From 2e70446fa924891495502084a2eea885e8ec40b2 Mon Sep 17 00:00:00 2001 From: Jory Irving Date: Wed, 7 Feb 2024 14:32:38 -0700 Subject: [PATCH] migrate to control plane --- .../nut-exporter/app/helmrelease.yaml | 8 +++ .../speedtest-exporter/app/helmrelease.yaml | 8 +++ .../observability/gatus/app/helmrelease.yaml | 11 +++- .../observability/karma/app/helmrelease.yaml | 11 +++- .../observability/loki/app/helmrelease.yaml | 53 ++++++++++--------- .../observability/thanos/app/helmrelease.yaml | 19 ++++--- .../unifi-poller/app/helmrelease.yaml | 15 +++--- .../vector/app/aggregator/helmrelease.yaml | 14 ++--- 8 files changed, 91 insertions(+), 48 deletions(-) diff --git a/kubernetes/teyvat/apps/observability/exporters/nut-exporter/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/exporters/nut-exporter/app/helmrelease.yaml index 773c257a66..0da8cdc58f 100644 --- a/kubernetes/teyvat/apps/observability/exporters/nut-exporter/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/exporters/nut-exporter/app/helmrelease.yaml @@ -44,6 +44,14 @@ spec: limits: cpu: 100m memory: 100Mi + pod: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists service: main: ports: diff --git a/kubernetes/teyvat/apps/observability/exporters/speedtest-exporter/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/exporters/speedtest-exporter/app/helmrelease.yaml index b96b952b80..040fc48463 100644 --- a/kubernetes/teyvat/apps/observability/exporters/speedtest-exporter/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/exporters/speedtest-exporter/app/helmrelease.yaml @@ -43,6 +43,14 @@ spec: memory: 50Mi limits: memory: 100Mi + pod: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists service: main: enabled: false diff --git a/kubernetes/teyvat/apps/observability/gatus/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/gatus/app/helmrelease.yaml index 38ccf3e263..deaa922d16 100644 --- a/kubernetes/teyvat/apps/observability/gatus/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/gatus/app/helmrelease.yaml @@ -2,7 +2,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: - name: gatus + name: &app gatus spec: interval: 30m chart: @@ -26,6 +26,8 @@ spec: values: controllers: main: + replicas: 2 + strategy: RollingUpdate annotations: reloader.stakater.com/auto: "true" initContainers: @@ -97,6 +99,13 @@ spec: - matchExpressions: - key: node-role.kubernetes.io/control-plane operator: Exists + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app.kubernetes.io/name: *app service: main: ports: diff --git a/kubernetes/teyvat/apps/observability/karma/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/karma/app/helmrelease.yaml index 4dad897448..20866949e5 100644 --- a/kubernetes/teyvat/apps/observability/karma/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/karma/app/helmrelease.yaml @@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: - name: karma + name: &app karma spec: interval: 30m chart: @@ -30,6 +30,8 @@ spec: values: controllers: main: + replicas: 2 + strategy: RollingUpdate annotations: reloader.stakater.com/auto: "true" containers: @@ -53,6 +55,13 @@ spec: - matchExpressions: - key: node-role.kubernetes.io/control-plane operator: Exists + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app.kubernetes.io/name: *app service: main: ports: diff --git a/kubernetes/teyvat/apps/observability/loki/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/loki/app/helmrelease.yaml index d664397495..f90f93b134 100644 --- a/kubernetes/teyvat/apps/observability/loki/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/loki/app/helmrelease.yaml @@ -125,21 +125,17 @@ spec: store: memberlist analytics: reporting_enabled: false - gateway: + write: replicas: 2 - image: - registry: ghcr.io - ingress: - enabled: true - ingressClassName: internal - hosts: - - host: &host "{{ .Release.Name }}.${SECRET_DOMAIN}" - paths: - - path: / - pathType: Prefix - tls: - - hosts: - - *host + persistence: + storageClass: local-hostpath + affinity: &affinity | + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists read: replicas: 2 persistence: @@ -150,10 +146,7 @@ spec: extraVolumes: - name: rules emptyDir: {} - write: - replicas: 2 - persistence: - storageClass: local-hostpath + affinity: *affinity backend: replicas: 2 persistence: @@ -169,6 +162,23 @@ spec: name: loki-alerting-rules - name: scratch emptyDir: {} + affinity: *affinity + gateway: + replicas: 2 + image: + registry: ghcr.io + affinity: *affinity + ingress: + enabled: true + ingressClassName: internal + hosts: + - host: &host "{{ .Release.Name }}.${SECRET_DOMAIN}" + paths: + - path: / + pathType: Prefix + tls: + - hosts: + - *host monitoring: dashboards: annotations: @@ -188,10 +198,3 @@ spec: repository: ghcr.io/kiwigrid/k8s-sidecar test: enabled: false - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists diff --git a/kubernetes/teyvat/apps/observability/thanos/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/thanos/app/helmrelease.yaml index b9a2baf14e..3a468d0a81 100644 --- a/kubernetes/teyvat/apps/observability/thanos/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/thanos/app/helmrelease.yaml @@ -71,6 +71,13 @@ spec: extraTls: - hosts: - *host + affinity: &affinity + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists query: enabled: true replicaCount: 2 @@ -79,9 +86,11 @@ spec: sidecarsService: kube-prometheus-stack-thanos-discovery sidecarsNamespace: observability stores: ["thanos-svc.${PI_DOMAIN}:10901"] #["${SVC_PI_THANOS_ADDR}:10901"] + affinity: *affinity bucketweb: enabled: true replicaCount: 2 + affinity: *affinity compactor: enabled: true extraFlags: @@ -94,6 +103,7 @@ spec: enabled: true storageClass: local-hostpath size: 10Gi + affinity: *affinity storegateway: enabled: true replicaCount: 2 @@ -101,6 +111,7 @@ spec: enabled: true storageClass: local-hostpath size: 10Gi + affinity: *affinity ruler: enabled: true replicaCount: 2 @@ -122,14 +133,8 @@ spec: enabled: true storageClass: local-hostpath size: 10Gi + affinity: *affinity metrics: enabled: true serviceMonitor: enabled: true - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists diff --git a/kubernetes/teyvat/apps/observability/unifi-poller/app/helmrelease.yaml b/kubernetes/teyvat/apps/observability/unifi-poller/app/helmrelease.yaml index fd56e26ce9..417677ca51 100644 --- a/kubernetes/teyvat/apps/observability/unifi-poller/app/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/unifi-poller/app/helmrelease.yaml @@ -40,6 +40,14 @@ spec: envFrom: - secretRef: name: unifi-poller-credentials + pod: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists service: main: ports: @@ -54,10 +62,3 @@ spec: path: /metrics interval: 2m scrapeTimeout: 30s - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists diff --git a/kubernetes/teyvat/apps/observability/vector/app/aggregator/helmrelease.yaml b/kubernetes/teyvat/apps/observability/vector/app/aggregator/helmrelease.yaml index 185239ce4d..edc9a2d8ff 100644 --- a/kubernetes/teyvat/apps/observability/vector/app/aggregator/helmrelease.yaml +++ b/kubernetes/teyvat/apps/observability/vector/app/aggregator/helmrelease.yaml @@ -50,6 +50,13 @@ spec: tag: 0.35.0-debian@sha256:d6dd5660c3a28fc7266b5202b5386d109bb635c2c456a1f1c87d01b25fc6dcb5 args: ["--config", "/etc/vector/vector.yaml"] pod: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname @@ -87,10 +94,3 @@ spec: type: emptyDir globalMounts: - path: /usr/share/GeoIP - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists