diff options
Diffstat (limited to 'clover/spinnaker/install')
-rw-r--r-- | clover/spinnaker/install/minio-pv.yml | 14 | ||||
-rw-r--r-- | clover/spinnaker/install/quick-install-spinnaker.yml | 390 |
2 files changed, 404 insertions, 0 deletions
diff --git a/clover/spinnaker/install/minio-pv.yml b/clover/spinnaker/install/minio-pv.yml new file mode 100644 index 0000000..6b5507d --- /dev/null +++ b/clover/spinnaker/install/minio-pv.yml @@ -0,0 +1,14 @@ +kind: PersistentVolume +apiVersion: v1 +metadata: + name: minio-pv-volume + labels: + type: local +spec: + storageClassName: standard + capacity: + storage: 10Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/minio" diff --git a/clover/spinnaker/install/quick-install-spinnaker.yml b/clover/spinnaker/install/quick-install-spinnaker.yml new file mode 100644 index 0000000..2b19037 --- /dev/null +++ b/clover/spinnaker/install/quick-install-spinnaker.yml @@ -0,0 +1,390 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: spinnaker + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: spinnaker-admin +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: default + namespace: spinnaker + +--- + +apiVersion: v1 +kind: Pod +metadata: + name: spin-halyard + namespace: spinnaker + labels: + app: spin + stack: halyard +spec: + containers: + - name: halyard-daemon + # todo - make :stable or digest of :stable + image: gcr.io/spinnaker-marketplace/halyard:stable + imagePullPolicy: Always + command: + - /bin/sh + args: + - -c + # when the configmap is mounted directly at /home/spinnaker/.hal the halyard daemon + # isn't able to replace the contents of the mount with user modifications. + # so instead we mount the configmap elsewhere and copy the files into + # place when the container starts. + - "cp -R /home/spinnaker/staging/.hal /home/spinnaker/.hal && /opt/halyard/bin/halyard" + readinessProbe: + exec: + command: + - wget + - -q + - --spider + - http://localhost:8064/health + ports: + - containerPort: 8064 + volumeMounts: + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/config + subPath: config + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/default/service-settings/deck.yml + subPath: deck.yml + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/default/service-settings/gate.yml + subPath: gate.yml + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/default/service-settings/igor.yml + subPath: igor.yml + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/default/service-settings/fiat.yml + subPath: fiat.yml + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/default/service-settings/clouddriver.yml + subPath: clouddriver.yml + - name: halconfig + mountPath: /home/spinnaker/staging/.hal/default/profiles/front50-local.yml + subPath: front50-local.yml + volumes: + - name: halconfig + configMap: + name: halconfig +--- + +apiVersion: v1 +kind: Service +metadata: + name: spin-halyard + namespace: spinnaker +spec: + ports: + - port: 8064 + targetPort: 8064 + protocol: TCP + selector: + app: spin + stack: halyard + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: halconfig + namespace: spinnaker +data: + igor.yml: | + enabled: true + fiat.yml: | + enabled: false + skipLifeCycleManagement: true + front50-local.yml: | + spinnaker.s3.versioning: false + gate.yml: | + host: 0.0.0.0 + deck.yml: | + host: 0.0.0.0 + env: + API_HOST: http://spin-gate.spinnaker:8084/ + clouddriver.yml: | + env: + AWS_ACCESS_KEY_ID: dont-use-this + AWS_SECRET_ACCESS_KEY: for-production + config: | + currentDeployment: default + deploymentConfigurations: + - name: default + version: 1.10.5 + providers: + appengine: + enabled: false + accounts: [] + aws: + enabled: false + accounts: [] + defaultKeyPairTemplate: '{{name}}-keypair' + defaultRegions: + - name: us-west-2 + defaults: + iamRole: BaseIAMRole + azure: + enabled: false + accounts: [] + bakeryDefaults: + templateFile: azure-linux.json + baseImages: [] + dcos: + enabled: false + accounts: [] + clusters: [] + dockerRegistry: + enabled: true + accounts: + - name: dockerhub + address: https://index.docker.io + repositories: + - opnfv/clover + google: + enabled: false + accounts: [] + bakeryDefaults: + templateFile: gce.json + baseImages: [] + zone: us-central1-f + network: default + useInternalIp: false + kubernetes: + enabled: true + accounts: + - name: my-kubernetes-account + requiredGroupMembership: [] + providerVersion: V2 + dockerRegistries: [] + configureImagePullSecrets: true + serviceAccount: true + namespaces: [] + omitNamespaces: [] + kinds: [] + omitKinds: [] + customResources: [] + oauthScopes: [] + oAuthScopes: [] + primaryAccount: my-kubernetes-account + openstack: + enabled: false + accounts: [] + bakeryDefaults: + baseImages: [] + oraclebmcs: + enabled: false + accounts: [] + deploymentEnvironment: + size: SMALL + type: Distributed + accountName: my-kubernetes-account + updateVersions: true + consul: + enabled: false + vault: + enabled: false + customSizing: {} + gitConfig: + upstreamUser: spinnaker + persistentStorage: + persistentStoreType: s3 + azs: {} + gcs: + rootFolder: front50 + redis: {} + s3: + bucket: spinnaker-artifacts + rootFolder: front50 + endpoint: http://minio-service.spinnaker:9000 + accessKeyId: dont-use-this + secretAccessKey: for-production + oraclebmcs: {} + features: + auth: false + fiat: false + chaos: false + entityTags: false + jobs: false + artifacts: true + metricStores: + datadog: + enabled: false + prometheus: + enabled: false + add_source_metalabels: true + stackdriver: + enabled: false + period: 30 + enabled: false + notifications: + slack: + enabled: false + timezone: America/Los_Angeles + ci: + jenkins: + enabled: false + masters: [] + travis: + enabled: false + masters: [] + security: + apiSecurity: + ssl: + enabled: false + overrideBaseUrl: /gate + uiSecurity: + ssl: + enabled: false + authn: + oauth2: + enabled: false + client: {} + resource: {} + userInfoMapping: {} + saml: + enabled: false + ldap: + enabled: false + x509: + enabled: false + enabled: false + authz: + groupMembership: + service: EXTERNAL + google: + roleProviderType: GOOGLE + github: + roleProviderType: GITHUB + file: + roleProviderType: FILE + enabled: false + artifacts: + gcs: + enabled: false + accounts: [] + github: + enabled: false + accounts: [] + http: + enabled: false + accounts: [] + s3: + enabled: true + accounts: + - name: s3-account + apiEndpoint: http://minio-service.spinnaker:9000 + apiRegion: clover + pubsub: + google: + enabled: false + subscriptions: [] + +--- + +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: minio-pv-claim + namespace: spinnaker + labels: + app: minio-storage-claim +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: standard + +--- + +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + # This name uniquely identifies the Deployment + name: minio-deployment + namespace: spinnaker +spec: + strategy: + type: Recreate + template: + metadata: + labels: + app: minio + spec: + volumes: + - name: storage + persistentVolumeClaim: + claimName: minio-pv-claim + containers: + - name: minio + image: minio/minio + args: + - server + - /storage + env: + - name: MINIO_ACCESS_KEY + value: "dont-use-this" + - name: MINIO_SECRET_KEY + value: "for-production" + ports: + - containerPort: 9000 + volumeMounts: + - name: storage + mountPath: /storage + +--- + +apiVersion: v1 +kind: Service +metadata: + name: minio-service + namespace: spinnaker +spec: + ports: + - port: 9000 + targetPort: 9000 + protocol: TCP + selector: + app: minio + +--- + +apiVersion: batch/v1 +kind: Job +metadata: + name: hal-deploy-apply + namespace: spinnaker + labels: + app: job + stack: hal-deploy +spec: + template: + metadata: + labels: + app: job + stack: hal-deploy + spec: + restartPolicy: OnFailure + containers: + - name: hal-deploy-apply + # todo use a custom image + image: gcr.io/spinnaker-marketplace/halyard:stable + command: + - /bin/sh + args: + - -c + - "hal deploy apply --daemon-endpoint http://spin-halyard.spinnaker:8064" |