✏️ bootstrap

2025-09-17 18:24:14 +02:00 · 2022-12-30 04:18:48 +01:00
parent a860f74b5c
commit 49aba54552
9 changed files with 21 additions and 18 deletions
--- a/kubernetes/apps/kustomization.yaml
+++ b/kubernetes/apps/kustomization.yaml
@@ -3,13 +3,13 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ./cert-manager
-  - ./default
-  - ./flux-system
-  - ./kube-system
-  - ./kyverno
-  - ./monitoring
-  - ./networking
+  # - ./cert-manager
+  # - ./default
+  # - ./flux-system
+  # - ./kube-system
+  # - ./kyverno
+  # - ./monitoring
+  # - ./networking
  - ./rook-ceph
-  - ./trivy-system
-  - ./volsync
+  # - ./trivy-system
+  # - ./volsync
--- a/kubernetes/bootstrap/.gitignore
+++ b/kubernetes/bootstrap/.gitignore
@@ -0,0 +1,2 @@
+charts
+clusterconfig
--- a/kubernetes/bootstrap/README.md
+++ b/kubernetes/bootstrap/README.md
@@ -0,0 +1,10 @@
+## :memo:&nbsp; Bootstrap
+
+1. Deploy [cilium](https://cilium.io/) : `kubectl kustomize --enable-helm ./kubernetes/bootstrap/cilium | kubectl apply -f -`
+2. Deploy [kubelet-csr-approver](https://github.com/postfinance/kubelet-csr-approver) `kubectl kustomize --enable-helm ./kubernetes/bootstrap/kubelet-csr-approver | kubectl apply -f -` to approve csr issued by talos nodes (that will allow to see pods logs).
+3. Deploy [flux](https://github.com/fluxcd/flux2) `kubectl apply --server-side --kustomize ./kubernetes/bootstrap/flux`
+4. Create flux github secret `sops --decrypt ./kubernetes/bootstrap/flux/github-deploy-key.sops.yaml | kubectl apply -f -`
+5. Create sops secret `cat ~/.config/sops/age/keys.txt | kubectl create secret generic sops-age --namespace=flux-system --from-file=age.agekey=/dev/stdin`
+6. Apply flux cluster variables `kubectl apply -k ./kubernetes/flux/vars/cluster-settings.yaml`
+6. Apply flux cluster secrets `sops --decrypt ./kubernetes/flux/vars/cluster-secrets.sops.yaml | kubectl apply -f -`
+7. Apply flux kustomization `kubectl apply --server-side --kustomize ./kubernetes/flux/config`
--- a/kubernetes/bootstrap/cilium/kustomization.yaml
+++ b/kubernetes/bootstrap/cilium/kustomization.yaml
--- a/kubernetes/bootstrap/cilium/values.yaml
+++ b/kubernetes/bootstrap/cilium/values.yaml
--- a/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml
+++ b/kubernetes/bootstrap/flux/github-deploy-key.sops.yaml
--- a/kubernetes/bootstrap/flux/kustomization.yaml
+++ b/kubernetes/bootstrap/flux/kustomization.yaml
--- a/kubernetes/bootstrap/kubelet-csr-approver/kustomization.yaml
+++ b/kubernetes/bootstrap/kubelet-csr-approver/kustomization.yaml
--- a/talos/bootstrap/README.md
+++ b/talos/bootstrap/README.md
@@ -1,9 +0,0 @@
-## :memo:&nbsp; Bootstrap
-
-1. Deploy [cilium](https://cilium.io/) : `kubectl kustomize --enable-helm ./kubernetes/bootsrap/cilium | kubectl apply -f -`
-2. Deploy [kubelet-csr-approver](https://github.com/postfinance/kubelet-csr-approver) `kubectl kustomize --enable-helm ./talos/bootstrap/kubelet-csr-approver | kubectl apply -f -` to approve csr issued by talos nodes (that will allow to see pods logs).
-3. Deploy [flux](https://github.com/fluxcd/flux2) `kubectl apply --server-side --kustomize ./talos/bootstrap/flux`
-4. Create flux github secret `sops --decrypt ./talos/bootstrap/flux/github-deploy-key.sops.yaml | kubectl apply -f -`
-5. Create sops secret `cat ~/.config/sops/age/keys.txt | kubectl create secret generic sops-age --namespace=flux-system --from-file=age.agekey=/dev/stdin`
-6. Apply flux cluster variables `kubectl apply -f ./kubernetes/flux/vars/cluster-settings.yaml`
-7. Apply flux kustomization `kubectl apply --server-side --kustomize ./kubernetes/flux/config`