Skip to content

feat: add longhorn to openCenter #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mikeruu merged 1 commit into from
Oct 13, 2025
Merged

feat: add longhorn to openCenter #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions applications/base/services/longhorn/helm-base-overrides/hardened-values-v0.0.1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
---
18 changes: 18 additions & 0 deletions applications/base/services/longhorn/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- resources/namespace.yaml
- resources/longhorn-encrypted-storageclass.yaml
- resources/longhorn-multi-attach-storageclass.yaml
- resources/longhron-general-storageclass.yaml
- resources/helmrelease.yaml

secretGenerator:
- name: longhorn-values-base
namespace: longhorn-system
type: Opaque
files:
- hardened.yaml=helm-base-overrides/hardened-values-v0.0.1.yaml
options:
disableNameSuffixHash: true
49 changes: 49 additions & 0 deletions applications/base/services/longhorn/resources/helmrelease.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: longhorn
namespace: longhorn-system
spec:
interval: 5m
chart:
spec:
chart: longhorn
version: "v1.10.0"
sourceRef:
kind: HelmRepository
name: longhorn-repo
namespace: longhorn-system
install:
crds: CreateReplace
remediation:
retries: 3
createNamespace: true
upgrade:
crds: CreateReplace
remediation:
retries: 3
values:
longhornDriver:
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
nodeSelector:
longhorn.io/storage-node: "enabled"
longhornRecoveryBackend:
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
nodeSelector:
longhorn.io/storage-node: "enabled"
longhornUI:
nodeSelector:
longhorn.io/control-storage-node: "enabled"
longhornConversionWebhook:
nodeSelector:
longhorn.io/control-storage-node: "enabled"
longhornAdmissionWebhook:
nodeSelector:
longhorn.io/control-storage-node: "enabled"
35 changes: 35 additions & 0 deletions ...ications/base/services/longhorn/resources/longhorn-general-multi-attach-storageclass.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
---
apiVersion: v1
kind: Secret
metadata:
name: longhorn-crypto
namespace: longhorn-system
stringData:
CRYPTO_KEY_VALUE: "Your encryption passphrase" # Be sure to replace this with your own passphrase
CRYPTO_KEY_PROVIDER: "secret"
CRYPTO_KEY_CIPHER: "aes-xts-plain64"
CRYPTO_KEY_HASH: "sha256"
CRYPTO_KEY_SIZE: "256"
CRYPTO_PBKDF: "argon2i"
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: general-encrypted
provisioner: driver.longhorn.io
allowVolumeExpansion: true
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
numberOfReplicas: "3"
dataLocality: "best-effort"
staleReplicaTimeout: "2880"
fromBackup: ""
fsType: "ext4"
encrypted: "true"
csi.storage.k8s.io/provisioner-secret-name: "longhorn-crypto"
csi.storage.k8s.io/provisioner-secret-namespace: "longhorn-system"
csi.storage.k8s.io/node-publish-secret-name: "longhorn-crypto"
csi.storage.k8s.io/node-publish-secret-namespace: "longhorn-system"
csi.storage.k8s.io/node-stage-secret-name: "longhorn-crypto"
csi.storage.k8s.io/node-stage-secret-namespace: "longhorn-system"
17 changes: 17 additions & 0 deletions applications/base/services/longhorn/resources/longhorn-general-storageclass.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: general
annotations:
storageclass.kubernetes.io/is-default-class: "true"
provisioner: driver.longhorn.io
allowVolumeExpansion: true
reclaimPolicy: Delete
volumeBindingMode: Immediate
parameters:
numberOfReplicas: "2"
dataLocality: "best-effort"
staleReplicaTimeout: "2880"
fromBackup: ""
fsType: "ext4"
13 changes: 13 additions & 0 deletions applications/base/services/longhorn/resources/namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
apiVersion: v1
kind: Namespace
metadata:
labels:
kubernetes.io/metadata.name: longhorn-system
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/audit-version: latest
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/enforce-version: latest
pod-security.kubernetes.io/warn: privileged
pod-security.kubernetes.io/warn-version: latest
name: longhorn-system
9 changes: 9 additions & 0 deletions applications/base/services/longhorn/resources/source.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: HelmRepository
metadata:
name: longhorn-repo
namespace: longhorn-system
spec:
interval: 10m # How often to check for updates to the repo index
url: https://charts.longhorn.io