commit 1409f1529894ccb316988a304f1beffe321d611b Author: Ryan Cuda Date: Fri Apr 17 16:59:01 2026 -0700 first commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/db-deployment.yaml b/db-deployment.yaml new file mode 100644 index 0000000..08370b6 --- /dev/null +++ b/db-deployment.yaml @@ -0,0 +1,84 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + deployment.kubernetes.io/revision: "8" + creationTimestamp: "2026-04-17T04:01:45Z" + generation: 12 + name: phpipam-db + namespace: phpipam + resourceVersion: "13922393" + uid: ec94fe25-2662-43eb-8278-a4179aed3f62 +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: phpipam-db + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: phpipam-db + spec: + containers: + - env: + - name: MYSQL_ROOT_PASSWORD + value: phpipampassword + - name: MYSQL_DATABASE + value: phpipam + - name: MYSQL_USER + value: phpipam + - name: MYSQL_PASSWORD + value: phpipampassword + - name: MYSQL_ALLOW_EMPTY_PASSWORD + value: "yes" + - name: MYSQL_INITDB_SKIP_GRANT_TABLES + value: "1" + - name: MARIADB_INITDB_SKIP_GRANT_TABLES + value: "1" + image: registry.redhat.io/rhel9/mariadb-1011:latest + imagePullPolicy: Always + name: mariadb + ports: + - containerPort: 3306 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/mysql/data + name: db-storage + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: db-storage + persistentVolumeClaim: + claimName: mysql-data-pvc +status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2026-04-17T16:35:20Z" + lastUpdateTime: "2026-04-17T16:35:20Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2026-04-17T04:01:45Z" + lastUpdateTime: "2026-04-17T16:37:13Z" + message: ReplicaSet "phpipam-db-867888dc85" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 12 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 diff --git a/db-pvc.yaml b/db-pvc.yaml new file mode 100644 index 0000000..dddbb70 --- /dev/null +++ b/db-pvc.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + annotations: + pv.kubernetes.io/bind-completed: "yes" + pv.kubernetes.io/bound-by-controller: "yes" + volume.beta.kubernetes.io/storage-provisioner: openshift-storage.cephfs.csi.ceph.com + volume.kubernetes.io/storage-provisioner: openshift-storage.cephfs.csi.ceph.com + creationTimestamp: "2026-04-17T16:34:49Z" + finalizers: + - kubernetes.io/pvc-protection + name: mysql-data-pvc + namespace: phpipam + resourceVersion: "13918019" + uid: 6c9ad7aa-32ca-4b61-9e6e-b3b3abb56dd7 +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: ocs-storagecluster-cephfs + volumeMode: Filesystem + volumeName: pvc-6c9ad7aa-32ca-4b61-9e6e-b3b3abb56dd7 +status: + accessModes: + - ReadWriteMany + capacity: + storage: 10Gi + phase: Bound diff --git a/db-svc.yaml b/db-svc.yaml new file mode 100644 index 0000000..6a66768 --- /dev/null +++ b/db-svc.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: "2026-04-17T03:56:00Z" + name: phpipam-db + namespace: phpipam + resourceVersion: "12562525" + uid: df9e15ed-94b2-4107-a5e4-7154cb309710 +spec: + clusterIP: 172.30.55.152 + clusterIPs: + - 172.30.55.152 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 3306 + protocol: TCP + targetPort: 3306 + selector: + app: phpipam-db + sessionAffinity: None + type: ClusterIP +status: + loadBalancer: {} diff --git a/namespace.yaml b/namespace.yaml new file mode 100644 index 0000000..c8a2c4e --- /dev/null +++ b/namespace.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: + openshift.io/description: "" + openshift.io/display-name: "" + openshift.io/requester: rcuda + openshift.io/sa.scc.mcs: s0:c34,c14 + openshift.io/sa.scc.supplemental-groups: 1001150000/10000 + openshift.io/sa.scc.uid-range: 1001150000/10000 + security.openshift.io/MinimallySufficientPodSecurityStandard: baseline + creationTimestamp: "2026-04-17T03:53:14Z" + labels: + kubernetes.io/metadata.name: phpipam + openshift-pipelines.tekton.dev/namespace-reconcile-version: 1.21.1 + openshift-pipelines.tekton.dev/namespace-trusted-configmaps-version: 1.21.1 + pod-security.kubernetes.io/audit: baseline + pod-security.kubernetes.io/audit-version: latest + pod-security.kubernetes.io/warn: baseline + pod-security.kubernetes.io/warn-version: latest + name: phpipam + resourceVersion: "12557620" + uid: 346011e1-09ae-43c9-97e5-16e93c5b63a9 +spec: + finalizers: + - kubernetes +status: + phase: Active diff --git a/nginx-deployment.yaml b/nginx-deployment.yaml new file mode 100644 index 0000000..1f8e626 --- /dev/null +++ b/nginx-deployment.yaml @@ -0,0 +1,112 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + deployment.kubernetes.io/revision: "5" + creationTimestamp: "2026-04-17T14:37:38Z" + generation: 9 + name: phpipam-web + namespace: phpipam + resourceVersion: "13888239" + uid: fd050c22-8ed7-4c0b-bf9f-7f199e48ae22 +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: phpipam-web + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: phpipam-web + spec: + containers: + - image: gitea.lab.cudanet.org/cudanet/phpipam/nginx:latest + imagePullPolicy: Always + name: nginx + resources: {} + securityContext: + runAsUser: 1001 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/html + name: phpipam-code + - mountPath: /etc/nginx/nginx.conf + name: nginx-config + subPath: nginx.conf + - mountPath: /etc/nginx/conf.d/phpipam.conf + name: nginx-config + subPath: phpipam.conf + - mountPath: /var/cache/nginx + name: ephemeral-storage + - mountPath: /tmp + name: ephemeral-storage + dnsPolicy: ClusterFirst + initContainers: + - command: + - /bin/sh + - -c + - | + set -ex + echo "Wiping existing locked files to reset CephFS ownership..." + # Deleting the old files is the only way to bypass 'Operation not permitted' + rm -rf /dst/* /dst/.* 2>/dev/null || true + + echo "Copying fresh source code..." + cp -rf /var/www/html/. /dst/ + + # We skip chown entirely because it triggers the CephFS error. + # New files created by UID 1001 are already owned by UID 1001. + image: gitea.lab.cudanet.org/cudanet/phpipam/php-fpm:latest + imagePullPolicy: Always + name: install-code + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /dst + name: phpipam-code + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 0 + runAsUser: 1001 + serviceAccount: phpipam + serviceAccountName: phpipam + terminationGracePeriodSeconds: 30 + volumes: + - name: phpipam-code + persistentVolumeClaim: + claimName: phpipam-code-pvc + - configMap: + defaultMode: 420 + name: nginx-conf + name: nginx-config + - emptyDir: {} + name: ephemeral-storage +status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2026-04-17T16:18:27Z" + lastUpdateTime: "2026-04-17T16:18:27Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2026-04-17T14:37:38Z" + lastUpdateTime: "2026-04-17T16:18:27Z" + message: ReplicaSet "phpipam-web-59cbb776f5" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 9 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 diff --git a/nginx-svc.yaml b/nginx-svc.yaml new file mode 100644 index 0000000..6240d39 --- /dev/null +++ b/nginx-svc.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: "2026-04-17T04:15:07Z" + name: phpipam-web + namespace: phpipam + resourceVersion: "12597167" + uid: 67fad34a-1f09-4e0d-b701-6f257731b9fe +spec: + clusterIP: 172.30.244.69 + clusterIPs: + - 172.30.244.69 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: phpipam-web + sessionAffinity: None + type: ClusterIP +status: + loadBalancer: {} diff --git a/php-deployment.yaml b/php-deployment.yaml new file mode 100644 index 0000000..d57fdd2 --- /dev/null +++ b/php-deployment.yaml @@ -0,0 +1,72 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + deployment.kubernetes.io/revision: "3" + creationTimestamp: "2026-04-17T04:06:38Z" + generation: 6 + name: phpipam-app + namespace: phpipam + resourceVersion: "14509297" + uid: 923eb54c-0d23-444b-8496-57900c6a7a34 +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: phpipam-app + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + labels: + app: phpipam-app + spec: + containers: + - image: gitea.lab.cudanet.org/cudanet/phpipam/php-fpm:latest + imagePullPolicy: Always + name: php-fpm + resources: {} + securityContext: + runAsUser: 1001 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/html + name: phpipam-code + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 0 + runAsUser: 1001 + serviceAccount: phpipam + serviceAccountName: phpipam + terminationGracePeriodSeconds: 30 + volumes: + - name: phpipam-code + persistentVolumeClaim: + claimName: phpipam-code-pvc +status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2026-04-17T05:11:09Z" + lastUpdateTime: "2026-04-17T16:03:49Z" + message: ReplicaSet "phpipam-app-79cdcb668c" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2026-04-17T22:11:15Z" + lastUpdateTime: "2026-04-17T22:11:15Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 6 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 diff --git a/php-svc.yaml b/php-svc.yaml new file mode 100644 index 0000000..bbdfeab --- /dev/null +++ b/php-svc.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: "2026-04-17T04:06:38Z" + name: phpipam-app-svc + namespace: phpipam + resourceVersion: "12581733" + uid: 4bb0bde0-32e1-4354-ab54-998e3b0640ce +spec: + clusterIP: 172.30.54.18 + clusterIPs: + - 172.30.54.18 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 9000 + protocol: TCP + targetPort: 9000 + selector: + app: phpipam-app + sessionAffinity: None + type: ClusterIP +status: + loadBalancer: {} diff --git a/phpipam-pvc.yaml b/phpipam-pvc.yaml new file mode 100644 index 0000000..9d7f3db --- /dev/null +++ b/phpipam-pvc.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + annotations: + pv.kubernetes.io/bind-completed: "yes" + pv.kubernetes.io/bound-by-controller: "yes" + volume.beta.kubernetes.io/storage-provisioner: openshift-storage.cephfs.csi.ceph.com + volume.kubernetes.io/storage-provisioner: openshift-storage.cephfs.csi.ceph.com + creationTimestamp: "2026-04-17T14:23:36Z" + finalizers: + - kubernetes.io/pvc-protection + name: phpipam-code-pvc + namespace: phpipam + resourceVersion: "13683704" + uid: 650c087b-2558-42b3-841a-7bd20093f8f4 +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: ocs-storagecluster-cephfs + volumeMode: Filesystem + volumeName: pvc-650c087b-2558-42b3-841a-7bd20093f8f4 +status: + accessModes: + - ReadWriteMany + capacity: + storage: 10Gi + phase: Bound diff --git a/route.yaml b/route.yaml new file mode 100644 index 0000000..9641c0a --- /dev/null +++ b/route.yaml @@ -0,0 +1,33 @@ +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + creationTimestamp: "2026-04-17T12:48:26Z" + generation: 1 + labels: + app: phpipam-web + name: phpipam-web + namespace: phpipam + resourceVersion: "13515489" + uid: 0bde3be0-6934-4095-855d-8700afb1c322 +spec: + host: phpipam-web-phpipam.apps.ocp.lab.cudanet.org + port: + targetPort: 8080 + tls: + insecureEdgeTerminationPolicy: Redirect + termination: edge + to: + kind: Service + name: phpipam-web + weight: 100 + wildcardPolicy: None +status: + ingress: + - conditions: + - lastTransitionTime: "2026-04-17T12:48:26Z" + status: "True" + type: Admitted + host: phpipam-web-phpipam.apps.ocp.lab.cudanet.org + routerCanonicalHostname: router-default.apps.ocp.lab.cudanet.org + routerName: default + wildcardPolicy: None