Compare commits
No commits in common. "ea771272e9facd01c107a579b206209805d6df74" and "b8e894fd52e9fa56599da0fab26c7520101bb9ef" have entirely different histories.
ea771272e9
...
b8e894fd52
20 changed files with 37 additions and 93 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -1,3 +1 @@
|
|||
.envrc
|
||||
output.yaml
|
||||
chart/
|
||||
|
|
|
|||
|
|
@ -1,30 +0,0 @@
|
|||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: k8s-wheatley-cluster
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: 1password-wheatley
|
||||
target:
|
||||
name: k8s-wheatley-cluster
|
||||
creationPolicy: Owner
|
||||
template:
|
||||
engineVersion: v2
|
||||
type: Opaque
|
||||
metadata:
|
||||
labels:
|
||||
argocd.argoproj.io/secret-type: cluster
|
||||
data:
|
||||
name: k8s-wheatley
|
||||
server: "{{ .endpoint }}"
|
||||
project: argocd
|
||||
config: "{{ .config }}"
|
||||
data:
|
||||
- secretKey: endpoint
|
||||
remoteRef:
|
||||
key: k8s-wheatley_clusterdefinition/endpoint
|
||||
- secretKey: config
|
||||
remoteRef:
|
||||
key: k8s-wheatley_clusterdefinition/config
|
||||
|
|
@ -6,7 +6,6 @@ resources:
|
|||
- install.yaml
|
||||
- repository.yaml
|
||||
- namespace.yaml
|
||||
- clusters.yaml
|
||||
|
||||
namespace: argocd
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ spec:
|
|||
parentRefs:
|
||||
- name: internal
|
||||
namespace: kube-system
|
||||
sectionName: http
|
||||
sectionName: https
|
||||
hostnames:
|
||||
- "hubble.k8s.peterg.nl"
|
||||
rules:
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- secretstore.yaml
|
||||
|
||||
helmCharts:
|
||||
- name: external-secrets
|
||||
repo: https://charts.external-secrets.io
|
||||
namespace: external-secrets
|
||||
releaseName: external-secrets
|
||||
version: 1.0.0
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: external-secrets
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ClusterSecretStore
|
||||
metadata:
|
||||
name: 1password-wheatley
|
||||
spec:
|
||||
provider:
|
||||
onepasswordSDK:
|
||||
vault: wheatley
|
||||
auth:
|
||||
serviceAccountSecretRef:
|
||||
namespace: external-secrets
|
||||
name: 1password-token-wheatley
|
||||
key: token
|
||||
|
|
@ -4,4 +4,3 @@ kind: Kustomization
|
|||
resources:
|
||||
- cilium-gatewayapi
|
||||
- argocd
|
||||
- external-secrets-operator
|
||||
|
|
|
|||
17
k8s-wheatley/base/cilium/gateways.yaml
Normal file
17
k8s-wheatley/base/cilium/gateways.yaml
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: Gateway
|
||||
metadata:
|
||||
name: internal
|
||||
spec:
|
||||
gatewayClassName: cilium
|
||||
addresses:
|
||||
- type: IPAddress
|
||||
value: 10.13.38.10
|
||||
listeners:
|
||||
- allowedRoutes:
|
||||
namespaces:
|
||||
from: All
|
||||
name: http
|
||||
port: 80
|
||||
protocol: HTTP
|
||||
|
|
@ -10,7 +10,7 @@ spec:
|
|||
namespace: kube-system
|
||||
sectionName: http
|
||||
hostnames:
|
||||
- "hubble.k8s.wheatley.in"
|
||||
- "hubble.k8s-test.wheatley.in"
|
||||
rules:
|
||||
- backendRefs:
|
||||
- name: hubble-ui
|
||||
|
|
@ -5,7 +5,7 @@ metadata:
|
|||
name: internal-pool
|
||||
spec:
|
||||
blocks:
|
||||
- cidr: "10.13.38.10/32"
|
||||
- cidr: "10.13.38.10/32"
|
||||
---
|
||||
apiVersion: "cilium.io/v2alpha1"
|
||||
kind: CiliumL2AnnouncementPolicy
|
||||
|
|
@ -4,7 +4,6 @@ kind: Kustomization
|
|||
namespace: kube-system
|
||||
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- ip-pool.yaml
|
||||
- gateways.yaml
|
||||
- httproute.yaml
|
||||
7
k8s-wheatley/base/kustomization.yaml
Normal file
7
k8s-wheatley/base/kustomization.yaml
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- argocd
|
||||
- cilium
|
||||
- metrics-server
|
||||
10
k8s-wheatley/base/metrics-server/kustomization.yaml
Normal file
10
k8s-wheatley/base/metrics-server/kustomization.yaml
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
helmCharts:
|
||||
- name: metrics-server
|
||||
repo: https://kubernetes-sigs.github.io/metrics-server/
|
||||
namespace: kube-system
|
||||
releaseName: metrics-server
|
||||
version: 3.13.0
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: Gateway
|
||||
metadata:
|
||||
name: internal
|
||||
spec:
|
||||
gatewayClassName: cilium
|
||||
addresses:
|
||||
- type: IPAddress
|
||||
value: 10.13.38.10
|
||||
listeners:
|
||||
- allowedRoutes:
|
||||
namespaces:
|
||||
from: All
|
||||
name: http
|
||||
port: 80
|
||||
protocol: HTTP
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: kube-system
|
||||
Loading…
Add table
Add a link
Reference in a new issue