diff --git a/kubernetes/main/apps/database/crunchy-pgo/app/helmrelease.yaml b/kubernetes/main/apps/database/crunchy-pgo/app/helmrelease.yaml deleted file mode 100644 index c8ff285c84771..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/app/helmrelease.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json -apiVersion: helm.toolkit.fluxcd.io/v2beta2 -kind: HelmRelease -metadata: - name: crunchy-postgres-operator -spec: - interval: 30m - chart: - spec: - chart: pgo - version: 5.5.0 - sourceRef: - kind: HelmRepository - name: crunchydata - namespace: flux-system - install: - crds: CreateReplace - remediation: - retries: 3 - upgrade: - cleanupOnFail: true - crds: CreateReplace - remediation: - retries: 3 - uninstall: - keepHistory: false - dependsOn: - - name: openebs - namespace: openebs-system - values: - install: - clusterLabels: - app.kubernetes.io/name: pgo diff --git a/kubernetes/main/apps/database/crunchy-pgo/app/kustomization.yaml b/kubernetes/main/apps/database/crunchy-pgo/app/kustomization.yaml deleted file mode 100644 index 17cbc72b25c80..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/app/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./helmrelease.yaml diff --git a/kubernetes/main/apps/database/crunchy-pgo/cluster/cluster.yaml b/kubernetes/main/apps/database/crunchy-pgo/cluster/cluster.yaml deleted file mode 100644 index c491e2be6a310..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/cluster/cluster.yaml +++ /dev/null @@ -1,118 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/postgres-operator.crunchydata.com/postgrescluster_v1beta1.json -apiVersion: postgres-operator.crunchydata.com/v1beta1 -kind: PostgresCluster -metadata: - name: &name postgres -spec: - postgresVersion: 16 - instances: - - name: postgres - metadata: - labels: - app.kubernetes.io/name: crunchy-postgres - replicas: &replica 3 - dataVolumeClaimSpec: - storageClassName: openebs-hostpath - accessModes: ["ReadWriteOnce"] - resources: - requests: - storage: 20Gi - topologySpreadConstraints: - - maxSkew: 1 - topologyKey: kubernetes.io/hostname - whenUnsatisfiable: DoNotSchedule - labelSelector: - matchLabels: - postgres-operator.crunchydata.com/data: postgres - users: - - name: postgres - databases: [] - options: SUPERUSER - password: &password - type: AlphaNumeric - - name: atuin - databases: ["atuin"] - password: *password - backups: - pgbackrest: - configuration: &backupConfig - - secret: - name: crunchy-pgo-secret - global: &backupFlag - archive-timeout: "60" - compress-type: lz4 - compress-level: "9" - delta: "y" - repo1-bundle: "y" - repo1-block: "y" - repo1-path: /pgdata/crunchy-pgo/repo1 - repo1-s3-uri-style: path - repo1-retention-full-type: time - repo1-retention-full: "14" - repo1-retention-diff: "30" - repo2-bundle: "y" - repo2-block: "y" - repo2-path: /pgdata/crunchy-pgo/repo2 - repo2-s3-uri-style: path - repo2-retention-full-type: time - repo2-retention-full: "2" - repo2-retention-diff: "7" - manual: - repoName: repo1 - options: ["--type=full"] - metadata: - labels: - app.kubernetes.io/name: crunchy-postgres-backup - repos: - - # Minio - name: repo1 - s3: &minio - bucket: crunchy-pgo - endpoint: s3.turbo.ac - region: us-east-1 - schedules: - full: "0 1 * * 0" # Sunday at 1am - differential: "0 1 * * 1-6" # Mon-Sat at 1am - incremental: "0 2-23 * * *" # Every hour except 1am - - # Cloudflare R2 - name: repo2 - s3: &r2 - bucket: crunchy-pgo - endpoint: ${CLUSTER_SECRET_CLOUDFLARE_ACCOUNT_ID}.r2.cloudflarestorage.com - region: us-east-1 - schedules: - full: "0 2 * * 0" # Sunday at 2am - differential: "0 2 * * 1-6" # Mon-Sat at 2am - dataSource: - pgbackrest: - stanza: db - configuration: *backupConfig - global: *backupFlag - repo: - name: repo1 - s3: *minio - proxy: - pgBouncer: - service: - metadata: - annotations: - external-dns.alpha.kubernetes.io/hostname: cpgo.devbu.io - io.cilium/lb-ipam-ips: 192.168.42.129 - type: LoadBalancer - port: 5432 - replicas: *replica - config: - global: - # Grafana requires session - # Ref: https://github.com/grafana/grafana/issues/74260 - pool_mode: transaction - client_tls_sslmode: prefer - topologySpreadConstraints: - - maxSkew: 1 - topologyKey: kubernetes.io/hostname - whenUnsatisfiable: DoNotSchedule - labelSelector: - matchLabels: - postgres-operator.crunchydata.com/cluster: *name - postgres-operator.crunchydata.com/role: pgbouncer diff --git a/kubernetes/main/apps/database/crunchy-pgo/cluster/externalsecret.yaml b/kubernetes/main/apps/database/crunchy-pgo/cluster/externalsecret.yaml deleted file mode 100644 index fbf0b43c464aa..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/cluster/externalsecret.yaml +++ /dev/null @@ -1,32 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: crunchy-pgo -spec: - secretStoreRef: - kind: ClusterSecretStore - name: onepassword-connect - target: - name: crunchy-pgo-secret - template: - engineVersion: v2 - data: - s3.conf: | - [global] - repo1-s3-key={{ .MINIO_ROOT_USER }} - repo1-s3-key-secret={{ .MINIO_ROOT_PASSWORD }} - repo2-s3-key={{ .AWS_ACCESS_KEY_ID }} - repo2-s3-key-secret={{ .AWS_SECRET_ACCESS_KEY }} - encryption.conf: | - [global] - repo1-cipher-pass={{ .CRUNCHY_PGO_CIPHER_PASS }} - repo2-cipher-pass={{ .CRUNCHY_PGO_CIPHER_PASS }} - dataFrom: - - extract: - key: cloudflare - - extract: - key: crunchy-pgo - - extract: - key: minio diff --git a/kubernetes/main/apps/database/crunchy-pgo/cluster/kustomization.yaml b/kubernetes/main/apps/database/crunchy-pgo/cluster/kustomization.yaml deleted file mode 100644 index f5c84badbe9a9..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/cluster/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./cluster.yaml - - ./externalsecret.yaml diff --git a/kubernetes/main/apps/database/crunchy-pgo/ks.yaml b/kubernetes/main/apps/database/crunchy-pgo/ks.yaml deleted file mode 100644 index 94a2445a5fbe6..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/ks.yaml +++ /dev/null @@ -1,68 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app crunchy-pgo - namespace: flux-system -spec: - targetNamespace: database - commonMetadata: - labels: - app.kubernetes.io/name: *app - path: ./kubernetes/main/apps/database/crunchy-pgo/app - prune: true - sourceRef: - kind: GitRepository - name: home-kubernetes - wait: true - interval: 30m - retryInterval: 1m - timeout: 5m ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app crunchy-pgo-cluster - namespace: flux-system -spec: - targetNamespace: database - commonMetadata: - labels: - app.kubernetes.io/name: *app - dependsOn: - - name: crunchy-pgo - - name: external-secrets-stores - path: ./kubernetes/main/apps/database/crunchy-pgo/cluster - prune: true - sourceRef: - kind: GitRepository - name: home-kubernetes - wait: true - interval: 30m - retryInterval: 1m - timeout: 5m ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app crunchy-pgo-secrets - namespace: flux-system -spec: - targetNamespace: database - commonMetadata: - labels: - app.kubernetes.io/name: *app - dependsOn: - - name: external-secrets - path: ./kubernetes/main/apps/database/crunchy-pgo/secrets - prune: true - sourceRef: - kind: GitRepository - name: home-kubernetes - wait: true - interval: 30m - retryInterval: 1m - timeout: 5m diff --git a/kubernetes/main/apps/database/crunchy-pgo/secrets/clustersecretstore.yaml b/kubernetes/main/apps/database/crunchy-pgo/secrets/clustersecretstore.yaml deleted file mode 100644 index 7ff9baf726f8e..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/secrets/clustersecretstore.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/clustersecretstore_v1beta1.json -apiVersion: external-secrets.io/v1beta1 -kind: ClusterSecretStore -metadata: - name: crunchy-pgo -spec: - provider: - kubernetes: - remoteNamespace: database - server: - caProvider: - type: ConfigMap - name: kube-root-ca.crt - namespace: database - key: ca.crt - auth: - serviceAccount: - name: crunchy-pgo-store - namespace: database diff --git a/kubernetes/main/apps/database/crunchy-pgo/secrets/kustomization.yaml b/kubernetes/main/apps/database/crunchy-pgo/secrets/kustomization.yaml deleted file mode 100644 index dbaceab8daf3a..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/secrets/kustomization.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# yaml-language-server: $schema=https://json.schemastore.org/kustomization -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./rbac.yaml - - ./clustersecretstore.yaml diff --git a/kubernetes/main/apps/database/crunchy-pgo/secrets/rbac.yaml b/kubernetes/main/apps/database/crunchy-pgo/secrets/rbac.yaml deleted file mode 100644 index ffc3115abb821..0000000000000 --- a/kubernetes/main/apps/database/crunchy-pgo/secrets/rbac.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: crunchy-pgo-store -rules: - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: ["authorization.k8s.io"] - resources: ["selfsubjectrulesreviews"] - verbs: ["create"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: crunchy-pgo-store -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: crunchy-pgo-store -subjects: - - kind: ServiceAccount - name: crunchy-pgo-store - namespace: database ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: crunchy-pgo-store - namespace: database diff --git a/kubernetes/main/apps/database/kustomization.yaml b/kubernetes/main/apps/database/kustomization.yaml index b520abe49e5fd..7931821aea4e8 100644 --- a/kubernetes/main/apps/database/kustomization.yaml +++ b/kubernetes/main/apps/database/kustomization.yaml @@ -8,5 +8,4 @@ resources: - ./notifications.yaml # Flux-Kustomizations - ./cloudnative-pg/ks.yaml - # - ./crunchy-pgo/ks.yaml - ./redis/ks.yaml