refactor(phpipam): remove fping cron container

All device discovery now handled by phpipam-pfsense-import CronJob which queries Kea DHCP leases + pfSense ARP table every 5min. No active scanning needed — pfSense sees all devices passively. [ci skip] Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 20:38:59 +00:00 · 2026-04-10 20:38:59 +00:00 · bba2de9eb1
commit bba2de9eb1
parent 0ac96def6b
1 changed files with 2 additions and 88 deletions
--- a/stacks/phpipam/main.tf
+++ b/stacks/phpipam/main.tf
@ -201,94 +201,8 @@ resource "kubernetes_deployment" "phpipam_web" {
  }
 }
-resource "kubernetes_deployment" "phpipam_cron" {
+# phpipam-cron container removed — discovery now handled by phpipam-pfsense-import CronJob
-  metadata {
+# which queries Kea DHCP leases + pfSense ARP table directly (no fping needed)
    name      = "phpipam-cron"
    namespace = kubernetes_namespace.phpipam.metadata[0].name
    labels = {
      app       = "phpipam-cron"
      component = "scanner"
      tier      = local.tiers.aux
    }
    annotations = {
      "reloader.stakater.com/auto" = "true"
    }
  }
  spec {
    replicas = 1
    strategy {
      type = "Recreate"
    }
    selector {
      match_labels = {
        app = "phpipam-cron"
      }
    }
    template {
      metadata {
        labels = {
          app       = "phpipam-cron"
          component = "scanner"
        }
        annotations = {
          "dependency.kyverno.io/wait-for" = "mysql.dbaas:3306"
        }
      }
      spec {
        container {
          image = "phpipam/phpipam-cron:v1.7.0"
          name  = "phpipam-cron"
          env {
            name  = "TZ"
            value = "Europe/Sofia"
          }
          env {
            name  = "IPAM_DATABASE_HOST"
            value = var.mysql_host
          }
          env {
            name  = "IPAM_DATABASE_USER"
            value = "phpipam"
          }
          env {
            name = "IPAM_DATABASE_PASS"
            value_from {
              secret_key_ref {
                name = "phpipam-secrets"
                key  = "db_password"
              }
            }
          }
          env {
            name  = "IPAM_DATABASE_NAME"
            value = "phpipam"
          }
          env {
            name  = "SCAN_INTERVAL"
            value = "24h"
          }
          resources {
            requests = {
              cpu    = "10m"
              memory = "64Mi"
            }
            limits = {
              memory = "512Mi"
            }
          }
          security_context {
            capabilities {
              add = ["NET_RAW"]
            }
          }
        }
      }
    }
  }
  lifecycle {
    ignore_changes = [spec[0].template[0].spec[0].dns_config]
  }
 }
 resource "kubernetes_service" "phpipam" {
  metadata {