reorganize kustomize

Makefile

@@ -9,25 +9,33 @@ KUBECTLAPPLYFLAGS = -l managed-by=kustomize --prune
 SRC := $(shell find kustomize/ -type f)
 OUTDIR = build
 
-# all environments
-KUSTOMIZEDIRALL =  kustomize/environment/all
-KUSTOMIZEOUTALL = $(OUTDIR)/all/manifest.yaml
 
 ifeq ($(environment),prod)
+	environment = prod
+
 	# prod
-	KUSTOMIZEDIR = kustomize/environment/prod
-	KUSTOMIZEOUT = $(OUTDIR)/prod/manifest.yaml
+	KUSTOMIZEDIR = kustomize/overlays/prod
+	KUSTOMIZEOUT = $(OUTDIR)/$(environment)/manifest.yaml
+
+	# base-deploy
+	KUSTOMIZEDIRALL =  kustomize/overlays/prod-base-deploy
+	KUSTOMIZEOUTALL = $(OUTDIR)/$(environment)/base-deploy.yaml
 else
-	# dev
 	environment = dev
-	KUBECTLFLAGS += --kubeconfig kubectl/kubeconfig.yaml
-	KUSTOMIZEDIR = kustomize/environment/dev
-	KUSTOMIZEOUT = $(OUTDIR)/dev/manifest.yaml
+
+	# dev
+	#KUBECTLFLAGS += --kubeconfig kubectl/kubeconfig.yaml
+	KUSTOMIZEDIR = kustomize/overlays/dev
+	KUSTOMIZEOUT = $(OUTDIR)/$(environment)/manifest.yaml
+
+	# base-deploy
+	KUSTOMIZEDIRALL =  kustomize/overlays/dev-base-deploy
+	KUSTOMIZEOUTALL = $(OUTDIR)/$(environment)/base-deploy.yaml
 endif
 
-.PHONY: info clean diff apply
+.PHONY: all info base-deploy clean diff apply
 
-all: info $(KUSTOMIZEOUT)
+all: info base-deploy $(KUSTOMIZEOUT)
 
 info:
 	@echo "Building for" $(environment)
@@ -35,10 +43,12 @@ info:
 clean:
 	rm -r $(OUTDIR)
 
-$(KUSTOMIZEOUT): $(SRC)
+base-deploy: $(SRC)
 	@mkdir -p $(dir $(KUSTOMIZEOUTALL))
-	@mkdir -p $(dir $(KUSTOMIZEOUT))
 	$(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIRALL) >$(KUSTOMIZEOUTALL) || (rm $(KUSTOMIZEOUTALL); exit 1)
+
+$(KUSTOMIZEOUT): $(SRC)
+	@mkdir -p $(dir $(KUSTOMIZEOUT))
 	$(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIR) >$(KUSTOMIZEOUT) || (rm $(KUSTOMIZEOUT); exit 1)
 
 diff: $(KUSTOMIZEOUT)
@@ -46,4 +56,3 @@ diff: $(KUSTOMIZEOUT)
 
 apply: $(KUSTOMIZEOUT)
 	$(KUBECTL) $(KUBECTLFLAGS) apply $(KUBECTLAPPLYFLAGS) -f $(KUSTOMIZEOUT)
-

docker-compose.yml

@@ -24,8 +24,8 @@ services:
       - manifests:/var/lib/rancher/k3s/server/manifests/manifests:ro
       - .:/host
     ports:
-      - 80:30080
-      - 443:30443
+      - 80:80
+      - 443:443
       - 6443:6443
   agent:
     image: rancher/k3s

kustomize/base/cert-manager/kustomization.yaml

@@ -1,5 +0,0 @@
-generators:
-  - cert-manager.yaml
-
-commonlabels:
-  app: cert-manager

kustomize/base/ingress-nginx/kustomization.yaml

@@ -1,11 +0,0 @@
-generators:
-  - nginx-ingress-controller.yaml
-
-patchesStrategicMerge:
-  - nginx-ingress-controller-nodeselector-patch.yaml
-  - nginx-ingress-controller-nodeport-patch.yaml
-
-namespace: ingress-nginx
-
-commonlabels:
-  app: ingress-nginx

kustomize/base/ingress-nginx/nginx-ingress-controller-nodeport-patch.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: ingress-nginx-controller
-  namespace: ingress-nginx
-spec:
-  externalTrafficPolicy: Local
-  ports:
-  - port: 80
-    nodePort: 30080
-  - port: 443
-    nodePort: 30443

kustomize/base/ingress-nginx/nginx-ingress-controller-nodeselector-patch.yaml

@@ -1,10 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: ingress-nginx-controller
-  namespace: ingress-nginx
-spec:
-  template:
-    spec:
-      nodeSelector:
-        node-role.kubernetes.io/master: "true"

kustomize/base/nfs-provisionner/kustomization.yaml

@@ -1,10 +0,0 @@
-resources:
-  - nfs-provisionner-storageclass.yaml
-
-generators:
-  - nfs-provisionner.yaml
-
-namespace: kube-system
-
-patchesStrategicMerge:
-  - nfs-provisionner-deployment-patch.yaml

kustomize/base/nfs-provisionner/nfs-provisionner-deployment-patch.yaml

@@ -1,15 +0,0 @@
-kind: Deployment
-apiVersion: apps/v1
-metadata:
-  name: nfs-provisioner
-spec:
-  template:
-    spec:
-      containers:
-        - name: nfs-provisioner
-          args:
-            - "-provisioner=badjware.dev/nfs"
-      volumes:
-        - name: export-volume
-          hostPath:
-            path: /srv/nfs

kustomize/base/nfs-provisionner/nfs-provisionner-storageclass.yaml

@@ -1,9 +0,0 @@
-kind: StorageClass
-apiVersion: storage.k8s.io/v1
-metadata:
-  name: nfs
-  annotations:
-    storageclass.beta.kubernetes.io/is-default-class: "true"
-provisioner: badjware.dev/nfs
-mountOptions:
-  - vers=4.1

kustomize/base/nfs-provisionner/nfs-provisionner.yaml

@@ -1,9 +0,0 @@
-apiVersion: badjware/v1
-kind: RemoteResources
-metadata:
-  name: nfs-provisionner
-resources:
-  - url: https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/nfs/deploy/kubernetes/deployment.yaml
-    sha256: fead9be4f0fd1b2e2f9780a47a6f2b3a7a552ea9d9e526654bb0ac1f263718ac
-  - url: https://raw.githubusercontent.com/kubernetes-incubator/external-storage/master/nfs/deploy/kubernetes/rbac.yaml
-    sha256: cb4075fac2084d477cb2384e39075217bf672627a3edb58c100307b500879846

kustomize/bases/cert-manager/cert-manager.yaml

@@ -3,5 +3,5 @@ kind: RemoteResources
 metadata:
   name: cert-manager
 resources:
-  - url: https://github.com/jetstack/cert-manager/releases/download/v0.15.0/cert-manager.yaml
-    sha256: 255a558beaa4009f43aaf7f9aeadac9beca7b4e0d58c9c92cdf5aece3b3f2b2c
+  - url: https://github.com/jetstack/cert-manager/releases/download/v0.16.0/cert-manager.yaml
+    sha256: 5770f5f01c10a902355b3522b8ce44508ebb6ec88955efde9a443afe5b3969d7

kustomize/bases/cert-manager/kustomization.yaml

@@ -0,0 +1,2 @@
+generators:
+  - cert-manager.yaml

kustomize/bases/gitea/kustomization.yaml

@@ -1,8 +1,4 @@
-bases:
-  - ../mariadb
-
 resources:
-  - namespace.yaml
   - gitea-deployment.yaml
   - drone-server-deployment.yaml
   - drone-runner-deployment.yaml
@@ -10,7 +6,7 @@ resources:
 secretGenerator:
   - name: mariadb-credentials-secret
     type: Opaque
-    behavior: replace
+    behavior: create
     literals:
       - database=gitea
       - username=gitea
@@ -25,8 +21,6 @@ secretGenerator:
       - client_id=replaceme
       - client_secret=replaceme
 
-namespace: gitea
-
 vars:
   - name: GITEA_EXTERNAL_HOST
     objref:

kustomize/bases/grafana/kustomization.yaml

@@ -1,8 +1,4 @@
-bases:
-  - ../mariadb
-
 resources:
-  - namespace.yaml
   - grafana-deployment.yaml
 
 configMapGenerator:
@@ -13,13 +9,8 @@ configMapGenerator:
 secretGenerator:
   - name: mariadb-credentials-secret
     type: Opaque
-    behavior: replace
+    behavior: create
     literals:
       - database=grafana
       - username=grafana
       - password=replaceme
-
-namespace: grafana
-
-commonLabels:
-  app: grafana

kustomize/bases/ingress-nginx/kustomization.yaml

@@ -0,0 +1,2 @@
+generators:
+  - nginx-ingress-controller.yaml

kustomize/bases/nextcloud/kustomization.yaml

@@ -1,21 +1,15 @@
-bases:
-  - ../mariadb
-
 resources:
-  - namespace.yaml
   - nextcloud-deployment.yaml
   - nextcloud-cronjob.yaml
 
 secretGenerator:
   - name: mariadb-credentials-secret
     type: Opaque
-    behavior: replace
+    behavior: create
     literals:
       - database=nextcloud
       - username=nextcloud
       - password=replaceme
 
-namespace: nextcloud
-
 commonlabels:
   app: nextcloud

kustomize/namespaces/cert-manager/kustomization.yaml

@@ -0,0 +1,4 @@
+bases:
+  - ../../bases/cert-manager
+
+namespace: cert-manager

kustomize/namespaces/gitea/kustomization.yaml

@@ -0,0 +1,8 @@
+bases:
+  - ../../bases/gitea
+  # - ../../base/mariadb
+
+resources:
+  - namespace.yaml
+
+namespace: gitea

kustomize/namespaces/grafana/kustomization.yaml

@@ -0,0 +1,8 @@
+bases:
+  - ../../bases/grafana
+  # - ../../base/mariadb
+
+resources:
+  - namespace.yaml
+
+namespace: grafana

kustomize/namespaces/ingress-nginx/kustomization.yaml

@@ -0,0 +1,4 @@
+bases:
+  - ../../bases/ingress-nginx
+
+namespace: ingress-nginx

kustomize/namespaces/nextcloud/kustomization.yaml

@@ -0,0 +1,8 @@
+bases:
+  - ../../bases/nextcloud
+  # - ../../base/mariadb
+
+resources:
+  - namespace.yaml
+
+namespace: nextcloud

kustomize/overlays/dev-base-deploy/kustomization.yaml

@@ -1,7 +1,6 @@
 bases:
-  - ../../base/nfs-provisionner
-  - ../../base/ingress-nginx
-  - ../../base/cert-manager
+  - ../../namespaces/cert-manager
+  - ../../namespaces/ingress-nginx
 
 # allow "kubectl apply -l managed-by=k3s --prune ..."
 commonlabels:

kustomize/overlays/dev/kustomization.yaml

@@ -1,9 +1,7 @@
 bases:
-  - ../../base/kubernetes-dashboard
-  - ../../base/gitea
-  - ../../base/nextcloud
-  - ../../base/grafana
-  - ../../base/monitoring
+  - ../../namespaces/gitea
+  - ../../namespaces/grafana
+  - ../../namespaces/nextcloud
 
 resources:
   - cert-manager/clusterissuer.yaml
@@ -28,14 +26,14 @@ patchesJson6902:
       group: networking.k8s.io
       version: v1beta1
       kind: Ingress
-      name: kubernetes-dashboard
+      name: gitea
     patch: |-
       - op: replace
         path: /spec/tls/0/hosts/0
-        value: kubernetes-dashboard.staging.badjware.dev
+        value: gitea.staging.badjware.dev
       - op: replace
         path: /spec/rules/0/host
-        value: kubernetes-dashboard.staging.badjware.dev
+        value: gitea.staging.badjware.dev
   - target:
       <<: *ingress_target
       name: grafana
@@ -56,16 +54,6 @@ patchesJson6902:
       - op: replace
         path: /spec/rules/0/host
         value: nextcloud.staging.badjware.dev
-  - target:
-      <<: *ingress_target
-      name: gitea
-    patch: |-
-      - op: replace
-        path: /spec/tls/0/hosts/0
-        value: gitea.staging.badjware.dev
-      - op: replace
-        path: /spec/rules/0/host
-        value: gitea.staging.badjware.dev
   - target:
       <<: *ingress_target
       name: drone