From 5db658f6398818082127152d527e20d5cfe104cf Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Tue, 22 Jul 2025 13:12:49 +0200 Subject: [PATCH 01/34] Add test-connectivity --- firewall-s3/ks-vm.yaml | 2 +- kustomization.yaml | 1 + .../loadbalancers/fortigate-wan.yaml | 0 .../network-definitions/lan.yaml | 0 .../network-definitions/mgmt.yaml | 0 .../app}/test-connectivity/vm/fortigate.yaml | 0 .../app}/test-connectivity/vm/strongswan.yaml | 0 test-connectivity/ks.yaml | 18 ++++++++++++++++++ 8 files changed, 20 insertions(+), 1 deletion(-) rename {firewall-s3 => test-connectivity/app}/test-connectivity/loadbalancers/fortigate-wan.yaml (100%) rename {firewall-s3 => test-connectivity/app}/test-connectivity/network-definitions/lan.yaml (100%) rename {firewall-s3 => test-connectivity/app}/test-connectivity/network-definitions/mgmt.yaml (100%) rename {firewall-s3 => test-connectivity/app}/test-connectivity/vm/fortigate.yaml (100%) rename {firewall-s3 => test-connectivity/app}/test-connectivity/vm/strongswan.yaml (100%) create mode 100644 test-connectivity/ks.yaml diff --git a/firewall-s3/ks-vm.yaml b/firewall-s3/ks-vm.yaml index 827133e..61e2924 100644 --- a/firewall-s3/ks-vm.yaml +++ b/firewall-s3/ks-vm.yaml @@ -7,7 +7,7 @@ spec: commonMetadata: labels: app.kubernetes.io/name: *app - path: ./firewall-s3 + path: ./firewall-s3/vm/ksd prune: true sourceRef: kind: GitRepository diff --git a/kustomization.yaml b/kustomization.yaml index 8aec8be..56390ef 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -7,6 +7,7 @@ resources: - firewall/ks-vm.yaml - firewall-dev/ks-vm.yaml - firewall-s3/ks-vm.yaml + - test-connectivity/ks.yaml - windows-vm-standard/ks-vm.yaml - windows-vm-standard/ks-pvc.yaml - windows-vm-standard-dev/ks-vm.yaml diff --git a/firewall-s3/test-connectivity/loadbalancers/fortigate-wan.yaml b/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml similarity index 100% rename from firewall-s3/test-connectivity/loadbalancers/fortigate-wan.yaml rename to test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml diff --git a/firewall-s3/test-connectivity/network-definitions/lan.yaml b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml similarity index 100% rename from firewall-s3/test-connectivity/network-definitions/lan.yaml rename to test-connectivity/app/test-connectivity/network-definitions/lan.yaml diff --git a/firewall-s3/test-connectivity/network-definitions/mgmt.yaml b/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml similarity index 100% rename from firewall-s3/test-connectivity/network-definitions/mgmt.yaml rename to test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml diff --git a/firewall-s3/test-connectivity/vm/fortigate.yaml b/test-connectivity/app/test-connectivity/vm/fortigate.yaml similarity index 100% rename from firewall-s3/test-connectivity/vm/fortigate.yaml rename to test-connectivity/app/test-connectivity/vm/fortigate.yaml diff --git a/firewall-s3/test-connectivity/vm/strongswan.yaml b/test-connectivity/app/test-connectivity/vm/strongswan.yaml similarity index 100% rename from firewall-s3/test-connectivity/vm/strongswan.yaml rename to test-connectivity/app/test-connectivity/vm/strongswan.yaml diff --git a/test-connectivity/ks.yaml b/test-connectivity/ks.yaml new file mode 100644 index 0000000..2093015 --- /dev/null +++ b/test-connectivity/ks.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app test-connectivity + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./test-connectivity/app + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m \ No newline at end of file From 46b01088281198da1dd37706599f40ad3002e489 Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Tue, 22 Jul 2025 13:20:26 +0200 Subject: [PATCH 02/34] Remove obsolete apps --- kustomization.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/kustomization.yaml b/kustomization.yaml index 56390ef..b6c706e 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -4,8 +4,6 @@ resources: - vars/ks.yaml - repos/ks.yaml - network/ks-lb.yaml - - firewall/ks-vm.yaml - - firewall-dev/ks-vm.yaml - firewall-s3/ks-vm.yaml - test-connectivity/ks.yaml - windows-vm-standard/ks-vm.yaml From 7a9b3176e819a96d8a8b78faf41e32b51d3fc1f3 Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Tue, 22 Jul 2025 14:21:11 +0200 Subject: [PATCH 03/34] Add overlay lan --- .../network-definitions/lan.yaml | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml index 1c32a21..e217374 100644 --- a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml +++ b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml @@ -1,20 +1,20 @@ -# apiVersion: "k8s.cni.cncf.io/v1" -# kind: NetworkAttachmentDefinition -# metadata: -# name: lan-net -# namespace: ${TENANT_NAMESPACE} -# spec: -# config: '{ -# "cniVersion": "0.3.1", -# "type": "bridge", -# "bridge": "br-lan", -# "ipam": { -# "type": "static", -# "addresses": [ -# { -# "address": "172.168.100.2/24", -# "gateway": "172.168.100.1" -# } -# ] -# } -# }' \ No newline at end of file +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: lan-ovn-160 + namespace: net-demo +spec: + config: | + { + "cniVersion": "0.3.1", + "type": "ovn-k8s-cni-overlay", + "name": "lan-ovn-160", + "topology": "layer2", + "subnets": [ + {"cidr": "192.168.160.0/24"} + ], + "mtu": 1400, + "routes": [ + {"dst": "10.60.0.0/16", "gw": "192.168.10.1"}, + ] + } From 7a00f2dac7806dfd71fc91c58147c987ea827481 Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Tue, 22 Jul 2025 14:22:17 +0200 Subject: [PATCH 04/34] Add overlay lan --- .../app/test-connectivity/network-definitions/lan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml index e217374..21a7896 100644 --- a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml +++ b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml @@ -15,6 +15,6 @@ spec: ], "mtu": 1400, "routes": [ - {"dst": "10.60.0.0/16", "gw": "192.168.10.1"}, + {"dst": "10.60.0.0/16", "gw": "192.168.10.1"} ] } From 48fbc4531967040861602ad9f3bf33e866f77cc5 Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Tue, 22 Jul 2025 14:37:22 +0200 Subject: [PATCH 05/34] Add overlay lan --- .../network-definitions/lan.yaml | 1 - .../app/test-connectivity/pod/pod.yaml | 19 +++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 test-connectivity/app/test-connectivity/pod/pod.yaml diff --git a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml index 21a7896..16d40cc 100644 --- a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml +++ b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml @@ -2,7 +2,6 @@ apiVersion: k8s.cni.cncf.io/v1 kind: NetworkAttachmentDefinition metadata: name: lan-ovn-160 - namespace: net-demo spec: config: | { diff --git a/test-connectivity/app/test-connectivity/pod/pod.yaml b/test-connectivity/app/test-connectivity/pod/pod.yaml new file mode 100644 index 0000000..2042753 --- /dev/null +++ b/test-connectivity/app/test-connectivity/pod/pod.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: dualnet-pod-ovn + annotations: + k8s.v1.cni.cncf.io/networks: | + [ + { + "name": "lan-ovn-160", + "namespace": "${TENANT_NAMESPACE}", + "interface": "net1", + } + ] +spec: + containers: + - name: toolbox + image: quay.io/centos/centos:stream9 + command: [ "/bin/bash", "-c", "sleep infinity" ] + restartPolicy: Never \ No newline at end of file From 73ee627f99f5b08c882a1ccd6f7f92bb2315b955 Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Tue, 22 Jul 2025 14:39:27 +0200 Subject: [PATCH 06/34] Add overlay lan --- test-connectivity/app/test-connectivity/pod/pod.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-connectivity/app/test-connectivity/pod/pod.yaml b/test-connectivity/app/test-connectivity/pod/pod.yaml index 2042753..44792b8 100644 --- a/test-connectivity/app/test-connectivity/pod/pod.yaml +++ b/test-connectivity/app/test-connectivity/pod/pod.yaml @@ -8,7 +8,7 @@ metadata: { "name": "lan-ovn-160", "namespace": "${TENANT_NAMESPACE}", - "interface": "net1", + "interface": "net1" } ] spec: From 285cf3f94f44da7b31b27e772746122a7c7e147f Mon Sep 17 00:00:00 2001 From: Efstratios Kolovos Date: Wed, 23 Jul 2025 12:28:24 +0200 Subject: [PATCH 07/34] Remove test connectivity --- kustomization.yaml | 1 - .../loadbalancers/fortigate-wan.yaml | 30 -------- .../network-definitions/lan.yaml | 19 ----- .../network-definitions/mgmt.yaml | 20 ----- .../app/test-connectivity/pod/pod.yaml | 19 ----- .../app/test-connectivity/vm/fortigate.yaml | 77 ------------------- .../app/test-connectivity/vm/strongswan.yaml | 73 ------------------ test-connectivity/ks.yaml | 18 ----- 8 files changed, 257 deletions(-) delete mode 100644 test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml delete mode 100644 test-connectivity/app/test-connectivity/network-definitions/lan.yaml delete mode 100644 test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml delete mode 100644 test-connectivity/app/test-connectivity/pod/pod.yaml delete mode 100644 test-connectivity/app/test-connectivity/vm/fortigate.yaml delete mode 100644 test-connectivity/app/test-connectivity/vm/strongswan.yaml delete mode 100644 test-connectivity/ks.yaml diff --git a/kustomization.yaml b/kustomization.yaml index b6c706e..0778973 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -5,7 +5,6 @@ resources: - repos/ks.yaml - network/ks-lb.yaml - firewall-s3/ks-vm.yaml - - test-connectivity/ks.yaml - windows-vm-standard/ks-vm.yaml - windows-vm-standard/ks-pvc.yaml - windows-vm-standard-dev/ks-vm.yaml diff --git a/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml b/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml deleted file mode 100644 index fd0a1db..0000000 --- a/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: fortigate-lb-test - namespace: ${TENANT_NAMESPACE} - labels: - app.kubernetes.io/component: fortigate-lb -spec: - type: LoadBalancer - externalTrafficPolicy: Local - ports: - - port: 4500 - name: ipsec-nat - targetPort: 4500 - protocol: UDP - - port: 500 - name: key-management - targetPort: 500 - protocol: UDP - #- port: 22 - # name: ssh - # targetPort: 22 - # protocol: TCP - - port: 443 - name: https - targetPort: 443 - protocol: TCP - selector: - kubevirt.io/domain: fortigate-ksd diff --git a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml deleted file mode 100644 index 16d40cc..0000000 --- a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: k8s.cni.cncf.io/v1 -kind: NetworkAttachmentDefinition -metadata: - name: lan-ovn-160 -spec: - config: | - { - "cniVersion": "0.3.1", - "type": "ovn-k8s-cni-overlay", - "name": "lan-ovn-160", - "topology": "layer2", - "subnets": [ - {"cidr": "192.168.160.0/24"} - ], - "mtu": 1400, - "routes": [ - {"dst": "10.60.0.0/16", "gw": "192.168.10.1"} - ] - } diff --git a/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml b/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml deleted file mode 100644 index 1f18275..0000000 --- a/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# apiVersion: "k8s.cni.cncf.io/v1" -# kind: NetworkAttachmentDefinition -# metadata: -# name: mgmt-net -# namespace: ${TENANT_NAMESPACE} -# spec: -# config: '{ -# "cniVersion": "0.3.1", -# "type": "bridge", -# "bridge": "br-mgmt", -# "ipam": { -# "type": "static", -# "addresses": [ -# { -# "address": "192.168.10.100/24", -# "gateway": "192.168.10.1" -# } -# ] -# } -# }' \ No newline at end of file diff --git a/test-connectivity/app/test-connectivity/pod/pod.yaml b/test-connectivity/app/test-connectivity/pod/pod.yaml deleted file mode 100644 index 44792b8..0000000 --- a/test-connectivity/app/test-connectivity/pod/pod.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: dualnet-pod-ovn - annotations: - k8s.v1.cni.cncf.io/networks: | - [ - { - "name": "lan-ovn-160", - "namespace": "${TENANT_NAMESPACE}", - "interface": "net1" - } - ] -spec: - containers: - - name: toolbox - image: quay.io/centos/centos:stream9 - command: [ "/bin/bash", "-c", "sleep infinity" ] - restartPolicy: Never \ No newline at end of file diff --git a/test-connectivity/app/test-connectivity/vm/fortigate.yaml b/test-connectivity/app/test-connectivity/vm/fortigate.yaml deleted file mode 100644 index d1d61bf..0000000 --- a/test-connectivity/app/test-connectivity/vm/fortigate.yaml +++ /dev/null @@ -1,77 +0,0 @@ -# apiVersion: kubevirt.io/v1 -# kind: VirtualMachine -# metadata: -# name: fortigate-ksd -# namespace: ${TENANT_NAMESPACE} -# spec: -# dataVolumeTemplates: -# - metadata: -# name: fortigate-rootdisk-ksd -# spec: -# source: -# http: -# url: "https://glacier-1.kvant.cloud/ocp-virt-images/sources/fortios_7_6_3.qcow2" -# #secretRef: s3-virt-credentials -# storage: -# resources: -# requests: -# storage: 30Gi -# runStrategy: Always -# template: -# metadata: -# labels: -# kubevirt.io/domain: fortigate-ksd -# spec: -# domain: -# cpu: -# cores: 1 -# memory: -# guest: 2Gi -# features: -# acpi: {} -# smm: -# enabled: true -# firmware: -# bootloader: -# efi: -# secureBoot: false -# devices: -# rng: {} -# networkInterfaceMultiqueue: true -# interfaces: -# - name: wan -# masquerade: {} -# ports: -# - port: 4500 -# - port: 443 -# - port: 22 -# - port: 500 -# - name: mgmt -# bridge: {} -# - name: lan -# bridge: {} -# disks: -# - disk: -# bus: sata -# name: rootdisk -# resources: -# requests: -# memory: 2Gi -# cpu: 1 -# limits: -# memory: 2Gi -# cpu: 1 -# networks: -# - name: wan -# pod: {} -# - name: mgmt -# multus: -# networkName: ${TENANT_NAMESPACE}/mgmt-net -# - name: lan -# multus: -# networkName: ${TENANT_NAMESPACE}/lan-net -# terminationGracePeriodSeconds: 180 -# volumes: -# - name: rootdisk -# dataVolume: -# name: fortigate-rootdisk-ksd \ No newline at end of file diff --git a/test-connectivity/app/test-connectivity/vm/strongswan.yaml b/test-connectivity/app/test-connectivity/vm/strongswan.yaml deleted file mode 100644 index f982232..0000000 --- a/test-connectivity/app/test-connectivity/vm/strongswan.yaml +++ /dev/null @@ -1,73 +0,0 @@ -# apiVersion: kubevirt.io/v1 -# kind: VirtualMachine -# metadata: -# name: strongswan -# namespace: ${TENANT_NAMESPACE} -# spec: -# running: true -# template: -# metadata: -# labels: -# kubevirt.io/domain: strongswan -# spec: -# domain: -# cpu: -# cores: 2 -# resources: -# requests: -# memory: 2Gi -# cpu: 1 -# limits: -# memory: 2Gi -# cpu: 2 -# memory: -# guest: 2Gi -# devices: -# rng: {} -# networkInterfaceMultiqueue: true -# disks: -# - name: containerdisk -# disk: -# bus: virtio -# - name: cloudinitdisk -# disk: -# bus: virtio -# interfaces: -# - name: wan -# masquerade: {} -# ports: -# - port: 4500 -# - port: 443 -# - port: 22 -# - port: 500 -# - name: mgmt -# bridge: {} -# - name: lan -# bridge: {} -# networks: -# - name: wan -# pod: {} -# - name: mgmt -# multus: -# networkName: ${TENANT_NAMESPACE}/mgmt-net -# - name: lan -# multus: -# networkName: ${TENANT_NAMESPACE}/lan-net -# terminationGracePeriodSeconds: 180 -# volumes: -# - name: containerdisk -# containerDisk: -# image: quay.io/containerdisks/ubuntu:22.04 -# - name: cloudinitdisk -# cloudInitNoCloud: -# userData: | -# #cloud-config -# users: -# - name: testuser -# groups: [sudo] -# sudo: "ALL=(ALL) NOPASSWD:ALL" -# lock_passwd: false -# passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1" -# chpasswd: -# expire: false -# ssh_pwauth: true \ No newline at end of file diff --git a/test-connectivity/ks.yaml b/test-connectivity/ks.yaml deleted file mode 100644 index 2093015..0000000 --- a/test-connectivity/ks.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app test-connectivity - namespace: ${TENANT_NAMESPACE} -spec: - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./test-connectivity/app - prune: true - sourceRef: - kind: GitRepository - name: tenant-repos - wait: false - interval: 30m - retryInterval: 1m - timeout: 5m \ No newline at end of file From 17388256862db8faa253584fc24c2e5966b0b0b5 Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 14:10:58 +0200 Subject: [PATCH 08/34] chore: add .gitattributes --- .gitattributes | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .gitattributes diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..23b6552 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +*.sh text eol=lf +*.yml text eol=lf +*.yaml text eol=lf From ad99d6cfbdaa2224b0a825caf3b41c32dc9cbc13 Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 14:11:22 +0200 Subject: [PATCH 09/34] chore: add .gitignore --- .gitignore | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4949f76 --- /dev/null +++ b/.gitignore @@ -0,0 +1,33 @@ +# Eclipse +.project +.classpath +.settings/ +bin/ + +# IntelliJ +.idea +*.ipr +*.iml +*.iws + +# NetBeans +nb-configuration.xml + +# Visual Studio Code +.vscode +.factorypath + +# OSX +.DS_Store + +# Vim +*.swp +*.swo + +# patch +*.orig +*.rej + +# Local environment +.env + From b6e8ec3b0e9a3f443304e15d2a8e650512c6b2a0 Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 14:11:54 +0200 Subject: [PATCH 10/34] chore(repos): add cloudnative-pg --- repos/helm/cloudnative-pg.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 repos/helm/cloudnative-pg.yaml diff --git a/repos/helm/cloudnative-pg.yaml b/repos/helm/cloudnative-pg.yaml new file mode 100644 index 0000000..e42af28 --- /dev/null +++ b/repos/helm/cloudnative-pg.yaml @@ -0,0 +1,10 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/helmrepository_v1.json +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: cloudnative-pg + namespace: ${TENANT_NAMESPACE} +spec: + interval: 5m0s + url: https://cloudnative-pg.github.io/charts \ No newline at end of file From 831c25c09ecf77ecc10c8f03c416e495527a03f1 Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 14:33:30 +0200 Subject: [PATCH 11/34] feat(postgres): add demo cluster --- postgres/app/helmrelease.yaml | 109 ++++++++++++++++++++++++++++++++++ postgres/ks.yaml | 23 +++++++ 2 files changed, 132 insertions(+) create mode 100644 postgres/app/helmrelease.yaml create mode 100644 postgres/ks.yaml diff --git a/postgres/app/helmrelease.yaml b/postgres/app/helmrelease.yaml new file mode 100644 index 0000000..a8894fc --- /dev/null +++ b/postgres/app/helmrelease.yaml @@ -0,0 +1,109 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: postgres + namespace: ${TENANT_NAMESPACE} +spec: + serviceAccountName: ${TECHNICAL_ACCOUNT} + interval: 30m + chart: + spec: + chart: cluster + version: 0.3.1 + sourceRef: + kind: HelmRepository + name: cloudnative-pg + namespace: ${TENANT_NAMESPACE} + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + values: + type: postgresql + mode: standalone + version: + postgresql: "17.5" + cluster: + instances: 3 + storage: + size: 10Gi + storageClass: ocs-storagecluster-ceph-rbd + walStorage: + # It's not mandatory to split WAL from the main data volume. + # However, doing so helps to avoid issues with the main data volume + # in cases where WAL exporting to the backup server experiences + # issues. For example, in scenarios where there's network congestion + # or even failures, the WAL may end up accumulating too much data + # to the point where the volume fills up, blocking the cluster from + # operating properly. + enabled: true + size: 10Gi + storageClass: ocs-storagecluster-ceph-rbd + resources: + requests: + cpu: "500m" + memory: 1Gi + limits: + cpu: "1" + memory: 1Gi + enableSuperuserAccess: true + superuserSecret: postgres-superuser + affinity: + topologyKey: failure-domain.beta.kubernetes.io/zone + postgresql: + parameters: + shared_buffers: 256MB + max_connections: "400" + initdb: + database: app + owner: app + options: [] + encoding: UTF8 + backups: + # Backups are disabled in this example, but here's an example + # on how to configure this cluster to export backups to a S3 + # bucket hosted on a MinIO server. + # + # For more information, refer to the helm chart's values.yaml + # or the official documentation at + # https://cloudnative-pg.io/documentation/1.26/backup/ + enabled: false + endpointURL: https://glacier-1.kvant.cloud + provider: s3 + s3: + bucket: phoenix-openshift-backups + path: /demo-postgres + # Ideally, you will never commit credentials in plain text; + # these values are here just for illustration. For a way to + # properly load them from kubernetes' secrets, refer to the + # commented-ou section 'valuesFrom' placed right below + accessKey: your-access-key + secretKey: your-secret-key + secret: + create: true + wal: + encryption: "" + data: + encryption: "" + scheduledBackups: + - name: daily-minio + schedule: "@daily" + backupOwnerReference: self + method: barmanObjectStore + retentionPolicy: "180d" # It is mandatory to match this value with the bucket's retention period +# valuesFrom: +# - kind: Secret +# name: postgres-backup-s3 # name of the pre-existing secret that holds the key pair +# valuesKey: ACCESS_KEY_ID # name of the key inside the secret that holds the access key value +# targetPath: backups.s3.accessKey # path of the configuration that will be assigned the access key value +# optional: false +# - kind: Secret +# name: postgres-backup-s3 # name of the pre-existing secret that holds the key pair +# valuesKey: ACCESS_SECRET_KEY # name of the key inside the secret that holds the secret key value +# targetPath: backups.s3.secretKey # path of the configuration that will be assigned the secret key value +# optional: false diff --git a/postgres/ks.yaml b/postgres/ks.yaml new file mode 100644 index 0000000..0383647 --- /dev/null +++ b/postgres/ks.yaml @@ -0,0 +1,23 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app postgres + namespace: ${TENANT_NAMESPACE} +spec: + targetNamespace: ${TENANT_NAMESPACE} + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./postgres/app + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: true + interval: 10m + retryInterval: 1m + timeout: 5m + dependsOn: + - name: vars From d3b650eff2cb9370c37276b6521b9fb05d302cbd Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 14:35:15 +0200 Subject: [PATCH 12/34] chore(postgres): enable ks --- kustomization.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/kustomization.yaml b/kustomization.yaml index 0778973..83384c7 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -16,4 +16,5 @@ resources: - templates/image-server/ks-pvc.yaml - templates/image-server/ks-route.yaml - templates/windowsserver/ks-flavor.yaml - - templates/windowsserver-rh/ks-flavor.yaml \ No newline at end of file + - templates/windowsserver-rh/ks-flavor.yaml + - postgres/ks.yaml \ No newline at end of file From a49dd4de892cf3f07b69aee64667ecafb6aa5787 Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 15:37:26 +0200 Subject: [PATCH 13/34] chore(postgres): add link to values.yaml for reference --- postgres/app/helmrelease.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/postgres/app/helmrelease.yaml b/postgres/app/helmrelease.yaml index a8894fc..97c2c3c 100644 --- a/postgres/app/helmrelease.yaml +++ b/postgres/app/helmrelease.yaml @@ -24,6 +24,8 @@ spec: strategy: rollback retries: 3 values: + # check the complete configuration options at + # https://raw.githubusercontent.com/cloudnative-pg/charts/refs/tags/cluster-v0.3.1/charts/cluster/values.yaml type: postgresql mode: standalone version: From 001fc5a5defde5f6b4a44abf74037554cfd270ce Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 15:39:53 +0200 Subject: [PATCH 14/34] chore(postgres): update storage class to ibm-spectrum-scale-fileset --- postgres/app/helmrelease.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/postgres/app/helmrelease.yaml b/postgres/app/helmrelease.yaml index 97c2c3c..f44b8b5 100644 --- a/postgres/app/helmrelease.yaml +++ b/postgres/app/helmrelease.yaml @@ -34,7 +34,9 @@ spec: instances: 3 storage: size: 10Gi - storageClass: ocs-storagecluster-ceph-rbd + # default storage class on ai-2 cluster, on basel or staging you + # should use 'ocs-storagecluster-ceph-rbd' instead + storageClass: ibm-spectrum-scale-fileset walStorage: # It's not mandatory to split WAL from the main data volume. # However, doing so helps to avoid issues with the main data volume @@ -44,8 +46,8 @@ spec: # to the point where the volume fills up, blocking the cluster from # operating properly. enabled: true - size: 10Gi - storageClass: ocs-storagecluster-ceph-rbd + size: 10Gi + storageClass: ibm-spectrum-scale-fileset resources: requests: cpu: "500m" From 707b1d0bd819d87528847987c4114a9faf61b413 Mon Sep 17 00:00:00 2001 From: Jorge Bornhausen Date: Thu, 24 Jul 2025 15:49:17 +0200 Subject: [PATCH 15/34] chore(postgres): add more comments explaining each section --- postgres/app/helmrelease.yaml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/postgres/app/helmrelease.yaml b/postgres/app/helmrelease.yaml index f44b8b5..9af65c0 100644 --- a/postgres/app/helmrelease.yaml +++ b/postgres/app/helmrelease.yaml @@ -69,9 +69,10 @@ spec: options: [] encoding: UTF8 backups: - # Backups are disabled in this example, but here's an example - # on how to configure this cluster to export backups to a S3 - # bucket hosted on a MinIO server. + # As indicated by the 'enabled' flag, backups are disabled on + # this deployment. But the remaining of the block serves as an + # example of how to configure this cluster to export backups to + # a S3 bucket hosted on a MinIO server. # # For more information, refer to the helm chart's values.yaml # or the official documentation at @@ -91,10 +92,18 @@ spec: secret: create: true wal: + # If exporting to MinIO S3, you may have to disable encryption. + # This is how you achieve it encryption: "" data: encryption: "" scheduledBackups: + # You can give it any name and change the scheduled time to what + # fits your strategy. This serves as an example of how to configure + # the cluster to export a daily backup to the S3 bucket using + # barman object storage. You can also back up volumes instead. + # Check the backup documentation to find more information on + # which option suits you best. - name: daily-minio schedule: "@daily" backupOwnerReference: self From d0fba712d4b61fc7c710be1b2a098b86277dfcea Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 11:15:18 +0200 Subject: [PATCH 16/34] new test VM for costumer presentation --- kustomization.yaml | 5 +- windows-vm-standard-john/ks-pvc.yaml | 18 +++++ windows-vm-standard-john/ks-vm.yaml | 18 +++++ windows-vm-standard-john/pvc/datadisk.yaml | 12 ++++ windows-vm-standard-john/vm/server.yaml | 82 ++++++++++++++++++++++ windows-vm-standard-john/windows-lb.yaml | 29 ++++++++ 6 files changed, 163 insertions(+), 1 deletion(-) create mode 100644 windows-vm-standard-john/ks-pvc.yaml create mode 100644 windows-vm-standard-john/ks-vm.yaml create mode 100644 windows-vm-standard-john/pvc/datadisk.yaml create mode 100644 windows-vm-standard-john/vm/server.yaml create mode 100644 windows-vm-standard-john/windows-lb.yaml diff --git a/kustomization.yaml b/kustomization.yaml index 83384c7..7a1c689 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -17,4 +17,7 @@ resources: - templates/image-server/ks-route.yaml - templates/windowsserver/ks-flavor.yaml - templates/windowsserver-rh/ks-flavor.yaml - - postgres/ks.yaml \ No newline at end of file + - postgres/ks.yaml + - windows-vm-standard-john/ks-vm.yaml + - windows-vm-standard-john/ks-pvc.yaml + - windows-vm-standard-john/windows-lb.yaml diff --git a/windows-vm-standard-john/ks-pvc.yaml b/windows-vm-standard-john/ks-pvc.yaml new file mode 100644 index 0000000..68e3154 --- /dev/null +++ b/windows-vm-standard-john/ks-pvc.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app windows-pvc-john + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./windows-vm-standard-john/pvc + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m \ No newline at end of file diff --git a/windows-vm-standard-john/ks-vm.yaml b/windows-vm-standard-john/ks-vm.yaml new file mode 100644 index 0000000..5a28eae --- /dev/null +++ b/windows-vm-standard-john/ks-vm.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app windows-vm-standard + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./windows-vm-standard-john/vm + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m \ No newline at end of file diff --git a/windows-vm-standard-john/pvc/datadisk.yaml b/windows-vm-standard-john/pvc/datadisk.yaml new file mode 100644 index 0000000..6c901ab --- /dev/null +++ b/windows-vm-standard-john/pvc/datadisk.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: windows-vm-datadisk-john +spec: + storageClassName: ibm-spectrum-scale-fileset + volumeMode: Filesystem + accessModes: + - ReadWriteMany + resources: + requests: + storage: 200Gi diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml new file mode 100644 index 0000000..3af61ac --- /dev/null +++ b/windows-vm-standard-john/vm/server.yaml @@ -0,0 +1,82 @@ +apiVersion: kubevirt.io/v1 +kind: VirtualMachine +metadata: + name: windows-vm-standard-john + namespace: ${TENANT_NAMESPACE} +spec: + dataVolumeTemplates: + - metadata: + name: windows-rootdisk-john + spec: + source: + http: + url: http://nginx.demo.svc.cluster.local:8080/windows-server-2022-uefi-ns.qcow2 + storage: + resources: + requests: + storage: 80Gi + sourceRef: + kind: DataSource + name: win2k22 + namespace: kubevirt-os-images + runStrategy: Always + template: + metadata: + labels: + kubevirt.io/domain: windows-vm-standard-john + spec: + domain: + cpu: + cores: 4 + memory: + guest: 8Gi + features: + acpi: {} + smm: + enabled: true + firmware: + bootloader: + efi: {} + devices: + rng: {} + networkInterfaceMultiqueue: true + interfaces: + - name: default + masquerade: {} + ports: + - port: 8080 + - port: 443 + - port: 22 + - port: 3389 + disks: + - disk: + bus: sata + name: rootdisk + - disk: + bus: sata + name: datadisk + # - disk: + # bus: scsi + # name: cloudinitdisk + resources: + requests: + memory: 8Gi + cpu: 4 + limits: + memory: 8Gi + cpu: 4 + networks: + - name: default + pod: {} + terminationGracePeriodSeconds: 180 + volumes: + - name: rootdisk + dataVolume: + name: windows-rootdisk-john + - name: datadisk + persistentVolumeClaim: + claimName: windows-vm-datadisk-john + #- name: cloudinitdisk + # cloudInitNoCloud: + # secretRef: + # name: windows-cloud-init diff --git a/windows-vm-standard-john/windows-lb.yaml b/windows-vm-standard-john/windows-lb.yaml new file mode 100644 index 0000000..7adf23f --- /dev/null +++ b/windows-vm-standard-john/windows-lb.yaml @@ -0,0 +1,29 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: windows-lb + namespace: ${TENANT_NAMESPACE} + labels: + app.kubernetes.io/component: windows-lb +spec: + type: LoadBalancer + ports: + - port: 8080 + name: http + targetPort: 8080 + protocol: TCP + - port: 443 + name: https + targetPort: 443 + protocol: TCP + - port: 65022 + name: ssh + targetPort: 22 + protocol: TCP + - port: 3389 + name: rdp + targetPort: 3389 + protocol: TCP + selector: + kubevirt.io/domain: windows-vm-standard-john From ed5db933381290fcf59986f58214016c32192c0d Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 11:19:53 +0200 Subject: [PATCH 17/34] yeahhh --- windows-vm-standard-john/ks-vm.yaml | 2 +- windows-vm-standard-john/vm/server.yaml | 4 ++-- windows-vm-standard-john/windows-lb.yaml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/windows-vm-standard-john/ks-vm.yaml b/windows-vm-standard-john/ks-vm.yaml index 5a28eae..4b8608c 100644 --- a/windows-vm-standard-john/ks-vm.yaml +++ b/windows-vm-standard-john/ks-vm.yaml @@ -1,7 +1,7 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: &app windows-vm-standard + name: &app windows-vm-standard-john namespace: ${TENANT_NAMESPACE} spec: commonMetadata: diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index 3af61ac..2befb61 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -51,10 +51,10 @@ spec: disks: - disk: bus: sata - name: rootdisk + name: rootdisk-john - disk: bus: sata - name: datadisk + name: datadisk-john # - disk: # bus: scsi # name: cloudinitdisk diff --git a/windows-vm-standard-john/windows-lb.yaml b/windows-vm-standard-john/windows-lb.yaml index 7adf23f..e9ad9f8 100644 --- a/windows-vm-standard-john/windows-lb.yaml +++ b/windows-vm-standard-john/windows-lb.yaml @@ -2,10 +2,10 @@ apiVersion: v1 kind: Service metadata: - name: windows-lb + name: windows-lb-john namespace: ${TENANT_NAMESPACE} labels: - app.kubernetes.io/component: windows-lb + app.kubernetes.io/component: windows-lb-john spec: type: LoadBalancer ports: From 0154dc0dbddb66609b6158f4192b30b035d120e2 Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 11:25:13 +0200 Subject: [PATCH 18/34] yeah222 --- windows-vm-standard-john/vm/server.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index 2befb61..a205ab7 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -70,10 +70,10 @@ spec: pod: {} terminationGracePeriodSeconds: 180 volumes: - - name: rootdisk + - name: rootdisk-john dataVolume: name: windows-rootdisk-john - - name: datadisk + - name: datadisk-john persistentVolumeClaim: claimName: windows-vm-datadisk-john #- name: cloudinitdisk From 1139c70acb500f87fb23416081bfc5c94bf4c463 Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 11:50:22 +0200 Subject: [PATCH 19/34] gfiweubfiwe --- windows-vm-standard-john/vm/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index a205ab7..ad1b3b2 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -10,7 +10,7 @@ spec: spec: source: http: - url: http://nginx.demo.svc.cluster.local:8080/windows-server-2022-uefi-ns.qcow2 + url: http://nginx.demo.svc.cluster.local:80/windows-server-2022-uefi-ns.qcow2 storage: resources: requests: From 1fc30168ef237a1c75c1368b79e8882533eafe37 Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 11:57:44 +0200 Subject: [PATCH 20/34] jhdgfiudfbnuifdnbui --- windows-vm-standard-john/vm/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index ad1b3b2..15faa1f 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -18,7 +18,7 @@ spec: sourceRef: kind: DataSource name: win2k22 - namespace: kubevirt-os-images + namespace: openshift-virtualization-os-images #kubevirt-os-images runStrategy: Always template: metadata: From 6d1b9906a5943a2a7c64f8a18f8d5e52f6c4aecf Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 12:00:20 +0200 Subject: [PATCH 21/34] drgrrht --- windows-vm-standard-john/vm/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index 15faa1f..e0f06a7 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -18,7 +18,7 @@ spec: sourceRef: kind: DataSource name: win2k22 - namespace: openshift-virtualization-os-images #kubevirt-os-images + namespace: openshift-virtualization-os-images runStrategy: Always template: metadata: From 0256ce589a8350603ae6e9a40149980f7e3b733a Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 12:28:50 +0200 Subject: [PATCH 22/34] dfhdhdhf --- windows-vm-standard-john/vm/server.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index e0f06a7..c1151c2 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -16,9 +16,9 @@ spec: requests: storage: 80Gi sourceRef: - kind: DataSource - name: win2k22 - namespace: openshift-virtualization-os-images +# kind: DataSource +# name: win2k22 +# namespace: openshift-virtualization-os-images runStrategy: Always template: metadata: From 1c7e58e7406dfd18d5e070bfde0c1c221d540350 Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 12:31:08 +0200 Subject: [PATCH 23/34] sdfsdf --- windows-vm-standard-john/vm/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-vm-standard-john/vm/server.yaml b/windows-vm-standard-john/vm/server.yaml index c1151c2..bf952a8 100644 --- a/windows-vm-standard-john/vm/server.yaml +++ b/windows-vm-standard-john/vm/server.yaml @@ -15,7 +15,7 @@ spec: resources: requests: storage: 80Gi - sourceRef: +# sourceRef: # kind: DataSource # name: win2k22 # namespace: openshift-virtualization-os-images From 88a93c67d3e703ae2739949b21b7b9566a179fa9 Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 13:44:53 +0200 Subject: [PATCH 24/34] oisndfoisf --- ubuntu-vm-3 john/ks.yaml | 18 ++++++++++ ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml | 48 ++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 ubuntu-vm-3 john/ks.yaml create mode 100644 ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml diff --git a/ubuntu-vm-3 john/ks.yaml b/ubuntu-vm-3 john/ks.yaml new file mode 100644 index 0000000..152cdec --- /dev/null +++ b/ubuntu-vm-3 john/ks.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app ubuntu-vm-2 + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./ubuntu-vm-2/ubuntu + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml new file mode 100644 index 0000000..c4bc587 --- /dev/null +++ b/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml @@ -0,0 +1,48 @@ +apiVersion: kubevirt.io/v1 +kind: VirtualMachine +metadata: + name: ubuntu-vm-3-john + namespace: kubevirt-vms +spec: + running: true + template: + metadata: + labels: + kubevirt.io/domain: ubuntu-vm-3-john + spec: + domain: + cpu: + cores: 2 + devices: + disks: + - disk: + bus: virtio + name: containerdisk + - disk: + bus: virtio + name: cloudinitdisk + resources: + requests: + memory: 2Gi + cpu: 1 + limits: + memory: 2Gi + cpu: 2 + memory: + guest: 2Gi + volumes: + - name: containerdisk + containerDisk: + image: quay.io/containerdisks/ubuntu:22.04 + - name: cloudinitdisk + cloudInitNoCloud: + userData: | + #cloud-config + hostname: ubuntu-vm-2 + ssh_pwauth: True + users: + - name: ubuntu + ssh-authorized-keys: + - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPqlhZW/pPLK8zENt3o6tgl0QVinhGAF1sHvajqq3UvI ubuntu + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + shell: /bin/bash \ No newline at end of file From 5f1f60b786edea91d1c5ec97566861422645712c Mon Sep 17 00:00:00 2001 From: "john.leitao" Date: Wed, 30 Jul 2025 11:47:29 +0000 Subject: [PATCH 25/34] Update kustomization.yaml --- kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/kustomization.yaml b/kustomization.yaml index 7a1c689..c776207 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -11,6 +11,7 @@ resources: - windows-vm-standard-dev/ks-pvc.yaml - ubuntu-vm-1/ks.yaml - ubuntu-vm-2/ks.yaml + - ubuntu-vm-3-john/ks.yaml - container/ks-debug.yaml - templates/image-server/ks-nginx.yaml - templates/image-server/ks-pvc.yaml From 13b6e6f3aee39d99d53ab143fc0736e4ae066a1f Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Wed, 30 Jul 2025 13:52:24 +0200 Subject: [PATCH 26/34] changed URL --- firewall-s3/vm/ksd/network-definitions/lan.yaml | 2 +- firewall-s3/vm/ksd/network-definitions/mgmt.yaml | 2 +- windows-vm-standard-dev/vm/server.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/firewall-s3/vm/ksd/network-definitions/lan.yaml b/firewall-s3/vm/ksd/network-definitions/lan.yaml index ccc343b..db390ad 100644 --- a/firewall-s3/vm/ksd/network-definitions/lan.yaml +++ b/firewall-s3/vm/ksd/network-definitions/lan.yaml @@ -12,7 +12,7 @@ spec: "type": "static", "addresses": [ { - "address": "172.168.100.2/24", + "address": "172.168.100.0/24", "gateway": "172.168.100.1" } ] diff --git a/firewall-s3/vm/ksd/network-definitions/mgmt.yaml b/firewall-s3/vm/ksd/network-definitions/mgmt.yaml index 7be17a8..9917a83 100644 --- a/firewall-s3/vm/ksd/network-definitions/mgmt.yaml +++ b/firewall-s3/vm/ksd/network-definitions/mgmt.yaml @@ -12,7 +12,7 @@ spec: "type": "static", "addresses": [ { - "address": "192.168.10.100/24", + "address": "192.168.10.0/24", "gateway": "192.168.10.1" } ] diff --git a/windows-vm-standard-dev/vm/server.yaml b/windows-vm-standard-dev/vm/server.yaml index df3b980..5d3a946 100644 --- a/windows-vm-standard-dev/vm/server.yaml +++ b/windows-vm-standard-dev/vm/server.yaml @@ -10,7 +10,7 @@ spec: spec: source: http: - url: http://nginx.demo.svc.cluster.local:8080/windows-server-2022-uefi-ns.qcow2 + url: "https://glacier-1.kvant.cloud/ocp-virt-images/sources/windows-server-2022-uefi-ns.qcow2" storage: resources: requests: @@ -18,7 +18,7 @@ spec: sourceRef: kind: DataSource name: win2k22 - namespace: kubevirt-os-images + namespace: openshift-virtualization-os-images runStrategy: Always template: metadata: From 7125bd6626a91d1a14e7332db0093d1e55261d81 Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Wed, 30 Jul 2025 14:02:15 +0200 Subject: [PATCH 27/34] reduce data disk pvc --- windows-vm-standard-dev/pvc/datadisk.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-vm-standard-dev/pvc/datadisk.yaml b/windows-vm-standard-dev/pvc/datadisk.yaml index 86461b8..5d858e6 100644 --- a/windows-vm-standard-dev/pvc/datadisk.yaml +++ b/windows-vm-standard-dev/pvc/datadisk.yaml @@ -9,4 +9,4 @@ spec: - ReadWriteMany resources: requests: - storage: 200Gi + storage: 50Gi From 4f026307b6a85afe6c63ad252bbd6d39e4019a07 Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Wed, 30 Jul 2025 14:21:53 +0200 Subject: [PATCH 28/34] changed data source --- windows-vm-standard-dev/vm/server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows-vm-standard-dev/vm/server.yaml b/windows-vm-standard-dev/vm/server.yaml index 5d3a946..1b42bdc 100644 --- a/windows-vm-standard-dev/vm/server.yaml +++ b/windows-vm-standard-dev/vm/server.yaml @@ -18,7 +18,7 @@ spec: sourceRef: kind: DataSource name: win2k22 - namespace: openshift-virtualization-os-images + namespace: kubevirt-os-images runStrategy: Always template: metadata: From 1e0cfb816f7ff085567c60ec84e355418065e54d Mon Sep 17 00:00:00 2001 From: "john.leitao@phoenix-systems.ch" Date: Wed, 30 Jul 2025 16:17:40 +0200 Subject: [PATCH 29/34] sdffdsfd --- container/debug2/alpine.yaml | 14 ++++++++++++++ kustomization.yaml | 6 +++--- ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml | 4 ++-- 3 files changed, 19 insertions(+), 5 deletions(-) create mode 100644 container/debug2/alpine.yaml diff --git a/container/debug2/alpine.yaml b/container/debug2/alpine.yaml new file mode 100644 index 0000000..e272e52 --- /dev/null +++ b/container/debug2/alpine.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: alpine-test2 + namespace: ${TENANT_NAMESPACE} +spec: + containers: + - name: alpine2 + image: alpine:latest + command: ["/bin/sh"] + args: ["-c", "while true; do sleep 3600; done"] + stdin: true + tty: true + restartPolicy: Never \ No newline at end of file diff --git a/kustomization.yaml b/kustomization.yaml index 7a1c689..0a91e30 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -18,6 +18,6 @@ resources: - templates/windowsserver/ks-flavor.yaml - templates/windowsserver-rh/ks-flavor.yaml - postgres/ks.yaml - - windows-vm-standard-john/ks-vm.yaml - - windows-vm-standard-john/ks-pvc.yaml - - windows-vm-standard-john/windows-lb.yaml +# - windows-vm-standard-john/ks-vm.yaml +# - windows-vm-standard-john/ks-pvc.yaml +# - windows-vm-standard-john/windows-lb.yaml diff --git a/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml index c4bc587..1ac74ef 100644 --- a/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml +++ b/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml @@ -1,14 +1,14 @@ apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: - name: ubuntu-vm-3-john + name: ubuntu-vm-3- namespace: kubevirt-vms spec: running: true template: metadata: labels: - kubevirt.io/domain: ubuntu-vm-3-john + kubevirt.io/domain: ubuntu-vm-2 spec: domain: cpu: From cb450457ac73c3d54917cc95d9e8a01b704cb945 Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Tue, 5 Aug 2025 13:53:12 +0200 Subject: [PATCH 30/34] added additional test VM --- ubuntu-vm-3/ks.yaml | 18 +++++++++++ ubuntu-vm-3/ubuntu/ubuntu-vm.yaml | 50 +++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 ubuntu-vm-3/ks.yaml create mode 100644 ubuntu-vm-3/ubuntu/ubuntu-vm.yaml diff --git a/ubuntu-vm-3/ks.yaml b/ubuntu-vm-3/ks.yaml new file mode 100644 index 0000000..12912dc --- /dev/null +++ b/ubuntu-vm-3/ks.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app ubuntu-vm-3 + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./ubuntu-vm-3/ubuntu + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml new file mode 100644 index 0000000..ae02fee --- /dev/null +++ b/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml @@ -0,0 +1,50 @@ +apiVersion: kubevirt.io/v1 +kind: VirtualMachine +metadata: + name: ubuntu-vm-3 + namespace: ${TENANT_NAMESPACE} +spec: + running: true + template: + metadata: + labels: + kubevirt.io/domain: ubuntu-vm-3 + spec: + domain: + cpu: + cores: 2 + devices: + disks: + - disk: + bus: virtio + name: containerdisk + - disk: + bus: virtio + name: cloudinitdisk + resources: + requests: + memory: 2Gi + cpu: 1 + limits: + memory: 2Gi + cpu: 2 + memory: + guest: 2Gi + volumes: + - name: containerdisk + containerDisk: + image: quay.io/containerdisks/ubuntu:22.04 + - name: cloudinitdisk + cloudInitNoCloud: + userData: | + #cloud-config + users: + - name: testuser + groups: [sudo] + sudo: "ALL=(ALL) NOPASSWD:ALL" + lock_passwd: false + passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1" + + chpasswd: + expire: false + ssh_pwauth: true \ No newline at end of file From 79e1668d0f520cd6a77594953875eb6f9504df59 Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Tue, 5 Aug 2025 13:55:43 +0200 Subject: [PATCH 31/34] added entry to kustomizations --- kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/kustomization.yaml b/kustomization.yaml index c830edf..6b65d60 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -11,6 +11,7 @@ resources: - windows-vm-standard-dev/ks-pvc.yaml - ubuntu-vm-1/ks.yaml - ubuntu-vm-2/ks.yaml + - ubuntu-vm-3/ks.yaml - ubuntu-vm-3-john/ks.yaml - container/ks-debug.yaml - templates/image-server/ks-nginx.yaml From e8c4f4bf17dd40ccffa2a641e987caa2da340907 Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Tue, 5 Aug 2025 14:01:09 +0200 Subject: [PATCH 32/34] added johns ubuntu --- kustomization.yaml | 1 - {ubuntu-vm-3 john => ubuntu-vm-4-john}/ks.yaml | 4 ++-- {ubuntu-vm-3 john => ubuntu-vm-4-john}/ubuntu/ubuntu-vm.yaml | 4 ++-- 3 files changed, 4 insertions(+), 5 deletions(-) rename {ubuntu-vm-3 john => ubuntu-vm-4-john}/ks.yaml (83%) rename {ubuntu-vm-3 john => ubuntu-vm-4-john}/ubuntu/ubuntu-vm.yaml (94%) diff --git a/kustomization.yaml b/kustomization.yaml index 6b65d60..2c02dd1 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -12,7 +12,6 @@ resources: - ubuntu-vm-1/ks.yaml - ubuntu-vm-2/ks.yaml - ubuntu-vm-3/ks.yaml - - ubuntu-vm-3-john/ks.yaml - container/ks-debug.yaml - templates/image-server/ks-nginx.yaml - templates/image-server/ks-pvc.yaml diff --git a/ubuntu-vm-3 john/ks.yaml b/ubuntu-vm-4-john/ks.yaml similarity index 83% rename from ubuntu-vm-3 john/ks.yaml rename to ubuntu-vm-4-john/ks.yaml index 152cdec..f117b31 100644 --- a/ubuntu-vm-3 john/ks.yaml +++ b/ubuntu-vm-4-john/ks.yaml @@ -1,13 +1,13 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: &app ubuntu-vm-2 + name: &app ubuntu-vm-4-john namespace: ${TENANT_NAMESPACE} spec: commonMetadata: labels: app.kubernetes.io/name: *app - path: ./ubuntu-vm-2/ubuntu + path: ./ubuntu-vm-4-john/ubuntu prune: true sourceRef: kind: GitRepository diff --git a/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml similarity index 94% rename from ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml rename to ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml index 1ac74ef..a7448b3 100644 --- a/ubuntu-vm-3 john/ubuntu/ubuntu-vm.yaml +++ b/ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml @@ -1,14 +1,14 @@ apiVersion: kubevirt.io/v1 kind: VirtualMachine metadata: - name: ubuntu-vm-3- + name: ubuntu-vm-4-john namespace: kubevirt-vms spec: running: true template: metadata: labels: - kubevirt.io/domain: ubuntu-vm-2 + kubevirt.io/domain: ubuntu-vm-4-john spec: domain: cpu: From c672e8e4349a4c0f58280eee515b219d7875b93f Mon Sep 17 00:00:00 2001 From: "maximilian.bartz" Date: Tue, 5 Aug 2025 14:02:08 +0200 Subject: [PATCH 33/34] added kustomization --- kustomization.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/kustomization.yaml b/kustomization.yaml index 2c02dd1..4ed98a0 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -12,6 +12,7 @@ resources: - ubuntu-vm-1/ks.yaml - ubuntu-vm-2/ks.yaml - ubuntu-vm-3/ks.yaml + - ubuntu-vm-4-john/ks.yaml - container/ks-debug.yaml - templates/image-server/ks-nginx.yaml - templates/image-server/ks-pvc.yaml From 766e20575b9bb31aff429df61c827e81f820dfb5 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 5 Aug 2025 23:19:18 +0000 Subject: [PATCH 34/34] feat(docker-image)!: Update quay.io/containerdisks/ubuntu Docker tag to v24 --- firewall-s3/vm/ksd/vm/strongswan.yaml | 2 +- ubuntu-vm-1/ubuntu/ubuntu-vm.yaml | 2 +- ubuntu-vm-2/ubuntu/ubuntu-vm.yaml | 2 +- ubuntu-vm-3/ubuntu/ubuntu-vm.yaml | 2 +- ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/firewall-s3/vm/ksd/vm/strongswan.yaml b/firewall-s3/vm/ksd/vm/strongswan.yaml index e346a59..8ef5371 100644 --- a/firewall-s3/vm/ksd/vm/strongswan.yaml +++ b/firewall-s3/vm/ksd/vm/strongswan.yaml @@ -57,7 +57,7 @@ spec: volumes: - name: containerdisk containerDisk: - image: quay.io/containerdisks/ubuntu:22.04 + image: quay.io/containerdisks/ubuntu:24.04 - name: cloudinitdisk cloudInitNoCloud: userData: | diff --git a/ubuntu-vm-1/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-1/ubuntu/ubuntu-vm.yaml index 31e1d2e..0591d23 100644 --- a/ubuntu-vm-1/ubuntu/ubuntu-vm.yaml +++ b/ubuntu-vm-1/ubuntu/ubuntu-vm.yaml @@ -33,7 +33,7 @@ spec: volumes: - name: containerdisk containerDisk: - image: quay.io/containerdisks/ubuntu:22.04 + image: quay.io/containerdisks/ubuntu:24.04 - name: cloudinitdisk cloudInitNoCloud: userData: | diff --git a/ubuntu-vm-2/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-2/ubuntu/ubuntu-vm.yaml index 78e909a..85e3a0d 100644 --- a/ubuntu-vm-2/ubuntu/ubuntu-vm.yaml +++ b/ubuntu-vm-2/ubuntu/ubuntu-vm.yaml @@ -33,7 +33,7 @@ spec: volumes: - name: containerdisk containerDisk: - image: quay.io/containerdisks/ubuntu:22.04 + image: quay.io/containerdisks/ubuntu:24.04 - name: cloudinitdisk cloudInitNoCloud: userData: | diff --git a/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml index ae02fee..1d08b69 100644 --- a/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml +++ b/ubuntu-vm-3/ubuntu/ubuntu-vm.yaml @@ -33,7 +33,7 @@ spec: volumes: - name: containerdisk containerDisk: - image: quay.io/containerdisks/ubuntu:22.04 + image: quay.io/containerdisks/ubuntu:24.04 - name: cloudinitdisk cloudInitNoCloud: userData: | diff --git a/ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml b/ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml index a7448b3..46a95e5 100644 --- a/ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml +++ b/ubuntu-vm-4-john/ubuntu/ubuntu-vm.yaml @@ -33,7 +33,7 @@ spec: volumes: - name: containerdisk containerDisk: - image: quay.io/containerdisks/ubuntu:22.04 + image: quay.io/containerdisks/ubuntu:24.04 - name: cloudinitdisk cloudInitNoCloud: userData: |