Clean up K8s specs and add README.md

2025-02-26 21:33:11 -05:00 · 2025-02-26 21:33:11 -05:00 · c316341163
commit c316341163
parent da4a2a6e0c
5 changed files with 62 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,45 @@
+# P5x `api-server`
+
+P5x is a set of tools for running a Kubernetes cluster on LXC containers in Proxmox. The `api-server` is the central component of the P5x system that handles interactions between Kubernetes and the underlying Proxmox infrastructure.
+
+The `api-server` is a necessary component to run any part of the P5x system.
+
+## Deployment
+
+### P5x Storage Setup
+
+P5x requires a small amount of persistent storage for its system database. This is accomplished with a local path on a Kubernetes node.
+
+1. Pick an LXC container in your K8s cluster that the P5x API server will run on.
+2. Create a new disk in Proxmox (may not be NFS storage) and mount it at `/mnt/p5x-system-data` on the LXC container.
+3. Update `deploy/20-volume.yaml` and replace the `control.k8s` hostname in the `nodeSelectorTerms` with the hostname of your K8s LXC container.
+
+
+### Deploy API Server to Kubernetes
+
+Create a file with the necessary environment variables:
+
+```yaml
+# 10-environment.yaml
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: api-env
+  namespace: p5x-system
+type: Opaque
+stringData:
+  P5X_API_HOST: ""  # fully-qualified hostname or IP address of your Proxmox VE server
+  P5X_API_ROOT_PASSWORD: ""
+  P5X_STORAGE_POOL: ""  # name of your Proxmox VE storage pool -- MUST be network storage shared between nodes
+  P5X_STORAGE_DRIVER: "lvm"  # what type of driver the storage pool uses ('lvm' or 'nfs')
+  P5X_K8S_ROOT_PASSWORD: ""  # FOR FUTURE USE - you can just fill in a random string here for now
+```
+
+Apply the environment secret and create the rest of the P5x API resources:
+
+```shell
+kubectl apply -f deploy/0-namespace.yaml -f 10-environment.yaml -f deploy
+```
+
+In your Kubernetes cluster, in the `p5x-system` namespace, you should now see a `p5x-api-server-0` pod successfully boot.
--- a/deploy/40-statefulset.yaml
+++ b/deploy/40-statefulset.yaml
@ -25,7 +25,7 @@ spec:
            claimName: system-data
      containers:
        - name: api-server
-          image: registry.millslan.net/glmdev/p5x-api:latest
+          image: docker.io/glmdev/p5x-api:latest
 # TODO: (1) add a dedicated /healthz endpoint and (2) prevent that endpoint from writing to the Rocket logs
 #          livenessProbe:
 #            failureThreshold: 5
@ -36,7 +36,7 @@ spec:
 #            periodSeconds: 120
 #            timeoutSeconds: 10
          envFrom:
-            - configMapRef:
+            - secretRef:
                name: api-env
          env:
            - name: P5X_NODE_HOSTNAME
--- a/deploy/60-service.yaml
+++ b/deploy/60-service.yaml
@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: api
+  namespace: p5x-system
+spec:
+  selector:
+    app: p5x-api-server
+  ports:
+    - protocol: TCP
+      port: 3450
+      targetPort: p5x
--- a/scripts/build.sh
+++ b/scripts/build.sh
@ -6,4 +6,4 @@ if ! [ -f Cargo.toml ]; then
 fi

 cargo build --release --target x86_64-unknown-linux-gnu
-docker build -t "${DOCKER_REGISTRY}/glmdev/p5x-api:latest" .
+docker build -t "${DOCKER_REGISTRY:-docker.io}/glmdev/p5x-api:latest" .
--- a/scripts/push.sh
+++ b/scripts/push.sh
@ -1,3 +1,3 @@
 #!/bin/sh -e

-docker push "${DOCKER_REGISTRY}/glmdev/p5x-api:latest"
+docker push "${DOCKER_REGISTRY:-docker.io}/glmdev/p5x-api:latest"