AverageMarcus/cluster.fun
1
0
Fork 0
Code Issues 1 Pull Requests 3 Releases Activity

Compare commits

base: AverageMarcus:e01e72641d63da66f1025f522fa7f98080ead0f3
Branches Tags
AverageMarcus:master AverageMarcus:renovate/rancher-mirrored-library-traefik-3.x AverageMarcus:renovate/grafana-promtail-3.x AverageMarcus:renovate/prom-node-exporter-1.x AverageMarcus:increase_cluster_max
...
compare: AverageMarcus:increase_cluster_max
Branches Tags
AverageMarcus:renovate/rancher-mirrored-library-traefik-3.x AverageMarcus:renovate/grafana-promtail-3.x AverageMarcus:renovate/prom-node-exporter-1.x AverageMarcus:master AverageMarcus:increase_cluster_max

13 Commits
e01e72641d ... increase_c

Author SHA1 Message Date
Marcus Noble
1e2ffc0717 Use project name in run name 2020-06-07 16:00:49 +01:00
Marcus Noble
2143baff65 Added credentials 2020-06-07 16:00:37 +01:00
Marcus Noble
15afc432d2 Increase max number of worker nodes to 3
Some checks are pending
CI PR Checks...
 2020-06-07 14:21:10 +01:00
Marcus Noble
4a383437f3 Fixed Makefile 2020-06-07 14:19:09 +01:00
Marcus Noble
d42758f54c Fixed PR CI jobs 2020-06-07 14:18:58 +01:00
Marcus Noble
7a4b1c96bc Enabled Traefik access logs 2020-06-06 22:04:20 +01:00
Marcus Noble
f18a30cd3e Update website-to-remarkable 2020-06-06 15:54:32 +01:00
Marcus Noble
34fd00ae91 Remove Chloes blog 2020-06-06 15:54:11 +01:00
Marcus Noble
2f5659def7 Remove all CPU limitations on pods 2020-06-06 15:24:56 +01:00
Marcus Noble
0f0c30b9be Removed goldilocks chart 2020-06-05 22:56:19 +01:00
Marcus Noble
471b6bc67e More resource tweaks 2020-06-05 22:51:40 +01:00
Marcus Noble
f0d29be3f7 Cleanup pipeline runs 2020-06-05 22:49:21 +01:00
Marcus Noble
43c8b7b61e Updated a bunch of resources 
Added Goldilocks to keep an eye on suggested improvements
 2020-06-05 22:17:50 +01:00
25 changed files with 165 additions and 96 deletions
Expand all files Collapse all files

10
Makefile
View File

@@ -17,7 +17,7 @@ format:
.PHONY: run-tests # Runs all tests .PHONY: run-tests # Runs all tests
run-tests: run-tests:
@echo "⚠️ 'run-tests' unimplemented" @cd terraform && terraform plan
.PHONY: fetch-deps # Fetch all project dependencies .PHONY: fetch-deps # Fetch all project dependencies
fetch-deps: fetch-deps:
@@ -41,11 +41,9 @@ run:
.PHONY: ci # Perform CI specific tasks to perform on a pull request .PHONY: ci # Perform CI specific tasks to perform on a pull request
ci: ci:
@cd terraform @PLAN=$(cd terraform && terraform plan ./terraform) && curl -X "POST" "https://git.cluster.fun/api/v1/repos/AverageMarcus/${REPO}/issues/${PR_ID}/comments?access_token=${ACCESS_TOKEN}" \
@PLAN=$(terraform plan)
@curl -X "POST" "https://git.cluster.fun/api/v1/repos/AverageMarcus/${REPO}/issues/${PR_ID}/comments?access_token=${ACCESS_TOKEN}" \
-H 'Content-Type: application/json; charset=utf-8' \ -H 'Content-Type: application/json; charset=utf-8' \
-d $'{"body": "<details><summary>Terraform Plan:</summary>'$PLAN'</details>"}' -d $'{"body": "<details><summary>Terraform Plan:</summary>'"$PLAN"'</details>"}'
.PHONY: release # Release the latest version of the application .PHONY: release # Release the latest version of the application
release: release:
@@ -60,4 +58,4 @@ help:
@echo "-----------------------------------" @echo "-----------------------------------"
@grep '^.PHONY: .* #' Makefile | sed 's/\.PHONY: \(.*\) # \(.*\)/\1 \2/' | expand -t20 @grep '^.PHONY: .* #' Makefile | sed 's/\.PHONY: \(.*\) # \(.*\)/\1 \2/' | expand -t20
default: test build default: test

7
manifests/blackhole.yaml
View File

@@ -36,8 +36,11 @@ spec:
name: web name: web
resources: resources:
limits: limits:
memory: 20Mi memory: 10Mi
cpu: 10m
requests:
memory: 10Mi
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress

5
manifests/blog.yaml
View File

@@ -39,6 +39,11 @@ spec:
ports: ports:
- containerPort: 8000 - containerPort: 8000
name: web name: web
resources:
limits:
memory: 200Mi
requests:
memory: 200Mi
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress

5
manifests/buzzers.yaml
View File

@@ -39,6 +39,11 @@ spec:
ports: ports:
- containerPort: 80 - containerPort: 80
name: web name: web
resources:
limits:
memory: 283Mi
requests:
memory: 283Mi
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress

5
manifests/cctv.yaml
View File

@@ -64,6 +64,11 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
protocol: TCP protocol: TCP
resources:
limits:
memory: 50Mi
requests:
memory: 50Mi
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service

4
manifests/certmanager_chart.yaml
View File

@@ -22,10 +22,10 @@ spec:
installCRDs: "true" installCRDs: "true"
resources: resources:
requests: requests:
cpu: 10m
memory: 32Mi memory: 32Mi
limits: limits:
cpu: 20m
memory: 64Mi memory: 64Mi
--- ---

2
manifests/cors-proxy.yaml
View File

@@ -23,7 +23,7 @@ metadata:
name: cors-proxy name: cors-proxy
namespace: cors-proxy namespace: cors-proxy
spec: spec:
replicas: 2 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: cors-proxy app: cors-proxy

5
manifests/dashboard.yaml
View File

@@ -54,6 +54,11 @@ spec:
ports: ports:
- containerPort: 80 - containerPort: 80
name: web name: web
resources:
limits:
memory: 50Mi
requests:
memory: 50Mi
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress

5
manifests/downloads.yaml
View File

@@ -64,6 +64,11 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
protocol: TCP protocol: TCP
resources:
limits:
memory: 250Mi
requests:
memory: 250Mi
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service

67
manifests/ghost_chart.yaml
View File

@@ -1,67 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: ghost
---
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
name: ghost
namespace: ghost
spec:
chart:
repository: https://charts.bitnami.com/bitnami
name: ghost
version: 10.0.2
maxHistory: 4
values:
ghostHost: www.chloehiggins.co.uk
ghostUsername: chloe
ghostEmail: ghost@chloes.email
ghostBlogTitle: "Chloe's Website"
service:
type: ClusterIP
mariadb:
master:
persistence:
enabled: true
size: 1Gi
persistence:
enabled: true
size: 1Gi
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: ghost
namespace: ghost
annotations:
cert-manager.io/cluster-issuer: letsencrypt
traefik.ingress.kubernetes.io/frontend-entry-points: http,https
traefik.ingress.kubernetes.io/redirect-entry-point: https
traefik.ingress.kubernetes.io/redirect-permanent: "true"
spec:
tls:
- hosts:
- www.chloehiggins.co.uk
- chloehiggins.co.uk
secretName: ghost-ingress
rules:
- host: www.chloehiggins.co.uk
http:
paths:
- path: /
backend:
serviceName: ghost-ghost
servicePort: 80
- host: chloehiggins.co.uk
http:
paths:
- path: /
backend:
serviceName: ghost-ghost
servicePort: 80

2
manifests/gitea.yaml
View File

@@ -80,7 +80,7 @@ spec:
resources: resources:
requests: requests:
memory: 400Mi memory: 400Mi
cpu: 10m
volumeMounts: volumeMounts:
- mountPath: /data - mountPath: /data
name: git-data name: git-data

6
manifests/harbor_chart.yaml
View File

@@ -37,25 +37,21 @@ spec:
resources: resources:
requests: requests:
memory: 64Mi memory: 64Mi
cpu: 10m
core: core:
resources: resources:
requests: requests:
memory: 64Mi memory: 64Mi
cpu: 10m
jobservice: jobservice:
resources: resources:
requests: requests:
memory: 64Mi memory: 64Mi
cpu: 10m
registry: registry:
registry: registry:
resources: resources:
requests: requests:
memory: 64Mi memory: 64Mi
cpu: 10m
controller: controller:
resources: resources:
requests: requests:
memory: 64Mi memory: 64Mi
cpu: 10m

5
manifests/kube-janitor.yaml
View File

@@ -53,11 +53,11 @@ data:
rules.yaml: |- rules.yaml: |-
rules: rules:
- id: tekton-tasks - id: tekton-tasks
# remove deployments and statefulsets without a label "application"
resources: resources:
- pods - pods
- pipelineruns
jmespath: "(metadata.labels.\"tekton.dev/pipeline\")" jmespath: "(metadata.labels.\"tekton.dev/pipeline\")"
ttl: 1h ttl: 3h
--- ---
@@ -93,7 +93,6 @@ spec:
limits: limits:
memory: 100Mi memory: 100Mi
requests: requests:
cpu: 5m
memory: 100Mi memory: 100Mi
securityContext: securityContext:
readOnlyRootFilesystem: true readOnlyRootFilesystem: true

2
manifests/nextcloud_chart.yaml
View File

@@ -58,4 +58,4 @@ spec:
resources: resources:
requests: requests:
memory: 500Mi memory: 500Mi
cpu: 50m

7
manifests/qr.yaml
View File

@@ -23,7 +23,7 @@ metadata:
name: qr name: qr
namespace: qr namespace: qr
spec: spec:
replicas: 2 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: qr app: qr
@@ -39,6 +39,11 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
name: web name: web
resources:
limits:
memory: 100Mi
requests:
memory: 100Mi
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress

5
manifests/rss.yaml
View File

@@ -65,6 +65,11 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
name: web name: web
resources:
limits:
memory: 308Mi
requests:
memory: 308Mi
volumeMounts: volumeMounts:
- mountPath: /data - mountPath: /data
name: storage name: storage

59
manifests/traefik-lb.yaml
View File

@@ -14,3 +14,62 @@ spec:
port: 443 port: 443
name: https name: https
type: LoadBalancer type: LoadBalancer
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
k8s-app: traefik-ingress-lb
k8s.scw.cloud/ingress: traefik
k8s.scw.cloud/object: DaemonSet
k8s.scw.cloud/system: ingress
name: ingress-traefik
namespace: kube-system
spec:
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: traefik-ingress-lb
template:
metadata:
labels:
k8s-app: traefik-ingress-lb
name: ingress-traefik
spec:
containers:
- args:
- --api
- --kubernetes
- --logLevel=INFO
- --defaultentrypoints=http,https
- --entrypoints=Name:https Address::443 TLS
- --entrypoints=Name:http Address::80
- --accesslog
- --accesslog.format=json
image: docker.io/traefik:1.7
imagePullPolicy: IfNotPresent
name: ingress-traefik
ports:
- containerPort: 80
hostPort: 80
name: http
protocol: TCP
- containerPort: 443
hostPort: 443
name: https
protocol: TCP
- containerPort: 8080
name: admin
protocol: TCP
securityContext:
capabilities:
add:
- NET_BIND_SERVICE
drop:
- ALL
dnsPolicy: ClusterFirst
restartPolicy: Always
serviceAccount: ingress-traefik
serviceAccountName: ingress-traefik

26
manifests/twitter-profile-pic.yaml
View File

@@ -4,6 +4,17 @@ metadata:
name: twitter-profile-pic name: twitter-profile-pic
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret
metadata:
name: twitter-profile-pic
namespace: twitter-profile-pic
annotations:
kube-1password: d2rt56v47q2wij47qgj27umrky
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .env
type: Opaque
---
apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: twitter-profile-pic name: twitter-profile-pic
@@ -23,7 +34,7 @@ metadata:
name: twitter-profile-pic name: twitter-profile-pic
namespace: twitter-profile-pic namespace: twitter-profile-pic
spec: spec:
replicas: 2 replicas: 1
selector: selector:
matchLabels: matchLabels:
app: twitter-profile-pic app: twitter-profile-pic
@@ -39,6 +50,19 @@ spec:
ports: ports:
- containerPort: 9090 - containerPort: 9090
name: web name: web
resources:
limits:
memory: 250Mi
requests:
memory: 250Mi
volumeMounts:
- name: dotenv
mountPath: /app/.env
subPath: .env
volumes:
- name: dotenv
secret:
secretName: twitter-profile-pic
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Ingress kind: Ingress

8
manifests/website-to-remarkable.yaml
View File

@@ -34,6 +34,9 @@ spec:
- port: 80 - port: 80
targetPort: 8080 targetPort: 8080
name: web name: web
- port: 8000
targetPort: 8000
name: noauth
selector: selector:
app: website-to-remarkable app: website-to-remarkable
--- ---
@@ -92,6 +95,11 @@ spec:
ports: ports:
- containerPort: 8080 - containerPort: 8080
protocol: TCP protocol: TCP
resources:
limits:
memory: 125Mi
requests:
memory: 125Mi
- name: web - name: web
image: docker.cluster.fun/averagemarcus/website-to-remarkable:latest image: docker.cluster.fun/averagemarcus/website-to-remarkable:latest
imagePullPolicy: Always imagePullPolicy: Always

14
tekton/pipelines/pr.yaml
View File

@@ -39,6 +39,12 @@ spec:
params: params:
- name: TARGET - name: TARGET
value: "test" value: "test"
- name: REPO
value: $(params.projectname)
- name: PR_ID
value: $(params.prid)
- name: SHA
value: $(params.gitrevision)
resources: resources:
inputs: inputs:
- name: src - name: src
@@ -55,6 +61,12 @@ spec:
params: params:
- name: TARGET - name: TARGET
value: "build" value: "build"
- name: REPO
value: $(params.projectname)
- name: PR_ID
value: $(params.prid)
- name: SHA
value: $(params.gitrevision)
resources: resources:
inputs: inputs:
- name: src - name: src
@@ -75,6 +87,8 @@ spec:
value: $(params.projectname) value: $(params.projectname)
- name: PR_ID - name: PR_ID
value: $(params.prid) value: $(params.prid)
- name: SHA
value: $(params.gitrevision)
resources: resources:
inputs: inputs:
- name: src - name: src

4
tekton/tasks/pr-status.yaml
View File

@@ -14,7 +14,7 @@ spec:
default: "pending" default: "pending"
steps: steps:
- name: pr-status-update - name: pr-status-update
image: docker.cluster.fun/averagemarcus/gitea-pr-state:latest image: docker.cluster.fun/averagemarcus/gitea-pr-status:latest
env: env:
- name: ACCESS_TOKEN - name: ACCESS_TOKEN
valueFrom: valueFrom:
@@ -22,6 +22,6 @@ spec:
name: gitea-access-token name: gitea-access-token
key: access-token key: access-token
args: args:
- "$(params.REPO)" - "AverageMarcus/$(params.REPO)"
- "$(params.SHA)" - "$(params.SHA)"
- "$(params.STATE)" - "$(params.STATE)"

2
tekton/triggertemplates/deploy.yaml
View File

@@ -22,7 +22,7 @@ spec:
- apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
kind: PipelineRun kind: PipelineRun
metadata: metadata:
generateName: deploy-project- generateName: deploy-$(params.projectname)-
spec: spec:
pipelineRef: pipelineRef:
name: deploy-project name: deploy-project

2
tekton/triggertemplates/pr.yaml
View File

@@ -21,7 +21,7 @@ spec:
- apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
kind: PipelineRun kind: PipelineRun
metadata: metadata:
generateName: pr-project- generateName: pr-$(params.projectname)-
spec: spec:
pipelineRef: pipelineRef:
name: pr-project name: pr-project

2
tekton/triggertemplates/tag.yaml
View File

@@ -22,7 +22,7 @@ spec:
- apiVersion: tekton.dev/v1beta1 - apiVersion: tekton.dev/v1beta1
kind: PipelineRun kind: PipelineRun
metadata: metadata:
generateName: project-tag- generateName: tag-$(params.projectname)-
spec: spec:
pipelineRef: pipelineRef:
name: project-tag name: project-tag

2
terraform/kubernetes-cluster.tf
View File

@@ -19,7 +19,7 @@ resource "scaleway_k8s_pool_beta" "k8s-cluster-pool-1" {
node_type = "DEV1-M" node_type = "DEV1-M"
size = 1 size = 1
min_size = 1 min_size = 1
max_size = 2 max_size = 3
autoscaling = true autoscaling = true
autohealing = true autohealing = true