DEVOUT = $(OUTDIR)/dev -# DEVMANIFESTSRC = kustomize/overlays/dev -# DEVMANIFESTOUT = $(DEVOUT)/manifest.yaml -# DEVCLUSTERSRC = kustomize/overlays/dev-cluster -# DEVCLUSTEROUT = $(DEVOUT)/cluster.yaml +PRODOUT = $(OUT)/prod.yaml +PRODSRC = kustomize/env/prod -PRODOUT = $(OUTDIR)/prod -PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml -PRODMANIFESTSRC = kustomize/overlays/prod -PRODCLUSTEROUT = $(PRODOUT)/cluster.yaml -PRODCLUSTERSRC = kustomize/overlays/prod-cluster - -# ifeq ($(environment),prod) -# environment = prod - -# ENVOUTDIR = $(PRODOUT) -# ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT) -# else -# environment = dev - -# ENVOUTDIR = $(DEVOUT) -# ENVOUTFILE = $(DEVMANIFESTOUT) $(DEVCLUSTERTOUT) -# endif - -environment=prod -ENVOUTDIR = $(PRODOUT) -ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT) +.PHONY: prod +prod: prod-diff .PHONY: diff -diff: $(environment) - $(KUBECTL) $(KUBECTLFLAGS) diff $(KUBECTLDIFFFLAGS) -f $(ENVOUTDIR) | highlight --out-format xterm256 --syntax diff +prod-diff: $(PRODOUT) + $(KUBECTL) $(KUBECTLFLAGS) diff $(KUBECTLDIFFFLAGS) -f $(PRODOUT) | highlight --out-format xterm256 --syntax diff .PHONY: apply -apply: $(environment) - $(KUBECTL) $(KUBECTLFLAGS) apply $(KUBECTLAPPLYFLAGS) -l app.kubernetes.io/managed-by=kustomize-cluster -f $(ENVOUTDIR) - $(KUBECTL) $(KUBECTLFLAGS) apply $(KUBECTLAPPLYFLAGS) -l app.kubernetes.io/managed-by=kustomize -f $(ENVOUTDIR) +prod-apply: $(PRODOUT) + $(KUBECTL) $(KUBECTLFLAGS) apply $(KUBECTLAPPLYFLAGS) -l app.kubernetes.io/managed-by=kustomize -f $(PRODOUT) -.PHONY: all dev prod -all: dev prod -# dev: $(DEVMANIFESTOUT) $(DEVCLUSTEROUT) -prod: $(PRODMANIFESTOUT) $(PRODCLUSTEROUT) - -# $(DEVMANIFESTOUT): $(SRC) -# mkdir -p $(DEVOUT) -# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVMANIFESTSRC) >$(DEVMANIFESTOUT) || (rm $(DEVMANIFESTOUT); exit 1) - -# $(DEVCLUSTEROUT): $(SRC) -# mkdir -p $(DEVOUT) -# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVCLUSTERSRC) >$(DEVCLUSTEROUT) || (rm $(DEVCLUSTEROUT); exit 1) - -$(PRODMANIFESTOUT): $(SRC) - mkdir -p $(PRODOUT) - $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(PRODMANIFESTSRC) >$(PRODMANIFESTOUT) || (rm $(PRODMANIFESTOUT); exit 1) - -$(PRODCLUSTEROUT): $(SRC) - mkdir -p $(PRODOUT) - $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(PRODCLUSTERSRC) >$(PRODCLUSTEROUT) || (rm $(PRODCLUSTEROUT); exit 1) +$(PRODOUT): $(SRC) + mkdir -p $(OUT) + $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(PRODSRC) >$(PRODOUT) || (rm $(PRODOUT); exit 1) .PHONY: clean clean: - rm -r $(OUTDIR) - -# $(KUSTOMIZEOUTALL): $(SRC) -# @mkdir -p $(dir $(KUSTOMIZEOUTALL)) -# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIRALL) >$(KUSTOMIZEOUTALL) || (rm $(KUSTOMIZEOUTALL); exit 1) - -# $(KUSTOMIZEOUT): $(SRC) -# @mkdir -p $(dir $(KUSTOMIZEOUT)) -# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIR) >$(KUSTOMIZEOUT) || (rm $(KUSTOMIZEOUT); exit 1) + rm -r $(OUT) +.PHONY: infra +infra: + terraform -chdir=terraform apply \ No newline at end of file diff --git a/README.md b/README.md index 958eab8..199cfae 100644 --- a/README.md +++ b/README.md @@ -4,27 +4,45 @@ Kubernetes deployment for home cluster. ## Deploying +Deployments are done through a `Makefile`. + Prerequisites: * make -* docker +* terraform +* kustomize * kubectl - -For local deployment: -* k3d - -### Local deployment -``` sh -./setup-local-cluster.sh -make -make apply -``` +* highlight (for prettying `diff`) ### Prod deployment +#### infra ``` sh -make environment=prod -make environment=prod apply +make infra ``` +This will: +1. Configure external-secret to be able to sync kubernetes secrets with the secret store in AWS. +2. Configure the DNS entries in DigitalOcean + +#### diff +``` sh +make +``` +*or* +``` sh +make prod-diff +``` + +Generated kubernetes manifest will be in [./build/prod.yaml](./build/prod.yaml). + +#### apply +``` sh +make prod-apply +``` + +Generated kubernetes manifest will be in [./build/prod.yaml](./build/prod.yaml). + +Server-side resources that are not declared in the manifest will be pruned. + ## Services | service | local | prod | diff --git a/kustomize/overlays/prod/configurations/ecommerce-exporter/ecommerce-exporter.yml b/kustomize/env/prod/configurations/ecommerce-exporter/ecommerce-exporter.yml similarity index 100% rename from kustomize/overlays/prod/configurations/ecommerce-exporter/ecommerce-exporter.yml rename to kustomize/env/prod/configurations/ecommerce-exporter/ecommerce-exporter.yml diff --git a/kustomize/overlays/prod/configurations/prometheus/prometheus-additional.yaml b/kustomize/env/prod/configurations/prometheus/prometheus-additional.yaml similarity index 100% rename from kustomize/overlays/prod/configurations/prometheus/prometheus-additional.yaml rename to kustomize/env/prod/configurations/prometheus/prometheus-additional.yaml diff --git a/kustomize/overlays/prod/kustomization.yaml b/kustomize/env/prod/kustomization.yaml similarity index 84% rename from kustomize/overlays/prod/kustomization.yaml rename to kustomize/env/prod/kustomization.yaml index 7a43aa7..d1ac95c 100644 --- a/kustomize/overlays/prod/kustomization.yaml +++ b/kustomize/env/prod/kustomization.yaml @@ -1,8 +1,10 @@ resources: + - ../../overlays/system + # - ../../namespaces/kubernetes-dashboard - - ../../namespaces/gitea - - ../../namespaces/monitoring - - ../../namespaces/nextcloud + - ../../overlays/gitea + - ../../overlays/monitoring + - ../../overlays/nextcloud # resources: # - probes/external-services-bobcat-miner.yaml @@ -36,6 +38,9 @@ configMapGenerator: - name: replacements namespace: default literals: + - TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home + - LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home + - GITEA_EXTERNAL_HOST=code.badjware.dev - GITEA_EXTERNAL_URL=https://code.badjware.dev @@ -79,6 +84,32 @@ patches: # - patches/blackbox-exporter-probe-patch.yaml replacements: + - source: + kind: ConfigMap + name: replacements + namespace: default + fieldPath: data.TRAEFIK_EXTERNAL_HOST + targets: + - select: + kind: Ingress + name: traefik + namespace: kube-system + fieldPaths: + - spec.rules.0.host + - source: + kind: ConfigMap + name: replacements + namespace: default + fieldPath: data.LONGHORN_EXTERNAL_HOST + targets: + - select: + kind: HelmChart + name: longhorn + namespace: kube-system + fieldPaths: + - spec.set.[ingress.host] + options: + create: true - source: kind: ConfigMap name: replacements @@ -192,4 +223,4 @@ replacements: name: prometheus namespace: monitoring fieldPaths: - - spec.rules.0.host \ No newline at end of file + - spec.rules.0.host diff --git a/kustomize/overlays/prod/patches/nextcloud-deployment-patch.yaml b/kustomize/env/prod/patches/nextcloud-deployment-patch.yaml similarity index 100% rename from kustomize/overlays/prod/patches/nextcloud-deployment-patch.yaml rename to kustomize/env/prod/patches/nextcloud-deployment-patch.yaml diff --git a/kustomize/overlays/prod/patches/prometheus-patch.yaml b/kustomize/env/prod/patches/prometheus-patch.yaml similarity index 100% rename from kustomize/overlays/prod/patches/prometheus-patch.yaml rename to kustomize/env/prod/patches/prometheus-patch.yaml diff --git a/kustomize/overlays/prod/probes/external-services-bobcat-miner.yaml b/kustomize/env/prod/probes/external-services-bobcat-miner.yaml similarity index 100% rename from kustomize/overlays/prod/probes/external-services-bobcat-miner.yaml rename to kustomize/env/prod/probes/external-services-bobcat-miner.yaml diff --git a/kustomize/namespaces/gitea/kustomization.yaml b/kustomize/overlays/gitea/kustomization.yaml similarity index 100% rename from kustomize/namespaces/gitea/kustomization.yaml rename to kustomize/overlays/gitea/kustomization.yaml diff --git a/kustomize/namespaces/gitea/namespace.yaml b/kustomize/overlays/gitea/namespace.yaml similarity index 100% rename from kustomize/namespaces/gitea/namespace.yaml rename to kustomize/overlays/gitea/namespace.yaml diff --git a/kustomize/namespaces/kubernetes-dashboard/kustomization.yaml b/kustomize/overlays/kubernetes-dashboard/kustomization.yaml similarity index 100% rename from kustomize/namespaces/kubernetes-dashboard/kustomization.yaml rename to kustomize/overlays/kubernetes-dashboard/kustomization.yaml diff --git a/kustomize/namespaces/monitoring/kustomization.yaml b/kustomize/overlays/monitoring/kustomization.yaml similarity index 100% rename from kustomize/namespaces/monitoring/kustomization.yaml rename to kustomize/overlays/monitoring/kustomization.yaml diff --git a/kustomize/namespaces/monitoring/namespace.yaml b/kustomize/overlays/monitoring/namespace.yaml similarity index 100% rename from kustomize/namespaces/monitoring/namespace.yaml rename to kustomize/overlays/monitoring/namespace.yaml diff --git a/kustomize/namespaces/monitoring/probes/blackbox-exporter.yaml b/kustomize/overlays/monitoring/probes/blackbox-exporter.yaml similarity index 100% rename from kustomize/namespaces/monitoring/probes/blackbox-exporter.yaml rename to kustomize/overlays/monitoring/probes/blackbox-exporter.yaml diff --git a/kustomize/namespaces/monitoring/servicemonitors/any-namespaces-http.yaml b/kustomize/overlays/monitoring/servicemonitors/any-namespaces-http.yaml similarity index 100% rename from kustomize/namespaces/monitoring/servicemonitors/any-namespaces-http.yaml rename to kustomize/overlays/monitoring/servicemonitors/any-namespaces-http.yaml diff --git a/kustomize/namespaces/monitoring/servicemonitors/kube-state-metrics.yaml b/kustomize/overlays/monitoring/servicemonitors/kube-state-metrics.yaml similarity index 100% rename from kustomize/namespaces/monitoring/servicemonitors/kube-state-metrics.yaml rename to kustomize/overlays/monitoring/servicemonitors/kube-state-metrics.yaml diff --git a/kustomize/namespaces/monitoring/servicemonitors/kubelet.yaml b/kustomize/overlays/monitoring/servicemonitors/kubelet.yaml similarity index 100% rename from kustomize/namespaces/monitoring/servicemonitors/kubelet.yaml rename to kustomize/overlays/monitoring/servicemonitors/kubelet.yaml diff --git a/kustomize/namespaces/monitoring/servicemonitors/longhorn.yaml b/kustomize/overlays/monitoring/servicemonitors/longhorn.yaml similarity index 100% rename from kustomize/namespaces/monitoring/servicemonitors/longhorn.yaml rename to kustomize/overlays/monitoring/servicemonitors/longhorn.yaml diff --git a/kustomize/namespaces/monitoring/servicemonitors/node-exporter.yaml b/kustomize/overlays/monitoring/servicemonitors/node-exporter.yaml similarity index 100% rename from kustomize/namespaces/monitoring/servicemonitors/node-exporter.yaml rename to kustomize/overlays/monitoring/servicemonitors/node-exporter.yaml diff --git a/kustomize/namespaces/monitoring/servicemonitors/prometheus.yaml b/kustomize/overlays/monitoring/servicemonitors/prometheus.yaml similarity index 100% rename from kustomize/namespaces/monitoring/servicemonitors/prometheus.yaml rename to kustomize/overlays/monitoring/servicemonitors/prometheus.yaml diff --git a/kustomize/namespaces/nextcloud/kustomization.yaml b/kustomize/overlays/nextcloud/kustomization.yaml similarity index 100% rename from kustomize/namespaces/nextcloud/kustomization.yaml rename to kustomize/overlays/nextcloud/kustomization.yaml diff --git a/kustomize/namespaces/nextcloud/namespace.yaml b/kustomize/overlays/nextcloud/namespace.yaml similarity index 100% rename from kustomize/namespaces/nextcloud/namespace.yaml rename to kustomize/overlays/nextcloud/namespace.yaml diff --git a/kustomize/overlays/prod-cluster/kustomization.yaml b/kustomize/overlays/prod-cluster/kustomization.yaml deleted file mode 100644 index 5eff825..0000000 --- a/kustomize/overlays/prod-cluster/kustomization.yaml +++ /dev/null @@ -1,44 +0,0 @@ -resources: - - ../../namespaces/kube-system - - ../../bases/longhorn - -buildMetadata: - - originAnnotations - -commonLabels: - app.kubernetes.io/managed-by: kustomize-cluster - -configMapGenerator: - - name: cluster-replacements - namespace: default - literals: - - TRAEFIK_EXTERNAL_HOST=traefik.badjnet.home - - LONGHORN_EXTERNAL_HOST=longhorn.badjnet.home - -replacements: - - source: - kind: ConfigMap - name: cluster-replacements - namespace: default - fieldPath: data.TRAEFIK_EXTERNAL_HOST - targets: - - select: - kind: Ingress - name: traefik - namespace: kube-system - fieldPaths: - - spec.rules.0.host - - source: - kind: ConfigMap - name: cluster-replacements - namespace: default - fieldPath: data.LONGHORN_EXTERNAL_HOST - targets: - - select: - kind: HelmChart - name: longhorn - namespace: kube-system - fieldPaths: - - spec.set.[ingress.host] - options: - create: true \ No newline at end of file diff --git a/kustomize/overlays/prod-cluster/transformers/ssm-secrets.yaml b/kustomize/overlays/prod-cluster/transformers/ssm-secrets.yaml deleted file mode 100644 index cc35d89..0000000 --- a/kustomize/overlays/prod-cluster/transformers/ssm-secrets.yaml +++ /dev/null @@ -1,6 +0,0 @@ -apiVersion: badjware/v1 -kind: SSMParameterPlaceholderTransformer -metadata: - name: ssm-parameter -resourceSelectors: - - kind: Secret \ No newline at end of file diff --git a/kustomize/namespaces/kube-system/clustersecretstore.yaml b/kustomize/overlays/system/clustersecretstore.yaml similarity index 100% rename from kustomize/namespaces/kube-system/clustersecretstore.yaml rename to kustomize/overlays/system/clustersecretstore.yaml diff --git a/kustomize/namespaces/kube-system/kustomization.yaml b/kustomize/overlays/system/kustomization.yaml similarity index 66% rename from kustomize/namespaces/kube-system/kustomization.yaml rename to kustomize/overlays/system/kustomization.yaml index ec36579..46df90d 100644 --- a/kustomize/namespaces/kube-system/kustomization.yaml +++ b/kustomize/overlays/system/kustomization.yaml @@ -1,4 +1,5 @@ resources: + - ../../bases/longhorn - ../../bases/traefik - ../../bases/prometheus-operator - ../../bases/external-secrets