updates
This commit is contained in:
mike
parent
ee8ffeaf11
commit
724d415fc8
4 changed files with 328 additions and 1 deletions
131
k0sctl.yaml
131
k0sctl.yaml
|
|
@ -11,24 +11,76 @@ spec:
|
|||
port: 22
|
||||
keyPath: ~/.ssh/id_ed25519
|
||||
role: controller
|
||||
installFlags:
|
||||
- --enable-metrics-scraper
|
||||
files:
|
||||
- name: prometheus-config
|
||||
src: manifests/prometheues-service-monitor.yaml
|
||||
dstDir: /var/lib/k0s/manifests/prometheus/
|
||||
perm: 0644
|
||||
- name: selinux-stuff
|
||||
src: selinux.conf
|
||||
dstDir: /etc/containerd.d/selinux-containers.conf
|
||||
perm: 0644
|
||||
- name: seaweedfs-crds
|
||||
src:
|
||||
- ssh:
|
||||
address: k2.lab.smig.tech
|
||||
user: smig
|
||||
port: 22
|
||||
keyPath: ~/.ssh/id_ed25519
|
||||
role: worker
|
||||
files:
|
||||
- name: selinux-script
|
||||
src: selinux-script
|
||||
dstDir: /home/smig/selinux-script.sh
|
||||
perm: 0700
|
||||
user: smig
|
||||
group: smig
|
||||
hooks:
|
||||
apply:
|
||||
after:
|
||||
- date > k0s-selinux.log
|
||||
- echo "Starting SELinux Script" >> k0s-selinux.log
|
||||
- bash /home/smig/script.sh &>> k0s-selinux.log
|
||||
- ssh:
|
||||
address: k3.lab.smig.tech
|
||||
user: smig
|
||||
port: 22
|
||||
keyPath: ~/.ssh/id_ed25519
|
||||
role: worker
|
||||
files:
|
||||
- name: selinux-script
|
||||
src: selinux-script
|
||||
dstDir: /home/smig/selinux-script.sh
|
||||
perm: 0700
|
||||
user: smig
|
||||
group: smig
|
||||
hooks:
|
||||
apply:
|
||||
after:
|
||||
- date > k0s-selinux.log
|
||||
- echo "Starting SELinux Script" >> k0s-selinux.log
|
||||
- bash /home/smig/script.sh &>> k0s-selinux.log
|
||||
- ssh:
|
||||
address: k4.lab.smig.tech
|
||||
user: smig
|
||||
port: 22
|
||||
keyPath: ~/.ssh/id_ed25519
|
||||
role: worker
|
||||
files:
|
||||
- name: selinux-script
|
||||
src: selinux-script
|
||||
dstDir: /home/smig/selinux-script.sh
|
||||
perm: 0700
|
||||
user: smig
|
||||
group: smig
|
||||
hooks:
|
||||
apply:
|
||||
after:
|
||||
- date > k0s-selinux.log
|
||||
- echo "Starting SELinux Script" >> k0s-selinux.log
|
||||
- bash /home/smig/script.sh &>> k0s-selinux.log
|
||||
k0s:
|
||||
config:
|
||||
apiVersion: k0s.k0sproject.io/v1beta1
|
||||
|
|
@ -70,29 +122,104 @@ spec:
|
|||
extensions:
|
||||
helm:
|
||||
repositories:
|
||||
- name: prometheus
|
||||
url: https://prometheus-community.github.io/helm-charts
|
||||
- name: cilium
|
||||
url: https://helm.cilium.io/
|
||||
- name: cert-manager
|
||||
url: https://charts.jetstack.io
|
||||
- name: openebs-internal
|
||||
url: https://openebs.github.io/charts
|
||||
- name: seaweedfs-operator
|
||||
url: https://seaweedfs.github.io/seaweedfs-operator/helm
|
||||
|
||||
charts:
|
||||
- name: seaweedfs-operator
|
||||
chartname: seaweedfs-operator/seaweedfs-operator
|
||||
version: "0.1.1"
|
||||
order: 2
|
||||
values: |
|
||||
image:
|
||||
registry: git.thecodedom.com
|
||||
repository: smig/seaweedfs-operator
|
||||
tag: 0.1.0
|
||||
|
||||
|
||||
- name: openebs
|
||||
chartname: openebs-internal/openebs
|
||||
version: "3.9.0"
|
||||
namespace: openebs
|
||||
order: 2
|
||||
values: |
|
||||
localprovisioner:
|
||||
hostpathClass:
|
||||
enabled: true
|
||||
isDefaultClass: false
|
||||
|
||||
- name: prometheus
|
||||
chartName: prometheus/kube-prometheus-stack
|
||||
version: "75.1.0"
|
||||
namespace: monitoring
|
||||
order: 3
|
||||
values: |
|
||||
prometheus:
|
||||
prometheusSpec:
|
||||
maximumStartupDurationSeconds: null
|
||||
additionalPrometheusRulesMap:
|
||||
k0s-control-plane-alerts:
|
||||
groups:
|
||||
- name: control-plane-activity
|
||||
rules:
|
||||
- alert: KubeSchedulerDown
|
||||
expr: absent(apiserver_audit_event_total{job="kube-scheduler"})
|
||||
for: 15m
|
||||
labels:
|
||||
severity: critical
|
||||
|
||||
- alert: KubeControllerManagerDown
|
||||
expr: absent(apiserver_audit_event_total{job="kube-controller-manager"})
|
||||
for: 15m
|
||||
labels:
|
||||
severity: critical
|
||||
alertmanager:
|
||||
alertmanagerSpec:
|
||||
replicas: 1
|
||||
grafana:
|
||||
initChownData:
|
||||
enabled: false
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
storageClassName: openebs-hostpath
|
||||
ingress:
|
||||
enabled: true
|
||||
ingressClassName: cilium
|
||||
hosts:
|
||||
- grafana-k0s.lab.smig.tech
|
||||
|
||||
- name: cert-manager
|
||||
chartName: cert-manager/cert-manager
|
||||
version: "v1.17.2"
|
||||
order: 2
|
||||
namespace: cert-manager
|
||||
values: |
|
||||
crds:
|
||||
enabled: true
|
||||
|
||||
- name: cilium
|
||||
chartName: cilium/cilium
|
||||
namespace: kube-system
|
||||
version: "1.18.0-pre.3"
|
||||
order: 1
|
||||
values: |
|
||||
hubble:
|
||||
enabled: true
|
||||
cluster:
|
||||
name: k0s-cluster
|
||||
envoy:
|
||||
enabled: true
|
||||
image:
|
||||
digest: sha256:e265e4b2e10eaa19c4a5a305086f81bbe0f9f5f41fff60ab0ec6effdb21e2a79
|
||||
digest: sha256:bb73643e4b8c95d852bf25fc0e2f44e6d77617a809b63b119aba9edc001f4ea4
|
||||
repository: git.thecodedom.com/smig/cilium-envoy
|
||||
tag: latest
|
||||
k8sServiceHost: k1.lab.smig.tech
|
||||
|
|
@ -109,6 +236,8 @@ spec:
|
|||
enabled: true
|
||||
ingressController:
|
||||
enabled: true
|
||||
enforceHttps: false
|
||||
loadbalancerMode: shared
|
||||
service:
|
||||
externalTrafficPolicy: Cluster
|
||||
options:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue