mirror of
https://gerrit.hackerspace.pl/hscloud
synced 2024-10-18 08:27:46 +00:00
kube: add .volume field on PVCs and ConfigMaps
Change-Id: I93eec44bd6df4ecb0044a4797faa9bf6fd26802d Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1811 Reviewed-by: q3k <q3k@hackerspace.pl>
This commit is contained in:
parent
7a4c27d28c
commit
4ffc64d97d
29 changed files with 54 additions and 46 deletions
|
|
@ -29,7 +29,7 @@ local postgres = import '../../kube/postgres_v.libsonnet';
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
media: kube.PersistentVolumeClaimVolume(top.media),
|
media: top.media.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
default: kube.Container('default') {
|
default: kube.Container('default') {
|
||||||
|
|
|
||||||
|
|
@ -87,7 +87,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.SecretVolume(bridge.config),
|
config: kube.SecretVolume(bridge.config),
|
||||||
data: kube.PersistentVolumeClaimVolume(bridge.dataVolume),
|
data: bridge.dataVolume.volume,
|
||||||
registration: { secret: { secretName: "appservice-irc-%s-registration" % [name] } },
|
registration: { secret: { secretName: "appservice-irc-%s-registration" % [name] } },
|
||||||
} + (if cfg.passwordEncryptionKeySecret != null then {
|
} + (if cfg.passwordEncryptionKeySecret != null then {
|
||||||
key: { secret: { secretName: cfg.passwordEncryptionKeySecret } },
|
key: { secret: { secretName: cfg.passwordEncryptionKeySecret } },
|
||||||
|
|
|
||||||
|
|
@ -99,7 +99,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.SecretVolume(bridge.config),
|
config: kube.SecretVolume(bridge.config),
|
||||||
data: kube.PersistentVolumeClaimVolume(bridge.dataVolume),
|
data: bridge.dataVolume.volume,
|
||||||
registration: { secret: { secretName: "appservice-telegram-%s-registration" % [name] } },
|
registration: { secret: { secretName: "appservice-telegram-%s-registration" % [name] } },
|
||||||
},
|
},
|
||||||
initContainers: [
|
initContainers: [
|
||||||
|
|
|
||||||
|
|
@ -71,8 +71,8 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(top.configMap),
|
config: top.configMap.volume,
|
||||||
data: kube.PersistentVolumeClaimVolume(top.dataVolume),
|
data: top.dataVolume.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
coturn: kube.Container("coturn") {
|
coturn: kube.Container("coturn") {
|
||||||
|
|
|
||||||
|
|
@ -170,8 +170,8 @@ local postgres = import "../../../kube/postgres.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(top.dataVolume),
|
data: top.dataVolume.volume,
|
||||||
config: kube.ConfigMapVolume(top.synapseConfigMap),
|
config: top.synapseConfigMap.volume,
|
||||||
} + {
|
} + {
|
||||||
[k]: { secret: { secretName: "appservice-%s-registration" % [k] } }
|
[k]: { secret: { secretName: "appservice-%s-registration" % [k] } }
|
||||||
for k in std.objectFields(top.appservices)
|
for k in std.objectFields(top.appservices)
|
||||||
|
|
@ -309,7 +309,7 @@ local postgres = import "../../../kube/postgres.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(top.riotConfigMap),
|
config: top.riotConfigMap.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
web: kube.Container("riot-web") {
|
web: kube.Container("riot-web") {
|
||||||
|
|
|
||||||
|
|
@ -58,7 +58,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(top.configMap),
|
config: top.configMap.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
web: kube.Container("riot-web") {
|
web: kube.Container("riot-web") {
|
||||||
|
|
|
||||||
|
|
@ -121,13 +121,13 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(top.configMap),
|
config: top.configMap.volume,
|
||||||
secrets: { secret: { secretName: "synapse" } },
|
secrets: { secret: { secretName: "synapse" } },
|
||||||
} + {
|
} + {
|
||||||
[k]: { secret: { secretName: "appservice-%s-registration" % [k] } }
|
[k]: { secret: { secretName: "appservice-%s-registration" % [k] } }
|
||||||
for k in std.objectFields(top.appservices)
|
for k in std.objectFields(top.appservices)
|
||||||
} + if worker.cfg.mountData then {
|
} + if worker.cfg.mountData then {
|
||||||
data: kube.PersistentVolumeClaimVolume(top.dataVolume),
|
data: top.dataVolume.volume,
|
||||||
} else {},
|
} else {},
|
||||||
containers_: {
|
containers_: {
|
||||||
web: kube.Container("synapse") {
|
web: kube.Container("synapse") {
|
||||||
|
|
|
||||||
|
|
@ -61,7 +61,7 @@ local kube = import "../../kube/hscloud.libsonnet";
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(top.pvc),
|
data: top.pvc.volume,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -152,7 +152,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(radio.configMap),
|
config: radio.configMap.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
radio: kube.Container(radio.makeName("radio")) {
|
radio: kube.Container(radio.makeName("radio")) {
|
||||||
|
|
|
||||||
|
|
@ -92,7 +92,7 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
cache: kube.PersistentVolumeClaimVolume(ix.octorpki.cache),
|
cache: ix.octorpki.cache.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
octorpki: kube.Container(ix.name("octorpki")){
|
octorpki: kube.Container(ix.name("octorpki")){
|
||||||
|
|
@ -241,8 +241,8 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
alice: ix.component("alice") {
|
alice: ix.component("alice") {
|
||||||
port: 7340,
|
port: 7340,
|
||||||
volumes: {
|
volumes: {
|
||||||
config: kube.ConfigMapVolume(ix.alice.configMap),
|
config: ix.alice.configMap.volume,
|
||||||
theme: kube.ConfigMapVolume(ix.alice.themeMap),
|
theme: ix.alice.themeMap.volume,
|
||||||
},
|
},
|
||||||
volumeMounts: {
|
volumeMounts: {
|
||||||
config: {
|
config: {
|
||||||
|
|
|
||||||
|
|
@ -79,7 +79,7 @@ local prototext = import "../../../kube/prototext.libsonnet";
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(env.config),
|
config: env.config.volume,
|
||||||
secret: kube.SecretVolume(env.secret),
|
secret: kube.SecretVolume(env.secret),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -315,7 +315,7 @@ local bindServiceAccountClusterRole(sa, cr) = kube.ClusterRoleBinding(cr.metadat
|
||||||
cni_bin: kube.HostPathVolume("/opt/cni/bin"),
|
cni_bin: kube.HostPathVolume("/opt/cni/bin"),
|
||||||
cni_config: kube.HostPathVolume("/opt/cni/conf"),
|
cni_config: kube.HostPathVolume("/opt/cni/conf"),
|
||||||
secrets: kube.SecretVolume(env.secrets),
|
secrets: kube.SecretVolume(env.secrets),
|
||||||
bird_cfg_template: kube.ConfigMapVolume(env.calicoMetallbBird),
|
bird_cfg_template: env.calicoMetallbBird.volume,
|
||||||
# TODO flexvol-driver-host, policysync
|
# TODO flexvol-driver-host, policysync
|
||||||
},
|
},
|
||||||
initContainers_: {
|
initContainers_: {
|
||||||
|
|
|
||||||
|
|
@ -191,8 +191,8 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(env.authVolumeClaim),
|
data: env.authVolumeClaim.volume,
|
||||||
config: kube.ConfigMapVolume(env.authConfig),
|
config: env.authConfig.volume,
|
||||||
certs: {
|
certs: {
|
||||||
secret: { secretName: env.authCertificate.spec.secretName },
|
secret: { secretName: env.authCertificate.spec.secretName },
|
||||||
},
|
},
|
||||||
|
|
@ -232,7 +232,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(env.registryConfig),
|
config: env.registryConfig.volume,
|
||||||
certs: {
|
certs: {
|
||||||
secret: { secretName: env.registryCertificate.spec.secretName },
|
secret: { secretName: env.registryCertificate.spec.secretName },
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -980,9 +980,9 @@ local oa = kube.OpenAPI;
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(cluster.benji.data),
|
data: cluster.benji.data.volume,
|
||||||
benjiconfig: kube.SecretVolume(cluster.benji.config),
|
benjiconfig: kube.SecretVolume(cluster.benji.config),
|
||||||
extrabins: kube.ConfigMapVolume(cluster.benji.extrabins),
|
extrabins: cluster.benji.extrabins.volume,
|
||||||
monendpoints: {
|
monendpoints: {
|
||||||
configMap: {
|
configMap: {
|
||||||
name: "rook-ceph-mon-endpoints",
|
name: "rook-ceph-mon-endpoints",
|
||||||
|
|
|
||||||
|
|
@ -176,7 +176,7 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
fsGroup: 1000, # gerrit uid
|
fsGroup: 1000, # gerrit uid
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
config: kube.ConfigMapVolume(top.configmap),
|
config: top.configmap.volume,
|
||||||
secure: { secret: { secretName: cfg.secureSecret} },
|
secure: { secret: { secretName: cfg.secureSecret} },
|
||||||
} {
|
} {
|
||||||
[name]: kube.PersistentVolumeClaimVolume(top.volumes[name])
|
[name]: kube.PersistentVolumeClaimVolume(top.volumes[name])
|
||||||
|
|
|
||||||
|
|
@ -16,8 +16,8 @@ local kube = import "../../kube/kube.libsonnet";
|
||||||
cfg+: {
|
cfg+: {
|
||||||
image: cfg.image,
|
image: cfg.image,
|
||||||
volumes+: {
|
volumes+: {
|
||||||
data: kube.PersistentVolumeClaimVolume(sourcegraph.pvc.data),
|
data: sourcegraph.pvc.data.volume,
|
||||||
etc: kube.PersistentVolumeClaimVolume(sourcegraph.pvc.etc),
|
etc: sourcegraph.pvc.etc.volume,
|
||||||
},
|
},
|
||||||
securityContext: {
|
securityContext: {
|
||||||
runAsUser: 0,
|
runAsUser: 0,
|
||||||
|
|
|
||||||
|
|
@ -113,9 +113,9 @@ local proxy = import "proxy.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(top.volumeClaimData),
|
data: top.volumeClaimData.volume,
|
||||||
mods: kube.PersistentVolumeClaimVolume(top.volumeClaimMods),
|
mods: top.volumeClaimMods.volume,
|
||||||
config: kube.ConfigMapVolume(top.configMap),
|
config: top.configMap.volume,
|
||||||
},
|
},
|
||||||
initContainers_: {
|
initContainers_: {
|
||||||
modproxy: kube.Container("modproxy") {
|
modproxy: kube.Container("modproxy") {
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,7 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
cas: kube.PersistentVolumeClaimVolume(top.pvc),
|
cas: top.pvc.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
proxy: kube.Container("proxy") {
|
proxy: kube.Container("proxy") {
|
||||||
|
|
|
||||||
|
|
@ -162,10 +162,10 @@ local kube = import "../../kube/kube.libsonnet";
|
||||||
fsGroup: 1000,
|
fsGroup: 1000,
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
backups: kube.PersistentVolumeClaimVolume(game.pvcs.backups),
|
backups: game.pvcs.backups.volume,
|
||||||
saves: kube.PersistentVolumeClaimVolume(game.pvcs.saves),
|
saves: game.pvcs.saves.volume,
|
||||||
server: kube.PersistentVolumeClaimVolume(game.pvcs.server),
|
server: game.pvcs.server.volume,
|
||||||
scripts: kube.ConfigMapVolume(game.scripts),
|
scripts: game.scripts.volume,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,7 @@ local redis = import "../../kube/redis.libsonnet";
|
||||||
cfg+: {
|
cfg+: {
|
||||||
image: cfg.image,
|
image: cfg.image,
|
||||||
volumes+: {
|
volumes+: {
|
||||||
data: kube.PersistentVolumeClaimVolume(pretalx.volumeData),
|
data: pretalx.volumeData.volume,
|
||||||
config: kube.SecretVolume(pretalx.config),
|
config: kube.SecretVolume(pretalx.config),
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,7 @@ local redis = import "../../kube/redis.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(top.dataVolume),
|
data: top.dataVolume.volume,
|
||||||
},
|
},
|
||||||
|
|
||||||
securityContext: {
|
securityContext: {
|
||||||
|
|
|
||||||
|
|
@ -32,11 +32,19 @@ kube {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
||||||
// Remove deprecated `volume.beta.kubernetes.io/storage-class` annotation
|
|
||||||
PersistentVolumeClaim(name): kube.PersistentVolumeClaim(name) {
|
PersistentVolumeClaim(name): kube.PersistentVolumeClaim(name) {
|
||||||
|
// Convenience for creating a volume from a PVC
|
||||||
|
volume:: kube.PersistentVolumeClaimVolume(self),
|
||||||
|
|
||||||
|
// Remove deprecated `volume.beta.kubernetes.io/storage-class` annotation
|
||||||
metadata+: { annotations: {} },
|
metadata+: { annotations: {} },
|
||||||
},
|
},
|
||||||
|
|
||||||
|
ConfigMap(name): kube.ConfigMap(name) {
|
||||||
|
// Convenience for creating a volume from a ConfigMap
|
||||||
|
volume:: kube.ConfigMapVolume(self),
|
||||||
|
},
|
||||||
|
|
||||||
// Add `target` field
|
// Add `target` field
|
||||||
Service(name): kube.Service(name) {
|
Service(name): kube.Service(name) {
|
||||||
// Deployment, Pod, DaemonSet, etc. that this Service is targeting.
|
// Deployment, Pod, DaemonSet, etc. that this Service is targeting.
|
||||||
|
|
|
||||||
|
|
@ -78,7 +78,7 @@ local kube = import "kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(postgres.volumeClaim),
|
data: postgres.volumeClaim.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
postgres: kube.Container(postgres.makeName("postgres")) {
|
postgres: kube.Container(postgres.makeName("postgres")) {
|
||||||
|
|
|
||||||
|
|
@ -57,7 +57,7 @@ local kube = import "kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(postgres.volumeClaim),
|
data: postgres.volumeClaim.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
postgres: kube.Container(postgres.makeName("postgres")) {
|
postgres: kube.Container(postgres.makeName("postgres")) {
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@ local kube = import "kube.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(redis.volumeClaim),
|
data: redis.volumeClaim.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
redis: kube.Container(redis.makeName("redis")) {
|
redis: kube.Container(redis.makeName("redis")) {
|
||||||
|
|
|
||||||
|
|
@ -246,8 +246,8 @@ local kube = import "../../../kube/kube.libsonnet";
|
||||||
{ key: "CriticalAddonsOnly", operator: "Exists" },
|
{ key: "CriticalAddonsOnly", operator: "Exists" },
|
||||||
],
|
],
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(prometheus.pvc),
|
data: prometheus.pvc.volume,
|
||||||
configmap: kube.ConfigMapVolume(prometheus.configmap),
|
configmap: prometheus.configmap.volume,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -110,7 +110,7 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(victoria.pvc),
|
data: victoria.pvc.volume,
|
||||||
secret: kube.SecretVolume(victoria.authSecret),
|
secret: kube.SecretVolume(victoria.authSecret),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
@ -219,7 +219,7 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(grafana.pvc),
|
data: grafana.pvc.volume,
|
||||||
config: kube.SecretVolume(grafana.config) {
|
config: kube.SecretVolume(grafana.config) {
|
||||||
secret+: {
|
secret+: {
|
||||||
items: [
|
items: [
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(top.data),
|
data: top.data.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
default: kube.Container("default") {
|
default: kube.Container("default") {
|
||||||
|
|
|
||||||
|
|
@ -73,7 +73,7 @@ local kube = import "../../../kube/hscloud.libsonnet";
|
||||||
template+: {
|
template+: {
|
||||||
spec+: {
|
spec+: {
|
||||||
volumes_: {
|
volumes_: {
|
||||||
data: kube.PersistentVolumeClaimVolume(mysql.volume),
|
data: mysql.volume.volume,
|
||||||
},
|
},
|
||||||
containers_: {
|
containers_: {
|
||||||
default: kube.Container("default") {
|
default: kube.Container("default") {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue