224a50bbfe
cluster/kube/lib/cockroach: fix imports
2019-06-20 16:43:01 +02:00
3c117fa841
make cockroachdb into a cluster service
2019-06-20 16:43:01 +02:00
c3b0f7627c
cluster/kube: set operator replicas to 0
2019-06-20 16:42:19 +02:00
c0fc3ee442
cluster/clustercfg: add clustercfg-nocerts
2019-06-20 16:11:38 +02:00
f970a7ef0f
nix/cluster-configuration: fix CNI plugins being deleted on kubelet restart
2019-06-20 12:51:51 +02:00
f81f7d462a
cluster/clustercfg: gitignore __pycache__
2019-05-19 03:11:18 +02:00
aa68f3fdd8
secretstore: add implr
2019-05-18 00:15:25 +02:00
36cc4fb61a
bazel-cache: deploy, add waw-hdd-yolo-1 ceph pool
2019-05-17 18:09:39 +02:00
fc514a9b52
cluster/kube/cert-manager: don't add APIService when webhooks are disabled
2019-05-05 12:12:13 +02:00
b187bf5b2c
cluster/kube/metallb: downgrade to 0.7.3
2019-05-05 12:11:14 +02:00
321fad9865
cluster/kube/rook: lower debug
2019-04-19 14:14:36 +02:00
ed2e670c8b
cluster/kube/rook: bump to ceph v14 fully
2019-04-19 13:27:20 +02:00
56918237ed
cluster: update ceph README
2019-04-09 23:48:33 +02:00
5ac85c6e73
cluster/kube: refactor rook.io object store configuration
2019-04-09 21:45:32 +02:00
6da3b288dc
WIP: app/registry: ceph object storage
2019-04-09 13:48:21 +02:00
e24ccd678c
clustercfg: fix broken admincreds generation
2019-04-09 13:43:54 +02:00
598a079f57
clustercfg: extract cfssl handling to separate function
2019-04-09 13:29:33 +02:00
73cef11c85
*: rejigger tls certs and more
...
This pretty large change does the following:
- moves nix from bootstrap.hswaw.net to nix/
- changes clustercfg to use cfssl and moves it to cluster/clustercfg
- changes clustercfg to source information about target location of
certs from nix
- changes clustercfg to push nix config
- changes tls certs to have more than one CA
- recalculates all TLS certs
(it keeps the old serviceaccoutns key, otherwise we end up with
invalid serviceaccounts - the cert doesn't match, but who cares,
it's not used anyway)
2019-04-07 00:06:23 +02:00
242152f65e
cluster/kube/lib/metallb: bump memory hoping to prevent crashes
2019-04-04 16:54:00 +02:00
0f78cea802
Merge branch 'master' of hackerspace.pl:hscloud
2019-04-02 14:45:23 +02:00
2fd5861d24
cluster: some doc updates
2019-04-02 14:45:17 +02:00
3187c59a86
cluster/kube: ceph dashboard tls certificates
2019-04-02 14:44:04 +02:00
2afe604595
cluster/kube: minor cert-manager cleanups, disable webhooks by default
2019-04-02 14:43:34 +02:00
79ddbc57d9
cluster/kube: initial cert-manager implementation
2019-04-02 13:20:15 +02:00
65f3b1d8ab
cluster/kube: add waw-hdd-redundant-1 pool/storageclass
2019-04-02 01:05:38 +02:00
c6da127d3f
cluster/kube: ceph-waw1 up
2019-04-02 00:06:13 +02:00
cdfafaf91e
cluster/kube: finish rook operator
2019-04-01 19:16:18 +02:00
b7fcc67f42
cluster/kube: start implementing rook
2019-04-01 18:40:50 +02:00
14cbacb81a
cluster/kube/metallb: parametrize address pools
2019-04-01 18:00:44 +02:00
a9c7e86687
cluster: fix metallb, add nginx ingress controller
2019-04-01 17:56:28 +02:00
eeed6fb6da
recertify all certs
2019-04-01 16:19:28 +02:00
1e565dc4a5
cluster: start implementing metallb
2019-01-18 09:40:59 +01:00
e3af1eb852
cluster: autodetect IP address
...
This is so that Calico starts with the proper subnet. Feeding it just an
IP from the node status will mean it parses it as /32 and uses IPIP
tunnels for all connectivity.
2019-01-18 09:39:57 +01:00
41bd2b52c2
cluster/secrets: add implr
2019-01-17 23:37:36 +01:00
f3010ee1cb
cluster/secrets: add cz2
2019-01-17 21:35:52 +01:00
dc9c29ac90
cluster: add calico key
2019-01-17 21:35:28 +01:00
5c75574464
cluster/coredns: allow resolving via <svc>.<namespace>.svc.k0.hswaw.net
2019-01-17 21:35:10 +01:00
af3be426ad
cluster: deploy calico and metrics service
2019-01-17 18:57:19 +01:00
49b9a13d28
cluster: deploy coredns
2019-01-14 00:02:59 +01:00
5bebbebe3e
cluster/kube: fix typo
2019-01-13 22:08:05 +01:00
4d9e72cb8c
cluster/kube: init
2019-01-13 22:06:33 +01:00
d89e1203d9
ca: bump srl
2019-01-13 22:06:11 +01:00
ae56b6a6a5
clustercfg: create .kubectl
2019-01-13 21:39:16 +01:00
cd23740185
cluster/secrets: keep plain/ dir for scripting
2019-01-13 21:37:35 +01:00
de061801db
*: k0.hswaw.net somewhat working
2019-01-13 21:14:02 +01:00
f2a812b9fd
*: bazelify
2019-01-13 17:51:34 +01:00
60b19af41e
*: reorganize
2019-01-13 14:15:09 +01:00