From 4d934c161b1de50a261ebd592058ff3512ab65fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= <nicolas.masse@itix.fr>
Date: Sat, 24 Sep 2022 10:06:04 +0200
Subject: [PATCH] add kubevirt vm

---
 k8s/kustomization.yaml |   1 +
 k8s/vm-database.yaml   | 141 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 142 insertions(+)
 create mode 100644 k8s/vm-database.yaml

diff --git a/k8s/kustomization.yaml b/k8s/kustomization.yaml
index 4836d8f..3882eda 100644
--- a/k8s/kustomization.yaml
+++ b/k8s/kustomization.yaml
@@ -10,6 +10,7 @@ resources:
 - task-maven-package.yaml
 - knative-service.yaml
 - triggers.yaml
+- vm-database.yaml
 images:
 - digest: sha256:c978b33482149cdbc7d11b444e5509146e480480bf713216a8d4a588c772ad26
   name: image-registry.openshift-image-registry.svc:5000/demo-appdev/function
diff --git a/k8s/vm-database.yaml b/k8s/vm-database.yaml
new file mode 100644
index 0000000..0a5d150
--- /dev/null
+++ b/k8s/vm-database.yaml
@@ -0,0 +1,141 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: database-cloudinit
+type: Opaque
+stringData:
+  userData: |
+    #cloud-config
+
+    users:
+    - name: nicolas
+      gecos: Nicolas MASSE
+      groups: wheel
+      lock_passwd: false
+      passwd: $6$XUTB20jVVXIqh78k$L1A9Lft5JlbOtNbeDP.fOZ5giLl09LfJGGCon5uwtsIhPJoNkj4SIk08Rb6vSowOps2ik5tlUwT2ZOZ6jjr7.0
+      ssh_authorized_keys:
+      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR1tt58X0+vbvsCR12gMAqr+g7vjt1Fx/qqz9EiboIs nicolas@localhost.localdomain
+      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFW62WJXI1ZCMfNA4w0dMpL0fsldhbEfULNGIUB0nQui nmasse@localhost.localdomain
+
+    write_files:
+    - path: /etc/sudoers
+      content: |
+        Defaults   !visiblepw
+        Defaults    always_set_home
+        Defaults    match_group_by_gid
+        Defaults    always_query_group_plugin
+        Defaults    env_reset
+        Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE KDEDIR LS_COLORS"
+        Defaults    env_keep += "MAIL QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
+        Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
+        Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
+        Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
+        Defaults    secure_path = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/var/lib/snapd/snap/bin
+        root    ALL=(ALL)       ALL
+        %wheel  ALL=(ALL)       NOPASSWD: ALL
+        #includedir /etc/sudoers.d
+      permissions: '0440'
+      append: false
+
+    - path: /root/bootstrap.sh
+      content: |
+        #!/bin/bash
+        set -Eeuo pipefail
+        PGSETUP_INITDB_OPTIONS=--auth-host=scram-sha-256 postgresql-setup --initdb --unit postgresql
+        sed -i.bak -E "s/^#*\s*listen_addresses\s*=\s*'[^']*'/listen_addresses = '0.0.0.0'/" /var/lib/pgsql/data/postgresql.conf
+        cat >> /var/lib/pgsql/data/pg_hba.conf <<EOF
+        host    all             all             0.0.0.0/0               scram-sha-256
+        EOF
+        systemctl start postgresql.service
+        systemctl enable postgresql.service
+        cd /tmp
+        sudo -u postgres psql -c "CREATE USER appli WITH ENCRYPTED PASSWORD 'secret'"
+        sudo -u postgres psql -c "CREATE DATABASE appli OWNER 'appli';"
+      permissions: '0755'
+
+    packages:
+    - postgresql-server
+
+    runcmd:
+    - [ "/root/bootstrap.sh" ]
+---
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  annotations:
+  labels:
+    app: database
+  name: database
+spec:
+  dataVolumeTemplates:
+    - apiVersion: cdi.kubevirt.io/v1beta1
+      kind: DataVolume
+      metadata:
+        creationTimestamp: null
+        name: database
+      spec:
+        source:
+          http:
+            url: https://download.fedoraproject.org/pub/fedora/linux/releases/36/Cloud/x86_64/images/Fedora-Cloud-Base-36-1.5.x86_64.qcow2
+        pvc:
+          accessModes:
+          - ReadWriteOnce
+          resources:
+            requests:
+              storage: 30Gi
+  runStrategy: Manual
+  template:
+    metadata:
+      annotations:
+        vm.kubevirt.io/flavor: small
+        vm.kubevirt.io/os: fedora
+        vm.kubevirt.io/workload: server
+      creationTimestamp: null
+      labels:
+        kubevirt.io/domain: database
+        kubevirt.io/size: small
+    spec:
+      domain:
+        cpu:
+          cores: 2
+          sockets: 1
+          threads: 1
+        devices:
+          disks:
+            - disk:
+                bus: virtio
+              name: rootdisk
+            - disk:
+                bus: virtio
+              name: cloudinitdisk
+          interfaces:
+            - macAddress: '02:cd:c9:00:00:00'
+              masquerade: {}
+              name: default
+          networkInterfaceMultiqueue: true
+          rng: {}
+        features:
+          acpi: {}
+          smm:
+            enabled: true
+        firmware:
+          bootloader:
+            efi: {}
+        machine:
+          type: pc-q35-rhel8.4.0
+        resources:
+          requests:
+            memory: 2Gi
+      evictionStrategy: LiveMigrate
+      networks:
+        - name: default
+          pod: {}
+      terminationGracePeriodSeconds: 180
+      volumes:
+        - dataVolume:
+            name: database
+          name: rootdisk
+        - cloudInitNoCloud:
+            secretRef:
+              name: database-cloudinit
+          name: cloudinitdisk