diff --git a/argo/cm.yaml b/argo/cm.yaml index d66f302..d7504ee 100644 --- a/argo/cm.yaml +++ b/argo/cm.yaml @@ -14,3 +14,10 @@ data: hs = {} hs.status = "Healthy" return hs + resource.exclusions: | + - apiGroups: + - "*" + kinds: + - "CiliumIdentity" + clusters: + - https://kubernetes.default.svc \ No newline at end of file diff --git a/argo/ingress.yaml b/argo/ingress.yaml index 5f1b81c..2c60c3d 100644 --- a/argo/ingress.yaml +++ b/argo/ingress.yaml @@ -5,8 +5,6 @@ metadata: name: argocd-ingress namespace: argocd annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" nginx.org/ssl-services: "argocd-server" spec: rules: diff --git a/examples/example-deployment.yaml b/examples/example-deployment.yaml index 18b9439..ff2791c 100644 --- a/examples/example-deployment.yaml +++ b/examples/example-deployment.yaml @@ -67,9 +67,7 @@ kind: Ingress metadata: name: example-ingress namespace: example - annotations: - spec.ingressClassName: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" + #annotations: # Use for Basic auth: #nginx.org/basic-auth-secret: example-basic-auth-secret # Use the following annotation if the backend only speaks HTTPS (fill out the service name accordingly): diff --git a/grafana/ingress.yaml b/grafana/ingress.yaml index ac4c83c..d15db77 100644 --- a/grafana/ingress.yaml +++ b/grafana/ingress.yaml @@ -4,10 +4,6 @@ kind: Ingress metadata: name: grafana-ingress namespace: grafana - annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" - #nginx.org/ssl-services: "grafana" spec: rules: - host: "grafana.apps.yolokube.de" diff --git a/prometheus/ingress.yaml b/prometheus/ingress.yaml index b21162e..bbec633 100644 --- a/prometheus/ingress.yaml +++ b/prometheus/ingress.yaml @@ -5,10 +5,7 @@ metadata: name: prometheus-ingress namespace: prometheus annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" nginx.org/basic-auth-secret: prometheus-basic-auth-secret - #nginx.org/ssl-services: "prometheus-server" spec: rules: - host: "prometheus.apps.yolokube.de" @@ -28,10 +25,7 @@ metadata: name: alertmanager-ingress namespace: prometheus annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" nginx.org/basic-auth-secret: prometheus-basic-auth-secret - #nginx.org/ssl-services: "prometheus-server" spec: rules: - host: "alertmanager.apps.yolokube.de" diff --git a/storage/dashboard.yaml b/storage/dashboard.yaml deleted file mode 100644 index 868c453..0000000 --- a/storage/dashboard.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: rook-dashboard-ingress - namespace: rook-ceph - annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" -spec: - rules: - - host: "rook.apps.yolokube.de" - http: - paths: - - pathType: Prefix - path: "/" - backend: - service: - name: rook-ceph-mgr-dashboard - port: - number: 80 \ No newline at end of file diff --git a/storage/storageclass.yaml b/storage/storageclass.yaml deleted file mode 100644 index 337c53e..0000000 --- a/storage/storageclass.yaml +++ /dev/null @@ -1,126 +0,0 @@ -### Create Block Storage ---- -apiVersion: ceph.rook.io/v1 -kind: CephBlockPool -metadata: - name: replicapool - namespace: rook-ceph -spec: - failureDomain: host - replicated: - size: 3 - quotas: - maxSize: "10Gi" ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: rook-ceph-block - annotations: - storageclass.kubernetes.io/is-default-class: "true" -# Change "rook-ceph" provisioner prefix to match the operator namespace if needed -provisioner: rook-ceph.rbd.csi.ceph.com -parameters: - # clusterID is the namespace where the rook cluster is running - clusterID: rook-ceph - # Ceph pool into which the RBD image shall be created - pool: replicapool - - # (optional) mapOptions is a comma-separated list of map options. - # For krbd options refer - # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options - # For nbd options refer - # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options - # mapOptions: lock_on_read,queue_depth=1024 - - # (optional) unmapOptions is a comma-separated list of unmap options. - # For krbd options refer - # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options - # For nbd options refer - # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options - # unmapOptions: force - - # RBD image format. Defaults to "2". - imageFormat: "2" - - # RBD image features - # Available for imageFormat: "2". Older releases of CSI RBD - # support only the `layering` feature. The Linux kernel (KRBD) supports the - # full complement of features as of 5.4 - # `layering` alone corresponds to Ceph's bitfield value of "2" ; - # `layering` + `fast-diff` + `object-map` + `deep-flatten` + `exclusive-lock` together - # correspond to Ceph's OR'd bitfield value of "63". Here we use - # a symbolic, comma-separated format: - # For 5.4 or later kernels: - #imageFeatures: layering,fast-diff,object-map,deep-flatten,exclusive-lock - # For 5.3 or earlier kernels: - imageFeatures: layering - - # The secrets contain Ceph admin credentials. - csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph - csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph - csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph - - # Specify the filesystem type of the volume. If not specified, csi-provisioner - # will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock - # in hyperconverged settings where the volume is mounted on the same node as the osds. - csi.storage.k8s.io/fstype: ext4 - -# Delete the rbd volume when a PVC is deleted -reclaimPolicy: Delete - -# Optional, if you want to add dynamic resize for PVC. -# For now only ext3, ext4, xfs resize support provided, like in Kubernetes itself. -allowVolumeExpansion: true - ---- -### Create Shared Filesystem -apiVersion: ceph.rook.io/v1 -kind: CephFilesystem -metadata: - name: rook-ceph-fs - namespace: rook-ceph -spec: - metadataPool: - replicated: - size: 3 - dataPools: - - name: cephfs-pool - replicated: - size: 3 - preserveFilesystemOnDelete: true - metadataServer: - activeCount: 1 - activeStandby: true ---- -apiVersion: storage.k8s.io/v1 -kind: StorageClass -metadata: - name: rook-cephfs -# Change "rook-ceph" provisioner prefix to match the operator namespace if needed -provisioner: rook-ceph.cephfs.csi.ceph.com -parameters: - # clusterID is the namespace where the rook cluster is running - # If you change this namespace, also change the namespace below where the secret namespaces are defined - clusterID: rook-ceph - - # CephFS filesystem name into which the volume shall be created - fsName: rook-ceph-fs - - # Ceph pool into which the volume shall be created - # Required for provisionVolume: "true" - pool: cephfs-pool - - # The secrets contain Ceph admin credentials. These are generated automatically by the operator - # in the same namespace as the cluster. - csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph - csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner - csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph - csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node - csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph - -reclaimPolicy: Delete diff --git a/storage/values.yaml b/storage/values.yaml deleted file mode 100644 index 1f9cd3e..0000000 --- a/storage/values.yaml +++ /dev/null @@ -1,7 +0,0 @@ -toolbox: - enabled: true -cephClusterSpec: - dashboard: - port: 80 - ssl: false - removeOSDsIfOutAndSafeToRemove: true diff --git a/tests/test-ingress.yaml b/tests/test-ingress.yaml index 8f75d3a..edbe3e5 100644 --- a/tests/test-ingress.yaml +++ b/tests/test-ingress.yaml @@ -37,9 +37,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: helloworld-ingress - annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" spec: rules: - host: "lb1.yolokube.de" @@ -100,9 +97,6 @@ kind: Ingress metadata: name: test1-ingress namespace: aaron-test - annotations: - kubernetes.io/ingress.class: nginx - ingress.kubernetes.io/ssl-redirect: "false" spec: rules: - host: "test1.apps.yolokube.de" @@ -157,9 +151,6 @@ kind: Ingress metadata: name: test2-ingress namespace: aaron-test - annotations: - kubernetes.io/ingress.class: nginx - ingress.kubernetes.io/ssl-redirect: "false" spec: rules: - host: "test2.apps.yolokube.de" diff --git a/tests/test-storage.yaml b/tests/test-storage.yaml index 6a1e191..2916d9c 100644 --- a/tests/test-storage.yaml +++ b/tests/test-storage.yaml @@ -68,9 +68,6 @@ kind: Ingress metadata: name: paste-ingress namespace: paste - annotations: - kubernetes.io/ingress.class: "nginx" - ingress.kubernetes.io/ssl-redirect: "false" spec: rules: - host: "paste.apps.yolokube.de"