FEAT(longhorn): add longhorn distributed block

- storage
- Add Longhorn Helm chart configuration
- Configure UI ingress at longhorn0213.kro.kr
- Set CPU limits to null to prevent throttling
- Configure 3 replicas for high availability
- Set Longhorn as default StorageClass

longhorn/argocd/longhorn.yaml

@@ -0,0 +1,118 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: longhorn
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+
+  sources:
+    # Helm chart from Longhorn repository
+    - repoURL: https://charts.longhorn.io
+      chart: longhorn
+      targetRevision: 1.7.2
+      helm:
+        valueFiles:
+          - $values/longhorn/helm-values/longhorn.yaml
+    # Values file from Git repository
+    - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git
+      targetRevision: main
+      ref: values
+    # Ingress from Git repository
+    - repoURL: https://gitea0213.kro.kr/bluemayne/databases.git
+      targetRevision: main
+      path: longhorn/ingress
+
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: longhorn-system
+
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+      allowEmpty: false
+
+    syncOptions:
+      - CreateNamespace=true
+      - PrunePropagationPolicy=foreground
+      - PruneLast=true
+      - RespectIgnoreDifferences=true
+      - ServerSideApply=true
+
+    retry:
+      limit: 5
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m
+
+  revisionHistoryLimit: 10
+
+  # Ignore differences in CRDs managed by Longhorn
+  ignoreDifferences:
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: engines.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: engineimages.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: instancemanagers.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: nodes.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: replicas.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: settings.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion
+    - group: apiextensions.k8s.io
+      kind: CustomResourceDefinition
+      name: volumes.longhorn.io
+      jqPathExpressions:
+        - .spec.conversion.webhook.clientConfig
+        - .status
+        - .metadata.annotations
+        - .metadata.generation
+        - .metadata.resourceVersion

longhorn/helm-values/longhorn.yaml

@@ -0,0 +1,120 @@
+# Longhorn Helm Values
+# Chart: https://github.com/longhorn/longhorn
+
+# Pre-upgrade checker - disable for ArgoCD/GitOps (per Longhorn docs)
+preUpgradeChecker:
+  jobEnabled: false
+  upgradeVersionCheck: false
+
+# Persistence settings
+persistence:
+  defaultClass: true  # Set Longhorn as default StorageClass
+  defaultClassReplicaCount: 3  # Number of replicas for high availability
+  reclaimPolicy: Retain  # Keep PV data when PVC is deleted
+
+# Default settings
+defaultSettings:
+  # Storage
+  defaultReplicaCount: 3  # Default number of replicas for volumes
+  defaultDataPath: /var/lib/longhorn  # Data storage path on nodes
+
+  # Backup settings
+  backupTarget: ""  # S3/NFS backup target (configure later if needed)
+  backupTargetCredentialSecret: ""
+
+  # Performance
+  guaranteedInstanceManagerCPU: 5  # 5% CPU for instance managers
+  createDefaultDiskLabeledNodes: true  # Auto-discover storage on labeled nodes
+
+  # Node scheduling
+  replicaSoftAntiAffinity: true  # Prefer to spread replicas across nodes
+  replicaAutoBalance: best-effort  # Auto-balance replicas
+  storageOverProvisioningPercentage: 200  # Allow 200% overprovisioning
+  storageMinimalAvailablePercentage: 10  # Keep 10% storage available
+
+  # Snapshot and backup
+  snapshotDataIntegrity: fast-check  # Fast integrity check for snapshots
+  snapshotDataIntegrityImmediateCheckAfterSnapshotCreation: false
+
+  # Auto cleanup
+  orphanAutoDeletion: true  # Auto delete orphaned resources
+
+# Longhorn Manager (control plane)
+longhornManager:
+  priorityClass: ~
+  tolerations: []
+  nodeSelector: {}
+
+# Longhorn Driver (CSI driver)
+longhornDriver:
+  priorityClass: ~
+  tolerations: []
+  nodeSelector: {}
+
+# Longhorn UI
+longhornUI:
+  replicas: 1
+  priorityClass: ~
+  tolerations: []
+  nodeSelector: {}
+
+# CSI components
+csi:
+  attacherReplicaCount: 1
+  provisionerReplicaCount: 1
+  resizerReplicaCount: 1
+  snapshotterReplicaCount: 1
+
+# Ingress for Longhorn UI
+ingress:
+  enabled: false  # We'll create a separate Ingress resource
+
+# Service configuration
+service:
+  ui:
+    type: ClusterIP
+    nodePort: null
+
+# Monitoring
+# Enable if Prometheus is available
+enablePSP: false  # Pod Security Policy (deprecated in K8s 1.25+)
+
+# Resources - NO CPU LIMITS per user request
+resources:
+  longhornManager:
+    requests:
+      cpu: 100m
+      memory: 256Mi
+    limits:
+      # cpu: not set to prevent throttling
+      memory: 512Mi
+
+  longhornDriver:
+    requests:
+      cpu: 50m
+      memory: 128Mi
+    limits:
+      # cpu: not set to prevent throttling
+      memory: 256Mi
+
+  longhornUI:
+    requests:
+      cpu: 50m
+      memory: 64Mi
+    limits:
+      # cpu: not set to prevent throttling
+      memory: 128Mi
+
+# Default StorageClass parameters
+defaultStorageClass:
+  enabled: true
+  name: longhorn
+  defaultClass: true
+  reclaimPolicy: Retain
+  allowVolumeExpansion: true
+  parameters:
+    numberOfReplicas: "3"
+    staleReplicaTimeout: "2880"  # 48 hours
+    fromBackup: ""
+    fsType: "ext4"
+    dataLocality: "disabled"  # Allow scheduling on any node

longhorn/ingress/longhorn-ingress.yaml

@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: longhorn-ingress
+  namespace: longhorn-system
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+spec:
+  ingressClassName: haproxy
+  tls:
+    - hosts:
+        - longhorn0213.kro.kr
+      secretName: longhorn-tls
+  rules:
+    - host: longhorn0213.kro.kr
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: longhorn-frontend
+                port:
+                  number: 80

longhorn/kustomization.yaml

@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: longhorn-system
+
+resources:
+  - ingress/longhorn-ingress.yaml

postgresql-dev/helm-values/postgresql-dev.yaml

@@ -26,7 +26,9 @@ resources:
   requests:
     memory: "256Mi"
     cpu: "30m"  # Reduced to 30% of original (100m -> 30m)
-  limits: {}  # Empty limits to prevent Helm chart defaults in standalone mode
+  limits:
+    cpu: null
+    memory: null
 
 metrics:
   enabled: false