feat: introduce Flux health checks for CRDs and storage components, and adjust Plex PVC storage request.

2026-02-26 19:42:23 +01:00
parent dc41e2d5ab
commit 2f33e71298
4 changed files with 84 additions and 1 deletions
--- a/kubernetes/apps/flux-system/healthcheck/app/kustomization.yaml
+++ b/kubernetes/apps/flux-system/healthcheck/app/kustomization.yaml
@@ -0,0 +1,5 @@
+---
+# yaml-language-server: $schema=https://json.schemastore.org/kustomization
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: []
--- a/kubernetes/apps/flux-system/healthcheck/ks.yaml
+++ b/kubernetes/apps/flux-system/healthcheck/ks.yaml
@@ -0,0 +1,77 @@
+---
+# yaml-language-server: $schema=https://schemas.tholinka.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: crds-ready
+  namespace: &namespace flux-system
+spec:
+  interval: 1h
+  targetNamespace: *namespace
+  path: ./kubernetes/apps/flux-system/healthcheck/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  healthChecks:
+    - &crds
+      apiVersion: apiextensions.k8s.io/v1
+      kind: CustomResourceDefinition
+      name: replicationsources.volsync.backube
+    - <<: *crds
+      name: replicationdestinations.volsync.backube
+    - <<: *crds
+      name: externalsecrets.external-secrets.io
+    - <<: *crds
+      name: servicemonitors.monitoring.coreos.com
+    - <<: *crds
+      name: podmonitors.monitoring.coreos.com
+    - <<: *crds
+      name: ciliumnetworkpolicies.cilium.io
+    - <<: *crds
+      name: ciliumclusterwidenetworkpolicies.cilium.io
+    - <<: *crds
+      name: certificates.cert-manager.io
+    - <<: *crds
+      name: httproutes.gateway.networking.k8s.io
+    - <<: *crds
+      name: securitypolicies.gateway.envoyproxy.io
+---
+# yaml-language-server: $schema=https://schemas.tholinka.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: storage-ready
+  namespace: &namespace flux-system
+spec:
+  interval: 1h
+  targetNamespace: *namespace
+  path: ./kubernetes/apps/flux-system/healthcheck/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  healthChecks:
+    - apiVersion: &cephApiVersion ceph.rook.io/v1
+      kind: &cephKind CephCluster
+      name: rook-ceph
+      namespace: rook-ceph
+    - apiVersion: apps/v1
+      kind: Deployment
+      name: volsync
+      namespace: system
+    - &crd
+      apiVersion: apiextensions.k8s.io/v1
+      kind: CustomResourceDefinition
+      name: replicationsources.volsync.backube
+    - <<: *crd
+      name: replicationdestinations.volsync.backube
+    - <<: *crd
+      name: externalsecrets.external-secrets.io
+  healthCheckExprs:
+    - apiVersion: *cephApiVersion
+      kind: *cephKind
+      failed: status.ceph.health == 'HEALTH_ERR'
+      current: status.ceph.health in ['HEALTH_OK', 'HEALTH_WARN']
--- a/kubernetes/apps/flux-system/kustomization.yaml
+++ b/kubernetes/apps/flux-system/kustomization.yaml
@@ -10,3 +10,4 @@ resources:
  - ./namespace.yaml
  - ./flux-instance/ks.yaml
  - ./flux-operator/ks.yaml
+  - ./healthcheck/ks.yaml
--- a/kubernetes/apps/media/plex/app/pvc.yaml
+++ b/kubernetes/apps/media/plex/app/pvc.yaml
@@ -8,5 +8,5 @@ spec:
  accessModes: ["ReadWriteOnce"]
  resources:
    requests:
-      storage: 100Gi
+      storage: 40Gi
  storageClassName: ceph-block