This will allow affected libsonnets to be reused for k1
Change-Id: I30e7dfd6c391e479270c78f8a245d6f330e65027
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2124
Reviewed-by: informatic <informatic@hackerspace.pl>
Across the hscloud, few deployments have number of replicas other than 1. And not every app is even built to support more than 1 replica (notably, nothing with waw-hdd-redundant-3 mounts will work). Also, replicas=1 is the default. Therefore, it doesn't make sense to explicitly say `replicas: 1` unless other value is needed.
Change-Id: I12250ceb053d2041c06ecfe685fe7f8f10d20679
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2084
Reviewed-by: pl <pl@hackerspace.pl>
Reviewed-by: krnlexception <krnlexception@hackerspace.pl>
Reviewed-by: informatic <informatic@hackerspace.pl>
The abstraction and name of SimpleIngress didn't feel right to me. I realized it's actually a few related things. One is just the simplified syntax to point `target` to `hosts`, and that should live in the (upstream-able) kube.libsonnet (similar to what we do with Service, PVC). Second is k0-specific default for all ingresses of proxy-body-size=0. Third is TLS-specific stuff, which includes the (standard) spec.tls, and k0-specific acme/cert-manager annotations.
In the end, for cluster users this is basically just a rename of SimpleIngress to TLSIngress. But it's a bit better encapsulated I think, and if someone wants a non-TLS Ingress or if we ever upstream kube.libsonnet, this may be helpful
Change-Id: I4587549699c40fe71c4fff358faac8748ecc44ef
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2085
Reviewed-by: q3k <q3k@hackerspace.pl>
radex is a cluster admin, so per-namespace admin rbs are unnecessary clutter
Change-Id: Ib6cfbdf6fc0b90420cd20a5ee3e9fa1d74666e9b
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2075
Reviewed-by: radex <radex@hackerspace.pl>
no longer a member (invalid user); palworld killed by request from palid
Change-Id: I42176c21d0b2eefadabfc66542537bf2843d3741
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2073
Reviewed-by: radex <radex@hackerspace.pl>
Refactoring registry to use newer syntax/jsonnet helpers/conventions, in line with the rest of the codebase.
Change-Id: I20508c8f6ef9a2d0e8faa7de3d3b9efcf2c91af3
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2013
Reviewed-by: q3k <q3k@hackerspace.pl>
This fixes cluster routing, which broke for some reason at some point.
It ensures cluster routes get propagated correctly across nodes.
This is a mess. We should replace this.
Change-Id: Ic749a529da620fa201ec9cd71a6a8eed664e2d0f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2012
Reviewed-by: radex <radex@hackerspace.pl>
These changes were already live but were not committed
Change-Id: Ib0590964ad8521d06ad2219b51751e65b6f9742f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2011
Reviewed-by: q3k <q3k@hackerspace.pl>
This brings the code up to date with what was already deployed
Change-Id: I8e47787df8d421857f8a011ce3d6ab29488f980a
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2009
Reviewed-by: q3k <q3k@hackerspace.pl>
Forked Dockerfile is no longer necessary, as 0.51.0 has a newer openssl
This is the newest version of n-i-c we can use with current k8s version. v1.0.0 requires k8s at least v1.19
Change-Id: Ibb244482cef2624274817ea6c62f190587a03f97
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2006
Reviewed-by: q3k <q3k@hackerspace.pl>
Since `ops/monitoring` operates on both `monitoring-cluster` and
`monitoring-global-k0` namespaces, working properly using the tooling
requires access to both.
While there, add access to `monitoring-external-k0` for potential
working with external targets.
Change-Id: I5f37ed306f064ffcced705609aa919b684a46235
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1834
Reviewed-by: informatic <informatic@hackerspace.pl>
This gives viq admin access to monitoring-cluster namespace to be able
to inspect what's already there and try to extend it.
Change-Id: I48eaba8db6cd6868879da33abd93607ed5de2008
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1829
Reviewed-by: q3k <q3k@hackerspace.pl>
Rename `target_service` to `target` to mirror Service's `target`; rename `extra_paths` to `extraPaths` to follow the camelCase convention used everywhere except for a few places in kube.upstream (assumed to be a mistake)
Change-Id: Icfcb70ef889e3359bf0391c465034817f4b70cce
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1809
Reviewed-by: q3k <q3k@hackerspace.pl>
There's no difference as far as jsonnet is concerned, but it may confuse newbies, as Service and SimpleIngress use double colon for its top-level kube helpers. This also removes any ambiguity as to whether this is manifested in final JSON. So we can make that a convention.
Change-Id: I01ad4ea63f4d5d8ee6e5d41c79637ba186548c6f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1803
Reviewed-by: q3k <q3k@hackerspace.pl>