rook-ceph-cluster: operatorNamespace: rook-ceph toolbox: enabled: true resources: requests: cpu: 100m memory: 128Mi monitoring: enabled: true ingress: dashboard: enabled: false # We'll use Gateway API instead cephClusterSpec: crashCollector: disable: true mgr: modules: - name: pg_autoscaler enabled: true - name: devicehealth enabled: true - name: diskprediction_local enabled: true - name: rook enabled: true dashboard: enabled: true ssl: false resources: mgr: limits: memory: "1Gi" requests: cpu: "100m" memory: "256Mi" mon: limits: memory: "2Gi" requests: cpu: "200m" memory: "1Gi" osd: limits: memory: "4Gi" requests: cpu: "100m" memory: "2Gi" prepareosd: requests: cpu: "100m" memory: "50Mi" mgr-sidecar: limits: memory: "100Mi" requests: cpu: "100m" memory: "40Mi" crashcollector: limits: memory: "60Mi" requests: cpu: "100m" memory: "60Mi" logcollector: limits: memory: "1Gi" requests: cpu: "100m" memory: "100Mi" cleanup: limits: memory: "1Gi" requests: cpu: "100m" memory: "100Mi" cephBlockPools: - name: ceph-blockpool spec: replicated: size: 2 failureDomain: host deviceClass: hdd parameters: min_size: "1" storageClass: name: ceph-block enabled: true isDefault: true reclaimPolicy: Delete allowVolumeExpansion: true volumeBindingMode: "Immediate" parameters: imageFeatures: "layering,exclusive-lock,object-map,fast-diff" csi.storage.k8s.io/fstype: ext4 csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph cephFileSystems: - name: ceph-filesystem spec: metadataPool: failureDomain: host replicated: size: 2 deviceClass: hdd parameters: min_size: "1" dataPools: - failureDomain: host replicated: size: 2 deviceClass: hdd parameters: min_size: "1" name: data0 preserveFilesystemOnDelete: true metadataServer: activeCount: 1 activeStandby: true resources: requests: cpu: "250m" memory: "1Gi" priorityClassName: system-cluster-critical storageClass: name: ceph-filesystem enabled: true isDefault: false pool: data0 reclaimPolicy: Retain allowVolumeExpansion: true volumeBindingMode: "Immediate" parameters: csi.storage.k8s.io/fstype: ext4 csi.storage.k8s.io/provisioner-secret-name: rook-csi-cephfs-provisioner csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph csi.storage.k8s.io/controller-expand-secret-name: rook-csi-cephfs-provisioner csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph csi.storage.k8s.io/node-stage-secret-name: rook-csi-cephfs-node csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph cephObjectStores: - name: ceph-objectstore spec: metadataPool: failureDomain: host replicated: size: 2 deviceClass: hdd parameters: min_size: "1" dataPool: failureDomain: host replicated: size: 2 deviceClass: hdd parameters: min_size: "1" preservePoolsOnDelete: true gateway: port: 80 instances: 1 resources: requests: cpu: "200m" memory: "512Mi" storageClass: name: ceph-bucket enabled: true reclaimPolicy: Delete volumeBindingMode: "Immediate" ingress: enabled: false # We'll use Gateway API instead # Gateway API HTTPRoutes for Ceph Dashboard and S3 extraObjects: # ReferenceGrant for Gateway to access rook-ceph namespace - apiVersion: gateway.networking.k8s.io/v1beta1 kind: ReferenceGrant metadata: name: traefik-gateway-access namespace: rook-ceph spec: from: - group: gateway.networking.k8s.io kind: HTTPRoute namespace: rook-ceph to: - group: "" kind: Service # Ceph Dashboard HTTPRoute - apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: ceph-dashboard namespace: rook-ceph spec: parentRefs: - name: traefik-gateway namespace: traefik sectionName: websecure hostnames: - "ceph.noxxos.nl" rules: - matches: - path: type: PathPrefix value: / backendRefs: - name: rook-ceph-mgr-dashboard port: 7000 # S3 Object Storage HTTPRoute - apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: ceph-s3 namespace: rook-ceph spec: parentRefs: - name: traefik-gateway namespace: traefik sectionName: websecure hostnames: - "s3.noxxos.nl" rules: - matches: - path: type: PathPrefix value: / backendRefs: - name: rook-ceph-rgw-ceph-objectstore port: 80