Merge pull request #111 from mojaloop/feature/cc-bm

control center on bare metal
mojaloop · Jan 15, 2025 · 6f8c501 · 6f8c501
2 parents 1a904fc + dbfccca
commit 6f8c501
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 11 deletions.
diff --git a/mojaloop/iac/roles/cc_k8s/defaults/main.yaml b/mojaloop/iac/roles/cc_k8s/defaults/main.yaml
@@ -9,6 +9,7 @@ kubeconfig_local_location: "/tmp"
 helmfile_version: "0.165.0"
 helm_version: "3.14.0"
 cluster_cloud_provider: "aws"
+dynamic_secret_platform: "aws"
 netbird_build_server_client_version: "0.28.9"
 install_coredns: true
 coredns_localcache_version: "1.11.3"
@@ -322,7 +323,7 @@ argocd_default:
           vpc_cidr: "0.0.0.0/0"
           db_provider_cloud_region: "eu-west-1"
           postgres_instance_size: "small"
-          postgres_storage_size: "'20'"          
+          postgres_storage_size: "'20'"
         zitadel_cockroachdb_provider:
           app_name: "cockroachdb"
           helm_version: "13.0.2"
@@ -430,7 +431,7 @@ argocd_default:
           gitlab_registry_max_objects: "'1000000'"
           gitlab_registry_storage_size: "10Gi"
           gitlab_runner_cache_max_objects: "'1000000'"
-          gitlab_runner_cache_storage_size: "10Gi"          
+          gitlab_runner_cache_storage_size: "10Gi"
           redis_cluster_size: "'3'"
           redis_storage_size: "'2Gi'"
           gitlab_db_name: "gitlab"
@@ -441,8 +442,8 @@ argocd_default:
           praefect_dbdeploy_name_prefix: "praefect-db"
           rdbms_provider: "percona"
           gitlab_db_secret: "gitlab-postgresql-credentials"
-          praefect_db_secret: "praefect-postgresql-credentials"          
-        webdb_percona_provider:            
+          praefect_db_secret: "praefect-postgresql-credentials"
+        webdb_percona_provider:
           postgres_replicas: "'1'"
           postgres_proxy_replicas: "'1'"
           postgres_storage_size: "100"
@@ -454,7 +455,7 @@ argocd_default:
           postgres_storage_size: "100"
           postgres_instance_size: "small"
           pgdb_helm_version: "2.4.0"
-        webdb_rds_provider:         
+        webdb_rds_provider:
           rdbms_subnet_list: "[]"
           vpc_cidr: "0.0.0.0/0"
           db_provider_cloud_region: "eu-west-1"

diff --git a/mojaloop/iac/roles/cc_k8s/tasks/teardown.yaml b/mojaloop/iac/roles/cc_k8s/tasks/teardown.yaml
@@ -1,12 +1,11 @@
-
 - name: Delete resources before infra teardown
   shell: |
     export KUBECONFIG={{ kubeconfig_location }}/kubeconfig
     kubectl patch application -n {{ fact_argo_merged_config.namespace }} root-deployer --type json --patch='[ { "op": "remove", "path": "/spec/syncPolicy/automated" } ]' || true
     kubectl patch application -n {{ fact_argo_merged_config.namespace }} vault-post-config --type json --patch='[ { "op": "remove", "path": "/spec/syncPolicy/automated" } ]' || true
     kubectl patch application -n {{ fact_argo_merged_config.namespace }} gitlab-pre --type json --patch='[ { "op": "remove", "path": "/spec/syncPolicy/automated" } ]' || true
     kubectl patch application -n {{ fact_argo_merged_config.namespace }} zitadel-pre --type json --patch='[ { "op": "remove", "path": "/spec/syncPolicy/automated" } ]' || true
-    kubectl delete workspaces.tf.upbound.io vault-{{ cluster_cloud_provider }}-post-config
+    kubectl delete workspaces.tf.upbound.io vault-{{ dynamic_secret_platform }}-post-config
     kubectl delete workspaces.tf.upbound.io vault-post-config
     kubectl delete rdsaurorareplicaclaims.infitx.org  -n {{ fact_argo_merged_config.apps['gitlab'].sub_apps['gitlab'].namespace }} --ignore-not-found=true --all
     kubectl delete rdsauroradbclusterclaims.infitx.org  -n {{ fact_argo_merged_config.apps['gitlab'].sub_apps['gitlab'].namespace }} --ignore-not-found=true --all
@@ -15,7 +14,7 @@
     kubectl delete rdsaurorareplicaclaims.infitx.org -n {{ fact_argo_merged_config.apps['security'].sub_apps['zitadel'].namespace }} --ignore-not-found=true --all
     kubectl delete rdsauroradbclusterclaims.infitx.org -n {{ fact_argo_merged_config.apps['security'].sub_apps['zitadel'].namespace }} --ignore-not-found=true --all
     kubectl delete rdsdbclusterclaims.infitx.org -n {{ fact_argo_merged_config.apps['security'].sub_apps['zitadel'].namespace }} --ignore-not-found=true --all
-    sleep 600    
+    sleep 600
   args:
     executable: /bin/bash
   ignore_errors: true
@@ -35,15 +34,14 @@
   args:
     executable: /bin/bash
   ignore_errors: true
-
 # - name: Sleep for 300 seconds and continue with play
 #   ansible.builtin.wait_for:
 #     timeout: 300
 # - name: Pause to finish resources deletion
 #   ansible.builtin.pause:
 #     seconds: 300
 # - name: Wait for vault to be gone
-#   shell: |  
+#   shell: |
 #     export KUBECONFIG={{ kubeconfig_location }}/kubeconfig
 #     kubectl patch workspace netbird-pre-config --type json --patch='[ { "op": "remove", "path": "/metadata/finalizers" } ]' || true
 #     kubectl patch workspace zitadel-post-config --type json --patch='[ { "op": "remove", "path": "/metadata/finalizers" } ]' || true

diff --git a/mojaloop/iac/roles/cc_k8s/templates/argocd/root-app.yaml.j2 b/mojaloop/iac/roles/cc_k8s/templates/argocd/root-app.yaml.j2
@@ -32,7 +32,9 @@ spec:
           - name: cluster_name
             value: {{ cluster_name }}
           - name: cloud_provider
-            value: {{ cluster_cloud_provider }}          
+            value: {{ cluster_cloud_provider }}
+          - name: dynamic_secret_platform
+            value: {{ dynamic_secret_platform }}
           - name: "argocd_repo_url"
             value: "{{ fact_argo_merged_config.gitrepo_host_fqdn }}/{{ fact_argo_merged_config.gitrepo_owner }}/{{ fact_argo_merged_config.gitrepo_repo }}.git"
           - name: "ansible_gitrepo_url"

diff --git a/mojaloop/iac/roles/microk8s/defaults/main.yml b/mojaloop/iac/roles/microk8s/defaults/main.yml
@@ -71,6 +71,9 @@ registry_mirror_port: 9000
 teardown: false
 microk8s_root_path: /var/snap/microk8s/
 longhorn_data_path: /var/lib/longhorn/
+rook_data_path: /var/lib/rook
+rook_disk_vol: "/dev/sdb"
+enable_rook_disk_reset: false
 microk8s_apiserver_port: 16443
 microk8s_dev_skip: false
 dev_skip: false

diff --git a/mojaloop/iac/roles/microk8s/tasks/remove.yml b/mojaloop/iac/roles/microk8s/tasks/remove.yml
@@ -20,3 +20,17 @@
   ansible.builtin.file:
     state: absent
     path: "{{ longhorn_data_path }}"
+
+- name: Remove rook data
+  become: true
+  ansible.builtin.file:
+    state: absent
+    path: "{{ rook_data_path }}"
+
+- name: reset rook vol
+  become: true
+  shell: |
+    wipefs -a {{ rook_disk_vol }}
+    dd if=/dev/zero of="{{ rook_disk_vol }}" bs=1M count=100 oflag=direct,dsync
+    partprobe {{ rook_disk_vol }}
+  when: enable_rook_disk_reset | bool