q3k
3976e3cee8
go/svc/invoice: refactor
...
We unify calculation logic, move the existing Invoice proto message into
InvoiceData, and create other messages/fields around it to hold
denormalized data.
2019-05-01 15:27:49 +02:00
q3k
57ef6b0d7f
go/svc/invoice: add statusz
2019-05-01 14:08:29 +02:00
q3k
c2d322c504
go/svc/invoice: polishify
2019-05-01 13:14:32 +02:00
q3k
fb18c99df3
go/svc/invoice: import from code.hackerspace.pl/q3k/inboice
2019-05-01 12:27:43 +02:00
q3k
258686cf9a
WORKSPACE: bump gazelle for go 1.12
2019-05-01 12:26:43 +02:00
q3k
a9bb1d5b5b
tools/secretstore: fix decryption of updated secrets
2019-04-28 17:13:12 +02:00
q3k
4232c8b733
nix: bump to new k8s
2019-04-28 17:12:54 +02:00
q3k
b245865087
app/registry: allow anonymous pull access and temporary vms/ push access
2019-04-19 14:41:10 +02:00
q3k
3e59718d3a
WORKSPACE: add bazel docker rules
2019-04-19 14:40:47 +02:00
q3k
321fad9865
cluster/kube/rook: lower debug
2019-04-19 14:14:36 +02:00
q3k
ed2e670c8b
cluster/kube/rook: bump to ceph v14 fully
2019-04-19 13:27:20 +02:00
informatic
56918237ed
cluster: update ceph README
2019-04-09 23:48:33 +02:00
informatic
2c5391b6e6
tools/rook-s3cmd-config: tool to generate s3cmd config from rook.io secrets
2019-04-09 23:30:38 +02:00
informatic
7adc0eb998
app/registry: migrate to ceph object storage
2019-04-09 22:39:42 +02:00
informatic
5ac85c6e73
cluster/kube: refactor rook.io object store configuration
2019-04-09 21:45:32 +02:00
informatic
6da3b288dc
WIP: app/registry: ceph object storage
2019-04-09 13:48:21 +02:00
informatic
e24ccd678c
clustercfg: fix broken admincreds generation
2019-04-09 13:43:54 +02:00
informatic
dc1e5f0cb4
README: update according to new bazel paradigm(tm)
2019-04-09 13:30:28 +02:00
informatic
c10f00b7da
tools/secretstore: decrypt secrets when requesting plaintext path
2019-04-09 13:29:33 +02:00
informatic
598a079f57
clustercfg: extract cfssl handling to separate function
2019-04-09 13:29:33 +02:00
q3k
acd001bf83
tools: add cfssl
2019-04-09 13:17:06 +02:00
q3k
73cef11c85
*: rejigger tls certs and more
...
This pretty large change does the following:
- moves nix from bootstrap.hswaw.net to nix/
- changes clustercfg to use cfssl and moves it to cluster/clustercfg
- changes clustercfg to source information about target location of
certs from nix
- changes clustercfg to push nix config
- changes tls certs to have more than one CA
- recalculates all TLS certs
(it keeps the old serviceaccoutns key, otherwise we end up with
invalid serviceaccounts - the cert doesn't match, but who cares,
it's not used anyway)
2019-04-07 00:06:23 +02:00
q3k
208f005830
go/svc/leasifier: sort returned leases
2019-04-06 01:28:04 +02:00
q3k
a9a266c08c
go/svc/leasifier: fixes, add statusz table
2019-04-06 01:21:25 +02:00
q3k
1affad42e7
go/statusz: factor out load avg to separate file
2019-04-06 01:21:04 +02:00
q3k
3a2a693e0c
WORKSPACE: bump go
2019-04-06 01:20:19 +02:00
q3k
9dc4b68f24
go: add bazel buildfiles, implement leasifier
2019-04-05 23:53:25 +02:00
q3k
efc7928a73
go/vendor: nuke
2019-04-05 23:50:28 +02:00
q3k
6916f7e244
app/toot: start implementing redis
2019-04-04 16:54:00 +02:00
q3k
242152f65e
cluster/kube/lib/metallb: bump memory hoping to prevent crashes
2019-04-04 16:54:00 +02:00
informatic
ac38d5aeb1
app/registry: oauth2 authentication
2019-04-03 08:41:20 +02:00
informatic
6dc4839d74
app/registry: initial docker registry setup
2019-04-02 18:59:37 +02:00
q3k
0f78cea802
Merge branch 'master' of hackerspace.pl:hscloud
2019-04-02 14:45:23 +02:00
q3k
2fd5861d24
cluster: some doc updates
2019-04-02 14:45:17 +02:00
informatic
3187c59a86
cluster/kube: ceph dashboard tls certificates
2019-04-02 14:44:04 +02:00
informatic
2afe604595
cluster/kube: minor cert-manager cleanups, disable webhooks by default
2019-04-02 14:43:34 +02:00
informatic
79ddbc57d9
cluster/kube: initial cert-manager implementation
2019-04-02 13:20:15 +02:00
q3k
5f2dc8530d
toot: wip
2019-04-02 02:36:22 +02:00
q3k
65f3b1d8ab
cluster/kube: add waw-hdd-redundant-1 pool/storageclass
2019-04-02 01:05:38 +02:00
q3k
c6da127d3f
cluster/kube: ceph-waw1 up
2019-04-02 00:06:13 +02:00
q3k
cdfafaf91e
cluster/kube: finish rook operator
2019-04-01 19:16:18 +02:00
q3k
b7fcc67f42
cluster/kube: start implementing rook
2019-04-01 18:40:50 +02:00
q3k
14cbacb81a
cluster/kube/metallb: parametrize address pools
2019-04-01 18:00:44 +02:00
q3k
a9c7e86687
cluster: fix metallb, add nginx ingress controller
2019-04-01 17:56:28 +02:00
q3k
eeed6fb6da
recertify all certs
2019-04-01 16:19:28 +02:00
informatic
11603cb9fd
cmc-proxy: logout properly to prevent session exhaustion
...
Multiple calls to GetKVMData in a short timespan would make iDRAC refuse
all authentications because of dangling sessions... (and 5 concurrent
sessions limit)
2019-02-10 15:34:01 +01:00
q3k
1e565dc4a5
cluster: start implementing metallb
2019-01-18 09:40:59 +01:00
q3k
e3af1eb852
cluster: autodetect IP address
...
This is so that Calico starts with the proper subnet. Feeding it just an
IP from the node status will mean it parses it as /32 and uses IPIP
tunnels for all connectivity.
2019-01-18 09:39:57 +01:00
q3k
2afe3e46fd
tool/calicoctl: add secretstore to data
2019-01-18 01:37:45 +01:00
q3k
a305bc9fb5
tool: add calicoctl wrapper
2019-01-18 01:34:20 +01:00