all repos — infra @ fad1a27967d75fcd12e231c9e2587a0fde991f67

infrastructure manifests and setup notes

apps/garage/garage.yaml (view raw)

  1apiVersion: v1
  2kind: ConfigMap
  3metadata:
  4  name: garage-config
  5data:
  6  garage.toml: |-
  7    metadata_dir = "/mnt/meta"
  8    data_dir = "/mnt/data"
  9    
 10    db_engine = "lmdb"
 11    
 12    block_size = 1048576
 13    
 14    replication_mode = "1"
 15    
 16    compression_level = 1
 17    
 18    rpc_bind_addr = "[::]:3901"
 19    
 20    bootstrap_peers = []
 21    
 22    [kubernetes_discovery]
 23    namespace = "default"
 24    service_name = "garage"
 25    skip_crd = false
 26    
 27    [s3_api]
 28    s3_region = "garage"
 29    api_bind_addr = "[::]:3900"
 30    root_domain = "garage.default.svc.koti.lan"
 31    
 32    [s3_web]
 33    bind_addr = "[::]:3902"
 34    root_domain = "garage.koti.lan"
 35    index = "index.html"
 36    
 37    [admin]
 38    api_bind_addr = "[::]:3903"    
 39---
 40apiVersion: v1
 41kind: Service
 42metadata:
 43  name: garage
 44  labels:
 45    app.kubernetes.io/name: garage
 46    app.kubernetes.io/instance: garage
 47  annotations:
 48    prometheus.io/scrape: "true"
 49    prometheus.io/port: "3903"
 50    prometheus.io/path: "/metrics"
 51spec:
 52  type: ClusterIP
 53  ports:
 54    - port: 3900
 55      targetPort: 3900
 56      protocol: TCP
 57      name: s3-api
 58    - port: 80
 59      targetPort: 3902
 60      protocol: TCP
 61      name: s3-web
 62    - port: 3903
 63      targetPort: 3903
 64      protocol: TCP
 65      name: admin
 66  selector:
 67    app.kubernetes.io/name: garage
 68    app.kubernetes.io/instance: garage
 69---
 70apiVersion: apps/v1
 71kind: StatefulSet
 72metadata:
 73  name: garage
 74  labels:
 75    app.kubernetes.io/name: garage
 76    app.kubernetes.io/instance: garage
 77spec:
 78  selector:
 79    matchLabels:
 80      app.kubernetes.io/name: garage
 81      app.kubernetes.io/instance: garage
 82  replicas: 1
 83  serviceName: garage
 84  podManagementPolicy: OrderedReady
 85  template:
 86    metadata:
 87      labels:
 88        app.kubernetes.io/name: garage
 89        app.kubernetes.io/instance: garage
 90    spec:
 91      serviceAccountName: garage
 92      securityContext:
 93        fsGroup: 1000
 94        runAsGroup: 1000
 95        runAsNonRoot: true
 96        runAsUser: 1000
 97      containers:
 98        - name: garage
 99          securityContext:
100            capabilities:
101              drop:
102              - ALL
103            readOnlyRootFilesystem: false
104          image: "dxflrs/amd64_garage:v1.0.1"
105          imagePullPolicy: IfNotPresent
106          ports:
107            - containerPort: 3900
108              name: s3-api
109            - containerPort: 3902
110              name: web-api
111            - containerPort: 3903
112              name: admin
113          volumeMounts:
114            - name: meta
115              mountPath: /mnt/meta
116            - name: data
117              mountPath: /mnt/data
118            - name: config
119              mountPath: /etc/garage.toml
120              subPath: garage.toml
121          env:
122            - name: GARAGE_RPC_SECRET
123              valueFrom:
124                secretKeyRef:
125                  name: garage-rpc-secret
126                  key: rpcSecret
127      volumes:
128        - name: config
129          configMap:
130            name: garage-config
131  volumeClaimTemplates:
132  - metadata:
133      name: meta
134    spec:
135      accessModes: [ "ReadWriteOnce" ]
136      resources:
137        requests:
138          storage: "100Mi"
139  - metadata:
140      name: data
141    spec:
142      accessModes: [ "ReadWriteOnce" ]
143      resources:
144        requests:
145          storage: "30Gi"