diff --git a/REVIEW-replace-minio-with-versitygw.md b/REVIEW-replace-minio-with-versitygw.md new file mode 100644 index 00000000..283299e8 --- /dev/null +++ b/REVIEW-replace-minio-with-versitygw.md @@ -0,0 +1,98 @@ +# Review: replace-minio-with-versitygw branch + +## Summary + +This branch replaces Minio with [VersityGW](https://github.com/versity/versitygw) as the S3-compatible object store backing the container image registry in ystack's k3s/k3d provisioning. + +Three commits implement the change: + +1. **7fe2cfa** - Add versitygw kustomize bases and registry overlay +2. **fcbb591** - Switch bucket-create job from aws-cli to minio/mc (smaller image) +3. **12ff78f** - Update Dockerfile, entrypoint.sh, buildkit, and docker-compose to reference versitygw + +## Architecture + +VersityGW replaces Minio while preserving the same S3 API contract: + +``` +registry (docker-v2) --S3--> blobs-versitygw:80 --> versitygw:7070 --> PVC (posix /data) +``` + +- **Image**: `versity/versitygw:latest` (currently v1.2.0) +- **Backend**: POSIX filesystem on a 10Gi PVC +- **Port**: 7070 internally, exposed as port 80 via `blobs-versitygw` service +- **Credentials**: Reuses the existing `minio` secret name for backward compatibility + +## Validation Results + +### Provisioning test (bin/y-cluster-provision-k3d) + +| Step | Result | +|------|--------| +| k3d cluster create | PASS | +| 00-ystack-namespace apply | PASS | +| 10-versitygw apply | PASS | +| 20-builds-registry-versitygw apply | PASS (after image tag fix) | +| 21-prod-registry apply | PASS | +| 40-buildkit apply | PASS | +| versitygw pod ready | PASS | +| bucket-create job complete | PASS | +| registry pod ready | PASS | + +### Blob persistence test + +| Step | Result | +|------|--------| +| Upload test blobs to versitygw | PASS | +| `mc ls --recursive` shows 2 files | PASS | +| `kubectl rollout restart deployment/versitygw` | PASS | +| New pod starts (different pod name confirms restart) | PASS | +| Blobs verified present after restart via `mc ls` | PASS | +| Blob content verified via `mc cat` | PASS | + +Blobs survive versitygw restart because the PVC persists across pod replacements. + +## Issues Found + +### Bug: Invalid minio/mc image tag + +**File**: `registry/generic,versitygw/bucket-create-ystack-builds.yaml:10` + +The image tag `minio/mc:RELEASE.2025-02-08T13-51-10Z` does not exist on Docker Hub. +The closest available tag is `RELEASE.2025-02-08T19-14-21Z`. + +This causes `ImagePullBackOff` during provisioning, preventing the bucket from being created and leaving the registry in a 503 state until manually fixed. + +**Fixed in this review commit.** + +### Observations + +1. **`versity/versitygw:latest` tag** - Using `:latest` without a digest makes builds non-reproducible. The running version at test time was v1.2.0. Consider pinning to a specific tag (e.g. `versity/versitygw:v1.2.0`) or adding a digest. + +2. **Deprecated kustomize fields** - Multiple kustomization.yaml files use `bases:` and `patchesStrategicMerge:` which emit deprecation warnings. These should use `resources:` and `patches:` respectively. This is pre-existing across the codebase, not introduced by this branch. + +3. **Secret naming** - The secret is still named `minio` despite no longer using Minio. This works for backward compatibility but could be confusing. A rename would require coordinating across versitygw deployment, registry deployment, and bucket-create job. + +4. **Race condition: registry vs bucket-create** - The registry returns 503 until the bucket exists. The bucket-create job sleeps 30s then creates the bucket. During provisioning this means the registry is unhealthy for ~30-40 seconds. The old minio config had the same pattern. This is acceptable for provisioning but worth noting. + +5. **buildkit base references versitygw** - `k3s/40-buildkit/kustomization.yaml` bases on `versitygw/standalone,defaultsecret`, creating a second reference to the same versitygw deployment. Kustomize deduplicates this (`unchanged` in apply output), but the dependency is implicit. + +6. **No resource requests/limits** on versitygw deployment - The pod runs without CPU/memory requests or limits. + +## New utility: bin/y-cluster-blobs-ls + +A utility script was created to recursively list blob store contents: + +```bash +# List all buckets +y-cluster-blobs-ls --context=local + +# List contents of a specific bucket recursively +y-cluster-blobs-ls --context=local ystack-builds-registry +``` + +The script follows ystack conventions: requires `--context=local` as the first argument (only "local" is accepted), and passes it through to kubectl. It reads S3 credentials from the `minio` secret and runs a temporary `minio/mc` pod in the cluster. + +## Verdict + +The migration is functionally correct after the image tag fix. VersityGW works as a drop-in S3-compatible replacement for Minio with the POSIX backend providing simple, PVC-backed persistence. The main blocker was the invalid minio/mc image tag which has been corrected. diff --git a/bin/y-bin.optional.yaml b/bin/y-bin.optional.yaml index 3eea5482..c3460ebc 100755 --- a/bin/y-bin.optional.yaml +++ b/bin/y-bin.optional.yaml @@ -4,6 +4,16 @@ # - version must be the first key per binary name # - comments must be separate lines, not after values +k8s-ingress-hosts: + version: 0.4.0 + templates: + download: https://github.com/solsson/k8s-ingress-hosts/releases/download/v${version}/k8s-ingress-hosts_${version}_${os}_${arch} + sha256: + darwin_amd64: 9c490e39f6fcd0e9e7cee06dd86efdda3b8de44ac75d4d5dca03e3d3aedf8dcf + darwin_arm64: b11e5ee309d20e26ab48c12cb21799fc54f3dbda283eaedc91f0f16d274f28e4 + linux_amd64: 05a43b1342446f855e1394794bab33a6016487dc8f5637809c0363d92d715bef + linux_arm64: d1306dca94e3bd67aed14ff1a0715d7c48386f90e54cc272b23e526ada8de283 + k3d: version: 5.8.3 templates: diff --git a/bin/y-cluster-blobs-ls b/bin/y-cluster-blobs-ls new file mode 100755 index 00000000..ce987710 --- /dev/null +++ b/bin/y-cluster-blobs-ls @@ -0,0 +1,49 @@ +#!/usr/bin/env bash +[ -z "$DEBUG" ] || set -x +set -eo pipefail + +ctx=$1 +case $ctx in + "--context=local") shift 1 ;; + "--context="*) echo "Only --context=local is supported" && exit 1 ;; + *) echo "Initial arg must be --context=local" && exit 1 ;; +esac + +[ -z "$NAMESPACE" ] && NAMESPACE=ystack +[ -z "$BLOBS_SERVICE" ] && BLOBS_SERVICE=blobs-versitygw +[ -z "$MC_IMAGE" ] && MC_IMAGE=minio/mc:RELEASE.2025-08-13T08-35-41Z + +BUCKET="${1:-}" + +ACCESS_KEY=$(kubectl $ctx -n $NAMESPACE get secret minio -o jsonpath='{.data.accesskey}' | base64 -d) +SECRET_KEY=$(kubectl $ctx -n $NAMESPACE get secret minio -o jsonpath='{.data.secretkey}' | base64 -d) + +POD_NAME="y-blobs-ls-$(date +%s)" + +if [ -z "$BUCKET" ]; then + echo "Usage: y-cluster-blobs-ls --context=local [bucket-name]" + echo "Without a bucket name, lists all buckets:" + echo "" + kubectl $ctx -n $NAMESPACE run --rm -i $POD_NAME \ + --image=$MC_IMAGE \ + --restart=Never \ + --env="ACCESS_KEY=$ACCESS_KEY" \ + --env="SECRET_KEY=$SECRET_KEY" \ + --env="BLOBS_SERVICE=$BLOBS_SERVICE" \ + --command -- /bin/sh -c ' + mc alias set s3 http://$BLOBS_SERVICE $ACCESS_KEY $SECRET_KEY >/dev/null 2>&1 + mc ls s3/ + ' +else + kubectl $ctx -n $NAMESPACE run --rm -i $POD_NAME \ + --image=$MC_IMAGE \ + --restart=Never \ + --env="ACCESS_KEY=$ACCESS_KEY" \ + --env="SECRET_KEY=$SECRET_KEY" \ + --env="BLOBS_SERVICE=$BLOBS_SERVICE" \ + --env="BUCKET=$BUCKET" \ + --command -- /bin/sh -c ' + mc alias set s3 http://$BLOBS_SERVICE $ACCESS_KEY $SECRET_KEY >/dev/null 2>&1 + mc ls --recursive s3/$BUCKET + ' +fi diff --git a/bin/y-cluster-provision-k3d b/bin/y-cluster-provision-k3d index dd912a72..f06e404b 100755 --- a/bin/y-cluster-provision-k3d +++ b/bin/y-cluster-provision-k3d @@ -35,8 +35,8 @@ kubectl config rename-context k3d-ystack $CONTEXTNAME # This list of bases also exists in ../k3s/docker-ystack-proxy/Dockerfile, and in y-cluster-provision-multipass for base in \ 00-ystack-namespace \ - 10-minio \ - 20-builds-registry \ + 10-versitygw \ + 20-builds-registry-versitygw \ 21-prod-registry \ 40-buildkit; do \ basepath="$YSTACK_HOME/k3s/$base/" diff --git a/bin/y-cluster-provision-k3s-multipass b/bin/y-cluster-provision-k3s-multipass index aa979ae5..077184aa 100755 --- a/bin/y-cluster-provision-k3s-multipass +++ b/bin/y-cluster-provision-k3s-multipass @@ -14,8 +14,8 @@ then echo "Y-stack appears to be running already" && exit fi -# "jammy 22.04.." is currently the version our nodes run. Remove "jammy" to get the latest LTS -multipass launch jammy -n "$VM_NAME" $VM_RESOURCES +# "noble 24.04.." is currently the version our nodes run +multipass launch noble -n "$VM_NAME" $VM_RESOURCES # https://medium.com/@mattiaperi/kubernetes-cluster-with-k3s-and-multipass-7532361affa3 K3S_NODEIP_MASTER="$(multipass info $VM_NAME | grep "IPv4" | awk -F' ' '{print $2}')" @@ -42,6 +42,7 @@ KUBECONFIG="$KUBECONFIG.tmp" y-cluster-assert-install --context=$CONTEXTNAME # This list of bases also exists in ../k3s/docker-ystack-proxy/Dockerfile for base in \ 00-ystack-namespace \ + 05-gateway-api \ 10-minio \ 20-builds-registry \ 21-prod-registry \ diff --git a/bin/y-k3s-install b/bin/y-k3s-install index a28d6541..60685be0 100755 --- a/bin/y-k3s-install +++ b/bin/y-k3s-install @@ -10,8 +10,8 @@ export K3S_NODE_NAME=ystack-master # For kubectl top to work with metrics-server, https://github.com/rancher/k3s/issues/252#issuecomment-482662774 export INSTALL_K3S_EXEC="--kubelet-arg=address=0.0.0.0 ${INSTALL_K3S_EXEC}" -INSTALLER_REVISION=bd04941a294793ec92e8703d5e5da14107902e88 -export INSTALL_K3S_VERSION=v1.30.5+k3s1 +INSTALLER_REVISION=3552cfc26032474faad53ee617fde32ac0c1a222 +export INSTALL_K3S_VERSION=v1.33.8+k3s1 curl -sfL https://github.com/k3s-io/k3s/raw/$INSTALLER_REVISION/install.sh | sh - service k3s start diff --git a/bin/y-k8s-ingress-hosts b/bin/y-k8s-ingress-hosts new file mode 100755 index 00000000..94208c5a --- /dev/null +++ b/bin/y-k8s-ingress-hosts @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +[ -z "$DEBUG" ] || set -x +set -eo pipefail +YBIN="$(dirname $0)" + +[ -z "$KUBECONFIG" ] && echo "This script requires a KUBECONFIG" && exit 1 + +version=$(y-bin-download $YBIN/y-bin.optional.yaml k8s-ingress-hosts) + +[ $(id -u) -ne 0 ] && exec sudo -E $YBIN/y-k8s-ingress-hosts-v${version}-bin -kubeconfig "$KUBECONFIG" "$@" + +$YBIN/y-k8s-ingress-hosts-v${version}-bin -kubeconfig "$KUBECONFIG" "$@" || exit $? diff --git a/bin/y-kubefwd b/bin/y-kubefwd index bf8df92b..535f7c1d 100755 --- a/bin/y-kubefwd +++ b/bin/y-kubefwd @@ -13,6 +13,15 @@ esac version=$(y-bin-download $YBIN/y-bin.optional.yaml kubefwd) +# Fail early if there's already a kubefwd process running +# corrupt /etc/hosts and cause DNS resolution failures +if [ $(id -u) -ne 0 ] && pgrep -f "y-kubefwd-v.*-bin" >/dev/null 2>&1; then + echo "ERROR: An existing kubefwd process is already running:" + pgrep -la "y-kubefwd-v.*-bin" + echo "Kill it first: sudo pkill -f 'y-kubefwd-v.*-bin'" + exit 1 +fi + [ $(id -u) -eq 0 ] || kubectl $ctx get pods >/dev/null [ $(id -u) -ne 0 ] && echo "su privileges required for kubefwd" && exec sudo -E $0 $ctx "$@" diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 57c35c33..693b031e 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -102,7 +102,7 @@ services: kubectl get nodes echo "Our ystack-proxy image should install ystack essentials ..." - kubectl-waitretry --for=condition=Ready -n ystack pod -l app=minio + kubectl-waitretry --for=condition=Available -n ystack deployment versitygw kubectl-waitretry --for=condition=Ready -n ystack pod -l ystack-builds-registry=http kubectl-waitretry --for=condition=Ready -n ystack pod -l app=buildkitd curl -f --retry 5 http://builds-registry.ystack.svc.cluster.local/v2/ diff --git a/k3s/05-gateway-api/kustomization.yaml b/k3s/05-gateway-api/kustomization.yaml new file mode 100644 index 00000000..3110cf44 --- /dev/null +++ b/k3s/05-gateway-api/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.2.1 +- traefik-gateway-provider.yaml diff --git a/k3s/05-gateway-api/traefik-gateway-provider.yaml b/k3s/05-gateway-api/traefik-gateway-provider.yaml new file mode 100644 index 00000000..c14c49ea --- /dev/null +++ b/k3s/05-gateway-api/traefik-gateway-provider.yaml @@ -0,0 +1,10 @@ +apiVersion: helm.cattle.io/v1 +kind: HelmChartConfig +metadata: + name: traefik + namespace: kube-system +spec: + valuesContent: |- + providers: + kubernetesGateway: + enabled: true diff --git a/k3s/10-versitygw/kustomization.yaml b/k3s/10-versitygw/kustomization.yaml new file mode 100644 index 00000000..059ac73d --- /dev/null +++ b/k3s/10-versitygw/kustomization.yaml @@ -0,0 +1,3 @@ +namespace: ystack +bases: +- ../../versitygw/standalone,defaultsecret diff --git a/k3s/20-builds-registry-versitygw/builds-registry-magic-numbers.yaml b/k3s/20-builds-registry-versitygw/builds-registry-magic-numbers.yaml new file mode 100644 index 00000000..4cbb91b5 --- /dev/null +++ b/k3s/20-builds-registry-versitygw/builds-registry-magic-numbers.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Service +metadata: + name: builds-registry +spec: + type: NodePort + clusterIP: 10.43.0.50 diff --git a/k3s/20-builds-registry-versitygw/builds-registry-replicas-1.yaml b/k3s/20-builds-registry-versitygw/builds-registry-replicas-1.yaml new file mode 100644 index 00000000..21ec56b7 --- /dev/null +++ b/k3s/20-builds-registry-versitygw/builds-registry-replicas-1.yaml @@ -0,0 +1,6 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: registry +spec: + replicas: 1 diff --git a/k3s/20-builds-registry-versitygw/kustomization.yaml b/k3s/20-builds-registry-versitygw/kustomization.yaml new file mode 100644 index 00000000..d7ffb6e9 --- /dev/null +++ b/k3s/20-builds-registry-versitygw/kustomization.yaml @@ -0,0 +1,7 @@ +namespace: ystack +bases: +- ../../registry/builds-service +- ../../registry/generic,versitygw +patchesStrategicMerge: +- builds-registry-magic-numbers.yaml +- builds-registry-replicas-1.yaml diff --git a/k3s/40-buildkit/kustomization.yaml b/k3s/40-buildkit/kustomization.yaml index 5d13bf1b..1ca3b044 100644 --- a/k3s/40-buildkit/kustomization.yaml +++ b/k3s/40-buildkit/kustomization.yaml @@ -1,7 +1,7 @@ namespace: ystack bases: - ../../buildkit -- ../../minio/standalone,defaultsecret +- ../../versitygw/standalone,defaultsecret resources: - buildkitd-nodeport-service.yaml patchesStrategicMerge: diff --git a/k3s/docker-ystack-proxy/Dockerfile b/k3s/docker-ystack-proxy/Dockerfile index 302835d6..3383cb55 100644 --- a/k3s/docker-ystack-proxy/Dockerfile +++ b/k3s/docker-ystack-proxy/Dockerfile @@ -10,8 +10,8 @@ RUN set -ex; \ mkdir -p /var/lib/rancher/k3s/server/manifests; \ for base in \ 00-ystack-namespace \ - 10-minio \ - 20-builds-registry \ + 10-versitygw \ + 20-builds-registry-versitygw \ 21-prod-registry \ 30-y-assert-support \ 40-buildkit; do \ diff --git a/k3s/docker-ystack-proxy/entrypoint.sh b/k3s/docker-ystack-proxy/entrypoint.sh index 459952be..f8d93aac 100755 --- a/k3s/docker-ystack-proxy/entrypoint.sh +++ b/k3s/docker-ystack-proxy/entrypoint.sh @@ -11,10 +11,10 @@ set -e cat /admin/.kube/kubeconfig.yaml | sed 's|127.0.0.1|master1|' > ~/.kube/config kubectl-waitretry --for=condition=Ready node --all -# Might speed up provision, due to the dependency minio -> registry -> builds, but should't be necessary +# Might speed up provision, due to the dependency versitygw -> registry -> builds, but shouldn't be necessary kubectl apply -f /var/lib/rancher/k3s/server/manifests/ystack-00-ystack-namespace.yaml -kubectl apply -f /var/lib/rancher/k3s/server/manifests/ystack-10-minio.yaml -kubectl-waitretry -n ystack --for=condition=Ready pod minio-0 +kubectl apply -f /var/lib/rancher/k3s/server/manifests/ystack-10-versitygw.yaml +kubectl-waitretry -n ystack --for=condition=Available deployment versitygw kubectl apply -f /var/lib/rancher/k3s/server/manifests/ diff --git a/registry/generic,versitygw/bucket-create-ystack-builds.yaml b/registry/generic,versitygw/bucket-create-ystack-builds.yaml new file mode 100644 index 00000000..0359d160 --- /dev/null +++ b/registry/generic,versitygw/bucket-create-ystack-builds.yaml @@ -0,0 +1,35 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: bucket-create-ystack-builds +spec: + template: + spec: + containers: + - name: mc + image: minio/mc:RELEASE.2025-08-13T08-35-41Z + env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: minio + key: accesskey + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: minio + key: secretkey + - name: BUCKET_NAME + value: ystack-builds-registry + - name: S3_ENDPOINT + value: http://blobs-versitygw + command: + - sh + - -ce + - | + until mc alias set s3 $S3_ENDPOINT $AWS_ACCESS_KEY_ID $AWS_SECRET_ACCESS_KEY 2>/dev/null; do + sleep 2 + done + mc mb --ignore-existing s3/$BUCKET_NAME + restartPolicy: Never + backoffLimit: 10 diff --git a/registry/generic,versitygw/deployment.yaml b/registry/generic,versitygw/deployment.yaml new file mode 100644 index 00000000..cda1455b --- /dev/null +++ b/registry/generic,versitygw/deployment.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: registry +spec: + template: + spec: + containers: + - name: docker-v2 + env: + - name: REGISTRY_STORAGE + value: s3 + - name: REGISTRY_STORAGE_S3_ACCESSKEY + valueFrom: + secretKeyRef: + name: minio + key: accesskey + - name: REGISTRY_STORAGE_S3_SECRETKEY + valueFrom: + secretKeyRef: + name: minio + key: secretkey + - name: REGISTRY_STORAGE_S3_REGIONENDPOINT + value: http://blobs-versitygw.ystack.svc.cluster.local + - name: REGISTRY_STORAGE_S3_REGION + value: us-east-1 + - name: REGISTRY_STORAGE_S3_BUCKET + value: ystack-builds-registry + - name: REGISTRY_STORAGE_REDIRECT_DISABLE + value: "true" diff --git a/registry/generic,versitygw/kustomization.yaml b/registry/generic,versitygw/kustomization.yaml new file mode 100644 index 00000000..7a5ace39 --- /dev/null +++ b/registry/generic,versitygw/kustomization.yaml @@ -0,0 +1,7 @@ +bases: +- ../../versitygw/defaultsecret +- ../generic +resources: +- bucket-create-ystack-builds.yaml +patchesStrategicMerge: +- deployment.yaml diff --git a/versitygw/common/blobs-versitygw-service.yaml b/versitygw/common/blobs-versitygw-service.yaml new file mode 100644 index 00000000..71e6468f --- /dev/null +++ b/versitygw/common/blobs-versitygw-service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: blobs-versitygw + labels: + app: versitygw +spec: + selector: + app: versitygw + ports: + - name: http + port: 80 + targetPort: 7070 diff --git a/versitygw/common/kustomization.yaml b/versitygw/common/kustomization.yaml new file mode 100644 index 00000000..b1433941 --- /dev/null +++ b/versitygw/common/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- blobs-versitygw-service.yaml diff --git a/versitygw/defaultsecret/kustomization.yaml b/versitygw/defaultsecret/kustomization.yaml new file mode 100644 index 00000000..114baaaa --- /dev/null +++ b/versitygw/defaultsecret/kustomization.yaml @@ -0,0 +1,7 @@ +generatorOptions: + disableNameSuffixHash: true +secretGenerator: +- name: minio + literals: + - accesskey=YstackEXAMPLEKEY + - secretkey=github.com/Yolean/ystack-EXAMPLE diff --git a/versitygw/standalone,defaultsecret/kustomization.yaml b/versitygw/standalone,defaultsecret/kustomization.yaml new file mode 100644 index 00000000..49e1b2ea --- /dev/null +++ b/versitygw/standalone,defaultsecret/kustomization.yaml @@ -0,0 +1,3 @@ +bases: +- ../defaultsecret +- ../standalone diff --git a/versitygw/standalone/deployment.yaml b/versitygw/standalone/deployment.yaml new file mode 100644 index 00000000..81027300 --- /dev/null +++ b/versitygw/standalone/deployment.yaml @@ -0,0 +1,48 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: versitygw + labels: + app: versitygw +spec: + replicas: 1 + selector: + matchLabels: + app: versitygw + template: + metadata: + labels: + app: versitygw + spec: + containers: + - name: versitygw + image: versity/versitygw:latest + args: + - posix + - /data + env: + - name: ROOT_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: minio + key: accesskey + - name: ROOT_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: minio + key: secretkey + ports: + - containerPort: 7070 + name: s3 + volumeMounts: + - name: data + mountPath: /data + readinessProbe: + tcpSocket: + port: 7070 + initialDelaySeconds: 5 + periodSeconds: 10 + volumes: + - name: data + persistentVolumeClaim: + claimName: versitygw-data diff --git a/versitygw/standalone/kustomization.yaml b/versitygw/standalone/kustomization.yaml new file mode 100644 index 00000000..2ca2b092 --- /dev/null +++ b/versitygw/standalone/kustomization.yaml @@ -0,0 +1,5 @@ +bases: +- ../common +resources: +- deployment.yaml +- pvc.yaml diff --git a/versitygw/standalone/pvc.yaml b/versitygw/standalone/pvc.yaml new file mode 100644 index 00000000..f409b54b --- /dev/null +++ b/versitygw/standalone/pvc.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: versitygw-data +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi