Skip to content
This repository has been archived by the owner on Jun 22, 2023. It is now read-only.
/ public-services Public archive

Public available services such as Elastisearch or Kibana

www.osism.tech
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

osism-archive/public-services

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
.playbooks
.playbooks
 
 
generic
generic
 
 
scripts
scripts
 
 
sto1
sto1
 
 
sto2/minio
sto2/minio
 
 
.ansible-lint
.ansible-lint
 
 
.flake8
.flake8
 
 
.zuul.yaml
.zuul.yaml
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

public-services

Services that are available for public usage.

microk8s

On some bare-metal systems, microk8s is used to deploy Kubernetes. For all other services, Managed Kubernetes installations, provided by a Gardener instance, are used.

Installation

apt-get install -y snapcraft
snap install microk8s --classic --channel=1.23/stable
snap install kubectl --classic
microk8s enable dns dashboard storage ingress

The following command will output the kubeconfig file from microk8s:

microk8s config

Reset

microk8s reset --destroy-storage
microk8s enable dns dashboard storage ingress

sto1

sto1 is a bare-metal system with 14x 16 TByte SATA HDDs. It is used to store logs of the CI and container images. The storage is configured in a ZFS pool.

Generic services sto1

kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.2/cert-manager.yaml
kubectl apply -f generic/cert-manager.yaml

Elasticsearch & Kibana services

kubectl create -f https://download.elastic.co/downloads/eck/1.8.0/crds.yaml
kubectl apply -f https://download.elastic.co/downloads/eck/1.8.0/operator.yaml
kubectl apply -f sto1/logs.yaml

Get the credentials of the automatically created default user named elastic:

kubectl get secret logs-es-elastic-user -o go-template='{{.data.elastic | base64decode}}'

Harbor service

helm repo add harbor https://helm.goharbor.io
helm install --create-namespace --namespace harbor harbor harbor/harbor --values sto1/harbor/harbor.yaml --set harborAdminPassword=password
helm upgrade --namespace harbor harbor harbor/harbor --reuse-values

Gitea service

helm repo add gitea-charts https://dl.gitea.io/charts/
helm install --create-namespace --namespace gitea gitea gitea-charts/gitea --values sto1/gitea/values.yaml --set gitea.admin.password=password
helm upgrade --namespace gitea gitea gitea-charts/gitea --reuse-values

sto2

sto2 is a bare-metal system with 2x 8 TByte SATA HDDs. It is used to store machine images. Different to sto1, this system is not configured with a ZFS because minio cannot handle snapshots of ZFS and refuses to start at all (within kubernetes).

Generic services sto2

kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.2/cert-manager.yaml
kubectl apply -f generic/cert-manager.yaml

Minio service

brew install krew
kubectl krew install minio

To be able to run kubectl plugins, you need to add the following to your ~/.zshrc:

export PATH="${PATH}:${HOME}/.krew/bin"
kubectl minio init --namespace-to-watch default -o > generic/minio-operator.yaml
kubectl apply -f generic/minio-operator.yaml
kubectl minio tenant create -o --servers 1 --volumes 4 --capacity 400Gi --storage-class microk8s-hostpath --enable-host-sharing minio --namespace default > sto2/minio/minio.yaml
kubectl apply -f sto2/minio/minio-secrets.yaml
kubectl apply -f sto2/minio/minio.yaml
kubectl minio proxy -n minio-operator

The operator automatically updates the deployment with the newest stable versions.

About

Public available services such as Elastisearch or Kibana

www.osism.tech

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages