From 0bbc20ca1408c8fd662e10bdd61db6483621d44a Mon Sep 17 00:00:00 2001 From: Xavor Date: Thu, 4 Sep 2025 00:13:39 +0200 Subject: [PATCH] add repo --- coredns/configmap-coredns.yaml | 25 +++++++++++ coredns/kustomization.yaml | 1 + coredns/svc-coredns-admin.yaml | 19 ++++++++ external/configmaps/configmap.yaml | 40 +++++++++++++++++ external/configmaps/configmap.yaml.save | 37 ++++++++++++++++ external/ingress/cockpitdotcom.yaml | 27 +++++++++++ external/ingress/gitdotcom.yaml | 27 +++++++++++ external/ingress/harbordotcom.yaml | 27 +++++++++++ external/ingress/wireguarddotcom.yaml | 27 +++++++++++ grafana/kps-values.yaml | 28 ++++++++++++ repo/configmap/repo-sources.yaml | 56 +++++++++++++++++++++++ repo/cronjobs/repo-sync.yaml | 38 ++++++++++++++++ repo/deployments/repo-server.yaml | 59 +++++++++++++++++++++++++ repo/ingress/ingress-repo.yaml | 23 ++++++++++ repo/kustomization.yaml | 26 +++++++++++ repo/namespace.yaml | 4 ++ repo/pvc.yaml | 12 +++++ repo/readme.md | 54 ++++++++++++++++++++++ repo/services/service-http.yaml | 14 ++++++ repo/services/service-samba.yaml | 15 +++++++ velero/schedules/daily-gitea-a.yaml | 13 ++++++ velero/schedules/weekly-full-a.yaml | 19 ++++++++ velero/values-velero.yaml | 19 ++++++++ 23 files changed, 610 insertions(+) create mode 100644 coredns/svc-coredns-admin.yaml create mode 100644 external/configmaps/configmap.yaml.save create mode 100644 external/ingress/cockpitdotcom.yaml create mode 100644 external/ingress/gitdotcom.yaml create mode 100644 external/ingress/harbordotcom.yaml create mode 100644 external/ingress/wireguarddotcom.yaml create mode 100644 grafana/kps-values.yaml create mode 100644 repo/configmap/repo-sources.yaml create mode 100644 repo/cronjobs/repo-sync.yaml create mode 100644 repo/deployments/repo-server.yaml create mode 100644 repo/ingress/ingress-repo.yaml create mode 100644 repo/kustomization.yaml create mode 100644 repo/namespace.yaml create mode 100644 repo/pvc.yaml create mode 100644 repo/readme.md create mode 100644 repo/services/service-http.yaml create mode 100644 repo/services/service-samba.yaml create mode 100644 velero/schedules/daily-gitea-a.yaml create mode 100644 velero/schedules/weekly-full-a.yaml diff --git a/coredns/configmap-coredns.yaml b/coredns/configmap-coredns.yaml index e0cdfee..c421bcd 100644 --- a/coredns/configmap-coredns.yaml +++ b/coredns/configmap-coredns.yaml @@ -35,6 +35,31 @@ data: 192.168.0.100 ceph.c2et.net 192.168.0.100 heimdall.c2et.net + # === dotcom ) === + 192.168.0.40 cockpit.c2et.com + 192.168.0.40 git.c2et.com + 192.168.0.40 harbor.c2et.com + 192.168.0.40 wireguard.c2et.com + 192.168.0.40 proxy.c2et.com + 192.168.0.80 backend.apolo.c2et.com + 192.168.0.80 portal.apolo.c2et.com + 192.168.0.80 colossus.apolo.c2et.com + 192.168.0.80 chat.apolo.c2et.com + 192.168.0.80 muc.chat.apolo.c2et.com + 192.168.0.81 streaming.apolo.c2et.com + 192.168.0.81 meeting.apolo.c2et.com + + # === dotnet ) === + 192.168.0.100 repo.c2et.net + 192.168.0.100 git.c2et.net + 192.168.0.100 wireguard.c2et.net + 192.168.0.100 ceph.c2et.net + 192.168.0.100 harbor.c2et.net + 192.168.0.100 grafana.c2et.net + 192.168.0.100 kubevirt.c2et.net + 192.168.0.100 heimdall.c2et.net + 192.168.0.100 argos.panel.c2et.net + 192.168.0.100 vscode.c2et.net fallthrough } diff --git a/coredns/kustomization.yaml b/coredns/kustomization.yaml index a8a7590..c6e7c6a 100644 --- a/coredns/kustomization.yaml +++ b/coredns/kustomization.yaml @@ -8,3 +8,4 @@ resources: - configmap-coredns.yaml - deploy-coredns.yaml - svc-coredns.yaml + - svc-coredns-admin.yaml diff --git a/coredns/svc-coredns-admin.yaml b/coredns/svc-coredns-admin.yaml new file mode 100644 index 0000000..f92e681 --- /dev/null +++ b/coredns/svc-coredns-admin.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: coredns-custom-admin + namespace: coredns +spec: + type: LoadBalancer + loadBalancerIP: 192.168.0.110 + selector: + app: coredns-custom + ports: + - name: dns-udp + port: 53 + targetPort: 53 + protocol: UDP + - name: dns-tcp + port: 53 + targetPort: 53 + protocol: TCP diff --git a/external/configmaps/configmap.yaml b/external/configmaps/configmap.yaml index e73e117..dd2aa47 100644 --- a/external/configmaps/configmap.yaml +++ b/external/configmaps/configmap.yaml @@ -33,3 +33,43 @@ data: proxy_ssl_verify off; } } + + gitdotcom.conf: | + server { + listen 3001; + server_name git.c2et.com; + location / { + proxy_pass https://192.168.0.40; + proxy_ssl_verify off; + } + } + + harbordotcom.conf: | + server { + listen 85; + server_name harbor.c2et.com; + location / { + proxy_pass https://192.168.0.40; + proxy_ssl_verify off; + } + } + + wireguarddotcom.conf: | + server { + listen 51821; + server_name wireguard.c2et.com; + location / { + proxy_pass https://192.168.0.40; + proxy_ssl_verify off; + } + } + + cockpitdotcom.conf: | + server { + listen 9090; + server_name cockpit.c2et.com; + location / { + proxy_pass https://192.168.0.40; + proxy_ssl_verify off; + } + } diff --git a/external/configmaps/configmap.yaml.save b/external/configmaps/configmap.yaml.save new file mode 100644 index 0000000..1c2627c --- /dev/null +++ b/external/configmaps/configmap.yaml.save @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-router-config + namespace: external +data: + router.conf: | + server { + listen 80 default_server; + server_name admin.firewall.c2et.net; + location / { + proxy_pass https://192.168.0.1; + proxy_ssl_verify off; + } + } + + powervault1.conf: | + server { + listen 80; + server_name admin.powervault1.c2et.net; + location / { + proxy_pass https://192.168.0.71; + proxy_ssl_verify off; + } + } + + powervault2.conf: | + server { + listen 80; + server_name admin.powervault2.c2et.net; + location / { + proxy_pass https://192.168.0.74; + proxy_ssl_verify off; + } + } + + diff --git a/external/ingress/cockpitdotcom.yaml b/external/ingress/cockpitdotcom.yaml new file mode 100644 index 0000000..22123ed --- /dev/null +++ b/external/ingress/cockpitdotcom.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: cockpitdotcom-ingress + namespace: external + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - cockpit.c2et.com + secretName: cockpitdotcom-tls + rules: + - host: cockpit.c2et.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: external-router-svc + port: + number: 80 diff --git a/external/ingress/gitdotcom.yaml b/external/ingress/gitdotcom.yaml new file mode 100644 index 0000000..8f0f25f --- /dev/null +++ b/external/ingress/gitdotcom.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: gitdotcom-ingress + namespace: external + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - git.c2et.com + secretName: gitdotcom-tls + rules: + - host: git.c2et.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: external-router-svc + port: + number: 80 diff --git a/external/ingress/harbordotcom.yaml b/external/ingress/harbordotcom.yaml new file mode 100644 index 0000000..e3bb2da --- /dev/null +++ b/external/ingress/harbordotcom.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: harbordotcom-ingress + namespace: external + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - harbor.c2et.com + secretName: harbordotcom-tls + rules: + - host: harbor.c2et.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: external-router-svc + port: + number: 80 diff --git a/external/ingress/wireguarddotcom.yaml b/external/ingress/wireguarddotcom.yaml new file mode 100644 index 0000000..b66a81b --- /dev/null +++ b/external/ingress/wireguarddotcom.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: wireguarddotcom-ingress + namespace: external + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + nginx.ingress.kubernetes.io/ssl-redirect: "true" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - wireguard.c2et.com + secretName: wireguarddotcom-tls + rules: + - host: wireguard.c2et.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: external-router-svc + port: + number: 80 diff --git a/grafana/kps-values.yaml b/grafana/kps-values.yaml new file mode 100644 index 0000000..4cb7a0b --- /dev/null +++ b/grafana/kps-values.yaml @@ -0,0 +1,28 @@ +grafana: + enabled: true + service: + type: ClusterIP + ingress: + enabled: true + ingressClassName: nginx # <- tu IngressClass + hosts: + - grafana.c2et.net + tls: + - secretName: grafana-tls + hosts: + - grafana.c2et.net + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod # o el que uses + adminPassword: "Pozuelo12345" # vacío = autogenera; o pon tu contraseña si quieres + # puedes forzar la password así: + # admin: + # existingSecret: grafana-admin + # userKey: admin-user + # passwordKey: admin-password + +prometheus: + ingress: + enabled: false # <- mantenlo interno (recomendado) +alertmanager: + ingress: + enabled: false # <- interno diff --git a/repo/configmap/repo-sources.yaml b/repo/configmap/repo-sources.yaml new file mode 100644 index 0000000..e682dc6 --- /dev/null +++ b/repo/configmap/repo-sources.yaml @@ -0,0 +1,56 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: repo-sources + namespace: repo +data: + sources.txt: | + repo-oss|http://download.opensuse.org/distribution/leap/15.6/repo/oss/|opensuse/leap/15.6/oss + repo-non-oss|http://download.opensuse.org/distribution/leap/15.6/repo/non-oss/|opensuse/leap/15.6/non-oss + update-oss|http://download.opensuse.org/update/leap/15.6/oss/|opensuse/leap/15.6/update/oss + update-non-oss|http://download.opensuse.org/update/leap/15.6/non-oss/|opensuse/leap/15.6/update/non-oss + update-sle|http://download.opensuse.org/update/leap/15.6/sle/|opensuse/leap/15.6/update/sle + backports|http://download.opensuse.org/update/leap/15.6/backports/|opensuse/leap/15.6/update/backports + openh264|http://codecs.opensuse.org/openh264/openSUSE_Leap/|opensuse/openh264 + nvidia|https://download.nvidia.com/opensuse/leap/15.6/|thirdparty/nvidia/leap/15.6 + k8s-stable|https://pkgs.k8s.io/core:/stable:/v1.33/rpm/|thirdparty/kubernetes/core/stable/v1.33/rpm + + sync.sh: | + set -euo pipefail + + SRC_LIST="/config/sources.txt" + DEST_ROOT="/mirror/repos" + + mkdir -p "$DEST_ROOT" + + command -v rsync >/dev/null 2>&1 || echo "Aviso: rsync no disponible; usaré wget para HTTP/HTTPS" + command -v wget >/dev/null 2>&1 || { echo "ERROR: wget requerido"; exit 1; } + + while IFS='|' read -r NAME URL SUBDIR; do + [[ -z "${NAME:-}" || "${NAME:0:1}" == "#" ]] && continue + + DEST="${DEST_ROOT}/${SUBDIR}" + mkdir -p "$DEST" + + echo "==> Sync ${NAME} (${URL}) -> ${DEST}" + + if [[ "$URL" == rsync://* ]]; then + rsync -aH --delete --partial --info=stats1,progress2 "${URL}" "${DEST}/" + else + TMP="${DEST}.tmp" + mkdir -p "$TMP" + + wget -m -np -nH -e robots=off -P "$TMP" --no-verbose --show-progress "$URL" + + shopt -s dotglob nullglob + SRC_CONTENT=("$TMP"/*) + if [[ ${#SRC_CONTENT[@]} -gt 0 ]]; then + rsync -a --delete "$TMP"/ "$DEST"/ + fi + rm -rf "$TMP" + fi + + chmod -R a+rX "$DEST" + done < "$SRC_LIST" + + echo "Sync completado." diff --git a/repo/cronjobs/repo-sync.yaml b/repo/cronjobs/repo-sync.yaml new file mode 100644 index 0000000..75818d6 --- /dev/null +++ b/repo/cronjobs/repo-sync.yaml @@ -0,0 +1,38 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: repo-sync + namespace: repo +spec: + schedule: "15 2 * * *" + concurrencyPolicy: Forbid + successfulJobsHistoryLimit: 2 + failedJobsHistoryLimit: 2 + jobTemplate: + spec: + template: + spec: + restartPolicy: OnFailure + containers: + - name: sync + image: alpine:latest + command: ["sh","-lc"] + args: + - | + set -e + apk add --no-cache rsync wget bash coreutils + chmod +x /config/sync.sh + /config/sync.sh + volumeMounts: + - name: repo-storage + mountPath: /mirror + - name: repo-config + mountPath: /config + volumes: + - name: repo-storage + persistentVolumeClaim: + claimName: repo-pvc + - name: repo-config + configMap: + name: repo-sources + defaultMode: 0755 diff --git a/repo/deployments/repo-server.yaml b/repo/deployments/repo-server.yaml new file mode 100644 index 0000000..1a6f50f --- /dev/null +++ b/repo/deployments/repo-server.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: repo-server + namespace: repo +spec: + replicas: 1 + selector: + matchLabels: + app: repo-server + template: + metadata: + labels: + app: repo-server + spec: + initContainers: + - name: init-dirs + image: alpine:3.20 + command: ["sh","-lc"] + args: + - | + mkdir -p /share/repos + chmod 755 /share /share/repos + volumeMounts: + - name: repo-storage + mountPath: /share + containers: + - name: httpd + image: httpd:2.4 + ports: + - containerPort: 80 + volumeMounts: + - name: repo-storage + mountPath: /usr/local/apache2/htdocs + subPath: repos + readinessProbe: + httpGet: { path: /, port: 80 } + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: { path: /, port: 80 } + initialDelaySeconds: 15 + periodSeconds: 20 + + - name: samba + image: dperson/samba + args: ["-p", "-s", "repos;/share/repos;yes;no"] + ports: + - containerPort: 445 + securityContext: + runAsUser: 0 + volumeMounts: + - name: repo-storage + mountPath: /share + + volumes: + - name: repo-storage + persistentVolumeClaim: + claimName: repo-pvc diff --git a/repo/ingress/ingress-repo.yaml b/repo/ingress/ingress-repo.yaml new file mode 100644 index 0000000..87be273 --- /dev/null +++ b/repo/ingress/ingress-repo.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: repo + namespace: repo + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + ingressClassName: nginx + tls: + - hosts: [ "repo.c2et.net" ] + secretName: repo-c2et-net-tls + rules: + - host: repo.c2et.net + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: repo-http + port: + number: 80 diff --git a/repo/kustomization.yaml b/repo/kustomization.yaml new file mode 100644 index 0000000..d73cbd0 --- /dev/null +++ b/repo/kustomization.yaml @@ -0,0 +1,26 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: repo + +commonLabels: + app.kubernetes.io/name: repo-mirror + app.kubernetes.io/part-of: suse-repo + +resources: + - namespace.yaml + - pvc.yaml + - configmap/repo-sources.yaml + - deployments/repo-server.yaml + - services/service-http.yaml + - services/service-samba.yaml + - ingress/ingress-repo.yaml + - cronjobs/repo-sync.yaml + +images: + - name: httpd + newTag: "2.4" + - name: alpine + newTag: "latest" + - name: dperson/samba + newTag: "latest" diff --git a/repo/namespace.yaml b/repo/namespace.yaml new file mode 100644 index 0000000..f22e4af --- /dev/null +++ b/repo/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: repo diff --git a/repo/pvc.yaml b/repo/pvc.yaml new file mode 100644 index 0000000..57672db --- /dev/null +++ b/repo/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: repo-pvc + namespace: repo +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 2Ti + storageClassName: sc-me5-site-a diff --git a/repo/readme.md b/repo/readme.md new file mode 100644 index 0000000..6076628 --- /dev/null +++ b/repo/readme.md @@ -0,0 +1,54 @@ +## Cómo usarlo (rápido) + +1. Ajusta **dominio** en el Ingress y (si quieres) IP fija en el Service de Samba. +2. Revisa tamaño de **PVC**. +3. (Opcional) Cambia o amplía la lista en `sources.txt`. Si tienes un mirror con **rsync**, usa `rsync://...` en la URL para más eficiencia. +4. Aplica en orden: + +```bash +kubectl apply -f repo/namespace.yaml +kubectl apply -f repo/pvc.yaml +kubectl apply -f repo/configmap/repo-sources.yaml +kubectl apply -f repo/deployments/repo-server.yaml +kubectl apply -f repo/services/service-http.yaml +kubectl apply -f repo/services/service-samba.yaml # o NodePort +kubectl apply -f repo/ingress/ingress-repo.yaml +kubectl apply -f repo/cronjobs/repo-sync.yaml +``` + +5. Lanza una sync inicial **ad hoc** (sin esperar al cron) creando un Job manual: + +```bash +kubectl create job --from=cronjob/repo-sync repo-sync-now -n repo +kubectl logs -f job/repo-sync-now -n repo +``` + +--- + +## Configuración en los clientes SUSE + +En tus servidores, añade repos apuntando a tu repo interno, por ejemplo: + +```bash +# HTTP (recomendado) +sudo zypper ar -f http://repo.c2et.net/opensuse/leap/15.6/oss repo-oss-local +sudo zypper ar -f http://repo.c2et.net/opensuse/leap/15.6/non-oss repo-non-oss-local +sudo zypper ar -f http://repo.c2et.net/opensuse/leap/15.6/update/oss update-oss-local +sudo zypper ar -f http://repo.c2et.net/opensuse/leap/15.6/update/non-oss update-non-oss-local +sudo zypper ar -f http://repo.c2et.net/opensuse/leap/15.6/update/sle update-sle-local +sudo zypper ar -f http://repo.c2et.net/opensuse/leap/15.6/update/backports update-backports-local +sudo zypper ar -f http://repo.c2et.net/opensuse/openh264 openh264-local + +# Terceros (si los espejas): +sudo zypper ar -f http://repo.c2et.net/thirdparty/nvidia/leap/15.6 nvidia-local +sudo zypper ar -f http://repo.c2et.net/thirdparty/kubernetes/core/stable/v1.33/rpm k8s-stable-local +``` + +> Truco: deja tus repos “externos” deshabilitados (`zypper mr -d `) y activa solo los “-local”. Así fuerzan el uso del mirror interno. + +--- + +## Sugerencias y mejoras + +* **Mejor rsync**: si eliges un mirror con `rsync://`, cambia las URLs de `download.opensuse.org` a ese mirror (ej. `rsync:///opensuse/distribution/leap/15.6/repo/oss/`) para acelerar y reducir ancho de banda (usa `--delete`). +* **Throttle nocturno**: añade `--bwlimit=MB` a `rsync` si tu ventana noc diff --git a/repo/services/service-http.yaml b/repo/services/service-http.yaml new file mode 100644 index 0000000..dec7d95 --- /dev/null +++ b/repo/services/service-http.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: repo-http + namespace: repo +spec: + type: ClusterIP + selector: + app: repo-server + ports: + - name: http + port: 80 + targetPort: 80 + protocol: TCP diff --git a/repo/services/service-samba.yaml b/repo/services/service-samba.yaml new file mode 100644 index 0000000..e00c5f0 --- /dev/null +++ b/repo/services/service-samba.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: repo-samba + namespace: repo +spec: + type: LoadBalancer + loadBalancerIP: 192.168.0.106 + selector: + app: repo-server + ports: + - name: samba + port: 445 + targetPort: 445 + protocol: TCP diff --git a/velero/schedules/daily-gitea-a.yaml b/velero/schedules/daily-gitea-a.yaml new file mode 100644 index 0000000..1bbe3d9 --- /dev/null +++ b/velero/schedules/daily-gitea-a.yaml @@ -0,0 +1,13 @@ +apiVersion: velero.io/v1 +kind: Schedule +metadata: + name: daily-gitea-a + namespace: minio-velero +spec: + schedule: "30 2 * * *" # Diario 02:30 + template: + includedNamespaces: + - gitea + defaultVolumesToFsBackup: true + storageLocation: bsl-incluster-a + ttl: 720h diff --git a/velero/schedules/weekly-full-a.yaml b/velero/schedules/weekly-full-a.yaml new file mode 100644 index 0000000..e87f3dc --- /dev/null +++ b/velero/schedules/weekly-full-a.yaml @@ -0,0 +1,19 @@ +apiVersion: velero.io/v1 +kind: Schedule +metadata: + name: weekly-full-a + namespace: minio-velero +spec: + schedule: "0 3 * * 0" # Domingos 03:00 + template: + includedNamespaces: + - apolo + - argos-core + - gitea + - guacamole + - harbor + - vscode + - wireguard + defaultVolumesToFsBackup: true + storageLocation: bsl-incluster-a + ttl: 720h diff --git a/velero/values-velero.yaml b/velero/values-velero.yaml index fceba1c..d4cd922 100644 --- a/velero/values-velero.yaml +++ b/velero/values-velero.yaml @@ -26,3 +26,22 @@ initContainers: volumeMounts: - name: plugins mountPath: /target + +metrics: + enabled: true + serviceMonitor: + enabled: true + namespace: minio-velero + interval: 30s + additionalLabels: + release: monitoring # <- MUY IMPORTANTE: debe coincidir con tu Prometheus + +nodeAgent: + metrics: + enabled: true + podMonitor: + enabled: true + namespace: minio-velero + interval: 30s + additionalLabels: + release: monitoring # <- igual que arriba