~bitfehler/k8s.sr.ht

9329fbb9823837e4c006cab4c57c31c5541370b8 — Conrad Hoffmann 1 year, 4 months ago 4745044
Run radosgw in ceph namespace
6 files changed, 91 insertions(+), 10 deletions(-)

R radosgw/Dockerfile => ceph/radosgw/Dockerfile
A ceph/radosgw/Makefile
R radosgw/ceph.conf => ceph/radosgw/ceph.conf
A ceph/radosgw/radosgw.yaml.m4
D radosgw/Makefile
D radosgw/secret.yaml.m4
R radosgw/Dockerfile => ceph/radosgw/Dockerfile +0 -0
A ceph/radosgw/Makefile => ceph/radosgw/Makefile +14 -0
@@ 0,0 1,14 @@

radosgw.yaml: radosgw.yaml.m4
	m4 -DRADOSGW_K8S_KEYRING="$$(ssh patchouli2.sr.ht doas ceph auth get client.radosgw.k8s | base64 -w 0)" \
		< $< > $@

# TODO version tagging not yet automated
docker-build:
	docker build -t registry.gensokyo:5000/radosgw .

clean:
	rm -f radosgw.yaml


.PHONY: clean docker-build

R radosgw/ceph.conf => ceph/radosgw/ceph.conf +0 -0
A ceph/radosgw/radosgw.yaml.m4 => ceph/radosgw/radosgw.yaml.m4 +77 -0
@@ 0,0 1,77 @@
apiVersion: v1
kind: Secret
metadata:
  name: ceph-radosgw-k8s-keyring
  namespace: ceph
data:
  keyring: RADOSGW_K8S_KEYRING
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: radosgw
  namespace: ceph
  labels:
    app: radosgw
spec:
  replicas: 2
  selector:
    matchLabels:
      app: radosgw
  template:
    metadata:
      labels:
        app: radosgw
    spec:
      containers:
      - name: radosgw
        image: registry.gensokyo:5000/radosgw:20230710
        ports:
        - containerPort: 80
          name: http
        volumeMounts:
        - name: secret-volume
          mountPath: /etc/secrets
          readOnly: true
        resources:
          limits:
            cpu: "500m"
            memory: "512Mi"
          requests:
            cpu: "100m"
            memory: "128Mi"
      volumes:
      - name: secret-volume
        secret:
          secretName: ceph-radosgw-k8s-keyring
---
apiVersion: v1
kind: Service
metadata:
  name: radosgw-service
  namespace: ceph
spec:
  selector:
    app: radosgw
  ports:
  - name: http
    port: 80
    targetPort: http
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: radosgw
  namespace: ceph
spec:
  rules:
  - host: s3.sr.ht
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: radosgw-service
            port:
              number: 80

D radosgw/Makefile => radosgw/Makefile +0 -4
@@ 1,4 0,0 @@

secret.yaml: secret.yaml.m4
	m4 -DRADOSGW_K8S_KEYRING="$$(ssh patchouli2.sr.ht doas ceph auth get client.radosgw.k8s | base64 -w 0)" \
		< $< > $@

D radosgw/secret.yaml.m4 => radosgw/secret.yaml.m4 +0 -6
@@ 1,6 0,0 @@
apiVersion: v1
kind: Secret
metadata:
  name: ceph-radosgw-k8s-keyring
data:
  keyring: RADOSGW_K8S_KEYRING