(openvpn) deploy mariadb operator

Author: dtapiacl

fleet/lib/mariadb-operator/fleet.yaml

@@ -0,0 +1,20 @@
+---
+name: mariadb-operator
+defaultNamespace: &name mariadb-system
+namespaceLabels:
+  lsst.io/discover: "true"
+labels:
+  bundle: *name
+helm:
+  chart: mariadb-operator
+  releaseName: mariadb-operator
+  repo: https://helm.mariadb.com/mariadb-operator
+  version: 0.38.1
+  waitForJobs: true
+  timeoutSeconds: 900
+  values:
+    crds:
+      enabled: true
+    ha:
+      enabled: true
+      replicas: 2

fleet/lib/metallb-conf/overlays/ruka/ipaddresspool-openvpndb.yaml

@@ -0,0 +1,20 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: openvpndb
+  namespace: metallb-system
+spec:
+  addresses:
+    - 139.229.134.140/32
+    - 139.229.134.145/32
+    - 139.229.134.146/32
+  autoAssign: false
+---
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: openvpndb
+  namespace: metallb-system
+spec:
+  ipAddressPools:
+    - openvpndb

fleet/lib/metallb-conf/overlays/yepun/ipaddresspool-openvpndb.yaml

@@ -0,0 +1,20 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: openvpndb
+  namespace: metallb-system
+spec:
+  addresses:
+    - 139.229.160.90/32
+    - 139.229.160.91/32
+    - 139.229.160.92/32
+  autoAssign: false
+---
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: openvpndb
+  namespace: metallb-system
+spec:
+  ipAddressPools:
+    - openvpndb

fleet/lib/openvpn-db-pre/base/external-secret-dockerhub.yaml

@@ -0,0 +1,34 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: dockerhub-secret
+  namespace: openvpn-db
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword
+  target:
+    name: dockerhub-secret
+    creationPolicy: Owner
+    template:
+      type: kubernetes.io/dockerconfigjson
+      data:
+        .dockerconfigjson: |
+          {
+            "auths": {
+              "docker.io": {
+                "username": "{{ .dockerhub_username }}",
+                "password": "{{ .dockerhub_token }}",
+                "auth": "{{ printf "%s:%s" .dockerhub_username .dockerhub_token | b64enc }}"
+              }
+            }
+          }
+  data:
+    - secretKey: dockerhub_username
+      remoteRef:
+        key: lsstitadmin-docker-hub
+        property: username
+    - secretKey: dockerhub_token
+      remoteRef:
+        key: lsstitadmin-docker-hub
+        property: docker hub api token

fleet/lib/openvpn-db-pre/base/external-secret-openvpndb.yaml

@@ -0,0 +1,21 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: mariadb
+  namespace: openvpn-db
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword
+  target:
+    name: mariadb
+    creationPolicy: Owner
+  data:
+    - secretKey: mariadb-root-password
+      remoteRef:
+        key: openvpn-mariadb-credentials
+        property: mariadb-root-password
+    - secretKey: mariadb-replication-password
+      remoteRef:
+        key: openvpn-mariadb-credentials
+        property: mariadb-replication-password

fleet/lib/openvpn-db-pre/base/kustomization.yaml

@@ -0,0 +1,4 @@
+resources:
+  - external-secret-dockerhub.yaml
+  - external-secret-openvpndb.yaml
+  - mariadb-headless-service.yaml

fleet/lib/openvpn-db-pre/base/mariadb-headless-service.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: mariadb-galera
+  namespace: openvpn-db
+spec:
+  clusterIP: None
+  selector:
+    app.kubernetes.io/name: mariadb
+  ports:
+    - protocol: TCP
+      port: 3306
+      targetPort: 3306

fleet/lib/openvpn-db-pre/fleet.yaml

@@ -0,0 +1,6 @@
+defaultNamespace: openvpn-db
+labels:
+  bundle: openvpn-db-pre
+name: openvpn-db-pre
+kustomize:
+  dir: base

fleet/lib/openvpn-db/fleet.yaml

@@ -0,0 +1,19 @@
+name: openvpn-db
+defaultNamespace: &name openvpn-db
+labels:
+  bundle: *name
+dependsOn:
+  - name: mariadb-operator
+    namespace: mariadb-system
+  - name: openvpn-db-pre
+    namespace: openvpn-db
+targetCustomizations:
+  - name: ruka
+    clusterSelector:
+      matchExpressions:
+        - key: management.cattle.io/cluster-display-name
+          operator: In
+          values:
+            - ruka
+    kustomize:
+      dir: overlays/ruka

fleet/lib/openvpn-db/overlays/ruka/kustomization.yaml

@@ -0,0 +1,2 @@
+resources:
+  - mariadb-cr.yaml