From 44cccb5f6b75c532aa6b097e2989d7581e78869e Mon Sep 17 00:00:00 2001 From: makefunstuff Date: Fri, 28 Jun 2024 13:30:53 +0300 Subject: proper refactoring --- README.md | 4 +++ helmfile.yaml | 4 --- kubernetes/letsencrypt.yaml | 14 ---------- projects/wardroby/Chart.yaml | 0 projects/wardroby/values.yaml | 0 scripts/create-secret | 24 +++++++++++++++++ scripts/deploy-argocd | 12 +++++++++ scripts/setup-apps | 0 shared-values/common_values.yaml | 3 --- third-party/grafana/helmfile.yaml | 10 ------- third-party/grafana/values.yaml | 36 -------------------------- third-party/nginx/helmfile.yaml | 10 ------- third-party/nginx/values.yaml | 18 ------------- third-party/prometheus/helmfile.yaml | 11 -------- third-party/prometheus/values.yaml | 8 ------ tools/argocd/Chart.yaml | 0 tools/argocd/templates/deployment.yaml | 31 ++++++++++++++++++++++ tools/argocd/templates/ingress.yaml | 28 ++++++++++++++++++++ tools/argocd/templates/service.yaml | 12 +++++++++ tools/argocd/values.yaml | 9 +++++++ tools/cert-manager/Chart.yaml | 9 +++++++ tools/cert-manager/templates/cluserissuer.yaml | 16 ++++++++++++ 22 files changed, 145 insertions(+), 114 deletions(-) delete mode 100644 helmfile.yaml delete mode 100644 kubernetes/letsencrypt.yaml create mode 100644 projects/wardroby/Chart.yaml create mode 100644 projects/wardroby/values.yaml create mode 100755 scripts/create-secret create mode 100755 scripts/deploy-argocd create mode 100644 scripts/setup-apps delete mode 100644 shared-values/common_values.yaml delete mode 100644 third-party/grafana/helmfile.yaml delete mode 100644 third-party/grafana/values.yaml delete mode 100644 third-party/nginx/helmfile.yaml delete mode 100644 third-party/nginx/values.yaml delete mode 100644 third-party/prometheus/helmfile.yaml delete mode 100644 third-party/prometheus/values.yaml create mode 100644 tools/argocd/Chart.yaml create mode 100644 tools/argocd/templates/deployment.yaml create mode 100644 tools/argocd/templates/ingress.yaml create mode 100644 tools/argocd/templates/service.yaml create mode 100644 tools/argocd/values.yaml create mode 100644 tools/cert-manager/Chart.yaml create mode 100644 tools/cert-manager/templates/cluserissuer.yaml diff --git a/README.md b/README.md index 2ebede4..3ea787f 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,7 @@ # K3s - lab helm Different experiments with home k3s clusterk + +- [ ] setup argocd +- [ ] create helm chart for grafana stack with otel elastic and prometheus +- [ ] create helm chart with poc nginx diff --git a/helmfile.yaml b/helmfile.yaml deleted file mode 100644 index fe8d7f3..0000000 --- a/helmfile.yaml +++ /dev/null @@ -1,4 +0,0 @@ -helmfiles: - - path: ./third-party/prometheus/helmfile.yaml - - path: ./third-party/grafana/helmfile.yaml - - path: ./third-party/nginx/helmfile.yaml diff --git a/kubernetes/letsencrypt.yaml b/kubernetes/letsencrypt.yaml deleted file mode 100644 index 8e018db..0000000 --- a/kubernetes/letsencrypt.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: letsencrypt-prod -spec: - acme: - server: https://acme-v02.api.letsencrypt.org/directory - email: plugatariov@gmail.com - privateKeySecretRef: - name: letsencrypt-prod - solvers: - - http01: - ingress: - class: traefik diff --git a/projects/wardroby/Chart.yaml b/projects/wardroby/Chart.yaml new file mode 100644 index 0000000..e69de29 diff --git a/projects/wardroby/values.yaml b/projects/wardroby/values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/scripts/create-secret b/scripts/create-secret new file mode 100755 index 0000000..d9aa929 --- /dev/null +++ b/scripts/create-secret @@ -0,0 +1,24 @@ +#!/bin/bash + +set -e + +function createSecret() { + local secretName=$1 + local secretKey=$2 + local secretValue=$3 + + kubectl create secret generic $secretName --from-literal=$secretKey=$secretValue +} + +function help() { + echo "Usage: create-secret " +} + +case "$#" in + 3) + createSecret $1 $2 $3 + ;; + *) + help + ;; +esac diff --git a/scripts/deploy-argocd b/scripts/deploy-argocd new file mode 100755 index 0000000..2fdec58 --- /dev/null +++ b/scripts/deploy-argocd @@ -0,0 +1,12 @@ +#!/bin/bash + +set -e + + +if kubectl get namespace argocd; then + echo "Namespace 'argocd' alreay exists. Doing nothing" +else + echo "Creating argocd namespace" + kubectl create namespace argocd +fi + diff --git a/scripts/setup-apps b/scripts/setup-apps new file mode 100644 index 0000000..e69de29 diff --git a/shared-values/common_values.yaml b/shared-values/common_values.yaml deleted file mode 100644 index 0fd34c4..0000000 --- a/shared-values/common_values.yaml +++ /dev/null @@ -1,3 +0,0 @@ -global: - logLevel: INFO - storageClass: "standard" diff --git a/third-party/grafana/helmfile.yaml b/third-party/grafana/helmfile.yaml deleted file mode 100644 index 3c98528..0000000 --- a/third-party/grafana/helmfile.yaml +++ /dev/null @@ -1,10 +0,0 @@ -repositories: - - name: grafana - url: https://grafana.github.io/helm-charts - -releases: - - name: grafana - namespace: monitoring - chart: grafana/grafana - values: - - ./values.yaml diff --git a/third-party/grafana/values.yaml b/third-party/grafana/values.yaml deleted file mode 100644 index 7c8815b..0000000 --- a/third-party/grafana/values.yaml +++ /dev/null @@ -1,36 +0,0 @@ -adminUser: admin -adminPassword: secret -persistence: - enabled: true - size: 5Gi -datasources: - datasources.yaml: - apiVersion: 1 - datasources: - - name: Prometheus - type: prometheus - url: http://prometheus-server - access: proxy - isDefault: true -service: - type: ClusterIP - port: 80 -ingress: - enabled: true - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/redirect-entry-point: https - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.tls.certresolver: default - traefik.ingress.kubernetes.io/router.tls.domains.0.main: topkek.cloud - traefik.ingress.kubernetes.io/router.tls.domains.0.sans: grafana.topkek.cloud - labels: {} - hosts: - - grafana.topkek.cloud - path: / - pathType: Prefix - tls: - - hosts: - - grafana.topkek.cloud - secretName: grafana-topkek-cloud-tls diff --git a/third-party/nginx/helmfile.yaml b/third-party/nginx/helmfile.yaml deleted file mode 100644 index a33c107..0000000 --- a/third-party/nginx/helmfile.yaml +++ /dev/null @@ -1,10 +0,0 @@ -repositories: - - name: bitnami - url: https://charts.bitnami.com/bitnami - -releases: - - name: nginx - namespace: default - chart: bitnami/nginx - values: - - ./values.yaml diff --git a/third-party/nginx/values.yaml b/third-party/nginx/values.yaml deleted file mode 100644 index d8f23ae..0000000 --- a/third-party/nginx/values.yaml +++ /dev/null @@ -1,18 +0,0 @@ -service: - type: ClusterIP - port: 80 -ingress: - enabled: true - hostname: k3s.topkek.cloud # Replace with your actual domain - annotations: - traefik.ingress.kubernetes.io/router.entrypoints: websecure - traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.tls.certresolver: "default" - cert-manager.io/cluster-issuer: letsencrypt-prod - traefik.ingress.kubernetes.io/redirect-entry-point: https - traefik.ingress.kubernetes.io/router.tls.domains.0.main: topkek.cloud - traefik.ingress.kubernetes.io/router.tls.domains.0.sans: k3s.topkek.cloud - tls: - - hosts: - - k3s.topkek.cloud - secretName: k3-topkek-cloud-tls diff --git a/third-party/prometheus/helmfile.yaml b/third-party/prometheus/helmfile.yaml deleted file mode 100644 index 3b3fae3..0000000 --- a/third-party/prometheus/helmfile.yaml +++ /dev/null @@ -1,11 +0,0 @@ -repositories: - - name: prometheus-community - url: https://prometheus-community.github.io/helm-charts - -releases: - - name: prometheus - namespace: monitoring - chart: prometheus-community/prometheus - version: 14.11.1 - values: - - ./values.yaml diff --git a/third-party/prometheus/values.yaml b/third-party/prometheus/values.yaml deleted file mode 100644 index 3da4c7e..0000000 --- a/third-party/prometheus/values.yaml +++ /dev/null @@ -1,8 +0,0 @@ -server: - persistentVolume: - enabled: true - size: 10Gi -alertmanager: - persistentVolume: - enabled: true - size: 2Gi diff --git a/tools/argocd/Chart.yaml b/tools/argocd/Chart.yaml new file mode 100644 index 0000000..e69de29 diff --git a/tools/argocd/templates/deployment.yaml b/tools/argocd/templates/deployment.yaml new file mode 100644 index 0000000..b2fa31e --- /dev/null +++ b/tools/argocd/templates/deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: argocd +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: argocd-server + namespace: argocd +spec: + replicas: { { .Values.replicas "1" } } + selector: + matchLabels: + app: argocd-server + template: + metadata: + labels: + app: argocd-server + spec: + containers: + - name: argocd-server + image: argoproj/argocd:latest + ports: + - containerPort: 8080 + env: + - name: ARGOCD_SERVER_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: argocd-server + key: admin.password diff --git a/tools/argocd/templates/ingress.yaml b/tools/argocd/templates/ingress.yaml new file mode 100644 index 0000000..5793540 --- /dev/null +++ b/tools/argocd/templates/ingress.yaml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: argocd-ingress + namespace: { { .Values.namespace } } + annotations: + kubernetes.io/ingress.class: + { { .Values.ingress.annotations."kubernetes.io/ingress.class" } } + cert-manager.io/cluster-issuer: letsencrypt-prod + traefik.ingress.kubernetes.io/redirect-entry-point: https + traefik.ingress.kubernetes.io/ssl-redirect: "true" + traefik.ingress.kubernetes.io/tls-acme: "true" +spec: + rules: + - host: { { .Values.ingress.hostname } } + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: argocd-server + port: + number: 80 + tls: + - hosts: + - { { .Values.ingress.hostname } } + secretName: { { .Values.ingress.tls.secretName } } diff --git a/tools/argocd/templates/service.yaml b/tools/argocd/templates/service.yaml new file mode 100644 index 0000000..9a6afdf --- /dev/null +++ b/tools/argocd/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: argocd-server + namespace: argocd +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8080 + selector: + app: argocd-server diff --git a/tools/argocd/values.yaml b/tools/argocd/values.yaml new file mode 100644 index 0000000..01c169c --- /dev/null +++ b/tools/argocd/values.yaml @@ -0,0 +1,9 @@ +namespace: argocd +ingress: + enabled: true + hostname: argocd.topkek.cloud + annotations: + kubernetes.io/ingress.class: "traefik" + tls: + enabled: true + secretName: argocd-tls diff --git a/tools/cert-manager/Chart.yaml b/tools/cert-manager/Chart.yaml new file mode 100644 index 0000000..9dd7d68 --- /dev/null +++ b/tools/cert-manager/Chart.yaml @@ -0,0 +1,9 @@ +apiVersion: v2 +name: cert-manager +description: A Helm chart for Cert-Manager +version: 0.1.0 +appVersion: v1.8.0 +dependencies: + - name: cert-manager + version: v1.8.0 + repository: https://charts.jetstack.io diff --git a/tools/cert-manager/templates/cluserissuer.yaml b/tools/cert-manager/templates/cluserissuer.yaml new file mode 100644 index 0000000..f3ecf79 --- /dev/null +++ b/tools/cert-manager/templates/cluserissuer.yaml @@ -0,0 +1,16 @@ +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + emailSecretRef: + name: letsencrypt-email-secret + key: email + privateKeySecretRef: + name: letsencrypt-prod + solvers: + - http01: + ingress: + class: traefik -- cgit 1.4.1-2-gfad0