diff --git a/echo-server/app/helmrelease.yaml b/echo-server/app/helmrelease.yaml new file mode 100644 index 0000000..7250687 --- /dev/null +++ b/echo-server/app/helmrelease.yaml @@ -0,0 +1,103 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app echo-server +spec: + serviceAccountName: ${TECHNICAL_ACCOUNT} + interval: 30m + chart: + spec: + chart: app-template + version: 3.2.1 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: ${TENANT_NAMESPACE} + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + controllers: + echo-server: + replicas: 2 + strategy: RollingUpdate + containers: + app: + image: + repository: ghcr.io/mendhak/http-https-echo + tag: 33 + env: + HTTP_PORT: &port 8080 + LOG_WITHOUT_NEWLINE: true + LOG_IGNORE_PATH: /healthz + PROMETHEUS_ENABLED: true + probes: + liveness: &probes + enabled: true + custom: true + spec: + httpGet: + path: /healthz + port: *port + initialDelaySeconds: 0 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 3 + readiness: *probes + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: { drop: ["ALL"] } + seccompProfile: + type: RuntimeDefault + resources: + requests: + cpu: 10m + memory: 64Mi + limits: + memory: 64Mi + cpu: 100m + defaultPodOptions: + securityContext: + runAsNonRoot: true + seccompProfile: { type: RuntimeDefault } + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app.kubernetes.io/name: *app + service: + app: + controller: echo-server + ports: + http: + port: *port + serviceMonitor: + app: + serviceName: echo-server + endpoints: + - port: http + scheme: http + path: /metrics + interval: 1m + scrapeTimeout: 10s + ingress: + app: + className: external + hosts: + - host: "{{ .Release.Name }}-${TENANT_DOMAIN}" + paths: + - path: / + service: + identifier: app + port: http + diff --git a/echo-server/ks.yaml b/echo-server/ks.yaml new file mode 100644 index 0000000..4448636 --- /dev/null +++ b/echo-server/ks.yaml @@ -0,0 +1,20 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app echo-server + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./echo-server/app + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kustomization.yaml b/kustomization.yaml index ca06816..80d2821 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -3,11 +3,12 @@ kind: Kustomization resources: - vars/ks.yaml - repos/ks.yaml + - echo-server/ks.yaml - ubuntu-vm-1/ks.yaml - ubuntu-vm-2/ks.yaml + - ubuntu-vm-3/ks.yaml - container/ks-debug.yaml - templates/image-server/ks-nginx.yaml - templates/image-server/ks-pvc.yaml - templates/image-server/ks-route.yaml - - templates/windowsserver/ks-flavor.yaml - - templates/windowsserver-rh/ks-flavor.yaml \ No newline at end of file + - templates/windowsserver/ks-flavor.yaml \ No newline at end of file diff --git a/repos/helm/bjw-s.yaml b/repos/helm/bjw-s.yaml new file mode 100644 index 0000000..90cdc7f --- /dev/null +++ b/repos/helm/bjw-s.yaml @@ -0,0 +1,11 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1.json +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: bjw-s + namespace: ${TENANT_NAMESPACE} +spec: + interval: 5m + url: https://bjw-s-labs.github.io/helm-charts + diff --git a/templates/windowsserver-rh/flavor/small.yaml b/templates/windowsserver-rh/flavor/small.yaml deleted file mode 100644 index 9e4793b..0000000 --- a/templates/windowsserver-rh/flavor/small.yaml +++ /dev/null @@ -1,87 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - name: windows-server-2022-small-redhat - namespace: '${TENANT_NAMESPACE}' - labels: - template.kubevirt.io/type: 'vm' - os.template.kubevirt.io/win2k22: 'true' - workload.template.kubevirt.io/server: 'true' - annotations: - name.os.template.kubevirt.io/win2k22: Windows Server 2022 - description: Windows Server 2022 VM - openshift.io/display-name: Windows Server 2022 - iconClass: icon-windows -objects: - - apiVersion: kubevirt.io/v1 - kind: VirtualMachine - metadata: - name: windows-server-2022-small-redhat - annotations: - description: Windows Server 2022 VM example - labels: - app: windows-server-2022-small-redhat - vm.kubevirt.io/template: 'windows-server-2022-template' - os.template.kubevirt.io/win2k22: 'true' - spec: - running: false - template: - metadata: - annotations: - vm.kubevirt.io/flavor: small - vm.kubevirt.io/os: win2k22 - vm.kubevirt.io/workload: server - labels: - kubevirt.io/domain: windows-server-2022-small-redhat - kubevirt.io/size: small - spec: - domain: - cpu: - cores: 1 - sockets: 1 - threads: 1 - devices: - disks: - - disk: - bus: virtio - name: rootdisk - interfaces: - - masquerade: {} - model: virtio - name: default - networkInterfaceMultiqueue: true - rng: {} - features: - acpi: {} - smm: - enabled: true - firmware: - bootloader: - efi: {} - memory: - guest: 4Gi - hostname: windows-server-2022-small-redhat - networks: - - name: default - pod: {} - terminationGracePeriodSeconds: 180 - volumes: - - name: rootdisk - dataVolume: - name: windows-server-2022-small-redhat-dv - - apiVersion: cdi.kubevirt.io/v1beta1 - kind: DataVolume - metadata: - name: windows-server-2022-small-redhat-dv - namespace: '${TENANT_NAMESPACE}' - spec: - source: - http: - url: http://nginx.demo.svc.cluster.local:8080/win2022.qcow2 - pvc: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 120Gi - storageClassName: ibm-spectrum-scale-fileset \ No newline at end of file diff --git a/templates/windowsserver-rh/ks-flavor.yaml b/ubuntu-vm-3/ks.yaml similarity index 82% rename from templates/windowsserver-rh/ks-flavor.yaml rename to ubuntu-vm-3/ks.yaml index efaa0d1..12912dc 100644 --- a/templates/windowsserver-rh/ks-flavor.yaml +++ b/ubuntu-vm-3/ks.yaml @@ -1,13 +1,13 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: &app flavor-rh + name: &app ubuntu-vm-3 namespace: ${TENANT_NAMESPACE} spec: commonMetadata: labels: app.kubernetes.io/name: *app - path: ./templates/windowsserver-rh/flavor + path: ./ubuntu-vm-3/ubuntu prune: true sourceRef: kind: GitRepository diff --git a/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml new file mode 100644 index 0000000..27029e6 --- /dev/null +++ b/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml @@ -0,0 +1,48 @@ +apiVersion: kubevirt.io/v1 +kind: VirtualMachine +metadata: + name: ubuntu-vm-3 + namespace: demo +spec: + running: true + template: + metadata: + labels: + kubevirt.io/domain: ubuntu-vm-3 + spec: + domain: + cpu: + cores: 1 + devices: + disks: + - disk: + bus: virtio + name: containerdisk + - disk: + bus: virtio + name: cloudinitdisk + resources: + requests: + memory: 2Gi + cpu: 1 + limits: + memory: 2Gi + cpu: 1 + memory: + guest: 2Gi + volumes: + - name: containerdisk + containerDisk: + image: quay.io/containerdisks/ubuntu:24.04 + - name: cloudinitdisk + cloudInitNoCloud: + userData: | + #cloud-config + hostname: ubuntu-vm-3 + ssh_pwauth: True + users: + - name: ubuntu + ssh-authorized-keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPqlhZW/pPLK8zENt3o6tgl0QVinhGAF1sHvajqq3UvI ubuntu + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + shell: /bin/bash \ No newline at end of file