Merge branch 'main' into renovate/kube-prometheus-stack-59.x
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Tom Neuber 2024-05-28 17:54:53 +02:00
commit 4c9020a2e7
12 changed files with 98 additions and 10 deletions

View file

@ -2,6 +2,8 @@
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: argocd-ingress name: argocd-ingress
namespace: argocd namespace: argocd
spec: spec:
@ -15,4 +17,8 @@ spec:
service: service:
name: argocd-server name: argocd-server
port: port:
number: 80 number: 80
tls:
- hosts:
- argo.services.yolokube.de
secretName: argocd-tls-key

View file

@ -49,6 +49,8 @@ spec:
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: dashboard-ingress name: dashboard-ingress
namespace: dashboard namespace: dashboard
spec: spec:
@ -63,3 +65,7 @@ spec:
name: dashboard-service name: dashboard-service
port: port:
number: 80 number: 80
tls:
- hosts:
- dashboard.services.yolokube.de
secretName: dashboard-tls-key

View file

@ -5,5 +5,5 @@ kind: Kustomization
images: images:
- name: git.ar21.de/yolokube/dashboard - name: git.ar21.de/yolokube/dashboard
newName: git.ar21.de/yolokube/dashboard newName: git.ar21.de/yolokube/dashboard
newTag: "1110" newTag: "1113"
namespace: dashboard namespace: dashboard

View file

@ -5,7 +5,7 @@ kind: Kustomization
images: images:
- name: git.ar21.de/yolokube/dashboard - name: git.ar21.de/yolokube/dashboard
newName: git.ar21.de/yolokube/dashboard newName: git.ar21.de/yolokube/dashboard
newTag: staging-1107 newTag: staging-1111
namespace: dashboard-staging namespace: dashboard-staging
patches: patches:
- patch: |- - patch: |-
@ -15,6 +15,13 @@ patches:
target: target:
kind: Ingress kind: Ingress
name: dashboard-ingress name: dashboard-ingress
- patch: |-
- op: replace
path: /spec/tls/0/hosts/0
value: "dashboard-staging.services.yolokube.de"
target:
kind: Ingress
name: dashboard-ingress
- patch: |- - patch: |-
- op: replace - op: replace
path: /spec/replicas path: /spec/replicas

View file

@ -34,7 +34,7 @@ spec:
app: dashboard app: dashboard
spec: spec:
containers: containers:
- image: git.ar21.de/yolokube/dashboard:1110 - image: git.ar21.de/yolokube/dashboard:1113
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
httpGet: httpGet:
@ -49,6 +49,8 @@ spec:
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: dashboard-ingress name: dashboard-ingress
namespace: dashboard namespace: dashboard
spec: spec:
@ -63,3 +65,7 @@ spec:
number: 80 number: 80
path: / path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- dashboard.services.yolokube.de
secretName: dashboard-tls-key

View file

@ -34,7 +34,7 @@ spec:
app: dashboard app: dashboard
spec: spec:
containers: containers:
- image: git.ar21.de/yolokube/dashboard:staging-1107 - image: git.ar21.de/yolokube/dashboard:staging-1111
imagePullPolicy: Always imagePullPolicy: Always
livenessProbe: livenessProbe:
httpGet: httpGet:
@ -49,6 +49,8 @@ spec:
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: dashboard-ingress name: dashboard-ingress
namespace: dashboard-staging namespace: dashboard-staging
spec: spec:
@ -63,3 +65,7 @@ spec:
number: 80 number: 80
path: / path: /
pathType: Prefix pathType: Prefix
tls:
- hosts:
- dashboard-staging.services.yolokube.de
secretName: dashboard-tls-key

View file

@ -65,11 +65,12 @@ spec:
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
# Use for Basic auth:
# traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
name: example-ingress name: example-ingress
namespace: example namespace: example
#annotations:
# Use for Basic auth:
# traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
spec: spec:
rules: rules:
- host: "example.apps.yolokube.de" - host: "example.apps.yolokube.de"
@ -82,3 +83,7 @@ spec:
name: example-service name: example-service
port: port:
number: 80 number: 80
tls:
- hosts:
- example.apps.yolokube.de
secretName: example-tls-key

View file

@ -24,7 +24,10 @@ ingress:
enabled: true enabled: true
host: longhorn.services.yolokube.de host: longhorn.services.yolokube.de
annotations: annotations:
kubernetes.io/tls-acme: "true"
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
tls: true
tlsSecret: longhorn-tls-key
metrics: metrics:
serviceMonitor: serviceMonitor:
enabled: true enabled: true

View file

@ -60,6 +60,11 @@ alertmanager:
- alertmanager.services.yolokube.de - alertmanager.services.yolokube.de
annotations: annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tls:
- secretName: alertmanager-tls-key
hosts:
- alertmanager.services.yolokube.de
ingressPerReplica: ingressPerReplica:
pathType: ImplementationSpecific pathType: ImplementationSpecific
paths: paths:
@ -69,15 +74,25 @@ alertmanager:
hostDomain: services.yolokube.de hostDomain: services.yolokube.de
annotations: annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tlsSecretPerReplica:
enabled: true
prefix: alertmanager
servicePerReplica: servicePerReplica:
enabled: true enabled: true
podAntiAffinity: "hard" podAntiAffinity: "hard"
grafana: grafana:
defaultDashboardsTimezone: Europe/Berlin defaultDashboardsTimezone: Europe/Berlin
ingress: ingress:
annotations:
kubernetes.io/tls-acme: "true"
enabled: true enabled: true
hosts: hosts:
- grafana.services.yolokube.de - grafana.services.yolokube.de
tls:
- secretName: grafana-tls-key
hosts:
- grafana.services.yolokube.de
persistence: persistence:
enabled: true enabled: true
accessModes: accessModes:
@ -106,6 +121,11 @@ prometheus:
- prometheus.services.yolokube.de - prometheus.services.yolokube.de
annotations: annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tls:
- secretName: prometheus-tls-key
hosts:
- prometheus.services.yolokube.de
ingressPerReplica: ingressPerReplica:
pathType: ImplementationSpecific pathType: ImplementationSpecific
paths: paths:
@ -115,6 +135,10 @@ prometheus:
hostDomain: services.yolokube.de hostDomain: services.yolokube.de
annotations: annotations:
traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: traefik-basic-auth@kubernetescrd
kubernetes.io/tls-acme: "true"
tlsSecretPerReplica:
enabled: true
prefix: prometheus
prometheusSpec: prometheusSpec:
retentionSize: "45GB" retentionSize: "45GB"
replicas: 2 replicas: 2
@ -142,4 +166,4 @@ defaultRules:
customRules: customRules:
KubeNodeUnreachable: KubeNodeUnreachable:
for: 0m for: 0m
severity: "critical" severity: "critical"

View file

@ -44,6 +44,8 @@ spec:
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: test1-ingress name: test1-ingress
namespace: aaron-test namespace: aaron-test
spec: spec:
@ -58,3 +60,7 @@ spec:
name: test1-service name: test1-service
port: port:
number: 80 number: 80
tls:
- hosts:
- test.apps.yolokube.de
secretName: test1-tls-key

View file

@ -66,6 +66,8 @@ spec:
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
metadata: metadata:
annotations:
kubernetes.io/tls-acme: "true"
name: paste-ingress name: paste-ingress
namespace: paste namespace: paste
spec: spec:
@ -79,4 +81,8 @@ spec:
service: service:
name: paste-service name: paste-service
port: port:
number: 80 number: 80
tls:
- hosts:
- paste.apps.yolokube.de
secretName: paste-tls-key

View file

@ -0,0 +1,13 @@
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: traefik-cert
namespace: traefik
spec:
secretName: traefik-tls-key
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
dnsNames:
- traefik.services.yolokube.de