forked from hswaw/hscloud
WIP: app/registry: ceph object storage
This commit is contained in:
parent
e24ccd678c
commit
6da3b288dc
2 changed files with 50 additions and 1 deletions
|
@ -11,6 +11,7 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
|
|||
cfg:: {
|
||||
namespace: "registry",
|
||||
domain: "k0.hswaw.net",
|
||||
storageClassName: "waw-hdd-redundant-1",
|
||||
},
|
||||
|
||||
metadata(component):: {
|
||||
|
@ -100,6 +101,19 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
|
|||
},
|
||||
},
|
||||
|
||||
authVolumeClaim: kube.PersistentVolumeClaim("auth-token-storage") {
|
||||
metadata+: app.metadata("auth-token-storage"),
|
||||
spec+: {
|
||||
storageClassName: cfg.storageClassName,
|
||||
accessModes: [ "ReadWriteOnce" ],
|
||||
resources: {
|
||||
requests: {
|
||||
storage: "1Gi",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
authConfig: kube.ConfigMap("auth-config") {
|
||||
metadata+: app.metadata("auth-config"),
|
||||
data: {
|
||||
|
@ -121,7 +135,7 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
|
|||
profile_url: "https://sso.hackerspace.pl/api/1/profile",
|
||||
redirect_url: "https://registry.k0.hswaw.net/oauth2",
|
||||
username_key: "username",
|
||||
token_db: "/tmp/oauth2_tokens.ldb",
|
||||
token_db: "/data/oauth2_tokens.ldb",
|
||||
registry_url: "https://registry.k0.hswaw.net",
|
||||
},
|
||||
acl: [
|
||||
|
@ -152,6 +166,7 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
|
|||
template+: {
|
||||
spec+: {
|
||||
volumes_: {
|
||||
data: kube.PersistentVolumeClaimVolume(app.authVolumeClaim),
|
||||
config: kube.ConfigMapVolume(app.authConfig),
|
||||
certs: {
|
||||
secret: { secretName: app.authCertificate.spec.secretName },
|
||||
|
@ -167,6 +182,7 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
|
|||
config: { mountPath: "/config" },
|
||||
certs: { mountPath: "/certs" },
|
||||
secrets: { mountPath: "/secrets" },
|
||||
data: { mountPath: "/data" },
|
||||
},
|
||||
},
|
||||
},
|
||||
|
@ -254,4 +270,14 @@ local cm = import "../../cluster/kube/lib/cert-manager.libsonnet";
|
|||
],
|
||||
},
|
||||
},
|
||||
|
||||
registryStorageUser: kube._Object("ceph.rook.io/v1", "CephObjectStoreUser", "registry") {
|
||||
metadata+: {
|
||||
namespace: "ceph-waw1",
|
||||
},
|
||||
spec: {
|
||||
store: "waw-hdd-redundant-1-object",
|
||||
displayName: "docker-registry user",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
|
@ -122,6 +122,29 @@ local Cluster(fqdn) = {
|
|||
},
|
||||
},
|
||||
},
|
||||
cephWaw1Object: kube._Object("ceph.rook.io/v1", "CephObjectStore", "waw-hdd-redundant-1-object") {
|
||||
metadata+: cluster.cephWaw1.metadata,
|
||||
spec: {
|
||||
metadataPool: {
|
||||
failureDomain: "host",
|
||||
replicated: { size: 3 },
|
||||
},
|
||||
dataPool: {
|
||||
failureDomain: "host",
|
||||
erasureCoded: {
|
||||
dataChunks: 2,
|
||||
codingChunks: 1,
|
||||
},
|
||||
},
|
||||
gateway: {
|
||||
type: "s3",
|
||||
port: 80,
|
||||
#securePort:
|
||||
instances: 1,
|
||||
allNodes: false,
|
||||
},
|
||||
},
|
||||
},
|
||||
};
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue