feat: moderate the k8s install (#403)

- only install a base config
- wait for 3 masters before deploying helm charts
- remove cluster-domain
- manage nginx ingres via rke2 helmconfig

Reviewed-on: #403
This commit was merged in pull request #403.
This commit is contained in:
2025-10-12 17:50:24 +11:00
parent 16e654fdd7
commit efbbb6bcb1
17 changed files with 66 additions and 643 deletions
@@ -1,65 +0,0 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: ceph-csi
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ceph-csi-config
namespace: ceph-csi
data:
config.json: |-
[
{
"clusterID": "<%= @csi_ceph_clusterid %>",
"monitors": [
<% @csi_ceph_monitors.each_with_index do |mon, index| -%>
"<%= mon %>"<% if index < @csi_ceph_monitors.length - 1 %>,<% end %>
<% end -%>
]
}
]
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ceph-csi-encryption-kms-config
namespace: ceph-csi
data:
config.json: |-
{}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ceph-config
namespace: ceph-csi
data:
ceph.conf: |
[global]
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx
keyring: |
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: csi-rbd-sc
provisioner: rbd.csi.ceph.com
parameters:
clusterID: <%= @csi_ceph_clusterid %>
pool: <%= @csi_ceph_poolname %>
imageFeatures: layering
csi.storage.k8s.io/provisioner-secret-name: csi-rbd-secret
csi.storage.k8s.io/provisioner-secret-namespace: ceph-csi
csi.storage.k8s.io/controller-expand-secret-name: csi-rbd-secret
csi.storage.k8s.io/controller-expand-secret-namespace: ceph-csi
csi.storage.k8s.io/node-stage-secret-name: csi-rbd-secret
csi.storage.k8s.io/node-stage-secret-namespace: ceph-csi
reclaimPolicy: Delete
allowVolumeExpansion: true
mountOptions:
- discard
@@ -1,10 +0,0 @@
---
apiVersion: v1
kind: Secret
metadata:
name: csi-rbd-secret
namespace: ceph-csi
stringData:
userID: kubernetes
userKey: <%= @csi_ceph_key %>