diff --git a/kubernetes/apps/system/democratic-csi/ks.yaml b/kubernetes/apps/system/democratic-csi/ks.yaml new file mode 100644 index 0000000..c3ad250 --- /dev/null +++ b/kubernetes/apps/system/democratic-csi/ks.yaml @@ -0,0 +1,19 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &appname democratic-csi-local-path + namespace: flux-system +spec: + targetNamespace: system + commonMetadata: + labels: + app.kubernetes.io/name: *appname + path: "./kubernetes/apps/system/democratic-csi/local-path" + sourceRef: + kind: GitRepository + name: valinor + interval: 10m + prune: true + wait: true diff --git a/kubernetes/apps/system/democratic-csi/local-path/helmrelease.yaml b/kubernetes/apps/system/democratic-csi/local-path/helmrelease.yaml new file mode 100644 index 0000000..5b8dad0 --- /dev/null +++ b/kubernetes/apps/system/democratic-csi/local-path/helmrelease.yaml @@ -0,0 +1,88 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta1.json +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: local-path-provisioner +spec: + interval: 30m + chart: + spec: + chart: democratic-csi + version: 0.14.2 + sourceRef: + name: democratic-csi + kind: HelmRepository + namespace: flux-system + values: + csiDriver: + name: "org.democratic-csi.local-hostpath" + attachRequired: false + storageCapacity: true # With storage capacity tracking, the scheduler filters out nodes which do not have enough capacity. + fsGroupPolicy: File # fsGroupChangePolicy + + storageClasses: + - name: local-hostpath + defaultClass: false + reclaimPolicy: Delete + volumeBindingMode: WaitForFirstConsumer + # distributed support is not yet ready for expansion + allowVolumeExpansion: false + + volumeSnapshotClasses: + - name: local-hostpath + deletionPolicy: Delete + parameters: + dummy: {} + + controller: + enabled: true + strategy: node + externalAttacher: + enabled: false + externalProvisioner: + enabled: true + image: registry.k8s.io/sig-storage/csi-provisioner:v3.6.2 + extraArgs: + - --leader-election=false + - --node-deployment=true + - --node-deployment-immediate-binding=false + - --feature-gates=Topology=true + - --strict-topology=true + - --enable-capacity=true + - --capacity-ownerref-level=1 + externalResizer: + enabled: false + externalSnapshotter: + enabled: true + extraArgs: + - --leader-election=false + - --node-deployment=true + + node: + driver: + extraVolumeMounts: + - name: local-hostpath + mountPath: /var/mnt/lpnvme/demo-csi-local-path + mountPropagation: Bidirectional + + driverRegistrar: + enabled: true + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.9.1 + + extraVolumes: + - name: local-hostpath + hostPath: + path: /var/mnt/lpnvme/demo-csi-local-path + type: DirectoryOrCreate + + driver: + config: + driver: local-hostpath + instance_id: + local-hostpath: + shareBasePath: "/var/mnt/lpnvme/demo-csi-local-path" + controllerBasePath: "/var/mnt/lpnvme/demo-csi-local-path" + dirPermissionsMode: "0770" + dirPermissionsUser: 0 + dirPermissionsGroup: 0 diff --git a/kubernetes/apps/system/democratic-csi/local-path/kustomization.yaml b/kubernetes/apps/system/democratic-csi/local-path/kustomization.yaml new file mode 100644 index 0000000..fbba51d --- /dev/null +++ b/kubernetes/apps/system/democratic-csi/local-path/kustomization.yaml @@ -0,0 +1,6 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml diff --git a/kubernetes/flux/repositories/helm/democratic-csi.yaml b/kubernetes/flux/repositories/helm/democratic-csi.yaml new file mode 100644 index 0000000..94f6e8f --- /dev/null +++ b/kubernetes/flux/repositories/helm/democratic-csi.yaml @@ -0,0 +1,11 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrepository-source-v1beta2.json +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: HelmRepository +metadata: + name: democratic-csi + namespace: flux-system +spec: + interval: 30m + url: https://democratic-csi.github.io/charts/ + timeout: 3m diff --git a/talos/talconfig.yaml b/talos/talconfig.yaml index 162fc33..dde5565 100644 --- a/talos/talconfig.yaml +++ b/talos/talconfig.yaml @@ -75,6 +75,10 @@ nodes: talosImageURL: factory.talos.dev/installer/96f8c146a67c80daad900d3fc1a6976fe11062321eee9ab6ae2a6aea88b2d26e installDiskSelector: busPath: /pci0000:00/0000:00:03.1/0000:27:00.0/nvme/nvme0/nvme0n1 + machineDisks: + - device: /dev/disk/by-id/nvme-SAMSUNG_MZVLB512HBJQ-00000_S4GENX0N424497 + partitions: + - mountpoint: /var/mnt/lpnvme networkInterfaces: - interface: enp35s0 dhcp: true @@ -88,6 +92,18 @@ nodes: - network: 10.2.0.0/16 gateway: 10.2.1.1 # The route's gateway (if empty, creates link scope route). metric: 2048 + patches: + - |- + machine: + kubelet: + extraMounts: + - destination: /var/mnt/lpnvme + type: bind + source: /var/mnt/lpnvme + options: + - rbind + - rshared + - rw # VM on Bare-metal EX44 Proxmox pve - 13th Gen Intel(R) Core(TM) i5-13500 - 64GB RAM # - hostname: orome.hsn.dev # disableSearchDomain: true