diff --git a/services/pulumi/niployments/index.ts b/services/pulumi/niployments/index.ts index b56ae21..417cb04 100644 --- a/services/pulumi/niployments/index.ts +++ b/services/pulumi/niployments/index.ts @@ -1,6 +1,7 @@ // ementas is an example pulumi service // import "./services/ementas/index.js"; import "./services/tts/index.js"; +import "./resources/nfs-provisioner/charts.js"; import { CommitSignal } from "./utils/pending.js"; CommitSignal.globalParent.resolve(); diff --git a/services/pulumi/niployments/resources/nfs-provisioner/charts.ts b/services/pulumi/niployments/resources/nfs-provisioner/charts.ts new file mode 100644 index 0000000..db18e51 --- /dev/null +++ b/services/pulumi/niployments/resources/nfs-provisioner/charts.ts @@ -0,0 +1,10 @@ +import * as k8s from "@pulumi/kubernetes"; + +export const chart = new k8s.helm.v4.Chart("nfs-provisioner-chart", { + chart: "nfs-subdir-external-provisioner", + skipAwait: true, + repositoryOpts: { + repo: "https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner", + }, + valueYamlFiles: ["./values.yaml"], +}); diff --git a/services/pulumi/niployments/resources/nfs-provisioner/values.yaml b/services/pulumi/niployments/resources/nfs-provisioner/values.yaml new file mode 100644 index 0000000..9efe84e --- /dev/null +++ b/services/pulumi/niployments/resources/nfs-provisioner/values.yaml @@ -0,0 +1,114 @@ +replicaCount: 1 +strategyType: Recreate + +image: + repository: registry.k8s.io/sig-storage/nfs-subdir-external-provisioner + tag: v4.0.2 + pullPolicy: IfNotPresent +imagePullSecrets: [] + +nfs: + server: "10.10.0.5" + path: /mnt/hard-storage/shared_dir + mountOptions: + volumeName: nfs-subdir-external-provisioner-root + # Reclaim policy for the main nfs volume + reclaimPolicy: Retain + +# For creating the StorageClass automatically: +storageClass: + create: true + + # Set a provisioner name. If unset, a name will be generated. + # provisionerName: + + # Set StorageClass as the default StorageClass + # Ignored if storageClass.create is false + defaultClass: false + + # Set a StorageClass name + # Ignored if storageClass.create is false + name: niployments-hdd-nfs + + # Allow volume to be expanded dynamically + allowVolumeExpansion: true + + # Method used to reclaim an obsoleted volume + reclaimPolicy: Delete + + # When set to false your PVs will not be archived by the provisioner upon deletion of the PVC. + archiveOnDelete: true + + # If it exists and has 'delete' value, delete the directory. If it exists and has 'retain' value, save the directory. + # Overrides archiveOnDelete. + # Ignored if value not set. + onDelete: + + # Specifies a template for creating a directory path via PVC metadata's such as labels, annotations, name or namespace. + # Ignored if value not set. + pathPattern: + + # Set access mode - ReadWriteOnce, ReadOnlyMany or ReadWriteMany + accessModes: ReadWriteOnce + + # Set volume bindinng mode - Immediate or WaitForFirstConsumer + volumeBindingMode: Immediate + + # Storage class annotations + annotations: {} + +leaderElection: + # When set to false leader election will be disabled + enabled: true + +## For RBAC support: +rbac: + # Specifies whether RBAC resources should be created + create: true + +# If true, create & use Pod Security Policy resources +# https://kubernetes.io/docs/concepts/policy/pod-security-policy/ +podSecurityPolicy: + enabled: false + +# Deployment pod annotations +podAnnotations: {} + +## Set pod priorityClassName +# priorityClassName: "" + +podSecurityContext: {} + +securityContext: {} + +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + + # Annotations to add to the service account + annotations: {} + + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +# Additional labels for any resource created +labels: {} + +podDisruptionBudget: + enabled: false + maxUnavailable: 1