jahanson/theshire
Archived
1
0
Fork 0
Code Issues 1 Pull requests 19 Projects Releases Packages Wiki Activity Actions
This repository has been archived on 2025-01-11. You can view files and clone it, but cannot push or open issues or pull requests.
theshire/kubernetes/bootstrap
History
Joseph Hanson 1c66639bf4 Merge pull request 'Update chart kubelet-csr-approver to 1.2.4' (#1031) from renovate/kubelet-csr-approver-1.x into main 
Reviewed-on: #1031
2025-01-04 21:11:06 -06:00
..
flux Update Flux group to v2.4.0 2024-09-30 18:02:32 +00:00
talos add docker info to env 2025-01-01 01:18:12 -06:00
helmfile-diffinstall.ps1 pulling helm-diff for windows 2025-01-01 00:06:58 -06:00
helmfile.yaml Update chart kubelet-csr-approver to 1.2.4 2024-12-30 14:05:29 +00:00
readme.md tooling and bootstrap updates 2025-01-01 00:06:33 -06:00

readme.md

Bootstrap

Prerequisites

mise use helm helmfile
helm plugin install https://github.com/databus23/helm-diff

Talos

Bootstrap talos cluster

talosctl apply-config --nodes=frodo --file=./kubernetes/bootstrap/talos/clusterconfig/theshire-frodo.yaml --insecure
talosctl apply-config --nodes=bilbo --file=./kubernetes/bootstrap/talos/clusterconfig/theshire-bilbo.yaml --insecure
talosctl apply-config --nodes=sam --file=./kubernetes/bootstrap/talos/clusterconfig/theshire-sam.yaml --insecure
talosctl apply-config --nodes=merry --file=./kubernetes/bootstrap/talos/clusterconfig/theshire-merry.yaml --insecure
talosctl apply-config --nodes=pippin --file=./kubernetes/bootstrap/talos/clusterconfig/theshire-pippin.yaml --insecure
talosctl apply-config --nodes=rosie --file=./kubernetes/bootstrap/talos/clusterconfig/theshire-rosie.yaml --insecure
talosctl bootstrap --nodes=frodo

CNI & Container Proxy

Install Cilium, csr-approver, coredns, and Prometheus CRDs.

helmfile apply -f kubernetes/bootstrap/helmfile.yaml

Flux Prep

Install Flux

kubectl apply --server-side --kustomize ./kubernetes/bootstrap/flux

Apply secrets, settings, and crds.

These cannot be applied with kubectl in the regular fashion due to be encrypted with sops

sops --decrypt kubernetes/bootstrap/flux/age-key.sops.yaml | kubectl apply -f -
sops --decrypt kubernetes/flux/vars/cluster-secrets.sops.yaml | kubectl apply -f -
kubectl apply -f kubernetes/flux/vars/cluster-settings.yaml

Wipe Rook Ceph

kubectl apply -f kubernetes/tools/wiperook.yaml

Kick off Flux applying this repository

kubectl apply --server-side --kustomize ./kubernetes/flux/config