From bece0ca7ec8ea7d64506dcd387edac035a908ed5 Mon Sep 17 00:00:00 2001 From: Edward Cheng Date: Thu, 18 Jul 2024 21:11:16 +1000 Subject: [PATCH] add infra app minio --- infrastructures/minio/base/kustomization.yaml | 8 +++ .../minio/env/k3s-cluster/config.json | 12 +++++ .../minio/env/k3s-cluster/ingress.yaml | 51 +++++++++++++++++++ .../minio/env/k3s-cluster/kustomization.yaml | 6 +++ .../minio/env/k3s-cluster/values.yaml | 18 +++++++ .../minio/env/k3s-cluster/volume.yaml | 46 +++++++++++++++++ .../env/k3s-cluster/templates/minio.yaml | 23 +++++++++ 7 files changed, 164 insertions(+) create mode 100644 infrastructures/minio/base/kustomization.yaml create mode 100644 infrastructures/minio/env/k3s-cluster/config.json create mode 100644 infrastructures/minio/env/k3s-cluster/ingress.yaml create mode 100644 infrastructures/minio/env/k3s-cluster/kustomization.yaml create mode 100644 infrastructures/minio/env/k3s-cluster/values.yaml create mode 100644 infrastructures/minio/env/k3s-cluster/volume.yaml create mode 100644 resources/app-secrets/env/k3s-cluster/templates/minio.yaml diff --git a/infrastructures/minio/base/kustomization.yaml b/infrastructures/minio/base/kustomization.yaml new file mode 100644 index 0000000..f7d5c56 --- /dev/null +++ b/infrastructures/minio/base/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +helmCharts: + - name: postgresql + repo: oci://registry-1.docker.io/bitnamicharts + version: 15.5.17 + releaseName: postgresql + valuesFile: values.yaml \ No newline at end of file diff --git a/infrastructures/minio/env/k3s-cluster/config.json b/infrastructures/minio/env/k3s-cluster/config.json new file mode 100644 index 0000000..d00826d --- /dev/null +++ b/infrastructures/minio/env/k3s-cluster/config.json @@ -0,0 +1,12 @@ +{ + "appName": "minio", + "userGivenName": "minio", + "namespace": "minio", + "destNamespace": "minio", + "destServer": "https://kubernetes.default.svc", + "srcPath": "infrastructures/minio/env/k3s-cluster", + "srcRepoURL": "https://github.com/3dwardch3ng/home-cluster-ops.git", + "srcTargetRevision": "", + "labels": null, + "annotations": null +} \ No newline at end of file diff --git a/infrastructures/minio/env/k3s-cluster/ingress.yaml b/infrastructures/minio/env/k3s-cluster/ingress.yaml new file mode 100644 index 0000000..b222bff --- /dev/null +++ b/infrastructures/minio/env/k3s-cluster/ingress.yaml @@ -0,0 +1,51 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: minio-ingress + namespace: minio + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/use-regex: "true" +spec: + ingressClassName: nginx + rules: + - host: "minio.cluster.edward.sydney" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: minio + port: + number: 19001 + - host: "api.minio.cluster.edward.sydney" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: minio + port: + number: 19000 + - host: "minio.cluster.local" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: minio + port: + number: 19001 + - host: "api.minio.cluster.local" + http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: minio + port: + number: 19000 \ No newline at end of file diff --git a/infrastructures/minio/env/k3s-cluster/kustomization.yaml b/infrastructures/minio/env/k3s-cluster/kustomization.yaml new file mode 100644 index 0000000..c351bd9 --- /dev/null +++ b/infrastructures/minio/env/k3s-cluster/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./volume.yaml + - ../../base + - ./ingress.yaml \ No newline at end of file diff --git a/infrastructures/minio/env/k3s-cluster/values.yaml b/infrastructures/minio/env/k3s-cluster/values.yaml new file mode 100644 index 0000000..fabf293 --- /dev/null +++ b/infrastructures/minio/env/k3s-cluster/values.yaml @@ -0,0 +1,18 @@ +clusterDomain: minio.cluster.edward.sydney +auth: + existingSecret: "minio-secrets" + rootUserSecretKey: "root_user" + rootPasswordSecretKey: "root_password" +nodeSelector: + kubernetes.io/hostname: k3s-cluster-node-2 +service: + ports: + api: 19000 + console: 19001 +persistence: + existingClaim: "minio-pvc" +containerSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 +podSecurityContext: + fsGroup: 1000 \ No newline at end of file diff --git a/infrastructures/minio/env/k3s-cluster/volume.yaml b/infrastructures/minio/env/k3s-cluster/volume.yaml new file mode 100644 index 0000000..9aa1dfc --- /dev/null +++ b/infrastructures/minio/env/k3s-cluster/volume.yaml @@ -0,0 +1,46 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: minio-pv + namespace: minio + labels: + type: local +spec: + storageClassName: local-path + volumeMode: Filesystem + capacity: + storage: 256Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + local: + path: "/mnt/nfs/AppData/minio" + claimRef: + apiVersion: v1 + kind: PersistentVolumeClaim + name: minio-pvc + namespace: minio + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - rpi5-cluster-node-2 +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: minio-pvc + namespace: minio + labels: + name: minio-pvc +spec: + storageClassName: local-path + volumeMode: Filesystem + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 256Gi \ No newline at end of file diff --git a/resources/app-secrets/env/k3s-cluster/templates/minio.yaml b/resources/app-secrets/env/k3s-cluster/templates/minio.yaml new file mode 100644 index 0000000..7d6b4a5 --- /dev/null +++ b/resources/app-secrets/env/k3s-cluster/templates/minio.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: "true" + creationTimestamp: null + name: minio-secrets + namespace: minio +spec: + encryptedData: + root_password: AgCrAHC60ikNh6lLAlwGMDDE6mZ4/UbNu1lN4pRULT2vkejzKY1vDy9FjWo1xcn6unFGTEZ6y8oyRM9bLcVY2J2YehGEu/ZZfIw6SMVtA92PfrcYsjbTypMfp3xXX6cPbw3LPe4U3fv1wbVugY3BIuiLTLtsrHtdlKouAe3mfzVHrFtWjnD2Rr7qFyUsK9PHgCgOEk2RoM4x7pVxkLM6jfpWS6h7OOhyBhd3s1Mhrw/JfQTxl39A4LdKBA6LFri3FtUH3840xDyYLqJZnkXzNgDGwuN40HrySh2kSaIHi7J/W/sAo2a/ZzIqErXGUpuWZMp3r1iPAiPJAxqZFvoAFQ1d8HTOw5sh6bTWEvQmPYAkEWWz/Zns6XNdq3fZoCf/mXO7ws55elu8OnUMECkBHT3dSI52gNXqRkbrf1rSPk6cEMRC3/l58rXxEKA/DYawKEPmVa6/CPAtvpPoM2/q1spobYozcqfVMcomyPZvPUSOsNpSNLyEmcYZYwOkTM86FM9qjhwU92hYAgnxCUcEeCZMrODoo6sxszoIupfaTOz2zQFJqT7IzqO4RuK6vBLhqnHVX20QpiVtw6iYzHX0CK/WDa9XVgyoGm6BJCLWBLzS1yPnAoHnCVt4kck1T6HTnjU1eK7pzF5CwZwps2wIVbTkxc7xkx+Dib16ulDZFS+5TUyDueqOGOG/MPpXpvIsTD8feoiTVR0Snq08L9MUUtDa0zyNSQ== + root_user: AgCcz8M0jgZbHXlgih8kK/ISB7Ipy1xd9Vzh+MPosiT/l7xx4CdBt8izTajxCvT6VEk6BeeHPNeqR0XGp84pzpY3QPVAiLlx11aiIS9Oj6x+BDEco2htUl4SBnFlYGIzYNE+3ByfHmjDD3InsUbS9S12nTTNr4gnWhucw8ERV/srGwqCKb6NBCNK/JFzJeadSReCIida4yepEFYr5D+7Eg4f2Wa+GQFDaKtCzPwxPusPc9BLEiL42Npo1Kfb5BrP/iJFsJM/+cwA4Z711KXfwjnLbVwntvrhoRSLbxz49GE1AfWZpFBwt7B4O6DYujKy06XeD4McfyPcHBJlN68DEiaK259b11MYZQ4Vkjr08ASiqqfld8Tls73i+S2B2e34gLKaQrzcBx8yMItAofzRecMYx9HJeTX5OIvC+U3Zy997JWgUQVk139/hDNbWpqgago/u7WStw1nlhCqn+BFGoCzSm+n79Zm1APtsozk8oSYcd5EBHkNBs7u7+jiEX0KrGvOyxA+MwtTb0rJZojzgPFLoQfg2Xv7uKvVV25/l4XdvJSiinhcOESbWyPYTXZ5fO53ubTEacpa7w5wpil9fKSw+u5Y1fKDmGYyA2wDWzRAqqRrTMXcgxHbJOoqb0vgHlHNDXzuBanxP+OkalKv/xKY9tH7TKsqq2uRYoZMcQ2mYS1XgY4i1uhzt1aLYWbouANioJsfRgg== + template: + metadata: + annotations: + argocd.argoproj.io/sync-options: Prune=false + sealedsecrets.bitnami.com/cluster-wide: "true" + sealedsecrets.bitnami.com/managed: "true" + creationTimestamp: null + name: minio-secrets + namespace: minio + type: Opaque