HomeInfra/HetznerTerra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: move embedded Kubernetes manifests to role templates
Some checks failed
Deploy Cluster / Terraform (push) Successful in 1m38s
Details
Deploy Cluster / Ansible (push) Failing after 9m46s
Details

Browse Source
This commit is contained in:
MichaelFisher1997
2026-03-02 01:45:30 +00:00
parent b30977a158
commit 58fabf23f8
7 changed files with 134 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
ansible/roles/csi/tasks/main.yml
View File

@@ -173,56 +173,14 @@
when: csi_smoke_test_enabled | bool when: csi_smoke_test_enabled | bool
- name: Apply CSI smoke test resources - name: Apply CSI smoke test resources
shell: | template:
kubectl apply -f - <<'EOF' src: csi-smoke.yaml.j2
apiVersion: storage.k8s.io/v1 dest: /tmp/csi-smoke.yaml
kind: StorageClass mode: "0644"
metadata: when: csi_smoke_test_enabled | bool
name: {{ csi_smoke_test_storage_class }}
provisioner: csi.hetzner.cloud - name: Apply CSI smoke test manifests
reclaimPolicy: Delete command: kubectl apply -f /tmp/csi-smoke.yaml
volumeBindingMode: Immediate
allowVolumeExpansion: true
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ csi_smoke_test_pvc_name }}
namespace: kube-system
labels:
app.kubernetes.io/name: csi-smoke
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ csi_smoke_test_size }}
storageClassName: {{ csi_smoke_test_storage_class }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ csi_smoke_test_job_name }}
namespace: kube-system
labels:
app.kubernetes.io/name: csi-smoke
spec:
backoffLimit: 0
template:
spec:
restartPolicy: Never
containers:
- name: write-and-read
image: busybox:1.36
command: ["/bin/sh", "-c", "echo csi-ok > /data/health && cat /data/health"]
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ csi_smoke_test_pvc_name }}
EOF
changed_when: true changed_when: true
when: csi_smoke_test_enabled | bool when: csi_smoke_test_enabled | bool

47
ansible/roles/csi/templates/csi-smoke.yaml.j2 Normal file
View File

@@ -0,0 +1,47 @@
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: {{ csi_smoke_test_storage_class }}
provisioner: csi.hetzner.cloud
reclaimPolicy: Delete
volumeBindingMode: Immediate
allowVolumeExpansion: true
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ csi_smoke_test_pvc_name }}
namespace: kube-system
labels:
app.kubernetes.io/name: csi-smoke
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ csi_smoke_test_size }}
storageClassName: {{ csi_smoke_test_storage_class }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ csi_smoke_test_job_name }}
namespace: kube-system
labels:
app.kubernetes.io/name: csi-smoke
spec:
backoffLimit: 0
template:
spec:
restartPolicy: Never
containers:
- name: write-and-read
image: busybox:1.36
command: ["/bin/sh", "-c", "echo csi-ok > /data/health && cat /data/health"]
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ csi_smoke_test_pvc_name }}

88
ansible/roles/observability/tasks/main.yml
View File

@@ -21,38 +21,10 @@
grafana_password_effective: "{{ grafana_admin_password if grafana_admin_password | length > 0 else lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}" grafana_password_effective: "{{ grafana_admin_password if grafana_admin_password | length > 0 else lookup('password', '/dev/null length=32 chars=ascii_letters,digits') }}"
- name: Write kube-prometheus-stack values - name: Write kube-prometheus-stack values
copy: template:
src: kube-prometheus-stack-values.yaml.j2
dest: /tmp/kube-prometheus-stack-values.yaml dest: /tmp/kube-prometheus-stack-values.yaml
mode: "0644" mode: "0644"
content: |
grafana:
enabled: true
adminPassword: {{ grafana_password_effective }}
persistence:
enabled: true
storageClassName: {{ grafana_storage_class }}
size: {{ grafana_storage_size }}
service:
type: ClusterIP
prometheus:
prometheusSpec:
retention: 7d
storageSpec:
volumeClaimTemplate:
spec:
storageClassName: {{ prometheus_storage_class }}
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ prometheus_storage_size }}
alertmanager:
enabled: false
kubeEtcd:
enabled: false
kubeControllerManager:
enabled: false
kubeScheduler:
enabled: false
- name: Add Prometheus Helm repo - name: Add Prometheus Helm repo
command: helm repo add prometheus-community https://prometheus-community.github.io/helm-charts command: helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
@@ -81,29 +53,10 @@
changed_when: true changed_when: true
- name: Write Loki values - name: Write Loki values
copy: template:
src: loki-values.yaml.j2
dest: /tmp/loki-values.yaml dest: /tmp/loki-values.yaml
mode: "0644" mode: "0644"
content: |
loki:
auth_enabled: false
commonConfig:
replication_factor: 1
storage:
type: filesystem
singleBinary:
replicas: 1
persistence:
enabled: true
storageClass: {{ loki_storage_class }}
size: {{ loki_storage_size }}
test:
enabled: false
monitoring:
selfMonitoring:
enabled: false
lokiCanary:
enabled: false
- name: Install Loki - name: Install Loki
command: >- command: >-
@@ -116,13 +69,10 @@
changed_when: true changed_when: true
- name: Write Promtail values - name: Write Promtail values
copy: template:
src: promtail-values.yaml.j2
dest: /tmp/promtail-values.yaml dest: /tmp/promtail-values.yaml
mode: "0644" mode: "0644"
content: |
config:
clients:
- url: http://loki-gateway.{{ observability_namespace }}.svc.cluster.local/loki/api/v1/push
- name: Install Promtail - name: Install Promtail
command: >- command: >-
@@ -134,26 +84,14 @@
--timeout 10m --timeout 10m
changed_when: true changed_when: true
- name: Write Grafana Loki datasource manifest
template:
src: grafana-datasource-loki.yaml.j2
dest: /tmp/grafana-datasource-loki.yaml
mode: "0644"
- name: Create Grafana Loki datasource - name: Create Grafana Loki datasource
command: kubectl apply -f - command: kubectl apply -f /tmp/grafana-datasource-loki.yaml
args:
stdin: |
apiVersion: v1
kind: ConfigMap
metadata:
name: grafana-datasource-loki
namespace: {{ observability_namespace }}
labels:
grafana_datasource: "1"
data:
loki-datasource.yaml: |
apiVersion: 1
datasources:
- name: Loki
type: loki
access: proxy
url: http://loki-gateway.{{ observability_namespace }}.svc.cluster.local
isDefault: false
changed_when: true changed_when: true
- name: Show observability access details - name: Show observability access details

16
ansible/roles/observability/templates/grafana-datasource-loki.yaml.j2 Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: grafana-datasource-loki
namespace: {{ observability_namespace }}
labels:
grafana_datasource: "1"
data:
loki-datasource.yaml: |
apiVersion: 1
datasources:
- name: Loki
type: loki
access: proxy
url: http://loki-gateway.{{ observability_namespace }}.svc.cluster.local
isDefault: false

28
ansible/roles/observability/templates/kube-prometheus-stack-values.yaml.j2 Normal file
View File

@@ -0,0 +1,28 @@
grafana:
enabled: true
adminPassword: {{ grafana_password_effective }}
persistence:
enabled: true
storageClassName: {{ grafana_storage_class }}
size: {{ grafana_storage_size }}
service:
type: ClusterIP
prometheus:
prometheusSpec:
retention: 7d
storageSpec:
volumeClaimTemplate:
spec:
storageClassName: {{ prometheus_storage_class }}
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ prometheus_storage_size }}
alertmanager:
enabled: false
kubeEtcd:
enabled: false
kubeControllerManager:
enabled: false
kubeScheduler:
enabled: false

19
ansible/roles/observability/templates/loki-values.yaml.j2 Normal file
View File

@@ -0,0 +1,19 @@
loki:
auth_enabled: false
commonConfig:
replication_factor: 1
storage:
type: filesystem
singleBinary:
replicas: 1
persistence:
enabled: true
storageClass: {{ loki_storage_class }}
size: {{ loki_storage_size }}
test:
enabled: false
monitoring:
selfMonitoring:
enabled: false
lokiCanary:
enabled: false

3
ansible/roles/observability/templates/promtail-values.yaml.j2 Normal file
View File

@@ -0,0 +1,3 @@
config:
clients:
- url: http://loki-gateway.{{ observability_namespace }}.svc.cluster.local/loki/api/v1/push