From 71786da31955f4399044e16d360f13dec7ed6f6f Mon Sep 17 00:00:00 2001 From: Vedit Firat Arig Date: Thu, 26 Oct 2023 01:43:39 +0300 Subject: [PATCH] Added helm chart and moved kustomize files --- .gitignore | 1 + k8s/helm/README.md | 11 ++ k8s/helm/ceramic/.helmignore | 23 +++ k8s/helm/ceramic/Chart.lock | 6 + k8s/helm/ceramic/Chart.yaml | 11 ++ k8s/helm/ceramic/charts/.gitkeep | 0 k8s/helm/ceramic/templates/NOTES.txt | 22 +++ k8s/helm/ceramic/templates/_helpers.tpl | 91 +++++++++ .../templates/compose-admin-secret.yaml | 11 ++ .../ceramic/templates/compose-env-cm.yaml | 12 ++ .../ceramic/templates/compose-init-cm.yaml | 51 +++++ .../ceramic/templates/compose-service.yaml | 15 ++ k8s/helm/ceramic/templates/compose-sts.yaml | 142 ++++++++++++++ k8s/helm/ceramic/templates/ingress.yaml | 61 ++++++ k8s/helm/ceramic/templates/ipfs-service.yaml | 27 +++ k8s/helm/ceramic/templates/ipfs-sts.yaml | 98 ++++++++++ .../ceramic/templates/serviceaccount.yaml | 12 ++ k8s/helm/ceramic/values.yaml | 174 ++++++++++++++++++ k8s/{ => kustomize}/README.md | 2 +- .../base/composedb/compose-init.sh | 0 .../base/composedb/composedb.env | 0 .../base/composedb/create-secrets.sh | 0 .../base/composedb/daemon-config.json | 0 k8s/{ => kustomize}/base/composedb/do-lb.yaml | 0 .../base/composedb/kustomization.yaml | 0 .../base/composedb/manifests/composedb.yaml | 0 .../base/composedb/manifests/ipfs.yaml | 0 .../base/composedb/manifests/postgres.yaml | 0 .../base/opentelemetry/kustomization.yaml | 0 .../base/opentelemetry/opentelemetry.yaml | 0 .../base/opentelemetry/optel-config.yaml | 0 .../overlays/ceramic-hds/create-secrets.sh | 0 .../overlays/ceramic-hds/kustomization.yaml | 0 .../ceramic-hds/manifests/runner.yaml | 0 .../schemas/SmokeTestModel-main.graphql | 0 .../schemas/SmokeTestModel-relation.graphql | 0 .../overlays/ceramic-heap-snapshot/.envrc | 0 .../ceramic-debug-service.yaml | 0 .../ceramic-heap-snapshot/create-secrets.sh | 0 .../ceramic-heap-snapshot/ingress.yaml | 0 .../ceramic-heap-snapshot/kustomization.yaml | 0 .../node-heapsnapshot-cronjob.yaml | 0 .../patches/composedb.yaml | 0 .../ceramic-heap-snapshot/patches/ipfs.yaml | 0 .../ceramic-heap-snapshot/servicemonitor.yaml | 0 .../ceramic-load-generator.yaml | 0 .../compose-init.sh | 0 .../composedb.env | 0 .../daemon-config.json | 0 .../ingress.yaml | 0 .../kustomization.yaml | 0 .../patches/composedb.yaml | 0 .../patches/ipfs.yaml | 0 .../scripts/create-secrets.sh | 0 .../ceramic-load-test/compose-init.sh | 0 .../overlays/ceramic-load-test/composedb.env | 0 .../ceramic-load-test/daemon-config.json | 0 .../overlays/ceramic-load-test/ingress.yaml | 0 .../ceramic-load-test/kustomization.yaml | 0 .../manifests/runner-create.yaml | 0 .../ceramic-load-test/manifests/runner.yaml | 0 .../ceramic-load-test/patches/composedb.yaml | 0 .../ceramic-load-test/patches/ipfs.yaml | 0 .../overlays/ceramic-load-test/runner.env | 0 .../schemas/SmokeTestModel-main.graphql | 0 .../schemas/SmokeTestModel-relation.graphql | 0 .../ceramic-load-test/scripts/create-doc.sh | 0 .../scripts/create-secrets.sh | 0 68 files changed, 769 insertions(+), 1 deletion(-) create mode 100644 .gitignore create mode 100644 k8s/helm/README.md create mode 100644 k8s/helm/ceramic/.helmignore create mode 100644 k8s/helm/ceramic/Chart.lock create mode 100644 k8s/helm/ceramic/Chart.yaml create mode 100644 k8s/helm/ceramic/charts/.gitkeep create mode 100644 k8s/helm/ceramic/templates/NOTES.txt create mode 100644 k8s/helm/ceramic/templates/_helpers.tpl create mode 100644 k8s/helm/ceramic/templates/compose-admin-secret.yaml create mode 100644 k8s/helm/ceramic/templates/compose-env-cm.yaml create mode 100644 k8s/helm/ceramic/templates/compose-init-cm.yaml create mode 100644 k8s/helm/ceramic/templates/compose-service.yaml create mode 100644 k8s/helm/ceramic/templates/compose-sts.yaml create mode 100644 k8s/helm/ceramic/templates/ingress.yaml create mode 100644 k8s/helm/ceramic/templates/ipfs-service.yaml create mode 100644 k8s/helm/ceramic/templates/ipfs-sts.yaml create mode 100644 k8s/helm/ceramic/templates/serviceaccount.yaml create mode 100644 k8s/helm/ceramic/values.yaml rename k8s/{ => kustomize}/README.md (98%) rename k8s/{ => kustomize}/base/composedb/compose-init.sh (100%) rename k8s/{ => kustomize}/base/composedb/composedb.env (100%) rename k8s/{ => kustomize}/base/composedb/create-secrets.sh (100%) rename k8s/{ => kustomize}/base/composedb/daemon-config.json (100%) rename k8s/{ => kustomize}/base/composedb/do-lb.yaml (100%) rename k8s/{ => kustomize}/base/composedb/kustomization.yaml (100%) rename k8s/{ => kustomize}/base/composedb/manifests/composedb.yaml (100%) rename k8s/{ => kustomize}/base/composedb/manifests/ipfs.yaml (100%) rename k8s/{ => kustomize}/base/composedb/manifests/postgres.yaml (100%) rename k8s/{ => kustomize}/base/opentelemetry/kustomization.yaml (100%) rename k8s/{ => kustomize}/base/opentelemetry/opentelemetry.yaml (100%) rename k8s/{ => kustomize}/base/opentelemetry/optel-config.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-hds/create-secrets.sh (100%) rename k8s/{ => kustomize}/overlays/ceramic-hds/kustomization.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-hds/manifests/runner.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-hds/schemas/SmokeTestModel-main.graphql (100%) rename k8s/{ => kustomize}/overlays/ceramic-hds/schemas/SmokeTestModel-relation.graphql (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/.envrc (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/ceramic-debug-service.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/create-secrets.sh (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/ingress.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/kustomization.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/node-heapsnapshot-cronjob.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/patches/composedb.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/patches/ipfs.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-heap-snapshot/servicemonitor.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/ceramic-load-generator.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/compose-init.sh (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/composedb.env (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/daemon-config.json (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/ingress.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/kustomization.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/patches/composedb.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/patches/ipfs.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test-dev-unstable/scripts/create-secrets.sh (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/compose-init.sh (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/composedb.env (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/daemon-config.json (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/ingress.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/kustomization.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/manifests/runner-create.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/manifests/runner.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/patches/composedb.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/patches/ipfs.yaml (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/runner.env (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/schemas/SmokeTestModel-main.graphql (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/schemas/SmokeTestModel-relation.graphql (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/scripts/create-doc.sh (100%) rename k8s/{ => kustomize}/overlays/ceramic-load-test/scripts/create-secrets.sh (100%) diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b0fe24f --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +k8s/helm/ceramic/charts/*.tgz diff --git a/k8s/helm/README.md b/k8s/helm/README.md new file mode 100644 index 0000000..16a6d29 --- /dev/null +++ b/k8s/helm/README.md @@ -0,0 +1,11 @@ +# Helm + +Helm chart for ceramic nodes. + +## Installation + +`helm upgrade -i ceramic . -f values.yaml` + +## Secrets + +Secret management / encryption is left to the user. [sops](https://github.com/getsops/sops) and [helm secrets](https://github.com/jkroepke/helm-secrets) strongly recommended. \ No newline at end of file diff --git a/k8s/helm/ceramic/.helmignore b/k8s/helm/ceramic/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/k8s/helm/ceramic/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/k8s/helm/ceramic/Chart.lock b/k8s/helm/ceramic/Chart.lock new file mode 100644 index 0000000..19b03b9 --- /dev/null +++ b/k8s/helm/ceramic/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: postgresql + repository: oci://registry-1.docker.io/bitnamicharts + version: 12.12.10 +digest: sha256:15969c760981b7095769908d0dd717284552998dcb4460f4f2300f048e37f5a6 +generated: "2023-10-25T22:17:57.286738+03:00" diff --git a/k8s/helm/ceramic/Chart.yaml b/k8s/helm/ceramic/Chart.yaml new file mode 100644 index 0000000..513d378 --- /dev/null +++ b/k8s/helm/ceramic/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: ceramic +description: Helm Package for Ceramic Node +type: application +version: 0.1.0 +appVersion: "1.16.0" +dependencies: + - name: postgresql + version: 12.12.10 + repository: "oci://registry-1.docker.io/bitnamicharts" + condition: postgresql.helm.enabled \ No newline at end of file diff --git a/k8s/helm/ceramic/charts/.gitkeep b/k8s/helm/ceramic/charts/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/k8s/helm/ceramic/templates/NOTES.txt b/k8s/helm/ceramic/templates/NOTES.txt new file mode 100644 index 0000000..ade5ec2 --- /dev/null +++ b/k8s/helm/ceramic/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.composedb.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ceramic.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.composedb.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ceramic.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ceramic.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.composedb.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ceramic.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/k8s/helm/ceramic/templates/_helpers.tpl b/k8s/helm/ceramic/templates/_helpers.tpl new file mode 100644 index 0000000..32de65f --- /dev/null +++ b/k8s/helm/ceramic/templates/_helpers.tpl @@ -0,0 +1,91 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ceramic.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "ceramic.ipfs.name" -}} +{{- printf "%s-ipfs" (include "ceramic.name" .) | trunc 63 -}} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ceramic.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{- define "ceramic.ipfs.fullname" -}} +{{- printf "%s-ipfs" (include "ceramic.fullname" .) | trunc 63 -}} +{{- end -}} +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ceramic.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ceramic.labels" -}} +helm.sh/chart: {{ include "ceramic.chart" . }} +{{ include "ceramic.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ceramic.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ceramic.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Common IPFS labels +*/}} +{{- define "ceramic.ipfs.labels" -}} +helm.sh/chart: {{ include "ceramic.chart" . }} +{{ include "ceramic.ipfs.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector IPFS labels +*/}} +{{- define "ceramic.ipfs.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ceramic.ipfs.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ceramic.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ceramic.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + + diff --git a/k8s/helm/ceramic/templates/compose-admin-secret.yaml b/k8s/helm/ceramic/templates/compose-admin-secret.yaml new file mode 100644 index 0000000..1f89bc3 --- /dev/null +++ b/k8s/helm/ceramic/templates/compose-admin-secret.yaml @@ -0,0 +1,11 @@ +--- +kind: Secret +apiVersion: v1 +metadata: + name: {{ include "ceramic.fullname" . }}-admin + labels: + {{- include "ceramic.labels" . | nindent 4 }} +data: + private-key: {{ .Values.composedb.secret.privateKey | b64enc }} + db-username: {{ .Values.postgresql.auth.username | b64enc }} + db-password: {{ .Values.postgresql.auth.password | b64enc }} \ No newline at end of file diff --git a/k8s/helm/ceramic/templates/compose-env-cm.yaml b/k8s/helm/ceramic/templates/compose-env-cm.yaml new file mode 100644 index 0000000..3fbc989 --- /dev/null +++ b/k8s/helm/ceramic/templates/compose-env-cm.yaml @@ -0,0 +1,12 @@ +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ include "ceramic.fullname" . }}-env + labels: + {{- include "ceramic.labels" . | nindent 4 }} +data: + {{- with .Values.composedb.env }} + {{- toYaml . | nindent 4 }} + {{- end }} + CERAMIC_IPFSHOST: http://{{ include "ceramic.ipfs.fullname" . }}:{{ .Values.ipfs.service.api.port }} \ No newline at end of file diff --git a/k8s/helm/ceramic/templates/compose-init-cm.yaml b/k8s/helm/ceramic/templates/compose-init-cm.yaml new file mode 100644 index 0000000..738822f --- /dev/null +++ b/k8s/helm/ceramic/templates/compose-init-cm.yaml @@ -0,0 +1,51 @@ +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: {{ include "ceramic.fullname" . }}-init + labels: + {{- include "ceramic.labels" . | nindent 4 }} +data: + compose-init.sh: | + #!/bin/bash + + set -eo pipefail + + export CERAMIC_ADMIN_DID=$(composedb did:from-private-key ${CERAMIC_ADMIN_PRIVATE_KEY}) + + CERAMIC_ADMIN_DID=$CERAMIC_ADMIN_DID envsubst < /composedb-init/daemon-config.json > /config/daemon-config.json + daemon-config.json: |- + { + "anchor": {}, + "http-api": { + "cors-allowed-origins": [ + "{{ .Values.composedb.config.corsAllowedOrigins }}" + ], + "admin-dids": [ + "${CERAMIC_ADMIN_DID}" + ] + }, + "ipfs": { + "mode": "remote", + "host": "${CERAMIC_IPFSHOST}" + }, + "logger": { + "log-level": {{ .Values.composedb.config.logLevel }}, + "log-to-files": false + }, + "metrics": { + "metrics-exporter-enabled": {{ .Values.composedb.config.metricsExporterEnabled }} + }, + "network": { + "name": "{{ .Values.composedb.config.network }}" + }, + "node": {}, + "state-store": { + "mode": "fs", + "local-directory": "{{ .Values.composedb.config.stateStorePath }}" + }, + "indexing": { + "db": "postgres://${CERAMIC_INDEXING_DB_USERNAME}:${CERAMIC_INDEXING_DB_PASSWORD}@{{ .Values.postgresql.auth.host }}/{{ .Values.postgresql.auth.database }}", + "allow-queries-before-historical-sync": true + } + } diff --git a/k8s/helm/ceramic/templates/compose-service.yaml b/k8s/helm/ceramic/templates/compose-service.yaml new file mode 100644 index 0000000..d6d6ae2 --- /dev/null +++ b/k8s/helm/ceramic/templates/compose-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ceramic.fullname" . }} + labels: + {{- include "ceramic.labels" . | nindent 4 }} +spec: + type: {{ .Values.composedb.service.type }} + ports: + - port: {{ .Values.composedb.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "ceramic.selectorLabels" . | nindent 4 }} diff --git a/k8s/helm/ceramic/templates/compose-sts.yaml b/k8s/helm/ceramic/templates/compose-sts.yaml new file mode 100644 index 0000000..57c3828 --- /dev/null +++ b/k8s/helm/ceramic/templates/compose-sts.yaml @@ -0,0 +1,142 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "ceramic.fullname" . }} + labels: + {{- include "ceramic.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.composedb.replicaCount }} + serviceName: {{ include "ceramic.fullname" . }} + selector: + matchLabels: + {{- include "ceramic.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.composedb.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ceramic.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ceramic.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.composedb.podSecurityContext | nindent 8 }} + initContainers: + - name: init-composedb-config + securityContext: + {{- toYaml .Values.composedb.securityContext | nindent 12 }} + image: "{{ .Values.composedb.image.repository }}:{{ .Values.composedb.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.composedb.image.pullPolicy }} + command: + - "/bin/bash" + - "-c" + - "/composedb-init/compose-init.sh" + volumeMounts: + - name: config-volume + mountPath: /config + - name: {{ include "ceramic.fullname" . }}-init + mountPath: /composedb-init + envFrom: + - configMapRef: + name: {{ include "ceramic.fullname" . }}-env + env: + - name: CERAMIC_ADMIN_PRIVATE_KEY + valueFrom: + secretKeyRef: + name: {{ include "ceramic.fullname" . }}-admin + key: private-key + - name: CERAMIC_INDEXING_DB_USERNAME + valueFrom: + secretKeyRef: + name: {{ include "ceramic.fullname" . }}-admin + key: db-username + - name: CERAMIC_INDEXING_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "ceramic.fullname" . }}-admin + key: db-password + resources: + {{- toYaml .Values.composedb.resources | nindent 12 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.composedb.securityContext | nindent 12 }} + image: "{{ .Values.composedb.image.repository }}:{{ .Values.composedb.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.composedb.image.pullPolicy }} + command: + - "/js-ceramic/packages/cli/bin/ceramic.js" + - "daemon" + - "--config" + - "/config/daemon-config.json" + ports: + - containerPort: 7007 + name: http + livenessProbe: + httpGet: + path: {{ .Values.composedb.probe.path }} + port: http + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 + readinessProbe: + httpGet: + path: {{ .Values.composedb.probe.path }} + port: http + initialDelaySeconds: 0 + periodSeconds: 15 + timeoutSeconds: 30 + volumeMounts: + - name: {{ include "ceramic.fullname" . }}-data + mountPath: "{{ .Values.composedb.config.stateStorePath }}" + - name: config-volume + mountPath: /config + envFrom: + - configMapRef: + name: {{ include "ceramic.fullname" . }}-env + env: + - name: CERAMIC_ADMIN_PRIVATE_KEY + valueFrom: + secretKeyRef: + name: {{ include "ceramic.fullname" . }}-admin + key: private-key + resources: + {{- toYaml .Values.composedb.resources | nindent 12 }} + volumes: + - name: config-volume + emptyDir: {} + - name: {{ include "ceramic.fullname" . }}-init + configMap: + name: {{ include "ceramic.fullname" . }}-init + defaultMode: 0755 + - name: {{ include "ceramic.fullname" . }}-data + persistentVolumeClaim: + {{ if .Values.composedb.persistence.useExistingClaim.enabled }}claimName: {{ .Values.composedb.persistence.useExistingClaim.claimName }} + {{ else if .Values.composedb.persistence.useClaimTemplate.enabled }}claimName: {{ .Values.composedb.persistence.useClaimTemplate.claimName }}{{ end }} + {{- with .Values.composedb.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.composedb.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.composedb.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{ if not .Values.composedb.persistence.useExistingClaim.enabled }} + {{ if .Values.composedb.persistence.useClaimTemplate.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ .Values.composedb.persistence.useClaimTemplate.claimName }} + {{- with .Values.composedb.persistence.useClaimTemplate.spec }} + spec: + {{- toYaml . | nindent 8 }} + {{- end }} + {{ end }} + {{ end }} \ No newline at end of file diff --git a/k8s/helm/ceramic/templates/ingress.yaml b/k8s/helm/ceramic/templates/ingress.yaml new file mode 100644 index 0000000..73fb2f5 --- /dev/null +++ b/k8s/helm/ceramic/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "ceramic.fullname" . -}} +{{- $svcPort := .Values.composedb.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "ceramic.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/k8s/helm/ceramic/templates/ipfs-service.yaml b/k8s/helm/ceramic/templates/ipfs-service.yaml new file mode 100644 index 0000000..fcd1a62 --- /dev/null +++ b/k8s/helm/ceramic/templates/ipfs-service.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "ceramic.ipfs.fullname" . }} + labels: + {{- include "ceramic.ipfs.labels" . | nindent 4 }} +spec: + type: {{ .Values.ipfs.service.type }} + ports: + - port: {{ .Values.ipfs.service.swarm.port }} + targetPort: swarm + protocol: TCP + name: swarm + - port: {{ .Values.ipfs.service.api.port }} + targetPort: api + protocol: TCP + name: api + - port: {{ .Values.ipfs.service.gateway.port }} + targetPort: gateway + protocol: TCP + name: gateway + - port: {{ .Values.ipfs.service.metrics.port }} + targetPort: metrics + protocol: TCP + name: metrics + selector: + {{- include "ceramic.ipfs.selectorLabels" . | nindent 4 }} diff --git a/k8s/helm/ceramic/templates/ipfs-sts.yaml b/k8s/helm/ceramic/templates/ipfs-sts.yaml new file mode 100644 index 0000000..d00932a --- /dev/null +++ b/k8s/helm/ceramic/templates/ipfs-sts.yaml @@ -0,0 +1,98 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ include "ceramic.ipfs.fullname" . }} + labels: + {{- include "ceramic.ipfs.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ipfs.replicaCount }} + serviceName: {{ include "ceramic.ipfs.fullname" . }} + selector: + matchLabels: + {{- include "ceramic.ipfs.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.ipfs.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "ceramic.ipfs.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "ceramic.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.ipfs.podSecurityContext | nindent 8 }} + containers: + - name: {{ include "ceramic.ipfs.name" . }} + securityContext: + {{- toYaml .Values.ipfs.securityContext | nindent 12 }} + image: "{{ .Values.ipfs.image.repository }}:{{ .Values.ipfs.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.ipfs.image.pullPolicy }} + ports: + - containerPort: 4001 + name: swarm + - containerPort: 5001 + name: api + - containerPort: 8080 + name: gateway + - containerPort: 9090 + name: metrics + livenessProbe: + exec: + command: + - ipfs + - dag + - stat + - /ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 + failureTreshold: 3 + readinessProbe: + exec: + command: + - ipfs + - dag + - stat + - /ipfs/QmUNLLsPACCz1vLxQVkXqqLX5R1X345qqfHbsf67hvA3Nn + initialDelaySeconds: 15 + periodSeconds: 15 + timeoutSeconds: 30 + failureTreshold: 3 + volumeMounts: + - name: {{ include "ceramic.ipfs.fullname" . }}-data + mountPath: /data/ipfs + resources: + {{- toYaml .Values.ipfs.resources | nindent 12 }} + volumes: + - name: {{ include "ceramic.ipfs.fullname" . }}-data + persistentVolumeClaim: + {{ if .Values.ipfs.persistence.useExistingClaim.enabled }}claimName: {{ .Values.ipfs.persistence.useExistingClaim.claimName }} + {{ else if .Values.ipfs.persistence.useClaimTemplate.enabled }}claimName: {{ .Values.ipfs.persistence.useClaimTemplate.claimName }}{{ end }} + {{- with .Values.ipfs.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.ipfs.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.ipfs.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{ if not .Values.ipfs.persistence.useExistingClaim.enabled }} + {{ if .Values.ipfs.persistence.useClaimTemplate.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ .Values.ipfs.persistence.useClaimTemplate.claimName }} + {{- with .Values.ipfs.persistence.useClaimTemplate.spec }} + spec: + {{- toYaml . | nindent 8 }} + {{- end }} + {{ end }} + {{ end }} \ No newline at end of file diff --git a/k8s/helm/ceramic/templates/serviceaccount.yaml b/k8s/helm/ceramic/templates/serviceaccount.yaml new file mode 100644 index 0000000..f0ce271 --- /dev/null +++ b/k8s/helm/ceramic/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ceramic.serviceAccountName" . }} + labels: + {{- include "ceramic.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/k8s/helm/ceramic/values.yaml b/k8s/helm/ceramic/values.yaml new file mode 100644 index 0000000..5c52e3d --- /dev/null +++ b/k8s/helm/ceramic/values.yaml @@ -0,0 +1,174 @@ +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + create: true + annotations: {} + name: "" + +composedb: + replicaCount: 1 + + image: + repository: ceramicnetwork/composedb + pullPolicy: IfNotPresent + tag: dev + + service: + type: ClusterIP + port: 80 + + probe: + path: /api/v0/node/healthcheck + + persistence: + useExistingClaim: + enabled: false + claimName: ceramic-data + useClaimTemplate: + enabled: true + claimName: ceramic-data + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 10Gi + + resources: + limits: + cpu: 250m + ephemeral-storage: 1Gi + memory: 512Mi + requests: + cpu: 250m + ephemeral-storage: 1Gi + memory: 512Mi + + config: + corsAllowedOrigins: .* + logLevel: "2" + metricsExporterEnabled: false + network: testnet-clay + stateStorePath: /ceramic-data + + env: + CERAMIC_ENABLE_EXPERIMENTAL_COMPOSE_DB: "true" + CERAMIC_ENABLE_EXPERIMENTAL_SYNC: "true" + + secret: + privateKey: "e1196383ce8389169171ad795272b5f1ecdaba50cefaf4960500a0a920f159b8" + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + +ipfs: + replicaCount: 1 + + image: + repository: ceramicnetwork/go-ipfs-daemon + pullPolicy: IfNotPresent + tag: e177a93eae03 + + service: + type: ClusterIP + swarm: + port: 4001 + api: + port: 5001 + gateway: + port: 8080 + metrics: + port: 9090 + + persistence: + useExistingClaim: + enabled: false + claimName: ceramic-ipfs-data + useClaimTemplate: + enabled: true + claimName: ceramic-ipfs-data + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 10Gi + + + resources: + requests: + cpu: 250m + ephemeral-storage: 1Gi + memory: 512Mi + limits: + cpu: 250m + ephemeral-storage: 1Gi + memory: 512Mi + + podAnnotations: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + +postgresql: + auth: + username: ceramic + password: postgres + host: ceramic-postgresql + port: 5432 + database: ceramic + helm: + enabled: true + externalDB: + enabled: false + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: ceramic.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: ceramic-tls + # hosts: + # - ceramic.local + + + + diff --git a/k8s/README.md b/k8s/kustomize/README.md similarity index 98% rename from k8s/README.md rename to k8s/kustomize/README.md index bd2aa8d..dc0fd52 100644 --- a/k8s/README.md +++ b/k8s/kustomize/README.md @@ -1,4 +1,4 @@ -# k8s +# kustomize The `base` directory contains the kubernetes manifests for the Ceramic HDS service. The `overlays` directory contains the manifests for different, example, configurations. diff --git a/k8s/base/composedb/compose-init.sh b/k8s/kustomize/base/composedb/compose-init.sh similarity index 100% rename from k8s/base/composedb/compose-init.sh rename to k8s/kustomize/base/composedb/compose-init.sh diff --git a/k8s/base/composedb/composedb.env b/k8s/kustomize/base/composedb/composedb.env similarity index 100% rename from k8s/base/composedb/composedb.env rename to k8s/kustomize/base/composedb/composedb.env diff --git a/k8s/base/composedb/create-secrets.sh b/k8s/kustomize/base/composedb/create-secrets.sh similarity index 100% rename from k8s/base/composedb/create-secrets.sh rename to k8s/kustomize/base/composedb/create-secrets.sh diff --git a/k8s/base/composedb/daemon-config.json b/k8s/kustomize/base/composedb/daemon-config.json similarity index 100% rename from k8s/base/composedb/daemon-config.json rename to k8s/kustomize/base/composedb/daemon-config.json diff --git a/k8s/base/composedb/do-lb.yaml b/k8s/kustomize/base/composedb/do-lb.yaml similarity index 100% rename from k8s/base/composedb/do-lb.yaml rename to k8s/kustomize/base/composedb/do-lb.yaml diff --git a/k8s/base/composedb/kustomization.yaml b/k8s/kustomize/base/composedb/kustomization.yaml similarity index 100% rename from k8s/base/composedb/kustomization.yaml rename to k8s/kustomize/base/composedb/kustomization.yaml diff --git a/k8s/base/composedb/manifests/composedb.yaml b/k8s/kustomize/base/composedb/manifests/composedb.yaml similarity index 100% rename from k8s/base/composedb/manifests/composedb.yaml rename to k8s/kustomize/base/composedb/manifests/composedb.yaml diff --git a/k8s/base/composedb/manifests/ipfs.yaml b/k8s/kustomize/base/composedb/manifests/ipfs.yaml similarity index 100% rename from k8s/base/composedb/manifests/ipfs.yaml rename to k8s/kustomize/base/composedb/manifests/ipfs.yaml diff --git a/k8s/base/composedb/manifests/postgres.yaml b/k8s/kustomize/base/composedb/manifests/postgres.yaml similarity index 100% rename from k8s/base/composedb/manifests/postgres.yaml rename to k8s/kustomize/base/composedb/manifests/postgres.yaml diff --git a/k8s/base/opentelemetry/kustomization.yaml b/k8s/kustomize/base/opentelemetry/kustomization.yaml similarity index 100% rename from k8s/base/opentelemetry/kustomization.yaml rename to k8s/kustomize/base/opentelemetry/kustomization.yaml diff --git a/k8s/base/opentelemetry/opentelemetry.yaml b/k8s/kustomize/base/opentelemetry/opentelemetry.yaml similarity index 100% rename from k8s/base/opentelemetry/opentelemetry.yaml rename to k8s/kustomize/base/opentelemetry/opentelemetry.yaml diff --git a/k8s/base/opentelemetry/optel-config.yaml b/k8s/kustomize/base/opentelemetry/optel-config.yaml similarity index 100% rename from k8s/base/opentelemetry/optel-config.yaml rename to k8s/kustomize/base/opentelemetry/optel-config.yaml diff --git a/k8s/overlays/ceramic-hds/create-secrets.sh b/k8s/kustomize/overlays/ceramic-hds/create-secrets.sh similarity index 100% rename from k8s/overlays/ceramic-hds/create-secrets.sh rename to k8s/kustomize/overlays/ceramic-hds/create-secrets.sh diff --git a/k8s/overlays/ceramic-hds/kustomization.yaml b/k8s/kustomize/overlays/ceramic-hds/kustomization.yaml similarity index 100% rename from k8s/overlays/ceramic-hds/kustomization.yaml rename to k8s/kustomize/overlays/ceramic-hds/kustomization.yaml diff --git a/k8s/overlays/ceramic-hds/manifests/runner.yaml b/k8s/kustomize/overlays/ceramic-hds/manifests/runner.yaml similarity index 100% rename from k8s/overlays/ceramic-hds/manifests/runner.yaml rename to k8s/kustomize/overlays/ceramic-hds/manifests/runner.yaml diff --git a/k8s/overlays/ceramic-hds/schemas/SmokeTestModel-main.graphql b/k8s/kustomize/overlays/ceramic-hds/schemas/SmokeTestModel-main.graphql similarity index 100% rename from k8s/overlays/ceramic-hds/schemas/SmokeTestModel-main.graphql rename to k8s/kustomize/overlays/ceramic-hds/schemas/SmokeTestModel-main.graphql diff --git a/k8s/overlays/ceramic-hds/schemas/SmokeTestModel-relation.graphql b/k8s/kustomize/overlays/ceramic-hds/schemas/SmokeTestModel-relation.graphql similarity index 100% rename from k8s/overlays/ceramic-hds/schemas/SmokeTestModel-relation.graphql rename to k8s/kustomize/overlays/ceramic-hds/schemas/SmokeTestModel-relation.graphql diff --git a/k8s/overlays/ceramic-heap-snapshot/.envrc b/k8s/kustomize/overlays/ceramic-heap-snapshot/.envrc similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/.envrc rename to k8s/kustomize/overlays/ceramic-heap-snapshot/.envrc diff --git a/k8s/overlays/ceramic-heap-snapshot/ceramic-debug-service.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/ceramic-debug-service.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/ceramic-debug-service.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/ceramic-debug-service.yaml diff --git a/k8s/overlays/ceramic-heap-snapshot/create-secrets.sh b/k8s/kustomize/overlays/ceramic-heap-snapshot/create-secrets.sh similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/create-secrets.sh rename to k8s/kustomize/overlays/ceramic-heap-snapshot/create-secrets.sh diff --git a/k8s/overlays/ceramic-heap-snapshot/ingress.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/ingress.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/ingress.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/ingress.yaml diff --git a/k8s/overlays/ceramic-heap-snapshot/kustomization.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/kustomization.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/kustomization.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/kustomization.yaml diff --git a/k8s/overlays/ceramic-heap-snapshot/node-heapsnapshot-cronjob.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/node-heapsnapshot-cronjob.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/node-heapsnapshot-cronjob.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/node-heapsnapshot-cronjob.yaml diff --git a/k8s/overlays/ceramic-heap-snapshot/patches/composedb.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/patches/composedb.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/patches/composedb.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/patches/composedb.yaml diff --git a/k8s/overlays/ceramic-heap-snapshot/patches/ipfs.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/patches/ipfs.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/patches/ipfs.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/patches/ipfs.yaml diff --git a/k8s/overlays/ceramic-heap-snapshot/servicemonitor.yaml b/k8s/kustomize/overlays/ceramic-heap-snapshot/servicemonitor.yaml similarity index 100% rename from k8s/overlays/ceramic-heap-snapshot/servicemonitor.yaml rename to k8s/kustomize/overlays/ceramic-heap-snapshot/servicemonitor.yaml diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/ceramic-load-generator.yaml b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/ceramic-load-generator.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/ceramic-load-generator.yaml rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/ceramic-load-generator.yaml diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/compose-init.sh b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/compose-init.sh similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/compose-init.sh rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/compose-init.sh diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/composedb.env b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/composedb.env similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/composedb.env rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/composedb.env diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/daemon-config.json b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/daemon-config.json similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/daemon-config.json rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/daemon-config.json diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/ingress.yaml b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/ingress.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/ingress.yaml rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/ingress.yaml diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/kustomization.yaml b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/kustomization.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/kustomization.yaml rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/kustomization.yaml diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/patches/composedb.yaml b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/patches/composedb.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/patches/composedb.yaml rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/patches/composedb.yaml diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/patches/ipfs.yaml b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/patches/ipfs.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/patches/ipfs.yaml rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/patches/ipfs.yaml diff --git a/k8s/overlays/ceramic-load-test-dev-unstable/scripts/create-secrets.sh b/k8s/kustomize/overlays/ceramic-load-test-dev-unstable/scripts/create-secrets.sh similarity index 100% rename from k8s/overlays/ceramic-load-test-dev-unstable/scripts/create-secrets.sh rename to k8s/kustomize/overlays/ceramic-load-test-dev-unstable/scripts/create-secrets.sh diff --git a/k8s/overlays/ceramic-load-test/compose-init.sh b/k8s/kustomize/overlays/ceramic-load-test/compose-init.sh similarity index 100% rename from k8s/overlays/ceramic-load-test/compose-init.sh rename to k8s/kustomize/overlays/ceramic-load-test/compose-init.sh diff --git a/k8s/overlays/ceramic-load-test/composedb.env b/k8s/kustomize/overlays/ceramic-load-test/composedb.env similarity index 100% rename from k8s/overlays/ceramic-load-test/composedb.env rename to k8s/kustomize/overlays/ceramic-load-test/composedb.env diff --git a/k8s/overlays/ceramic-load-test/daemon-config.json b/k8s/kustomize/overlays/ceramic-load-test/daemon-config.json similarity index 100% rename from k8s/overlays/ceramic-load-test/daemon-config.json rename to k8s/kustomize/overlays/ceramic-load-test/daemon-config.json diff --git a/k8s/overlays/ceramic-load-test/ingress.yaml b/k8s/kustomize/overlays/ceramic-load-test/ingress.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test/ingress.yaml rename to k8s/kustomize/overlays/ceramic-load-test/ingress.yaml diff --git a/k8s/overlays/ceramic-load-test/kustomization.yaml b/k8s/kustomize/overlays/ceramic-load-test/kustomization.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test/kustomization.yaml rename to k8s/kustomize/overlays/ceramic-load-test/kustomization.yaml diff --git a/k8s/overlays/ceramic-load-test/manifests/runner-create.yaml b/k8s/kustomize/overlays/ceramic-load-test/manifests/runner-create.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test/manifests/runner-create.yaml rename to k8s/kustomize/overlays/ceramic-load-test/manifests/runner-create.yaml diff --git a/k8s/overlays/ceramic-load-test/manifests/runner.yaml b/k8s/kustomize/overlays/ceramic-load-test/manifests/runner.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test/manifests/runner.yaml rename to k8s/kustomize/overlays/ceramic-load-test/manifests/runner.yaml diff --git a/k8s/overlays/ceramic-load-test/patches/composedb.yaml b/k8s/kustomize/overlays/ceramic-load-test/patches/composedb.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test/patches/composedb.yaml rename to k8s/kustomize/overlays/ceramic-load-test/patches/composedb.yaml diff --git a/k8s/overlays/ceramic-load-test/patches/ipfs.yaml b/k8s/kustomize/overlays/ceramic-load-test/patches/ipfs.yaml similarity index 100% rename from k8s/overlays/ceramic-load-test/patches/ipfs.yaml rename to k8s/kustomize/overlays/ceramic-load-test/patches/ipfs.yaml diff --git a/k8s/overlays/ceramic-load-test/runner.env b/k8s/kustomize/overlays/ceramic-load-test/runner.env similarity index 100% rename from k8s/overlays/ceramic-load-test/runner.env rename to k8s/kustomize/overlays/ceramic-load-test/runner.env diff --git a/k8s/overlays/ceramic-load-test/schemas/SmokeTestModel-main.graphql b/k8s/kustomize/overlays/ceramic-load-test/schemas/SmokeTestModel-main.graphql similarity index 100% rename from k8s/overlays/ceramic-load-test/schemas/SmokeTestModel-main.graphql rename to k8s/kustomize/overlays/ceramic-load-test/schemas/SmokeTestModel-main.graphql diff --git a/k8s/overlays/ceramic-load-test/schemas/SmokeTestModel-relation.graphql b/k8s/kustomize/overlays/ceramic-load-test/schemas/SmokeTestModel-relation.graphql similarity index 100% rename from k8s/overlays/ceramic-load-test/schemas/SmokeTestModel-relation.graphql rename to k8s/kustomize/overlays/ceramic-load-test/schemas/SmokeTestModel-relation.graphql diff --git a/k8s/overlays/ceramic-load-test/scripts/create-doc.sh b/k8s/kustomize/overlays/ceramic-load-test/scripts/create-doc.sh similarity index 100% rename from k8s/overlays/ceramic-load-test/scripts/create-doc.sh rename to k8s/kustomize/overlays/ceramic-load-test/scripts/create-doc.sh diff --git a/k8s/overlays/ceramic-load-test/scripts/create-secrets.sh b/k8s/kustomize/overlays/ceramic-load-test/scripts/create-secrets.sh similarity index 100% rename from k8s/overlays/ceramic-load-test/scripts/create-secrets.sh rename to k8s/kustomize/overlays/ceramic-load-test/scripts/create-secrets.sh