init

2026-02-19 11:34:13 +00:00
commit f243f440c3
191 changed files with 6183 additions and 0 deletions
--- a/terraform/stacks/k8s/configs/config
+++ b/terraform/stacks/k8s/configs/config
@@ -0,0 +1,18 @@
+apiVersion: v1
+clusters:
+  - cluster:
+      insecure-skip-tls-verify: true
+      server: https://localhost:10563
+    name: kubernetes
+contexts:
+  - context:
+      cluster: kubernetes
+      user: kubernetes-admin
+    name: kubernetes-admin@kubernetes
+current-context: kubernetes-admin@kubernetes
+kind: Config
+users:
+  - name: kubernetes-admin
+    user:
+      client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURLVENDQWhHZ0F3SUJBZ0lJYVI1WXRlRHdabjR3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TmpBeE1EUXhOak0xTXpSYUZ3MHlOekF4TURReE5qUXdNelJhTUR3eApIekFkQmdOVkJBb1RGbXQxWW1WaFpHMDZZMngxYzNSbGNpMWhaRzFwYm5NeEdUQVhCZ05WQkFNVEVHdDFZbVZ5CmJtVjBaWE10WVdSdGFXNHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFESEN4TmgKS3JBQXdPd2ZjK3U3NW1jaUU4RVRwaGM4blNkRWxtVXNJWFdINE5YWkxCK2dzWGtOdzc2NXBxcWkvVjU4cTI0egpVNHJrOE9xRHFoVmFYT2psZmNFSTh1blZaM3BsVEhGRS9uU00rZWkwOUpEVGpzUlNBR2JTWU9iMnFHWWtpTC9sCnlKOCtNNTR0Q0FMZWRtWWk1SGJOdHpoOFFsWHdvK2ozMHRiU1QvSmtGbXNKaTFubk50Q29KYlRSR3ZNVmFEaWkKZS91cDJzcU8rc3ZHS2RxL2E5NStROE9ST1prL3JuWHVqTzZxcjNUMWNnTmJPQlVLdDNGQ1pXK3gyamRwRzRPRgpqUVc4cUs2eHNKMFgrZmh0MHNMZC9NU1pKajdNL1VBalhYb3N6Zm9qS29IMUd4dHZxU2RCTXFLUjQ2T1ZmVjFhCldhSENvLzIzUnJJdUJPTmxBZ01CQUFHalZqQlVNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUsKQmdnckJnRUZCUWNEQWpBTUJnTlZIUk1CQWY4RUFqQUFNQjhHQTFVZEl3UVlNQmFBRkE1SkFIdkhVZEhURFNPRwpmdmdYR1k1VHkzU3BNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUJBTHRKMXJHaUZMaU83NmtZZDBDaVNvM0FICmYxbHdWRjJLREExMENTS2FqdmR2QmZlajI5cm9vYm9mMGM5UHVCVWtNYzR2ZitoeEY1a0lhK21BM3FDRmRFK2cKbW1VUVlFdFJXWWZRTmREYStWbTFVSVBJOGpUOXgvSWRYanpvY0UzL1FQZ0JBVEFTMVRmYVBJRktLZU9qMy9sNApDS0UwMks2RklzUklTVVhsMVdnS093SGxrOEwyMThsUTg0WVFZNG4yd1FSNzM3eTdUTnRLZ3BjeU5VN1ZLdFhnCnQ2Z1p4NkxqbnRVZGRzTlkyazg5Q3dmM0lUSENqN040SDE5Mll3VFBZajd0NkI5Q1Y4SXVaZEtKaWpFNkFYbHMKU2J0WjRYWStiUTdGaWIwM25CbTRSSXdMeEdVV3JMbkFnYzJBRnFGK29xSmc5SFFzdEgxVS8rOGhwWkkzCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBeHdzVFlTcXdBTURzSDNQcnUrWm5JaFBCRTZZWFBKMG5SSlpsTENGMWgrRFYyU3dmCm9MRjVEY08rdWFhcW92MWVmS3R1TTFPSzVQRHFnNm9WV2x6bzVYM0JDUExwMVdkNlpVeHhSUDUwalBub3RQU1EKMDQ3RVVnQm0wbURtOXFobUpJaS81Y2lmUGpPZUxRZ0MzblptSXVSMnpiYzRmRUpWOEtQbzk5TFcway95WkJacgpDWXRaNXpiUXFDVzAwUnJ6RldnNG9udjdxZHJLanZyTHhpbmF2MnZlZmtQRGtUbVpQNjUxN296dXFxOTA5WElECld6Z1ZDcmR4UW1WdnNkbzNhUnVEaFkwRnZLaXVzYkNkRi9uNGJkTEMzZnpFbVNZK3pQMUFJMTE2TE0zNkl5cUIKOVJzYmI2a25RVEtpa2VPamxYMWRXbG1od3FQOXQwYXlMZ1RqWlFJREFRQUJBb0lCQUdIU2hxNjlmUXlSeERwZApEV0VtaGs5UUtCY1JET0NFVi9VMGVQcXNZd2ZwcncveHlJV0FVMzg1VWJZS1BGaW9iMVNVS0MvZmdpYXNaSVZiCkJPMkpOZ2o3dWZBOCtrRWdmeDNqNk5OQXYyVTl1V21kdk1QTXFaMm5odUVrTUw3TzJveGdEUGZRbHJyS1FaWGUKRnhMZ1c2Z1FZbmNOOGh2WHVrYnZONkw4b3dsdTFOc01HVFJPdG10NEQ0WVptSnlGKzNsakZQcGF3TFlZL3M5awp5TGVaRXBDd2VCdEpDS1ZyODhaMXVVaVh2Mzg0cGEzMVA2VjFnRUt5SFQya3lGUXFvdWNLUDE0Y0FrazNyb0JGCkJ0cjc1WHBjUHYvZGExY2gvU3VQZDdscnV4UUtpZ1dWOWtNZG1TczVON0c2Rm5ZYS9jbnpxUWovZFNmV3lMUkgKRHZmTUN3MENnWUVBMDc4VXZjUVU2aUZBMm1ZLzNFQW5Zbmg1UzhJTE5OSXVQY1pMTkhqSVp5WGlyRFJ4VjRKNApXMWlZdWhUK0lVVFkwYWptVmhLUStMTkhJK0hzTkZOL2svdmM0cTVaa0czWUlMNk5pbWd3Y3FCNjVnbUMrNlo2ClJJQ3Y3YnBkUm9mYTdCMit3TjcxeEx1S282d2RyblArYmNKbzhaY09LQmYvRDlXa0RmNlZUM3NDZ1lFQThLUlkKNDZRWDMxYlRxSFhTWGhQSHV6QWdvMEFHd2JPRlAxT2pPeG4xVFBWQnNHa2N5dnhwOGtYNUlYS2ZNdExZWnpUbQpqdmpjV1dlNHFZTlZiUTF2VVpxT05aSUVrYjZNbGF6NW0xaVZMa3FucktubkJaaHRNNGtyMzhTUEpPY0dZazlHClVlaDBFZmhOZ3Y2Z1VtTTFBSUJTR1NVcjc1OHUvOFdrMzNCL3NwOENnWUJoQUsxNHpjWWpCLzdVem5pODVxcmsKUW5xV3lSc25KSTVJZ0huZFhPTzUxVEpGWDNUNCtPMDRNNXNyekFncnA0V0liczZ1YWF6K01lc0tOaXBtUWtZMAp2ZklQNm4xZlcrTGlCVW1FT1h6UVZsSlc1YzZhaUVhRThVc25KZlFySm51VkpYOUlqaHVhOTZ0b2xhVzNVSzRqCkRDZlZYVFVBQ3hZdTQ5bFhDK1RNMXdLQmdRRE43cGJ6R0RZbHRwUWpFZEVaR1N4UGtId2R1R2tQMHFVdzhFNDgKQVpiZWFQUHlGOEhBSkFvMmZwTVlnSktrVjdOQmZ3L2ZRakN2Z2dlUmFRYnQ4QlZYYkVCT3I4cWhQc1BvUXNMSQpvaUhvSDVNbU82K3NKaWt0ZFRIS3FOY202VjJaTytZZHFpUEtUUWRvRnFiMFdsbTlPQk1KMmJtanNrSHlPQjFECjZXNGVXUUtCZ1FERWY4bzdNZUxLditZdXliTW85MnZXaDhiODBsVDhyVGxYa1hDakU3TkRtU1FUbWZEOVFRNFIKeWJ4SHlmR2dwZFIzN1EraWwxWGxoSllmZERFOTNEZW5ZeXdQaUNyWnJNaVVWcWRRQW1JMGc2WjRCSi91RDNZNwpPc3JSUUhvL0VBSnc5aUdHeXVzUmpyNEpPMUFrWDZwbGo5VTU4ZWtIRStSMGh0RW5RUXRzaXc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
--- a/terraform/stacks/k8s/main.tf
+++ b/terraform/stacks/k8s/main.tf
@@ -0,0 +1,122 @@
+module "metallb_helm" {
+  source = "../../modules/k8s/metallb/helm"
+
+  providers = {
+    helm = helm
+  }
+}
+
+module "metallb_resources" {
+  source = "../../modules/k8s/metallb/resources"
+
+  providers = {
+    kubernetes = kubernetes
+  }
+
+  addresses = ["192.168.0.230-192.168.0.250"]
+
+  depends_on = [module.metallb_helm]
+}
+
+module "nginx_ingress" {
+  source = "../../modules/k8s/nginx_ingress/helm"
+
+  pool_name = module.metallb_resources.pool_name
+
+  depends_on = [module.metallb_resources]
+}
+
+# # ceph
+# module "ceph_csi_rbd" {
+#   source = "../../modules/k8s/ceph/k8s-ceph-csi-rbd"
+
+#   providers = {
+#     helm       = helm
+#     kubernetes = kubernetes
+#   }
+
+#   namespace     = var.ceph_csi_namespace
+#   chart_version = var.ceph_csi_chart_version
+
+#   ceph_cluster_id = var.ceph_cluster_id
+#   ceph_monitors   = var.ceph_monitors
+# }
+
+# module "ceph_rbd_storage" {
+#   source = "../../modules/k8s/ceph/k8s-ceph-rbd-storage"
+
+#   providers = {
+#     kubernetes = kubernetes
+#   }
+
+#   namespace       = var.ceph_csi_namespace
+#   ceph_cluster_id = var.ceph_cluster_id
+#   ceph_rbd_pool   = var.ceph_rbd_pool
+
+#   ceph_user_id  = var.ceph_user_id
+#   ceph_user_key = var.ceph_user_key
+
+#   # чтобы Secret/SC создавались после установки CSI
+#   depends_on = [module.ceph_csi_rbd]
+# }
+
+module "openebs" {
+  source            = "../../modules/k8s/openebs"
+  storageclass_name = "openebs-hostpath-custom"
+  base_path         = "/var/openebs/local/"
+}
+
+module "crunchy_operator" {
+  source = "../../modules/k8s/crunchy-data/operator"
+
+  providers = {
+    kubernetes = kubernetes
+    helm       = helm
+  }
+
+  namespace        = var.crunchy_data_namespace
+  chart_version    = var.pgo_chart_version
+  release_name     = "pgo"
+  single_namespace = true
+  replicas         = 1
+  debug            = false
+}
+
+module "crunchy_postgres_cluster" {
+  source = "../../modules/k8s/crunchy-data/postgres-cluster"
+
+  providers = {
+    kubernetes = kubernetes
+  }
+
+  namespace          = module.crunchy_operator.namespace
+  name               = var.cluster_name
+  storage_class_name = var.storage_class_name
+
+  postgres_version = 16
+  instance_storage = "20Gi"
+  backup_storage   = "20Gi"
+
+  # важно: CRD должны появиться после установки оператора
+  depends_on = [module.crunchy_operator]
+}
+
+# valkey
+module "valkey" {
+  source = "../../modules/k8s/valkey"
+
+  providers = {
+    kubernetes = kubernetes
+    helm       = helm
+  }
+
+  namespace        = var.valkey_namespace
+  create_namespace = true
+
+  release_name  = var.release_name
+  chart_version = var.chart_version
+
+  values = var.values
+
+  valkey_password = "password"
+}
--- a/terraform/stacks/k8s/providers.tf
+++ b/terraform/stacks/k8s/providers.tf
@@ -0,0 +1,9 @@
+provider "kubernetes" {
+  config_path = var.kubeconfig_path
+}
+
+provider "helm" {
+  kubernetes = {
+    config_path = var.kubeconfig_path
+  }
+}
--- a/terraform/stacks/k8s/variables.tf
+++ b/terraform/stacks/k8s/variables.tf
@@ -0,0 +1,84 @@
+variable "kubeconfig_path" {
+  type        = string
+  description = "Path to kubeconfig"
+}
+
+# ceph
+variable "ceph_cluster_id" {
+  type        = string
+  description = "Ceph FSID (ceph fsid)"
+}
+
+variable "ceph_monitors" {
+  type        = list(string)
+  description = "Ceph MON endpoints, e.g. [\"192.168.0.100:6789\", \"192.168.0.101:6789\"]"
+}
+
+variable "ceph_rbd_pool" {
+  type    = string
+  default = "k8s-rbd"
+}
+
+variable "ceph_user_id" {
+  type    = string
+  default = "k8s-rbd-csi" # без 'client.'
+}
+
+variable "ceph_user_key" {
+  type        = string
+  sensitive   = true
+  description = "Key from: ceph auth get client.k8s-rbd-csi"
+}
+
+variable "ceph_csi_namespace" {
+  type    = string
+  default = "ceph-csi"
+}
+
+variable "ceph_csi_chart_version" {
+  type    = string
+  default = "3.11.0"
+}
+
+# crunchy-data
+variable "storage_class_name" {
+  type        = string
+  description = "Твой Ceph RBD storageclass"
+  default     = "ceph-rbd"
+}
+
+variable "crunchy_data_namespace" {
+  type    = string
+  default = "postgres-operator"
+}
+
+variable "pgo_chart_version" {
+  type    = string
+  default = "6.0.0"
+}
+
+variable "cluster_name" {
+  type    = string
+  default = "hippo"
+}
+
+# valkey
+variable "valkey_namespace" {
+  type    = string
+  default = "valkey"
+}
+
+variable "release_name" {
+  type    = string
+  default = "valkey"
+}
+
+variable "chart_version" {
+  type    = string
+  default = "0.9.2"
+}
+
+variable "values" {
+  type    = list(string)
+  default = []
+}
--- a/terraform/stacks/k8s/versions.tf
+++ b/terraform/stacks/k8s/versions.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.5.0"
+
+  required_providers {
+    helm = {
+      source  = "hashicorp/helm"
+      version = ">= 3.0.0"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = ">= 2.0.0"
+    }
+  }
+}