init

1.Cluster/README.md

@@ -0,0 +1,17 @@
+# Подготовка
+
+* Необходимо 3 ноды (с докером) с белыми адресами и балансер.
+* Так же нужно подготовить субдомен для балансера и алиасы на него для
+	* argo
+	* keygloack
+	* id
+
+## Управление
+
+управлять будем с [линзы](https://k8slens.dev)
+
+## Разворачиваем тестовый кластер
+
+1. rke up
+2. install cert-manager
+3. install longhorn with 2 replicas in storageClass

1.Cluster/cert-issuer.yaml

@@ -0,0 +1,21 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: orc-letsencrypt-issuer
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-v02.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: vasyakrg@gmail.com
+    # Name of a secret used to store the ACME account private key from step 3
+    privateKeySecretRef:
+      name: orc-letsencrypt-private-key
+    # Enable the HTTP-01 challenge provider
+    solvers:
+    # An empty selector will 'match' all Certificate resources that
+    # reference this Issuer.
+    - selector: {}
+      http01:
+        ingress:
+          class: nginx

1.Cluster/cluster.yml

@@ -0,0 +1,59 @@
+cluster_name: k8s-test
+kubernetes_version: v1.23.14-rancher1-1
+
+ignore_docker_version: true
+
+nodes:
+  - address: 65.109.190.72
+    hostname_override: node1
+    user: root
+    labels:
+      worker: yes
+      ingress: yes
+      location: nsk
+    role: [controlplane, worker, etcd]
+  - address: 65.109.190.74
+    hostname_override: node2
+    user: root
+    labels:
+      worker: yes
+      ingress: yes
+      location: nsk
+    role: [controlplane, worker, etcd]
+  - address: 135.181.206.109
+    hostname_override: node3
+    user: root
+    labels:
+      worker: yes
+      ingress: yes
+      location: nsk
+    role: [controlplane, worker, etcd]
+
+services:
+  etcd:
+    snapshot: true
+    creation: 6h
+    retention: 30h
+  kube-controller:
+    extra_args:
+      terminated-pod-gc-threshold: 100
+
+authentication:
+  strategy: x509
+  sans:
+    - "rke.xxx-net.ru"
+
+ingress:
+  provider: nginx
+  node_selector:
+    ingress: yes
+  tolerations:
+    - key: node-role.kubernetes.io/controlplane
+      operator: Exists
+      effect: NoSchedule
+    - key: node-role.kubernetes.io/etcd
+      operator: Exists
+      effect: NoExecute
+  extra_args:
+    http-port: 80
+    https-port: 443