scale-to-one-node #269

Merged
jahanson merged 3 commits from scale-to-one-node into main 2024-05-07 13:37:02 -05:00
8 changed files with 92 additions and 14 deletions
Showing only changes of commit 801395b748 - Show all commits

View file

@ -0,0 +1,3 @@
---
providerRegex: ^shadowfax$
bypassDnsResolution: true

View file

@ -0,0 +1,32 @@
---
# yaml-language-server: $schema=https://ks.hsn.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: kubelet-csr-approver
spec:
interval: 30m
chart:
spec:
chart: kubelet-csr-approver
version: 1.1.0
sourceRef:
kind: HelmRepository
name: postfinance
namespace: flux-system
install:
remediation:
retries: 3
upgrade:
cleanupOnFail: true
remediation:
strategy: rollback
retries: 3
valuesFrom:
- kind: ConfigMap
name: kubelet-csr-approver-helm-values
values:
metrics:
enable: true
serviceMonitor:
enabled: true

View file

@ -0,0 +1,12 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./helmrelease.yaml
configMapGenerator:
- name: kubelet-csr-approver-helm-values
files:
- values.yaml=./helm-values.yaml
configurations:
- kustomizeconfig.yaml

View file

@ -0,0 +1,7 @@
---
nameReference:
- kind: ConfigMap
version: v1
fieldSpecs:
- path: spec/valuesFrom/name
kind: HelmRelease

View file

@ -0,0 +1,21 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: &app kubelet-csr-approver
namespace: flux-system
spec:
targetNamespace: kube-system
commonMetadata:
labels:
app.kubernetes.io/name: *app
path: ./kubernetes/apps/kube-system/kubelet-csr-approver/app
prune: false # never should be deleted
sourceRef:
kind: GitRepository
name: homelab
wait: false
interval: 30m
retryInterval: 1m
timeout: 5m

View file

@ -10,6 +10,7 @@ resources:
- ./descheduler/ks.yaml
- ./dnsimple-webhook-rbac.yaml
- ./fstrim/ks.yaml
- ./kubelet-csr-approver/ks.yaml
- ./metrics-server/ks.yaml
- ./multus/ks.yaml
- ./intel-device-plugin/ks.yaml

View file

@ -10,8 +10,8 @@ helmDefaults:
repositories:
- name: cilium
url: https://helm.cilium.io
- name: nvdp
url: https://nvidia.github.io/k8s-device-plugin
- name: postfinance
url: https://postfinance.github.io/kubelet-csr-approver
releases:
- name: cilium
@ -20,12 +20,12 @@ releases:
version: 1.15.4
values: ["../../../apps/kube-system/cilium/app/resources/values.yml"]
wait: true
- name: nvidia-device-plugin
- name: kubelet-csr-approver
namespace: kube-system
chart: nvdp/nvidia-device-plugin
version: 0.14.5
values: ["../../../apps/kube-system/nvidia-device-plugin/app/resources/values.yml"]
wait: true
chart: postfinance/kubelet-csr-approver
version: 1.1.0
values: ["../../../apps/kube-system/kubelet-csr-approver/app/helm-values.yaml"]
needs: ["cilium"]
- name: spegel
namespace: kube-system
chart: oci://ghcr.io/spegel-org/helm-charts/spegel

View file

@ -6,9 +6,6 @@ talosVersion: v1.7.1
kubernetesVersion: 1.28.4
endpoint: "https://10.1.1.57:6443"
cniConfig:
name: none
additionalApiServerCertSans:
- 10.1.1.57
@ -21,10 +18,12 @@ nodes:
ipAddress: 10.1.1.61
controlPlane: true
installDiskSelector:
busPath: /dev/nvme0n1
busPath: /pci0000:20/0000:20:01.2/0000:2d:00.0/nvme/nvme1/nvme1n1
networkInterfaces:
- interface: eth0
- interface: enp37s0f1
dhcp: true
- interface: enp37s0f0
dhcp: false
kernelModules:
- name: nvidia
- name: nvidia_uvm
@ -55,7 +54,7 @@ controlPlane:
machine:
network:
nameservers:
- 10.1.1.11
- 10.1.1.1
# Configure NTP
- |-
@ -79,6 +78,9 @@ controlPlane:
allowSchedulingOnMasters: true
proxy:
disabled: true
network:
cni:
name: none
# ETCD configuration
- |-