add quotad - our small manager for quota elements

This commit is contained in:
Aaron Riedel 2023-09-17 20:08:11 +02:00
parent f720d00f0a
commit ac4f6be63d
Signed by: aaron
GPG key ID: 643004654D40D577
2 changed files with 133 additions and 0 deletions

View file

@ -141,3 +141,24 @@ spec:
automated: automated:
selfHeal: false selfHeal: false
prune: true prune: true
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: quota
namespace: argocd
spec:
project: default
source:
repoURL: https://git.ar21.de/yolokube/core-deployments.git
targetRevision: HEAD
path: quota
destination:
server: https://kubernetes.default.svc
namespace: quota
syncPolicy:
syncOptions:
- CreateNamespace=true
automated:
selfHeal: false
prune: true

112
quota/quotad.yaml Normal file
View file

@ -0,0 +1,112 @@
apiVersion: v1
kind: Namespace
metadata:
name: quotad
---
apiVersion: v1
kind: ConfigMap
metadata:
name: quotad-script
namespace: quotad
data:
quotad.sh: |
#!/usr/bin/env bash
set -eou pipefail
echo "-----------------------------------------"
echo "quotad script written by Aaron 17.09.2023"
echo "-----------------------------------------"
while read ns; do
ns=$(echo $ns | cut -d "/" -f 2)
echo -n "check if $ns has the unlimited label"
if [[ $(kubectl get ns $ns -o json | jq -r '.metadata.labels["yolokube.de/unlimited-quota"]') == "true" ]]; then
echo ": yes"
# remove the quota elements if they exist
kubectl delete -n $ns -f /quotad-script/default-quota.yaml --ignore-not-found=true
else
echo ": no"
# set the quota elements if they do not already exist
kubectl apply -n $ns -f /quotad-script/default-quota.yaml
fi
echo "-----------------------------------------"
done <<< $(kubectl get ns -o name)
default-quota.yaml: |
---
apiVersion: v1
kind: ResourceQuota
metadata:
name: pvc-quota
spec:
hard:
persistentvolumeclaims.storageclass.storage.k8s.io/longhorn: 50Gi
---
apiVersion: v1
kind: LimitRange
metadata:
name: storagelimits
spec:
limits:
- type: PersistentVolumeClaim
max:
storage: 10Gi
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: quotad
namespace: quotad
spec:
schedule: "*/2 * * * *"
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 3
jobTemplate:
spec:
ttlSecondsAfterFinished: 240
template:
spec:
volumes:
- name: quotad-script
configMap:
name: quotad-script
defaultMode: 0777
containers:
- name: quotad
image: bitnami/kubectl
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command: ["/bin/sh", "-c", "/quotad-script/quotad.sh"]
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /quotad-script
name: quotad-script
restartPolicy: Never
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: quotad-role
namespace: quotad
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "patch", "list"]
- apiGroups: [""]
resources: ["resourcequotas", "limitranges"]
verbs: ["get", "patch", "list", "create", "delete", "update"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: quotad-binding
namespace: quotad
subjects:
- kind: ServiceAccount
name: default
namespace: quotad
roleRef:
kind: ClusterRole
name: quotad-role
apiGroup: rbac.authorization.k8s.io