From f73cf91af2aee93b3bb79bf2bca75a654c16baa5 Mon Sep 17 00:00:00 2001 From: titver968 Date: Thu, 28 Aug 2025 10:28:06 +0200 Subject: [PATCH] seaweedfs auf seaweedfs artifact --- argocd/apps/seaweedfs/seaweedfs.yaml | 252 ++++++++++++++++++++------- 1 file changed, 188 insertions(+), 64 deletions(-) diff --git a/argocd/apps/seaweedfs/seaweedfs.yaml b/argocd/apps/seaweedfs/seaweedfs.yaml index 3a796b5..8084e18 100644 --- a/argocd/apps/seaweedfs/seaweedfs.yaml +++ b/argocd/apps/seaweedfs/seaweedfs.yaml @@ -7,79 +7,203 @@ metadata: spec: project: default source: - repoURL: 'registry-1.docker.io/bitnamicharts' - path: 'seaweedfs' - targetRevision: 5.*.* + repoURL: 'https://seaweedfs.github.io/seaweedfs/helm' chart: seaweedfs + targetRevision: 4.*.* helm: - parameters: - - name: master.ingress.enabled - value: 'true' - - name: master.ingress.hostname - value: 'seaweed.innovation-hub-niedersachsen.de' - - name: master.ingress.tls - value: 'true' - - name: master.ingress.annotations.kubernetes\.io\/ingress\.class - value: traefik - - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls - value: 'true' - forceString: true - - name: master.ingress.annotations.cert-manager\.io\/cluster-issuer - value: 'lets-encrypt' - - name: master.ingress.annotations.ingress\.secrets - value: 'seaweed.innovation-hub-niedersachsen.de-tls' - - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints - value: websecure - - name: master.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.middlewares - value: seaweedfs-seaweedfs-cors@kubernetescrd - - name: security.enabled - value: 'true' - - name: security.corsAllowedOrigins - value: '*' - - name: s3.enabled - value: 'true' - - name: s3.logLevel - value: '4' - - name: s3.auth.enabled - value: 'true' - - name: s3.auth.adminAccessKeyId - value: 'wjpKrmaqXra99rX3D61H' - - name: s3.auth.adminSecretAccessKey - value: 'fTPi0u0FR6Lv9Y9IKydWv6WM0EA5XrsK008HCt9u' - - name: s3.ingress.enabled - value: 'true' - - name: s3.ingress.hostname - value: 'sws3.innovation-hub-niedersachsen.de' - - name: s3.ingress.tls - value: 'true' - - name: s3.ingress.annotations.kubernetes\.io\/ingress\.class - value: traefik - - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls - value: 'true' - forceString: true - - name: s3.ingress.annotations.cert-manager\.io\/cluster-issuer - value: 'lets-encrypt' - - name: s3.ingress.annotations.ingress\.secrets - value: 'sws3.innovation-hub-niedersachsen.de-tls' - - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.entrypoints - value: websecure - - name: s3.ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.middlewares - value: seaweedfs-seaweedfs-cors@kubernetescrd,seaweedfs-stripprefix@kubernetescrd - - name: mariadb.auth.rootPassword - value: 'InnoHubSEAWEEDFS_2024!' - - name: mariadb.auth.username - value: 'bn_seaweedfs' - - name: mariadb.auth.password - value: 'bn_seaweedfsUSER' + values: | + # Global Konfiguration + global: + enableSecurity: true + monitoring: + enabled: true + imagePullPolicy: IfNotPresent + + # Master Konfiguration + master: + replicas: 3 + data: + type: "persistentVolumeClaim" + size: "25Gi" + storageClass: "" + logs: + type: "persistentVolumeClaim" + size: "5Gi" + + # Master Service + service: + type: ClusterIP + ports: + http: 9333 + grpc: 19333 + + # Master Ingress + ingress: + enabled: true + className: "traefik" + annotations: + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: "lets-encrypt" + traefik.ingress.kubernetes.io/router.entrypoints: "websecure" + traefik.ingress.kubernetes.io/router.middlewares: "seaweedfs-cors@kubernetescrd" + hosts: + - host: "seaweed.innovation-hub-niedersachsen.de" + paths: + - path: "/" + pathType: "Prefix" + tls: + - secretName: "seaweed.innovation-hub-niedersachsen.de-tls" + hosts: + - "seaweed.innovation-hub-niedersachsen.de" + + # Volume Server Konfiguration + volume: + replicas: 3 + data: + type: "persistentVolumeClaim" + size: "100Gi" + storageClass: "" + idx: + type: "persistentVolumeClaim" + size: "10Gi" + storageClass: "" + + service: + type: ClusterIP + ports: + http: 8080 + grpc: 18080 + + # Filer Konfiguration + filer: + replicas: 2 + data: + type: "persistentVolumeClaim" + size: "25Gi" + storageClass: "" + logs: + type: "persistentVolumeClaim" + size: "5Gi" + + # Filer Service + service: + type: ClusterIP + ports: + http: 8888 + grpc: 18888 + + # Optional: Filer Ingress (für Web UI) + ingress: + enabled: false + + # S3 Gateway Konfiguration + s3: + enabled: true + replicas: 2 + + # S3 Authentifizierung + auth: + enabled: true + adminUser: "wjpKrmaqXra99rX3D61H" + adminPassword: "fTPi0u0FR6Lv9Y9IKydWv6WM0EA5XrsK008HCt9u" + + # S3 Service + service: + type: ClusterIP + ports: + http: 8333 + + # S3 Konfiguration + config: + logLevel: 4 + + # S3 Ingress + ingress: + enabled: true + className: "traefik" + annotations: + traefik.ingress.kubernetes.io/router.tls: "true" + cert-manager.io/cluster-issuer: "lets-encrypt" + traefik.ingress.kubernetes.io/router.entrypoints: "websecure" + traefik.ingress.kubernetes.io/router.middlewares: "seaweedfs-cors@kubernetescrd,seaweedfs-stripprefix@kubernetescrd" + hosts: + - host: "sws3.innovation-hub-niedersachsen.de" + paths: + - path: "/" + pathType: "Prefix" + tls: + - secretName: "sws3.innovation-hub-niedersachsen.de-tls" + hosts: + - "sws3.innovation-hub-niedersachsen.de" + + # WebDAV (optional - standardmäßig deaktiviert) + webdav: + enabled: false + + # Mount (optional - für FUSE Mount) + mount: + enabled: false + + # CORS Konfiguration + cors: + enabled: true + allowedOrigins: + - "*" + allowedMethods: + - "GET" + - "POST" + - "PUT" + - "DELETE" + - "HEAD" + - "OPTIONS" + allowedHeaders: + - "*" + + # Resource Limits (optional) + resources: + master: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + volume: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 200m + memory: 256Mi + filer: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + s3: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + + # Node Affinity (optional) + nodeSelector: {} + tolerations: [] + affinity: {} + destination: server: 'https://kubernetes.default.svc' namespace: seaweedfs syncPolicy: managedNamespaceMetadata: - labels: + labels: pod-security.kubernetes.io/enforce: "privileged" automated: selfHeal: true prune: true syncOptions: - - CreateNamespace=true + - CreateNamespace=true \ No newline at end of file