From b4e500b357952a54c748f50e395c9b9d54ddd9f3 Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Sun, 31 Mar 2024 10:02:55 -0500 Subject: [PATCH] Add a few more steps to bootstrap. --- kubernetes/bootstrap/readme.md | 30 +++++++++++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/kubernetes/bootstrap/readme.md b/kubernetes/bootstrap/readme.md index 4225fe23..d6178732 100644 --- a/kubernetes/bootstrap/readme.md +++ b/kubernetes/bootstrap/readme.md @@ -7,8 +7,27 @@ ```sh omnictl cluster template sync -f ./template.yaml --omniconfig ./omniconfig.yaml ``` +## CNI -## Flux +### Install Cilium + +```sh +cilium install \ + --helm-set=ipam.mode=kubernetes \ + --helm-set=kubeProxyReplacement=true \ + --helm-set=securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \ + --helm-set=securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \ + --helm-set=cgroup.autoMount.enabled=false \ + --helm-set=cgroup.hostRoot=/sys/fs/cgroup \ + --helm-set=k8sServiceHost=127.0.0.1 \ + --helm-set=k8sServicePort=7445 \ + --helm-set=bgpControlPlane.enabled=true \ + --helm-set=bgp.enabled=false \ + --helm-set=bgp.announce.loadbalancerIP=true \ + --helm-set=bgp.announce.podCIDR=false +``` + +## Flux Prep ### Install Flux @@ -25,10 +44,15 @@ sops --decrypt kubernetes/bootstrap/flux/age-key.sops.yaml | kubectl apply -f - sops --decrypt kubernetes/bootstrap/flux/git-deploy-key.sops.yaml | kubectl apply -f - sops --decrypt kubernetes/flux/vars/cluster-secrets.sops.yaml | kubectl apply -f - kubectl apply -f kubernetes/flux/vars/cluster-settings.yaml -kubectl apply -k kubernetes/bootstrap/kps-crds/ ``` -### Kick off Flux applying this repository +## Wipe Rook Ceph + +```sh +kubectl apply -f kubernetes/tools/wiperook.yaml +``` + +## Kick off Flux applying this repository ```sh kubectl apply --server-side --kustomize ./kubernetes/flux/config