gitea_admin/k8s-and-chill
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
k8s-and-chill/rendered/envs/minikube/traefik/customresourcedefinition-aiservices.hub.traefik.io.yaml
Felix Wolf fe51c8c1bc feat(minikube): add minikube environment with garage S3 backend 
Adds a self-contained minikube environment for local development and
testing alongside the existing production env.

env: minikube
  - cluster.domain: minikube (browser DNS routes *.minikube → minikube ip)
  - tls issuer: mkcert (CA-signed via cert-manager mkcert ClusterIssuer)
  - storageClass: standard (minikube hostpath provisioner)
  - backups disabled; storagebox disabled
  - excludes argocd, forgejo, hcloud-csi (manual kubectl apply for testing)

prototypes/garage:
  - hand-rolled S3-compatible object store (single Deployment + PVC)
  - mittwald-generated rpc_secret + admin_token (hex)
  - PostSync init Job: assigns cluster layout, ensures bucket and access
    key, writes ocis-s3-credentials cross-namespace into ocis ns
  - idempotent: skips if k8s secret already populated; otherwise rotates
    the garage key (admin API only returns secretAccessKey on create)
  - cross-ns RBAC re-pinned via zz-cross-ns-rbac-fix overlay (ns.ytt.yaml
    clobbers explicit namespace fields)

ocis:
  - new admin-user-id init Job ensures secret.user-id is a valid UUID v4
    (mittwald can't generate UUIDs; ocis-settings rejects non-UUID ids)
  - mittwald no longer manages user-id; existing prod UUIDs preserved
  - insecure flag (oidcIdpInsecure / ocisHttpApiInsecure / ocmInsecure)
    parameterized; defaults to false; minikube sets true for self-signed
    OIDC issuer URL trust

other prototypes:
  - victoria-metrics-single helm values ytt-ified (storageClassName)
  - grafana admin secret now generated by mittwald (was hand-created in
    prod; manifest is no-op there since mittwald only fills empty fields)

flake.nix: minikube + docker + postgresql added to dev shell.
2026-05-03 17:23:57 +02:00

340 lines
13 KiB
YAML
Raw Blame History

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
a8r.io/repository: ssh://git@git.tr1ceracop.de:222/gitea_admin/k8s-and-chill.git
controller-gen.kubebuilder.io/version: v0.17.1
name: aiservices.hub.traefik.io
namespace: traefik
spec:
group: hub.traefik.io
names:
kind: AIService
listKind: AIServiceList
plural: aiservices
singular: aiservice
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: AIService is a Kubernetes-like Service to interact with a text-based LLM provider. It defines the parameters and credentials required to interact with various LLM providers.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: The desired behavior of this AIService.
properties:
anthropic:
description: Anthropic configures Anthropic backend.
properties:
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
token:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
type: object
azureOpenai:
description: AzureOpenAI configures AzureOpenAI.
properties:
apiKeySecret:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
baseUrl:
type: string
deploymentName:
type: string
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
required:
- baseUrl
- deploymentName
type: object
bedrock:
description: Bedrock configures Bedrock backend.
properties:
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
region:
type: string
systemMessage:
type: boolean
type: object
cohere:
description: Cohere configures Cohere backend.
properties:
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
token:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
type: object
deepSeek:
description: DeepSeek configures DeepSeek.
properties:
baseUrl:
type: string
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
token:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
type: object
gemini:
description: Gemini configures Gemini backend.
properties:
apiKey:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
type: object
mistral:
description: Mistral configures Mistral AI backend.
properties:
apiKey:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
type: object
ollama:
description: Ollama configures Ollama backend.
properties:
baseUrl:
type: string
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
required:
- baseUrl
type: object
openai:
description: OpenAI configures OpenAI.
properties:
baseUrl:
type: string
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
token:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
type: object
qWen:
description: QWen configures QWen.
properties:
baseUrl:
type: string
model:
type: string
params:
description: Params holds the LLM hyperparameters.
properties:
frequencyPenalty:
type: number
maxTokens:
type: integer
presencePenalty:
type: number
temperature:
type: number
topP:
type: number
type: object
token:
description: SecretReference references a kubernetes secret.
properties:
secretName:
maxLength: 253
type: string
required:
- secretName
type: object
type: object
type: object
type: object
served: true
storage: true
Reference in a new issue View git blame Copy permalink