Skip to content

Commit e21deb0

Browse files
committed
up
1 parent 89449e8 commit e21deb0

9 files changed

Lines changed: 144 additions & 72 deletions

File tree

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -151,7 +151,7 @@ This final step uses our "App of Apps" pattern to bootstrap the entire cluster.
151151
```bash
152152
# 1. Apply the ArgoCD main components and CRDs
153153
# This deploys the ArgoCD Helm chart, which creates the CRDs and controller.
154-
kustomize build infrastructure/argocd --enable-helm | kubectl apply -f -
154+
kustomize build infrastructure/controllers/argocd --enable-helm | kubectl apply -f -
155155
156156
# 2. Wait for the ArgoCD CRDs to be established in the cluster
157157
# This command pauses until the Kubernetes API server recognizes the 'Application' resource type.

iac/README.md

Lines changed: 28 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -53,37 +53,53 @@ packer build -var-file="vars/local.pkrvars.hcl" -var-file="vars/gpu.pkrvars.hcl"
5353

5454
### 3. Terraform - Provisioning Infrastructure
5555

56-
The Terraform setup is now declarative. All node configurations are managed in one place.
56+
The Terraform setup is fully declarative with all node configurations managed in one place.
5757

5858
1. **Navigate to the Terraform directory:**
5959
```bash
6060
cd iac/terraform/talos-cluster/
6161
```
6262

6363
2. **Set up credentials:**
64-
Create a `credentials.auto.tfvars` file. This file is ignored by Git and should contain your Proxmox secrets.
64+
Create a `credentials.auto.tfvars` file (automatically loaded by Terraform). This file is git-ignored and contains your Proxmox secrets:
6565
```hcl
6666
# iac/terraform/talos-cluster/credentials.auto.tfvars
67-
6867
proxmox_api_url = "https://<your-proxmox-ip>:8006/api2/json"
69-
proxmox_api_token = "<your-proxmox-api-token>" // e.g., root@pam!iac=...
68+
proxmox_node = "<your-proxmox-node-name>"
69+
proxmox_api_token = "<your-api-token-id>=<your-api-token-secret>"
70+
proxmox_pool = ""
7071
proxmox_ssh_password = "<your-proxmox-ssh-password>"
7172
```
73+
74+
**Example:**
75+
```hcl
76+
proxmox_api_url = "https://192.168.10.11:8006/api2/json"
77+
proxmox_node = "proxmox-threadripper"
78+
proxmox_api_token = "root@pam!iac=c30cfedb-0cd8-4c0f-932b-6aded8a1c3ae"
79+
proxmox_pool = ""
80+
proxmox_ssh_password = "your-ssh-password"
81+
```
7282

7383
3. **Configure your cluster nodes:**
74-
Open `variables.tf` and review the `nodes` variable. This is the single source of truth for your cluster's infrastructure.
75-
- Adjust IPs, MAC addresses, cores, memory, and disk sizes as needed.
76-
- **Crucially, ensure the MAC addresses here match the `hardwareAddr` selectors in `iac/talos/talconfig.yaml`**.
84+
Node configurations are defined in `variables.tf` in the `nodes` variable. This is the single source of truth for your cluster infrastructure.
85+
- Review and adjust IPs, MAC addresses, cores, memory, and disk sizes as needed
86+
- **Important**: Ensure MAC addresses match the `hardwareAddr` selectors in `iac/talos/talconfig.yaml`
87+
- VM IDs and roles are pre-configured for a 3-master + 3-worker cluster
7788

7889
4. **Initialize and apply Terraform:**
7990
```bash
80-
# Initialize Terraform
91+
# Initialize Terraform (only needed once)
8192
terraform init -upgrade
8293
83-
# Create execution plan
94+
# Plan and apply changes
8495
terraform plan -out=.tfplan
96+
terraform apply .tfplan
97+
```
8598

86-
# Apply the plan
99+
**For targeted deployments** (e.g., recreating a single VM):
100+
```bash
101+
# Target specific resources
102+
terraform plan -target='proxmox_virtual_environment_vm.vm["talos-master-00"]' -out=.tfplan
87103
terraform apply .tfplan
88104
```
89105

@@ -193,6 +209,7 @@ cilium install \
193209
--helm-set=l2announcements.enabled=true \
194210
--helm-set=externalIPs.enabled=true \
195211
--set gatewayAPI.enabled=true \
196-
--helm-set=devices=e+
212+
--helm-set=devices=e+ \
213+
--helm-set=operator.replicas=1
197214
```
198215

iac/talos/talconfig.yaml

Lines changed: 37 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -16,12 +16,12 @@ schematic:
1616
customization:
1717
systemExtensions:
1818
officialExtensions:
19-
- siderolabs/amd-ucode
20-
- siderolabs/gasket-driver
21-
- siderolabs/i915
22-
- siderolabs/iscsi-tools
23-
- siderolabs/qemu-guest-agent
24-
- siderolabs/util-linux-tools
19+
- siderolabs/amd-ucode
20+
- siderolabs/gasket-driver
21+
- siderolabs/iscsi-tools
22+
- siderolabs/nfsd
23+
- siderolabs/qemu-guest-agent
24+
- siderolabs/util-linux-tools
2525
# Node configurations
2626
nodes:
2727
# Control plane nodes
@@ -38,32 +38,32 @@ nodes:
3838
routes:
3939
- network: 0.0.0.0/0
4040
gateway: 192.168.10.1
41-
- hostname: talos-cluster-control-01
42-
controlPlane: true
43-
ipAddress: 192.168.10.101
44-
installDisk: /dev/sda
45-
networkInterfaces:
46-
- deviceSelector:
47-
hardwareAddr: "bc:24:11:ed:73:bf"
48-
dhcp: false
49-
addresses:
50-
- 192.168.10.101/24
51-
routes:
52-
- network: 0.0.0.0/0
53-
gateway: 192.168.10.1
54-
- hostname: talos-cluster-control-02
55-
controlPlane: true
56-
ipAddress: 192.168.10.102
57-
installDisk: /dev/sda
58-
networkInterfaces:
59-
- deviceSelector:
60-
hardwareAddr: "bc:24:11:98:6b:13"
61-
dhcp: false
62-
addresses:
63-
- 192.168.10.102/24
64-
routes:
65-
- network: 0.0.0.0/0
66-
gateway: 192.168.10.1
41+
# - hostname: talos-cluster-control-01
42+
# controlPlane: true
43+
# ipAddress: 192.168.10.101
44+
# installDisk: /dev/sda
45+
# networkInterfaces:
46+
# - deviceSelector:
47+
# hardwareAddr: "bc:24:11:ed:73:bf"
48+
# dhcp: false
49+
# addresses:
50+
# - 192.168.10.101/24
51+
# routes:
52+
# - network: 0.0.0.0/0
53+
# gateway: 192.168.10.1
54+
# - hostname: talos-cluster-control-02
55+
# controlPlane: true
56+
# ipAddress: 192.168.10.102
57+
# installDisk: /dev/sda
58+
# networkInterfaces:
59+
# - deviceSelector:
60+
# hardwareAddr: "bc:24:11:98:6b:13"
61+
# dhcp: false
62+
# addresses:
63+
# - 192.168.10.102/24
64+
# routes:
65+
# - network: 0.0.0.0/0
66+
# gateway: 192.168.10.1
6767
# GPU worker node
6868
- hostname: talos-cluster-gpu-worker-00
6969
controlPlane: false
@@ -75,12 +75,12 @@ nodes:
7575
officialExtensions:
7676
- siderolabs/amd-ucode
7777
- siderolabs/gasket-driver
78-
- siderolabs/i915
7978
- siderolabs/iscsi-tools
80-
- siderolabs/qemu-guest-agent
81-
- siderolabs/util-linux-tools
79+
- siderolabs/nfsd
8280
- siderolabs/nonfree-kmod-nvidia-production
8381
- siderolabs/nvidia-container-toolkit-production
82+
- siderolabs/qemu-guest-agent
83+
- siderolabs/util-linux-tools
8484
networkInterfaces:
8585
- deviceSelector:
8686
hardwareAddr: "bc:24:11:77:86:5f"
@@ -120,8 +120,8 @@ nodes:
120120
officialExtensions:
121121
- siderolabs/amd-ucode
122122
- siderolabs/gasket-driver
123-
- siderolabs/i915
124123
- siderolabs/iscsi-tools
124+
- siderolabs/nfsd
125125
- siderolabs/qemu-guest-agent
126126
- siderolabs/util-linux-tools
127127
networkInterfaces:
@@ -156,8 +156,8 @@ nodes:
156156
officialExtensions:
157157
- siderolabs/amd-ucode
158158
- siderolabs/gasket-driver
159-
- siderolabs/i915
160159
- siderolabs/iscsi-tools
160+
- siderolabs/nfsd
161161
- siderolabs/qemu-guest-agent
162162
- siderolabs/util-linux-tools
163163
networkInterfaces:

iac/talos/talsecret.sops.yaml

Lines changed: 21 additions & 21 deletions
Large diffs are not rendered by default.
Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
# Terraform files
2+
*.tfstate
3+
*.tfstate.*
4+
.terraform/
5+
.terraform.lock.hcl
6+
*.tfplan*
7+
8+
# Credentials
9+
credentials.sh
10+
credentials.auto.tfvars
11+
.env

iac/terraform/talos-cluster/locals.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ locals {
33
cluster_name = "talos-cluster"
44
cluster_endpoint = "https://192.168.10.199:6443"
55
cni_name = "cilium"
6-
talos_version = "v1.10.4"
6+
talos_version = "v1.10.5"
77
gateway = "192.168.10.1"
88
network_bridge = "vmbr0"
99
disk_storage = "local-lvm"
Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
cluster:
2+
id: D3nPe_k7rwyTo44O127B5WT3HspZp-k26lVDW3JwSXw=
3+
secret: iwROKtvLC8O2jx50LcdFok66uZJCqeSuejmFDRMTHqA=
4+
secrets:
5+
bootstraptoken: ygnalx.uwwromwhs4t7i5wp
6+
secretboxencryptionsecret: tlcPi1BEGzlIObP10Mt6bJdq0mYJ5mFfOGg6OG0ENjc=
7+
trustdinfo:
8+
token: xlmxx3.r2ppcobcw0me89p2
9+
certs:
10+
etcd:
11+
crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJmVENDQVNTZ0F3SUJBZ0lSQUoyRVlnU1FKanNPbFZnZ3J0cFBjM0l3Q2dZSUtvWkl6ajBFQXdJd0R6RU4KTUFzR0ExVUVDaE1FWlhSalpEQWVGdzB5TlRBM01UY3hNak16TURWYUZ3MHpOVEEzTVRVeE1qTXpNRFZhTUE4eApEVEFMQmdOVkJBb1RCR1YwWTJRd1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFTT0ZNeThUdUt3ClFpTjUrNmJVbm4weEtzenZPRXNlelI1aHh5bExON2ZmTnA0VXhLTjBXTDhtT2pQWUVmMkZlYVlPSDIrUTA2SFQKM1RCM1pvL3JybXk2bzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSApBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkF4bWtsMkE2NUdtCm5idkFTUzRSVDQrYktTVkpNQW9HQ0NxR1NNNDlCQU1DQTBjQU1FUUNJRVpTL0ZKT2hsd2ZSU3dHY21ZSkkwS3IKL3BtRlpVaE1Tb3BjTnJwZjJMMUxBaUE0YlhVR0puNHM1aElETUNaQWpSRE1kMjVrUEhzYzVxdVNqMlJVYi9JZgprQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
12+
key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJCMWhScDdPcVRQd2x3Tm1VOTc5cFcvMGozS3lWRG5ydXR0Zmw0bjBtdG5vQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFamhUTXZFN2lzRUlqZWZ1bTFKNTlNU3JNN3poTEhzMGVZY2NwU3plMzN6YWVGTVNqZEZpLwpKam96MkJIOWhYbW1EaDl2a05PaDA5MHdkMmFQNjY1c3VnPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
13+
k8s:
14+
crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJpVENDQVRDZ0F3SUJBZ0lSQU9IK0hkM2hvMUlObUNNYUM1cGE5ZFV3Q2dZSUtvWkl6ajBFQXdJd0ZURVQKTUJFR0ExVUVDaE1LYTNWaVpYSnVaWFJsY3pBZUZ3MHlOVEEzTVRjeE1qTXpNRFZhRncwek5UQTNNVFV4TWpNegpNRFZhTUJVeEV6QVJCZ05WQkFvVENtdDFZbVZ5Ym1WMFpYTXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak9QUU1CCkJ3TkNBQVFUNWxiRlZFNWxLOEJkYWVGNUh4RFUxa1dzM0EwTDdkNk4rVjFYdHA3SzZHN0o3TnM1a2ZnQkgzR2UKbkNaOTZBVEd3UC9yZ01uTi9DUytJL3dCMGMycm8yRXdYekFPQmdOVkhROEJBZjhFQkFNQ0FvUXdIUVlEVlIwbApCQll3RkFZSUt3WUJCUVVIQXdFR0NDc0dBUVVGQndNQ01BOEdBMVVkRXdFQi93UUZNQU1CQWY4d0hRWURWUjBPCkJCWUVGRTluVmlsMWFYeWh1bTB1cFp6d04zVmxQVHFpTUFvR0NDcUdTTTQ5QkFNQ0EwY0FNRVFDSUc4RXJkNjIKNVNFZzJ5VnVjaDJsc1FKNDNvTUNSZ29mQjdvNUJJVUltaTlsQWlCTWRrdWwzYWc2a1dEcXptc0tYSUhTY3d5Vwo1VHJ4V1ZOelZrU092VDBNVUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
15+
key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUxlNGhrTCtmNFY5R0ZhR1NsY3VKTmhEb1NGQ3FmMnJxV2hoTmRyL2RHNHdvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFRStaV3hWUk9aU3ZBWFduaGVSOFExTlpGck53TkMrM2VqZmxkVjdhZXl1aHV5ZXpiT1pINApBUjl4bnB3bWZlZ0V4c0QvNjRESnpmd2t2aVA4QWRITnF3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
16+
k8saggregator:
17+
crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJZRENDQVFXZ0F3SUJBZ0lRZjNqSFlQazNKcEsxWU5NVGpVWVlvVEFLQmdncWhrak9QUVFEQWpBQU1CNFgKRFRJMU1EY3hOekV5TXpNd05Wb1hEVE0xTURjeE5URXlNek13TlZvd0FEQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxRwpTTTQ5QXdFSEEwSUFCSzdwYzZGOUJQUkxRam4wYlhoemFlWUhwWUtnS3lnS1VSaGluM2ZMbk52cSt2NHAxU0VKClRWcU5KY1JoazJHYzZkYUJwTGkwZ3ZQOVZpUVJqeDliK0x1allUQmZNQTRHQTFVZER3RUIvd1FFQXdJQ2hEQWQKQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQVFZSUt3WUJCUVVIQXdJd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZApCZ05WSFE0RUZnUVVsNk03TmlXNVpzbE54Sk9FZEFjYnlXK0pDOFF3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loCkFMR3RqZDFsOVl6ZHlqZVJXL0pOb1lTNXVSRE9jbTRsdDlKVnFPMVp6SUF0QWlFQWpPaStFT3pTYlJxWlVEZlUKQU1EODdqamhKeWFKWnc2cXVoTTkyVlljb0JNPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
18+
key: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSU1VZzIvWmtpT2R3NVU2di9SQVB1MkdTc2U1aG5KejZUMEN5VjJXVGlrYUNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFcnVsem9YMEU5RXRDT2ZSdGVITnA1Z2VsZ3FBcktBcFJHR0tmZDh1YzIrcjYvaW5WSVFsTgpXbzBseEdHVFlaenAxb0drdUxTQzgvMVdKQkdQSDF2NHV3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
19+
k8sserviceaccount:
20+
key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBM3pRV1JGbWpZelAyNlJwKzJOVE5JdHp1NUdqRGpZamxIOGZ0NWdYTFZPZmEyYzlCCnhJVkloY1R1Vk5XalUyQ0p1dndRMmRxNUk0elhId1FTaEpSdHZ5MExLWDFBWU4xMXRxN3cxbmxzTXhLQ2ZOZFUKeTJkaDJNN2dEN1dtRS9ZZHRwZEtEOVB2Qjd0cXpoQ2djVHJTYjBtRDU3NW8vc2xnT3ZHSmwvdEIvV0pxNnRHNApITmZxS090bkFkK2tMbitUeEk2bkhHaGVCWXJ4d1dMc0NMYjVNeCtmUVh3UVJWcHVaTmxSb2tEU010OUZiWkVQCjRqR3BhRktGZTEraUt1eFkyN29iMERBOGJwUnJjSXJ6NkJnRWUvVWZwako3MHJiQjVSSEZFTitvUitTaTd3cCsKMUNYOXlzazRPNmQySHpLTmZ0enpURE0vNG0vWWNLTmhhWHlmeEdsWisxZjgvb2dFOUpTcktBcmc2Yi9pVXgyUwpka2dBUHFORXJldDRxMEE0ZG9Gd1pBWC9EV1hqYnFrY1VuVnRnd291ei9lUCtHN2sxOHR6cnpPZk1WVFlPTWtuClR2Qll3ZXcwRFZHbVF1RFpubUhjUHprRUUxTlY2Vlo3SnhkOTFvdG84VmhLOGk4RWFCeWJWdjdXcVJjOUk1UlEKNVpYQW45dFF2UjJ5N1NKcGdDMzZSWE8wMi8vTWtFL0pFZFgwR0dWc2daRG9BbTIwdGJMMmR6T0dydENPa205UApuY25CS01VK21RRkFKczQ1ekpEVE16cUtWdmJVNkZRRG04MXhXR1ArOWN1MXE3bjFqTkdNb0NXT2NpM2JzL01hCno0VitSczIrNFErYmFkUCt3MzBCVHBLSE5kUTQrZjJyY0VLdXo4ZGhTa2V2VUJyQUpVTHMyUGRxZFRjQ0F3RUEKQVFLQ0FnQVJyNlhvQ3BaSXdSQmFqaS9vN0l2SXJHcjlqRk9hZm5OeFhqMDZrZEQzekZ0cUVPTXNPRWR6MmhQcwpndlVySVNZb3U5cDErTC9jMGtjbGZRUWVuMGhHOHNIRXF0a1VFOWhFL24yMDhQQWk1OStSRnRyd055UG9zeFBNCkN0KzdDekIxakcxZzdiRXVFcXEyNDFoalFINzJOSVFRTStWTDh4Yjk5SytyYkV4aFVKQWFSVDNxZ3kxWnlyVmgKejUvSjAzQVpEaGl0eHBOVXF4clc4UWkwOUJLdysxdDZLK042SzEwOS9uNWFkZnB4NzRFbjJtdkF4NkNkMUpRaApINFhSRXVORG5lNmdRNEkyWE9wYWc1Z3FGdVVjRVdOTm53aHl2T3FHUlM4eFZCZVlnc1JxWHBHSUsrNTlTQTU5Cm81cFhoSUR6d1h4QjJIbkNib3hlK0lNNmdaYURLczJlTjcrYmJ4YW0vbzF5dldXaUU4MitBbzIrUjhKM1VpRncKTWNJVGxuK1pCbXQ3MjlyYjlxczlnRFRiOUdJWXNFOWYwTTZlU2ZmY0pGN2hTRUduWU9tVnVRT3NZK1pyRS8reQpJK2FXbzNsa1d6bDhsODU4Q0lIZDBkclFzV1MxN0pwa1BwRTRpRGxWOHdOREZadjd0c1hJbjBtcE1LY1JqUVVSCjM1STBYRU45U2FVSUVhclZrZkxxcXFQUWo1YzhXS2lnUlZsOGhnUkJ4YjlXekFGdVQ5TklYOXBFWVA4ckN5Ui8KMVE3TFZZV3pmRi84ZjZKdnJ1N2k3bHdUdmdnZjEvaWpPTlZvdmJ5dDZqKzZaV1FycWtmV1pSY044VXVNcFZRNgpPSzJFUm15QUlzV2h5SXNsUzNDd2xyZmY2azJXaWIzMGRESWVMOVBoYmQzMURMQkhrUUtDQVFFQStsa21YN0hvCnZOVVBxTUtLWGVZbXRvYXJab1FMb3lVQUJtWkhFMmpuS3JwSTlQNEJVR0xySnprZ0lvV0s2VU5EU1BsY3ZYbjYKR2tib2lrQ3N3RUNycFpCbmdwSUh0UXpoY2pCYUVhZ2ZLeFpBaFVja28xSVNFQWRMOTdXTGdlSThFYVM3dTBxSApDUGVoVzJBQ2lxZFgvZ2F0d3M0R2R1OWtiNFlQTTRXU3VkNG9MOUM0Q3hhL01va293Uno0Njh3MFBRRDZoMktGCmlSUjk1bXBsOTI2NDQ0SUpEV0tYQVdiRzZhZ3p5Wjh0YkhKQi9ZZ3FZZWJ6VUZJdm5QT3hvdUVLRXYvdzlmSUcKVm5XaDhIWFUzSVA2ek1qS1dpdHoweXRHdTNZM2lYeXYwbkEwYmhoaURsamxqU3AzL1MrUmZEZTk5OVNpOHgrQgptZjVxZktyTFhac3pid0tDQVFFQTVENE8wNS8zUHBaZy9nYzNDL1RyNGVGQ2NiVVpMaWxUeC9kaEhhZmhQVkRaCkdnMXBUR3g0N3JIOUhUa29BcE1BZklqbmFVcUtHN2lBRkFyQVBPWW9Gei8vU2ltTFNGNmNZSEM5RkhvTHY1NysKWkZxK3VzL3ZxZ3dZeGxCYUtDWDIvYXVFNHBZVWFiM0xPVUtGd2Qrdm5QV2RjeVIrU1ExZFZVZ1l0Y1U5c2NJSgpUdGlTUVM5SDVlL3FCUFl1VnNSMlI2Qmdvc3hWaDNjUXRNZko0b0p0UXY1dGhlR1VBWUxCTHQ5MGVORnA5Z09pClZUUnAxUmVSSWl0R2JxVHZWa3Y4ZW5zS2V5QUFJeklMa1JqdWJhUUdLN1dvaDF6eHNNV1IyVm9XRkxOQzI1dncKcHpNOGtQUE9UU3VYZWE3RFR0aHdjZWp0bnQrbUxqcmpwM3BCaHpWV3VRS0NBUUE1VkhFVk9RaXpOWmVBYmd5Qgp0RkxwT2EzR3JEWitCZHNibkJCcXdYc3VyYnBIWUdPc3BQcDA0UUFhNTdvSDhQOVhsc05HSU1qRmU3ZUU4WXFkCi9ERlNtTjhiWjVXY1FIYmdUM0pRMk05S2JxNFgxMUxzazc3UExOeVl2VnBWUkJtOWNKd05KK1FFaWJESjNCSzQKN2RtWXNxN1lEWll0Wm1UNXBSbVdFdUNtNzlrRUdpZ0xZZ29tNklJTXR6WEp5ZG1zbnF6QWxDOUFWUkQvMHgzRwpxL1JySlR3dGRJWmdLOGtoZVFOakNMQytST3dYd3pieGRKSURzczUwZ3RvTEVyM2IzQUN5VWRwaHNrNkRZbmg4Cmh6ekg2TE51TXNVemRwV2NHRlpmaGM0OXdyUS9BaFp5Y3FrZXlycnZvQlVRL1RManJpNGl2dlJPNzVRek9HbVoKNWhEQkFvSUJBUUNuRHlsSkNzQXNwbU10N0ZnRlAycmI5VVh0OW5FTTBhRUtMMjU5QjJFY3dTMTNIVFBpaFU3cQozNHAxdGwwcnJTOWc5OC94eUdaWUxlNUpQU2xDS2ZCVVBEcCtyUFBPcjdsaitZRGNHUXk2WUFTeHJaNEhIS1crCllJWk51WWlUOUYzWmhJNktUdkY0Q0R4VWwvVlJWNG14cURGcmt0MkFXUERrdUJXbURrMis2MWhteHF3ZVhCNFQKRmt6Qy92SWgva0RZNG5GNUYzak80MzV0NUFKSDhkRkpoUExqV0o0OWtOZ1hsK1VuZlpoQ1FweXlJdUFINGUwUQpCbjdTQTVWUEkrVVVQVFVKcy8yRnhWNmtBSXliNGIvR2hIdHJRTU9DOE1sMVByUUV5TVQ1K3lUbExPSjY4b2toCkFQUXBVNXFPL21zblpTZHY3eUV5bTFZQVFzTHQxVU81QW9JQkFCOHdqY3VpOWZ2R2ZLM1U5RTBPbU9RV290TzUKSW9LNzFMQmJkdFVSbGNtaXBxb3RTaEExMmpqNGlYd1FLMjlldU1Icm9zdnlsc2FlUmNKY0RiOE0rNzlpN0ltOApyV2FRb2dZZWN1T0xlZ3UxT0Q4K1QxeHB1Qkt0WHUxWTBjaWs2R3lsQWdWUUtOQTVaRnBsZUowZDJ5cU13VDN2Ck5aVVdhRnh0L3NubXdxendTcUF6ZU54SEk2VURrWVhFeTFUWmxxeWNnYTRqRkpLTmJJRy93ZlNqTHVmeU9XVTAKMVhzSVBtNUQrY1JyV0JTSkhiS0swTVBGbWhUV3BUbUNUU3d5UGtjODlyTWw4RndCQUk2cEtaRzZLelBUczBCbwpCTGgwYW5hUjFCbFppR0x0Q2NNSnozS3FqR01UcG1BM09JekRhNzJjTHFkeEplejhrMEc5WHpEUXRWcz0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K
21+
os:
22+
crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJQekNCOHFBREFnRUNBaEVBK0ROT3AvQ1BlU0N0dmQxWjVJMDI2VEFGQmdNclpYQXdFREVPTUF3R0ExVUUKQ2hNRmRHRnNiM013SGhjTk1qVXdOekUzTVRJek16QTJXaGNOTXpVd056RTFNVEl6TXpBMldqQVFNUTR3REFZRApWUVFLRXdWMFlXeHZjekFxTUFVR0F5dGxjQU1oQUVodUxVdzZCT0xOclpMaHVZZUZRREM2SHh4ZzhmZFQvT0QyCnZTaFcvVlpJbzJFd1h6QU9CZ05WSFE4QkFmOEVCQU1DQW9Rd0hRWURWUjBsQkJZd0ZBWUlLd1lCQlFVSEF3RUcKQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkQrQ3RyZktacGFyT0ZZdwp4V1FPbUtobEJEaFJNQVVHQXl0bGNBTkJBTDl1b1JweVYzRFJ3MUhtQ2xoL1pRM0RqU2d0a256eUwwYk9VZ0hPCjJCUERubWVoWDV1RThwdU1MWGxYNUJ4YzhlV0tlWEJZcGRiZllJcm9sSGRVNUFNPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
23+
key: LS0tLS1CRUdJTiBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0KTUM0Q0FRQXdCUVlESzJWd0JDSUVJRDUwRDZ5R21uMmhVbnlKZlVVdUhtY1lkUm5ndnFxSHZUMmFyR3VKTEtydQotLS0tLUVORCBFRDI1NTE5IFBSSVZBVEUgS0VZLS0tLS0K

infrastructure/storage/csi-driver-smb/storage-class.yaml

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,3 +18,24 @@ mountOptions:
1818
reclaimPolicy: Retain
1919
volumeBindingMode: Immediate
2020
allowVolumeExpansion: true
21+
---
22+
# Ollama specific storage class
23+
apiVersion: storage.k8s.io/v1
24+
kind: StorageClass
25+
metadata:
26+
name: ollama-smb
27+
provisioner: smb.csi.k8s.io
28+
parameters:
29+
# Point directly to the ollama subfolder on the SMB share
30+
source: //192.168.10.133/k8s/ollama
31+
csi.storage.k8s.io/node-stage-secret-name: smbcreds
32+
csi.storage.k8s.io/node-stage-secret-namespace: csi-driver-smb
33+
mountOptions:
34+
- dir_mode=0777
35+
- file_mode=0777
36+
- noperm
37+
- mfsymlinks
38+
- vers=3.0
39+
reclaimPolicy: Retain
40+
volumeBindingMode: Immediate
41+
allowVolumeExpansion: true

my-apps/ai/ollama/pvc.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,4 +13,4 @@ spec:
1313
resources:
1414
requests:
1515
storage: 150Gi
16-
storageClassName: longhorn
16+
storageClassName: ollama-smb

0 commit comments

Comments
 (0)