Since `ops/monitoring` operates on both `monitoring-cluster` and
`monitoring-global-k0` namespaces, working properly using the tooling
requires access to both.
While there, add access to `monitoring-external-k0` for potential
working with external targets.
Change-Id: I5f37ed306f064ffcced705609aa919b684a46235
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1834
Reviewed-by: informatic <informatic@hackerspace.pl>
This gives viq admin access to monitoring-cluster namespace to be able
to inspect what's already there and try to extend it.
Change-Id: I48eaba8db6cd6868879da33abd93607ed5de2008
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1829
Reviewed-by: q3k <q3k@hackerspace.pl>
Rename `target_service` to `target` to mirror Service's `target`; rename `extra_paths` to `extraPaths` to follow the camelCase convention used everywhere except for a few places in kube.upstream (assumed to be a mistake)
Change-Id: Icfcb70ef889e3359bf0391c465034817f4b70cce
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1809
Reviewed-by: q3k <q3k@hackerspace.pl>
There's no difference as far as jsonnet is concerned, but it may confuse newbies, as Service and SimpleIngress use double colon for its top-level kube helpers. This also removes any ambiguity as to whether this is manifested in final JSON. So we can make that a convention.
Change-Id: I01ad4ea63f4d5d8ee6e5d41c79637ba186548c6f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1803
Reviewed-by: q3k <q3k@hackerspace.pl>
The bootloader is *not* moved yet, machine still boots off the old disk
Change-Id: I8cc92489bb06bfe9581d68503237e08fa8082c7c
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1766
Reviewed-by: q3k <q3k@hackerspace.pl>
fstrim is nice as it might prevent us from killing SSDs so fast.
A lower GC threshold for kubelet is nice as we run non-kubelet services
on these nodes, and they need their space. Notably, Ceph's mons tend to
be extremely claustrophobic, firing alerts at 70% disk usage or so.
Change-Id: I94c1787e62f82a02f107d04a87575327d3d79c01
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1724
Reviewed-by: implr <implr@hackerspace.pl>
This deploys the changes in Id64cccadcd1e109035ed09f62086772fa615dd72
and I34163bbb62ba792d359a5f5e72de1024c0109eab .
Turns out the site actually serves at new.hackerspace.pl and is being
proxy-passed from boston-packets, as that for legacy reasons still has
to live at hackerspace.pl.
Change-Id: Ieaa3e8b6f9c4ced14db83c121e30c9cbaa416b00
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1700
Reviewed-by: radex <radex@hackerspace.pl>
A little QA environment, currently without any data populated.
Change-Id: Ifbe5e97f312376ca64222a3754fe6fa29d7fda79
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1643
Reviewed-by: q3k <q3k@hackerspace.pl>
Also make dataplane-only nodes actually work:
- make kubeproxy use the same package as kubelet
- disable firewall
Change-Id: I7babbb749656e6f75151c8eda6e3f09f3c6bff5f
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1686
Reviewed-by: q3k <q3k@hackerspace.pl>
This is a mega-change, but attempting to split this up further is
probably not worth the effort.
Summary:
1. Bump up bazel, rules_go, and others.
2. Switch to new go target naming (bye bye go_default_library)
3. Move go deps to go.mod/go.sum, use make gazelle generate from that
4. Bump up Python deps a bit
And also whatever was required to actually get things to work - loads of
small useless changes.
Tested to work on NixOS and Ubuntu 20.04:
$ bazel build //...
$ bazel test //...
Change-Id: I8364bdaa1406b9ae4d0385a6b607f3e7989f98a9
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1583
Reviewed-by: q3k <q3k@hackerspace.pl>