cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
1,255 Commits
1 Branch
0 Tags
55 MiB
Commit Graph

302 Commits (master)

Author SHA1 Message Date
q3k 184678b0f4 cluster/cube/lib/cockroachdb: clean up topology 
IP addresses are not necessary in the topology definitions of a
cockroach cluster.

They were mis-commited leftovers from trying to run the cluster on
DaemonSets with hostNetworking: true.

Change-Id: I4ef1f6ed9a745efc6b05846bc13aba9d1f8dc7c8
 2019-06-22 21:18:29 +00:00
q3k dec401c7dd cluster/kube/lib/cockroach: move client to deployment 
This prevents a bug where kubecfg fails to update the client pod when
running a cluster/kube/cluster.jsonnet update. The pod update is
attempted because of runtime/intent differences at serviceAccounts
specification, which causes kubecfg to see a diff, which causes it to
attempt and update, which causes kube-apiserver to reject the change
(because pods are immutable), which causes kubecfg to fail.

Change-Id: I20b0ecbb264213a2eb483d475c7683b4965c82be
 2019-06-22 23:14:25 +02:00
q3k c7258f4644 cluster/kube: refactor, add crdb-waw1 2019-06-21 00:24:09 +02:00
q3k e53e39a8be cluster/kube/lib/cockroachdb: use manual node pinning 
We move away from the StatefulSet based deployment to manually starting
a deployment per intended node. This allows us to pin indivisual
instances of Cockroach to particular nodes, so that they state
co-located with their data.
 2019-06-20 23:36:35 +02:00
q3k 662a3cdcca cluster/kube/lib/cockroachdb: refactor 
We refactor this library to:

 - support multiple databases, but with a strong suggestion of having
   one per k8s cluster
 - drop the database creation logic
 - redo naming (allowing for two options: multiple clusters per
   namespace or an exclusive namespace for the cluster)
 - unhardcode dns names
 2019-06-20 19:45:03 +02:00
q3k 224a50bbfe cluster/kube/lib/cockroach: fix imports 2019-06-20 16:43:01 +02:00
q3k 3c117fa841 make cockroachdb into a cluster service 2019-06-20 16:43:01 +02:00
q3k c3b0f7627c cluster/kube: set operator replicas to 0 2019-06-20 16:42:19 +02:00
q3k c0fc3ee442 cluster/clustercfg: add clustercfg-nocerts 2019-06-20 16:11:38 +02:00
q3k f970a7ef0f nix/cluster-configuration: fix CNI plugins being deleted on kubelet restart 2019-06-20 12:51:51 +02:00
q3k f81f7d462a cluster/clustercfg: gitignore __pycache__ 2019-05-19 03:11:18 +02:00
q3k aa68f3fdd8 secretstore: add implr 2019-05-18 00:15:25 +02:00
q3k 36cc4fb61a bazel-cache: deploy, add waw-hdd-yolo-1 ceph pool 2019-05-17 18:09:39 +02:00
informatic fc514a9b52 cluster/kube/cert-manager: don't add APIService when webhooks are disabled 2019-05-05 12:12:13 +02:00
informatic b187bf5b2c cluster/kube/metallb: downgrade to 0.7.3 2019-05-05 12:11:14 +02:00
q3k 321fad9865 cluster/kube/rook: lower debug 2019-04-19 14:14:36 +02:00
q3k ed2e670c8b cluster/kube/rook: bump to ceph v14 fully 2019-04-19 13:27:20 +02:00
informatic 56918237ed cluster: update ceph README 2019-04-09 23:48:33 +02:00
informatic 5ac85c6e73 cluster/kube: refactor rook.io object store configuration 2019-04-09 21:45:32 +02:00
informatic 6da3b288dc WIP: app/registry: ceph object storage 2019-04-09 13:48:21 +02:00
informatic e24ccd678c clustercfg: fix broken admincreds generation 2019-04-09 13:43:54 +02:00
informatic 598a079f57 clustercfg: extract cfssl handling to separate function 2019-04-09 13:29:33 +02:00
q3k 73cef11c85 *: rejigger tls certs and more 
This pretty large change does the following:

 - moves nix from bootstrap.hswaw.net to nix/
 - changes clustercfg to use cfssl and moves it to cluster/clustercfg
 - changes clustercfg to source information about target location of
   certs from nix
 - changes clustercfg to push nix config
 - changes tls certs to have more than one CA
 - recalculates all TLS certs
   (it keeps the old serviceaccoutns key, otherwise we end up with
   invalid serviceaccounts - the cert doesn't match, but who cares,
   it's not used anyway)
 2019-04-07 00:06:23 +02:00
q3k 242152f65e cluster/kube/lib/metallb: bump memory hoping to prevent crashes 2019-04-04 16:54:00 +02:00
q3k 0f78cea802 Merge branch 'master' of hackerspace.pl:hscloud 2019-04-02 14:45:23 +02:00
q3k 2fd5861d24 cluster: some doc updates 2019-04-02 14:45:17 +02:00
informatic 3187c59a86 cluster/kube: ceph dashboard tls certificates 2019-04-02 14:44:04 +02:00
informatic 2afe604595 cluster/kube: minor cert-manager cleanups, disable webhooks by default 2019-04-02 14:43:34 +02:00
informatic 79ddbc57d9 cluster/kube: initial cert-manager implementation 2019-04-02 13:20:15 +02:00
q3k 65f3b1d8ab cluster/kube: add waw-hdd-redundant-1 pool/storageclass 2019-04-02 01:05:38 +02:00
q3k c6da127d3f cluster/kube: ceph-waw1 up 2019-04-02 00:06:13 +02:00
q3k cdfafaf91e cluster/kube: finish rook operator 2019-04-01 19:16:18 +02:00
q3k b7fcc67f42 cluster/kube: start implementing rook 2019-04-01 18:40:50 +02:00
q3k 14cbacb81a cluster/kube/metallb: parametrize address pools 2019-04-01 18:00:44 +02:00
q3k a9c7e86687 cluster: fix metallb, add nginx ingress controller 2019-04-01 17:56:28 +02:00
q3k eeed6fb6da recertify all certs 2019-04-01 16:19:28 +02:00
q3k 1e565dc4a5 cluster: start implementing metallb 2019-01-18 09:40:59 +01:00
q3k e3af1eb852 cluster: autodetect IP address 
This is so that Calico starts with the proper subnet. Feeding it just an
IP from the node status will mean it parses it as /32 and uses IPIP
tunnels for all connectivity.
 2019-01-18 09:39:57 +01:00
q3k 41bd2b52c2 cluster/secrets: add implr 2019-01-17 23:37:36 +01:00
q3k f3010ee1cb cluster/secrets: add cz2 2019-01-17 21:35:52 +01:00
q3k dc9c29ac90 cluster: add calico key 2019-01-17 21:35:28 +01:00
q3k 5c75574464 cluster/coredns: allow resolving via <svc>.<namespace>.svc.k0.hswaw.net 2019-01-17 21:35:10 +01:00
q3k af3be426ad cluster: deploy calico and metrics service 2019-01-17 18:57:19 +01:00
q3k 49b9a13d28 cluster: deploy coredns 2019-01-14 00:02:59 +01:00
q3k 5bebbebe3e cluster/kube: fix typo 2019-01-13 22:08:05 +01:00
q3k 4d9e72cb8c cluster/kube: init 2019-01-13 22:06:33 +01:00
q3k d89e1203d9 ca: bump srl 2019-01-13 22:06:11 +01:00
q3k ae56b6a6a5 clustercfg: create .kubectl 2019-01-13 21:39:16 +01:00
q3k cd23740185 cluster/secrets: keep plain/ dir for scripting 2019-01-13 21:37:35 +01:00
q3k de061801db *: k0.hswaw.net somewhat working 2019-01-13 21:14:02 +01:00
q3k f2a812b9fd *: bazelify 2019-01-13 17:51:34 +01:00
q3k 60b19af41e *: reorganize 2019-01-13 14:15:09 +01:00