further trim down the ingress ressource to the bare minimum
This commit is contained in:
parent
ca710e2013
commit
115c128c60
10 changed files with 8 additions and 181 deletions
|
@ -14,3 +14,10 @@ data:
|
|||
hs = {}
|
||||
hs.status = "Healthy"
|
||||
return hs
|
||||
resource.exclusions: |
|
||||
- apiGroups:
|
||||
- "*"
|
||||
kinds:
|
||||
- "CiliumIdentity"
|
||||
clusters:
|
||||
- https://kubernetes.default.svc
|
|
@ -5,8 +5,6 @@ metadata:
|
|||
name: argocd-ingress
|
||||
namespace: argocd
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
nginx.org/ssl-services: "argocd-server"
|
||||
spec:
|
||||
rules:
|
||||
|
|
|
@ -67,9 +67,7 @@ kind: Ingress
|
|||
metadata:
|
||||
name: example-ingress
|
||||
namespace: example
|
||||
annotations:
|
||||
spec.ingressClassName: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
#annotations:
|
||||
# Use for Basic auth:
|
||||
#nginx.org/basic-auth-secret: example-basic-auth-secret
|
||||
# Use the following annotation if the backend only speaks HTTPS (fill out the service name accordingly):
|
||||
|
|
|
@ -4,10 +4,6 @@ kind: Ingress
|
|||
metadata:
|
||||
name: grafana-ingress
|
||||
namespace: grafana
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
#nginx.org/ssl-services: "grafana"
|
||||
spec:
|
||||
rules:
|
||||
- host: "grafana.apps.yolokube.de"
|
||||
|
|
|
@ -5,10 +5,7 @@ metadata:
|
|||
name: prometheus-ingress
|
||||
namespace: prometheus
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
nginx.org/basic-auth-secret: prometheus-basic-auth-secret
|
||||
#nginx.org/ssl-services: "prometheus-server"
|
||||
spec:
|
||||
rules:
|
||||
- host: "prometheus.apps.yolokube.de"
|
||||
|
@ -28,10 +25,7 @@ metadata:
|
|||
name: alertmanager-ingress
|
||||
namespace: prometheus
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
nginx.org/basic-auth-secret: prometheus-basic-auth-secret
|
||||
#nginx.org/ssl-services: "prometheus-server"
|
||||
spec:
|
||||
rules:
|
||||
- host: "alertmanager.apps.yolokube.de"
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: rook-dashboard-ingress
|
||||
namespace: rook-ceph
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
spec:
|
||||
rules:
|
||||
- host: "rook.apps.yolokube.de"
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: rook-ceph-mgr-dashboard
|
||||
port:
|
||||
number: 80
|
|
@ -1,126 +0,0 @@
|
|||
### Create Block Storage
|
||||
---
|
||||
apiVersion: ceph.rook.io/v1
|
||||
kind: CephBlockPool
|
||||
metadata:
|
||||
name: replicapool
|
||||
namespace: rook-ceph
|
||||
spec:
|
||||
failureDomain: host
|
||||
replicated:
|
||||
size: 3
|
||||
quotas:
|
||||
maxSize: "10Gi"
|
||||
---
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: rook-ceph-block
|
||||
annotations:
|
||||
storageclass.kubernetes.io/is-default-class: "true"
|
||||
# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
|
||||
provisioner: rook-ceph.rbd.csi.ceph.com
|
||||
parameters:
|
||||
# clusterID is the namespace where the rook cluster is running
|
||||
clusterID: rook-ceph
|
||||
# Ceph pool into which the RBD image shall be created
|
||||
pool: replicapool
|
||||
|
||||
# (optional) mapOptions is a comma-separated list of map options.
|
||||
# For krbd options refer
|
||||
# https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
|
||||
# For nbd options refer
|
||||
# https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
|
||||
# mapOptions: lock_on_read,queue_depth=1024
|
||||
|
||||
# (optional) unmapOptions is a comma-separated list of unmap options.
|
||||
# For krbd options refer
|
||||
# https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
|
||||
# For nbd options refer
|
||||
# https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
|
||||
# unmapOptions: force
|
||||
|
||||
# RBD image format. Defaults to "2".
|
||||
imageFormat: "2"
|
||||
|
||||
# RBD image features
|
||||
# Available for imageFormat: "2". Older releases of CSI RBD
|
||||
# support only the `layering` feature. The Linux kernel (KRBD) supports the
|
||||
# full complement of features as of 5.4
|
||||
# `layering` alone corresponds to Ceph's bitfield value of "2" ;
|
||||
# `layering` + `fast-diff` + `object-map` + `deep-flatten` + `exclusive-lock` together
|
||||
# correspond to Ceph's OR'd bitfield value of "63". Here we use
|
||||
# a symbolic, comma-separated format:
|
||||
# For 5.4 or later kernels:
|
||||
#imageFeatures: layering,fast-diff,object-map,deep-flatten,exclusive-lock
|
||||
# For 5.3 or earlier kernels:
|
||||
imageFeatures: layering
|
||||
|
||||
# The secrets contain Ceph admin credentials.
|
||||
csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner
|
||||
csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
|
||||
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner
|
||||
csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
|
||||
csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node
|
||||
csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
|
||||
|
||||
# Specify the filesystem type of the volume. If not specified, csi-provisioner
|
||||
# will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock
|
||||
# in hyperconverged settings where the volume is mounted on the same node as the osds.
|
||||
csi.storage.k8s.io/fstype: ext4
|
||||
|
||||
# Delete the rbd volume when a PVC is deleted
|
||||
reclaimPolicy: Delete
|
||||
|
||||
# Optional, if you want to add dynamic resize for PVC.
|
||||
# For now only ext3, ext4, xfs resize support provided, like in Kubernetes itself.
|
||||
allowVolumeExpansion: true
|
||||
|
||||
---
|
||||
### Create Shared Filesystem
|
||||
apiVersion: ceph.rook.io/v1
|
||||
kind: CephFilesystem
|
||||
metadata:
|
||||
name: rook-ceph-fs
|
||||
namespace: rook-ceph
|
||||
spec:
|
||||
metadataPool:
|
||||
replicated:
|
||||
size: 3
|
||||
dataPools:
|
||||
- name: cephfs-pool
|
||||
replicated:
|
||||
size: 3
|
||||
preserveFilesystemOnDelete: true
|
||||
metadataServer:
|
||||
activeCount: 1
|
||||
activeStandby: true
|
||||
---
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: rook-cephfs
|
||||
# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
|
||||
provisioner: rook-ceph.cephfs.csi.ceph.com
|
||||
parameters:
|
||||
# clusterID is the namespace where the rook cluster is running
|
||||
# If you change this namespace, also change the namespace below where the secret namespaces are defined
|
||||
clusterID: rook-ceph
|
||||
|
||||
# CephFS filesystem name into which the volume shall be created
|
||||
fsName: rook-ceph-fs
|
||||
|
||||
# Ceph pool into which the volume shall be created
|
||||
# Required for provisionVolume: "true"
|
||||
pool: cephfs-pool
|
||||
|
||||
# The secrets contain Ceph admin credentials. These are generated automatically by the operator
|
||||
# in the same namespace as the cluster.
|
||||
csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner
|
||||
csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
|
||||
csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner
|
||||
csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
|
||||
csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node
|
||||
csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
|
||||
|
||||
reclaimPolicy: Delete
|
|
@ -1,7 +0,0 @@
|
|||
toolbox:
|
||||
enabled: true
|
||||
cephClusterSpec:
|
||||
dashboard:
|
||||
port: 80
|
||||
ssl: false
|
||||
removeOSDsIfOutAndSafeToRemove: true
|
|
@ -37,9 +37,6 @@ apiVersion: networking.k8s.io/v1
|
|||
kind: Ingress
|
||||
metadata:
|
||||
name: helloworld-ingress
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
spec:
|
||||
rules:
|
||||
- host: "lb1.yolokube.de"
|
||||
|
@ -100,9 +97,6 @@ kind: Ingress
|
|||
metadata:
|
||||
name: test1-ingress
|
||||
namespace: aaron-test
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
spec:
|
||||
rules:
|
||||
- host: "test1.apps.yolokube.de"
|
||||
|
@ -157,9 +151,6 @@ kind: Ingress
|
|||
metadata:
|
||||
name: test2-ingress
|
||||
namespace: aaron-test
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
spec:
|
||||
rules:
|
||||
- host: "test2.apps.yolokube.de"
|
||||
|
|
|
@ -68,9 +68,6 @@ kind: Ingress
|
|||
metadata:
|
||||
name: paste-ingress
|
||||
namespace: paste
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: "nginx"
|
||||
ingress.kubernetes.io/ssl-redirect: "false"
|
||||
spec:
|
||||
rules:
|
||||
- host: "paste.apps.yolokube.de"
|
||||
|
|
Loading…
Reference in a new issue