From 45c0cbaff55290432133b1b9c05371eeca9388f2 Mon Sep 17 00:00:00 2001 From: prettysunflower Date: Fri, 30 May 2025 00:45:17 +0200 Subject: [PATCH] Initial commit --- .gitignore | 3 + .../cronjob.yaml | 18 + .../kustomization.yaml | 3 + .../secrets.sops.yaml | 23 + apps/individual/alpine.yaml | 14 + apps/individual/import.yaml | 21 + apps/longhorn/longhorn.yaml | 5187 +++++++++++++++++ apps/prettysunflower-website/deployment.yaml | 71 + .../kustomization.yaml | 5 + apps/prettysunflower-website/namespace.yaml | 6 + .../prettysunflower-website/secrets.sops.yaml | 47 + apps/prettysunflower-website/services.yaml | 29 + apps/technitium/deployment.yaml | 32 + apps/technitium/kustomization.yaml | 4 + apps/technitium/pvc.yaml | 11 + apps/technitium/services.yaml | 24 + apps/thelounge/pvc.yaml | 11 + apps/thelounge/services.yaml | 12 + apps/thelounge/statefulset.yaml | 30 + apps/uptime-kuma/deployment.yaml | 33 + apps/uptime-kuma/kustomization.yaml | 5 + apps/uptime-kuma/namespace.yaml | 6 + apps/uptime-kuma/pvc.yaml | 12 + apps/uptime-kuma/services.yaml | 14 + apps/znc/pvc.yaml | 11 + apps/znc/services.yaml | 19 + apps/znc/statefulset.yaml | 30 + infra/clusterconfig/.gitignore | 7 + infra/tailscale.patch.sops.yaml | 21 + infra/talconfig.yaml | 100 + infra/talsecret.sops.yaml | 38 + 31 files changed, 5847 insertions(+) create mode 100644 .gitignore create mode 100644 apps/autoupdate-teable-figurines-currencies/cronjob.yaml create mode 100644 apps/autoupdate-teable-figurines-currencies/kustomization.yaml create mode 100644 apps/autoupdate-teable-figurines-currencies/secrets.sops.yaml create mode 100644 apps/individual/alpine.yaml create mode 100644 apps/individual/import.yaml create mode 100644 apps/longhorn/longhorn.yaml create mode 100644 apps/prettysunflower-website/deployment.yaml create mode 100644 apps/prettysunflower-website/kustomization.yaml create mode 100644 apps/prettysunflower-website/namespace.yaml create mode 100644 apps/prettysunflower-website/secrets.sops.yaml create mode 100644 apps/prettysunflower-website/services.yaml create mode 100644 apps/technitium/deployment.yaml create mode 100644 apps/technitium/kustomization.yaml create mode 100644 apps/technitium/pvc.yaml create mode 100644 apps/technitium/services.yaml create mode 100644 apps/thelounge/pvc.yaml create mode 100644 apps/thelounge/services.yaml create mode 100644 apps/thelounge/statefulset.yaml create mode 100644 apps/uptime-kuma/deployment.yaml create mode 100644 apps/uptime-kuma/kustomization.yaml create mode 100644 apps/uptime-kuma/namespace.yaml create mode 100644 apps/uptime-kuma/pvc.yaml create mode 100644 apps/uptime-kuma/services.yaml create mode 100644 apps/znc/pvc.yaml create mode 100644 apps/znc/services.yaml create mode 100644 apps/znc/statefulset.yaml create mode 100644 infra/clusterconfig/.gitignore create mode 100644 infra/tailscale.patch.sops.yaml create mode 100644 infra/talconfig.yaml create mode 100644 infra/talsecret.sops.yaml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6725bac --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +secrets.yaml +infra/tailscale.patch.yaml +.DS_Store diff --git a/apps/autoupdate-teable-figurines-currencies/cronjob.yaml b/apps/autoupdate-teable-figurines-currencies/cronjob.yaml new file mode 100644 index 0000000..527a35e --- /dev/null +++ b/apps/autoupdate-teable-figurines-currencies/cronjob.yaml @@ -0,0 +1,18 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: autoupdate-teable-figurines-currencies +spec: + schedule: "0 3 * * *" + jobTemplate: + spec: + template: + spec: + containers: + - name: autoupdate-teable-figurines-currencies + image: git.prettysunflower.moe/prettysunflower/autoupdate-teable-figurines-currencies:v1.0 + imagePullPolicy: IfNotPresent + envFrom: + - secretRef: + name: autoupdate-teable-figurines-currencies-secret + restartPolicy: OnFailure \ No newline at end of file diff --git a/apps/autoupdate-teable-figurines-currencies/kustomization.yaml b/apps/autoupdate-teable-figurines-currencies/kustomization.yaml new file mode 100644 index 0000000..0aeb4c6 --- /dev/null +++ b/apps/autoupdate-teable-figurines-currencies/kustomization.yaml @@ -0,0 +1,3 @@ +resources: +- cronjob.yaml +- secrets.yaml diff --git a/apps/autoupdate-teable-figurines-currencies/secrets.sops.yaml b/apps/autoupdate-teable-figurines-currencies/secrets.sops.yaml new file mode 100644 index 0000000..aeb29a7 --- /dev/null +++ b/apps/autoupdate-teable-figurines-currencies/secrets.sops.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Secret +metadata: + name: autoupdate-teable-figurines-currencies-secret +type: Opaque +data: + RATES_EXCHANGE_APIKEY: ENC[AES256_GCM,data:mQ7j0QNtmPRKEbs0/1Gyha1d4dQSVs2TwheGiQu0LPoAeYLe1gyzSGGS+/SF8lKl,iv:42LINaSLOptLq2/NrqR+c40t7wMWj90PaMVp74GbakY=,tag:7/WuSXVH9AZbveiaSjN1ig==,type:str] + TEABLE_APIKEY: ENC[AES256_GCM,data:iuHX8DJIgb7k4+e3AHjDDnyx1PRMa1IAKBzBBIln8nT6CzWgZHXCheb3Bz6rJUTUutvOEXgSWBRffkJZ3kjayifAmEXHLxMQtrKqfa3dm0ghJQCqCZaewL9vN2VAe3D2,iv:WojW3eQYAaKK6h5m9+7kUgJRcotYEqaDbfDva/Cwc08=,tag:HkzwC3d5Ndv5FoXVJZMmYw==,type:str] +sops: + age: + - recipient: age1r0tjhg6uexyj0p7fp0ftv5h7r7e3ptzkk2797pznfvrvsm576u0s37yyaw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAramZZVEV3TEhyUmErZDNZ + RlR0Mm44WThoMEZqd2dYUWVXRS9qNjJKZ2swCjd0ZXhLUkVHUkNvcjlIU21Kd0h1 + SUNyeSt1bWtVTkwwT054aTVXUzhzZHcKLS0tIFY4dGdUZ1VRWkZZSUNJOU1RbGx4 + d09XVFVKY1dNcVdldCtSUUxYZUtXd0kKynbS+MZUw0fWcQ5HbiiOnf0NajSD4mQ0 + QhcFWaadsR5LZjdxTfS1XFcbVGa2H8E3FtQvksz7lGwLsU0xqMRGzw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-05-29T22:38:31Z" + mac: ENC[AES256_GCM,data:cVxy/FkFJnxjzygwf0KdBNvF13nKk8wOjiMSaAtkXcrYPQshu5dONx/2pkG0HjifVKIZvATu/3G7nhcb7pX5+t03QOPkqmoHSowxejMB7w5eX24MALhzAMze/5nlnRQMLA5ZQ+3lG1SNsUXAXlWrlNAS4FKYvIjsvFRA0OTH95s=,iv:NdE7v3ysPuyACIFgquSwZN4AXhFr9Pv9k0PkqAEsVxc=,tag:zM4ga1oK7OpW+ppiS0/HTg==,type:str] + encrypted_regex: ^(data|stringData)$ + version: 3.10.2 diff --git a/apps/individual/alpine.yaml b/apps/individual/alpine.yaml new file mode 100644 index 0000000..e7f9712 --- /dev/null +++ b/apps/individual/alpine.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: alpine + labels: + app: alpine +spec: + containers: + - image: alpine:latest + name: alpine + command: + - sleep + - "3600" diff --git a/apps/individual/import.yaml b/apps/individual/import.yaml new file mode 100644 index 0000000..03c7564 --- /dev/null +++ b/apps/individual/import.yaml @@ -0,0 +1,21 @@ +--- +apiVersion: v1 +kind: Pod +metadata: + name: busybox + labels: + app: busybox +spec: + containers: + - image: busybox + name: busybox + command: + - sleep + - "3600" + volumeMounts: + - name: data + mountPath: "/data" + volumes: + - name: data + persistentVolumeClaim: + claimName: technitium-data-pvc \ No newline at end of file diff --git a/apps/longhorn/longhorn.yaml b/apps/longhorn/longhorn.yaml new file mode 100644 index 0000000..83701f6 --- /dev/null +++ b/apps/longhorn/longhorn.yaml @@ -0,0 +1,5187 @@ +--- +# Builtin: "helm template" does not respect --create-namespace +apiVersion: v1 +kind: Namespace +metadata: + name: longhorn-system + labels: + pod-security.kubernetes.io/enforce: privileged +--- +# Source: longhorn/templates/priorityclass.yaml +apiVersion: scheduling.k8s.io/v1 +kind: PriorityClass +metadata: + name: "longhorn-critical" + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +description: "Ensure Longhorn pods have the highest priority to prevent any unexpected eviction by the Kubernetes scheduler under node pressure" +globalDefault: false +preemptionPolicy: PreemptLowerPriority +value: 1000000000 +--- +# Source: longhorn/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: longhorn-service-account + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +--- +# Source: longhorn/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: longhorn-ui-service-account + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +--- +# Source: longhorn/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: longhorn-support-bundle + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +--- +# Source: longhorn/templates/default-resource.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: longhorn-default-resource + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +data: + default-resource.yaml: |- +--- +# Source: longhorn/templates/default-setting.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: longhorn-default-setting + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +data: + default-setting.yaml: |- + priority-class: longhorn-critical + disable-revision-counter: true +--- +# Source: longhorn/templates/storageclass.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: longhorn-storageclass + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +data: + storageclass.yaml: | + kind: StorageClass + apiVersion: storage.k8s.io/v1 + metadata: + name: longhorn + annotations: + storageclass.kubernetes.io/is-default-class: "true" + provisioner: driver.longhorn.io + allowVolumeExpansion: true + reclaimPolicy: "Delete" + volumeBindingMode: Immediate + parameters: + numberOfReplicas: "3" + staleReplicaTimeout: "30" + fromBackup: "" + fsType: "ext4" + dataLocality: "disabled" + unmapMarkSnapChainRemoved: "ignored" + disableRevisionCounter: "true" + dataEngine: "v1" +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backingimagedatasources.longhorn.io +spec: + group: longhorn.io + names: + kind: BackingImageDataSource + listKind: BackingImageDataSourceList + plural: backingimagedatasources + shortNames: + - lhbids + singular: backingimagedatasource + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The current state of the pod used to provision the backing image + file from source + jsonPath: .status.currentState + name: State + type: string + - description: The data source type + jsonPath: .spec.sourceType + name: SourceType + type: string + - description: The node the backing image file will be prepared on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The disk the backing image file will be prepared on + jsonPath: .spec.diskUUID + name: DiskUUID + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BackingImageDataSource is where Longhorn stores backing image + data source object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The system generated UUID of the provisioned backing image file + jsonPath: .spec.uuid + name: UUID + type: string + - description: The current state of the pod used to provision the backing image + file from source + jsonPath: .status.currentState + name: State + type: string + - description: The data source type + jsonPath: .spec.sourceType + name: SourceType + type: string + - description: The backing image file size + jsonPath: .status.size + name: Size + type: string + - description: The node the backing image file will be prepared on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The disk the backing image file will be prepared on + jsonPath: .spec.diskUUID + name: DiskUUID + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: BackingImageDataSource is where Longhorn stores backing image + data source object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackingImageDataSourceSpec defines the desired state of the + Longhorn backing image data source + properties: + checksum: + type: string + diskPath: + type: string + diskUUID: + type: string + fileTransferred: + type: boolean + nodeID: + type: string + parameters: + additionalProperties: + type: string + type: object + sourceType: + enum: + - download + - upload + - export-from-volume + - restore + - clone + type: string + uuid: + type: string + type: object + status: + description: BackingImageDataSourceStatus defines the observed state of + the Longhorn backing image data source + properties: + checksum: + type: string + currentState: + type: string + ip: + type: string + message: + type: string + ownerID: + type: string + progress: + type: integer + runningParameters: + additionalProperties: + type: string + nullable: true + type: object + size: + format: int64 + type: integer + storageIP: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backingimagemanagers.longhorn.io +spec: + group: longhorn.io + names: + kind: BackingImageManager + listKind: BackingImageManagerList + plural: backingimagemanagers + shortNames: + - lhbim + singular: backingimagemanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The current state of the manager + jsonPath: .status.currentState + name: State + type: string + - description: The image the manager pod will use + jsonPath: .spec.image + name: Image + type: string + - description: The node the manager is on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The disk the manager is responsible for + jsonPath: .spec.diskUUID + name: DiskUUID + type: string + - description: The disk path the manager is using + jsonPath: .spec.diskPath + name: DiskPath + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BackingImageManager is where Longhorn stores backing image manager + object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The current state of the manager + jsonPath: .status.currentState + name: State + type: string + - description: The image the manager pod will use + jsonPath: .spec.image + name: Image + type: string + - description: The node the manager is on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The disk the manager is responsible for + jsonPath: .spec.diskUUID + name: DiskUUID + type: string + - description: The disk path the manager is using + jsonPath: .spec.diskPath + name: DiskPath + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: BackingImageManager is where Longhorn stores backing image manager + object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackingImageManagerSpec defines the desired state of the + Longhorn backing image manager + properties: + backingImages: + additionalProperties: + type: string + type: object + diskPath: + type: string + diskUUID: + type: string + image: + type: string + nodeID: + type: string + type: object + status: + description: BackingImageManagerStatus defines the observed state of the + Longhorn backing image manager + properties: + apiMinVersion: + type: integer + apiVersion: + type: integer + backingImageFileMap: + additionalProperties: + properties: + currentChecksum: + type: string + message: + type: string + name: + type: string + progress: + type: integer + realSize: + format: int64 + type: integer + senderManagerAddress: + type: string + sendingReference: + type: integer + size: + format: int64 + type: integer + state: + type: string + uuid: + type: string + virtualSize: + format: int64 + type: integer + type: object + nullable: true + type: object + currentState: + type: string + ip: + type: string + ownerID: + type: string + storageIP: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backingimages.longhorn.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: longhorn-conversion-webhook + namespace: longhorn-system + path: /v1/webhook/conversion + port: 9501 + conversionReviewVersions: + - v1beta2 + - v1beta1 + group: longhorn.io + names: + kind: BackingImage + listKind: BackingImageList + plural: backingimages + shortNames: + - lhbi + singular: backingimage + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The backing image name + jsonPath: .spec.image + name: Image + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: BackingImage is where Longhorn stores backing image object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The system generated UUID + jsonPath: .status.uuid + name: UUID + type: string + - description: The source of the backing image file data + jsonPath: .spec.sourceType + name: SourceType + type: string + - description: The backing image file size in each disk + jsonPath: .status.size + name: Size + type: string + - description: The virtual size of the image (may be larger than file size) + jsonPath: .status.virtualSize + name: VirtualSize + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: BackingImage is where Longhorn stores backing image object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackingImageSpec defines the desired state of the Longhorn + backing image + properties: + checksum: + type: string + dataEngine: + default: v1 + enum: + - v1 + - v2 + type: string + diskFileSpecMap: + additionalProperties: + properties: + dataEngine: + enum: + - v1 + - v2 + type: string + evictionRequested: + type: boolean + type: object + type: object + diskSelector: + items: + type: string + type: array + disks: + additionalProperties: + type: string + description: Deprecated. We are now using DiskFileSpecMap to assign + different spec to the file on different disks. + type: object + minNumberOfCopies: + type: integer + nodeSelector: + items: + type: string + type: array + secret: + type: string + secretNamespace: + type: string + sourceParameters: + additionalProperties: + type: string + type: object + sourceType: + enum: + - download + - upload + - export-from-volume + - restore + - clone + type: string + type: object + status: + description: BackingImageStatus defines the observed state of the Longhorn + backing image status + properties: + checksum: + type: string + diskFileStatusMap: + additionalProperties: + properties: + dataEngine: + enum: + - v1 + - v2 + type: string + lastStateTransitionTime: + type: string + message: + type: string + progress: + type: integer + state: + type: string + type: object + nullable: true + type: object + diskLastRefAtMap: + additionalProperties: + type: string + nullable: true + type: object + ownerID: + type: string + realSize: + description: Real size of image in bytes, which may be smaller than + the size when the file is a sparse file. Will be zero until known + (e.g. while a backing image is uploading) + format: int64 + type: integer + size: + format: int64 + type: integer + uuid: + type: string + v2FirstCopyDisk: + type: string + v2FirstCopyStatus: + description: It is pending -> in-progress -> ready/failed + type: string + virtualSize: + description: Virtual size of image in bytes, which may be larger than + physical size. Will be zero until known (e.g. while a backing image + is uploading) + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backupbackingimages.longhorn.io +spec: + group: longhorn.io + names: + kind: BackupBackingImage + listKind: BackupBackingImageList + plural: backupbackingimages + shortNames: + - lhbbi + singular: backupbackingimage + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The backing image name + jsonPath: .status.backingImage + name: BackingImage + type: string + - description: The backing image size + jsonPath: .status.size + name: Size + type: string + - description: The backing image backup upload finished time + jsonPath: .status.backupCreatedAt + name: BackupCreatedAt + type: string + - description: The backing image backup state + jsonPath: .status.state + name: State + type: string + - description: The last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: BackupBackingImage is where Longhorn stores backing image backup + object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackupBackingImageSpec defines the desired state of the Longhorn + backing image backup + properties: + backingImage: + description: |- + The backing image name. + type: string + backupTargetName: + description: The backup target name. + nullable: true + type: string + labels: + additionalProperties: + type: string + description: The labels of backing image backup. + type: object + syncRequestedAt: + description: The time to request run sync the remote backing image + backup. + format: date-time + nullable: true + type: string + userCreated: + description: |- + Is this CR created by user through API or UI. + type: boolean + required: + - backingImage + - userCreated + type: object + status: + description: BackupBackingImageStatus defines the observed state of the + Longhorn backing image backup + properties: + backingImage: + description: The backing image name. + type: string + backupCreatedAt: + description: The backing image backup upload finished time. + type: string + checksum: + description: The checksum of the backing image. + type: string + compressionMethod: + description: Compression method + type: string + error: + description: The error message when taking the backing image backup. + type: string + labels: + additionalProperties: + type: string + description: The labels of backing image backup. + nullable: true + type: object + lastSyncedAt: + description: The last time that the backing image backup was synced + with the remote backup target. + format: date-time + nullable: true + type: string + managerAddress: + description: The address of the backing image manager that runs backing + image backup. + type: string + messages: + additionalProperties: + type: string + description: The error messages when listing or inspecting backing + image backup. + nullable: true + type: object + ownerID: + description: The node ID on which the controller is responsible to + reconcile this CR. + type: string + progress: + description: The backing image backup progress. + type: integer + secret: + description: Record the secret if this backup backing image is encrypted + type: string + secretNamespace: + description: Record the secret namespace if this backup backing image + is encrypted + type: string + size: + description: The backing image size. + format: int64 + type: integer + state: + description: |- + The backing image backup creation state. + Can be "", "InProgress", "Completed", "Error", "Unknown". + type: string + url: + description: The backing image backup URL. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backups.longhorn.io +spec: + group: longhorn.io + names: + kind: Backup + listKind: BackupList + plural: backups + shortNames: + - lhb + singular: backup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The snapshot name + jsonPath: .status.snapshotName + name: SnapshotName + type: string + - description: The snapshot size + jsonPath: .status.size + name: SnapshotSize + type: string + - description: The snapshot creation time + jsonPath: .status.snapshotCreatedAt + name: SnapshotCreatedAt + type: string + - description: The backup state + jsonPath: .status.state + name: State + type: string + - description: The backup last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Backup is where Longhorn stores backup object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The snapshot name + jsonPath: .status.snapshotName + name: SnapshotName + type: string + - description: The snapshot size + jsonPath: .status.size + name: SnapshotSize + type: string + - description: The snapshot creation time + jsonPath: .status.snapshotCreatedAt + name: SnapshotCreatedAt + type: string + - description: The backup target name + jsonPath: .status.backupTargetName + name: BackupTarget + type: string + - description: The backup state + jsonPath: .status.state + name: State + type: string + - description: The backup last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Backup is where Longhorn stores backup object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackupSpec defines the desired state of the Longhorn backup + properties: + backupMode: + description: |- + The backup mode of this backup. + Can be "full" or "incremental" + enum: + - full + - incremental + - "" + type: string + labels: + additionalProperties: + type: string + description: The labels of snapshot backup. + type: object + snapshotName: + description: The snapshot name. + type: string + syncRequestedAt: + description: The time to request run sync the remote backup. + format: date-time + nullable: true + type: string + type: object + status: + description: BackupStatus defines the observed state of the Longhorn backup + properties: + backupCreatedAt: + description: The snapshot backup upload finished time. + type: string + backupTargetName: + description: The backup target name. + type: string + compressionMethod: + description: Compression method + type: string + error: + description: The error message when taking the snapshot backup. + type: string + labels: + additionalProperties: + type: string + description: The labels of snapshot backup. + nullable: true + type: object + lastSyncedAt: + description: The last time that the backup was synced with the remote + backup target. + format: date-time + nullable: true + type: string + messages: + additionalProperties: + type: string + description: The error messages when calling longhorn engine on listing + or inspecting backups. + nullable: true + type: object + newlyUploadDataSize: + description: Size in bytes of newly uploaded data + type: string + ownerID: + description: The node ID on which the controller is responsible to + reconcile this backup CR. + type: string + progress: + description: The snapshot backup progress. + type: integer + reUploadedDataSize: + description: Size in bytes of reuploaded data + type: string + replicaAddress: + description: The address of the replica that runs snapshot backup. + type: string + size: + description: The snapshot size. + type: string + snapshotCreatedAt: + description: The snapshot creation time. + type: string + snapshotName: + description: The snapshot name. + type: string + state: + description: |- + The backup creation state. + Can be "", "InProgress", "Completed", "Error", "Unknown". + type: string + url: + description: The snapshot backup URL. + type: string + volumeBackingImageName: + description: The volume's backing image name. + type: string + volumeCreated: + description: The volume creation time. + type: string + volumeName: + description: The volume name. + type: string + volumeSize: + description: The volume size. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backuptargets.longhorn.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: longhorn-conversion-webhook + namespace: longhorn-system + path: /v1/webhook/conversion + port: 9501 + conversionReviewVersions: + - v1beta2 + - v1beta1 + group: longhorn.io + names: + kind: BackupTarget + listKind: BackupTargetList + plural: backuptargets + shortNames: + - lhbt + singular: backuptarget + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The backup target URL + jsonPath: .spec.backupTargetURL + name: URL + type: string + - description: The backup target credential secret + jsonPath: .spec.credentialSecret + name: Credential + type: string + - description: The backup target poll interval + jsonPath: .spec.pollInterval + name: LastBackupAt + type: string + - description: Indicate whether the backup target is available or not + jsonPath: .status.available + name: Available + type: boolean + - description: The backup target last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BackupTarget is where Longhorn stores backup target object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The backup target URL + jsonPath: .spec.backupTargetURL + name: URL + type: string + - description: The backup target credential secret + jsonPath: .spec.credentialSecret + name: Credential + type: string + - description: The backup target poll interval + jsonPath: .spec.pollInterval + name: LastBackupAt + type: string + - description: Indicate whether the backup target is available or not + jsonPath: .status.available + name: Available + type: boolean + - description: The backup target last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: BackupTarget is where Longhorn stores backup target object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackupTargetSpec defines the desired state of the Longhorn + backup target + properties: + backupTargetURL: + description: The backup target URL. + type: string + credentialSecret: + description: The backup target credential secret. + type: string + pollInterval: + description: The interval that the cluster needs to run sync with + the backup target. + type: string + syncRequestedAt: + description: The time to request run sync the remote backup target. + format: date-time + nullable: true + type: string + type: object + status: + description: BackupTargetStatus defines the observed state of the Longhorn + backup target + properties: + available: + description: Available indicates if the remote backup target is available + or not. + type: boolean + conditions: + description: Records the reason on why the backup target is unavailable. + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + lastSyncedAt: + description: The last time that the controller synced with the remote + backup target. + format: date-time + nullable: true + type: string + ownerID: + description: The node ID on which the controller is responsible to + reconcile this backup target CR. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: backupvolumes.longhorn.io +spec: + group: longhorn.io + names: + kind: BackupVolume + listKind: BackupVolumeList + plural: backupvolumes + shortNames: + - lhbv + singular: backupvolume + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The backup volume creation time + jsonPath: .status.createdAt + name: CreatedAt + type: string + - description: The backup volume last backup name + jsonPath: .status.lastBackupName + name: LastBackupName + type: string + - description: The backup volume last backup time + jsonPath: .status.lastBackupAt + name: LastBackupAt + type: string + - description: The backup volume last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BackupVolume is where Longhorn stores backup volume object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The backup target name + jsonPath: .spec.backupTargetName + name: BackupTarget + type: string + - description: The backup volume creation time + jsonPath: .status.createdAt + name: CreatedAt + type: string + - description: The backup volume last backup name + jsonPath: .status.lastBackupName + name: LastBackupName + type: string + - description: The backup volume last backup time + jsonPath: .status.lastBackupAt + name: LastBackupAt + type: string + - description: The backup volume last synced time + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: BackupVolume is where Longhorn stores backup volume object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: BackupVolumeSpec defines the desired state of the Longhorn + backup volume + properties: + backupTargetName: + description: The backup target name that the backup volume was synced. + nullable: true + type: string + syncRequestedAt: + description: The time to request run sync the remote backup volume. + format: date-time + nullable: true + type: string + volumeName: + description: The volume name that the backup volume was used to backup. + type: string + type: object + status: + description: BackupVolumeStatus defines the observed state of the Longhorn + backup volume + properties: + backingImageChecksum: + description: the backing image checksum. + type: string + backingImageName: + description: The backing image name. + type: string + createdAt: + description: The backup volume creation time. + type: string + dataStored: + description: The backup volume block count. + type: string + labels: + additionalProperties: + type: string + description: The backup volume labels. + nullable: true + type: object + lastBackupAt: + description: The latest volume backup time. + type: string + lastBackupName: + description: The latest volume backup name. + type: string + lastModificationTime: + description: The backup volume config last modification time. + format: date-time + nullable: true + type: string + lastSyncedAt: + description: The last time that the backup volume was synced into + the cluster. + format: date-time + nullable: true + type: string + messages: + additionalProperties: + type: string + description: The error messages when call longhorn engine on list + or inspect backup volumes. + nullable: true + type: object + ownerID: + description: The node ID on which the controller is responsible to + reconcile this backup volume CR. + type: string + size: + description: The backup volume size. + type: string + storageClassName: + description: the storage class name of pv/pvc binding with the volume. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: engineimages.longhorn.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: longhorn-conversion-webhook + namespace: longhorn-system + path: /v1/webhook/conversion + port: 9501 + conversionReviewVersions: + - v1beta2 + - v1beta1 + group: longhorn.io + names: + kind: EngineImage + listKind: EngineImageList + plural: engineimages + shortNames: + - lhei + singular: engineimage + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: State of the engine image + jsonPath: .status.state + name: State + type: string + - description: The Longhorn engine image + jsonPath: .spec.image + name: Image + type: string + - description: Number of resources using the engine image + jsonPath: .status.refCount + name: RefCount + type: integer + - description: The build date of the engine image + jsonPath: .status.buildDate + name: BuildDate + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: EngineImage is where Longhorn stores engine image object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Compatibility of the engine image + jsonPath: .status.incompatible + name: Incompatible + type: boolean + - description: State of the engine image + jsonPath: .status.state + name: State + type: string + - description: The Longhorn engine image + jsonPath: .spec.image + name: Image + type: string + - description: Number of resources using the engine image + jsonPath: .status.refCount + name: RefCount + type: integer + - description: The build date of the engine image + jsonPath: .status.buildDate + name: BuildDate + type: date + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: EngineImage is where Longhorn stores engine image object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: EngineImageSpec defines the desired state of the Longhorn + engine image + properties: + image: + minLength: 1 + type: string + required: + - image + type: object + status: + description: EngineImageStatus defines the observed state of the Longhorn + engine image + properties: + buildDate: + type: string + cliAPIMinVersion: + type: integer + cliAPIVersion: + type: integer + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + controllerAPIMinVersion: + type: integer + controllerAPIVersion: + type: integer + dataFormatMinVersion: + type: integer + dataFormatVersion: + type: integer + gitCommit: + type: string + incompatible: + type: boolean + noRefSince: + type: string + nodeDeploymentMap: + additionalProperties: + type: boolean + nullable: true + type: object + ownerID: + type: string + refCount: + type: integer + state: + type: string + version: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: engines.longhorn.io +spec: + group: longhorn.io + names: + kind: Engine + listKind: EngineList + plural: engines + shortNames: + - lhe + singular: engine + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The current state of the engine + jsonPath: .status.currentState + name: State + type: string + - description: The node that the engine is on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The instance manager of the engine + jsonPath: .status.instanceManagerName + name: InstanceManager + type: string + - description: The current image of the engine + jsonPath: .status.currentImage + name: Image + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Engine is where Longhorn stores engine object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The data engine of the engine + jsonPath: .spec.dataEngine + name: Data Engine + type: string + - description: The current state of the engine + jsonPath: .status.currentState + name: State + type: string + - description: The node that the engine is on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The instance manager of the engine + jsonPath: .status.instanceManagerName + name: InstanceManager + type: string + - description: The current image of the engine + jsonPath: .status.currentImage + name: Image + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: Engine is where Longhorn stores engine object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: EngineSpec defines the desired state of the Longhorn engine + properties: + active: + type: boolean + backendStoreDriver: + description: Deprecated:Replaced by field `dataEngine`. + type: string + backupVolume: + type: string + dataEngine: + enum: + - v1 + - v2 + type: string + desireState: + type: string + disableFrontend: + type: boolean + engineImage: + description: 'Deprecated: Replaced by field `image`.' + type: string + frontend: + enum: + - blockdev + - iscsi + - nvmf + - "" + type: string + image: + type: string + logRequested: + type: boolean + nodeID: + type: string + replicaAddressMap: + additionalProperties: + type: string + type: object + requestedBackupRestore: + type: string + requestedDataSource: + type: string + revisionCounterDisabled: + type: boolean + salvageRequested: + type: boolean + snapshotMaxCount: + type: integer + snapshotMaxSize: + format: int64 + type: string + unmapMarkSnapChainRemovedEnabled: + type: boolean + upgradedReplicaAddressMap: + additionalProperties: + type: string + type: object + volumeName: + type: string + volumeSize: + format: int64 + type: string + type: object + status: + description: EngineStatus defines the observed state of the Longhorn engine + properties: + backupStatus: + additionalProperties: + properties: + backupURL: + type: string + error: + type: string + progress: + type: integer + replicaAddress: + type: string + snapshotName: + type: string + state: + type: string + type: object + nullable: true + type: object + cloneStatus: + additionalProperties: + properties: + error: + type: string + fromReplicaAddress: + type: string + isCloning: + type: boolean + progress: + type: integer + snapshotName: + type: string + state: + type: string + type: object + nullable: true + type: object + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + currentImage: + type: string + currentReplicaAddressMap: + additionalProperties: + type: string + nullable: true + type: object + currentSize: + format: int64 + type: string + currentState: + type: string + endpoint: + type: string + instanceManagerName: + type: string + ip: + type: string + isExpanding: + type: boolean + lastExpansionError: + type: string + lastExpansionFailedAt: + type: string + lastRestoredBackup: + type: string + logFetched: + type: boolean + ownerID: + type: string + port: + type: integer + purgeStatus: + additionalProperties: + properties: + error: + type: string + isPurging: + type: boolean + progress: + type: integer + state: + type: string + type: object + nullable: true + type: object + rebuildStatus: + additionalProperties: + properties: + error: + type: string + fromReplicaAddress: + type: string + isRebuilding: + type: boolean + progress: + type: integer + state: + type: string + type: object + nullable: true + type: object + replicaModeMap: + additionalProperties: + type: string + nullable: true + type: object + replicaTransitionTimeMap: + additionalProperties: + type: string + description: |- + ReplicaTransitionTimeMap records the time a replica in ReplicaModeMap transitions from one mode to another (or + from not being in the ReplicaModeMap to being in it). This information is sometimes required by other controllers + (e.g. the volume controller uses it to determine the correct value for replica.Spec.lastHealthyAt). + type: object + restoreStatus: + additionalProperties: + properties: + backupURL: + type: string + currentRestoringBackup: + type: string + error: + type: string + filename: + type: string + isRestoring: + type: boolean + lastRestored: + type: string + progress: + type: integer + state: + type: string + type: object + nullable: true + type: object + salvageExecuted: + type: boolean + snapshotMaxCount: + type: integer + snapshotMaxSize: + format: int64 + type: string + snapshots: + additionalProperties: + properties: + children: + additionalProperties: + type: boolean + nullable: true + type: object + created: + type: string + labels: + additionalProperties: + type: string + nullable: true + type: object + name: + type: string + parent: + type: string + removed: + type: boolean + size: + type: string + usercreated: + type: boolean + type: object + nullable: true + type: object + snapshotsError: + type: string + started: + type: boolean + storageIP: + type: string + unmapMarkSnapChainRemovedEnabled: + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: instancemanagers.longhorn.io +spec: + group: longhorn.io + names: + kind: InstanceManager + listKind: InstanceManagerList + plural: instancemanagers + shortNames: + - lhim + singular: instancemanager + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The state of the instance manager + jsonPath: .status.currentState + name: State + type: string + - description: The type of the instance manager (engine or replica) + jsonPath: .spec.type + name: Type + type: string + - description: The node that the instance manager is running on + jsonPath: .spec.nodeID + name: Node + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: InstanceManager is where Longhorn stores instance manager object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The data engine of the instance manager + jsonPath: .spec.dataEngine + name: Data Engine + type: string + - description: The state of the instance manager + jsonPath: .status.currentState + name: State + type: string + - description: The type of the instance manager (engine or replica) + jsonPath: .spec.type + name: Type + type: string + - description: The node that the instance manager is running on + jsonPath: .spec.nodeID + name: Node + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: InstanceManager is where Longhorn stores instance manager object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: InstanceManagerSpec defines the desired state of the Longhorn + instance manager + properties: + dataEngine: + type: string + dataEngineSpec: + properties: + v2: + properties: + cpuMask: + type: string + type: object + type: object + image: + type: string + nodeID: + type: string + type: + enum: + - aio + - engine + - replica + type: string + type: object + status: + description: InstanceManagerStatus defines the observed state of the Longhorn + instance manager + properties: + apiMinVersion: + type: integer + apiVersion: + type: integer + backingImages: + additionalProperties: + properties: + currentChecksum: + type: string + diskUUID: + type: string + message: + type: string + name: + type: string + progress: + type: integer + size: + format: int64 + type: integer + state: + type: string + uuid: + type: string + type: object + nullable: true + type: object + currentState: + type: string + dataEngineStatus: + properties: + v2: + properties: + cpuMask: + type: string + type: object + type: object + instanceEngines: + additionalProperties: + properties: + spec: + properties: + backendStoreDriver: + description: Deprecated:Replaced by field `dataEngine`. + type: string + dataEngine: + type: string + name: + type: string + type: object + status: + properties: + conditions: + additionalProperties: + type: boolean + nullable: true + type: object + endpoint: + type: string + errorMsg: + type: string + listen: + type: string + portEnd: + format: int32 + type: integer + portStart: + format: int32 + type: integer + resourceVersion: + format: int64 + type: integer + state: + type: string + targetPortEnd: + format: int32 + type: integer + targetPortStart: + format: int32 + type: integer + type: + type: string + type: object + type: object + nullable: true + type: object + instanceReplicas: + additionalProperties: + properties: + spec: + properties: + backendStoreDriver: + description: Deprecated:Replaced by field `dataEngine`. + type: string + dataEngine: + type: string + name: + type: string + type: object + status: + properties: + conditions: + additionalProperties: + type: boolean + nullable: true + type: object + endpoint: + type: string + errorMsg: + type: string + listen: + type: string + portEnd: + format: int32 + type: integer + portStart: + format: int32 + type: integer + resourceVersion: + format: int64 + type: integer + state: + type: string + targetPortEnd: + format: int32 + type: integer + targetPortStart: + format: int32 + type: integer + type: + type: string + type: object + type: object + nullable: true + type: object + instances: + additionalProperties: + properties: + spec: + properties: + backendStoreDriver: + description: Deprecated:Replaced by field `dataEngine`. + type: string + dataEngine: + type: string + name: + type: string + type: object + status: + properties: + conditions: + additionalProperties: + type: boolean + nullable: true + type: object + endpoint: + type: string + errorMsg: + type: string + listen: + type: string + portEnd: + format: int32 + type: integer + portStart: + format: int32 + type: integer + resourceVersion: + format: int64 + type: integer + state: + type: string + targetPortEnd: + format: int32 + type: integer + targetPortStart: + format: int32 + type: integer + type: + type: string + type: object + type: object + description: 'Deprecated: Replaced by InstanceEngines and InstanceReplicas' + nullable: true + type: object + ip: + type: string + ownerID: + type: string + proxyApiMinVersion: + type: integer + proxyApiVersion: + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: nodes.longhorn.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: longhorn-conversion-webhook + namespace: longhorn-system + path: /v1/webhook/conversion + port: 9501 + conversionReviewVersions: + - v1beta2 + - v1beta1 + group: longhorn.io + names: + kind: Node + listKind: NodeList + plural: nodes + shortNames: + - lhn + singular: node + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Indicate whether the node is ready + jsonPath: .status.conditions['Ready']['status'] + name: Ready + type: string + - description: Indicate whether the user disabled/enabled replica scheduling for + the node + jsonPath: .spec.allowScheduling + name: AllowScheduling + type: boolean + - description: Indicate whether Longhorn can schedule replicas on the node + jsonPath: .status.conditions['Schedulable']['status'] + name: Schedulable + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Node is where Longhorn stores Longhorn node object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Indicate whether the node is ready + jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - description: Indicate whether the user disabled/enabled replica scheduling for + the node + jsonPath: .spec.allowScheduling + name: AllowScheduling + type: boolean + - description: Indicate whether Longhorn can schedule replicas on the node + jsonPath: .status.conditions[?(@.type=='Schedulable')].status + name: Schedulable + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: Node is where Longhorn stores Longhorn node object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NodeSpec defines the desired state of the Longhorn node + properties: + allowScheduling: + type: boolean + disks: + additionalProperties: + properties: + allowScheduling: + type: boolean + diskDriver: + enum: + - "" + - auto + - aio + type: string + diskType: + enum: + - filesystem + - block + type: string + evictionRequested: + type: boolean + path: + type: string + storageReserved: + format: int64 + type: integer + tags: + items: + type: string + type: array + type: object + type: object + evictionRequested: + type: boolean + instanceManagerCPURequest: + type: integer + name: + type: string + tags: + items: + type: string + type: array + type: object + status: + description: NodeStatus defines the observed state of the Longhorn node + properties: + autoEvicting: + type: boolean + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + diskStatus: + additionalProperties: + properties: + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from + one status to another. + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the + condition's last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + diskDriver: + type: string + diskName: + type: string + diskPath: + type: string + diskType: + type: string + diskUUID: + type: string + filesystemType: + type: string + instanceManagerName: + type: string + scheduledBackingImage: + additionalProperties: + format: int64 + type: integer + nullable: true + type: object + scheduledReplica: + additionalProperties: + format: int64 + type: integer + nullable: true + type: object + storageAvailable: + format: int64 + type: integer + storageMaximum: + format: int64 + type: integer + storageScheduled: + format: int64 + type: integer + type: object + nullable: true + type: object + region: + type: string + snapshotCheckStatus: + properties: + lastPeriodicCheckedAt: + format: date-time + type: string + type: object + zone: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: orphans.longhorn.io +spec: + group: longhorn.io + names: + kind: Orphan + listKind: OrphanList + plural: orphans + shortNames: + - lho + singular: orphan + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The type of the orphan + jsonPath: .spec.orphanType + name: Type + type: string + - description: The node that the orphan is on + jsonPath: .spec.nodeID + name: Node + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Orphan is where Longhorn stores orphan object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: OrphanSpec defines the desired state of the Longhorn orphaned + data + properties: + nodeID: + description: The node ID on which the controller is responsible to + reconcile this orphan CR. + type: string + orphanType: + description: |- + The type of the orphaned data. + Can be "replica". + type: string + parameters: + additionalProperties: + type: string + description: The parameters of the orphaned data + type: object + type: object + status: + description: OrphanStatus defines the observed state of the Longhorn orphaned + data + properties: + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + ownerID: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: recurringjobs.longhorn.io +spec: + group: longhorn.io + names: + kind: RecurringJob + listKind: RecurringJobList + plural: recurringjobs + shortNames: + - lhrj + singular: recurringjob + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Sets groupings to the jobs. When set to "default" group will be + added to the volume label when no other job label exist in volume + jsonPath: .spec.groups + name: Groups + type: string + - description: Should be one of "backup" or "snapshot" + jsonPath: .spec.task + name: Task + type: string + - description: The cron expression represents recurring job scheduling + jsonPath: .spec.cron + name: Cron + type: string + - description: The number of snapshots/backups to keep for the volume + jsonPath: .spec.retain + name: Retain + type: integer + - description: The concurrent job to run by each cron job + jsonPath: .spec.concurrency + name: Concurrency + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Specify the labels + jsonPath: .spec.labels + name: Labels + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: RecurringJob is where Longhorn stores recurring job object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Sets groupings to the jobs. When set to "default" group will be + added to the volume label when no other job label exist in volume + jsonPath: .spec.groups + name: Groups + type: string + - description: Should be one of "snapshot", "snapshot-force-create", "snapshot-cleanup", + "snapshot-delete", "backup", "backup-force-create" or "filesystem-trim" + jsonPath: .spec.task + name: Task + type: string + - description: The cron expression represents recurring job scheduling + jsonPath: .spec.cron + name: Cron + type: string + - description: The number of snapshots/backups to keep for the volume + jsonPath: .spec.retain + name: Retain + type: integer + - description: The concurrent job to run by each cron job + jsonPath: .spec.concurrency + name: Concurrency + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Specify the labels + jsonPath: .spec.labels + name: Labels + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: RecurringJob is where Longhorn stores recurring job object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: RecurringJobSpec defines the desired state of the Longhorn + recurring job + properties: + concurrency: + description: The concurrency of taking the snapshot/backup. + type: integer + cron: + description: The cron setting. + type: string + groups: + description: The recurring job group. + items: + type: string + type: array + labels: + additionalProperties: + type: string + description: The label of the snapshot/backup. + type: object + name: + description: The recurring job name. + type: string + parameters: + additionalProperties: + type: string + description: |- + The parameters of the snapshot/backup. + Support parameters: "full-backup-interval". + type: object + retain: + description: The retain count of the snapshot/backup. + type: integer + task: + description: |- + The recurring job task. + Can be "snapshot", "snapshot-force-create", "snapshot-cleanup", "snapshot-delete", "backup", "backup-force-create" or "filesystem-trim" + enum: + - snapshot + - snapshot-force-create + - snapshot-cleanup + - snapshot-delete + - backup + - backup-force-create + - filesystem-trim + type: string + type: object + status: + description: RecurringJobStatus defines the observed state of the Longhorn + recurring job + properties: + executionCount: + description: The number of jobs that have been triggered. + type: integer + ownerID: + description: The owner ID which is responsible to reconcile this recurring + job CR. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: replicas.longhorn.io +spec: + group: longhorn.io + names: + kind: Replica + listKind: ReplicaList + plural: replicas + shortNames: + - lhr + singular: replica + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The current state of the replica + jsonPath: .status.currentState + name: State + type: string + - description: The node that the replica is on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The disk that the replica is on + jsonPath: .spec.diskID + name: Disk + type: string + - description: The instance manager of the replica + jsonPath: .status.instanceManagerName + name: InstanceManager + type: string + - description: The current image of the replica + jsonPath: .status.currentImage + name: Image + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Replica is where Longhorn stores replica object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The data engine of the replica + jsonPath: .spec.dataEngine + name: Data Engine + type: string + - description: The current state of the replica + jsonPath: .status.currentState + name: State + type: string + - description: The node that the replica is on + jsonPath: .spec.nodeID + name: Node + type: string + - description: The disk that the replica is on + jsonPath: .spec.diskID + name: Disk + type: string + - description: The instance manager of the replica + jsonPath: .status.instanceManagerName + name: InstanceManager + type: string + - description: The current image of the replica + jsonPath: .status.currentImage + name: Image + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: Replica is where Longhorn stores replica object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ReplicaSpec defines the desired state of the Longhorn replica + properties: + active: + type: boolean + backendStoreDriver: + description: Deprecated:Replaced by field `dataEngine`. + type: string + backingImage: + type: string + dataDirectoryName: + type: string + dataEngine: + enum: + - v1 + - v2 + type: string + desireState: + type: string + diskID: + type: string + diskPath: + type: string + engineImage: + description: 'Deprecated: Replaced by field `image`.' + type: string + engineName: + type: string + evictionRequested: + type: boolean + failedAt: + description: |- + FailedAt is set when a running replica fails or when a running engine is unable to use a replica for any reason. + FailedAt indicates the time the failure occurred. When FailedAt is set, a replica is likely to have useful + (though possibly stale) data. A replica with FailedAt set must be rebuilt from a non-failed replica (or it can + be used in a salvage if all replicas are failed). FailedAt is cleared before a rebuild or salvage. FailedAt may + be later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume + controller acknowledges the change. + type: string + hardNodeAffinity: + type: string + healthyAt: + description: |- + HealthyAt is set the first time a replica becomes read/write in an engine after creation or rebuild. HealthyAt + indicates the time the last successful rebuild occurred. When HealthyAt is set, a replica is likely to have + useful (though possibly stale) data. HealthyAt is cleared before a rebuild. HealthyAt may be later than the + corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller + acknowledges the change. + type: string + image: + type: string + lastFailedAt: + description: |- + LastFailedAt is always set at the same time as FailedAt. Unlike FailedAt, LastFailedAt is never cleared. + LastFailedAt is not a reliable indicator of the state of a replica's data. For example, a replica with + LastFailedAt may already be healthy and in use again. However, because it is never cleared, it can be compared to + LastHealthyAt to help prevent dangerous replica deletion in some corner cases. LastFailedAt may be later than the + corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume controller + acknowledges the change. + type: string + lastHealthyAt: + description: |- + LastHealthyAt is set every time a replica becomes read/write in an engine. Unlike HealthyAt, LastHealthyAt is + never cleared. LastHealthyAt is not a reliable indicator of the state of a replica's data. For example, a + replica with LastHealthyAt set may be in the middle of a rebuild. However, because it is never cleared, it can be + compared to LastFailedAt to help prevent dangerous replica deletion in some corner cases. LastHealthyAt may be + later than the corresponding entry in an engine's replicaTransitionTimeMap because it is set when the volume + controller acknowledges the change. + type: string + logRequested: + type: boolean + migrationEngineName: + description: |- + MigrationEngineName is indicating the migrating engine which current connected to this replica. This is only + used for live migration of v2 data engine + type: string + nodeID: + type: string + rebuildRetryCount: + type: integer + revisionCounterDisabled: + type: boolean + salvageRequested: + type: boolean + snapshotMaxCount: + type: integer + snapshotMaxSize: + format: int64 + type: string + unmapMarkDiskChainRemovedEnabled: + type: boolean + volumeName: + type: string + volumeSize: + format: int64 + type: string + type: object + status: + description: ReplicaStatus defines the observed state of the Longhorn + replica + properties: + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + currentImage: + type: string + currentState: + type: string + evictionRequested: + description: 'Deprecated: Replaced by field `spec.evictionRequested`.' + type: boolean + instanceManagerName: + type: string + ip: + type: string + logFetched: + type: boolean + ownerID: + type: string + port: + type: integer + salvageExecuted: + type: boolean + started: + type: boolean + storageIP: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: settings.longhorn.io +spec: + group: longhorn.io + names: + kind: Setting + listKind: SettingList + plural: settings + shortNames: + - lhs + singular: setting + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The value of the setting + jsonPath: .value + name: Value + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Setting is where Longhorn stores setting object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + value: + type: string + required: + - value + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The value of the setting + jsonPath: .value + name: Value + type: string + - description: The setting is applied + jsonPath: .status.applied + name: Applied + type: boolean + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: Setting is where Longhorn stores setting object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + status: + description: The status of the setting. + properties: + applied: + description: The setting is applied. + type: boolean + required: + - applied + type: object + value: + description: The value of the setting. + type: string + required: + - value + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: sharemanagers.longhorn.io +spec: + group: longhorn.io + names: + kind: ShareManager + listKind: ShareManagerList + plural: sharemanagers + shortNames: + - lhsm + singular: sharemanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The state of the share manager + jsonPath: .status.state + name: State + type: string + - description: The node that the share manager is owned by + jsonPath: .status.ownerID + name: Node + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ShareManager is where Longhorn stores share manager object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The state of the share manager + jsonPath: .status.state + name: State + type: string + - description: The node that the share manager is owned by + jsonPath: .status.ownerID + name: Node + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: ShareManager is where Longhorn stores share manager object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ShareManagerSpec defines the desired state of the Longhorn + share manager + properties: + image: + description: Share manager image used for creating a share manager + pod + type: string + type: object + status: + description: ShareManagerStatus defines the observed state of the Longhorn + share manager + properties: + endpoint: + description: NFS endpoint that can access the mounted filesystem of + the volume + type: string + ownerID: + description: The node ID on which the controller is responsible to + reconcile this share manager resource + type: string + state: + description: The state of the share manager resource + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: snapshots.longhorn.io +spec: + group: longhorn.io + names: + kind: Snapshot + listKind: SnapshotList + plural: snapshots + shortNames: + - lhsnap + singular: snapshot + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The volume that this snapshot belongs to + jsonPath: .spec.volume + name: Volume + type: string + - description: Timestamp when the point-in-time snapshot was taken + jsonPath: .status.creationTime + name: CreationTime + type: string + - description: Indicates if the snapshot is ready to be used to restore/backup + a volume + jsonPath: .status.readyToUse + name: ReadyToUse + type: boolean + - description: Represents the minimum size of volume required to rehydrate from + this snapshot + jsonPath: .status.restoreSize + name: RestoreSize + type: string + - description: The actual size of the snapshot + jsonPath: .status.size + name: Size + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: Snapshot is the Schema for the snapshots API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: SnapshotSpec defines the desired state of Longhorn Snapshot + properties: + createSnapshot: + description: require creating a new snapshot + type: boolean + labels: + additionalProperties: + type: string + description: The labels of snapshot + nullable: true + type: object + volume: + description: |- + the volume that this snapshot belongs to. + This field is immutable after creation. + type: string + required: + - volume + type: object + status: + description: SnapshotStatus defines the observed state of Longhorn Snapshot + properties: + checksum: + type: string + children: + additionalProperties: + type: boolean + nullable: true + type: object + creationTime: + type: string + error: + type: string + labels: + additionalProperties: + type: string + nullable: true + type: object + markRemoved: + type: boolean + ownerID: + type: string + parent: + type: string + readyToUse: + type: boolean + restoreSize: + format: int64 + type: integer + size: + format: int64 + type: integer + userCreated: + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: supportbundles.longhorn.io +spec: + group: longhorn.io + names: + kind: SupportBundle + listKind: SupportBundleList + plural: supportbundles + shortNames: + - lhbundle + singular: supportbundle + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The state of the support bundle + jsonPath: .status.state + name: State + type: string + - description: The issue URL + jsonPath: .spec.issueURL + name: Issue + type: string + - description: A brief description of the issue + jsonPath: .spec.description + name: Description + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: SupportBundle is where Longhorn stores support bundle object + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: SupportBundleSpec defines the desired state of the Longhorn + SupportBundle + properties: + description: + description: A brief description of the issue + type: string + issueURL: + description: The issue URL + nullable: true + type: string + nodeID: + description: The preferred responsible controller node ID. + type: string + required: + - description + type: object + status: + description: SupportBundleStatus defines the observed state of the Longhorn + SupportBundle + properties: + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + type: array + filename: + type: string + filesize: + format: int64 + type: integer + image: + description: The support bundle manager image + type: string + managerIP: + description: The support bundle manager IP + type: string + ownerID: + description: The current responsible controller node ID + type: string + progress: + type: integer + state: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: systembackups.longhorn.io +spec: + group: longhorn.io + names: + kind: SystemBackup + listKind: SystemBackupList + plural: systembackups + shortNames: + - lhsb + singular: systembackup + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The system backup Longhorn version + jsonPath: .status.version + name: Version + type: string + - description: The system backup state + jsonPath: .status.state + name: State + type: string + - description: The system backup creation time + jsonPath: .status.createdAt + name: Created + type: string + - description: The last time that the system backup was synced into the cluster + jsonPath: .status.lastSyncedAt + name: LastSyncedAt + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: SystemBackup is where Longhorn stores system backup object + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: SystemBackupSpec defines the desired state of the Longhorn + SystemBackup + properties: + volumeBackupPolicy: + description: |- + The create volume backup policy + Can be "if-not-present", "always" or "disabled" + nullable: true + type: string + type: object + status: + description: SystemBackupStatus defines the observed state of the Longhorn + SystemBackup + properties: + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + createdAt: + description: The system backup creation time. + format: date-time + type: string + gitCommit: + description: The saved Longhorn manager git commit. + nullable: true + type: string + lastSyncedAt: + description: The last time that the system backup was synced into + the cluster. + format: date-time + nullable: true + type: string + managerImage: + description: The saved manager image. + type: string + ownerID: + description: The node ID of the responsible controller to reconcile + this SystemBackup. + type: string + state: + description: The system backup state. + type: string + version: + description: The saved Longhorn version. + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: systemrestores.longhorn.io +spec: + group: longhorn.io + names: + kind: SystemRestore + listKind: SystemRestoreList + plural: systemrestores + shortNames: + - lhsr + singular: systemrestore + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The system restore state + jsonPath: .status.state + name: State + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: SystemRestore is where Longhorn stores system restore object + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: SystemRestoreSpec defines the desired state of the Longhorn + SystemRestore + properties: + systemBackup: + description: The system backup name in the object store. + type: string + required: + - systemBackup + type: object + status: + description: SystemRestoreStatus defines the observed state of the Longhorn + SystemRestore + properties: + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + ownerID: + description: The node ID of the responsible controller to reconcile + this SystemRestore. + type: string + sourceURL: + description: The source system backup URL. + type: string + state: + description: The system restore state. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: volumeattachments.longhorn.io +spec: + group: longhorn.io + names: + kind: VolumeAttachment + listKind: VolumeAttachmentList + plural: volumeattachments + shortNames: + - lhva + singular: volumeattachment + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: VolumeAttachment stores attachment information of a Longhorn + volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VolumeAttachmentSpec defines the desired state of Longhorn + VolumeAttachment + properties: + attachmentTickets: + additionalProperties: + properties: + generation: + description: |- + A sequence number representing a specific generation of the desired state. + Populated by the system. Read-only. + format: int64 + type: integer + id: + description: The unique ID of this attachment. Used to differentiate + different attachments of the same volume. + type: string + nodeID: + description: The node that this attachment is requesting + type: string + parameters: + additionalProperties: + type: string + description: Optional additional parameter for this attachment + type: object + type: + type: string + type: object + type: object + volume: + description: The name of Longhorn volume of this VolumeAttachment + type: string + required: + - volume + type: object + status: + description: VolumeAttachmentStatus defines the observed state of Longhorn + VolumeAttachment + properties: + attachmentTicketStatuses: + additionalProperties: + properties: + conditions: + description: Record any error when trying to fulfill this attachment + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from + one status to another. + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the + condition's last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + generation: + description: |- + A sequence number representing a specific generation of the desired state. + Populated by the system. Read-only. + format: int64 + type: integer + id: + description: The unique ID of this attachment. Used to differentiate + different attachments of the same volume. + type: string + satisfied: + description: Indicate whether this attachment ticket has been + satisfied + type: boolean + required: + - conditions + - satisfied + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + longhorn-manager: "" + name: volumes.longhorn.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: longhorn-conversion-webhook + namespace: longhorn-system + path: /v1/webhook/conversion + port: 9501 + conversionReviewVersions: + - v1beta2 + - v1beta1 + group: longhorn.io + names: + kind: Volume + listKind: VolumeList + plural: volumes + shortNames: + - lhv + singular: volume + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The state of the volume + jsonPath: .status.state + name: State + type: string + - description: The robustness of the volume + jsonPath: .status.robustness + name: Robustness + type: string + - description: The scheduled condition of the volume + jsonPath: .status.conditions['scheduled']['status'] + name: Scheduled + type: string + - description: The size of the volume + jsonPath: .spec.size + name: Size + type: string + - description: The node that the volume is currently attaching to + jsonPath: .status.currentNodeID + name: Node + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Volume is where Longhorn stores volume object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + x-kubernetes-preserve-unknown-fields: true + status: + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: The data engine of the volume + jsonPath: .spec.dataEngine + name: Data Engine + type: string + - description: The state of the volume + jsonPath: .status.state + name: State + type: string + - description: The robustness of the volume + jsonPath: .status.robustness + name: Robustness + type: string + - description: The scheduled condition of the volume + jsonPath: .status.conditions[?(@.type=='Schedulable')].status + name: Scheduled + type: string + - description: The size of the volume + jsonPath: .spec.size + name: Size + type: string + - description: The node that the volume is currently attaching to + jsonPath: .status.currentNodeID + name: Node + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: Volume is where Longhorn stores volume object. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: VolumeSpec defines the desired state of the Longhorn volume + properties: + Standby: + type: boolean + accessMode: + enum: + - rwo + - rwx + type: string + backendStoreDriver: + description: Deprecated:Replaced by field `dataEngine`.' + type: string + backingImage: + type: string + backupCompressionMethod: + enum: + - none + - lz4 + - gzip + type: string + backupTargetName: + description: The backup target name that the volume will be backed + up to or is synced. + type: string + dataEngine: + enum: + - v1 + - v2 + type: string + dataLocality: + enum: + - disabled + - best-effort + - strict-local + type: string + dataSource: + type: string + disableFrontend: + type: boolean + diskSelector: + items: + type: string + type: array + encrypted: + type: boolean + engineImage: + description: 'Deprecated: Replaced by field `image`.' + type: string + freezeFilesystemForSnapshot: + description: Setting that freezes the filesystem on the root partition + before a snapshot is created. + enum: + - ignored + - enabled + - disabled + type: string + fromBackup: + type: string + frontend: + enum: + - blockdev + - iscsi + - nvmf + - "" + type: string + image: + type: string + lastAttachedBy: + type: string + migratable: + type: boolean + migrationNodeID: + type: string + nodeID: + type: string + nodeSelector: + items: + type: string + type: array + numberOfReplicas: + type: integer + replicaAutoBalance: + enum: + - ignored + - disabled + - least-effort + - best-effort + type: string + replicaDiskSoftAntiAffinity: + description: Replica disk soft anti affinity of the volume. Set enabled + to allow replicas to be scheduled in the same disk. + enum: + - ignored + - enabled + - disabled + type: string + replicaSoftAntiAffinity: + description: Replica soft anti affinity of the volume. Set enabled + to allow replicas to be scheduled on the same node. + enum: + - ignored + - enabled + - disabled + type: string + replicaZoneSoftAntiAffinity: + description: Replica zone soft anti affinity of the volume. Set enabled + to allow replicas to be scheduled in the same zone. + enum: + - ignored + - enabled + - disabled + type: string + restoreVolumeRecurringJob: + enum: + - ignored + - enabled + - disabled + type: string + revisionCounterDisabled: + type: boolean + size: + format: int64 + type: string + snapshotDataIntegrity: + enum: + - ignored + - disabled + - enabled + - fast-check + type: string + snapshotMaxCount: + type: integer + snapshotMaxSize: + format: int64 + type: string + staleReplicaTimeout: + type: integer + unmapMarkSnapChainRemoved: + enum: + - ignored + - disabled + - enabled + type: string + type: object + status: + description: VolumeStatus defines the observed state of the Longhorn volume + properties: + actualSize: + format: int64 + type: integer + cloneStatus: + properties: + attemptCount: + type: integer + nextAllowedAttemptAt: + type: string + snapshot: + type: string + sourceVolume: + type: string + state: + type: string + type: object + conditions: + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + type: object + nullable: true + type: array + currentImage: + type: string + currentMigrationNodeID: + description: the node that this volume is currently migrating to + type: string + currentNodeID: + type: string + expansionRequired: + type: boolean + frontendDisabled: + type: boolean + isStandby: + type: boolean + kubernetesStatus: + properties: + lastPVCRefAt: + type: string + lastPodRefAt: + type: string + namespace: + description: determine if PVC/Namespace is history or not + type: string + pvName: + type: string + pvStatus: + type: string + pvcName: + type: string + workloadsStatus: + description: determine if Pod/Workload is history or not + items: + properties: + podName: + type: string + podStatus: + type: string + workloadName: + type: string + workloadType: + type: string + type: object + nullable: true + type: array + type: object + lastBackup: + type: string + lastBackupAt: + type: string + lastDegradedAt: + type: string + ownerID: + type: string + pendingNodeID: + description: Deprecated. + type: string + remountRequestedAt: + type: string + restoreInitiated: + type: boolean + restoreRequired: + type: boolean + robustness: + type: string + shareEndpoint: + type: string + shareState: + type: string + state: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: longhorn/templates/clusterrole.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: longhorn-role + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - "*" +- apiGroups: [""] + resources: ["pods", "events", "persistentvolumes", "persistentvolumeclaims","persistentvolumeclaims/status", "nodes", "proxy/nodes", "pods/log", "secrets", "services", "endpoints", "configmaps", "serviceaccounts"] + verbs: ["*"] +- apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list"] +- apiGroups: ["apps"] + resources: ["daemonsets", "statefulsets", "deployments"] + verbs: ["*"] +- apiGroups: ["batch"] + resources: ["jobs", "cronjobs"] + verbs: ["*"] +- apiGroups: ["policy"] + resources: ["poddisruptionbudgets", "podsecuritypolicies"] + verbs: ["*"] +- apiGroups: ["scheduling.k8s.io"] + resources: ["priorityclasses"] + verbs: ["watch", "list"] +- apiGroups: ["storage.k8s.io"] + resources: ["storageclasses", "volumeattachments", "volumeattachments/status", "csinodes", "csidrivers"] + verbs: ["*"] +- apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses", "volumesnapshots", "volumesnapshotcontents", "volumesnapshotcontents/status"] + verbs: ["*"] +- apiGroups: ["longhorn.io"] + resources: ["volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings", "settings/status", + "engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status", + "sharemanagers", "sharemanagers/status", "backingimages", "backingimages/status", + "backingimagemanagers", "backingimagemanagers/status", "backingimagedatasources", "backingimagedatasources/status", + "backuptargets", "backuptargets/status", "backupvolumes", "backupvolumes/status", "backups", "backups/status", + "recurringjobs", "recurringjobs/status", "orphans", "orphans/status", "snapshots", "snapshots/status", + "supportbundles", "supportbundles/status", "systembackups", "systembackups/status", "systemrestores", "systemrestores/status", + "volumeattachments", "volumeattachments/status", "backupbackingimages", "backupbackingimages/status"] + verbs: ["*"] +- apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["*"] +- apiGroups: ["metrics.k8s.io"] + resources: ["pods", "nodes"] + verbs: ["get", "list"] +- apiGroups: ["apiregistration.k8s.io"] + resources: ["apiservices"] + verbs: ["list", "watch"] +- apiGroups: ["admissionregistration.k8s.io"] + resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] + verbs: ["get", "list", "create", "patch", "delete"] +- apiGroups: ["rbac.authorization.k8s.io"] + resources: ["roles", "rolebindings", "clusterrolebindings", "clusterroles"] + verbs: ["*"] +--- +# Source: longhorn/templates/clusterrolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: longhorn-bind + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: longhorn-role +subjects: +- kind: ServiceAccount + name: longhorn-service-account + namespace: longhorn-system +--- +# Source: longhorn/templates/clusterrolebinding.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: longhorn-support-bundle + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: +- kind: ServiceAccount + name: longhorn-support-bundle + namespace: longhorn-system +--- +# Source: longhorn/templates/daemonset-sa.yaml +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-manager + name: longhorn-backend + namespace: longhorn-system +spec: + type: ClusterIP + selector: + app: longhorn-manager + ports: + - name: manager + port: 9500 + targetPort: manager +--- +# Source: longhorn/templates/deployment-ui.yaml +kind: Service +apiVersion: v1 +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-ui + name: longhorn-frontend + namespace: longhorn-system +spec: + type: NodePort + selector: + app: longhorn-ui + ports: + - name: http + port: 8000 + targetPort: 8000 + nodePort: 30003 +--- +# Source: longhorn/templates/services.yaml +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-conversion-webhook + name: longhorn-conversion-webhook + namespace: longhorn-system +spec: + type: ClusterIP + selector: + longhorn.io/conversion-webhook: longhorn-conversion-webhook + ports: + - name: conversion-webhook + port: 9501 + targetPort: conversion-wh +--- +# Source: longhorn/templates/services.yaml +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-admission-webhook + name: longhorn-admission-webhook + namespace: longhorn-system +spec: + type: ClusterIP + selector: + longhorn.io/admission-webhook: longhorn-admission-webhook + ports: + - name: admission-webhook + port: 9502 + targetPort: admission-wh +--- +# Source: longhorn/templates/services.yaml +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-recovery-backend + name: longhorn-recovery-backend + namespace: longhorn-system +spec: + type: ClusterIP + selector: + longhorn.io/recovery-backend: longhorn-recovery-backend + ports: + - name: recovery-backend + port: 9503 + targetPort: recov-backend +--- +# Source: longhorn/templates/daemonset-sa.yaml +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-manager + name: longhorn-manager + namespace: longhorn-system +spec: + selector: + matchLabels: + app: longhorn-manager + template: + metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-manager + spec: + containers: + - name: longhorn-manager + image: longhornio/longhorn-manager:v1.8.1 + imagePullPolicy: IfNotPresent + securityContext: + privileged: true + command: + - longhorn-manager + - -d + - daemon + - --engine-image + - "longhornio/longhorn-engine:v1.8.1" + - --instance-manager-image + - "longhornio/longhorn-instance-manager:v1.8.1" + - --share-manager-image + - "longhornio/longhorn-share-manager:v1.8.1" + - --backing-image-manager-image + - "longhornio/backing-image-manager:v1.8.1" + - --support-bundle-manager-image + - "longhornio/support-bundle-kit:v0.0.52" + - --manager-image + - "longhornio/longhorn-manager:v1.8.1" + - --service-account + - longhorn-service-account + - --upgrade-version-check + ports: + - containerPort: 9500 + name: manager + - containerPort: 9501 + name: conversion-wh + - containerPort: 9502 + name: admission-wh + - containerPort: 9503 + name: recov-backend + readinessProbe: + httpGet: + path: /v1/healthz + port: 9501 + scheme: HTTPS + volumeMounts: + - name: boot + mountPath: /host/boot/ + readOnly: true + - name: dev + mountPath: /host/dev/ + - name: proc + mountPath: /host/proc/ + readOnly: true + - name: etc + mountPath: /host/etc/ + readOnly: true + - name: longhorn + mountPath: /var/lib/longhorn/ + mountPropagation: Bidirectional + - name: longhorn-grpc-tls + mountPath: /tls-files/ + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: pre-pull-share-manager-image + imagePullPolicy: IfNotPresent + image: longhornio/longhorn-share-manager:v1.8.1 + command: ["sh", "-c", "echo share-manager image pulled && sleep infinity"] + volumes: + - name: boot + hostPath: + path: /boot/ + - name: dev + hostPath: + path: /dev/ + - name: proc + hostPath: + path: /proc/ + - name: etc + hostPath: + path: /etc/ + - name: longhorn + hostPath: + path: /var/lib/longhorn/ + - name: longhorn-grpc-tls + secret: + secretName: longhorn-grpc-tls + optional: true + priorityClassName: "longhorn-critical" + serviceAccountName: longhorn-service-account + updateStrategy: + rollingUpdate: + maxUnavailable: "100%" +--- +# Source: longhorn/templates/deployment-driver.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: longhorn-driver-deployer + namespace: longhorn-system + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 +spec: + replicas: 1 + selector: + matchLabels: + app: longhorn-driver-deployer + template: + metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-driver-deployer + spec: + initContainers: + - name: wait-longhorn-manager + image: longhornio/longhorn-manager:v1.8.1 + command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" http://longhorn-backend:9500/v1) != "200" ]; do echo waiting; sleep 2; done'] + containers: + - name: longhorn-driver-deployer + image: longhornio/longhorn-manager:v1.8.1 + imagePullPolicy: IfNotPresent + command: + - longhorn-manager + - -d + - deploy-driver + - --manager-image + - "longhornio/longhorn-manager:v1.8.1" + - --manager-url + - http://longhorn-backend:9500/v1 + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: SERVICE_ACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName + - name: CSI_ATTACHER_IMAGE + value: "longhornio/csi-attacher:v4.8.1" + - name: CSI_PROVISIONER_IMAGE + value: "longhornio/csi-provisioner:v5.2.0" + - name: CSI_NODE_DRIVER_REGISTRAR_IMAGE + value: "longhornio/csi-node-driver-registrar:v2.13.0" + - name: CSI_RESIZER_IMAGE + value: "longhornio/csi-resizer:v1.13.2" + - name: CSI_SNAPSHOTTER_IMAGE + value: "longhornio/csi-snapshotter:v8.2.0" + - name: CSI_LIVENESS_PROBE_IMAGE + value: "longhornio/livenessprobe:v2.15.0" + priorityClassName: "longhorn-critical" + serviceAccountName: longhorn-service-account + securityContext: + runAsUser: 0 +--- +# Source: longhorn/templates/deployment-ui.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-ui + name: longhorn-ui + namespace: longhorn-system +spec: + replicas: 2 + selector: + matchLabels: + app: longhorn-ui + template: + metadata: + labels: + app.kubernetes.io/name: longhorn + app.kubernetes.io/instance: longhorn + app.kubernetes.io/version: v1.8.1 + app: longhorn-ui + spec: + serviceAccountName: longhorn-ui-service-account + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - longhorn-ui + topologyKey: kubernetes.io/hostname + containers: + - name: longhorn-ui + image: longhornio/longhorn-ui:v1.8.1 + imagePullPolicy: IfNotPresent + volumeMounts: + - name : nginx-cache + mountPath: /var/cache/nginx/ + - name : nginx-config + mountPath: /var/config/nginx/ + - name: var-run + mountPath: /var/run/ + ports: + - containerPort: 8000 + name: http + env: + - name: LONGHORN_MANAGER_IP + value: "http://longhorn-backend:9500" + - name: LONGHORN_UI_PORT + value: "8000" + volumes: + - emptyDir: {} + name: nginx-cache + - emptyDir: {} + name: nginx-config + - emptyDir: {} + name: var-run + priorityClassName: "longhorn-critical" +--- +# Source: longhorn/templates/validate-psp-install.yaml +# diff --git a/apps/prettysunflower-website/deployment.yaml b/apps/prettysunflower-website/deployment.yaml new file mode 100644 index 0000000..9759c3f --- /dev/null +++ b/apps/prettysunflower-website/deployment.yaml @@ -0,0 +1,71 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: prettysunflower-website + namespace: prettysunflower-website + labels: + app.kubernetes.io/name: prettysunflower-website +spec: + replicas: 3 + selector: + matchLabels: + app.kubernetes.io/name: prettysunflower-website + template: + metadata: + labels: + app.kubernetes.io/name: prettysunflower-website + spec: + containers: + - name: website + image: 'git.prettysunflower.moe/prettysunflower/prettysunflower-website:latest' + imagePullPolicy: Always + envFrom: + - secretRef: + name: prettysunflower-website-secret + ports: + - containerPort: 3334 + - name: website-static + image: 'git.prettysunflower.moe/prettysunflower/prettysunflower-website-static:main' + imagePullPolicy: Always + ports: + - containerPort: 8001 + - name: anubis + image: ghcr.io/techarohq/anubis:latest + imagePullPolicy: Always + env: + - name: "BIND" + value: ":8080" + - name: "DIFFICULTY" + value: "4" + - name: ED25519_PRIVATE_KEY_HEX + valueFrom: + secretKeyRef: + name: anubis-key + key: ED25519_PRIVATE_KEY_HEX + - name: "METRICS_BIND" + value: ":9090" + - name: "SERVE_ROBOTS_TXT" + value: "true" + - name: "TARGET" + value: "http://localhost:3334" + - name: "OG_PASSTHROUGH" + value: "true" + - name: "OG_EXPIRY_TIME" + value: "24h" + resources: + limits: + cpu: 750m + memory: 256Mi + requests: + cpu: 250m + memory: 256Mi + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + runAsNonRoot: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault \ No newline at end of file diff --git a/apps/prettysunflower-website/kustomization.yaml b/apps/prettysunflower-website/kustomization.yaml new file mode 100644 index 0000000..c0c3923 --- /dev/null +++ b/apps/prettysunflower-website/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- deployment.yaml +- services.yaml +- secrets.yaml +- namespace.yaml \ No newline at end of file diff --git a/apps/prettysunflower-website/namespace.yaml b/apps/prettysunflower-website/namespace.yaml new file mode 100644 index 0000000..1745ccb --- /dev/null +++ b/apps/prettysunflower-website/namespace.yaml @@ -0,0 +1,6 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: prettysunflower-website + labels: + name: prettysunflower-website \ No newline at end of file diff --git a/apps/prettysunflower-website/secrets.sops.yaml b/apps/prettysunflower-website/secrets.sops.yaml new file mode 100644 index 0000000..5fa0f46 --- /dev/null +++ b/apps/prettysunflower-website/secrets.sops.yaml @@ -0,0 +1,47 @@ +apiVersion: v1 +kind: Secret +metadata: + name: prettysunflower-website-secret + namespace: prettysunflower-website +type: Opaque +data: + GOOGLE_API_KEY: ENC[AES256_GCM,data:Kff/H1QrNmyUoNCgG/DJmYTSluBfQkzATpNYcW+mpXA5igR1TW/8rxBI3pEavbiXq8s5dg==,iv:2w6gt7+r/bQTlWmObBeqkY/8osdAmvKaWUjIm+DjNyc=,tag:rLFP3GiJ+QMGFH81noKutQ==,type:str] +sops: + age: + - recipient: age1r0tjhg6uexyj0p7fp0ftv5h7r7e3ptzkk2797pznfvrvsm576u0s37yyaw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzZXZUZklxb2UyRHA0OSt0 + UXdad2FnQ2RVaVFKWkgvUFduUnVJVkpsZXhjCjF0dUlJTmVvUFVhZ2pueUdBS0t2 + MHZKS29XRkUwTUUwSWNmb28relhxME0KLS0tIFZuT0JCZU9nMFltUk0yTU1zV2U0 + YWdTRm5wdUdBN3BJelZhQUZhWllRTVUKxNufC3hgtybXvB+AL4rqeDCCGsbSTG3Z + f+04lkOLzcLr2sTBueGNG8UfnflSQI1JIrlHAzb7LlNi4vuH3KdFEg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-05-29T22:40:27Z" + mac: ENC[AES256_GCM,data:JtiGrHVD+JJQ5ZwHLCT4rTOu/UoYCscn1Wv0F3E8Q1y9olFXLhq4b9L/vOGe+Wf4/8cl56zf9YnifWR73c71/qnTjsByN/0zqWJjtsDomaxFkGtjLwKbnvvJs3+NyUw1OJGSnL0c79rhEZTkzfFrN/td1hbr/Qho227UvoVOLsc=,iv:YHBAJqUJBz/kzcdNOUPDxaWqEVVmHvkgcjbP2FYwwDA=,tag:OIM5/vlgMCxRYocvy6xjRw==,type:str] + encrypted_regex: ^(data|stringData)$ + version: 3.10.2 +--- +apiVersion: v1 +kind: Secret +metadata: + name: anubis-key + namespace: prettysunflower-website +type: Opaque +data: + ED25519_PRIVATE_KEY_HEX: ENC[AES256_GCM,data:uVHaqVVCLb9j8y/zXo2ZutfYgi8tu1sLJ003yw0l7C+jy/s2hHKkgVwqXMTZRA+Hq0RIRNEwHyswfM8tQ2olmQVlPASEXnT0yW0lAidoZ/xf8fs1Am14vg==,iv:w/ag0nJ3MnP3UUGq6iMNu/qHLr+kt8G/Ntzd6APQCuY=,tag:mAHZM2PGAqHjnp4QVIkqPg==,type:str] +sops: + age: + - recipient: age1r0tjhg6uexyj0p7fp0ftv5h7r7e3ptzkk2797pznfvrvsm576u0s37yyaw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzZXZUZklxb2UyRHA0OSt0 + UXdad2FnQ2RVaVFKWkgvUFduUnVJVkpsZXhjCjF0dUlJTmVvUFVhZ2pueUdBS0t2 + MHZKS29XRkUwTUUwSWNmb28relhxME0KLS0tIFZuT0JCZU9nMFltUk0yTU1zV2U0 + YWdTRm5wdUdBN3BJelZhQUZhWllRTVUKxNufC3hgtybXvB+AL4rqeDCCGsbSTG3Z + f+04lkOLzcLr2sTBueGNG8UfnflSQI1JIrlHAzb7LlNi4vuH3KdFEg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-05-29T22:40:27Z" + mac: ENC[AES256_GCM,data:JtiGrHVD+JJQ5ZwHLCT4rTOu/UoYCscn1Wv0F3E8Q1y9olFXLhq4b9L/vOGe+Wf4/8cl56zf9YnifWR73c71/qnTjsByN/0zqWJjtsDomaxFkGtjLwKbnvvJs3+NyUw1OJGSnL0c79rhEZTkzfFrN/td1hbr/Qho227UvoVOLsc=,iv:YHBAJqUJBz/kzcdNOUPDxaWqEVVmHvkgcjbP2FYwwDA=,tag:OIM5/vlgMCxRYocvy6xjRw==,type:str] + encrypted_regex: ^(data|stringData)$ + version: 3.10.2 diff --git a/apps/prettysunflower-website/services.yaml b/apps/prettysunflower-website/services.yaml new file mode 100644 index 0000000..c258a10 --- /dev/null +++ b/apps/prettysunflower-website/services.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: Service +metadata: + name: website + namespace: prettysunflower-website +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: prettysunflower-website + ports: + - protocol: TCP + port: 80 + targetPort: 8080 + name: anubis +--- +apiVersion: v1 +kind: Service +metadata: + name: static + namespace: prettysunflower-website +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: prettysunflower-website + ports: + - protocol: TCP + port: 80 + targetPort: 8001 + name: anubis-static \ No newline at end of file diff --git a/apps/technitium/deployment.yaml b/apps/technitium/deployment.yaml new file mode 100644 index 0000000..473588d --- /dev/null +++ b/apps/technitium/deployment.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: technitium-dns + labels: + app.kubernetes.io/name: technitium-dns +spec: + replicas: 3 + selector: + matchLabels: + app.kubernetes.io/name: technitium-dns + template: + metadata: + labels: + app.kubernetes.io/name: technitium-dns + spec: + volumes: + - name: technitium-data + persistentVolumeClaim: + claimName: technitium-data-pvc + containers: + - image: technitium/dns-server:latest + name: technitium + ports: + - containerPort: 5380 + - containerPort: 53 + protocol: TCP + - containerPort: 53 + protocol: UDP + volumeMounts: + - name: technitium-data + mountPath: "/etc/dns" diff --git a/apps/technitium/kustomization.yaml b/apps/technitium/kustomization.yaml new file mode 100644 index 0000000..597e9cd --- /dev/null +++ b/apps/technitium/kustomization.yaml @@ -0,0 +1,4 @@ +resources: +- pvc.yaml +- deployment.yaml +- services.yaml \ No newline at end of file diff --git a/apps/technitium/pvc.yaml b/apps/technitium/pvc.yaml new file mode 100644 index 0000000..626bac5 --- /dev/null +++ b/apps/technitium/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: technitium-data-pvc +spec: + accessModes: + - ReadWriteMany + storageClassName: longhorn + resources: + requests: + storage: 1Gi \ No newline at end of file diff --git a/apps/technitium/services.yaml b/apps/technitium/services.yaml new file mode 100644 index 0000000..f833387 --- /dev/null +++ b/apps/technitium/services.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Service +metadata: + name: technitium +spec: + type: NodePort + selector: + app.kubernetes.io/name: technitium-dns + ports: + - protocol: TCP + port: 80 + targetPort: 5380 + nodePort: 30011 + name: http + - protocol: TCP + port: 53 + targetPort: 53 + nodePort: 30012 + name: dns-tcp + - protocol: UDP + port: 53 + targetPort: 53 + nodePort: 30012 + name: dns-udp \ No newline at end of file diff --git a/apps/thelounge/pvc.yaml b/apps/thelounge/pvc.yaml new file mode 100644 index 0000000..379a0c4 --- /dev/null +++ b/apps/thelounge/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: thelounge-pvc +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 2Gi \ No newline at end of file diff --git a/apps/thelounge/services.yaml b/apps/thelounge/services.yaml new file mode 100644 index 0000000..99db8e7 --- /dev/null +++ b/apps/thelounge/services.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: thelounge +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: thelounge + ports: + - protocol: TCP + port: 80 + targetPort: 9000 \ No newline at end of file diff --git a/apps/thelounge/statefulset.yaml b/apps/thelounge/statefulset.yaml new file mode 100644 index 0000000..9b32335 --- /dev/null +++ b/apps/thelounge/statefulset.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: thelounge + labels: + app.kubernetes.io/name: thelounge +spec: + replicas: 1 + serviceName: "thelounge" + selector: + matchLabels: + app.kubernetes.io/name: thelounge + template: + metadata: + labels: + app.kubernetes.io/name: thelounge + spec: + volumes: + - name: thelounge-data + persistentVolumeClaim: + claimName: thelounge-pvc + containers: + - name: thelounge + image: ghcr.io/thelounge/thelounge:latest + imagePullPolicy: Always + ports: + - containerPort: 9000 + volumeMounts: + - name: thelounge-data + mountPath: "/var/opt/thelounge" \ No newline at end of file diff --git a/apps/uptime-kuma/deployment.yaml b/apps/uptime-kuma/deployment.yaml new file mode 100644 index 0000000..e50093f --- /dev/null +++ b/apps/uptime-kuma/deployment.yaml @@ -0,0 +1,33 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: uptime-kuma + namespace: uptime-kuma + labels: + app.kubernetes.io/name: uptime-kuma +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: uptime-kuma + template: + metadata: + labels: + app.kubernetes.io/name: uptime-kuma + spec: + hostAliases: + - ip: "100.113.193.5" + hostnames: + - "mail.prettysunflower.moe" + volumes: + - name: uptime-kuma-data + persistentVolumeClaim: + claimName: uptime-kuma-pvc + containers: + - image: louislam/uptime-kuma:1 + name: uptime-kuma + ports: + - containerPort: 3001 + volumeMounts: + - name: uptime-kuma-data + mountPath: "/app/data" \ No newline at end of file diff --git a/apps/uptime-kuma/kustomization.yaml b/apps/uptime-kuma/kustomization.yaml new file mode 100644 index 0000000..3640902 --- /dev/null +++ b/apps/uptime-kuma/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- deployment.yaml +- services.yaml +- pvc.yaml +- namespace.yaml \ No newline at end of file diff --git a/apps/uptime-kuma/namespace.yaml b/apps/uptime-kuma/namespace.yaml new file mode 100644 index 0000000..3eeff36 --- /dev/null +++ b/apps/uptime-kuma/namespace.yaml @@ -0,0 +1,6 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: uptime-kuma + labels: + name: uptime-kuma \ No newline at end of file diff --git a/apps/uptime-kuma/pvc.yaml b/apps/uptime-kuma/pvc.yaml new file mode 100644 index 0000000..aae2778 --- /dev/null +++ b/apps/uptime-kuma/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: uptime-kuma-pvc + namespace: uptime-kuma +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 3Gi \ No newline at end of file diff --git a/apps/uptime-kuma/services.yaml b/apps/uptime-kuma/services.yaml new file mode 100644 index 0000000..4fcceda --- /dev/null +++ b/apps/uptime-kuma/services.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: uptime-kuma + namespace: uptime-kuma +spec: + type: ClusterIP + selector: + app.kubernetes.io/name: uptime-kuma + ports: + - protocol: TCP + port: 80 + targetPort: 3001 + name: http \ No newline at end of file diff --git a/apps/znc/pvc.yaml b/apps/znc/pvc.yaml new file mode 100644 index 0000000..8141f6f --- /dev/null +++ b/apps/znc/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: znc-pvc +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 2Gi \ No newline at end of file diff --git a/apps/znc/services.yaml b/apps/znc/services.yaml new file mode 100644 index 0000000..dfa7dc7 --- /dev/null +++ b/apps/znc/services.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: znc-service +spec: + type: NodePort + selector: + app.kubernetes.io/name: znc + ports: + - protocol: TCP + port: 4921 + targetPort: 4921 + nodePort: 30004 + name: https + - protocol: TCP + port: 4922 + targetPort: 4922 + nodePort: 30008 + name: http \ No newline at end of file diff --git a/apps/znc/statefulset.yaml b/apps/znc/statefulset.yaml new file mode 100644 index 0000000..0d7e42e --- /dev/null +++ b/apps/znc/statefulset.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: znc + labels: + app.kubernetes.io/name: znc +spec: + replicas: 1 + serviceName: "znc" + selector: + matchLabels: + app.kubernetes.io/name: znc + template: + metadata: + labels: + app.kubernetes.io/name: znc + spec: + volumes: + - name: znc-config + persistentVolumeClaim: + claimName: znc-pvc + containers: + - name: znc + image: znc:latest + imagePullPolicy: Always + ports: + - containerPort: 4921 + volumeMounts: + - name: znc-config + mountPath: "/znc-data" \ No newline at end of file diff --git a/infra/clusterconfig/.gitignore b/infra/clusterconfig/.gitignore new file mode 100644 index 0000000..227c62f --- /dev/null +++ b/infra/clusterconfig/.gitignore @@ -0,0 +1,7 @@ +yakumo-yukari.yaml +yakumo-byakuren.yaml +yakumo-tojiko.yaml +yakumo-chen.yaml +yakumo-ran.yaml +yakumo-fujiwara-no-moukou.yaml +talosconfig diff --git a/infra/tailscale.patch.sops.yaml b/infra/tailscale.patch.sops.yaml new file mode 100644 index 0000000..90e57cb --- /dev/null +++ b/infra/tailscale.patch.sops.yaml @@ -0,0 +1,21 @@ +apiVersion: ENC[AES256_GCM,data:oJNPhgWHrlk=,iv:N63w0eTGkE5CqOYzYU67PzgZwLqudVNGHKlh8IQ0owo=,tag:c7LGt8OaUvk2Nkw2TJ1x0A==,type:str] +kind: ENC[AES256_GCM,data:jdK9MYmBwfyj2URPK2AQMgrYezeXPw==,iv:2znWPT5kP9szEOCxq0GYg+BFCxqVwq9WX8ZeH0BqMFs=,tag:PgkMbyrIZ30jSDgNVj7joA==,type:str] +name: ENC[AES256_GCM,data:6gIyFBDRjkSn,iv:ilUtpwYtBp0UPZ92xifRqi1F+1YCvwF+W1VZDaUSCIA=,tag:n6xkJBOlIvmQP2M3TOVOmQ==,type:str] +environment: + - ENC[AES256_GCM,data:LxwtKRLHfdbmp/J3ajW/24Msrv1x3R8ytTzruFEuhp7gZYgiRvgZHpNssamh9slb+ALNWMosoow+xH8T/Bq5kJak4L9takd0,iv:cxYmo/y7wEJ/lm/8rM72ZoTAaRrr2uHcbgAdDUANiy0=,tag:ntzuhv9tiIb4Ta4JDGQ1AA==,type:str] + - ENC[AES256_GCM,data:cOAOFYpr2Nlwjesd2L1ZMZa4FAOWKeuVa+V5xnZVeh6reblh,iv:foawyP5/c7fFTMA+t+wCEdbYAKBgxXvy/6ETN9KE9yo=,tag:GC2I1PNc4CiMj8SFTDurjw==,type:str] +sops: + age: + - recipient: age1r0tjhg6uexyj0p7fp0ftv5h7r7e3ptzkk2797pznfvrvsm576u0s37yyaw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRTFJnQUZuOXJua0Z6YmZt + YklGVE9TY1lPM3Z3OERGeGlFZzcxaUhQWlV3CnVoenl0cXBaQnJMT1lPYTBsRUJ5 + dHVaWWViWmx6ZWNubDVhSERKalFFYXMKLS0tIEUyaDZ6R0VJTnRHMHRSYU5DSWpp + cW91L05QcFFkK1NwdG9GSEVVYlVNUXcKvgOu6LmN87ZDK4QbayvTY85v+II1eKDt + hWYQyZphg9QuedD7V7bHcd3lzTSSXITIt1/D3lAWXOe+mbYsOS1Q1A== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-05-29T22:49:39Z" + mac: ENC[AES256_GCM,data:efiVYu5nOzqewrkzlt46i2RE5rYHoSI3x4mux83nWlMcbw1k5dFcMnHOkjnNeMC5z2Jy1RJLw4nXi1l6LvC7kCsjHdUId58gXbqgJmADQmF9KFJDQ3tulQZhKNvU4J+Cm+EZIRtCCISnIpoc/CqprcUELHbp/86cFhqIZRjuTGg=,iv:X7sNIjTuiYx5qDX6rdUjEX6PT0d8tvILPLAn3H+5d5k=,tag:WhsiN8u8Itv6LKTDqTZKsw==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/infra/talconfig.yaml b/infra/talconfig.yaml new file mode 100644 index 0000000..6b6eef3 --- /dev/null +++ b/infra/talconfig.yaml @@ -0,0 +1,100 @@ +--- +clusterName: yakumo +talosVersion: v1.10.3 +kubernetesVersion: v1.33.1 +endpoint: https://10.0.0.240:6443 +domain: yakumo.prettysunflower.moe +allowSchedulingOnControlPlanes: false +clusterPodNets: + - 10.244.0.0/16 +clusterSvcNets: + - 10.96.0.0/12 +patches: + - |- + - op: add + path: /machine/network/kubespan + value: + enabled: true + - op: add + path: /machine/features/hostDNS + value: + forwardKubeDNSToHost: false +nodes: + - hostname: yukari + ipAddress: 10.0.0.240 + controlPlane: true + arch: amd64 + installDisk: /dev/sda + nodeLabels: + location: yul + - hostname: byakuren + ipAddress: 10.0.15.33 + controlPlane: true + arch: amd64 + installDisk: /dev/sda + nodeLabels: + location: fsn + - hostname: tojiko + ipAddress: 10.0.15.35 + controlPlane: true + arch: amd64 + installDisk: /dev/sda + nodeLabels: + location: fsn + - hostname: chen + ipAddress: 10.0.15.32 + controlPlane: false + arch: amd64 + installDisk: /dev/sda + nodeLabels: + location: fsn + - hostname: ran + ipAddress: 10.0.0.241 + controlPlane: false + arch: amd64 + installDisk: /dev/sda + nodeLabels: + location: yul + - hostname: fujiwara-no-moukou + ipAddress: 10.0.0.245 + controlPlane: false + arch: amd64 + installDisk: /dev/sda + nodeLabels: + location: yul + +controlPlane: + extraManifests: + - tailscale.patch.yaml + schematic: + customization: + systemExtensions: + officialExtensions: + - siderolabs/iscsi-tools + - siderolabs/qemu-guest-agent + - siderolabs/tailscale + - siderolabs/util-linux-tools + +worker: + extraManifests: + - tailscale.patch.yaml + schematic: + customization: + systemExtensions: + officialExtensions: + - siderolabs/iscsi-tools + - siderolabs/qemu-guest-agent + - siderolabs/tailscale + - siderolabs/util-linux-tools + patches: + - |- + - op: add + path: /machine/kubelet/extraMounts + value: + - destination: /var/lib/longhorn + type: bind + source: /var/lib/longhorn + options: + - bind + - rshared + - rw diff --git a/infra/talsecret.sops.yaml b/infra/talsecret.sops.yaml new file mode 100644 index 0000000..8564d9f --- /dev/null +++ b/infra/talsecret.sops.yaml @@ -0,0 +1,38 @@ +cluster: + id: ENC[AES256_GCM,data:fuY8AWGu+gJ5kagI5DcIr1MPwGsoG/sInRCwimbvhkP/wXUP6qJSInCDgS0=,iv:XRTRwtynyppcrH++VLfnHAfVYYvUNrEEaCa1/iC40Z4=,tag:SUtVQcRwDdBlEUtF3lVhDQ==,type:str] + secret: ENC[AES256_GCM,data:qPBT6oqhEAYT45lg/+tgMrOFO8clxWUJldTsYeADbGFVa/hskihcIGqzQcg=,iv:2Z0IpOTWlDkm5peO7aNlHNpP+l5LNsKVtNG2NuunidQ=,tag:KxjjIDRakDAsNv+j0tFWkw==,type:str] +secrets: + bootstraptoken: ENC[AES256_GCM,data:l+GDB1t3GA6Vxdow4eQwvcXAmN3DuNM=,iv:IC4brNm1HyBENtS3hCHTRA365Szctbnzdv6fUD5SwP4=,tag:Lz5tHGc97VXPBabIahIpYQ==,type:str] + secretboxencryptionsecret: ENC[AES256_GCM,data:K44R4MxFRQ3YvwfMsBFPJ/d6hji4109T/X2YZlq9W/COG+tHR58LhegnzQ4=,iv:Pxpy6a5E6++jH8WppRAJfKjiw1RehQ2Uh9uLES+BdvU=,tag:BS2JkaX23+jIOX2TRfLvLg==,type:str] +trustdinfo: + token: ENC[AES256_GCM,data:+mfvVnRM+fikocPXoOfESyYXix17N7A=,iv:dnvrs6ESVQ0Es/kqiSoynpxvGmxFmcUf4Kk3PVl67uo=,tag:6sENfoBWyzC89I7yLWblBQ==,type:str] +certs: + etcd: + crt: ENC[AES256_GCM,data:tqyLkNTsJGdAUa89zl+eXYeFg/qoKGriTRozKpHIIrsV6wypTb8LHiXVyMsafOPI9DQH/x4kLoUibvqmo9ar/lc42M/Ri1xQUiO3rDBlwAFK0U49FFf0UCLKDUJWt0pbQ4KBXFkFGCpqBx/FbGAbcV3hIMkwKp/Z+Ij3hbK2ieR/P2DZVFBLl1mWChYZSNA93gaSBq58Uye0PuvML/ol07bYc2mDEMWdZ5FhLTes/ScbXN5H5sStLrgV7WdtEZC2VTETXL+nYtCKBl0d+wczqd2rLIRS6OgMrfe1oBQCDXQFQBXF03Tp19F9DtvKe/+qYCco3paA/5SRryV5BrYUMEkkeP0mnMBYTd4oG4mgcJnxZ/JvvtbbEJfKyIKfeNERrHVQT1F98pBPGbfkBqBifKbOIl3swScWM0k8fsbKC8uJBbBUdqtfS51tjk2mYTRAH0nmV7F0YepFkHDvzENTvwvLbsqCrrmY88HJCTMElchFrn7/MbxQZOmtNX6SqwBj8y45U9H11bcdlfdCgV0AYsE7FQz2+lxl8jWeAsBsF6GKayWFh2lGqHzhHsykML6/AvppVPHdK9xwYRFCDVXGjSr3qzXKKDW6tLoKkdUbWsCPZY/f1evz933aEyjs54/FBnDNQ6z0XDDB4kjVrop1V+RBOZ4XWDEzdjC2clMyvXA26b+5fDwlRUQAPtEi0FaHm+HGWPrDBEEr4oBUg+OjF5gQe0xF0klHQiv4suQ1LpOy2Ak3mM2/KyC9Rtz4yK3rtfeoSt56p5LtjMoIEhPnpxaldbuodloaSmKzAeMsK9NKxgqpf2jLBS5HusxSa9oMNywSbEFSOZFltNKBGsbV9yzhYqjMhXQXlU4tT68beFnVIGp/M5kKg4WNRbaKCAllh5s9OirNJktJOzPfCpgnZdo2NpuSd6kZH/ztLT5zvf4gp36pa/2ZnKHNptviJLM07Gvs98xrxXRsWjjE5/GLqG5ei5XGJmmvAfI/yZ8+53rLdZLG0UvddV1BUsXjEYUT6aFH2A==,iv:A4EBCpfmiFWm8K6Syr/ze0JsS5FDIIaFORN0lbWAvyE=,tag:0ow0venLaDsu76WEtyo6Gw==,type:str] + key: ENC[AES256_GCM,data:0nsmCp4BB1TbJctnQpJL8jGhz7D5CHXj2NvNNUHURlvNHZ6xZDKmoWuKNIUPgkvAQMapqvICKqNw9AaWKFfNviGeqFAUBiv2MmM7Iwj6us/rwIGww1OUtKOxTe/RpOXnkbE0RSVp2CFHgHyub4yZqi4byBjuSxVmZwQCowYy1xyRB/fcwcovMoEsyop7Qsdoy7LjxbC7tGCSHnN5lXgCdD2yUgAKPlD6mznsVmA2Yce+sCG5WsCrvEt7OezJZAzyqBFYHlbELw5aVxLBsQOtWpfG6sYzANUkMnIDn/xjYAk7Ybk7UaX+8x1SY7Qh/CgShVy6SY0HilmUIYVYQDg0t4SoAetgagHgoWP8ucn9ZJPTBlyDlBieyhK8oOkS94pxRqlqvbuH0qTZamCUt5GTKw==,iv:pWyXnX8qJWj5FBl3aS7gxUQIQ26+lcm7wEqTcEnuDmk=,tag:COMMktSxqMhv6qh4GA8RZQ==,type:str] + k8s: + crt: ENC[AES256_GCM,data:Wj3OvODUA8FUJZZ9Kx/v4fcEZQmqRG8VHRUQ+Zf6zjsESOII9cDRQNzvo/sS8dGbPSZWP9oVb652TXD2dB1nqPJr49xPskqDmQwFJRzRCOPFYzr6fmMrYLVu5fGmOWxl0iQ8fCTbAlEklkJgmi4I5j5R8yYyXOwn0HN60f9r2EDnXFjo9swvZkdzKnbWGf8xpe+FQVUGvGMwlmeRsf4Ut1vA+f4pSKpWRZh8X3dSuglH+0qhVHBljxi9//P+RUx7srbcKyck9DbKWsZxd/w8ckJqPezWeyHScQcY0PU1zwRbTiuYmHmQjNRMG8PF8o2h8KTtCjPKclv0Ri8GFHTwu27E7zDFnGRK1tb3psqZqtSzDw4vZbZbrXFuVKGqVvrbwsuFipAhjhAziHsvrqSzMFX0Gg331f0xx5apte73DDPT5rq9MED3XeLhNFArNKVMlmlbzzNTSFAsiLFRxoEIDuvlNYG7M21PNeJInSF9tXCf09ax3LHUM54DbeXp/MClixN7eMp9H0fx37rtPsktKVMjvZKWLdeJ2O1dtoS6tJqv87QCRbCSYUkZlX3w5NJJQCjdANlDbopeN7uAoK300+FPgmGuRrGH57gYpmLHkBfokEYIEdhKQylxcBu3h22lqxJrXqPSsegIc+2aW5Zc+p9xbOGte8DyORgQ54i6GmjI+hk8+oHSFvqAyIt31RpDGY9pRDlzLNJzeGgptwVFIriOYklmilmfPdJoHMrbefHyRMIIIurtexB4b2Ru21OoiC2GAePnMOD1SJ5PQgIcn6mOZdVqaj0XWBs5olHfB2FesSIJc+EKXzMHo8FcflNmAFTECa6C0p6VhVcbUY25A+V09jPDuRfEcSCc3DceXkdZjbILNg7QYbDbDR0gO7S9vQCvxxStNq9NNEI+eQ3U77D2Tyj2ODGNsV55YohbklmVE6giCSDPQKa4TQRRYnTu4cbcMcBvddHdirXq10sU1bfQ39T/WzMDBQlF9kdBuFdhyOy/6y5ZoVmMZyWQ2PNNltvjnA27TT+QPOZnWn9BkOOb0vaGQw7r0gGYRg==,iv:nfVMzz9y7KwEKaestqPy+h4TT0nF6hp3sSba8Pxxcz8=,tag:Yjap3lfdK1rpM3PovOkpHw==,type:str] + key: ENC[AES256_GCM,data:Qs8pBKGE3wNonn/ygoJUYtZq/SI28pPNupYpli95ENLOQbxRmu3lwISVrUrOkuHo7v6QKmmEryhvJrlEL8pOLOrHOC/JEqCutErJM/DdizBsdwHR1dwHypFVDruHyYWqJCYBsLA7L4gE3onAh9hhamRHMbqgQlfgUB1kZ5o/4MI6HKd/gie86en3bcW1gCM7WsNO7aYwCmjZ6r3kM9K98spUneaTSbCZ6KFkLArBOmgy3lvG3FZUV25T5jRirzo6KTFDotoHcvDpoUi8VgHbdMN4Fh+UImNGIbF2xTwqr3uPa07LokJ3x3cabX12IfHyRsBu7QEYioUIJvYoFzaVlEH74TQluPcEBf+6gw9CAFcf6cARraiToXOFws4zIi3BWFGVHyMrghXpWo4ohjwR0A==,iv:kuedJH+Z8ykYe4tMcqrgdxG1CPNcfzmwGxVOmdwsPfs=,tag:SFqZ/TlHW0JQWVkIZ6ZhMA==,type:str] + k8saggregator: + crt: ENC[AES256_GCM,data:ZzsM72+qCuZaRKoPkxvZ4ejGqt9TBokzZ0ynBpZERHky0hNEQ8UkylwolTX6nymwx5fDBbabkBdxFKUdjFf1Mm80bMZxNHC/kleJj7J6jD/nfrYRR6gy4vXuPUpyFFslkr+mIOmLa+w0cRCm/E2Z8r71aNtxhV9cUbmQ/MrxN/Wzxc3q+6nd/1B++Q6jc/UG9Lmwp4WbYUKAHt3sqxpzh2csQMeGlgm+OHJlTuJ7zobPFjMnUvFyUNwhfmP7bVoyYh12WbUtMReVyBDkooaW9bpQO46Z2RjhzNTPtmqxuAET8+UytaV7K1BvHFbORRLU2monExhlGvHMjbxi9MYFzUwv4aZ9g4Q3RJx76SLt0KmuHa/l0x9a1JozunI6N4luS8PpF/XfCgWiddCooztvNhmSkqSIeGo8sHJXXpwcZ0TmY1A/g9Lhd9pmZOb1NLLiNl57wnGEoJ8oL1Yjc5ljcxPz86FksI09CbXa/nAPtPcPmmoDZFIxLr1crBa6SuSw3SsLLmwry5XBdSnThSot8iofhfclgBWJxFueqXymbxKrR5EzFyaDMvkt/zi7DhPs6TWTeOcjzjqWAOHKkl8oFHZDdi6xEZ0d/2eFiruiEuVnFY/Pd1cV9MWaI75emg3JxBAcdCV6O6lj3FNHLOLBlSQUeqYlJDFukt9U58UTlxxuJ8W3jSCmHtIy0WCStSXgwOPt1MrghW/fQ6Q5nOrQLRHTC8TyowOBPfOvvIKJ0YM0y38QqMqwbZaoORF6J+7bKQXKZ9GafzvKXK5b+cxWYCsv9R9j9DAXfXEA5St6+QuxNq6wOqxJLdWtZ2BAlQFpCdt7AGDrUnJ577iSNh+Ix+ImWtvH0OLJCtPpglVomQpY9vkzrryLgj5IZjUcN8ZSiJ9nZo/4dgENOt2zNPJo4x2XReaw4+MYJiUkwN02BtDQ4VHXH0sf7g==,iv://ISNiw5O8Rhg+TXLUNns73oZ1Pn/T+ZCUOckUdItwc=,tag:xRXaZ+oPimNcq1WhndLGeA==,type:str] + key: ENC[AES256_GCM,data:Y06+CpSVsARj9jpSb1x1yzXw9JWxQMcEcLrImptZVQJXWD7Zzq0kEfDsUZmjgaq2SPZIy6h8PAty/i/aQW/tZpERQBcmOplzFIoLo8Rz5GT/EtWxhdD8i5hSUyLWJ8mmmDHQ/2oIm4+aLDrskmGvP8S8mXehyiUX136AKaxJCNibRl/+2y49asoobxau2bcLoBrYK9iU+jbdYHgG5awBb/0mwxCuBNU8JJT2bLTIgJwuxU7LFvfDDay5FFBSBNTAf9MapIpagdr0fH2Z+F5P9DADCOZZpkh4kUaf3go0Dfga2FwFR/+Cdm5CQpHZTcTMvHP434dSVGhL+3rB6KPCCVwA8JQ9OgzxaOcNpzi5UJVioTQ7Ddx2iO1YStw1R4FL4iW3R1YpmBgq4EAGM9Xm2g==,iv:DdlXMpj4vm+3DNRYcNUNETiWFFRWibQoFyhmbbvVO5o=,tag:M2fqYeSMeEP8w6ufg7cxug==,type:str] + k8sserviceaccount: + key: ENC[AES256_GCM,data:o2M/njomVKC3CE8ynzkvERI2W12sI8srrzBp1Cv2qo3AIVagDYWBxxlUvviHB290IWwh93eMYS/Dn4fACode4F/pmwb4vUpLXPLS7itG9hLMIgtUEjh9ZWaS8uOvW9SHXQ24sGxEUXLDzsUR7VsAIBRPDhq/R81PSoXnNWw7JvPdihUW3sH9IUmlHKgrYIPG3usCzlT0Nmp1LK6v5L+3khTdkeQdypArCUTM+xbrPw+S9HdctKq9Gx3srio4Ym7DWod+GkSWMc3U9RtXqhtxXgLb477+k1Ic1X8I3lA0a6+2immaIAvkE+o9W3+THOxT5qCj+zUtvdGmrcjvH/mO9+Ep1G4UHnZCeXbK3yhf3EZj2xdLETXPURBg5KZRYZYpKr0nLBxFD5I9lFkkcWOyEwxh29rECm9H+2+jM65jXlVD+xxpIWj2DojjcAoqVLPW2PgCE2JyY8pEhynQ7AMs12djp/5gnRWZJVhg1nmE3ceecMOvsbu3yxrOEB3ybzNYT3TsU09uBHXE6SUoz6UPh+FGD0oscgWG1lDum7iRoQch5IKsXT+2pN5vJVqvaPQWIQAtXM3d20iFBJg5yxXCknJ7QMsK2+jln8C4jYABNInwu+26LgGwPCXkq6p7CyG3Bg3j9hXw52hbIjAEU2c403J7nmyrjqv9BEtKxz8zqgUCrUCQYowYZwGA5x+XbtWh7b+4iUf7vVHKDYidyyEblfCppLbYQKsX9TxWNqva8ii0YtT+6eEZBX4Yzz0kViW0OfXS63szzA9SlnZpJZ43oZ6WAa1rNpfx7Pyags1MU69IxVruND3w0rfdNiLnMT/ypnUe6FApcDrMGyx5odAJHymiwu/SfnHApIY2LD8yQ93rUCUqQUnk0waM+izQ0Z0svUSRqy3XYBziS4V1n62ukFLAkWXuD9NqY51lSwMQk7c7dHFJLbrFAscR5c0nxx44b4WgzXSdu+xntJglJVINRj6GMEibbYUuGeqOLnyYGnoIZP0Q9vz+X5BhqD4leb5WHEfkgAl+HztPjLAcQ/S1KAC48kNF48Q382Bmd3nx5ZHvFiqjNmNQWlUk0DGLznNMlbobxLBXu/IHWkRqgoDh4m45fTa6r0F9Z+01GDOPjm+yVL5yavT/q5Cc2n3ygTL/QCCAtgFi0plvBJtqn6OCS6nd6kj+e/gq4PyUrxPN98oH3RxMUj+ek18IKaY6Dt0PyzE0ZYlrTeP3ROuxv4nxhWumPv/Q9ns1GnE1cgqywLGyOgZGhU/aHoNFnZWR+WAgZp1KAcZ/PjZawONR4JibbNNYlHvAbadWpH6HFOboRcBRGrAOMMsTbMq8/oWgXuxxqm7drzzKzOL4yf5B+3U0IFfcx8xlmGd5n3kROHPsayDmvJpOIhssDzeaBTuYDDI33Cixjs4uFtKlLzR3U+apR/0QMWSvp2I3KCORuIv7Hg8RnKQF8UoneE+XXQ7KZ7wkKXEgCmha4hopHLgofz10FnrgocAChVxuhUYDue4kctrn/ZR0VIOPjMvhtGDlXzXBU6AHYlbfAOwC9xbPCGLPzwiD6ue3ZMf3mvhX1bNS1Qcv+6L++kUVABfqRaj8rViZ/gHh1zgHhR4ITigMS3GufPFrnI/et21W+Xz1LQEvxnO+xJnn7fuM1MmAY1iW415y9SPnDaiW62dzm+f62rUMXPsrHCzr9Yp7obdG71DS0EKyjvUHYDwkGFd9yvPGHibttgb8qjCuU6iLI8hne4fstapsv30VV9JrzUCPeDW0eBpPUcyHKcfNpvI4h8E6be5r4KYxxBJpFzqbTx0dl8gjufSY5fcbbnYdr4825cdBoC7ZSfxfngUdXGdeq5rC92hT50WrvUPGSTCRzUAQD9+IPPQXaRoIcaEleIwqzceIpodHz2H/Ugk2U3a5UsCwqNPU0DmilS5q3SbPIfzuxCq4tyLKwZT4ws+H9aD1ej+LoonRzTSopXLKoNnrSXY3DAPYIqh1KleEQAvjSK+mcruTkhLe+emTHmKdrJOnHoHRad+h8YNdMVbfucx/kzvBRO/VRHtV/jd12Kr4G98CsL8VQInu6066bkwODgf7Qk1YRsb53x+fzbU2LL006d1Ghou475dzhSl/SZuHwUPw7zNGnrkcyiZfZkrvQB8t+ZRuJxrfEmNYRY51eglUWPEQfdF+ra2qARNbryl7WidZTbNozLyAc2G1Ok9zLLCR7tCZm1waLLah6W2VhaaU/7NZhfZzSgBlNFVY//wkl9GGvr/kloSAf7QeEHkm8VEshQB41cALXOiKcpRrQJ08uR7LJBYS0rJzDQ9Eb+V8wpkdvqCp1DJyiTkO4hWMfvqKSVQtKORKCPqJ60yXWnPeGRPDVdbPPPd3dmzRHOdeAqFhmV7JAAZwgU4ag8D1tg/4s4uX7NDlWZ00ecJjRySZEKm0RhaFtmK0oeQbz6yyRzmgZC1l1UYLcl/Y6UxLzXELl03gz7fk7srC3CiQs9y5lhHlcSL7RYfier3wzN2mPzbjLsny5TUSXwt0SK3OTEsY3z51OaQQ+ZXolGSfMIGMK7r4BRAgd/vwyFTCqP1CJGmEFPJjE/R0+H75qQngFryg/zAJvWFFGk2dYWEeDOawYR2Gz5RGqPfgnzIe1SvsbUehJpHr6G6I9WS+ghc8Xp2jF9wBhCqGXDellxNaHhKXTxz1ScXXVf9cWyCjhspRF4WY4gDv4ogez6kxH9bxbIVkGdq30wg8Z1Fbx7qsmqRN2jDeYOoMD14X9ln53lpV5YdMUc0Jh1Zuz0eQzDl8+AvhVdB6VAQIRjZn+ToKwLPYuMMDbrQ9z8GQAH5hbS6nkmc3In1LfGcY3qUPozzO8mfHEZohRkXGRZCK9h2LfF/bpPnrUY8N+oG0yzIrHYqLMYdBvrbgL01e9j8xikapoh1Lfw3p4miC5eDba8SkqZrEs34Vvg+RzhqFx5HX/xswN7VS3DyTM91g2HJPUMPIj6ENWLb3YTHZyzQ6AMZWxPy6NxBEQHw0s+TuYPavqizHVsyfeuwofwnvuQszoHRMNN0oOER+8xqEs8li+THhuwIAmBeSydcO2YFv9EHAwDFvcyj+u1A82f0Z+VVk0DPxLaJhu4C1UxsoV2KLJfuj8JWFaFd7d7xob3SjFK0gfq7tdXxYN1QO+YEUMJbSQP5n5ETLT1Vdmu4W4G2VKvSzwAOpeZcGE7LaKQkoJco9vww3lrNVTT4boGGntPbgItN1s42mV7h54W/sEVF+9vN5bGDPwZ0MxowIe4pUkQ8THYJMDIamYoghNvG8TkDfL7ScQIT7YT/uHHknUuOECwXHCEFwUW+hHk5cSPZJAZs4tzWrq/Kh2R2wfGN9oO4OzxrtBDqjUaBcT3V9iBg9/rDN1JJPPJpzCMR8/zteBt1rmDDOGeFqYo3L9TAd6NrrJl5FtPm6iGMZfh7+1bWTPSsS8cKff9KAr96WDvnArps6+Om0egIErpAX+n/Mg91MUh97xW96BtwqefSZOwTBMeiZWGJcvuFIvIubNNv+syKrz/UUAvIrgz1pcf8eAe5j3ynxMiNlIgodbA/fHaJ221ebGAinYm4oy7L/7S6jjXeNeCoMUkKduYoL/9uKWrJbRPX6+ENmROTn+qD2fzolNkSxhdZD7C7h3MhraR64Z/rz8VUje9MwVuxTwnuYwBbQe4mobOd9AejkLr2SBnCdKhEBUkNIkDi6VtmhctYVSdCPRZL/RLvXE1EEkfkyex83+F/j9wThmAt4HEQPcHn89zvsw6bi/6NXoTvmyohUVkTf4CjJF2lMBbLQL/0a2mWNUElKiL0TQNpjW4B40iWLrUpOCJqatOIzeCqJvCEP9vr4bS3qYZsHRDRuWObE7MMSAZt7vpHAA4W19heD2rXdUbhcAZNBT3REhlNkYRL0e6yVPRR8a6hUH8Y6pjqj0rIyj0R0EnY24/a7xhgqsv2R9xhVrE60wBlms38DwzQ54pFvyLQv6KFMY8GI/ctd9X/9S/nR59rcEuw7RkwinI/S2fWSadPtc8nvzgM+eueCZGgZ6jT9t/Yb8oCplsIisizPNf/mbyxlefdGScmIil72ZSuZ3oJJdTavj0D2k5en7nH77OaMk+OvqAdONBmnOPz42pmh2mqNVMghBfgpgy8qz2OEzxiKUASW/Oq6ULkY+OBnbQgJ6M4SHf5ls8xMzMVP/XQPr4E1+2qrfNvnv7Mte1fgeboh8uda3iNEN8riUxjOoS7w7ZD+Rb7OMMb8KlzFJ0W+p/Z+5nOmCICN1RIy5pJaIojmKF5ZPTLvTHM1jdaUoYYNtU7b3G3PrRYk8TnYuRu6x7CmbiIuKUimXsEHVUIJGWz37hd5biPyVjw7EIzjrCGVUmr+ek1KIa9y/duQSnlecOndLXhZq4z+02E2j3/QJ7R+yUP1fY6HzMkDsOZNUpJU+Cs5kZ8SOb1/lGTE6IFf1GQRG7E+Bh11UoyOP0DFvOf/RbLiTiK3IpYVTW+sU9Lln/lzh0Zjp0LeCGKXlha8VVUrXAaPIdGvqLGR8A0Hb3JZ1c6YTMgLgBSA4ZwIf2nsnizRswdRncI1OrjJ7NSFIleMJDrKAHtBENIVsfCqUvKgWm7W9R9RF/w7uyhS5yziwbz7i48ySWKS3FTzOICE77ZbIH+2/GrxSicCD+uQ8GdeVuS/pGvRiawIIx5NWtuw+65bimE0hPlRkJPVrzCz4s4q2OqXDwleLjsnWd35iZov/2wXmL4YERiUB68SYewUitC4eZT4Ztz1A5Fn9tLb4k2CYMJ7ngClRRjxfEG6tfXMN873pZ5OZN/FmXGGE2h3l0ziNMrFBtbLTvBE16arrmI7V7jXg1y4VU4H7yg8KZFL8z7bUOlX5IOwWg6/wpYlOGhNAbdaDdFUH2mUbTEzBgRS1/XNTp1Ij8RjUWyjORgk915r2rYKVynHtGN2ZDUADQ5OQ/WHiStINgQFzb4MvoE+9YIifutisX15oko2f/ZoU6xd/3w0qNQPVjI02o85F8nLHybLfHfpyTmLGQcfEd8ZInkbuNwKJepO8X/IR1Tz+zOVrrr+2re5UxsfvVRMq/F2NlO3gUf1i9X91bXSinh6MkqwXPdoZarrgynC7zAua5ld2Vh6qAqrqMJc7IWINAv282iqGA1c3A85J9Gh2Jm5es5YN7WtFIn1VAqNcNxitCu2HNAJzLEl0JEa3ENCN8BB06QwKRrxRemdHKE+33vqTAg0SRsfddmR/eLVljOuxl7MVlfNmLiUQWH/naIbSOSw2s76IWFlGqKg7BsQSoJeweFXSZ2WRo8Z/uYZe+9RWw85UsWrw4aufl2tvmykmzOw5CeuURKow2HaLw353LiINDNorkCH2KtvcjkXf1fgqwwC8GIvM0ILSwmGarQHMDdoS8yPOWaBlYIdACTnqPVeSwqltaT53pBtvO6IJqHsiWxXlAnTV6Ofs1YBIZ35LPSLHcyFmUBiKwTgHSMVocvap2uFFAKFLd2zQvcRf0u+GgK3v19zm2MTgmK6zrKlLrN13lRdFHS2yOCj7LR4p4iPoaLYk9VWDWxmCCU+g2I8b6TszWQvjImgaj6GmWn4yi+3FTujjpPhZqEypo0Lu9nBzSDMxr6qpOoBMsW4dHVgmRPl6n5U4XSpBFjQd7n58ZWGhw4pWZR5LxZT43GukuIg0ka4Xb7VO4KGMXnFEqs6Il7Rc7xMmuUGeqixBe7pyTyxg2ulnMFL+EN4XYPeU9OI7IsZRkp4V9PeUBrg63GcRFg8AWGXgV1N/A==,iv:+QaOFpgf9X/dz9ysondyJSSQke9DsuYHl4VVGIxfzDU=,tag:17mrsxKZfagcKFf/nYc/KA==,type:str] + os: + crt: ENC[AES256_GCM,data:LRobi+hExh4lgJfhAK91m4eng8FX0tWXpXwLQt4RuT8ZqZ1I/NUtXV+GCJi/7i0xRRcZo7LrlGfG4FF0mLgx+oBWUUIk78gLmnjL3u8ZZoOZcE6Qt7V30jaGv08+fiLxomSrUTTT64SHC0rE9yw6JNhsjQXo07PgteKfi/G75z8i07LARbvVf3/PX00rosZ+kM1FnqRDpRya+9uPiy3fYquIVB7kCfV/yX4FjXb0JIKcgt7GLT5S1VZCpFKK02+mVNIQJsalhmzjtRII9SrZSp/D653uxBZ2KXdFp1cU1JBXRfjWuYylsiMiEsjMmMsoLCbJ6ZcGNwg9aN2bBK/XkXnXQFMrw1+s9b4zAMxrPUNbekGB3I4y7uEffUg5qy3x43dNj99rYxBLwuaMGpj3B8sSBol+fShqoy5NlHOiToNRN08dy8jzZvjoHTxjJ0gf3xWPQRMhbLVzzrhqDvfwqVBdO/7FQv/OT1e14WhnEj5CTieWlbhMkLTaeZxeRVxs8w4Gg2zu2rwFw5bgNncllmVadYQxmOptg90VGxvlAIObOG75FVD1LAizJBbnqYNjwbAi3y85uMGqVefTBegpcX2kHBoPUXjt7UFefQybXT0dmuQlr2DnchoQq6GjqPCBjmk5Fvl/CMYIXSwsRh5WtkzPG3TqHiF+Uzw/MNSLlWJ/8Q5kyzYeTp7gnKHsyObRhNTDSvzaUWY3Fo9U6o1sND0UWcCf+b2KpC1SubiFQecu1dy/8l5poJqmzV7YQXOEfSAjvgpsSe5nJR4THdzNRht89KisfxxY2/9yI/X2BDAncu50ZBzKrn3dzUiGMVRffZbDrw2bGXC/5Pb5sYUwY89Lc4dVm0/I0Jcj6IW5lYY0XZEA,iv:+150tnx1pNnxWBRUuhXbHgnAGcLMSrsF20XfVUu6auc=,tag:HT/lrswxEdTL4RfxG0mMyQ==,type:str] + key: ENC[AES256_GCM,data:zeoqW8yFPhdodUig+mPpqytnTnIoq/Pi1eFnVReDKRabcU/LtoQ+47jm3Bfnde81PfBLGXg4hcPlDY8/Fm9BnT7XC/W9hUCV2eVsnrkn47Ra9fZhoD0p6RpsG+dGmH9JptYPc8avF6FA6M5u4jjqpZYgA3PakMq24dD6z4AQwHvInL42bN9LbyBJvy56nyGzXlQR3BpiVd82x3y2RY6GLwTzC+IraTclxCe4tOIFn7KQF1ul,iv:UsTFKYnb+kDnaWusTT94+z3AJ+Z2sLly7NEy0cYz4y8=,tag:EVqWw2Jj+OgRo7yAD79uIA==,type:str] +sops: + age: + - recipient: age1r0tjhg6uexyj0p7fp0ftv5h7r7e3ptzkk2797pznfvrvsm576u0s37yyaw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtUlA3czcrZU9zNHVxUG85 + K3hLbnFJWUs2N2VWc3NDZHFtSEdMOS84RERZClRLOEJHN29PT2VaZFErWHNwcWM1 + RDdZajBPUGMva2pjNVpKQ29VNmhrUTgKLS0tIEFURXplajM4OThjTUtFdlVZM1ZO + dmVURHQxbmw4WFVFZ0VFOWZZOUdOZ1UK6jnKy6GV7ImvBoxpCcjtA2rdN5MmxryN + ibnHMg5zcfgdRzgL4iVBi3G4jL8L1Fk+OwDlJjkecRO0TcKF3s2F6Q== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-05-28T15:53:49Z" + mac: ENC[AES256_GCM,data:3kMAJqlJw/vXr3toXrat8RYWGC3x2PsF1tQTFpHURcqjOKH72abhPXklZZpQWKDxXm53VJb7eArR0VfMWIO5iJRmlUCxR7dCFvDSnbYmF73067tNvqw7HLiurfrDB8Cxz7uzRdhpvjvn6pVRvHfnhA8sXCzP7f3D8JtQRuDexns=,iv:iVkecq11q40DDUF5UcMFSBxozdE4xKwu0qTJGf06B04=,tag:esq6Ns8wn84JiL/jib5Ohw==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2