24d09744e3
- Update PuppetDB connections from HTTP (8080) to HTTPS (8081) - Add automatic certificate generation for Puppetboard using Puppet CA - Implement initContainers for proper certificate provisioning before app start - Add dedicated PVC for Puppetboard certificates with RWX access - Configure SSL verification and client authentication for secure PuppetDB access Reviewed-on: #50
109 lines
2.4 KiB
YAML
109 lines
2.4 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: puppetserver
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: puppetserver-ca-claim
|
|
namespace: puppet
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 1G
|
|
storageClassName: cephfs-raid6-delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: puppetserver-compilers
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: puppetserver-code-shared
|
|
namespace: puppet
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 30G
|
|
storageClassName: cephfs-raid6-delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: puppetserver
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: puppetserver-puppet-claim
|
|
namespace: puppet
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 1G
|
|
storageClassName: cephfs-raid6-delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: puppetdb
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: puppetserver-puppetdb-claim
|
|
namespace: puppet
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 1Gi
|
|
storageClassName: cephfs-raid6-delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: r10k-shared-config
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: puppetserver-shared-config
|
|
namespace: puppet
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 1Gi
|
|
storageClassName: cephrbd-fast-delete
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: puppetboard
|
|
app.kubernetes.io/instance: puppetserver
|
|
app.kubernetes.io/name: puppetserver
|
|
app.kubernetes.io/version: 8.8.0
|
|
name: puppetboard-certs
|
|
namespace: puppet
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 1Gi
|
|
storageClassName: cephfs-raid6-delete
|