Skip to content

Commit

Permalink
feat(storage): deploy media zfs pvc and smb share
Browse files Browse the repository at this point in the history
  • Loading branch information
@jfroy
jfroy committed Sep 16, 2024
1 parent 8ff0937 commit febb575
Show file tree
Hide file tree
Showing 10 changed files with 133 additions and 3 deletions.
6 changes: 3 additions & 3 deletions kubernetes/apps/storage/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources: []
# - ./namespace.yaml
# - ./minio-storage/ks.yaml
resources:
- ./namespace.yaml
- ./media/ks.yaml
22 changes: 22 additions & 0 deletions kubernetes/apps/storage/media/ks.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: storage-media
namespace: flux-system
spec:
targetNamespace: storage
dependsOn:
- name: external-secrets-stores
- name: openebs
- name: samba-operator
path: ./kubernetes/apps/storage/media/media
prune: false # don't prune media objects for safety
sourceRef:
kind: GitRepository
name: home-kubernetes
wait: false
interval: 30m
retryInterval: 1m
timeout: 5m
31 changes: 31 additions & 0 deletions kubernetes/apps/storage/media/media/externalsecret.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: media-smb
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword
target:
name: media-smb-secret
template:
engineVersion: v2
data:
users: |-
{
"samba-container-config": "v0",
"users": {
{{- $users := list }}
{{- range $u, $p := . }}
{{- if $p }}
{{- $users = append $users (dict "name" $u "password" $p) }}
{{- end }}
{{- end }}
"all_entries": {{ $users | toJson }}
}
}
dataFrom:
- extract:
key: media-smb
11 changes: 11 additions & 0 deletions kubernetes/apps/storage/media/media/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./externalsecret.yaml
- ./pvc.yaml
- ./smbcommonconfig.yaml
- ./smbsecurityconfig.yaml
- ./smbshare.yaml
- ./storageclass.yaml
11 changes: 11 additions & 0 deletions kubernetes/apps/storage/media/media/pvc.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: media
spec:
accessModes: ["ReadWriteMany"]
resources:
requests:
storage: 200Ti
storageClassName: openebs-zfspv-media
8 changes: 8 additions & 0 deletions kubernetes/apps/storage/media/media/smbcommonconfig.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
apiVersion: samba-operator.samba.org/v1alpha1
kind: SmbCommonConfig
metadata:
name: media
spec:
network:
publish: external
10 changes: 10 additions & 0 deletions kubernetes/apps/storage/media/media/smbsecurityconfig.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
apiVersion: samba-operator.samba.org/v1alpha1
kind: SmbSecurityConfig
metadata:
name: media
spec:
mode: user
users:
secret: media-smb-secret
key: users
13 changes: 13 additions & 0 deletions kubernetes/apps/storage/media/media/smbshare.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
apiVersion: samba-operator.samba.org/v1alpha1
kind: SmbShare
metadata:
name: media
spec:
readOnly: false
browseable: true
securityConfig: media
commonConfig: media
storage:
pvc:
name: media
22 changes: 22 additions & 0 deletions kubernetes/apps/storage/media/media/storageclass.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: openebs-zfspv-media
allowedTopologies:
- matchLabelExpressions:
- key: kubernetes.io/hostname
values:
- kantai1
allowVolumeExpansion: true
parameters:
compression: "off"
dedup: "off"
fstype: "zfs"
poolname: "reservoir"
recordsize: "1M"
shared: "yes"
thinprovision: "yes"
provisioner: zfs.csi.openebs.io
reclaimPolicy: Retain
volumeBindingMode: Immediate
2 changes: 2 additions & 0 deletions kubernetes/apps/storage/namespace.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ metadata:
name: storage
annotations:
kustomize.toolkit.fluxcd.io/prune: disabled
labels:
pod-security.kubernetes.io/enforce: privileged
---
# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/notification.toolkit.fluxcd.io/provider_v1beta3.json
apiVersion: notification.toolkit.fluxcd.io/v1beta3
Expand Down

0 comments on commit febb575

Please sign in to comment.