From 50505b6c7da7c12d4122529a1165b9903205081a Mon Sep 17 00:00:00 2001 From: Steven Kreitzer Date: Thu, 9 Jan 2025 09:50:20 -0600 Subject: [PATCH] feat(flux): big brain operator --- .github/workflows/flux-diff.yaml | 2 +- .taskfiles/bootstrap/Taskfile.yaml | 47 ++-------- .../bootstrap/resources/wipe-rook.yaml.j2 | 59 ------------ .../gha-runner-scale-set-controller/ks.yaml | 2 +- .../gha-runner-scale-set/ks.yaml | 2 +- .../apps/cert-manager/cert-manager/ks.yaml | 4 +- .../apps/databases/cloudnative-pg/ks.yaml | 4 +- kubernetes/apps/databases/emqx/ks.yaml | 4 +- .../external-secrets/external-secrets/ks.yaml | 4 +- .../onepassword-connect/ks.yaml | 2 +- .../app/helmrelease.yaml | 10 +-- .../app/kustomization.yaml | 2 +- .../flux-operator/app/resources/values.yaml | 3 + .../flux-operator/instance/helmrelease.yaml | 26 ++++++ .../flux-operator/instance/kustomization.yaml | 12 +++ .../instance}/prometheusrule.yaml | 0 .../instance/resources/values.yaml | 90 +++++++++++++++++++ .../{flux => flux-operator}/ks.yaml | 14 +-- .../flux/app/resources/values.yaml | 57 ------------ .../flux/config/monitoring/kustomization.yaml | 5 -- .../config => github/app}/kustomization.yaml | 1 - .../notifications/alertmanager/alert.yaml | 0 .../alertmanager/kustomization.yaml | 0 .../notifications/alertmanager/provider.yaml | 0 .../app}/notifications/github/alert.yaml | 0 .../notifications/github/externalsecret.yaml | 0 .../notifications/github/kustomization.yaml | 0 .../app}/notifications/github/provider.yaml | 0 .../app}/notifications/kustomization.yaml | 0 .../app}/webhooks/github/externalsecret.yaml | 0 .../app}/webhooks/github/ingress.yaml | 0 .../app}/webhooks/github/kustomization.yaml | 0 .../app}/webhooks/github/receiver.yaml | 2 +- .../app}/webhooks/kustomization.yaml | 0 kubernetes/apps/flux-system/github/ks.yaml | 20 +++++ .../apps/flux-system/kustomization.yaml | 3 +- kubernetes/apps/home/atuin/ks.yaml | 2 +- kubernetes/apps/home/go2rtc/ks.yaml | 2 +- kubernetes/apps/home/home-assistant/ks.yaml | 2 +- kubernetes/apps/home/zigbee2mqtt/ks.yaml | 2 +- kubernetes/apps/kube-system/cilium/ks.yaml | 4 +- kubernetes/apps/kube-system/coredns/ks.yaml | 2 +- .../apps/kube-system/descheduler/ks.yaml | 2 +- kubernetes/apps/kube-system/fstrim/ks.yaml | 2 +- .../kube-system/generic-device-plugin/ks.yaml | 2 +- .../kube-system/intel-device-plugin/ks.yaml | 4 +- .../apps/kube-system/irqbalance/ks.yaml | 2 +- .../apps/kube-system/metrics-server/ks.yaml | 2 +- .../node-feature-discovery/ks.yaml | 4 +- kubernetes/apps/kube-system/reloader/ks.yaml | 2 +- kubernetes/apps/kube-system/spegel/ks.yaml | 2 +- kubernetes/apps/kyverno/kyverno/ks.yaml | 4 +- kubernetes/apps/media/autobrr/ks.yaml | 2 +- kubernetes/apps/media/bazarr/ks.yaml | 2 +- kubernetes/apps/media/cross-seed/ks.yaml | 2 +- kubernetes/apps/media/overseerr/ks.yaml | 2 +- kubernetes/apps/media/plex/ks.yaml | 2 +- kubernetes/apps/media/prowlarr/ks.yaml | 2 +- kubernetes/apps/media/qbittorrent/ks.yaml | 4 +- kubernetes/apps/media/radarr/ks.yaml | 2 +- kubernetes/apps/media/recyclarr/ks.yaml | 2 +- kubernetes/apps/media/sabnzbd/ks.yaml | 2 +- kubernetes/apps/media/sonarr/ks.yaml | 2 +- kubernetes/apps/media/tautulli/ks.yaml | 2 +- kubernetes/apps/media/unpackerr/ks.yaml | 2 +- .../exporters/blackbox-exporter/ks.yaml | 4 +- .../exporters/mqtt-exporter/ks.yaml | 2 +- .../exporters/smartctl-exporter/ks.yaml | 2 +- .../exporters/snmp-exporter/ks.yaml | 2 +- .../exporters/speedtest-exporter/ks.yaml | 2 +- kubernetes/apps/monitoring/gatus/ks.yaml | 2 +- kubernetes/apps/monitoring/grafana/ks.yaml | 2 +- kubernetes/apps/monitoring/karma/ks.yaml | 2 +- kubernetes/apps/monitoring/kromgo/ks.yaml | 2 +- .../monitoring/kube-prometheus-stack/ks.yaml | 4 +- kubernetes/apps/monitoring/loki/ks.yaml | 2 +- .../prometheus-operator-crds/ks.yaml | 2 +- kubernetes/apps/monitoring/promtail/ks.yaml | 2 +- kubernetes/apps/monitoring/unpoller/ks.yaml | 2 +- .../apps/networking/cloudflared/ks.yaml | 2 +- .../apps/networking/echo-server/ks.yaml | 2 +- .../apps/networking/external-dns/ks.yaml | 4 +- kubernetes/apps/networking/multus/ks.yaml | 4 +- kubernetes/apps/networking/nginx/ks.yaml | 6 +- kubernetes/apps/networking/smtp-relay/ks.yaml | 2 +- .../apps/openebs-system/openebs/ks.yaml | 2 +- kubernetes/apps/rook-ceph/rook-ceph/ks.yaml | 4 +- .../system-upgrade-controller/ks.yaml | 4 +- .../snapshot-controller/ks.yaml | 2 +- .../apps/volsync-system/volsync/ks.yaml | 2 +- kubernetes/bootstrap/apps/external-secrets.j2 | 14 --- kubernetes/bootstrap/apps/helmfile.yaml | 31 +++++-- .../resources.yaml.j2} | 14 +++ .../bootstrap/templates/wipe-rook.yaml.gotmpl | 65 ++++++++++++++ kubernetes/flux/apps.yaml | 2 +- kubernetes/flux/config/cluster.yaml | 20 +---- kubernetes/flux/config/crds/.gitkeep | 0 ...xcd-community.yaml => controlplaneio.yaml} | 4 +- .../flux/repositories/helm/kustomization.yaml | 2 +- 99 files changed, 361 insertions(+), 300 deletions(-) delete mode 100644 .taskfiles/bootstrap/resources/wipe-rook.yaml.j2 rename kubernetes/apps/flux-system/{flux => flux-operator}/app/helmrelease.yaml (72%) rename kubernetes/apps/flux-system/{flux => flux-operator}/app/kustomization.yaml (85%) create mode 100644 kubernetes/apps/flux-system/flux-operator/app/resources/values.yaml create mode 100644 kubernetes/apps/flux-system/flux-operator/instance/helmrelease.yaml create mode 100644 kubernetes/apps/flux-system/flux-operator/instance/kustomization.yaml rename kubernetes/apps/flux-system/{flux/config/monitoring => flux-operator/instance}/prometheusrule.yaml (100%) create mode 100644 kubernetes/apps/flux-system/flux-operator/instance/resources/values.yaml rename kubernetes/apps/flux-system/{flux => flux-operator}/ks.yaml (72%) delete mode 100644 kubernetes/apps/flux-system/flux/app/resources/values.yaml delete mode 100644 kubernetes/apps/flux-system/flux/config/monitoring/kustomization.yaml rename kubernetes/apps/flux-system/{flux/config => github/app}/kustomization.yaml (87%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/alertmanager/alert.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/alertmanager/kustomization.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/alertmanager/provider.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/github/alert.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/github/externalsecret.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/github/kustomization.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/github/provider.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/notifications/kustomization.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/webhooks/github/externalsecret.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/webhooks/github/ingress.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/webhooks/github/kustomization.yaml (100%) rename kubernetes/apps/flux-system/{flux/config => github/app}/webhooks/github/receiver.yaml (95%) rename kubernetes/apps/flux-system/{flux/config => github/app}/webhooks/kustomization.yaml (100%) create mode 100644 kubernetes/apps/flux-system/github/ks.yaml delete mode 100644 kubernetes/bootstrap/apps/external-secrets.j2 rename kubernetes/bootstrap/{apps/flux-system.yaml.j2 => templates/resources.yaml.j2} (60%) create mode 100644 kubernetes/bootstrap/templates/wipe-rook.yaml.gotmpl delete mode 100644 kubernetes/flux/config/crds/.gitkeep rename kubernetes/flux/repositories/helm/{fluxcd-community.yaml => controlplaneio.yaml} (64%) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index a465449024..3d07f11ba6 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -52,7 +52,7 @@ jobs: --strip-attrs "helm.sh/chart,checksum/config,app.kubernetes.io/version,chart" --limit-bytes 10000 --all-namespaces - --sources "k8s-gitops" + --sources "flux-system" --output-file diff.patch - name: Generate Diff diff --git a/.taskfiles/bootstrap/Taskfile.yaml b/.taskfiles/bootstrap/Taskfile.yaml index ba92b7ec40..0a7a51aed1 100644 --- a/.taskfiles/bootstrap/Taskfile.yaml +++ b/.taskfiles/bootstrap/Taskfile.yaml @@ -1,20 +1,15 @@ --- version: '3' -vars: - BOOTSTRAP_RESOURCES_DIR: '{{.ROOT_DIR}}/.taskfiles/bootstrap/resources' - tasks: kubernetes: - desc: Bootstrap a Talos Kubernetes cluster backed by flux, sops, and rook - prompt: Bootstrap a Talos Kubernetes cluster ... continue? + desc: Bootstrap Talos + prompt: Bootstrap Talos Cluster? cmds: - task: etcd - task: kubeconfig - task: apps - - task: rook - - task: flux preconditions: - talosctl config info >/dev/null 2>&1 - test -f {{.TALOS_DIR}}/clusterconfig/talosconfig @@ -28,43 +23,19 @@ tasks: cmd: talosctl kubeconfig --nodes {{.TALOS_CONTROLLER}} --force {{.KUBERNETES_DIR}} apps: - internal: true + desc: Bootstrap Apps + prompt: Bootstrap apps into the Talos cluster? cmds: - - until kubectl wait --for=condition=Ready=False nodes --all --timeout=10m; do sleep 10; done + - until kubectl wait nodes --for=condition=Ready=False --all --timeout=10m; do sleep 5; done + - op run --env-file {{.KUBERNETES_DIR}}/bootstrap/bootstrap.env --no-masking -- minijinja-cli {{.KUBERNETES_DIR}}/bootstrap/apps/templates/resources.yaml.j2 | kubectl apply --server-side --filename - - helmfile --quiet --file {{.KUBERNETES_DIR}}/bootstrap/apps/helmfile.yaml apply --skip-diff-on-install --suppress-diff - - until kubectl wait --for=condition=Ready nodes --all --timeout=10m; do sleep 10; done - env: - KUBERNETES_DIR: '{{.KUBERNETES_DIR}}' - preconditions: - - test -f {{.KUBERNETES_DIR}}/bootstrap/apps/helmfile.yaml - - rook: - internal: true - cmds: - - minijinja-cli {{.BOOTSTRAP_RESOURCES_DIR}}/wipe-rook.yaml.j2 | kubectl apply --server-side --filename - - - until kubectl --namespace default get job/wipe-rook &>/dev/null; do sleep 5; done - - kubectl --namespace default wait job/wipe-rook --for=condition=complete --timeout=5m - - stern --namespace default job/wipe-rook --no-follow - - kubectl --namespace default delete job wipe-rook + - helmfile --quiet --file {{.KUBERNETES_DIR}}/bootstrap/apps/helmfile.yaml destroy --selector release=wipe-rook env: + FLUX_GITHUB_PUBLIC_KEYS: + sh: curl -fsSL https://api.github.com/meta | jq --raw-output '"github.com "+.ssh_keys[]' MODEL: SAMSUNG_MZQL23T8HCLS-00A07 NODE_COUNT: sh: talosctl config info --output json | jq --raw-output '.nodes | length' - preconditions: - - test -f {{.BOOTSTRAP_RESOURCES_DIR}}/wipe-rook.yaml.j2 - - flux: - internal: true - cmds: - - for: { var: TEMPLATES } - cmd: op run --env-file {{.KUBERNETES_DIR}}/bootstrap/bootstrap.env --no-masking -- minijinja-cli {{.ITEM}} | kubectl apply --server-side --filename - - - kubectl apply --server-side --kustomize {{.KUBERNETES_DIR}}/flux/config - vars: - TEMPLATES: - sh: ls {{.KUBERNETES_DIR}}/bootstrap/apps/*.j2 - env: VAULT: K8s - FLUX_GITHUB_PUBLIC_KEYS: - sh: curl -fsSL https://api.github.com/meta | jq --raw-output '"github.com "+.ssh_keys[]' preconditions: - op user get --me diff --git a/.taskfiles/bootstrap/resources/wipe-rook.yaml.j2 b/.taskfiles/bootstrap/resources/wipe-rook.yaml.j2 deleted file mode 100644 index 0689f4629f..0000000000 --- a/.taskfiles/bootstrap/resources/wipe-rook.yaml.j2 +++ /dev/null @@ -1,59 +0,0 @@ ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: &app wipe-rook - namespace: default - labels: - app.kubernetes.io/name: *app -spec: - parallelism: {{ ENV.NODE_COUNT }} - template: - metadata: - labels: - app.kubernetes.io/name: *app - spec: - restartPolicy: Never - initContainers: - - name: data - image: docker.io/library/alpine:latest - command: ["/bin/sh", "-c"] - args: ["rm -rf /mnt/host_var/lib/rook"] - volumeMounts: - - mountPath: /mnt/host_var - name: host-var - securityContext: - privileged: true - resources: {} - containers: - - name: disk - image: docker.io/library/alpine:latest - command: ["/bin/sh", "-c"] - args: - - | - apk add --no-cache findutils nvme-cli; - DISK=$(find /dev/disk/by-id/ -iname "*{{ ENV.MODEL }}*" -not -name "*_[0-9]"); - echo "=== Wiping $DISK ==="; - nvme format --lbaf=1 $DISK --force; - nvme format --block-size=4096 $DISK --force; - securityContext: - privileged: true - volumeMounts: - - name: host-dev - mountPath: /dev/disk/by-id - resources: {} - volumes: - - name: host-var - hostPath: - path: /var - - name: host-dev - hostPath: - path: /dev/disk/by-id - type: Directory - topologySpreadConstraints: - - maxSkew: 1 - labelSelector: - matchLabels: - app.kubernetes.io/name: *app - topologyKey: kubernetes.io/hostname - whenUnsatisfiable: DoNotSchedule diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml b/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml index 4b3ee02cd0..0f783b032a 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml +++ b/kubernetes/apps/actions-runner-system/gha-runner-scale-set-controller/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml b/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml index 124dfded82..e60cfedaf5 100644 --- a/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml +++ b/kubernetes/apps/actions-runner-system/gha-runner-scale-set/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/cert-manager/cert-manager/ks.yaml b/kubernetes/apps/cert-manager/cert-manager/ks.yaml index ceea4d5082..edb3ea145d 100644 --- a/kubernetes/apps/cert-manager/cert-manager/ks.yaml +++ b/kubernetes/apps/cert-manager/cert-manager/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -36,7 +36,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/databases/cloudnative-pg/ks.yaml b/kubernetes/apps/databases/cloudnative-pg/ks.yaml index 8bb52415a4..69d2674c07 100644 --- a/kubernetes/apps/databases/cloudnative-pg/ks.yaml +++ b/kubernetes/apps/databases/cloudnative-pg/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -38,7 +38,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/databases/emqx/ks.yaml b/kubernetes/apps/databases/emqx/ks.yaml index 6d207e4f4d..4548a201ec 100644 --- a/kubernetes/apps/databases/emqx/ks.yaml +++ b/kubernetes/apps/databases/emqx/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -38,7 +38,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/external-secrets/external-secrets/ks.yaml b/kubernetes/apps/external-secrets/external-secrets/ks.yaml index fe716724ba..429e30dced 100644 --- a/kubernetes/apps/external-secrets/external-secrets/ks.yaml +++ b/kubernetes/apps/external-secrets/external-secrets/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -35,7 +35,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/external-secrets/onepassword-connect/ks.yaml b/kubernetes/apps/external-secrets/onepassword-connect/ks.yaml index 0bccd53d9b..0801578811 100644 --- a/kubernetes/apps/external-secrets/onepassword-connect/ks.yaml +++ b/kubernetes/apps/external-secrets/onepassword-connect/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/flux-system/flux/app/helmrelease.yaml b/kubernetes/apps/flux-system/flux-operator/app/helmrelease.yaml similarity index 72% rename from kubernetes/apps/flux-system/flux/app/helmrelease.yaml rename to kubernetes/apps/flux-system/flux-operator/app/helmrelease.yaml index 901eee01e5..8bb225f475 100644 --- a/kubernetes/apps/flux-system/flux/app/helmrelease.yaml +++ b/kubernetes/apps/flux-system/flux-operator/app/helmrelease.yaml @@ -2,16 +2,16 @@ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: - name: flux + name: flux-operator spec: interval: 30m chart: spec: - chart: flux2 - version: 2.14.1 + chart: flux-operator + version: 0.12.0 sourceRef: kind: HelmRepository - name: fluxcd-community + name: controlplaneio namespace: flux-system install: remediation: @@ -23,4 +23,4 @@ spec: retries: 3 valuesFrom: - kind: ConfigMap - name: flux-helm-values + name: flux-operator-helm-values diff --git a/kubernetes/apps/flux-system/flux/app/kustomization.yaml b/kubernetes/apps/flux-system/flux-operator/app/kustomization.yaml similarity index 85% rename from kubernetes/apps/flux-system/flux/app/kustomization.yaml rename to kubernetes/apps/flux-system/flux-operator/app/kustomization.yaml index 7a3555472a..1527a2e8ca 100644 --- a/kubernetes/apps/flux-system/flux/app/kustomization.yaml +++ b/kubernetes/apps/flux-system/flux-operator/app/kustomization.yaml @@ -4,7 +4,7 @@ kind: Kustomization resources: - ./helmrelease.yaml configMapGenerator: - - name: flux-helm-values + - name: flux-operator-helm-values files: - ./resources/values.yaml generatorOptions: diff --git a/kubernetes/apps/flux-system/flux-operator/app/resources/values.yaml b/kubernetes/apps/flux-system/flux-operator/app/resources/values.yaml new file mode 100644 index 0000000000..8c63a5456d --- /dev/null +++ b/kubernetes/apps/flux-system/flux-operator/app/resources/values.yaml @@ -0,0 +1,3 @@ +--- +serviceMonitor: + create: true diff --git a/kubernetes/apps/flux-system/flux-operator/instance/helmrelease.yaml b/kubernetes/apps/flux-system/flux-operator/instance/helmrelease.yaml new file mode 100644 index 0000000000..2c543dbe7a --- /dev/null +++ b/kubernetes/apps/flux-system/flux-operator/instance/helmrelease.yaml @@ -0,0 +1,26 @@ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: flux-instance +spec: + interval: 30m + chart: + spec: + chart: flux-instance + version: 0.12.0 + sourceRef: + kind: HelmRepository + name: controlplaneio + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + valuesFrom: + - kind: ConfigMap + name: flux-instance-helm-values diff --git a/kubernetes/apps/flux-system/flux-operator/instance/kustomization.yaml b/kubernetes/apps/flux-system/flux-operator/instance/kustomization.yaml new file mode 100644 index 0000000000..e5770f203e --- /dev/null +++ b/kubernetes/apps/flux-system/flux-operator/instance/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./helmrelease.yaml + - ./prometheusrule.yaml +configMapGenerator: + - name: flux-instance-helm-values + files: + - ./resources/values.yaml +generatorOptions: + disableNameSuffixHash: true diff --git a/kubernetes/apps/flux-system/flux/config/monitoring/prometheusrule.yaml b/kubernetes/apps/flux-system/flux-operator/instance/prometheusrule.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/monitoring/prometheusrule.yaml rename to kubernetes/apps/flux-system/flux-operator/instance/prometheusrule.yaml diff --git a/kubernetes/apps/flux-system/flux-operator/instance/resources/values.yaml b/kubernetes/apps/flux-system/flux-operator/instance/resources/values.yaml new file mode 100644 index 0000000000..4841a88e23 --- /dev/null +++ b/kubernetes/apps/flux-system/flux-operator/instance/resources/values.yaml @@ -0,0 +1,90 @@ +--- +instance: + cluster: + networkPolicy: false + components: + - source-controller + - kustomize-controller + - helm-controller + - notification-controller + sync: + kind: GitRepository + url: ssh://git@github.com/buroa/k8s-gitops + ref: refs/heads/master + path: kubernetes/flux + pullSecret: github-deploy-key + kustomize: + patches: + # Increase the number of workers and limits + # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#increase-the-number-of-workers-and-limits + - patch: | + - op: add + path: /spec/template/spec/containers/0/args/- + value: --concurrent=10 + - op: add + path: /spec/template/spec/containers/0/args/- + value: --requeue-dependency=5s + target: + kind: Deployment + name: (kustomize-controller|helm-controller|source-controller) + - patch: | + apiVersion: apps/v1 + kind: Deployment + metadata: + name: all + spec: + template: + spec: + containers: + - name: manager + resources: + limits: + memory: 2Gi + target: + kind: Deployment + name: (kustomize-controller|helm-controller|source-controller) + # Enable in-memory kustomize builds + # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#enable-in-memory-kustomize-builds + - patch: | + - op: add + path: /spec/template/spec/containers/0/args/- + value: --concurrent=20 + - op: replace + path: /spec/template/spec/volumes/0 + value: + name: temp + emptyDir: + medium: Memory + target: + kind: Deployment + name: kustomize-controller + # Enable Helm repositories caching + # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#enable-helm-repositories-caching + - patch: | + - op: add + path: /spec/template/spec/containers/0/args/- + value: --helm-cache-max-size=10 + - op: add + path: /spec/template/spec/containers/0/args/- + value: --helm-cache-ttl=60m + - op: add + path: /spec/template/spec/containers/0/args/- + value: --helm-cache-purge-interval=5m + target: + kind: Deployment + name: source-controller + # Flux near OOM detection for Helm + # Ref: https://fluxcd.io/flux/installation/configuration/helm-oom-detection/ + - patch: | + - op: add + path: /spec/template/spec/containers/0/args/- + value: --feature-gates=OOMWatch=true + - op: add + path: /spec/template/spec/containers/0/args/- + value: --oom-watch-memory-threshold=95 + - op: add + path: /spec/template/spec/containers/0/args/- + value: --oom-watch-interval=500ms + target: + kind: Deployment + name: helm-controller diff --git a/kubernetes/apps/flux-system/flux/ks.yaml b/kubernetes/apps/flux-system/flux-operator/ks.yaml similarity index 72% rename from kubernetes/apps/flux-system/flux/ks.yaml rename to kubernetes/apps/flux-system/flux-operator/ks.yaml index ea3c4df71f..31d6d4a9d7 100644 --- a/kubernetes/apps/flux-system/flux/ks.yaml +++ b/kubernetes/apps/flux-system/flux-operator/ks.yaml @@ -2,18 +2,18 @@ apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: &app flux + name: &app flux-operator namespace: flux-system spec: targetNamespace: flux-system commonMetadata: labels: app.kubernetes.io/name: *app - path: ./kubernetes/apps/flux-system/flux/app + path: ./kubernetes/apps/flux-system/flux-operator/app prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -22,7 +22,7 @@ spec: apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: - name: &app flux-config + name: &app flux-instance namespace: flux-system spec: targetNamespace: flux-system @@ -30,12 +30,12 @@ spec: labels: app.kubernetes.io/name: *app dependsOn: - - name: flux - path: ./kubernetes/apps/flux-system/flux/config + - name: flux-operator + path: ./kubernetes/apps/flux-system/flux-operator/instance prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/flux-system/flux/app/resources/values.yaml b/kubernetes/apps/flux-system/flux/app/resources/values.yaml deleted file mode 100644 index 0d0bed2018..0000000000 --- a/kubernetes/apps/flux-system/flux/app/resources/values.yaml +++ /dev/null @@ -1,57 +0,0 @@ ---- -crds: - annotations: - helm.sh/resource-policy: keep -helmController: - container: - additionalArgs: - # Increase the number of workers and limits - # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#increase-the-number-of-workers-and-limits - - --concurrent=10 - - --requeue-dependency=5s - # Flux near OOM detection for Helm - # Ref: https://fluxcd.io/flux/installation/configuration/helm-oom-detection/ - - --feature-gates=OOMWatch=true - - --oom-watch-memory-threshold=95 - - --oom-watch-interval=500ms - resources: &resources - requests: - cpu: 100m - limits: - memory: 2Gi -imageAutomationController: - create: false -imageReflectionController: - create: false -kustomizeController: - container: - additionalArgs: - # Increase the number of workers and limits - # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#increase-the-number-of-workers-and-limits - - --concurrent=10 - - --requeue-dependency=5s - resources: *resources -notificationController: - resources: - requests: - cpu: 100m - limits: - memory: 2Gi -sourceController: - container: - additionalArgs: - # Enable Helm repositories caching - # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#enable-helm-repositories-caching - - --helm-cache-max-size=10 - - --helm-cache-ttl=60m - - --helm-cache-purge-interval=5m - # Increase the number of workers and limits - # Ref: https://fluxcd.io/flux/installation/configuration/vertical-scaling/#increase-the-number-of-workers-and-limits - - --concurrent=10 - - --requeue-dependency=5s - resources: *resources -policies: - create: false -prometheus: - podMonitor: - create: true diff --git a/kubernetes/apps/flux-system/flux/config/monitoring/kustomization.yaml b/kubernetes/apps/flux-system/flux/config/monitoring/kustomization.yaml deleted file mode 100644 index 7b83cfdecc..0000000000 --- a/kubernetes/apps/flux-system/flux/config/monitoring/kustomization.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./prometheusrule.yaml diff --git a/kubernetes/apps/flux-system/flux/config/kustomization.yaml b/kubernetes/apps/flux-system/github/app/kustomization.yaml similarity index 87% rename from kubernetes/apps/flux-system/flux/config/kustomization.yaml rename to kubernetes/apps/flux-system/github/app/kustomization.yaml index 1ed13e4e94..5b34a3ea3a 100644 --- a/kubernetes/apps/flux-system/flux/config/kustomization.yaml +++ b/kubernetes/apps/flux-system/github/app/kustomization.yaml @@ -2,6 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ./monitoring - ./notifications - ./webhooks diff --git a/kubernetes/apps/flux-system/flux/config/notifications/alertmanager/alert.yaml b/kubernetes/apps/flux-system/github/app/notifications/alertmanager/alert.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/alertmanager/alert.yaml rename to kubernetes/apps/flux-system/github/app/notifications/alertmanager/alert.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/alertmanager/kustomization.yaml b/kubernetes/apps/flux-system/github/app/notifications/alertmanager/kustomization.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/alertmanager/kustomization.yaml rename to kubernetes/apps/flux-system/github/app/notifications/alertmanager/kustomization.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/alertmanager/provider.yaml b/kubernetes/apps/flux-system/github/app/notifications/alertmanager/provider.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/alertmanager/provider.yaml rename to kubernetes/apps/flux-system/github/app/notifications/alertmanager/provider.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/github/alert.yaml b/kubernetes/apps/flux-system/github/app/notifications/github/alert.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/github/alert.yaml rename to kubernetes/apps/flux-system/github/app/notifications/github/alert.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/github/externalsecret.yaml b/kubernetes/apps/flux-system/github/app/notifications/github/externalsecret.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/github/externalsecret.yaml rename to kubernetes/apps/flux-system/github/app/notifications/github/externalsecret.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/github/kustomization.yaml b/kubernetes/apps/flux-system/github/app/notifications/github/kustomization.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/github/kustomization.yaml rename to kubernetes/apps/flux-system/github/app/notifications/github/kustomization.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/github/provider.yaml b/kubernetes/apps/flux-system/github/app/notifications/github/provider.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/github/provider.yaml rename to kubernetes/apps/flux-system/github/app/notifications/github/provider.yaml diff --git a/kubernetes/apps/flux-system/flux/config/notifications/kustomization.yaml b/kubernetes/apps/flux-system/github/app/notifications/kustomization.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/notifications/kustomization.yaml rename to kubernetes/apps/flux-system/github/app/notifications/kustomization.yaml diff --git a/kubernetes/apps/flux-system/flux/config/webhooks/github/externalsecret.yaml b/kubernetes/apps/flux-system/github/app/webhooks/github/externalsecret.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/webhooks/github/externalsecret.yaml rename to kubernetes/apps/flux-system/github/app/webhooks/github/externalsecret.yaml diff --git a/kubernetes/apps/flux-system/flux/config/webhooks/github/ingress.yaml b/kubernetes/apps/flux-system/github/app/webhooks/github/ingress.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/webhooks/github/ingress.yaml rename to kubernetes/apps/flux-system/github/app/webhooks/github/ingress.yaml diff --git a/kubernetes/apps/flux-system/flux/config/webhooks/github/kustomization.yaml b/kubernetes/apps/flux-system/github/app/webhooks/github/kustomization.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/webhooks/github/kustomization.yaml rename to kubernetes/apps/flux-system/github/app/webhooks/github/kustomization.yaml diff --git a/kubernetes/apps/flux-system/flux/config/webhooks/github/receiver.yaml b/kubernetes/apps/flux-system/github/app/webhooks/github/receiver.yaml similarity index 95% rename from kubernetes/apps/flux-system/flux/config/webhooks/github/receiver.yaml rename to kubernetes/apps/flux-system/github/app/webhooks/github/receiver.yaml index 7a57104a39..567f657687 100644 --- a/kubernetes/apps/flux-system/flux/config/webhooks/github/receiver.yaml +++ b/kubernetes/apps/flux-system/github/app/webhooks/github/receiver.yaml @@ -13,7 +13,7 @@ spec: resources: - apiVersion: source.toolkit.fluxcd.io/v1 kind: GitRepository - name: k8s-gitops + name: flux-system namespace: flux-system - apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization diff --git a/kubernetes/apps/flux-system/flux/config/webhooks/kustomization.yaml b/kubernetes/apps/flux-system/github/app/webhooks/kustomization.yaml similarity index 100% rename from kubernetes/apps/flux-system/flux/config/webhooks/kustomization.yaml rename to kubernetes/apps/flux-system/github/app/webhooks/kustomization.yaml diff --git a/kubernetes/apps/flux-system/github/ks.yaml b/kubernetes/apps/flux-system/github/ks.yaml new file mode 100644 index 0000000000..38b4b23bdd --- /dev/null +++ b/kubernetes/apps/flux-system/github/ks.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app flux-github + namespace: flux-system +spec: + targetNamespace: flux-system + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./kubernetes/apps/flux-system/github/app + prune: true + sourceRef: + kind: GitRepository + name: flux-system + wait: true + interval: 30m + retryInterval: 1m + timeout: 5m diff --git a/kubernetes/apps/flux-system/kustomization.yaml b/kubernetes/apps/flux-system/kustomization.yaml index 1a87c65513..e8660b9699 100644 --- a/kubernetes/apps/flux-system/kustomization.yaml +++ b/kubernetes/apps/flux-system/kustomization.yaml @@ -3,4 +3,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./namespace.yaml - - ./flux/ks.yaml + - ./flux-operator/ks.yaml + - ./github/ks.yaml diff --git a/kubernetes/apps/home/atuin/ks.yaml b/kubernetes/apps/home/atuin/ks.yaml index 313a6a1ca2..c6763f3953 100644 --- a/kubernetes/apps/home/atuin/ks.yaml +++ b/kubernetes/apps/home/atuin/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/home/go2rtc/ks.yaml b/kubernetes/apps/home/go2rtc/ks.yaml index 18ca549885..412a06b6d8 100644 --- a/kubernetes/apps/home/go2rtc/ks.yaml +++ b/kubernetes/apps/home/go2rtc/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/home/home-assistant/ks.yaml b/kubernetes/apps/home/home-assistant/ks.yaml index 749d773cf5..2b87ace8d5 100644 --- a/kubernetes/apps/home/home-assistant/ks.yaml +++ b/kubernetes/apps/home/home-assistant/ks.yaml @@ -19,7 +19,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/home/zigbee2mqtt/ks.yaml b/kubernetes/apps/home/zigbee2mqtt/ks.yaml index c4b6ab6034..d350e58111 100644 --- a/kubernetes/apps/home/zigbee2mqtt/ks.yaml +++ b/kubernetes/apps/home/zigbee2mqtt/ks.yaml @@ -18,7 +18,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/cilium/ks.yaml b/kubernetes/apps/kube-system/cilium/ks.yaml index 6beec43ab8..f740224a0b 100644 --- a/kubernetes/apps/kube-system/cilium/ks.yaml +++ b/kubernetes/apps/kube-system/cilium/ks.yaml @@ -13,7 +13,7 @@ spec: prune: false # never should be deleted sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -35,7 +35,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/coredns/ks.yaml b/kubernetes/apps/kube-system/coredns/ks.yaml index e95c24dc0f..0fd418571c 100644 --- a/kubernetes/apps/kube-system/coredns/ks.yaml +++ b/kubernetes/apps/kube-system/coredns/ks.yaml @@ -13,7 +13,7 @@ spec: prune: false # never should be deleted sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/descheduler/ks.yaml b/kubernetes/apps/kube-system/descheduler/ks.yaml index 2e4f3c8773..158e1d9313 100644 --- a/kubernetes/apps/kube-system/descheduler/ks.yaml +++ b/kubernetes/apps/kube-system/descheduler/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/fstrim/ks.yaml b/kubernetes/apps/kube-system/fstrim/ks.yaml index 63b384d47d..1f59de180f 100644 --- a/kubernetes/apps/kube-system/fstrim/ks.yaml +++ b/kubernetes/apps/kube-system/fstrim/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/generic-device-plugin/ks.yaml b/kubernetes/apps/kube-system/generic-device-plugin/ks.yaml index d45108fa32..e48ec742c3 100644 --- a/kubernetes/apps/kube-system/generic-device-plugin/ks.yaml +++ b/kubernetes/apps/kube-system/generic-device-plugin/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml b/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml index 16a6a3f58e..6ab7f000b1 100644 --- a/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml +++ b/kubernetes/apps/kube-system/intel-device-plugin/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -36,7 +36,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/irqbalance/ks.yaml b/kubernetes/apps/kube-system/irqbalance/ks.yaml index 48232135d7..d8862b34e0 100644 --- a/kubernetes/apps/kube-system/irqbalance/ks.yaml +++ b/kubernetes/apps/kube-system/irqbalance/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/metrics-server/ks.yaml b/kubernetes/apps/kube-system/metrics-server/ks.yaml index eed14bf594..4db7a72d1f 100644 --- a/kubernetes/apps/kube-system/metrics-server/ks.yaml +++ b/kubernetes/apps/kube-system/metrics-server/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml b/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml index ed37225e57..e5c22d1db8 100644 --- a/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml +++ b/kubernetes/apps/kube-system/node-feature-discovery/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -35,7 +35,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system interval: 30m retryInterval: 1m timeout: 5m diff --git a/kubernetes/apps/kube-system/reloader/ks.yaml b/kubernetes/apps/kube-system/reloader/ks.yaml index a3f763f9f7..ef66855ef7 100644 --- a/kubernetes/apps/kube-system/reloader/ks.yaml +++ b/kubernetes/apps/kube-system/reloader/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kube-system/spegel/ks.yaml b/kubernetes/apps/kube-system/spegel/ks.yaml index db704be8dc..58a8c56774 100644 --- a/kubernetes/apps/kube-system/spegel/ks.yaml +++ b/kubernetes/apps/kube-system/spegel/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/kyverno/kyverno/ks.yaml b/kubernetes/apps/kyverno/kyverno/ks.yaml index 85bd693205..064f9bee10 100644 --- a/kubernetes/apps/kyverno/kyverno/ks.yaml +++ b/kubernetes/apps/kyverno/kyverno/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -35,7 +35,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/autobrr/ks.yaml b/kubernetes/apps/media/autobrr/ks.yaml index 567ea78d38..c4b1e54115 100644 --- a/kubernetes/apps/media/autobrr/ks.yaml +++ b/kubernetes/apps/media/autobrr/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/bazarr/ks.yaml b/kubernetes/apps/media/bazarr/ks.yaml index 29e4e6991b..243b72207c 100644 --- a/kubernetes/apps/media/bazarr/ks.yaml +++ b/kubernetes/apps/media/bazarr/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/cross-seed/ks.yaml b/kubernetes/apps/media/cross-seed/ks.yaml index c20d847974..aae08c0339 100644 --- a/kubernetes/apps/media/cross-seed/ks.yaml +++ b/kubernetes/apps/media/cross-seed/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/overseerr/ks.yaml b/kubernetes/apps/media/overseerr/ks.yaml index 633fed9503..70827f913c 100644 --- a/kubernetes/apps/media/overseerr/ks.yaml +++ b/kubernetes/apps/media/overseerr/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/plex/ks.yaml b/kubernetes/apps/media/plex/ks.yaml index 19f5261144..19b0cbcd46 100644 --- a/kubernetes/apps/media/plex/ks.yaml +++ b/kubernetes/apps/media/plex/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/prowlarr/ks.yaml b/kubernetes/apps/media/prowlarr/ks.yaml index bbf079648b..68c6aa5771 100644 --- a/kubernetes/apps/media/prowlarr/ks.yaml +++ b/kubernetes/apps/media/prowlarr/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/qbittorrent/ks.yaml b/kubernetes/apps/media/qbittorrent/ks.yaml index 31406649a3..5410696737 100644 --- a/kubernetes/apps/media/qbittorrent/ks.yaml +++ b/kubernetes/apps/media/qbittorrent/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -39,7 +39,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/radarr/ks.yaml b/kubernetes/apps/media/radarr/ks.yaml index 61a4eb351e..d28126dede 100644 --- a/kubernetes/apps/media/radarr/ks.yaml +++ b/kubernetes/apps/media/radarr/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/recyclarr/ks.yaml b/kubernetes/apps/media/recyclarr/ks.yaml index ad9b3d2fe4..b93eff6898 100644 --- a/kubernetes/apps/media/recyclarr/ks.yaml +++ b/kubernetes/apps/media/recyclarr/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/sabnzbd/ks.yaml b/kubernetes/apps/media/sabnzbd/ks.yaml index ca615985ca..3ae6a7ff83 100644 --- a/kubernetes/apps/media/sabnzbd/ks.yaml +++ b/kubernetes/apps/media/sabnzbd/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/sonarr/ks.yaml b/kubernetes/apps/media/sonarr/ks.yaml index 3bf51a1207..c63a312119 100644 --- a/kubernetes/apps/media/sonarr/ks.yaml +++ b/kubernetes/apps/media/sonarr/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/tautulli/ks.yaml b/kubernetes/apps/media/tautulli/ks.yaml index f6734106e9..15636d5fd7 100644 --- a/kubernetes/apps/media/tautulli/ks.yaml +++ b/kubernetes/apps/media/tautulli/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/media/unpackerr/ks.yaml b/kubernetes/apps/media/unpackerr/ks.yaml index f609b73da4..2f93f86ea1 100644 --- a/kubernetes/apps/media/unpackerr/ks.yaml +++ b/kubernetes/apps/media/unpackerr/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/exporters/blackbox-exporter/ks.yaml b/kubernetes/apps/monitoring/exporters/blackbox-exporter/ks.yaml index 011847621c..364ed74957 100644 --- a/kubernetes/apps/monitoring/exporters/blackbox-exporter/ks.yaml +++ b/kubernetes/apps/monitoring/exporters/blackbox-exporter/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -35,7 +35,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system interval: 30m retryInterval: 1m timeout: 5m diff --git a/kubernetes/apps/monitoring/exporters/mqtt-exporter/ks.yaml b/kubernetes/apps/monitoring/exporters/mqtt-exporter/ks.yaml index 98b6aae670..4cfafc2302 100644 --- a/kubernetes/apps/monitoring/exporters/mqtt-exporter/ks.yaml +++ b/kubernetes/apps/monitoring/exporters/mqtt-exporter/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/exporters/smartctl-exporter/ks.yaml b/kubernetes/apps/monitoring/exporters/smartctl-exporter/ks.yaml index f3c2323dc6..33144423c9 100644 --- a/kubernetes/apps/monitoring/exporters/smartctl-exporter/ks.yaml +++ b/kubernetes/apps/monitoring/exporters/smartctl-exporter/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/exporters/snmp-exporter/ks.yaml b/kubernetes/apps/monitoring/exporters/snmp-exporter/ks.yaml index d44ac1c27e..86c7e4006a 100644 --- a/kubernetes/apps/monitoring/exporters/snmp-exporter/ks.yaml +++ b/kubernetes/apps/monitoring/exporters/snmp-exporter/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/exporters/speedtest-exporter/ks.yaml b/kubernetes/apps/monitoring/exporters/speedtest-exporter/ks.yaml index 1201d037c4..cfcbe4e884 100644 --- a/kubernetes/apps/monitoring/exporters/speedtest-exporter/ks.yaml +++ b/kubernetes/apps/monitoring/exporters/speedtest-exporter/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/gatus/ks.yaml b/kubernetes/apps/monitoring/gatus/ks.yaml index ceedd5119d..de15462274 100644 --- a/kubernetes/apps/monitoring/gatus/ks.yaml +++ b/kubernetes/apps/monitoring/gatus/ks.yaml @@ -16,7 +16,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/grafana/ks.yaml b/kubernetes/apps/monitoring/grafana/ks.yaml index d453fedae6..7921242f62 100644 --- a/kubernetes/apps/monitoring/grafana/ks.yaml +++ b/kubernetes/apps/monitoring/grafana/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/karma/ks.yaml b/kubernetes/apps/monitoring/karma/ks.yaml index b30e1afed5..0d381b0c9f 100644 --- a/kubernetes/apps/monitoring/karma/ks.yaml +++ b/kubernetes/apps/monitoring/karma/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/kromgo/ks.yaml b/kubernetes/apps/monitoring/kromgo/ks.yaml index ebfd613e12..e32d6b735a 100644 --- a/kubernetes/apps/monitoring/kromgo/ks.yaml +++ b/kubernetes/apps/monitoring/kromgo/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml b/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml index de6ca627ff..5dcbc49277 100644 --- a/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml +++ b/kubernetes/apps/monitoring/kube-prometheus-stack/ks.yaml @@ -17,7 +17,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -39,7 +39,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/loki/ks.yaml b/kubernetes/apps/monitoring/loki/ks.yaml index 8011172d8a..d6f638c3c7 100644 --- a/kubernetes/apps/monitoring/loki/ks.yaml +++ b/kubernetes/apps/monitoring/loki/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/prometheus-operator-crds/ks.yaml b/kubernetes/apps/monitoring/prometheus-operator-crds/ks.yaml index 623fe5f0a2..13817cbbe5 100644 --- a/kubernetes/apps/monitoring/prometheus-operator-crds/ks.yaml +++ b/kubernetes/apps/monitoring/prometheus-operator-crds/ks.yaml @@ -15,7 +15,7 @@ spec: prune: false # never should be deleted sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/promtail/ks.yaml b/kubernetes/apps/monitoring/promtail/ks.yaml index a49d5658a5..a601875981 100644 --- a/kubernetes/apps/monitoring/promtail/ks.yaml +++ b/kubernetes/apps/monitoring/promtail/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/monitoring/unpoller/ks.yaml b/kubernetes/apps/monitoring/unpoller/ks.yaml index b93ec1a8cc..75ab560ab9 100644 --- a/kubernetes/apps/monitoring/unpoller/ks.yaml +++ b/kubernetes/apps/monitoring/unpoller/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/networking/cloudflared/ks.yaml b/kubernetes/apps/networking/cloudflared/ks.yaml index 2b830bfb21..efe9e4a1b0 100644 --- a/kubernetes/apps/networking/cloudflared/ks.yaml +++ b/kubernetes/apps/networking/cloudflared/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/networking/echo-server/ks.yaml b/kubernetes/apps/networking/echo-server/ks.yaml index 8a6815ec0b..66b404410f 100644 --- a/kubernetes/apps/networking/echo-server/ks.yaml +++ b/kubernetes/apps/networking/echo-server/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/networking/external-dns/ks.yaml b/kubernetes/apps/networking/external-dns/ks.yaml index e6ec2f76e6..80db60cf3b 100644 --- a/kubernetes/apps/networking/external-dns/ks.yaml +++ b/kubernetes/apps/networking/external-dns/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -37,7 +37,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/networking/multus/ks.yaml b/kubernetes/apps/networking/multus/ks.yaml index 28cdfea50a..64545712a6 100644 --- a/kubernetes/apps/networking/multus/ks.yaml +++ b/kubernetes/apps/networking/multus/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -37,7 +37,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/networking/nginx/ks.yaml b/kubernetes/apps/networking/nginx/ks.yaml index 6c19b583a0..e7977493ea 100644 --- a/kubernetes/apps/networking/nginx/ks.yaml +++ b/kubernetes/apps/networking/nginx/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -37,7 +37,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -59,7 +59,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/networking/smtp-relay/ks.yaml b/kubernetes/apps/networking/smtp-relay/ks.yaml index 8228e23db5..4fa78ea80a 100644 --- a/kubernetes/apps/networking/smtp-relay/ks.yaml +++ b/kubernetes/apps/networking/smtp-relay/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/openebs-system/openebs/ks.yaml b/kubernetes/apps/openebs-system/openebs/ks.yaml index 4785d6e9f4..369b4c0bd9 100644 --- a/kubernetes/apps/openebs-system/openebs/ks.yaml +++ b/kubernetes/apps/openebs-system/openebs/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml b/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml index 236652e611..c00e1615f5 100644 --- a/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml +++ b/kubernetes/apps/rook-ceph/rook-ceph/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -37,7 +37,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/system-upgrade/system-upgrade-controller/ks.yaml b/kubernetes/apps/system-upgrade/system-upgrade-controller/ks.yaml index 2cd413a83c..0665e52fa6 100644 --- a/kubernetes/apps/system-upgrade/system-upgrade-controller/ks.yaml +++ b/kubernetes/apps/system-upgrade/system-upgrade-controller/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m @@ -36,7 +36,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/volsync-system/snapshot-controller/ks.yaml b/kubernetes/apps/volsync-system/snapshot-controller/ks.yaml index 14e445a26b..264047e054 100644 --- a/kubernetes/apps/volsync-system/snapshot-controller/ks.yaml +++ b/kubernetes/apps/volsync-system/snapshot-controller/ks.yaml @@ -13,7 +13,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/apps/volsync-system/volsync/ks.yaml b/kubernetes/apps/volsync-system/volsync/ks.yaml index 5eae3d7d6e..44f02b4dcb 100644 --- a/kubernetes/apps/volsync-system/volsync/ks.yaml +++ b/kubernetes/apps/volsync-system/volsync/ks.yaml @@ -15,7 +15,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system wait: true interval: 30m retryInterval: 1m diff --git a/kubernetes/bootstrap/apps/external-secrets.j2 b/kubernetes/bootstrap/apps/external-secrets.j2 deleted file mode 100644 index 85209cb370..0000000000 --- a/kubernetes/bootstrap/apps/external-secrets.j2 +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: external-secrets ---- -apiVersion: v1 -kind: Secret -metadata: - name: onepassword-connect-secret - namespace: external-secrets -stringData: - 1password-credentials.json: {{ ENV.ONEPASSWORD_CREDENTIALS }} - token: {{ ENV.ONEPASSWORD_CONNECT_TOKEN }} diff --git a/kubernetes/bootstrap/apps/helmfile.yaml b/kubernetes/bootstrap/apps/helmfile.yaml index 10ccd0e6cf..6d0acf97e9 100644 --- a/kubernetes/bootstrap/apps/helmfile.yaml +++ b/kubernetes/bootstrap/apps/helmfile.yaml @@ -1,10 +1,6 @@ --- -# renovate: depName=ghcr.io/siderolabs/kubelet datasource=docker -kubeVersion: v1.32.0 - helmDefaults: force: true - recreatePods: true timeout: 600 wait: true waitForJobs: true @@ -45,10 +41,27 @@ releases: - '{{ requiredEnv "KUBERNETES_DIR" }}/apps/kube-system/spegel/app/resources/values.yaml' needs: ["kube-system/coredns"] - - name: flux - namespace: flux-system - chart: oci://ghcr.io/fluxcd-community/charts/flux2 - version: 2.14.1 + - name: wipe-rook + namespace: kube-system + chart: oci://ghcr.io/bjw-s/helm/app-template + version: 3.6.0 values: - - '{{ requiredEnv "KUBERNETES_DIR" }}/apps/flux-system/flux/app/resources/values.yaml' + - ./templates/wipe-rook.yaml.gotmpl needs: ["kube-system/spegel"] + + - name: flux-operator + namespace: flux-system + chart: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator + version: 0.12.0 + values: + - '{{ requiredEnv "KUBERNETES_DIR" }}/apps/flux-system/flux-operator/app/resources/values.yaml' + needs: ["kube-system/wipe-rook"] + + - name: flux-instance + namespace: flux-system + chart: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-instance + version: 0.12.0 + wait: false + values: + - '{{ requiredEnv "KUBERNETES_DIR" }}/apps/flux-system/flux-operator/instance/resources/values.yaml' + needs: ["flux-system/flux-operator"] diff --git a/kubernetes/bootstrap/apps/flux-system.yaml.j2 b/kubernetes/bootstrap/templates/resources.yaml.j2 similarity index 60% rename from kubernetes/bootstrap/apps/flux-system.yaml.j2 rename to kubernetes/bootstrap/templates/resources.yaml.j2 index cd27db141a..60caa0eb50 100644 --- a/kubernetes/bootstrap/apps/flux-system.yaml.j2 +++ b/kubernetes/bootstrap/templates/resources.yaml.j2 @@ -1,6 +1,20 @@ --- apiVersion: v1 kind: Namespace +metadata: + name: external-secrets +--- +apiVersion: v1 +kind: Secret +metadata: + name: onepassword-connect-secret + namespace: external-secrets +stringData: + 1password-credentials.json: {{ ENV.ONEPASSWORD_CREDENTIALS }} + token: {{ ENV.ONEPASSWORD_CONNECT_TOKEN }} +--- +apiVersion: v1 +kind: Namespace metadata: name: flux-system --- diff --git a/kubernetes/bootstrap/templates/wipe-rook.yaml.gotmpl b/kubernetes/bootstrap/templates/wipe-rook.yaml.gotmpl new file mode 100644 index 0000000000..006e0fd253 --- /dev/null +++ b/kubernetes/bootstrap/templates/wipe-rook.yaml.gotmpl @@ -0,0 +1,65 @@ +controllers: + main: + type: job + annotations: + helm.sh/hook: "post-install,post-upgrade" + helm.sh/hook-delete-policy: "before-hook-creation" + job: + backoffLimit: 0 + parallelism: {{ requiredEnv "NODE_COUNT" }} + initContainers: + data: + image: + repository: docker.io/library/alpine + tag: latest + command: + - /bin/sh + - -c + args: + - rm -rf /mnt/host_var/lib/rook + securityContext: + privileged: true + containers: + disk: + image: + repository: docker.io/library/alpine + tag: latest + env: + MODEL: {{ requiredEnv "MODEL" | quote }} + command: + - /bin/sh + - -c + args: + - | + apk add --no-cache findutils nvme-cli; + DISK=$(find /dev/disk/by-id/ -iname "*$(MODEL)*" -not -name "*_[0-9]"); + echo "=== Wiping $DISK ==="; + nvme format --lbaf=1 $DISK --force; + nvme format --block-size=4096 $DISK --force; + securityContext: + privileged: true + pod: + restartPolicy: Never +defaultPodOptions: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app.kubernetes.io/name: wipe-disk-job +persistence: + host-var: + type: hostPath + hostPath: /var + hostPathType: Directory + globalMounts: + - path: /mnt/host_var + readOnly: true + host-dev: + type: hostPath + hostPath: /dev/disk/by-id + hostPathType: Directory + globalMounts: + - path: /dev/disk/by-id + readOnly: true diff --git a/kubernetes/flux/apps.yaml b/kubernetes/flux/apps.yaml index 377ce945c1..49a7dc5f5e 100644 --- a/kubernetes/flux/apps.yaml +++ b/kubernetes/flux/apps.yaml @@ -10,7 +10,7 @@ spec: prune: true sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system decryption: provider: sops secretRef: diff --git a/kubernetes/flux/config/cluster.yaml b/kubernetes/flux/config/cluster.yaml index fe0ffd7940..108044e864 100644 --- a/kubernetes/flux/config/cluster.yaml +++ b/kubernetes/flux/config/cluster.yaml @@ -1,22 +1,4 @@ --- -apiVersion: source.toolkit.fluxcd.io/v1 -kind: GitRepository -metadata: - name: k8s-gitops - namespace: flux-system -spec: - interval: 30m - url: ssh://git@github.com/buroa/k8s-gitops - ref: - branch: master - secretRef: - name: github-deploy-key - ignore: | - # exclude all - /* - # include kubernetes directory - !/kubernetes ---- apiVersion: kustomize.toolkit.fluxcd.io/v1 kind: Kustomization metadata: @@ -29,7 +11,7 @@ spec: wait: false sourceRef: kind: GitRepository - name: k8s-gitops + name: flux-system decryption: provider: sops secretRef: diff --git a/kubernetes/flux/config/crds/.gitkeep b/kubernetes/flux/config/crds/.gitkeep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/kubernetes/flux/repositories/helm/fluxcd-community.yaml b/kubernetes/flux/repositories/helm/controlplaneio.yaml similarity index 64% rename from kubernetes/flux/repositories/helm/fluxcd-community.yaml rename to kubernetes/flux/repositories/helm/controlplaneio.yaml index c102d0cba1..1c194790dc 100644 --- a/kubernetes/flux/repositories/helm/fluxcd-community.yaml +++ b/kubernetes/flux/repositories/helm/controlplaneio.yaml @@ -2,9 +2,9 @@ apiVersion: source.toolkit.fluxcd.io/v1 kind: HelmRepository metadata: - name: fluxcd-community + name: controlplaneio namespace: flux-system spec: type: oci interval: 5m - url: oci://ghcr.io/fluxcd-community/charts + url: oci://ghcr.io/controlplaneio-fluxcd/charts diff --git a/kubernetes/flux/repositories/helm/kustomization.yaml b/kubernetes/flux/repositories/helm/kustomization.yaml index 1b093b47d6..7375e71017 100644 --- a/kubernetes/flux/repositories/helm/kustomization.yaml +++ b/kubernetes/flux/repositories/helm/kustomization.yaml @@ -7,13 +7,13 @@ resources: - ./bjw-s.yaml - ./cilium.yaml - ./cloudnative-pg.yaml + - ./controlplaneio.yaml - ./coredns.yaml - ./deliveryhero.yaml - ./emqx.yaml - ./external-dns.yaml - ./external-secrets.yaml - ./fairwinds.yaml - - ./fluxcd-community.yaml - ./grafana.yaml - ./ingress-nginx.yaml - ./intel.yaml