Skip to content

Commit 91841e7

Browse files
committed
clean up
1 parent 742ebb0 commit 91841e7

12 files changed

Lines changed: 50 additions & 113 deletions

File tree

docs/argocd.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ To solve the "chicken-and-egg" problem of bootstrapping a cluster (e.g., needing
3434
| Wave | Phase | Components | Description |
3535
|------|-------|------------|-------------|
3636
| **0** | **Foundation** | `cilium`, `1password-connect`, `external-secrets` | **Networking & Secrets**. The absolute minimum required for other pods to start and pull credentials. |
37-
| **1** | **Storage** | `longhorn`, `garage` | **Persistence**. Depends on Wave 0 for Pod-to-Pod communication and S3 backup credentials. |
37+
| **1** | **Storage** | `longhorn`, `snapshot-controller`, `volsync` | **Persistence**. Depends on Wave 0 for Pod-to-Pod communication and secrets. |
3838
| **2** | **System** | `cert-manager`, `gpu-operator`, `databases` | **Core Services**. Depends on Storage (PVCs) and Networking (Ingress/Gateway). |
3939
| **3** | **Observability** | `kube-prometheus-stack`, `loki` | **Monitoring**. Monitors the healthy stack. |
4040
| **4** | **User** | `my-apps/*` | **Workloads**. The actual applications running on the cluster. |

infrastructure/controllers/argocd/apps/garage.yaml

Lines changed: 0 additions & 35 deletions
This file was deleted.

infrastructure/controllers/argocd/apps/kustomization.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,4 +14,3 @@ resources:
1414
- infrastructure-appset.yaml # Wave 2
1515
- monitoring-appset.yaml # Wave 3
1616
- my-apps-appset.yaml # Wave 4
17-
- garage.yaml

infrastructure/controllers/argocd/apps/projects.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@ spec:
1212
description: "Infrastructure components like controllers, networking, and storage."
1313
sourceRepos:
1414
- https://github.com/mitchross/talos-argocd-proxmox.git
15-
- https://git.deuxfleurs.fr/Deuxfleurs/garage.git
1615
destinations:
1716
- namespace: '*'
1817
server: https://kubernetes.default.svc
Lines changed: 0 additions & 50 deletions
Original file line numberDiff line numberDiff line change
@@ -1,53 +1,3 @@
11
# infrastructure/controllers/argocd/apps/values.yaml
22
deployment:
33
replicaCount: 1
4-
5-
garage:
6-
replicationFactor: "1"
7-
rpcBindAddr: "[::]:3901"
8-
# Generate these with: openssl rand -hex 32
9-
admin_token: "2ec9bf4ca836db5d7ad57903d91bdb5e5365fc062fa74b228fc1fc916fef6ebe"
10-
metrics_token: "2ec9bf4ca836db5d7ad57903d91bdb5e5365fc062fa74b228fc1fc916fef6ebe"
11-
dbEngine: "lmdb" # or "sqlite" if preferred
12-
13-
s3:
14-
api:
15-
region: "garage"
16-
rootDomain: ".s3.garage.local"
17-
web:
18-
rootDomain: ".web.garage.local"
19-
index: "index.html"
20-
21-
persistence:
22-
enabled: true
23-
meta:
24-
size: "1Gi"
25-
storageClass: "longhorn"
26-
data:
27-
size: "10Gi"
28-
storageClass: "longhorn"
29-
30-
service:
31-
type: ClusterIP
32-
# Ensure admin API is exposed through the Service so in-cluster clients (webui)
33-
# can reach port 3903. The upstream chart will render these ports if it uses
34-
# a `service.ports` values structure. If the chart uses a different shape,
35-
# adapt accordingly.
36-
ports:
37-
- name: s3-api
38-
port: 3900
39-
targetPort: 3900
40-
protocol: TCP
41-
- name: s3-web
42-
port: 3902
43-
targetPort: 3902
44-
protocol: TCP
45-
- name: admin
46-
port: 3903
47-
targetPort: 3903
48-
protocol: TCP
49-
50-
# Optional: enable metrics for Prometheus
51-
# monitoring:
52-
# metrics:
53-
# enabled: true

infrastructure/networking/README.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -167,7 +167,6 @@ machine:
167167
**HTTPRoutes:**
168168
- ArgoCD: `argocd.vanillax.me`
169169
- Longhorn: `longhorn.vanillax.me`
170-
- Garage (new): `garage.vanillax.me`
171170
- Many others...
172171

173172
## Network Flow Examples

infrastructure/storage/longhorn/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ defaultSettings:
66
# NOTE: Longhorn 1.10 consolidates settings for V1/V2 data engines. Use either
77
# a single scalar or a JSON string with per-engine values like {"v1":"...","v2":"..."} when needed.
88
defaultDataPath: "/var/lib/longhorn"
9-
storageMinimalAvailablePercentage: "25"
9+
storageMinimalAvailablePercentage: "10"
1010
storageOverProvisioningPercentage: "100"
1111
allowRecurringJobWhileVolumeDetached: "true"
1212
replicaAutoBalance: "best-effort"
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
apiVersion: external-secrets.io/v1
2+
kind: ExternalSecret
3+
metadata:
4+
name: loki-s3-credentials
5+
namespace: loki-stack
6+
spec:
7+
refreshInterval: "1h"
8+
secretStoreRef:
9+
kind: ClusterSecretStore
10+
name: 1password
11+
target:
12+
name: loki-s3-credentials
13+
creationPolicy: Owner
14+
data:
15+
- secretKey: AWS_ACCESS_KEY_ID
16+
remoteRef:
17+
key: rustfs
18+
property: loki_access_key
19+
- secretKey: AWS_SECRET_ACCESS_KEY
20+
remoteRef:
21+
key: rustfs
22+
property: loki

monitoring/loki-stack/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ namespace: loki-stack
44
resources:
55
- ns.yaml
66
- loki-http-route.yaml
7+
- externalsecret.yaml
78
helmCharts:
89
- name: loki
910
repo: https://grafana.github.io/helm-charts

monitoring/loki-stack/values.yaml

Lines changed: 21 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,20 @@
11
loki:
22
commonConfig:
33
path_prefix: /var/loki
4-
replication_factor: 3
4+
replication_factor: 2
55
storage:
66
type: "s3"
77
bucketNames:
8-
chunks: loki-chunks
9-
ruler: loki-ruler
10-
admin: loki-admin
8+
chunks: loki
9+
ruler: loki
10+
admin: loki
1111
s3:
12+
endpoint: http://192.168.10.133:30293
1213
region: us-east-1
14+
secretAccessKey: ${AWS_SECRET_ACCESS_KEY}
15+
accessKeyId: ${AWS_ACCESS_KEY_ID}
16+
s3ForcePathStyle: true
17+
insecure: true
1318
schemaConfig:
1419
configs:
1520
- from: "2024-04-01"
@@ -22,9 +27,7 @@ loki:
2227
ingester:
2328
chunk_encoding: snappy
2429
querier:
25-
# Default is 4, if you have enough memory and CPU you can increase, reduce if OOMing
2630
max_concurrent: 4
27-
# Configure query scheduler for read pods
2831
query_scheduler:
2932
use_scheduler_ring: true
3033
frontend_worker:
@@ -45,6 +48,9 @@ backend:
4548
limits:
4649
cpu: 500m
4750
memory: 1Gi
51+
extraEnvFrom:
52+
- secretRef:
53+
name: loki-s3-credentials
4854
read:
4955
replicas: 2
5056
resources:
@@ -54,6 +60,9 @@ read:
5460
limits:
5561
cpu: 1000m
5662
memory: 1Gi
63+
extraEnvFrom:
64+
- secretRef:
65+
name: loki-s3-credentials
5766
write:
5867
replicas: 3
5968
resources:
@@ -63,20 +72,13 @@ write:
6372
limits:
6473
cpu: 500m
6574
memory: 1Gi
66-
# Enable minio for storage
75+
extraEnvFrom:
76+
- secretRef:
77+
name: loki-s3-credentials
78+
# DISABLED - Using external S3 (TrueNAS RustFS) instead
79+
# This saves ~200Gi of Longhorn storage
6780
minio:
68-
enabled: true
69-
persistence:
70-
enabled: true
71-
storageClass: longhorn
72-
size: 50Gi
73-
resources:
74-
requests:
75-
cpu: 100m
76-
memory: 256Mi
77-
limits:
78-
cpu: 500m
79-
memory: 1Gi
81+
enabled: false
8082
gateway:
8183
service:
8284
type: LoadBalancer

0 commit comments

Comments
 (0)