DEPLOY: Deploying test cluster for Longhorn issue.

clusters/dev/rwhiting/apps.yaml

@@ -0,0 +1,82 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: cloud-deployed-apps
+  namespace: argocd
+spec:
+  destination:
+    namespace: argocd
+    server: https://kubernetes.default.svc
+  project: default
+  source:
+    repoURL: https://github.com/stfc/cloud-deployed-apps.git
+    targetRevision: main
+    path: clusters/dev/rwhiting
+  syncPolicy:
+    automated:
+      prune: false
+      selfHeal: true
+      allowEmpty: true
+    syncOptions:
+      - CreateNamespace=true
+
+---
+
+apiVersion: argoproj.io/v1alpha1
+kind: ApplicationSet
+metadata:
+  name: rwhiting-apps
+  namespace: argocd
+spec:
+  goTemplate: true
+  generators:
+    - list:
+        elements:
+          - name: "argocd"
+            chartName: argocd
+
+            # NOTE: each chart needs a valuesFile for this to work
+            # so create one for each chart - even if its empty
+
+            # argocd and all dependencies use the same file "argocd-setup-values.yaml"
+            valuesFile: ../../../clusters/dev/rwhiting/argocd-setup-values.yaml
+            namespace: argocd
+
+          - name: "cert-manager"
+            chartName: cert-manager
+            namespace: cert-manager
+            valuesFile: ../../../clusters/dev/rwhiting/argocd-setup-values.yaml
+
+          - name: longhorn
+            chartName: longhorn
+            namespace: longhorn-system
+            valuesFile: ../../../clusters/dev/rwhiting/argocd-setup-values.yaml
+
+  syncPolicy:
+    # Don't remove everything if we remove the appset
+    preserveResourcesOnDeletion: true
+
+  template:
+    metadata:
+      name: "{{.name}}"
+      namespace: argocd
+    spec:
+      project: default
+      source:
+        repoURL: "https://github.com/stfc/cloud-deployed-apps.git"
+        targetRevision: main
+        path: "charts/dev/{{.chartName}}"
+        helm:
+          valueFiles:
+            - "{{.valuesFile}}"
+      destination:
+        server: https://kubernetes.default.svc
+        namespace: "{{.namespace}}"
+
+      syncPolicy:
+        automated:
+          prune: true
+          selfHeal: true
+          allowEmpty: true
+        syncOptions:
+          - CreateNamespace=true

clusters/dev/rwhiting/argocd-setup-values.yaml

@@ -0,0 +1,7 @@
+argo-cd:
+  global:
+    domain: argocd.dev-rwhiting.nubes.stfc.ac.uk
+
+longhorn:
+  ingress:
+    host: "longhorn.dev-rwhiting.nubes.stfc.ac.uk"

clusters/dev/rwhiting/infra-values.yaml

@@ -0,0 +1,24 @@
+openstack-cluster:
+
+  controlPlane:
+    machineCount: 3
+
+  nodeGroups:
+    - name: default-md-0
+      machineCount: 2
+
+  nodeGroupDefaults:
+    machineFlavor: l3.nano
+
+  addons:
+    ingress:
+      enabled: true
+      nginx:
+        release:
+          values:
+            controller:
+              service:
+                loadBalancerIP: "130.246.211.73"
+
+    monitoring:
+      enabled: false

secrets/dev/rwhiting/.sops.yaml

@@ -0,0 +1,17 @@
+creation_rules:
+  - unencrypted_regex: "^(apiVersion|metadata|kind|type)$"
+    # All developers can access / edit secrets on dev
+    key_groups:
+      - age:
+          # David Fairbrother Desktop
+          - age1acqcungzwkt807d3jt94ngtdt0vhk9kec4ps4a22cpaah57jw4xsl7q4xc
+          # David Fairbrother Laptop
+          - age1h3dmygqf4v6jg3nxk5sr9jkp27w3q83sqnqxdd5n92xf3w6fs5kshakrxn
+          # Temp Dev Argo Key
+          - age1xr298hh8ammzethfcdeh72c25wnrk3u2zlzxx78k4nfcq2rwpgqs9hljq8
+          # Anish Mudaraddi
+          - age12khufkd7z25eqgpjjyy0zcrq6kpjxzekmff5zhq7q54tajm4e58qul35x0
+          # Ramzi Jalili
+          - age16fufeddr0arrns268526gxethxgkh3g0euf8cn37kuwfmq3h23psutz4q8
+          # Ryan Whiting
+          - age1a8e4gxw67kp27s3hssfxyem3e8jwaha3huz0sttfngeu60pk5pxqkfpg3d

secrets/dev/rwhiting/api-server-fip.yaml

@@ -0,0 +1,68 @@
+openstack-cluster:
+    apiServer:
+        floatingIP: ENC[AES256_GCM,data:ytxhPT0FC+Ia3/HdPeKX,iv:5ZbHj4EcQvDhUFK9UyVzLUOdgYXSdwPNS7VVOpKTvTg=,tag:cJXktXVyYLGx/9ksJ8uhug==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1acqcungzwkt807d3jt94ngtdt0vhk9kec4ps4a22cpaah57jw4xsl7q4xc
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxZkFaTE9rZjY0dlc1VjVK
+            Mm5RQm05NXo3WDZ2NkpMemU0UEM2djF4V20wCmxxVVIvRkVPckZDNndSSTYvSXI1
+            UzNrZmlmRXZhYWE2L2h4M1NQTU5ka1EKLS0tIE94KytIdFVOZVJhWkYzaVFpTFNQ
+            Z3ZzbUN6bHdiSFd2bnRWVVlOTlAwMlkK0iLrndjKL59LDH0BqTBH3BcvUYII/HTB
+            iTt86N+II4JBUi2KfEBiQ6WHaCnMie8eEUU546jPBasr3zkAQ9fSqg==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1h3dmygqf4v6jg3nxk5sr9jkp27w3q83sqnqxdd5n92xf3w6fs5kshakrxn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6ZHkxc3FhTk9rZlU0WDdB
+            T3dWZC9LNVRTWHBGclp4eURuUGpDVWs1bmlZCm5jS3pwMWhKNGFBS1ZxR2tEYXVh
+            VEdtMVFBNDdOUWphdVJxMkQ0Yk43T28KLS0tIDBRYUZyR0hiZVZ4ZGFzTENhb2Vj
+            M2FGZENpN3JRejloWHNNVUxBSytwZGMK3oXFJ6RwGDHfGWyVzkf2LpywMDR+mJPC
+            /HUxHhoB9lc9WMsrXz811d7ebProk4VhFTCv+oGDuBRy7ImBkFcQYw==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1xr298hh8ammzethfcdeh72c25wnrk3u2zlzxx78k4nfcq2rwpgqs9hljq8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhaWpIZXBOUi8yY2pTRWF5
+            b1RQeXdlOUkwSDJXZS9JWHZEa0xiTGJOQ0RnCmIva29FTW1iSUtqZEVOSW8rdkJW
+            bDJrUkcxNzBWUldBQ3FnbU12VVpZYUEKLS0tIEs0NVFtZkR6SmVJUDJSc1lqS24w
+            YUl6em10blFveUFqZlFxMmFMdzBNV1kKymYp4PbxqX8aZLGQmzXivJDwpoN/wv0W
+            HAiVKCKIH0Fv6/E/G/RH6XYoR2c9qU8U8GUTVXwYN6nSvNO/QxGaFA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age12khufkd7z25eqgpjjyy0zcrq6kpjxzekmff5zhq7q54tajm4e58qul35x0
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNOThKZDBESkl2R3MweW1X
+            bTVuY2t5bjVlUDdZL2ROb09LM1VXaEk5RGxNCnhjWUJha2JTWllOQzVkU3JEbFBP
+            ZGxxeHI3TkZ5RVdMd2dDTUdpSXBuVzQKLS0tIDJUZ2Nja1NpcEdjYjl4cU5kV09J
+            TWJJVUZnYitDUXhGRjg4ZjIrU2taaFEKGjavmRljqPKQtPdUkbcGjWX8haI1BUbL
+            mcsqEYrJbPPq+x6ryr22pYCaNxvhhDPwXvst2yS5gT/RPkDxq5o99A==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age16fufeddr0arrns268526gxethxgkh3g0euf8cn37kuwfmq3h23psutz4q8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4UHZXSG1xb1NrcTBEL0Zj
+            V3VWUXRHcytHbzM5Q05HTmZaRzlpcFZiOVV3Ck1GMnZYMEV5ZSt1d0RvTFJJT1ow
+            Z3h1T3RoYlAzck42b3BaQS93Nm40aDgKLS0tIG9MTTduQkp1bTI2ZDJXZzN6eWhT
+            SjF6b29qR1J4Nm9BdVo4Q2gwVTJXYzgKy1RVuzj0Ws+7eI+SNNSXMynq1PpllMEo
+            5owZ/fxAccePhNkOj3J00TFfZY1yqtwhv9FAOJBRhWWY3yZrGV6pzg==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1a8e4gxw67kp27s3hssfxyem3e8jwaha3huz0sttfngeu60pk5pxqkfpg3d
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkdVFFcFJvMVpka1FORUJr
+            TTBXWXg2c2hEWEhTRzVtQTYzNHErUGNkNzIwClRoMFZ2L1B1cFNOK1pwbk9Ba2Jq
+            V0lzM1d0OFZyNEp0UXdnL1VhY1ZrTUkKLS0tIG5lK3pGa2tOS0J0aS82UDdTeEth
+            dXR0Ly9naEVoQ3dtTWd3ZU9zQXZ0cU0KGKhkN0HHEyvPiTHkGQ/FafMNFpQHRNM4
+            YtuVO3c3kmXSrff+96ID34GYU3vZ2UPRRXl8sQ74uRdd++syRQP6nA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-11-20T10:36:16Z"
+    mac: ENC[AES256_GCM,data:MeQ5qkU3cP1KuCFr2IfKVta4iki7UtyiDADYvmHct1fu2drIJmoQcCdquKiWjj5dsVXzXtf8bH1nABCjKRzm8UXWpoiFo33zXYz7R0N3kYV2ZDqCUyoeFSsXJ2BtAutAB/ccJHU+M9PYTT+F99IihRUK8hJBBedargTrn6p2Uzc=,iv:lOPWpFqwgnRfP+O9u5B1lUHyZsuWTTs57R1zwoLhtc4=,tag:GDUXiGiP+9MvbBmhQ8h2Pw==,type:str]
+    pgp: []
+    unencrypted_regex: ^(apiVersion|metadata|kind|type)$
+    version: 3.9.1

secrets/dev/rwhiting/app-cred.yaml

@@ -0,0 +1,77 @@
+openstack-cluster:
+    clouds:
+        openstack:
+            auth:
+                auth_url: ENC[AES256_GCM,data:k1gDsA43Hagpx8MxaDH5rZ98Tg0HHua2oHtLJXqW4nRp6r6gkA==,iv:9HROgf8in18YaikTB9nT3uISGSBXKk+Jo4oIkPk46L8=,tag:oA12eLgX3PZS7C0009cieA==,type:str]
+                project_id: ENC[AES256_GCM,data:x0s1r2gmFpdAj9CRRiTBr8yWPOkl+0YC3/B87utKFLk=,iv:pW2EiYbmVoew775EU5kTyEheIPISHIy50wXJKgqiXeI=,tag:+9Bp+rQ+UQg3mMjjYwIlOw==,type:str]
+                application_credential_id: ENC[AES256_GCM,data:s+/q44ywNgBNi2sU/ebtTHHysbXYikeaMczIGkppQwk=,iv:49kfADzHYZPX6Ltyw4jtKMtNkC9ogv1Hk+oQObsTNio=,tag:fvk+bRc9UThK9XK6a+/DJQ==,type:str]
+                application_credential_secret: ENC[AES256_GCM,data:re6dnmVR5D9N5hvz9/YKPM53nKv3BR5AIbo/hbSyv7iIiO/0ufVjS8PJOq46HRHabI68Pn7N8lArQ6+XBWRiblTpzzVW+mDkoiJzHhGPz9hZ1Z8SN3Y=,iv:byPx/SnopVZOI4PqPW1WDSYUFQzaDFln41cqo1iFia4=,tag:wyblAEdp0417XqtdvI9WXQ==,type:str]
+            region_name: ENC[AES256_GCM,data:vz9Zm7Dg4K06,iv:U5kB79A/bnCAX0Ol07wauv5iK34jRfWtUxUNWW+Fmqw=,tag:8uQNue/mWZyLCsTLS0j1ow==,type:str]
+            interface: ENC[AES256_GCM,data:pADE4bxG,iv:WbKvg0GOAgkgz/ZPQLDh5f0v/QvdlPMw3yhKH8e5pVs=,tag:TDdhwnA/g1Uz4jIHB0Oh6A==,type:str]
+            identity_api_version: ENC[AES256_GCM,data:JQ==,iv:XbFtSBrqvcmZbQI3a6j0Hyum59OvwZu51qKK/bwABeY=,tag:eWrAHKvphamPQnycHnNxzg==,type:int]
+            auth_type: ENC[AES256_GCM,data:LNvf0HNTFleZaOezrIAQFN2i9Dg2LmY=,iv:HN/9csSOjufSru7Ie65K0pySfbX+xzcTkPINhDL1MJo=,tag:vRYbBcn98h97TP1P/dmkVQ==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1acqcungzwkt807d3jt94ngtdt0vhk9kec4ps4a22cpaah57jw4xsl7q4xc
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOK0ZyeWNiTVYzNGx3eU5B
+            M2t5VUZMV1lORGc1Um4yV24wZ1RlUkllSnpzCjRlRlRLWENUVGRjWVpPSHBUQWJZ
+            YS9VKzV5amVjRXBDU2pRZnlxOVRJR00KLS0tIEtlYjRJbmtTQ1M2WnJEQVdWL0l3
+            eWFrT0w3QXJZTlpEZ015aW5Nek9RYmMKM4qeitFMKF48fT2p7EmEuHC2idhhriP+
+            Zd5Io6kuudMM6OWXhMM8fdAH+bWV+G+8d1xZFoqPT+Y+hykGnFb8oQ==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1h3dmygqf4v6jg3nxk5sr9jkp27w3q83sqnqxdd5n92xf3w6fs5kshakrxn
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqUGRDYklvQmhFK1JqY2dt
+            eTBNb01CajErWk5KVlgxQXZ2WEkxZ0k4UlVzCjdvRWdzYnpKUW5CdWtCdDZkeUVh
+            emxEa0l6UkdRTHRHUGNNSE5YZUNPT3MKLS0tIDNLZ1F3R2hobGZ2MTh3blR0REUw
+            b2VoNHFuTWVKTkdhZWF0Sk9QSU95T28KI0LftXB3pLC+8l8YJ/WzKgX/LA/Mr/Ma
+            Rp+26usA6TeQ0LwfbOEykw6XGNJ1j9Bvu3/TxRCqXf/ORsQq7TSuuw==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1xr298hh8ammzethfcdeh72c25wnrk3u2zlzxx78k4nfcq2rwpgqs9hljq8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlTCtET0IrYUVncGFpQmVo
+            TTFiMEJ0L1BTcUxOVzg3REtNUUJ3c2tydndVCnBuRWhma1J4VlRibVdqY216RnRk
+            MTlibExseUxJcjRZWUhhb2tuSzlORVkKLS0tIGV5dDZLeXduZ29yYStwM3NicE1q
+            V3BxR2pRaEtUN1RMZ3NTenFQZy9iTXMKSP2vHMFfZc7XT7W+jBl/eNaqdL74g4sn
+            Sm3l1Tle4Lc9U/mqTj2NKvv+/14i5g3NBwnb6Y+5hgfE3wpodj77VA==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age12khufkd7z25eqgpjjyy0zcrq6kpjxzekmff5zhq7q54tajm4e58qul35x0
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1MzAyMVZSUTBJdnlFSHlH
+            ckNiS2pwbEM0L2Rldkc4RVpERE1NWktiSEdBCnozUEszTGVuWXZyZVl5ZDFyb0tD
+            Vm5FQ1pMSVdrZ0NpOVg5SytIdWExSFkKLS0tIGx0WHpNSmRYcUdRNHIzUlpLUHpZ
+            K0lXUS9kSFMvWEtCYU9HZmlxUnpKaDgKDuyWB9cyecc80v3MFbsT5dUqeOAgx0gY
+            023DNXk0woQI/L/DMYROsOENXNg2Mb4dbOtCMxIxnLukx6WuKZeddg==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age16fufeddr0arrns268526gxethxgkh3g0euf8cn37kuwfmq3h23psutz4q8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNXo4RkVQU1BZQ09YcFVB
+            YzZxUGV3RUE5eXlzTmlxWHNVK0RSbWlRNFNnCklLQlFKSXhiLzdQV0U4aWxUUHZ0
+            anladWNkSkwzZGZnYktwb1lGWFJoMzAKLS0tIHhwY2dTcm53TDVhMkJBY3MzY1dS
+            TitlRkFSU3A1VnJUVjVyM3R3R2JockkKPPvJxzjUFWSBX2itVIPopcR3r9QU05+N
+            e+QM2+zmTzL3gYhcJrQxMIzN69oUnMX6cMpVHb9w1CntJ8bDyWX2xg==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1a8e4gxw67kp27s3hssfxyem3e8jwaha3huz0sttfngeu60pk5pxqkfpg3d
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNZmpTTVVMTHBqa01uQUZr
+            bkQyWWs3am80SHpnSU1LOTlJa244cDRQcldJClF1YjZBTnFTVEVEZ0VSTU9vT1NV
+            MGtzR2RJUGlKTTdmZGwvcWFjcWg0elkKLS0tIDN2UHltRmtXN21NaCtIRFcxTFQ5
+            ZzRLbmZOQTNPamVKSGZtZW5QazFrYTAK+clbJ/PqpL5RP1CtsXEk7Sr5zDVcMPve
+            RGXxGKxiaF9WAUUREMLmq3MfgXgY/ddeEm6tQAqJ/xe90GYlVdp3Yg==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-11-20T10:40:04Z"
+    mac: ENC[AES256_GCM,data:RDaWdJ+63g2Lsjs6HvcvdepVnlhHAjclUDBsWYULQhI0B7zNj0cWoD5TEoi4PiueTCcIz6KbAcEOlsOc1rGe3OsKZi0QIpB/HUzz44a5PLkRm069mgTnzel291I7qD54dj4TqTwxS+DrVkFW35PP3qO6vmDcjI9CHvLskilr0r4=,iv:gIqwF0ysZzCzERJR6DFrDhxywN9kRclGvrRebNYxglU=,tag:aFcDQh5cqz2F34x8XYWKCQ==,type:str]
+    pgp: []
+    unencrypted_regex: ^(apiVersion|metadata|kind|type)$
+    version: 3.9.1