Disabled fediverse for now and re-configured rook-ceph.

kubernetes/apps/fediverse/elk/ks.yaml

@@ -1,18 +1,18 @@
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-elk
+#   name: cluster-apps-elk
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/elk/app"
+#   path: "./kubernetes/valinor/apps/fediverse/elk/app"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores

kubernetes/apps/fediverse/kustomization.yaml

@@ -1,9 +1,9 @@
----
+# ---
-apiVersion: kustomize.config.k8s.io/v1beta1
+# apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
+# kind: Kustomization
-resources:
+# resources:
-  # Pre Flux-Kustomizations
+#   # Pre Flux-Kustomizations
-  - ./namespace.yaml
+#   - ./namespace.yaml
-  # Flux-Kustomizations
+#   # Flux-Kustomizations
-  - ./elk/ks.yaml
+#   - ./elk/ks.yaml
-  - ./mastodon/ks.yaml
+#   - ./mastodon/ks.yaml

kubernetes/apps/fediverse/mastodon/ks.yaml

@@ -1,166 +1,166 @@
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon
+#   name: cluster-apps-mastodon
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-web
+#   name: cluster-apps-mastodon-web
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-web"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-web"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-streaming
+#   name: cluster-apps-mastodon-streaming
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-streaming"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-streaming"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-statsd
+#   name: cluster-apps-mastodon-statsd
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/statsd"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/statsd"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-addons
+#   name: cluster-apps-mastodon-addons
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/add-ons"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/add-ons"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: true
+#   wait: true
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-sidekiq-high-priority
+#   name: cluster-apps-mastodon-sidekiq-high-priority
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/local/high-priority"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/local/high-priority"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: false
+#   wait: false
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-sidekiq-low-volume
+#   name: cluster-apps-mastodon-sidekiq-low-volume
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/local/low-volume"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/local/low-volume"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: false
+#   wait: false
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-sidekiq-ingress
+#   name: cluster-apps-mastodon-sidekiq-ingress
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/remote/ingress"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/remote/ingress"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: false
+#   wait: false
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon
----
+# ---
-apiVersion: kustomize.toolkit.fluxcd.io/v1
+# apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
+# kind: Kustomization
-metadata:
+# metadata:
-  name: cluster-apps-mastodon-sidekiq-pull
+#   name: cluster-apps-mastodon-sidekiq-pull
-  namespace: flux-system
+#   namespace: flux-system
-  labels:
+#   labels:
-    substitution.flux.home.arpa/enabled: "true"
+#     substitution.flux.home.arpa/enabled: "true"
-spec:
+# spec:
-  interval: 10m
+#   interval: 10m
-  path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/remote/pull"
+#   path: "./kubernetes/valinor/apps/fediverse/mastodon/app/mastodon-sidekiq/remote/pull"
-  prune: true
+#   prune: true
-  sourceRef:
+#   sourceRef:
-    kind: GitRepository
+#     kind: GitRepository
-    name: valinor
+#     name: valinor
-  wait: false
+#   wait: false
-  dependsOn:
+#   dependsOn:
-    - name: cluster-apps-external-secrets-stores
+#     - name: cluster-apps-external-secrets-stores
-    - name: cluster-apps-mastodon
+#     - name: cluster-apps-mastodon

kubernetes/apps/rook-ceph/rook-ceph/cluster/helmrelease.yaml

@@ -9,11 +9,21 @@ spec:
   chart:
     spec:
       chart: rook-ceph-cluster
-      version: v1.12.0
+      version: v1.12.1
       sourceRef:
         kind: HelmRepository
         name: rook-ceph
         namespace: flux-system
+  maxHistory: 2
+  install:
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      retries: 3
+  uninstall:
+    keepHistory: false
   values:
     toolbox:
       enabled: true
@@ -31,57 +41,11 @@ spec:
       network:
         provider: host
 
-      resources:
-        mgr:
-          requests:
-            cpu: "1000m"
-            memory: "549M"
-          limits:
-            memory: "1219M"
-        mon:
-          requests:
-            cpu: "500m"
-            memory: "477M"
-          limits:
-            memory: "1059M"
-        osd:
-          requests:
-            cpu: "900m"
-            memory: "2678M"
-          limits:
-            memory: "5944M"
-        mgr-sidecar:
-          requests:
-            cpu: "700m"
-            memory: "94M"
-          limits:
-            memory: "208M"
-        crashcollector:
-          requests:
-            cpu: "15m"
-            memory: "64M"
-          limits:
-            memory: "64M"
-        logcollector:
-          requests:
-            cpu: "400m"
-            memory: "100M"
-          limits:
-            memory: "1G"
-        cleanup:
-          requests:
-            cpu: "250m"
-            memory: "100M"
-          limits:
-            memory: "1G"
-
       crashCollector:
         disable: false
-
       dashboard:
         enabled: true
         urlPrefix: /
-
       storage:
         useAllNodes: false
         useAllDevices: false
@@ -90,13 +54,13 @@ spec:
         nodes:
           - name: "varda"
             devices:
-              - name: "/dev/nvme0n1"
+              - name: /dev/disk/by-id/nvme-SAMSUNG_MZQL2960HCJR-00A07_S64FNE0R801309
           - name: "manwe"
             devices:
-              - name: "/dev/nvme0n1"
+              - name: /dev/disk/by-id/nvme-SAMSUNG_MZQL2960HCJR-00A07_S64FNE0R801843
           - name: "aule"
             devices:
-              - name: "/dev/nvme0n1"
+              - name: /dev/disk/by-id/nvme-SAMSUNG_MZQL2960HCJR-00A07_S64FNE0RA01210
 
     ingress:
       ingressClassName: "nginx"
@@ -105,7 +69,7 @@ spec:
           nginx.ingress.kubernetes.io/whitelist-source-range: "10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
           nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
         host:
-          name: &host rook-valinor.valinor.social
+          name: &host rook.valinor.social
           path: "/"
         tls:
           - hosts:
@@ -152,10 +116,10 @@ spec:
             activeStandby: true
             resources:
               requests:
-                cpu: "35m"
+                cpu: "1000m"
-                memory: "64M"
+                memory: "4Gi"
               limits:
-                memory: "144M"
+                memory: "4Gi"
         storageClass:
           enabled: true
           isDefault: false
@@ -189,11 +153,11 @@ spec:
             port: 80
             resources:
               requests:
-                cpu: 2000m
+                cpu: 1000m
-                memory: 512Mi
+                memory: 1Gi
               limits:
-                memory: 3Gi
+                memory: 2Gi
-            instances: 1
+            instances: 2
           healthCheck:
             bucket:
               interval: 60s

kubernetes/apps/rook-ceph/rook-ceph/operator/helmrelease.yaml

@@ -2,135 +2,42 @@
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
-  name: rook-ceph
+  name: rook-ceph-operator
   namespace: rook-ceph
 spec:
   interval: 30m
+  timeout: 15m
   releaseName: rook-ceph
   chart:
     spec:
       chart: rook-ceph
-      version: v1.12.0
+      version: v1.12.1
       sourceRef:
         kind: HelmRepository
         name: rook-ceph
         namespace: flux-system
+  maxHistory: 2
+  install:
+    remediation:
+      retries: 3
+  upgrade:
+    cleanupOnFail: true
+    remediation:
+      retries: 3
+  uninstall:
+    keepHistory: false
   values:
     crds:
       enabled: true
 
     csi:
-      kubeletDirPath: /var/lib/kubelet
       enableCSIHostNetwork: true
       pluginTolerations:
         - effect: "NoExecute"
           operator: "Exists"
         - effect: "NoSchedule"
           operator: "Exists"
-
-      csiRBDProvisionerResource: |
-        - name : csi-provisioner
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-resizer
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-attacher
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-snapshotter
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-rbdplugin
-          resource:
-            requests:
-              memory: 512Mi
-              cpu: 50m
-            limits:
-              memory: 1Gi
-        - name : csi-omap-generator
-          resource:
-            requests:
-              memory: 512Mi
-              cpu: 50m
-            limits:
-              memory: 1Gi
-        - name : liveness-prometheus
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-
-      csiCephFSProvisionerResource: |
-        - name : csi-provisioner
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-resizer
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-attacher
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-snapshotter
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-        - name : csi-cephfsplugin
-          resource:
-            requests:
-              memory: 512Mi
-              cpu: 50m
-            limits:
-              memory: 1Gi
-        - name : liveness-prometheus
-          resource:
-            requests:
-              memory: 128Mi
-              cpu: 25m
-            limits:
-              memory: 256Mi
-
     monitoring:
       enabled: true
 
     pspEnable: false
-
-    resources:
-      requests:
-        cpu: 109m
-        memory: 204M
-      limits:
-        memory: 453M