diff --git a/kubernetes/infrastructure/kustomization.yaml b/kubernetes/infrastructure/kustomization.yaml index ba4f3c5..81041a5 100644 --- a/kubernetes/infrastructure/kustomization.yaml +++ b/kubernetes/infrastructure/kustomization.yaml @@ -9,6 +9,7 @@ resources: - ./ingress-nginx/ingress-nginx-config.yaml - ./local-path-provisioner/local-path-provisioner.yaml - ./minio/minio.yaml + - ./mongodb/mongodb.yaml - ./namespaces/namespaces.yaml - ./postgresql/postgresql.yaml - ./prometheus/prometheus.yaml diff --git a/kubernetes/infrastructure/mongodb/app/release.yaml b/kubernetes/infrastructure/mongodb/app/release.yaml new file mode 100644 index 0000000..f471dc3 --- /dev/null +++ b/kubernetes/infrastructure/mongodb/app/release.yaml @@ -0,0 +1,66 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: mongodb + namespace: mongodb +spec: + releaseName: mongodb + chart: + spec: + chart: mongodb + sourceRef: + kind: HelmRepository + name: bitnami + namespace: flux-system + interval: 1h + install: + remediation: + retries: 3 + values: + architecture: replicaset + auth: + rootPassword: ${root_password} + usernames: + - edward + - anysync + passwords: + - ${edward_password} + - ${anysync_password} + databases: + - edward + - anysync + replicaCount: 2 + containerSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + startupProbe: + enabled: true + externalAccess: + enabled: true + service: + type: LoadBalancer + autoDiscovery: + enabled: true + persistence: + existingClaim: "mongodb-pvc" + backup: + enabled: true + cronjob: + schedule: "@daily" + containerSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + storage: + existingClaim: "mongodb-backup-pvc" + serviceAccount: + create: true + name: mongodb + automountServiceAccountToken: true + rbac: + create: true + + + + + + diff --git a/kubernetes/infrastructure/mongodb/app/volume.yaml b/kubernetes/infrastructure/mongodb/app/volume.yaml new file mode 100644 index 0000000..cebd8a8 --- /dev/null +++ b/kubernetes/infrastructure/mongodb/app/volume.yaml @@ -0,0 +1,93 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: mongodb-pv + namespace: mongodb + labels: + type: local +spec: + storageClassName: local-path + volumeMode: Filesystem + capacity: + storage: 32Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + local: + path: "/mnt/nfs/AppData/mongodb" + claimRef: + apiVersion: v1 + kind: PersistentVolumeClaim + name: mongodb-pvc + namespace: postgresql + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - rpi5-cluster-node-1 +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongodb-pvc + namespace: mongodb + labels: + name: mongodb-pvc +spec: + storageClassName: local-path + volumeMode: Filesystem + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 32Gi +--- +apiVersion: v1 +kind: PersistentVolume +metadata: + name: mongodb-backup-pv + namespace: mongodb + labels: + type: local +spec: + storageClassName: local-path + volumeMode: Filesystem + capacity: + storage: 8Gi + accessModes: + - ReadWriteOnce + persistentVolumeReclaimPolicy: Retain + local: + path: "/mnt/nfs/AppData/mongodb/backup" + claimRef: + apiVersion: v1 + kind: PersistentVolumeClaim + name: mongodb-backup-pvc + namespace: postgresql + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/hostname + operator: In + values: + - rpi5-cluster-node-1 +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mongodb-backup-pvc + namespace: mongodb + labels: + name: mongodb-backup-pvc +spec: + storageClassName: local-path + volumeMode: Filesystem + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi diff --git a/kubernetes/infrastructure/mongodb/mongodb.yaml b/kubernetes/infrastructure/mongodb/mongodb.yaml new file mode 100644 index 0000000..748bd89 --- /dev/null +++ b/kubernetes/infrastructure/mongodb/mongodb.yaml @@ -0,0 +1,52 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: mongodb-secrets + namespace: flux-system +spec: + interval: 10m + timeout: 1m30s + retryInterval: 30s + targetNamespace: mongodb + path: ./mongodb + prune: true + sourceRef: + kind: GitRepository + namespace: flux-system + name: home-cluster-ops-secrets + dependsOn: + - name: namespaces + namespace: flux-system + - name: repositories + namespace: flux-system + decryption: + provider: sops + secretRef: + name: sops-age +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: mongodb + namespace: mongodb +spec: + interval: 10m + timeout: 1m30s + retryInterval: 30s + path: ./kubernetes/infrastructure/mongodb/app + prune: true + sourceRef: + kind: GitRepository + namespace: flux-system + name: flux-system + dependsOn: + - name: mongodb-secrets + namespace: flux-system + - name: namespaces + namespace: flux-system + - name: local-path-provisioner + namespace: local-path-storage + postBuild: + substituteFrom: + - kind: Secret + name: mongodb-secrets diff --git a/kubernetes/infrastructure/namespaces/namespaces/mongodb.yaml b/kubernetes/infrastructure/namespaces/namespaces/mongodb.yaml new file mode 100644 index 0000000..4f58005 --- /dev/null +++ b/kubernetes/infrastructure/namespaces/namespaces/mongodb.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: mongodb