mirror of
https://github.com/ChristianLempa/boilerplates.git
synced 2024-11-24 17:24:25 +01:00
big update for kubernetes and helm templates
This commit is contained in:
parent
3d55786e36
commit
e3bf953cf7
@ -10,8 +10,10 @@ cainjector:
|
|||||||
image:
|
image:
|
||||||
repository: quay.io/jetstack/cert-manager-cainjector
|
repository: quay.io/jetstack/cert-manager-cainjector
|
||||||
tag: v1.16.0
|
tag: v1.16.0
|
||||||
|
|
||||||
crds:
|
crds:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
extraArgs:
|
extraArgs:
|
||||||
- --dns01-recursive-nameservers-only
|
- --dns01-recursive-nameservers-only
|
||||||
- --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53
|
- --dns01-recursive-nameservers=1.1.1.1:53,1.0.0.1:53
|
53
helm/longhorn/values.yaml
Normal file
53
helm/longhorn/values.yaml
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
---
|
||||||
|
image:
|
||||||
|
longhorn:
|
||||||
|
engine:
|
||||||
|
repository: "longhornio/longhorn-engine"
|
||||||
|
tag: "v1.7.2"
|
||||||
|
manager:
|
||||||
|
repository: "longhornio/longhorn-manager"
|
||||||
|
tag: "v1.7.2"
|
||||||
|
ui:
|
||||||
|
repository: "longhornio/longhorn-ui"
|
||||||
|
tag: "v1.7.2"
|
||||||
|
instanceManager:
|
||||||
|
repository: "longhornio/longhorn-instance-manager"
|
||||||
|
tag: "v1.7.2"
|
||||||
|
shareManager:
|
||||||
|
repository: "longhornio/longhorn-share-manager"
|
||||||
|
tag: "v1.7.2"
|
||||||
|
backingImageManager:
|
||||||
|
repository: "longhornio/backing-image-manager"
|
||||||
|
tag: "v1.7.2"
|
||||||
|
supportBundleKit:
|
||||||
|
repository: "longhornio/support-bundle-kit"
|
||||||
|
tag: "v0.0.45"
|
||||||
|
csi:
|
||||||
|
attacher:
|
||||||
|
repository: "longhornio/csi-attacher"
|
||||||
|
tag: "v4.7.0"
|
||||||
|
provisioner:
|
||||||
|
repository: "longhornio/csi-provisioner"
|
||||||
|
tag: "v5.1.0"
|
||||||
|
nodeDriverRegistrar:
|
||||||
|
repository: "longhornio/csi-node-driver-registrar"
|
||||||
|
tag: "v2.12.0"
|
||||||
|
resizer:
|
||||||
|
repository: "longhornio/csi-resizer"
|
||||||
|
tag: "v1.12.0"
|
||||||
|
snapshotter:
|
||||||
|
repository: "longhornio/csi-snapshotter"
|
||||||
|
tag: "v8.1.0"
|
||||||
|
livenessProbe:
|
||||||
|
repository: "longhornio/livenessprobe"
|
||||||
|
tag: "v2.14.0"
|
||||||
|
|
||||||
|
# --> (Optional) Reduce the number of replicas of Longhorn UI
|
||||||
|
# longhornUI:
|
||||||
|
# replicas: 1
|
||||||
|
# <--
|
||||||
|
|
||||||
|
# --> (Optional) Change the default settings, like Backup Target here...
|
||||||
|
# defaultSettings:
|
||||||
|
# backupTarget: "your-backup-target" # <-- Replace with your backup target
|
||||||
|
# <--
|
27
helm/portainer/values.yaml
Normal file
27
helm/portainer/values.yaml
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
---
|
||||||
|
image:
|
||||||
|
repository: portainer/portainer-ce
|
||||||
|
tag: 2.22.0
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
service:
|
||||||
|
type: ClusterIP
|
||||||
|
|
||||||
|
# --> (Optional) When you want to automatically create an Ingress
|
||||||
|
# ingress:
|
||||||
|
# enabled: true
|
||||||
|
# hosts:
|
||||||
|
# - host: "your-fqdn" # <-- Replace with your FQDN
|
||||||
|
# paths:
|
||||||
|
# - path: /
|
||||||
|
# port: "9000"
|
||||||
|
# tls:
|
||||||
|
# - secretName: portainer-certificate-secret
|
||||||
|
# hosts:
|
||||||
|
# - "your-fqdn" # <-- Replace with your FQDN
|
||||||
|
# <--
|
||||||
|
|
||||||
|
# --> (Optional) When using an existing PVC
|
||||||
|
# persistence:
|
||||||
|
# existingClaim: "portainer"
|
||||||
|
# <--
|
19
helm/traefik/values.yaml
Normal file
19
helm/traefik/values.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
image:
|
||||||
|
repository: traefik
|
||||||
|
version: v3.1.4
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
# --> (Optional) Change log settings here...
|
||||||
|
# logs:
|
||||||
|
# general:
|
||||||
|
# level: ERROR
|
||||||
|
# access:
|
||||||
|
# enabled: false
|
||||||
|
# <--
|
||||||
|
|
||||||
|
# --> (Optional) Redirect HTTP to HTTPs by default
|
||||||
|
# ports:
|
||||||
|
# web:
|
||||||
|
# redirectTo:
|
||||||
|
# port: websecure
|
||||||
|
# <--
|
@ -2,16 +2,16 @@
|
|||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: ClusterIssuer
|
kind: ClusterIssuer
|
||||||
metadata:
|
metadata:
|
||||||
name: clusterissuer # <-- Replace with your clsuterissuer name
|
name: cloudflare-clusterissuer
|
||||||
spec:
|
spec:
|
||||||
acme:
|
acme:
|
||||||
email: your-email@address # <-- Replace with your email address
|
email: your-email@address # <-- Replace with your email address
|
||||||
server: https://acme-v02.api.letsencrypt.org/directory
|
server: https://acme-v02.api.letsencrypt.org/directory
|
||||||
privateKeySecretRef:
|
privateKeySecretRef:
|
||||||
name: example-clusterissuer-account-key # <-- Replace with your secret name
|
name: cloudflare-clusterissuer-account-key
|
||||||
solvers:
|
solvers:
|
||||||
- dns01:
|
- dns01:
|
||||||
cloudflare:
|
cloudflare:
|
||||||
apiTokenSecretRef:
|
apiTokenSecretRef:
|
||||||
name: cloudflare-api-token-secret # <-- Replace with your secret name
|
name: cloudflare-api-token-secret
|
||||||
key: api-token
|
key: api-token
|
@ -1,18 +0,0 @@
|
|||||||
---
|
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Issuer
|
|
||||||
metadata:
|
|
||||||
name: issuer # <-- Replace with your issuer name
|
|
||||||
namespace: your-namespace # <-- Replace with your namespace
|
|
||||||
spec:
|
|
||||||
acme:
|
|
||||||
email: your-email@address # <-- Replace with your email address
|
|
||||||
server: https://acme-v02.api.letsencrypt.org/directory
|
|
||||||
privateKeySecretRef:
|
|
||||||
name: example-issuer-account-key # <-- Replace with your secret name
|
|
||||||
solvers:
|
|
||||||
- dns01:
|
|
||||||
cloudflare:
|
|
||||||
apiTokenSecretRef:
|
|
||||||
name: cloudflare-api-token-secret # <-- Replace with your secret name
|
|
||||||
key: api-token
|
|
@ -1,22 +0,0 @@
|
|||||||
apiVersion: apps/v1
|
|
||||||
kind: Deployment
|
|
||||||
metadata:
|
|
||||||
name: example-deployment
|
|
||||||
namespace: your-namespace
|
|
||||||
labels:
|
|
||||||
app: example-app
|
|
||||||
spec:
|
|
||||||
replicas: 3 # how many pods?
|
|
||||||
selector:
|
|
||||||
matchLabels:
|
|
||||||
app: example-app
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
app: example-app
|
|
||||||
spec:
|
|
||||||
containers:
|
|
||||||
- name: nginx
|
|
||||||
image: nginx:latest
|
|
||||||
ports:
|
|
||||||
- containerPort: 80
|
|
@ -1,12 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: example-service
|
|
||||||
namespace: your-namespace
|
|
||||||
spec:
|
|
||||||
selector:
|
|
||||||
app.kubernetes.io/name: MyApp
|
|
||||||
ports:
|
|
||||||
- protocol: TCP
|
|
||||||
port: 80
|
|
||||||
targetPort: 9376
|
|
13
kubernetes/longhorn/certificate.yaml
Normal file
13
kubernetes/longhorn/certificate.yaml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: longhorn-certificate
|
||||||
|
namespace: longhorn-system
|
||||||
|
spec:
|
||||||
|
secretName: longhorn-certificate-secret
|
||||||
|
dnsNames:
|
||||||
|
- your-fqdn # <-- Replace with your FQDN
|
||||||
|
issuerRef:
|
||||||
|
name: cloudflare-clusterissuer
|
||||||
|
kind: ClusterIssuer
|
17
kubernetes/longhorn/ingressroute.yaml
Normal file
17
kubernetes/longhorn/ingressroute.yaml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: longhorn-ingressroute
|
||||||
|
namespace: longhorn-system
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`your-fqdn`) # <-- Replace with your FQDN
|
||||||
|
kind: Rule
|
||||||
|
services:
|
||||||
|
- name: longhorn-frontend
|
||||||
|
port: 80
|
||||||
|
tls:
|
||||||
|
secretName: longhorn-certificate-secret
|
13
kubernetes/portainer/certificate.yaml
Normal file
13
kubernetes/portainer/certificate.yaml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
---
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: portainer-ingressroute-certificate
|
||||||
|
namespace: portainer
|
||||||
|
spec:
|
||||||
|
secretName: portainer-certificate-secret
|
||||||
|
issuerRef:
|
||||||
|
name: cloudflare-clusterissuer
|
||||||
|
kind: ClusterIssuer
|
||||||
|
dnsNames:
|
||||||
|
- your-fqdn # <-- Replace with your FQDN
|
17
kubernetes/portainer/ingressroute.yaml
Normal file
17
kubernetes/portainer/ingressroute.yaml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
---
|
||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: portainer-ingressroute
|
||||||
|
namespace: portainer
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`your-fqdn`) # <-- Replace with your FQDN
|
||||||
|
kind: Rule
|
||||||
|
services:
|
||||||
|
- name: portainer
|
||||||
|
port: 9000
|
||||||
|
tls:
|
||||||
|
secretName: portainer-certificate-secret
|
@ -1,29 +0,0 @@
|
|||||||
# Portainer Helm Chart Values Template
|
|
||||||
# ---
|
|
||||||
image:
|
|
||||||
repository: portainer/portainer-ce
|
|
||||||
tag: 2.22.0
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
|
|
||||||
replicas: 1 # Number of replicas
|
|
||||||
|
|
||||||
# (Choice) LoadBalancer or ClusterIP with optional Ingress
|
|
||||||
service:
|
|
||||||
type: LoadBalancer
|
|
||||||
# -- or --
|
|
||||||
# type: ClusterIP
|
|
||||||
|
|
||||||
# (Optional) Add Ingress, when using ClusterIP
|
|
||||||
ingress:
|
|
||||||
enabled: true
|
|
||||||
hosts:
|
|
||||||
- host: "portainer-test-1.kube-prod-2.home.clcreative.de"
|
|
||||||
paths:
|
|
||||||
- path: "/"
|
|
||||||
port: "9000"
|
|
||||||
# -- end
|
|
||||||
|
|
||||||
persistence:
|
|
||||||
enabled: true
|
|
||||||
# (Optional) Use an existing PVC
|
|
||||||
# existingClaim: portainer
|
|
@ -1,20 +0,0 @@
|
|||||||
apiVersion: traefik.io/v1alpha1
|
|
||||||
kind: IngressRoute
|
|
||||||
metadata:
|
|
||||||
name: ingressroute
|
|
||||||
# (Optional) Namespace
|
|
||||||
# namespace: your-namespace
|
|
||||||
# ---
|
|
||||||
spec:
|
|
||||||
entryPoints:
|
|
||||||
- web
|
|
||||||
- websecure
|
|
||||||
routes:
|
|
||||||
- match: Host(`your-hostname`)
|
|
||||||
kind: Rule
|
|
||||||
services:
|
|
||||||
- name: your-service
|
|
||||||
port: 80
|
|
||||||
# (Optional) TLS
|
|
||||||
# tls:
|
|
||||||
# secretName: your-tls-secret
|
|
@ -1,21 +0,0 @@
|
|||||||
apiVersion: traefik.io/v1alpha1
|
|
||||||
kind: IngressRouteTCP
|
|
||||||
metadata:
|
|
||||||
name: ingressroutetcp
|
|
||||||
# (Optional) Namespace
|
|
||||||
# namespace: your-namespace
|
|
||||||
# ---
|
|
||||||
spec:
|
|
||||||
entryPoints:
|
|
||||||
- web
|
|
||||||
- websecure
|
|
||||||
routes:
|
|
||||||
- match: HostSNI(`your-hostname-sni`)
|
|
||||||
priority: 10
|
|
||||||
services:
|
|
||||||
- name: your-service
|
|
||||||
port: 80
|
|
||||||
# (Optional) TLS Passthrough
|
|
||||||
# tls:
|
|
||||||
# passthrough: true
|
|
||||||
# ---
|
|
19
kubernetes/traefik/ingressroute.yaml.example
Normal file
19
kubernetes/traefik/ingressroute.yaml.example
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: IngressRoute
|
||||||
|
metadata:
|
||||||
|
name: your-ingressroute # <-- Replace with your IngressRoute name
|
||||||
|
namespace: your-namespace # <-- Replace with your namespace
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- web
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: Host(`your-fqdn`) # <-- Replace with your FQDN
|
||||||
|
kind: Rule
|
||||||
|
services:
|
||||||
|
- name: your-service # <-- Replace with your service name
|
||||||
|
port: 80
|
||||||
|
# --> (Optional) Add certificate secret
|
||||||
|
# tls:
|
||||||
|
# secretName: your-certificate-secret
|
||||||
|
# <--
|
19
kubernetes/traefik/ingressroutetcp.yaml.example
Normal file
19
kubernetes/traefik/ingressroutetcp.yaml.example
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: traefik.io/v1alpha1
|
||||||
|
kind: IngressRouteTCP
|
||||||
|
metadata:
|
||||||
|
name: your-ingressroutetcp # <-- Replace with your IngressRouteTCP name
|
||||||
|
namespace: your-namespace # <-- Replace with your namespace
|
||||||
|
spec:
|
||||||
|
entryPoints:
|
||||||
|
- web
|
||||||
|
- websecure
|
||||||
|
routes:
|
||||||
|
- match: HostSNI(`your-sni`) # <-- Replace with your SNI
|
||||||
|
priority: 10 # <-- (Optional) change rule priority
|
||||||
|
services:
|
||||||
|
- name: your-service # <-- Replace with your service name
|
||||||
|
port: 80
|
||||||
|
# --> (Optional) Enable TLS Passthrough
|
||||||
|
# tls:
|
||||||
|
# passthrough: true
|
||||||
|
# <--
|
@ -1,54 +0,0 @@
|
|||||||
# Traefik Helm Chart Values Template
|
|
||||||
# ---
|
|
||||||
image:
|
|
||||||
repository: traefik
|
|
||||||
version: v3.1.4
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
|
|
||||||
# (Optional) Log settings
|
|
||||||
# logs:
|
|
||||||
# general:
|
|
||||||
# level: ERROR
|
|
||||||
# access:
|
|
||||||
# enabled: false
|
|
||||||
|
|
||||||
# (Optional) Change number of replicas
|
|
||||||
# deployment:
|
|
||||||
# replicas: 1
|
|
||||||
|
|
||||||
# (Optional) Enable Prometheus Metrics, requires metrics port to be exposed!
|
|
||||||
# metrics:
|
|
||||||
# prometheus:
|
|
||||||
# entryPoint: metrics
|
|
||||||
|
|
||||||
# Configure EntryPoints
|
|
||||||
ports:
|
|
||||||
web:
|
|
||||||
# StandardHTTP
|
|
||||||
port: 8000
|
|
||||||
exposed: true
|
|
||||||
exposedPort: 80
|
|
||||||
# (Optional) Redirect HTTP to HTTPs by default
|
|
||||||
# redirectTo:
|
|
||||||
# port: websecure
|
|
||||||
websecure:
|
|
||||||
# Standard HTTPS
|
|
||||||
port: 8443
|
|
||||||
exposed: true
|
|
||||||
exposedPort: 443
|
|
||||||
tls:
|
|
||||||
enabled: true
|
|
||||||
# (Optional) Enable HTTP3
|
|
||||||
# http3:
|
|
||||||
# enabled: false
|
|
||||||
# (Optional) When enabled Prometheus Metrics will be exposed on this port
|
|
||||||
# metrics:
|
|
||||||
# Prometheus Metrics
|
|
||||||
# port: 9100
|
|
||||||
# exposed: false
|
|
||||||
# exposedPort: 9100
|
|
||||||
|
|
||||||
# Create a default IngressClass
|
|
||||||
ingressClass:
|
|
||||||
enabled: true
|
|
||||||
isDefaultClass: true
|
|
@ -110,6 +110,29 @@
|
|||||||
"allowedVersions": "!/^v?2\\.19\\.10$/"
|
"allowedVersions": "!/^v?2\\.19\\.10$/"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"customManagers": [
|
||||||
|
{
|
||||||
|
"customType": "regex",
|
||||||
|
"description": "Update Longhorn images in Helm",
|
||||||
|
"fileMatch": ["(^|/)helm/longhorn/.+\\.yaml$"],
|
||||||
|
"matchStrings": [
|
||||||
|
"engine:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"manager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"ui:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"instanceManager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"shareManager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"backingImageManager:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"supportBundleKit:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"attacher:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"provisioner:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"nodeDriverRegistrar:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"resizer:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"snapshotter:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?",
|
||||||
|
"livenessProbe:\\s*repository:\\s*\"?(?<depName>[^\"]+)\"?\\s*tag:\\s*\"?(?<currentValue>[^\"]+)\"?"
|
||||||
|
],
|
||||||
|
"datasourceTemplate": "docker"
|
||||||
|
}
|
||||||
|
],
|
||||||
"separateMinorPatch": true,
|
"separateMinorPatch": true,
|
||||||
"stopUpdatingLabel": "renovate/stop_updating"
|
"stopUpdatingLabel": "renovate/stop_updating"
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user