monitoring: disable wait on node-exporter

.gitignore

@@ -0,0 +1 @@
+AGENTS.md

clusters/atlas/applications/kustomization.yaml

@@ -0,0 +1,12 @@
+# clusters/atlas/applications/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../services/crypto
+  - ../../services/gitea
+  - ../../services/jellyfin
+  - ../../services/jitsi
+  - ../../services/monitoring
+  - ../../services/pegasus
+  - ../../services/vault
+  - ../../services/zot

clusters/atlas/flux-system/applications/crypto/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-crypto.yaml
+# clusters/atlas/flux-system/applications/crypto/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/gitea/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-gitea.yaml
+# clusters/atlas/flux-system/applications/gitea/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/jellyfin/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-jellyfin.yaml
+# clusters/atlas/flux-system/applications/jellyfin/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/jitsi/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-jitsi.yaml
+# clusters/atlas/flux-system/applications/jitsi/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/kustomization.yaml

@@ -0,0 +1,15 @@
+# clusters/atlas/flux-system/applications/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - zot/kustomization.yaml
+  - gitea/kustomization.yaml
+  - vault/kustomization.yaml
+  - jitsi/kustomization.yaml
+  - crypto/kustomization.yaml
+  - monerod/kustomization.yaml
+  - pegasus/kustomization.yaml
+  - pegasus/image-automation.yaml
+  - jellyfin/kustomization.yaml
+  - xmr-miner/kustomization.yaml
+  - sui-metrics/kustomization.yaml

clusters/atlas/flux-system/applications/monerod/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-monerod.yaml
+# clusters/atlas/flux-system/applications/monerod/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/pegasus/image-automation.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/image-automation-pegasus.yaml
+# clusters/atlas/flux-system/applications/pegasus/image-automation.yaml
 apiVersion: image.toolkit.fluxcd.io/v1beta1
 kind: ImageUpdateAutomation
 metadata:
@@ -11,8 +11,9 @@ spec:
     name: flux-system
   git:
     commit:
-      authorEmail: ops@bstein.dev
+      author:
-      authorName: flux-bot
+        email: ops@bstein.dev
+        name: flux-bot
       messageTemplate: "chore(pegasus): update image to {{range .Updated.Images}}{{.}}{{end}}"
   update:
     strategy: Setters

clusters/atlas/flux-system/applications/pegasus/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-pegasus.yaml
+# clusters/atlas/flux-system/applications/pegasus/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/sui-metrics/kustomization.yaml

@@ -0,0 +1,19 @@
+# clusters/atlas/flux-system/applications/sui-metrics/kustomization.yaml
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: sui-metrics
+  namespace: flux-system
+spec:
+  interval: 10m
+  path: ./services/sui-metrics/overlays/atlas
+  prune: true
+  dependsOn:
+    - name: monitoring
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  wait: true
+  timeout: 5m
+  targetNamespace: sui-metrics

clusters/atlas/flux-system/applications/vault/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-vault.yaml
+# clusters/atlas/flux-system/applications/vault/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/xmr-miner/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-core.yaml
+# clusters/atlas/flux-system/applications/xmr-miner/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/applications/zot/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-zot.yaml
+# clusters/atlas/flux-system/applications/zot/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/gotk-components.yaml

@@ -1,6 +1,6 @@
 ---
 # This manifest was generated by flux. DO NOT EDIT.
-# Flux Version: v2.5.1
+# Flux Version: v2.5.1f reconzaq1=  zaq1= aq1=  1=  w2cile kustomization flux-system --namespace flux-system --with-source
 # Components: source-controller,kustomize-controller,helm-controller,notification-controller
 apiVersion: v1
 kind: Namespace

clusters/atlas/flux-system/gotk-sync.yaml

@@ -8,7 +8,7 @@ metadata:
 spec:
   interval: 1m0s
   ref:
-    branch: main
+    branch: restructure/hybrid-clusters
   secretRef:
     name: flux-system-gitea
   url: ssh://git@scm.bstein.dev:2242/bstein/titan-iac.git
@@ -20,7 +20,7 @@ metadata:
   namespace: flux-system
 spec:
   interval: 10m0s
-  path: ./
+  path: ./clusters/atlas/flux-system
   prune: true
   sourceRef:
     kind: GitRepository

clusters/atlas/flux-system/kustomization.yaml

@@ -0,0 +1,8 @@
+# clusters/atlas/flux-system/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - gotk-components.yaml
+  - gotk-sync.yaml
+  - platform
+  - applications

clusters/atlas/flux-system/platform/core/kustomization.yaml

@@ -0,0 +1,15 @@
+# clusters/atlas/flux-system/platform/core/kustomization.yaml
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: core
+  namespace: flux-system
+spec:
+  interval: 10m
+  path: ./infrastructure/core
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  wait: false

clusters/atlas/flux-system/platform/helm/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-helm.yaml
+# clusters/atlas/flux-system/platform/helm/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/platform/kustomization.yaml

@@ -0,0 +1,9 @@
+# clusters/atlas/flux-system/platform/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - core/kustomization.yaml
+  - helm/kustomization.yaml
+  - traefik/kustomization.yaml
+  - monitoring/kustomization.yaml
+  - longhorn-ui/kustomization.yaml

clusters/atlas/flux-system/platform/longhorn-ui/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-longhorn-ui.yaml
+# clusters/atlas/flux-system/platform/longhorn-ui/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/platform/monitoring/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-monitoring.yaml
+# clusters/atlas/flux-system/platform/monitoring/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/flux-system/platform/traefik/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/flux-system/kustomization-traefik.yaml
+# clusters/atlas/flux-system/platform/traefik/kustomization.yaml
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:

clusters/atlas/platform/kustomization.yaml

@@ -0,0 +1,7 @@
+# clusters/atlas/platform/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../../infrastructure/modules/base
+  - ../../../infrastructure/modules/profiles/atlas-ha
+  - ../../../infrastructure/sources/cert-manager/letsencrypt.yaml

clusters/oceanus/README.md

@@ -0,0 +1,5 @@
+# Oceanus Cluster Scaffold
+
+This directory prepares the Flux and Kustomize layout for a future Oceanus-managed cluster.
+Populate `flux-system/` with `gotk-components.yaml` and related manifests after running `flux bootstrap`.
+Define node-specific resources under `infrastructure/modules/profiles/oceanus-validator/` and reference workloads in `applications/` as they come online.

clusters/oceanus/applications/kustomization.yaml

@@ -0,0 +1,4 @@
+# clusters/oceanus/applications/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: []

clusters/oceanus/flux-system/kustomization.yaml

@@ -0,0 +1,9 @@
+# clusters/oceanus/flux-system/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  # Populate when oceanus cluster is bootstrapped with Flux.
+  # - gotk-components.yaml
+  # - gotk-sync.yaml
+  - ../platform
+  - ../applications

clusters/oceanus/platform/kustomization.yaml

@@ -0,0 +1,6 @@
+# clusters/oceanus/platform/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../infrastructure/modules/base
+  - ../../infrastructure/modules/profiles/oceanus-validator

docs/topology.md

@@ -0,0 +1,16 @@
+# Titan Homelab Topology
+
+| Hostname   | Role / Function                | Managed By          | Notes |
+|------------|--------------------------------|---------------------|-------|
+| titan-0a   | Kubernetes control-plane       | Flux (atlas cluster)| HA leader, tainted for control only |
+| titan-0b   | Kubernetes control-plane       | Flux (atlas cluster)| Standby control node |
+| titan-0c   | Kubernetes control-plane       | Flux (atlas cluster)| Standby control node |
+| titan-04-19| Raspberry Pi workers           | Flux (atlas cluster)| Workload nodes, labelled per hardware |
+| titan-22   | GPU mini-PC (Jellyfin)         | Flux + Ansible      | NVIDIA runtime managed via `modules/profiles/atlas-ha` |
+| titan-24   | Tethys hybrid node             | Flux + Ansible      | Runs SUI metrics via K8s, validator via Ansible |
+| titan-db   | HA control plane database      | Ansible             | PostgreSQL / etcd backing services |
+| titan-jh   | Jumphost & bastion             | Ansible             | Entry point / future KVM services |
+| oceanus    | Dedicated SUI validator host   | Ansible / Flux prep | Baremetal validator workloads, exposes metrics to atlas; Kustomize scaffold under `clusters/oceanus/` |
+| styx       | Air-gapped workstation         | Manual / Scripts    | Remains isolated, scripts tracked in `hosts/styx` |
+
+Use the `clusters/` directory for cluster-scoped state and the `hosts/` directory for baremetal orchestration.

hosts/group_vars/all.yaml

@@ -0,0 +1,2 @@
+# hosts/group_vars/all.yaml
+validator_version: latest

hosts/host_vars/titan-24.yaml

@@ -0,0 +1,2 @@
+# hosts/host_vars/titan-24.yaml
+validator_compose_path: /opt/sui-validator

hosts/inventory/lab.yaml

@@ -0,0 +1,28 @@
+# hosts/inventory/lab.yaml
+# Replace ansible_host and ansible_user values with real connectivity details.
+all:
+  children:
+    atlas:
+      hosts:
+        titan-24:
+          ansible_host: REPLACE_ME
+          ansible_user: ubuntu
+          roleset: tethys_hybrid
+        titan-22:
+          ansible_host: REPLACE_ME
+          ansible_user: debian
+          roleset: minipc_gpu
+    baremetal:
+      hosts:
+        titan-db:
+          ansible_host: REPLACE_ME
+          ansible_user: postgres
+          roleset: database
+        titan-jh:
+          ansible_host: REPLACE_ME
+          ansible_user: jump
+          roleset: jumphost
+        oceanus:
+          ansible_host: REPLACE_ME
+          ansible_user: validator
+          roleset: validator

hosts/playbooks/site.yaml

@@ -0,0 +1,29 @@
+# hosts/playbooks/site.yaml
+---
+- name: Configure titan-db
+  hosts: titan-db
+  gather_facts: true
+  roles:
+    - common
+    - titan_db
+
+- name: Configure titan-jh
+  hosts: titan-jh
+  gather_facts: true
+  roles:
+    - common
+    - titan_jh
+
+- name: Configure oceanus validator host
+  hosts: oceanus
+  gather_facts: true
+  roles:
+    - common
+    - oceanus_base
+
+- name: Prepare hybrid tethys node
+  hosts: titan-24
+  gather_facts: true
+  roles:
+    - common
+    - tethys_canary

hosts/roles/common/tasks/main.yaml

@@ -0,0 +1,9 @@
+# hosts/roles/common/tasks/main.yaml
+---
+- name: Ensure base packages present
+  ansible.builtin.package:
+    name:
+      - curl
+      - vim
+    state: present
+  tags: ['common', 'packages']

hosts/roles/oceanus_base/tasks/main.yaml

@@ -0,0 +1,6 @@
+# hosts/roles/oceanus_base/tasks/main.yaml
+---
+- name: Placeholder for oceanus base configuration
+  ansible.builtin.debug:
+    msg: "Install validator prerequisites and monitoring exporters here."
+  tags: ['oceanus']

hosts/roles/tethys_canary/tasks/main.yaml

@@ -0,0 +1,6 @@
+# hosts/roles/tethys_canary/tasks/main.yaml
+---
+- name: Placeholder for SUI validator container runtime setup
+  ansible.builtin.debug:
+    msg: "Configure container runtime and validator compose stack here."
+  tags: ['tethys', 'validator']

hosts/roles/titan_db/tasks/main.yaml

@@ -0,0 +1,6 @@
+# hosts/roles/titan_db/tasks/main.yaml
+---
+- name: Placeholder for titan-db provisioning
+  ansible.builtin.debug:
+    msg: "Install database packages, configure backups, and manage users here."
+  tags: ['titan_db']

hosts/roles/titan_jh/tasks/main.yaml

@@ -0,0 +1,6 @@
+# hosts/roles/titan_jh/tasks/main.yaml
+---
+- name: Placeholder for jumphost hardening
+  ansible.builtin.debug:
+    msg: "Harden SSH, manage bastion tooling, and configure audit logging here."
+  tags: ['jumphost']

hosts/styx/README.md

@@ -0,0 +1,2 @@
+# hosts/styx/README.md
+Styx is air-gapped; provisioning scripts live under `scripts/`.

infrastructure/core/gpu/profiles/jetson-and-tethys/kustomization.yaml

@@ -1,6 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/jetson-and-tethys/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-jetson
-  - ../../device-plugin-tethys

infrastructure/core/gpu/profiles/jetson-only/kustomization.yaml

@@ -1,5 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/jetson-only/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-jetson

infrastructure/core/gpu/profiles/minipc-and-jeston-and-tethys/kustomization.yaml

@@ -1,7 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/minipc-and-jetson-and-tethys/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-minipc
-  - ../../device-plugin-tethys
-  - ../../device-plugin-jetson

infrastructure/core/gpu/profiles/minipc-and-jetson/kustomization.yaml

@@ -1,6 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/minipc-and-jetson/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-minipc
-  - ../../device-plugin-jetson

infrastructure/core/gpu/profiles/minipc-and-tethys/kustomization.yaml

@@ -1,6 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/minipc-and-tethys/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-minipc
-  - ../../device-plugin-tethys

infrastructure/core/gpu/profiles/minipc-only/kustomization.yaml

@@ -1,5 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/minipc-only/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-minipc

infrastructure/core/gpu/profiles/tethys-only/kustomization.yaml

@@ -1,5 +0,0 @@
-# infrastructure/core/gpu/daemonsets/profiles/tethys-only/kustomization.yaml
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - ../../device-plugin-tethys

infrastructure/core/gpu/runtimeclass/nvidia-runtimeclass.yaml

@@ -1,5 +0,0 @@
-apiVersion: node.k8s.io/v1
-kind: RuntimeClass
-metadata:
-name: nvidia
-handler: nvidia

infrastructure/core/kustomization.yaml

@@ -2,8 +2,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - base
+  - ../modules/base
-  # - gpu/profiles/jetson-only 
+  - ../modules/profiles/atlas-ha
-  # - gpu/profiles/minipc-and-jetson
+  - ../sources/cert-manager/letsencrypt.yaml
-  # - gpu/profiles/minipc-only
-  - gpu/profiles/tethys-only

infrastructure/flux-system/kustomization-core.yaml

@@ -1,22 +0,0 @@
-# infrastructure/flux-system/kustomization-core.yaml
-apiVersion: kustomize.toolkit.fluxcd.io/v1
-kind: Kustomization
-metadata:
-  name: core
-  namespace: flux-system
-spec:
-  interval: 10m
-  path: ./infrastructure/core
-  prune: true
-  sourceRef:
-    kind: GitRepository
-    name: flux-system
-    namespace: flux-system
-  wait: true
-
-  # Only wait for the NVIDIA device-plugin DaemonSet on titan-22
-  healthChecks:
-    - apiVersion: apps/v1
-      kind: DaemonSet
-      name: nvidia-device-plugin-minipc
-      namespace: kube-system

infrastructure/flux-system/kustomization.yaml

@@ -2,19 +2,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- gotk-components.yaml
+  - ../clusters/atlas/flux-system
-- gotk-sync.yaml
-- kustomization-zot.yaml
-- kustomization-core.yaml
-- kustomization-helm.yaml
-- kustomization-gitea.yaml
-- kustomization-vault.yaml
-- kustomization-jitsi.yaml
-- kustomization-crypto.yaml
-- kustomization-traefik.yaml
-- kustomization-monerod.yaml
-- kustomization-pegasus.yaml
-- kustomization-jellyfin.yaml
-- kustomization-xmr-miner.yaml
-- kustomization-monitoring.yaml
-- kustomization-longhorn-ui.yaml

infrastructure/modules/base/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/kustomization.yaml
+# infrastructure/modules/base/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:

infrastructure/modules/base/priorityclass/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/priorityclass/kustomization.yaml
+# infrastructure/modules/base/priorityclass/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:

infrastructure/modules/base/priorityclass/scavenger.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/priorityclass/scavenger.yaml
+# infrastructure/modules/base/priorityclass/scavenger.yaml
 apiVersion: scheduling.k8s.io/v1
 kind: PriorityClass
 metadata:

infrastructure/modules/base/runtimeclass/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/storageclass/kustomization.yaml
+# infrastructure/modules/base/runtimeclass/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:

infrastructure/modules/base/runtimeclass/runtimeclass.yaml

@@ -1,4 +1,4 @@
-# services/jellyfin/runtimeclass.yaml
+# infrastructure/modules/base/runtimeclass/runtimeclass.yaml
 apiVersion: node.k8s.io/v1
 kind: RuntimeClass
 metadata:

infrastructure/modules/base/storageclass/asteria.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/storageclass/asteria.yaml
+# infrastructure/modules/base/storageclass/asteria.yaml
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:

infrastructure/modules/base/storageclass/astreae.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/storageclass/astreae.yaml
+# infrastructure/modules/base/storageclass/astreae.yaml
 apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:

infrastructure/modules/base/storageclass/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/base/storageclass/kustomization.yaml
+# infrastructure/modules/base/storageclass/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:

infrastructure/modules/profiles/atlas-ha/kustomization.yaml

@@ -0,0 +1,7 @@
+# infrastructure/modules/profiles/atlas-ha/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../components/device-plugin-jetson
+  - ../components/device-plugin-minipc
+  - ../components/device-plugin-tethys

infrastructure/modules/profiles/components/device-plugin-jetson/daemonset.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/gpu/daemonsets/device-plugin-jetson/daemonset.yaml
+# infrastructure/modules/profiles/components/device-plugin-jetson/daemonset.yaml
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:

infrastructure/modules/profiles/components/device-plugin-jetson/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/gpu/daemonsets/device-plugin-jetson/kustomization.yaml
+# infrastructure/modules/profiles/components/device-plugin-jetson/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources: 

infrastructure/modules/profiles/components/device-plugin-minipc/daemonset.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/gpu/daemonsets/device-plugin-minipc/daemonset.yaml
+# infrastructure/modules/profiles/components/device-plugin-minipc/daemonset.yaml
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
@@ -24,7 +24,6 @@ spec:
       tolerations:
         - operator: Exists
       priorityClassName: system-node-critical
-      runtimeClassName: nvidia
       containers:
         - name: nvidia-device-plugin-ctr
           image: nvcr.io/nvidia/k8s-device-plugin:v0.16.2

infrastructure/modules/profiles/components/device-plugin-minipc/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/gpu/daemonsets/device-plugin-minipc/kustomization.yaml
+# infrastructure/modules/profiles/components/device-plugin-minipc/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources: 

infrastructure/modules/profiles/components/device-plugin-tethys/daemonset.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/gpu/daemonsets/device-plugin-tethys/daemonset.yaml
+# infrastructure/modules/profiles/components/device-plugin-tethys/daemonset.yaml
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:

infrastructure/modules/profiles/components/device-plugin-tethys/kustomization.yaml

@@ -1,4 +1,4 @@
-# infrastructure/core/gpu/daemonsets/device-plugin-tethys/kustomization.yaml
+# infrastructure/modules/profiles/components/device-plugin-tethys/kustomization.yaml
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:

infrastructure/modules/profiles/oceanus-validator/kustomization.yaml

@@ -0,0 +1,4 @@
+# infrastructure/modules/profiles/oceanus-validator/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources: []

infrastructure/modules/profiles/tethys-hybrid/kustomization.yaml

@@ -0,0 +1,5 @@
+# infrastructure/modules/profiles/tethys-hybrid/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../components/device-plugin-tethys

infrastructure/sources/cert-manager/letsencrypt.yaml

@@ -4,7 +4,7 @@ metadata:
   name: letsencrypt
 spec:
   acme:
-    email: you@bstein.dev
+    email: brad.stein@gmail.com
     server: https://acme-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
       name: letsencrypt-account-key

services/monitoring/helmrelease.yaml

@@ -12,15 +12,10 @@ spec:
       version: "~6.0.0"
       sourceRef:
         kind: HelmRepository
-        name: prometheus-community
+        name: prometheus
         namespace: flux-system
   values:
-    prometheusScrape: true   # annotates for /metrics auto-scrape. :contentReference[oaicite:16]{index=16}
+    prometheusScrape: false
-    service:
-      annotations:
-        prometheus.io/scrape: "true"
-        prometheus.io/port: "8080"     # ksm serves metrics on 8080 by default
-        prometheus.io/path: "/metrics"
 
 ---
 
@@ -31,15 +26,21 @@ metadata:
   namespace: monitoring
 spec:
   interval: 15m
+  install:
+    disableWait: true
   chart:
     spec:
       chart: prometheus-node-exporter
       version: "~4.0.0"
       sourceRef:
         kind: HelmRepository
-        name: prometheus-community
+        name: prometheus
         namespace: flux-system
+  upgrade:
+    disableWait: true
   values:
+    rbac:
+      pspEnabled: false
     service:
       annotations:
         prometheus.io/scrape: "true"
@@ -160,6 +161,9 @@ spec:
                 - action: keep
                   source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_scrape]
                   regex: "true"
+                - action: drop
+                  source_labels: [__meta_kubernetes_pod_container_port_name]
+                  regex: ".*health.*"
                 - action: replace
                   source_labels: [__meta_kubernetes_pod_annotation_prometheus_io_path]
                   target_label: __metrics_path__
@@ -190,6 +194,9 @@ spec:
                 - action: keep
                   source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_pod_label_app_kubernetes_io_name]
                   regex: cert-manager;cert-manager
+                - action: drop
+                  source_labels: [__meta_kubernetes_pod_container_port_name]
+                  regex: ".*health.*"
                 - action: replace
                   source_labels: [__address__]
                   regex: "(.+):\\d+"
@@ -203,4 +210,3 @@ spec:
                 - action: keep
                   source_labels: [__meta_kubernetes_namespace, __meta_kubernetes_pod_label_app_kubernetes_io_part_of]
                   regex: flux-system;flux
-

services/sui-metrics/base/configmap.yaml

@@ -0,0 +1,16 @@
+# services/sui-metrics/base/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sui-metrics-config
+  namespace: sui-metrics
+data:
+  vmagent.yaml: |
+    global:
+      scrape_interval: 15s
+      scrape_timeout: 10s
+    scrape_configs:
+      - job_name: oceanus-node-exporter
+        static_configs:
+          - targets:
+              - "192.168.22.23:9100"

services/sui-metrics/base/deployment.yaml

@@ -0,0 +1,63 @@
+# services/sui-metrics/base/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sui-metrics
+  namespace: sui-metrics
+  labels:
+    app: sui-metrics
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sui-metrics
+  template:
+    metadata:
+      labels:
+        app: sui-metrics
+    spec:
+      serviceAccountName: sui-metrics
+      containers:
+        - name: vmagent
+          image: victoriametrics/vmagent:v1.103.0
+          imagePullPolicy: IfNotPresent
+          args:
+            - -promscrape.config=/etc/vmagent/config/vmagent.yaml
+            - -remoteWrite.url=$(REMOTE_WRITE_URL)
+            - -remoteWrite.tmpDataPath=/var/lib/vmagent
+            - -loggerFormat=json
+          ports:
+            - name: http
+              containerPort: 8429
+              protocol: TCP
+          env:
+            - name: TZ
+              value: Etc/UTC
+            - name: REMOTE_WRITE_URL
+              value: http://victoria-metrics-single.monitoring.svc.cluster.local:8428/api/v1/write
+          resources:
+            requests:
+              cpu: 100m
+              memory: 256Mi
+            limits:
+              cpu: 500m
+              memory: 512Mi
+          volumeMounts:
+            - name: config
+              mountPath: /etc/vmagent/config
+              readOnly: true
+            - name: data
+              mountPath: /var/lib/vmagent
+          securityContext:
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            runAsUser: 65534
+            runAsGroup: 65534
+            capabilities:
+              drop: ["ALL"]
+      volumes:
+        - name: config
+          configMap:
+            name: sui-metrics-config
+        - name: data
+          emptyDir: {}

services/sui-metrics/base/kustomization.yaml

@@ -0,0 +1,10 @@
+# services/sui-metrics/base/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: sui-metrics
+resources:
+  - namespace.yaml
+  - serviceaccount.yaml
+  - configmap.yaml
+  - deployment.yaml
+  - service.yaml

services/sui-metrics/base/namespace.yaml

@@ -0,0 +1,5 @@
+# services/sui-metrics/base/namespace.yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: sui-metrics

services/sui-metrics/base/service.yaml

@@ -0,0 +1,16 @@
+# services/sui-metrics/base/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: sui-metrics
+  namespace: sui-metrics
+  labels:
+    app: sui-metrics
+spec:
+  type: ClusterIP
+  selector:
+    app: sui-metrics
+  ports:
+    - name: http
+      port: 8429
+      targetPort: 8429

services/sui-metrics/base/serviceaccount.yaml

@@ -0,0 +1,6 @@
+# services/sui-metrics/base/serviceaccount.yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: sui-metrics
+  namespace: sui-metrics

services/sui-metrics/overlays/atlas/kustomization.yaml

@@ -0,0 +1,10 @@
+# services/sui-metrics/overlays/atlas/kustomization.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ../../base
+patches:
+  - path: patch-node-selector.yaml
+    target:
+      kind: Deployment
+      name: sui-metrics

services/sui-metrics/overlays/atlas/patch-node-selector.yaml

@@ -0,0 +1,11 @@
+# services/sui-metrics/overlays/atlas/patch-node-selector.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sui-metrics
+  namespace: sui-metrics
+spec:
+  template:
+    spec:
+      nodeSelector:
+        kubernetes.io/hostname: titan-24