diff --git a/components/networking/controllers/base/kustomization-cilium.yaml b/components/networking/configs/base/cilium/kustomization.yaml similarity index 85% rename from components/networking/controllers/base/kustomization-cilium.yaml rename to components/networking/configs/base/cilium/kustomization.yaml index cd116c9..c32bc06 100644 --- a/components/networking/controllers/base/kustomization-cilium.yaml +++ b/components/networking/configs/base/cilium/kustomization.yaml @@ -1,5 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: kube-system -resources: [] - +resources: [] \ No newline at end of file diff --git a/components/networking/configs/base/kustomization-cilium.yaml b/components/networking/configs/base/kustomization-cilium.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/components/networking/configs/base/.sops.yaml b/components/networking/configs/base/metal-lb/.sops.yaml similarity index 100% rename from components/networking/configs/base/.sops.yaml rename to components/networking/configs/base/metal-lb/.sops.yaml diff --git a/components/networking/configs/base/kustomization-metal-lb.yaml b/components/networking/configs/base/metal-lb/kustomization.yaml similarity index 68% rename from components/networking/configs/base/kustomization-metal-lb.yaml rename to components/networking/configs/base/metal-lb/kustomization.yaml index 4e26ed3..d7fced1 100644 --- a/components/networking/configs/base/kustomization-metal-lb.yaml +++ b/components/networking/configs/base/metal-lb/kustomization.yaml @@ -1,6 +1,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: metallb-system -resources: [] - # - metal-lb-ip-pool.yaml +resources: + - metal-lb-ip-pool.yaml diff --git a/components/networking/configs/base/metal-lb-ip-pool.yaml b/components/networking/configs/base/metal-lb/metal-lb-ip-pool.yaml similarity index 100% rename from components/networking/configs/base/metal-lb-ip-pool.yaml rename to components/networking/configs/base/metal-lb/metal-lb-ip-pool.yaml diff --git a/components/networking/configs/dev-amd64/kustomization.yaml b/components/networking/configs/dev-amd64/kustomization.yaml index 419dcad..c21e961 100644 --- a/components/networking/configs/dev-amd64/kustomization.yaml +++ b/components/networking/configs/dev-amd64/kustomization.yaml @@ -1,3 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] \ No newline at end of file +resources: + - ../base/cilium \ No newline at end of file diff --git a/components/networking/configs/dev-arm64/kustomization.yaml b/components/networking/configs/dev-arm64/kustomization.yaml index 5925798..41d1fb3 100644 --- a/components/networking/configs/dev-arm64/kustomization.yaml +++ b/components/networking/configs/dev-arm64/kustomization.yaml @@ -1,4 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - ../base/metal-lb-ip-pool.yaml \ No newline at end of file + - ../base/metal-lb \ No newline at end of file diff --git a/components/networking/controllers/base/cilium/cilium.yaml b/components/networking/controllers/base/cilium/cilium.yaml new file mode 100644 index 0000000..9e56c32 --- /dev/null +++ b/components/networking/controllers/base/cilium/cilium.yaml @@ -0,0 +1,57 @@ +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: cilium + namespace: kube-system +spec: + interval: 12h + url: https://helm.cilium.io/ +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: cilium + namespace: kube-system +spec: + serviceAccountName: flux + interval: 1h + chart: + spec: + version: 1.18.0 + chart: cilium + sourceRef: + kind: HelmRepository + name: cilium + interval: 12h + values: + cgroup: + autoMount: + enabled: false + hostRoot: /sys/fs/cgroup + gatewayAPI: + enableAlpn: true + enableAppProtocol: true + enabled: true + ipam: + mode: kubernetes + k8sServiceHost: localhost + k8sServicePort: 7445 + kubeProxyReplacement: true + securityContext: + capabilities: + ciliumAgent: + - CHOWN + - KILL + - NET_ADMIN + - NET_RAW + - IPC_LOCK + - SYS_ADMIN + - SYS_RESOURCE + - DAC_OVERRIDE + - FOWNER + - SETGID + - SETUID + cleanCiliumState: + - NET_ADMIN + - SYS_ADMIN + - SYS_RESOURCE diff --git a/components/networking/controllers/base/cilium/kustomization.yaml b/components/networking/controllers/base/cilium/kustomization.yaml new file mode 100644 index 0000000..a441c7e --- /dev/null +++ b/components/networking/controllers/base/cilium/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kube-system +resources: + - cilium.yaml + diff --git a/components/networking/controllers/dev-amd64/kustomization.yaml b/components/networking/controllers/dev-amd64/kustomization.yaml index 419dcad..c21e961 100644 --- a/components/networking/controllers/dev-amd64/kustomization.yaml +++ b/components/networking/controllers/dev-amd64/kustomization.yaml @@ -1,3 +1,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization -resources: [] \ No newline at end of file +resources: + - ../base/cilium \ No newline at end of file