Refactor noble cluster configurations by removing deprecated Argo CD application management files and transitioning to a streamlined Ansible-driven installation approach. Update kustomization.yaml files to reflect the new structure, ensuring clarity on resource management. Introduce new namespaces and configurations for cert-manager, external-secrets, and logging components, enhancing the overall deployment process. Add detailed README.md documentation for each component to guide users through the setup and management of the noble lab environment.

2026-03-28 17:02:50 -04:00
parent 41841abc84
commit 90fd8fb8a6
59 changed files with 28 additions and 38 deletions
--- a/clusters/noble/bootstrap/loki/namespace.yaml
+++ b/clusters/noble/bootstrap/loki/namespace.yaml
@@ -0,0 +1,9 @@
+# Loki (SingleBinary + filesystem on Longhorn) — apply before Helm.
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: loki
+  labels:
+    pod-security.kubernetes.io/enforce: baseline
+    pod-security.kubernetes.io/audit: baseline
+    pod-security.kubernetes.io/warn: baseline
--- a/clusters/noble/bootstrap/loki/values.yaml
+++ b/clusters/noble/bootstrap/loki/values.yaml
@@ -0,0 +1,78 @@
+# Grafana Loki — noble lab (SingleBinary, filesystem on Longhorn; no MinIO/S3).
+#
+# Chart: grafana/loki — pin version on install (e.g. 6.55.0).
+#
+# kubectl apply -f clusters/noble/apps/loki/namespace.yaml
+# helm repo add grafana https://grafana.github.io/helm-charts
+# helm repo update
+# helm upgrade --install loki grafana/loki -n loki \
+#   --version 6.55.0 -f clusters/noble/apps/loki/values.yaml --wait --timeout 30m
+#
+# Query/push URL for Grafana + Fluent Bit: http://loki-gateway.loki.svc.cluster.local:80
+
+deploymentMode: SingleBinary
+
+loki:
+  # Single-tenant lab: chart default auth_enabled: true requires X-Scope-OrgID on every query/push (Grafana + Fluent Bit break).
+  auth_enabled: false
+  commonConfig:
+    replication_factor: 1
+  storage:
+    type: filesystem
+  schemaConfig:
+    configs:
+      - from: "2024-04-01"
+        store: tsdb
+        object_store: filesystem
+        schema: v13
+        index:
+          prefix: loki_index_
+          period: 24h
+  pattern_ingester:
+    enabled: false
+  limits_config:
+    allow_structured_metadata: true
+    volume_enabled: true
+
+singleBinary:
+  replicas: 1
+  persistence:
+    enabled: true
+    storageClass: longhorn
+    size: 30Gi
+
+backend:
+  replicas: 0
+read:
+  replicas: 0
+write:
+  replicas: 0
+ingester:
+  replicas: 0
+querier:
+  replicas: 0
+queryFrontend:
+  replicas: 0
+queryScheduler:
+  replicas: 0
+distributor:
+  replicas: 0
+compactor:
+  replicas: 0
+indexGateway:
+  replicas: 0
+bloomCompactor:
+  replicas: 0
+bloomGateway:
+  replicas: 0
+
+minio:
+  enabled: false
+
+gateway:
+  enabled: true
+
+# Memcached chunk cache: chart default is ~8Gi RAM requests; even 512Mi can stay Pending on small clusters (affinity).
+# Homelab: disable — Loki works without it; queries may be slightly slower under load.
+chunksCache:
+  enabled: false