From 362bce2034f5595f3e7bcb0e6a154507f62b2808 Mon Sep 17 00:00:00 2001 From: Oscar Romeu Date: Wed, 15 May 2024 19:48:04 +0200 Subject: [PATCH] feat: deploy fleet --- .../apps/dev/fleet/app/externalsecret.yaml | 24 ++++++++ .../apps/dev/fleet/app/helmrelease.yaml | 61 +++++++++++++++++++ .../apps/dev/fleet/app/kustomization.yaml | 7 +++ kubernetes/apps/dev/fleet/ks.yaml | 22 +++++++ kubernetes/apps/dev/kustomization.yaml | 1 + kubernetes/flux/repositories/helm/fleet.yaml | 8 +++ .../flux/repositories/helm/kustomization.yaml | 1 + 7 files changed, 124 insertions(+) create mode 100644 kubernetes/apps/dev/fleet/app/externalsecret.yaml create mode 100644 kubernetes/apps/dev/fleet/app/helmrelease.yaml create mode 100644 kubernetes/apps/dev/fleet/app/kustomization.yaml create mode 100644 kubernetes/apps/dev/fleet/ks.yaml create mode 100644 kubernetes/flux/repositories/helm/fleet.yaml diff --git a/kubernetes/apps/dev/fleet/app/externalsecret.yaml b/kubernetes/apps/dev/fleet/app/externalsecret.yaml new file mode 100644 index 000000000..3b4f6b0f3 --- /dev/null +++ b/kubernetes/apps/dev/fleet/app/externalsecret.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: fleet + namespace: dev +spec: + secretStoreRef: + kind: ClusterSecretStore + name: doppler-auth-api + target: + name: fleet + creationPolicy: Owner + deletionPolicy: "Delete" + template: + engineVersion: v2 + data: + mysql-root-password: "{{ .MYSQL__ROOT_PASSWORD }}" + mysql-replication-password: "{{ .MYSQL__REPLICATION_PASSWORD }}" + mysql-password: "{{ .MYSQL__PASSWORD }}" + + dataFrom: + - find: + path: MYSQL__ diff --git a/kubernetes/apps/dev/fleet/app/helmrelease.yaml b/kubernetes/apps/dev/fleet/app/helmrelease.yaml new file mode 100644 index 000000000..51df37e65 --- /dev/null +++ b/kubernetes/apps/dev/fleet/app/helmrelease.yaml @@ -0,0 +1,61 @@ +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: fleet + namespace: dev +spec: + interval: 15m + chart: + spec: + chart: fleet + version: v6.0.2 + sourceRef: + kind: HelmRepository + name: fleet + namespace: flux-system + maxHistory: 3 + install: + createNamespace: true + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + retries: 3 + uninstall: + keepHistory: false + values: + hostName: fleet.${SECRET_DOMAIN} + replicas: 1 + # manifest version unsupported by kube-arch-scheduler + nodeSelector: + kubernetes.io/arch: amd64 + fleet: + autoApplySQLMigrations: true + logging: + json: true + tls: + enabled: false + database: + address: fleet-mysql:3306 + secretName: fleet + mysql: + enabled: true + auth: + database: fleet + username: fleet + existingSecret: fleet + primary: + persistence: + size: 1Gi + cache: + address: fleet-redis-master:6379 + redis: + enabled: true + auth: + enabled: false + architecture: standalone + # https://fleetdm.com/docs/deploy/deploy-fleet-on-kubernetes#redis + master: + persistence: + enabled: false diff --git a/kubernetes/apps/dev/fleet/app/kustomization.yaml b/kubernetes/apps/dev/fleet/app/kustomization.yaml new file mode 100644 index 000000000..be4967811 --- /dev/null +++ b/kubernetes/apps/dev/fleet/app/kustomization.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml + - ./kustomization.yaml diff --git a/kubernetes/apps/dev/fleet/ks.yaml b/kubernetes/apps/dev/fleet/ks.yaml new file mode 100644 index 000000000..89e7bec81 --- /dev/null +++ b/kubernetes/apps/dev/fleet/ks.yaml @@ -0,0 +1,22 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1beta2 +kind: Kustomization +metadata: + name: cluster-apps-fleet + namespace: flux-system + labels: + substitution.flux.home.arpa/enabled: "true" +spec: + path: ./kubernetes/apps/dev/fleet/app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + healthChecks: + - apiVersion: helm.toolkit.fluxcd.io/v2beta1 + kind: HelmRelease + name: app-a + namespace: dev + interval: 30m + retryInterval: 1m + timeout: 3m diff --git a/kubernetes/apps/dev/kustomization.yaml b/kubernetes/apps/dev/kustomization.yaml index 62e15efb2..0b5f257a3 100644 --- a/kubernetes/apps/dev/kustomization.yaml +++ b/kubernetes/apps/dev/kustomization.yaml @@ -3,4 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./namespace.yaml + - ./fleet/ks.yaml - ./spring-boot-app/ks.yaml diff --git a/kubernetes/flux/repositories/helm/fleet.yaml b/kubernetes/flux/repositories/helm/fleet.yaml new file mode 100644 index 000000000..0203e20c3 --- /dev/null +++ b/kubernetes/flux/repositories/helm/fleet.yaml @@ -0,0 +1,8 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: fleet + namespace: flux-system +spec: + interval: 1h + url: https://fleetdm.github.io/fleet/charts diff --git a/kubernetes/flux/repositories/helm/kustomization.yaml b/kubernetes/flux/repositories/helm/kustomization.yaml index 9b9b30b86..03aa25e13 100644 --- a/kubernetes/flux/repositories/helm/kustomization.yaml +++ b/kubernetes/flux/repositories/helm/kustomization.yaml @@ -21,6 +21,7 @@ resources: - ./external-secrets.yaml - ./fairwinds.yaml - ./flanksource.yaml + - ./fleet.yaml - ./gitea.yaml - ./grafana.yaml - ./hajimari.yaml