From 61f167b348e3c5df9e7ca93d941c5a66e7a285c6 Mon Sep 17 00:00:00 2001 From: auricom <27022259+auricom@users.noreply.github.com> Date: Thu, 19 Jun 2025 23:38:47 +0200 Subject: [PATCH] refactor: cilium helm --- .../app/{ => helm}/kustomizeconfig.yaml | 0 .../{helm-values.yaml => helm/values.yaml} | 0 .../kube-system/cilium/app/helmrelease.yaml | 37 +++++++++++-------- .../kube-system/cilium/app/kustomization.yaml | 7 ++-- .../bgp-policy.yaml => app/networks.yaml} | 8 ++++ .../kube-system/cilium/config/bgp-pool.yaml | 8 ---- .../cilium/config/kustomization.yaml | 6 --- kubernetes/apps/kube-system/cilium/ks.yaml | 31 ---------------- 8 files changed, 34 insertions(+), 63 deletions(-) rename kubernetes/apps/kube-system/cilium/app/{ => helm}/kustomizeconfig.yaml (100%) rename kubernetes/apps/kube-system/cilium/app/{helm-values.yaml => helm/values.yaml} (100%) rename kubernetes/apps/kube-system/cilium/{config/bgp-policy.yaml => app/networks.yaml} (78%) delete mode 100644 kubernetes/apps/kube-system/cilium/config/bgp-pool.yaml delete mode 100644 kubernetes/apps/kube-system/cilium/config/kustomization.yaml diff --git a/kubernetes/apps/kube-system/cilium/app/kustomizeconfig.yaml b/kubernetes/apps/kube-system/cilium/app/helm/kustomizeconfig.yaml similarity index 100% rename from kubernetes/apps/kube-system/cilium/app/kustomizeconfig.yaml rename to kubernetes/apps/kube-system/cilium/app/helm/kustomizeconfig.yaml diff --git a/kubernetes/apps/kube-system/cilium/app/helm-values.yaml b/kubernetes/apps/kube-system/cilium/app/helm/values.yaml similarity index 100% rename from kubernetes/apps/kube-system/cilium/app/helm-values.yaml rename to kubernetes/apps/kube-system/cilium/app/helm/values.yaml diff --git a/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml b/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml index 6c98f889b..62f9b388a 100644 --- a/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml +++ b/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml @@ -1,33 +1,38 @@ --- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/source.toolkit.fluxcd.io/ocirepository_v1.json +apiVersion: source.toolkit.fluxcd.io/v1 +kind: OCIRepository +metadata: + name: cilium +spec: + interval: 5m + layerSelector: + mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip + operation: copy + ref: + tag: 1.17.3 + url: oci://ghcr.io/home-operations/charts-mirror/cilium +--- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2.json apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: cilium spec: - interval: 30m - chart: - spec: - chart: cilium - version: 1.17.3 - sourceRef: - kind: HelmRepository - name: cilium - namespace: flux-system - maxHistory: 2 + interval: 1h + chartRef: + kind: OCIRepository + name: cilium install: - createNamespace: true remediation: - retries: 3 + retries: -1 upgrade: cleanupOnFail: true remediation: retries: 3 - uninstall: - keepHistory: false valuesFrom: - kind: ConfigMap - name: cilium-helm-values + name: cilium-values values: hubble: enabled: true @@ -57,3 +62,5 @@ spec: enabled: true className: internal hosts: ["hubble.${SECRET_EXTERNAL_DOMAIN}"] + operator: + tolerations: [] diff --git a/kubernetes/apps/kube-system/cilium/app/kustomization.yaml b/kubernetes/apps/kube-system/cilium/app/kustomization.yaml index 2b04bf348..1dd565ca2 100644 --- a/kubernetes/apps/kube-system/cilium/app/kustomization.yaml +++ b/kubernetes/apps/kube-system/cilium/app/kustomization.yaml @@ -4,9 +4,10 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - ./helmrelease.yaml + - ./networks.yaml configMapGenerator: - - name: cilium-helm-values + - name: cilium-values files: - - values.yaml=./helm-values.yaml + - values.yaml=./helm/values.yaml configurations: - - kustomizeconfig.yaml + - ./helm/kustomizeconfig.yaml diff --git a/kubernetes/apps/kube-system/cilium/config/bgp-policy.yaml b/kubernetes/apps/kube-system/cilium/app/networks.yaml similarity index 78% rename from kubernetes/apps/kube-system/cilium/config/bgp-policy.yaml rename to kubernetes/apps/kube-system/cilium/app/networks.yaml index 1033fd0c4..ac3f9c76c 100644 --- a/kubernetes/apps/kube-system/cilium/config/bgp-policy.yaml +++ b/kubernetes/apps/kube-system/cilium/app/networks.yaml @@ -19,3 +19,11 @@ spec: neighbors: - peerAddress: ${LOCAL_LAN_OPNSENSE}/24 peerASN: 64512 +--- +apiVersion: cilium.io/v2alpha1 +kind: CiliumLoadBalancerIPPool +metadata: + name: main-pool +spec: + blocks: + - cidr: ${CILIUM_BGP_SVC_RANGE} diff --git a/kubernetes/apps/kube-system/cilium/config/bgp-pool.yaml b/kubernetes/apps/kube-system/cilium/config/bgp-pool.yaml deleted file mode 100644 index 95b531590..000000000 --- a/kubernetes/apps/kube-system/cilium/config/bgp-pool.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: cilium.io/v2alpha1 -kind: CiliumLoadBalancerIPPool -metadata: - name: main-pool -spec: - blocks: - - cidr: ${CILIUM_BGP_SVC_RANGE} diff --git a/kubernetes/apps/kube-system/cilium/config/kustomization.yaml b/kubernetes/apps/kube-system/cilium/config/kustomization.yaml deleted file mode 100644 index fe62b7bee..000000000 --- a/kubernetes/apps/kube-system/cilium/config/kustomization.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - ./bgp-policy.yaml - - ./bgp-pool.yaml diff --git a/kubernetes/apps/kube-system/cilium/ks.yaml b/kubernetes/apps/kube-system/cilium/ks.yaml index c5e1327d4..f69c654bd 100644 --- a/kubernetes/apps/kube-system/cilium/ks.yaml +++ b/kubernetes/apps/kube-system/cilium/ks.yaml @@ -11,37 +11,6 @@ spec: app.kubernetes.io/name: *app interval: 1h path: ./kubernetes/apps/kube-system/cilium/app - postBuild: - substitute: - APP: *app - prune: false - retryInterval: 2m - sourceRef: - kind: GitRepository - name: home-ops-kubernetes - namespace: flux-system - targetNamespace: *namespace - timeout: 5m - wait: false ---- -# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json -apiVersion: kustomize.toolkit.fluxcd.io/v1 -kind: Kustomization -metadata: - name: &app cilium-config - namespace: &namespace kube-system -spec: - commonMetadata: - labels: - app.kubernetes.io/name: *app - dependsOn: - - name: cilium-app - namespace: *namespace - interval: 1h - path: ./kubernetes/apps/kube-system/cilium/config - postBuild: - substitute: - APP: *app prune: false retryInterval: 2m sourceRef: