diff --git a/cluster/apps/presidential-paradise/zookeeper/deployment.yaml b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml new file mode 100644 index 0000000..c464580 --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: zookeeper + namespace: presidential-paradise + labels: + app: zookeeper +spec: + replicas: 3 + selector: + matchLabels: + app: zookeeper + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 34% + maxUnavailable: 34% + template: + metadata: + name: zookeeper + labels: + app: zookeeper + spec: + containers: + - name: zookeeper + image: docker.io/0x76/zookeeper:manual + ports: + - containerPort: 8085 + env: + - name: LANG + value: C.UTF-8 + - name: HOSTNAME + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: SERVICE_NAME + value: zookeeper-private.default.svc.cluster.local + resources: {} + securityContext: + privileged: false + procMount: Default + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + terminationGracePeriodSeconds: 30 diff --git a/cluster/apps/presidential-paradise/zookeeper/ingress.yaml b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml new file mode 100644 index 0000000..40c98a2 --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/ingress.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + rules: + - host: "zookeeper.0x76.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: zookeeper + port: + number: 8085 + diff --git a/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml new file mode 100644 index 0000000..5b33a50 --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - svc.yaml + - ingress.yaml diff --git a/cluster/apps/presidential-paradise/zookeeper/svc.yaml b/cluster/apps/presidential-paradise/zookeeper/svc.yaml new file mode 100644 index 0000000..ea3bfa1 --- /dev/null +++ b/cluster/apps/presidential-paradise/zookeeper/svc.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: zookeeper-private + namespace: presidential-paradise +spec: + clusterIP: None + ports: + - name: epmd + port: 4369 + selector: + app: zookeeper +--- +apiVersion: v1 +kind: Service +metadata: + name: zookeeper + namespace: presidential-paradise +spec: + ports: + - name: http + port: 8085 + selector: + app: zookeeper diff --git a/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml b/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml new file mode 100644 index 0000000..2d49244 --- /dev/null +++ b/cluster/base/flux-system/charts/helm/external-secrets-charts.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: HelmRepository +metadata: + name: external-secrets-charts + namespace: flux-system +spec: + interval: 15m0s + url: https://charts.external-secrets.io + diff --git a/cluster/base/flux-system/charts/helm/kustomization.yaml b/cluster/base/flux-system/charts/helm/kustomization.yaml index 65d6813..cc37fad 100644 --- a/cluster/base/flux-system/charts/helm/kustomization.yaml +++ b/cluster/base/flux-system/charts/helm/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - metallb-charts.yaml - traefik-charts.yaml + - external-secrets-charts.yaml + diff --git a/cluster/core/external-secrets/external-secrets/helm-release.yaml b/cluster/core/external-secrets/external-secrets/helm-release.yaml new file mode 100644 index 0000000..8466118 --- /dev/null +++ b/cluster/core/external-secrets/external-secrets/helm-release.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: external-secrets + namespace: external-secrets +spec: + interval: 5m + chart: + spec: + # renovate: registryUrl=https://charts.external-secrets.io + chart: external-secrets + version: 0.3.7 + sourceRef: + kind: HelmRepository + name: external-secrets-charts + namespace: flux-system + interval: 5m + values: + installCRDs: false + install: + crds: Skip + upgrade: + crds: Skip \ No newline at end of file diff --git a/cluster/core/external-secrets/external-secrets/kustomization.yaml b/cluster/core/external-secrets/external-secrets/kustomization.yaml new file mode 100644 index 0000000..2fa2de2 --- /dev/null +++ b/cluster/core/external-secrets/external-secrets/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - helm-release.yaml diff --git a/cluster/core/external-secrets/kustomization.yaml b/cluster/core/external-secrets/kustomization.yaml new file mode 100644 index 0000000..cf78af6 --- /dev/null +++ b/cluster/core/external-secrets/kustomization.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - external-secrets diff --git a/cluster/core/kustomization.yaml b/cluster/core/kustomization.yaml index bf0a6d5..88687c7 100644 --- a/cluster/core/kustomization.yaml +++ b/cluster/core/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - namespaces - networking + - external-secrets + diff --git a/cluster/core/namespaces/external-secrets.yaml b/cluster/core/namespaces/external-secrets.yaml new file mode 100644 index 0000000..591aac5 --- /dev/null +++ b/cluster/core/namespaces/external-secrets.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: external-secrets diff --git a/cluster/core/namespaces/kustomization.yaml b/cluster/core/namespaces/kustomization.yaml index 8b2dd57..5f33ced 100644 --- a/cluster/core/namespaces/kustomization.yaml +++ b/cluster/core/namespaces/kustomization.yaml @@ -3,3 +3,5 @@ kind: Kustomization resources: - presidential-paradise.yaml - networking.yaml + - external-secrets.yaml + diff --git a/cluster/crds/external-secrets/crds.yaml b/cluster/crds/external-secrets/crds.yaml new file mode 100644 index 0000000..ae88a33 --- /dev/null +++ b/cluster/crds/external-secrets/crds.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: source.toolkit.fluxcd.io/v1beta1 +kind: GitRepository +metadata: + name: external-secrets-crd-source + namespace: flux-system +spec: + interval: 30m + url: https://github.com/external-secrets/external-secrets.git + ref: + # renovate: registryUrl=https://charts.external-secrets.io chart=external-secrets + tag: v0.3.7 + ignore: | + # exclude all + /* + # path to crds + !/deploy/crds/ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: external-secrets-crds + namespace: flux-system +spec: + interval: 15m + prune: false + wait: true + sourceRef: + kind: GitRepository + name: external-secrets-crd-source + diff --git a/cluster/crds/external-secrets/kustomization.yaml b/cluster/crds/external-secrets/kustomization.yaml new file mode 100644 index 0000000..2ed3b35 --- /dev/null +++ b/cluster/crds/external-secrets/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - crds.yaml diff --git a/cluster/crds/kustomization.yaml b/cluster/crds/kustomization.yaml index 15e57e2..f2ee43c 100644 --- a/cluster/crds/kustomization.yaml +++ b/cluster/crds/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - traefik + - external-secrets