From c316341163db67f4595767f6c0abd078148be288 Mon Sep 17 00:00:00 2001 From: garrettmills Date: Wed, 26 Feb 2025 21:33:11 -0500 Subject: [PATCH] Clean up K8s specs and add README.md --- README.md | 45 ++++++++++++++++++++++++++++++++++++++ deploy/40-statefulset.yaml | 4 ++-- deploy/60-service.yaml | 13 +++++++++++ scripts/build.sh | 2 +- scripts/push.sh | 2 +- 5 files changed, 62 insertions(+), 4 deletions(-) create mode 100644 README.md create mode 100644 deploy/60-service.yaml diff --git a/README.md b/README.md new file mode 100644 index 0000000..7a6d06a --- /dev/null +++ b/README.md @@ -0,0 +1,45 @@ +# P5x `api-server` + +P5x is a set of tools for running a Kubernetes cluster on LXC containers in Proxmox. The `api-server` is the central component of the P5x system that handles interactions between Kubernetes and the underlying Proxmox infrastructure. + +The `api-server` is a necessary component to run any part of the P5x system. + +## Deployment + +### P5x Storage Setup + +P5x requires a small amount of persistent storage for its system database. This is accomplished with a local path on a Kubernetes node. + +1. Pick an LXC container in your K8s cluster that the P5x API server will run on. +2. Create a new disk in Proxmox (may not be NFS storage) and mount it at `/mnt/p5x-system-data` on the LXC container. +3. Update `deploy/20-volume.yaml` and replace the `control.k8s` hostname in the `nodeSelectorTerms` with the hostname of your K8s LXC container. + + +### Deploy API Server to Kubernetes + +Create a file with the necessary environment variables: + +```yaml +# 10-environment.yaml +--- +apiVersion: v1 +kind: Secret +metadata: + name: api-env + namespace: p5x-system +type: Opaque +stringData: + P5X_API_HOST: "" # fully-qualified hostname or IP address of your Proxmox VE server + P5X_API_ROOT_PASSWORD: "" + P5X_STORAGE_POOL: "" # name of your Proxmox VE storage pool -- MUST be network storage shared between nodes + P5X_STORAGE_DRIVER: "lvm" # what type of driver the storage pool uses ('lvm' or 'nfs') + P5X_K8S_ROOT_PASSWORD: "" # FOR FUTURE USE - you can just fill in a random string here for now +``` + +Apply the environment secret and create the rest of the P5x API resources: + +```shell +kubectl apply -f deploy/0-namespace.yaml -f 10-environment.yaml -f deploy +``` + +In your Kubernetes cluster, in the `p5x-system` namespace, you should now see a `p5x-api-server-0` pod successfully boot. diff --git a/deploy/40-statefulset.yaml b/deploy/40-statefulset.yaml index 48e5a1c..2ca9d05 100644 --- a/deploy/40-statefulset.yaml +++ b/deploy/40-statefulset.yaml @@ -25,7 +25,7 @@ spec: claimName: system-data containers: - name: api-server - image: registry.millslan.net/glmdev/p5x-api:latest + image: docker.io/glmdev/p5x-api:latest # TODO: (1) add a dedicated /healthz endpoint and (2) prevent that endpoint from writing to the Rocket logs # livenessProbe: # failureThreshold: 5 @@ -36,7 +36,7 @@ spec: # periodSeconds: 120 # timeoutSeconds: 10 envFrom: - - configMapRef: + - secretRef: name: api-env env: - name: P5X_NODE_HOSTNAME diff --git a/deploy/60-service.yaml b/deploy/60-service.yaml new file mode 100644 index 0000000..6189ecf --- /dev/null +++ b/deploy/60-service.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: api + namespace: p5x-system +spec: + selector: + app: p5x-api-server + ports: + - protocol: TCP + port: 3450 + targetPort: p5x diff --git a/scripts/build.sh b/scripts/build.sh index 065785f..ae6b63e 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -6,4 +6,4 @@ if ! [ -f Cargo.toml ]; then fi cargo build --release --target x86_64-unknown-linux-gnu -docker build -t "${DOCKER_REGISTRY}/glmdev/p5x-api:latest" . +docker build -t "${DOCKER_REGISTRY:-docker.io}/glmdev/p5x-api:latest" . diff --git a/scripts/push.sh b/scripts/push.sh index fb9adab..478b479 100755 --- a/scripts/push.sh +++ b/scripts/push.sh @@ -1,3 +1,3 @@ #!/bin/sh -e -docker push "${DOCKER_REGISTRY}/glmdev/p5x-api:latest" +docker push "${DOCKER_REGISTRY:-docker.io}/glmdev/p5x-api:latest"