1
0
Fork 0

Compare commits

..

No commits in common. "d1fa3747c2a607a5c7e904aefa4fa2e2441eef3e" and "c2c5aff42f4bc9020b4b53e4ece6d5022cf465e4" have entirely different histories.

12 changed files with 245 additions and 31 deletions

3
.gitmodules vendored
View File

@ -1,3 +0,0 @@
[submodule "plugins"]
path = plugins
url = https://github.com/badjware/kustomize-plugins

View File

@ -1,5 +1,5 @@
KUSTOMIZE = KUSTOMIZE_PLUGIN_HOME=$(PWD)/plugins kustomize KUSTOMIZE = docker run -v $(HOME)/.aws:/root/.aws:ro -v $(PWD):/host -w /host badjware/kustomize-plugins:latest
KUSTOMIZEFLAGS = --enable-alpha-plugins KUSTOMIZEFLAGS = --enable_alpha_plugins
KUBECTL = kubectl KUBECTL = kubectl
KUBECTLFLAGS = KUBECTLFLAGS =
@ -9,11 +9,11 @@ KUBECTLAPPLYFLAGS = --prune
SRC := $(shell find kustomize/ -type f) SRC := $(shell find kustomize/ -type f)
OUTDIR = build OUTDIR = build
# DEVOUT = $(OUTDIR)/dev DEVOUT = $(OUTDIR)/dev
# DEVMANIFESTSRC = kustomize/overlays/dev DEVMANIFESTSRC = kustomize/overlays/dev
# DEVMANIFESTOUT = $(DEVOUT)/manifest.yaml DEVMANIFESTOUT = $(DEVOUT)/manifest.yaml
# DEVCLUSTERSRC = kustomize/overlays/dev-cluster DEVCLUSTERSRC = kustomize/overlays/dev-cluster
# DEVCLUSTEROUT = $(DEVOUT)/cluster.yaml DEVCLUSTEROUT = $(DEVOUT)/cluster.yaml
PRODOUT = $(OUTDIR)/prod PRODOUT = $(OUTDIR)/prod
PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml PRODMANIFESTOUT = $(PRODOUT)/manifest.yaml
@ -21,21 +21,17 @@ PRODMANIFESTSRC = kustomize/overlays/prod
PRODCLUSTEROUT = $(PRODOUT)/cluster.yaml PRODCLUSTEROUT = $(PRODOUT)/cluster.yaml
PRODCLUSTERSRC = kustomize/overlays/prod-cluster PRODCLUSTERSRC = kustomize/overlays/prod-cluster
# ifeq ($(environment),prod) ifeq ($(environment),prod)
# environment = prod environment = prod
# ENVOUTDIR = $(PRODOUT) ENVOUTDIR = $(PRODOUT)
# ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT) ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT)
# else else
# environment = dev environment = dev
# ENVOUTDIR = $(DEVOUT) ENVOUTDIR = $(DEVOUT)
# ENVOUTFILE = $(DEVMANIFESTOUT) $(DEVCLUSTERTOUT) ENVOUTFILE = $(DEVMANIFESTOUT) $(DEVCLUSTERTOUT)
# endif endif
environment=prod
ENVOUTDIR = $(PRODOUT)
ENVOUTFILE = $(PRODMANIFESTOUT) $(PRODCLUSTEROUT)
.PHONY: diff .PHONY: diff
diff: $(environment) diff: $(environment)
@ -48,16 +44,16 @@ apply: $(environment)
.PHONY: all dev prod .PHONY: all dev prod
all: dev prod all: dev prod
# dev: $(DEVMANIFESTOUT) $(DEVCLUSTEROUT) dev: $(DEVMANIFESTOUT) $(DEVCLUSTEROUT)
prod: $(PRODMANIFESTOUT) $(PRODCLUSTEROUT) prod: $(PRODMANIFESTOUT) $(PRODCLUSTEROUT)
# $(DEVMANIFESTOUT): $(SRC) $(DEVMANIFESTOUT): $(SRC)
# mkdir -p $(DEVOUT) mkdir -p $(DEVOUT)
# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVMANIFESTSRC) >$(DEVMANIFESTOUT) || (rm $(DEVMANIFESTOUT); exit 1) $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVMANIFESTSRC) >$(DEVMANIFESTOUT) || (rm $(DEVMANIFESTOUT); exit 1)
# $(DEVCLUSTEROUT): $(SRC) $(DEVCLUSTEROUT): $(SRC)
# mkdir -p $(DEVOUT) mkdir -p $(DEVOUT)
# $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVCLUSTERSRC) >$(DEVCLUSTEROUT) || (rm $(DEVCLUSTEROUT); exit 1) $(KUSTOMIZE) build $(KUSTOMIZEFLAGS) $(DEVCLUSTERSRC) >$(DEVCLUSTEROUT) || (rm $(DEVCLUSTEROUT); exit 1)
$(PRODMANIFESTOUT): $(SRC) $(PRODMANIFESTOUT): $(SRC)
mkdir -p $(PRODOUT) mkdir -p $(PRODOUT)

6
clean-dev-cluster.sh Executable file
View File

@ -0,0 +1,6 @@
#!/bin/bash -e
k3d cluster delete local
docker rm -f registry-localhost
docker rm -f postgres-localhost
docker rm -f nfs-localhost

50
docker-compose.yml Normal file
View File

@ -0,0 +1,50 @@
version: '3'
services:
# startup:
# image: bash:5
# command: -xe /host/startup.sh
# volumes:
# - manifests:/manifests
# - .:/host:ro
server:
image: rancher/k3s
restart: always
command: server --disable traefik --disable local-storage --kubelet-arg authentication-token-webhook --kubelet-arg authorization-mode=Webhook
tmpfs:
- /run
- /var/run
privileged: true
environment:
- K3S_CLUSTER_SECRET=${K3S_CLUSTER_SECRET:-replaceme}
- K3S_KUBECONFIG_OUTPUT=/host/kubectl/kubeconfig.yaml
- K3S_KUBECONFIG_MODE=666
volumes:
- k3s_data:/var/lib/rancher/k3s
- nfs_data:/srv/nfs
- manifests:/var/lib/rancher/k3s/server/manifests/manifests:ro
- .:/host
ports:
- 80:80
- 443:443
- 6443:6443
agent:
image: rancher/k3s
restart: always
command: agent --kubelet-arg authentication-token-webhook --kubelet-arg authorization-mode=Webhook
tmpfs:
- /run
- /var/run
privileged: true
environment:
- K3S_URL=https://server:6443
- K3S_CLUSTER_SECRET=${K3S_CLUSTER_SECRET:-replaceme}
volumes:
- nfs_data:/srv/nfs
volumes:
k3s_data:
nfs_data:
manifests:
driver_opts:
type: tmpfs
device: tmpfs

View File

@ -0,0 +1,10 @@
bases:
- ../../namespaces/kube-system
- ../../namespaces/operators
# allow "kubectl apply -l managed-by=cluster --prune ..."
commonLabels:
managed-by: kustomize-cluster
transformers:
- transformers/placeholders.yaml

View File

@ -0,0 +1 @@
TRAEFIK_EXTERNAL_HOST=traefik.localhost

View File

@ -0,0 +1,5 @@
apiVersion: badjware/v1
kind: PlaceholderTransformer
metadata:
name: placeholders
placeholdersFile: placeholders.txt

View File

@ -0,0 +1,60 @@
bases:
- ../../namespaces/kubernetes-dashboard
- ../../namespaces/gitea
- ../../namespaces/grafana
- ../../namespaces/monitoring
- ../../namespaces/nextcloud
images:
- name: gitea/gitea
newTag: 1.15.0
- name: grafana/grafana
newTag: 8.1.3
- name: prom/node-exporter
newTag: v0.18.1
- name: prom/blackbox-exporter
newName: badjware/blackbox-exporter-tweak
newTag: 0.19.0-1
- name: drone/drone
newTag: 2.0.6
- name: drone/drone-runner-kube
newTag: 1.0.0-beta.9
- name: nextcloud
newName: badjware/nextcloud-tweak
newTag: 22.1.0-2
- name: postgres
newTag: 9.6.23
- name: redis
newTag: 6.2.5
secretGenerator:
- name: drone-secret
type: Opaque
namespace: gitea
behavior: replace
literals:
- rpc_secret=9128146e66f104873df80dad3ef12cf0
- database_secret=a5dbfbc0577505041759fcf6f87598bf
# https://docs.drone.io/server/provider/gitea/
- name: drone-gitea-oauth-secret
type: Opaque
namespace: gitea
behavior: replace
literals:
- client_id=6c0c6878-baf1-4648-b0cf-69eeae69e692
- client_secret=Q78VsgyfgTzKrvQEmokEMj84g7epKrlBpmDjcbhKXCIh
- name: postgres-credentials
type: Opaque
namespace: nextcloud
behavior: replace
literals:
- database=nextcloud
- username=nextcloud
- password=nextcloud
# allow "kubectl apply -l managed-by=kustomize --prune ..."
commonLabels:
managed-by: kustomize
transformers:
- transformers/placeholders.yaml

View File

@ -0,0 +1,7 @@
GITEA_EXTERNAL_HOST=gitea.localhost
DRONE_EXTERNAL_HOST=drone.localhost
NEXTCLOUD_EXTERNAL_HOST=nextcloud.localhost
GRAFANA_EXTERNAL_HOST=grafana.localhost
KUBERNETES_DASHBOARD_EXTERNAL_HOST=kubernetes-dashboard.localhost
PROMETHEUS_EXTERNAL_HOST=prometheus.localhost

View File

@ -0,0 +1,5 @@
apiVersion: badjware/v1
kind: PlaceholderTransformer
metadata:
name: placeholders
placeholdersFile: placeholders.txt

@ -1 +0,0 @@
Subproject commit 323a2f9a62df1215b3bb4d60a0ebdd1a0bc15c0f

78
setup-dev-cluster.sh Executable file
View File

@ -0,0 +1,78 @@
#!/bin/bash -ex
cluster_name='local'
k3s_registry_config="$HOME/.config/k3d/registries.yaml"
# generate manifest to be deployed on boot
# make cluster
# auto_deploy_manifest="$(dirname "$(readlink -f "$0")")/build/dev/cluster.yaml"
# cluster registry configuration
if [[ ! -f "$k3s_registry_cofing" ]]; then
mkdir -p "$(dirname "$k3s_registry_config")"
cat >"$k3s_registry_config" <<EOF
mirrors:
"registry-localhost:5000":
endpoint:
- http://registry-localhost:5000
EOF
else
echo '~/.config/k3d/registries.yaml already exists, skipping generation'
fi
# local k3s cluster
if ! k3d cluster list "$cluster_name" &>/dev/null; then
k3d cluster create "$cluster_name" \
--servers 1 \
--agents 3 \
--volume "$k3s_registry_config:/etc/rancher/k3s/registries.yaml" \
-p 80:80@loadbalancer \
-p 443:443@loadbalancer
sleep 10
fi
# --volume ":/var/lib/rancher/k3s/server/manifests/cluster.yaml" \
# local docker registry
if ! docker ps -a | grep registry-localhost &>/dev/null; then
docker volume create local_registry
docker run -d \
--name registry-localhost \
--net "k3d-$cluster_name" \
--volume local_registry:/var/lib/registry \
--restart always \
-p 5000:5000 \
registry:2
fi
# local nfs server
# if ! docker ps -a | grep nfs-localhost &>/dev/null; then
# docker volume create local_nfs
# docker run -d \
# --name nfs-localhost \
# --net "k3d-$cluster_name" \
# --ip 172.31.0.10 \
# --volume "$PWD/.nfs/nextcould:/data/nextcloud" \
# --volume /lib/modules:/lib/modules:ro \
# --restart always \
# --cap-add SYS_ADMIN \
# --cap-add SYS_MODULE \
# --env NFS_EXPORT_0='/data *(rw,sync,insecure,no_subtree_check,no_root_squash,fsid=0)' \
# --env NFS_LOG_LEVEL=DEBUG \
# -p 2049:2049 \
# erichough/nfs-server:2.2.1
# sleep 10
# fi
# sudo modprobe netfs
# sudo modprobe fscache
# sudo modprobe sunrpc
# sudo modprobe grace
# sudo modprobe lockd
# sudo modprobe nfs
# sudo modprobe nfs_acl
# sudo modprobe auth_rpcgss
# sudo modprobe nfsd
# k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null
# kubectl apply -f "$auto_deploy_manifest"
kubectl config use-context "k3d-$cluster_name"
kubectl get nodes