From 89c09df7bfd442ebe3ca780ba6aba4132623f6f7 Mon Sep 17 00:00:00 2001 From: Massaki Archambault Date: Thu, 26 Aug 2021 12:42:21 -0400 Subject: [PATCH] gitea dev config --- Makefile | 84 ++++++++------ .../bases/drone/drone-runner-deployment.yaml | 2 +- .../bases/drone/drone-server-deployment.yaml | 29 +---- .../bases/drone/drone-server-ingress.yaml | 25 ++++ kustomize/bases/drone/kustomization.yaml | 14 ++- kustomize/bases/gitea/gitea-deployment.yaml | 108 ++++++++---------- kustomize/bases/gitea/gitea-ingress.yaml | 25 ++++ kustomize/bases/gitea/ingress.yaml | 22 ---- kustomize/bases/gitea/kustomization.yaml | 29 ++--- ...in-user.yaml => dashboard-admin-user.yaml} | 0 .../dashboard-ingress.yaml | 27 +++++ .../bases/kubernetes-dashboard/ingress.yaml | 23 ---- .../kubernetes-dashboard.yaml | 7 -- .../kubernetes-dashboard/kustomization.yaml | 8 +- kustomize/bases/traefik/kustomization.yaml | 2 + .../traefik/traefik-helmchartconfig.yaml | 11 ++ .../cert-manager/kustomization.yaml | 2 +- kustomize/namespaces/gitea/kustomization.yaml | 1 + .../namespaces/kube-system/kustomization.yaml | 3 +- .../kubernetes-dashboard/kustomization.yaml | 4 + .../dev-auto-deploy/kustomization.yaml | 7 -- .../overlays/dev-cluster/kustomization.yaml | 7 ++ kustomize/overlays/dev/kustomization.yaml | 52 ++++++--- kustomize/overlays/dev/placeholders.txt | 10 +- .../dev/{ => transformers}/placeholders.yaml | 0 .../dev/{ => transformers}/ssm-secrets.yaml | 0 setup-dev-cluster.sh | 12 +- 27 files changed, 280 insertions(+), 234 deletions(-) create mode 100644 kustomize/bases/drone/drone-server-ingress.yaml create mode 100644 kustomize/bases/gitea/gitea-ingress.yaml delete mode 100644 kustomize/bases/gitea/ingress.yaml rename kustomize/bases/kubernetes-dashboard/{kubernetes-dashboard-admin-user.yaml => dashboard-admin-user.yaml} (100%) create mode 100644 kustomize/bases/kubernetes-dashboard/dashboard-ingress.yaml delete mode 100644 kustomize/bases/kubernetes-dashboard/ingress.yaml delete mode 100644 kustomize/bases/kubernetes-dashboard/kubernetes-dashboard.yaml create mode 100644 kustomize/bases/traefik/kustomization.yaml create mode 100644 kustomize/bases/traefik/traefik-helmchartconfig.yaml create mode 100644 kustomize/namespaces/kubernetes-dashboard/kustomization.yaml delete mode 100644 kustomize/overlays/dev-auto-deploy/kustomization.yaml create mode 100644 kustomize/overlays/dev-cluster/kustomization.yaml rename kustomize/overlays/dev/{ => transformers}/placeholders.yaml (100%) rename kustomize/overlays/dev/{ => transformers}/ssm-secrets.yaml (100%) diff --git a/Makefile b/Makefile index 9d85239..c4dcd6c 100644 --- a/Makefile +++ b/Makefile @@ -4,58 +4,74 @@ KUSTOMIZEFLAGS = --enable_alpha_plugins KUBECTL = kubectl KUBECTLFLAGS = KUBECTLDIFFFLAGS = -KUBECTLAPPLYFLAGS = -l managed-by=kustomize --prune +KUBECTLAPPLYFLAGS = --prune SRC := $(shell find kustomize/ -type f) OUTDIR = build +DEVOUT = $(OUTDIR)/dev +DEVMANIFESTSRC = kustomize/overlays/dev +DEVMANIFESTOUT = $(DEVOUT)/manifest.yaml +DEVCLUSTERSRC = kustomize/overlays/dev-cluster +DEVCLUSTEROUT = $(DEVOUT)/cluster.yaml + +PRODOUT = $(OUTDIR)/prod +PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml +PRODMANIFESTSRC = kustomize/overlays/prod +PRODCLUSTERTOUT = $(PRODOUT)/cluster.yaml +PRODCLUSTERTSRC = kustomize/overlays/prod-cluster ifeq ($(environment),prod) environment = prod - # prod - KUSTOMIZEDIR = kustomize/overlays/prod - KUSTOMIZEOUT = $(OUTDIR)/$(environment)/manifest.yaml - - # auto-deploy - KUSTOMIZEDIRALL = kustomize/overlays/prod-auto-deploy - KUSTOMIZEOUTALL = $(OUTDIR)/$(environment)/auto-deploy.yaml + ENVOUTDIR = $(PRODOUT) + ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTERTOUT) else environment = dev - # dev - #KUBECTLFLAGS += --kubeconfig kubectl/kubeconfig.yaml - KUSTOMIZEDIR = kustomize/overlays/dev - KUSTOMIZEOUT = $(OUTDIR)/$(environment)/manifest.yaml - - # auto-deploy - KUSTOMIZEDIRALL = kustomize/overlays/dev-auto-deploy - KUSTOMIZEOUTALL = $(OUTDIR)/$(environment)/auto-deploy.yaml + ENVOUTDIR = $(DEVOUT) + ENVOUTFILE = $(DEVMANIFESTOUT) $(DEVCLUSTERTOUT) endif -.PHONY: all info auto-deploy clean diff apply +.PHONY: diff +diff: $(environment) + $(KUBECTL) $(KUBECTLFLAGS) diff $(KUBECTLDIFFFLAGS) -f $(ENVOUTDIR) | highlight --out-format xterm256 --syntax diff -all: info $(KUSTOMIZEOUTALL) $(KUSTOMIZEOUT) +.PHONY: apply +apply: $(environment) + $(KUBECTL) $(KUBECTLFLAGS) apply -l managed-by=kustomize-cluster -f $(ENVOUTDIR) + $(KUBECTL) $(KUBECTLFLAGS) apply -l managed-by=kustomize -f $(ENVOUTDIR) -info: - @echo "Building for" $(environment) - $(KUSTOMIZE) version +.PHONY: all dev prod +all: dev prod +dev: $(DEVMANIFESTOUT) $(DEVCLUSTEROUT) +prod: $(PRODMANIFESTOUT) $(PRODCLUSTEROUT) +$(DEVMANIFESTOUT): $(SRC) + mkdir -p $(DEVOUT) + $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVMANIFESTSRC) >$(DEVMANIFESTOUT) || (rm $(DEVMANIFESTOUT); exit 1) + +$(DEVCLUSTEROUT): $(SRC) + mkdir -p $(DEVOUT) + $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVCLUSTERSRC) >$(DEVCLUSTEROUT) || (rm $(DEVCLUSTEROUT); exit 1) + +$(PRODMANIFESTOUT): $(SRC) + mkdir -p $(PRODOUT) + $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(PRODMANIFESTSRC) >$(PRODMANIFESTOUT) || (rm $(PRODMANIFESTOUT); exit 1) + +$(PRODCLUSTEROUT): $(SRC) + mkdir -p $(PRODOUT) + $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(PRODCLUSTERSRC) >$(PRODCLUSTEROUT) || (rm $(PRODCLUSTEROUT); exit 1) + +.PHONY: clean clean: rm -r $(OUTDIR) -auto-deploy: $(KUSTOMIZEOUTALL) +# $(KUSTOMIZEOUTALL): $(SRC) +# @mkdir -p $(dir $(KUSTOMIZEOUTALL)) +# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIRALL) >$(KUSTOMIZEOUTALL) || (rm $(KUSTOMIZEOUTALL); exit 1) -$(KUSTOMIZEOUTALL): $(SRC) - @mkdir -p $(dir $(KUSTOMIZEOUTALL)) - $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIRALL) >$(KUSTOMIZEOUTALL) || (rm $(KUSTOMIZEOUTALL); exit 1) +# $(KUSTOMIZEOUT): $(SRC) +# @mkdir -p $(dir $(KUSTOMIZEOUT)) +# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIR) >$(KUSTOMIZEOUT) || (rm $(KUSTOMIZEOUT); exit 1) -$(KUSTOMIZEOUT): $(SRC) - @mkdir -p $(dir $(KUSTOMIZEOUT)) - $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(KUSTOMIZEDIR) >$(KUSTOMIZEOUT) || (rm $(KUSTOMIZEOUT); exit 1) - -diff: $(KUSTOMIZEOUT) - $(KUBECTL) $(KUBECTLFLAGS) diff $(KUBECTLDIFFFLAGS) -f $(KUSTOMIZEOUT) - -apply: $(KUSTOMIZEOUT) - $(KUBECTL) $(KUBECTLFLAGS) apply $(KUBECTLAPPLYFLAGS) -f $(KUSTOMIZEOUT) diff --git a/kustomize/bases/drone/drone-runner-deployment.yaml b/kustomize/bases/drone/drone-runner-deployment.yaml index a4793f1..98a15ce 100644 --- a/kustomize/bases/drone/drone-runner-deployment.yaml +++ b/kustomize/bases/drone/drone-runner-deployment.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: drone - image: drone/drone-runner-kube:1.0.0-beta.3 + image: drone/drone-runner-kube env: - name: DRONE_RPC_HOST value: drone.gitea.svc diff --git a/kustomize/bases/drone/drone-server-deployment.yaml b/kustomize/bases/drone/drone-server-deployment.yaml index da7f9c1..1563a4c 100644 --- a/kustomize/bases/drone/drone-server-deployment.yaml +++ b/kustomize/bases/drone/drone-server-deployment.yaml @@ -18,10 +18,12 @@ spec: spec: containers: - name: drone - image: drone/drone:1.7.0 + image: drone/drone env: - name: DRONE_SERVER_HOST value: ${DRONE_EXTERNAL_HOST} + - name: DRONE_SERVER_PROTO + value: https - name: DRONE_GITEA_SERVER value: https://${GITEA_EXTERNAL_HOST} - name: DRONE_GITEA_CLIENT_ID @@ -57,27 +59,4 @@ spec: - name: http protocol: TCP port: 80 - targetPort: http ---- -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: drone - labels: - app: drone - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - cert-manager.io/cluster-issuer: letsencrypt -spec: - tls: - - hosts: - - drone.127.0.0.1.nip.io - secretName: letsencrypt-cert - rules: - - host: drone.127.0.0.1.nip.io - http: - paths: - - path: / - backend: - serviceName: drone - servicePort: http \ No newline at end of file + targetPort: http \ No newline at end of file diff --git a/kustomize/bases/drone/drone-server-ingress.yaml b/kustomize/bases/drone/drone-server-ingress.yaml new file mode 100644 index 0000000..7845e67 --- /dev/null +++ b/kustomize/bases/drone/drone-server-ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: drone + labels: + app: drone + annotations: + # nginx.ingress.kubernetes.io/rewrite-target: / + # cert-manager.io/cluster-issuer: letsencrypt +spec: + # tls: + # - hosts: + # - ${GITEA_EXTERNAL_HOST} + # secretName: letsencrypt-cert + rules: + - host: ${DRONE_EXTERNAL_HOST} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: drone + port: + name: http diff --git a/kustomize/bases/drone/kustomization.yaml b/kustomize/bases/drone/kustomization.yaml index 2c6e96f..570f115 100644 --- a/kustomize/bases/drone/kustomization.yaml +++ b/kustomize/bases/drone/kustomization.yaml @@ -1,3 +1,15 @@ resources: + - drone-runner-deployment.yaml - drone-server-deployment.yaml - - drone-runner-deployment.yaml \ No newline at end of file + - drone-server-ingress.yaml + +secretGenerator: + - name: drone-secret + type: Opaque + literals: + - rpc_secret=changeme + - name: drone-gitea-oauth-secret + type: Opaque + literals: + - client_id=changeme + - client_secret=changeme \ No newline at end of file diff --git a/kustomize/bases/gitea/gitea-deployment.yaml b/kustomize/bases/gitea/gitea-deployment.yaml index aac77a2..b73566f 100644 --- a/kustomize/bases/gitea/gitea-deployment.yaml +++ b/kustomize/bases/gitea/gitea-deployment.yaml @@ -5,6 +5,7 @@ metadata: labels: app: gitea spec: + replicas: 1 # replica count must be set to 1 in database is sqlite selector: matchLabels: app: gitea @@ -15,10 +16,10 @@ spec: spec: containers: - name: gitea - image: gitea/gitea:1.11.4 + image: gitea/gitea env: - - name: INSTALL_LOCK - value: "yes" + # - name: INSTALL_LOCK + # value: "yes" - name: DISABLE_REGISTRATION value: "yes" - name: APP_NAME @@ -29,28 +30,28 @@ spec: value: https://${GITEA_EXTERNAL_HOST} - name: SSH_DOMAIN value: ${GITEA_EXTERNAL_HOST} - - name: DB_TYPE - value: postgres - - name: DB_HOST - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: host - - name: DB_NAME - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: database - - name: DB_USER - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: username - - name: DB_PASSWD - valueFrom: - secretKeyRef: - name: postgres-credentials-secret - key: password + # - name: DB_TYPE + # value: postgres + # - name: DB_HOST + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: host + # - name: DB_NAME + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: database + # - name: DB_USER + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: username + # - name: DB_PASSWD + # valueFrom: + # secretKeyRef: + # name: postgres-credentials-secret + # key: password ports: - name: http containerPort: 3000 @@ -63,22 +64,22 @@ spec: - name: gitea-data persistentVolumeClaim: claimName: gitea-data ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: gitea-data-nfs - labels: - app: gitea -spec: - accessModes: - - ReadWriteMany - capacity: - storage: 100Mi - nfs: - server: nfs-localhost - path: /gitea - mountOptions: ["vers=4"] +# --- +# apiVersion: v1 +# kind: PersistentVolume +# metadata: +# name: gitea-data-nfs +# labels: +# app: gitea +# spec: +# accessModes: +# - ReadWriteMany +# capacity: +# storage: 100Mi +# nfs: +# server: nfs-localhost +# path: /gitea +# mountOptions: ["vers=4"] --- apiVersion: v1 kind: PersistentVolumeClaim @@ -87,20 +88,20 @@ metadata: labels: app: gitea spec: - storageClassName: "" + # storageClassName: "" accessModes: - - ReadWriteMany + - ReadWriteOnce resources: requests: storage: 100Mi - selector: - matchLabels: - app: gitea + # selector: + # matchLabels: + # app: gitea --- apiVersion: v1 kind: Service metadata: - name: gitea-http + name: gitea labels: app: gitea spec: @@ -111,18 +112,7 @@ spec: protocol: TCP port: 80 targetPort: http ---- -apiVersion: v1 -kind: Service -metadata: - name: gitea-ssh - labels: - app: gitea -spec: - selector: - app: gitea - ports: - name: ssh protocol: TCP port: 22 - targetPort: ssh + targetPort: ssh \ No newline at end of file diff --git a/kustomize/bases/gitea/gitea-ingress.yaml b/kustomize/bases/gitea/gitea-ingress.yaml new file mode 100644 index 0000000..779b59a --- /dev/null +++ b/kustomize/bases/gitea/gitea-ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitea + labels: + app: gitea + annotations: + # nginx.ingress.kubernetes.io/rewrite-target: / + # cert-manager.io/cluster-issuer: letsencrypt +spec: + # tls: + # - hosts: + # - ${GITEA_EXTERNAL_HOST} + # secretName: letsencrypt-cert + rules: + - host: ${GITEA_EXTERNAL_HOST} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gitea + port: + name: http diff --git a/kustomize/bases/gitea/ingress.yaml b/kustomize/bases/gitea/ingress.yaml deleted file mode 100644 index 5c36b94..0000000 --- a/kustomize/bases/gitea/ingress.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: gitea - labels: - app: gitea - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - cert-manager.io/cluster-issuer: letsencrypt -spec: - tls: - - hosts: - - ${GITEA_EXTERNAL_HOST} - secretName: letsencrypt-cert - rules: - - host: ${GITEA_EXTERNAL_HOST} - http: - paths: - - path: / - backend: - serviceName: gitea-http - servicePort: http diff --git a/kustomize/bases/gitea/kustomization.yaml b/kustomize/bases/gitea/kustomization.yaml index 9da6395..1bfcc49 100644 --- a/kustomize/bases/gitea/kustomization.yaml +++ b/kustomize/bases/gitea/kustomization.yaml @@ -1,22 +1,13 @@ resources: - gitea-deployment.yaml - - ingress.yaml + - gitea-ingress.yaml -secretGenerator: - - name: postgres-credentials-secret - type: Opaque - behavior: create - literals: - - host=172.18.1.2:5432 - - database=gitea - - username=gitea - - password=changeme - - name: drone-secret - type: Opaque - literals: - - rpc_secret=changeme - - name: drone-gitea-oauth-secret - type: Opaque - literals: - - client_id=changeme - - client_secret=changeme +# secretGenerator: + # - name: postgres-credentials-secret + # type: Opaque + # behavior: create + # literals: + # - host=172.18.1.2:5432 + # - database=gitea + # - username=gitea + # - password=changeme diff --git a/kustomize/bases/kubernetes-dashboard/kubernetes-dashboard-admin-user.yaml b/kustomize/bases/kubernetes-dashboard/dashboard-admin-user.yaml similarity index 100% rename from kustomize/bases/kubernetes-dashboard/kubernetes-dashboard-admin-user.yaml rename to kustomize/bases/kubernetes-dashboard/dashboard-admin-user.yaml diff --git a/kustomize/bases/kubernetes-dashboard/dashboard-ingress.yaml b/kustomize/bases/kubernetes-dashboard/dashboard-ingress.yaml new file mode 100644 index 0000000..46ed7a3 --- /dev/null +++ b/kustomize/bases/kubernetes-dashboard/dashboard-ingress.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: kubernetes-dashboard + labels: + app: kubernetes-dashboard + annotations: + # nginx.ingress.kubernetes.io/rewrite-target: / + # nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + # ingress.kubernetes.io/protocol: https + # cert-manager.io/cluster-issuer: letsencrypt +spec: + # tls: + # - hosts: + # - ${GITEA_EXTERNAL_HOST} + # secretName: letsencrypt-cert + rules: + - host: ${KUBERNETES_DASHBOARD_EXTERNAL_HOST} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: kubernetes-dashboard + port: + number: 443 diff --git a/kustomize/bases/kubernetes-dashboard/ingress.yaml b/kustomize/bases/kubernetes-dashboard/ingress.yaml deleted file mode 100644 index 587545f..0000000 --- a/kustomize/bases/kubernetes-dashboard/ingress.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: kubernetes-dashboard - labels: - app: kubernetes-dashboard - annotations: - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" - cert-manager.io/cluster-issuer: letsencrypt -spec: - tls: - - hosts: - - ${KUBERNETES_DASHBOARD_EXTERNAL_HOST} - secretName: letsencrypt-cert - rules: - - host: ${KUBERNETES_DASHBOARD_EXTERNAL_HOST} - http: - paths: - - path: / - backend: - serviceName: kubernetes-dashboard - servicePort: 443 \ No newline at end of file diff --git a/kustomize/bases/kubernetes-dashboard/kubernetes-dashboard.yaml b/kustomize/bases/kubernetes-dashboard/kubernetes-dashboard.yaml deleted file mode 100644 index d7aff45..0000000 --- a/kustomize/bases/kubernetes-dashboard/kubernetes-dashboard.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: badjware/v1 -kind: RemoteResources -metadata: - name: kubernetes-dashboard -resources: - - url: https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml - sha256: d8b96dfa27da511d5116fc3583281dd1da709c3c6e07b033e4f3424bc2ab64c8 \ No newline at end of file diff --git a/kustomize/bases/kubernetes-dashboard/kustomization.yaml b/kustomize/bases/kubernetes-dashboard/kustomization.yaml index 1db9fd6..8cc63bf 100644 --- a/kustomize/bases/kubernetes-dashboard/kustomization.yaml +++ b/kustomize/bases/kubernetes-dashboard/kustomization.yaml @@ -1,8 +1,6 @@ resources: - - kubernetes-dashboard-admin-user.yaml - - ingress.yaml - -generators: - - kubernetes-dashboard.yaml + - https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml + - dashboard-admin-user.yaml + - dashboard-ingress.yaml namespace: kubernetes-dashboard diff --git a/kustomize/bases/traefik/kustomization.yaml b/kustomize/bases/traefik/kustomization.yaml new file mode 100644 index 0000000..787bb6a --- /dev/null +++ b/kustomize/bases/traefik/kustomization.yaml @@ -0,0 +1,2 @@ +resources: + - traefik-helmchartconfig.yaml diff --git a/kustomize/bases/traefik/traefik-helmchartconfig.yaml b/kustomize/bases/traefik/traefik-helmchartconfig.yaml new file mode 100644 index 0000000..0b004ec --- /dev/null +++ b/kustomize/bases/traefik/traefik-helmchartconfig.yaml @@ -0,0 +1,11 @@ +apiVersion: helm.cattle.io/v1 +kind: HelmChartConfig +metadata: + name: traefik +spec: + valuesContent: |- + additionalArguments: + - '--serversTransport.insecureSkipVerify=true' + ports: + web: + redirectTo: websecure \ No newline at end of file diff --git a/kustomize/namespaces/cert-manager/kustomization.yaml b/kustomize/namespaces/cert-manager/kustomization.yaml index 642906a..8042cfa 100644 --- a/kustomize/namespaces/cert-manager/kustomization.yaml +++ b/kustomize/namespaces/cert-manager/kustomization.yaml @@ -1,4 +1,4 @@ bases: - ../../bases/cert-manager -# namespace: cert-manager +namespace: cert-manager diff --git a/kustomize/namespaces/gitea/kustomization.yaml b/kustomize/namespaces/gitea/kustomization.yaml index 34eb892..4791ff2 100644 --- a/kustomize/namespaces/gitea/kustomization.yaml +++ b/kustomize/namespaces/gitea/kustomization.yaml @@ -1,5 +1,6 @@ bases: - ../../bases/gitea + - ../../bases/drone # - ../../base/postgres resources: diff --git a/kustomize/namespaces/kube-system/kustomization.yaml b/kustomize/namespaces/kube-system/kustomization.yaml index 580fcb3..da556c7 100644 --- a/kustomize/namespaces/kube-system/kustomization.yaml +++ b/kustomize/namespaces/kube-system/kustomization.yaml @@ -1,4 +1,5 @@ bases: - - ../../bases/ingress-nginx + - ../../bases/traefik + # - ../../bases/ingress-nginx namespace: kube-system diff --git a/kustomize/namespaces/kubernetes-dashboard/kustomization.yaml b/kustomize/namespaces/kubernetes-dashboard/kustomization.yaml new file mode 100644 index 0000000..0f16cfb --- /dev/null +++ b/kustomize/namespaces/kubernetes-dashboard/kustomization.yaml @@ -0,0 +1,4 @@ +bases: + - ../../bases/kubernetes-dashboard + +namespace: kubernetes-dashboard diff --git a/kustomize/overlays/dev-auto-deploy/kustomization.yaml b/kustomize/overlays/dev-auto-deploy/kustomization.yaml deleted file mode 100644 index 984db07..0000000 --- a/kustomize/overlays/dev-auto-deploy/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ -bases: - - ../../namespaces/kube-system - - ../../namespaces/cert-manager - -# allow "kubectl apply -l managed-by=auto-deploy --prune ..." -commonlabels: - managed-by: auto-deploy diff --git a/kustomize/overlays/dev-cluster/kustomization.yaml b/kustomize/overlays/dev-cluster/kustomization.yaml new file mode 100644 index 0000000..f499082 --- /dev/null +++ b/kustomize/overlays/dev-cluster/kustomization.yaml @@ -0,0 +1,7 @@ +bases: + - ../../namespaces/kube-system + # - ../../namespaces/cert-manager + +# allow "kubectl apply -l managed-by=cluster --prune ..." +commonlabels: + managed-by: kustomize-cluster diff --git a/kustomize/overlays/dev/kustomization.yaml b/kustomize/overlays/dev/kustomization.yaml index b4861f1..0753550 100644 --- a/kustomize/overlays/dev/kustomization.yaml +++ b/kustomize/overlays/dev/kustomization.yaml @@ -1,33 +1,49 @@ bases: + - ../../namespaces/kubernetes-dashboard - ../../namespaces/gitea # - ../../namespaces/grafana - - ../../namespaces/nextcloud + # - ../../namespaces/nextcloud + +# resources: +# - cert-manager/clusterissuer.yaml + +images: + - name: gitea/gitea + newtag: 1.15.0 + - name: drone/drone + newtag: 2.0.6 + - name: drone/drone-runner-kube + newtag: 1.0.0-beta.9 -resources: - - cert-manager/clusterissuer.yaml secretGenerator: - - name: digitalocean-api-key - type: Opaque - namespace: cert-manager - literals: - - access-token=${ssm:/prod/digitalocean/api_token} - -# - name: drone-gitea-oauth-secret +# - name: digitalocean-api-key # type: Opaque -# namespace: gitea -# behavior: replace +# namespace: cert-manager # literals: -# - client_id=749cde98-9b3b-4e19-8933-2937e12625f2 -# - client_secret=12wTErChjQQW3CGEzbDMiSxEt08i-abeB0pbRbXEKKg= +# - access-token=${ssm:/prod/digitalocean/api_token} + - name: drone-secret + type: Opaque + namespace: gitea + behavior: replace + literals: + - rpc_secret=9128146e66f104873df80dad3ef12cf0 + # https://docs.drone.io/server/provider/gitea/ + - name: drone-gitea-oauth-secret + type: Opaque + namespace: gitea + behavior: replace + literals: + - client_id=6c0c6878-baf1-4648-b0cf-69eeae69e692 + - client_secret=Q78VsgyfgTzKrvQEmokEMj84g7epKrlBpmDjcbhKXCIh # allow "kubectl apply -l managed-by=kustomize --prune ..." commonlabels: managed-by: kustomize transformers: - - placeholders.yaml - - ssm-secrets.yaml + - transformers/placeholders.yaml + - transformers/ssm-secrets.yaml -configurations: - - cert-manager/kustomizeconfig.yaml +# configurations: +# - cert-manager/kustomizeconfig.yaml diff --git a/kustomize/overlays/dev/placeholders.txt b/kustomize/overlays/dev/placeholders.txt index adc1c46..2cb8da5 100644 --- a/kustomize/overlays/dev/placeholders.txt +++ b/kustomize/overlays/dev/placeholders.txt @@ -1,5 +1,5 @@ -DRONE_EXTERNAL_HOST=drone.local.badjware.dev -GITEA_EXTERNAL_HOST=gitea.local.badjware.dev -GRAFANA_EXTERNAL_HOST=grafana.local.badjware.dev -KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.local.badjware.dev -NEXTCLOUD_EXTERNAL_HOST=nextcloud.local.badjware.dev +DRONE_EXTERNAL_HOST=drone.localhost +GITEA_EXTERNAL_HOST=gitea.localhost +GRAFANA_EXTERNAL_HOST=grafana.localhost +KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost +NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost diff --git a/kustomize/overlays/dev/placeholders.yaml b/kustomize/overlays/dev/transformers/placeholders.yaml similarity index 100% rename from kustomize/overlays/dev/placeholders.yaml rename to kustomize/overlays/dev/transformers/placeholders.yaml diff --git a/kustomize/overlays/dev/ssm-secrets.yaml b/kustomize/overlays/dev/transformers/ssm-secrets.yaml similarity index 100% rename from kustomize/overlays/dev/ssm-secrets.yaml rename to kustomize/overlays/dev/transformers/ssm-secrets.yaml diff --git a/setup-dev-cluster.sh b/setup-dev-cluster.sh index ec3692f..03102ed 100755 --- a/setup-dev-cluster.sh +++ b/setup-dev-cluster.sh @@ -4,8 +4,8 @@ cluster_name='local' k3s_registry_config="$HOME/.config/k3d/registries.yaml" # generate manifest to be deployed on boot -make auto-deploy -auto_deploy_manifest="$(dirname "$(readlink -f "$0")")/build/dev/auto-deploy.yaml" +# make cluster +# auto_deploy_manifest="$(dirname "$(readlink -f "$0")")/build/dev/cluster.yaml" # cluster registry configuration if [[ ! -f "$k3s_registry_cofing" ]]; then @@ -25,13 +25,12 @@ if ! k3d cluster list "$cluster_name" &>/dev/null; then k3d cluster create "$cluster_name" \ --servers 1 \ --agents 3 \ - --k3s-server-arg '--no-deploy=traefik' \ --volume "$k3s_registry_config:/etc/rancher/k3s/registries.yaml" \ -p 80:80@loadbalancer \ -p 443:443@loadbalancer sleep 10 fi - # --volume ":/var/lib/rancher/k3s/server/manifests/auto-deploy.yaml" \ + # --volume ":/var/lib/rancher/k3s/server/manifests/cluster.yaml" \ # local docker registry if ! docker ps -a | grep registry-localhost &>/dev/null; then @@ -82,6 +81,7 @@ if ! docker ps -a | grep nfs-localhost &>/dev/null; then sleep 10 fi -k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null -kubectl apply -f "$auto_deploy_manifest" +# k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null +# kubectl apply -f "$auto_deploy_manifest" +kubectl config use-context "k3d-$cluster_name" kubectl get nodes