Hane/fukuops
1
0
Fork 0
forked from catalin/fukuops
Code Pull requests Packages 1 Activity

feat: add pulse

Browse source
This commit is contained in:
cătălin 2026-01-28 12:37:28 +01:00
commit aa05c20e2d
No known key found for this signature in database
9 changed files with 195 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

1
k8s/services/argo/project-fuku.yaml
View file

@ -32,3 +32,4 @@ spec:
- registry-1.docker.io/cloudpirates
- https://vmware-tanzu.github.io/helm-charts/
- https://helm.runix.net
- https://rcourtman.github.io/Pulse

105
k8s/services/pulse/ds.yaml Normal file
View file

@ -0,0 +1,105 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pulse-agent
namespace: apps-fuku
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: pulse-agent-read
rules:
- apiGroups: [""]
resources: ["nodes", "pods"]
verbs: ["get", "list", "watch"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: pulse-agent-read
subjects:
- kind: ServiceAccount
name: pulse-agent
namespace: apps-fuku
roleRef:
kind: ClusterRole
name: pulse-agent-read
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: pulse-agent
namespace: apps-fuku
spec:
selector:
matchLabels:
app: pulse-agent
template:
metadata:
labels:
app: pulse-agent
spec:
serviceAccountName: pulse-agent
containers:
- name: pulse-agent
image: rcourtman/pulse:v5.0.17
command: ["/opt/pulse/bin/pulse-agent-linux-amd64"]
args:
- --enable-kubernetes
env:
- name: PULSE_URL
value: "https://pulse.fukurokuju.dev"
- name: PULSE_TOKEN
valueFrom:
secretKeyRef:
name: pulse-agent-secrets
key: PULSE_TOKEN
- name: PULSE_AGENT_ID
value: "k8s-cluster"
- name: PULSE_ENABLE_HOST
value: "true"
- name: HOST_PROC
value: "/host/proc"
- name: HOST_SYS
value: "/host/sys"
- name: HOST_ETC
value: "/host/etc"
- name: PULSE_KUBE_INCLUDE_ALL_PODS
value: "true"
- name: PULSE_KUBE_INCLUDE_ALL_DEPLOYMENTS
value: "true"
securityContext:
privileged: true
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
memory: 512Mi
volumeMounts:
- name: host-proc
mountPath: /host/proc
readOnly: true
- name: host-sys
mountPath: /host/sys
readOnly: true
- name: host-root
mountPath: /host/root
readOnly: true
volumes:
- name: host-proc
hostPath:
path: /proc
- name: host-sys
hostPath:
path: /sys
- name: host-root
hostPath:
path: /
tolerations:
- operator: Exists

17
k8s/services/pulse/sealedsecrets.yaml Normal file
View file

@ -0,0 +1,17 @@
# yamllint disable rule:line-length
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: pulse-agent-secrets
namespace: apps-fuku
spec:
encryptedData:
PULSE_TOKEN: AgBBxrJ80IpJ0RvYKQuN6p3G8vIdSL9nESO9OTAR0NiMjSGZNbNEELKE/a1f2ixQUSsNc/k31c+7GlAi+8PmNC4c7rmRJTe+z3uO/BNNLYeTi7DsEk9/oJZTWn7iOcLogiZJQKxbGozCp/S8zrWisH67N2ZHmzz5UEJAzq57+fBEyAk22/WR0QMfW3oOYHGZFNR5AdAxrdfyRwTvSEOz4R2YlrQKRtOFVIPG/aEaAn42AGYfrq2cLVEiCygjE+8nZQ62TMmQqMiwiCjk5do9uRhhiRimuD78FrNnFU5dSwe/11ji5sSrEPjszPB8O0TBbsCssxfz48cKRm/6IdI9B5pKHYob68Ed8u5UgpRU/ZhUWJLyXuZF/Tgw+WcIsVkQXb3eqQTARBeZueugnA23lnzxh5gjR17wjPw7ePYaLiUWTYikOK5HvgpJyiuB0ev2cjGSqYeeAAn5ewCGM/NODXUAlFdC+N9S7ft1+chJrHoaXgHy8J9LWm/maKW99+yT08a68RvGGoZtFPZNlFjzurNF6EY9SLUFf0RLzShkyq6uuOzLm8gENyDIQ+Ru7wWEwyEcUz4ceAR5I78k0gCIDR1o4Ti22asdbRjMptZdOTbep+PWmu2K1oUvxXtXwgKkn8pvTkJpcdejqehnYPWfRAI3Guxi7LQDf++yShKS1NdXMdjhtFoNLa03xHM/G94sF3/mnJwivNhur1V7iC1yCY5NlruPr4KCd5AgOnKqoreRRvRbCVlFO1mtP6XV4sjqEIhmZyXWFJ76bwAC+hxSlFzL
template:
metadata:
creationTimestamp: null
name: pulse-agent-secrets
namespace: apps-fuku
type: Opaque