From f4cf0d19b0ce128e71fd2914361699f0116d40f9 Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Thu, 10 Jul 2025 13:07:11 +1000 Subject: [PATCH] Housekeeping --- .gitignore | 1 + system/ArgoCD/application-argo-cd.yaml | 7 +- system/ArgoCD/values.yaml | 3 +- .../InotifyLimits/daemonSet-InotifyLimits.yml | 29 ------- system/Kured/chart-values.yml | 21 ----- system/Kured/sealedSecret-Kured.yml | 23 ----- .../UpgradeController/plan-Agent.yml.REMOVED | 21 ----- system/UpgradeController/plan-Server.yml | 18 ---- system/kube-vip/application-kube-vip.yaml | 17 ---- system/kube-vip/daemonset-kube-vip-ds.yaml | 87 ------------------- 10 files changed, 4 insertions(+), 223 deletions(-) delete mode 100644 system/InotifyLimits/daemonSet-InotifyLimits.yml delete mode 100644 system/Kured/chart-values.yml delete mode 100644 system/Kured/sealedSecret-Kured.yml delete mode 100644 system/UpgradeController/plan-Agent.yml.REMOVED delete mode 100644 system/UpgradeController/plan-Server.yml delete mode 100644 system/kube-vip/application-kube-vip.yaml delete mode 100644 system/kube-vip/daemonset-kube-vip-ds.yaml diff --git a/.gitignore b/.gitignore index d274e91..72a4250 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ *.sensitive.yml +*.sensitive.yaml diff --git a/system/ArgoCD/application-argo-cd.yaml b/system/ArgoCD/application-argo-cd.yaml index 919173a..3d6f852 100644 --- a/system/ArgoCD/application-argo-cd.yaml +++ b/system/ArgoCD/application-argo-cd.yaml @@ -11,13 +11,10 @@ spec: sources: - repoURL: https://argoproj.github.io/argo-helm chart: argo-cd - targetRevision: 7.8.13 + targetRevision: 8.1.2 helm: valueFiles: - $values/system/ArgoCD/values.yaml - repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog - targetRevision: master + targetRevision: HEAD ref: values -# - repoURL: https://github.com/djpbessems/Kubernetes.K3s.installLog -# targetRevision: master -# ref: values diff --git a/system/ArgoCD/values.yaml b/system/ArgoCD/values.yaml index 1a88d9b..e8fbce3 100644 --- a/system/ArgoCD/values.yaml +++ b/system/ArgoCD/values.yaml @@ -2,10 +2,9 @@ configs: params: server.insecure: true global: - domain: gitops.spamasaurus.com + domain: gitops.lab.spamasaurus.com server: ingress: enabled: true annotations: -# traefik.ingress.kubernetes.io/router.middlewares: security-headers@file,compression@file traefik.ingress.kubernetes.io/router.middlewares: security-headers@file diff --git a/system/InotifyLimits/daemonSet-InotifyLimits.yml b/system/InotifyLimits/daemonSet-InotifyLimits.yml deleted file mode 100644 index d1406cf..0000000 --- a/system/InotifyLimits/daemonSet-InotifyLimits.yml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: inotify-limits - namespace: kube-system -spec: - selector: - matchLabels: - app: inotify-limits - template: - metadata: - name: inotify-limits - labels: - app: inotify-limits - spec: - containers: - - name: inotify-limits - image: bv11-cr01.bessems.eu/proxy/library/alpine - imagePullPolicy: Always - securityContext: - privileged: true - command: - - "/bin/sh" - - "-c" - args: - - | - echo 'fs.inotify.max_user_watches=524288' | tee /etc/sysctl.conf; - echo 'fs.inotify.max_user_instances=512' | tee /etc/sysctl.conf; - sysctl -p && tail -f /dev/null diff --git a/system/Kured/chart-values.yml b/system/Kured/chart-values.yml deleted file mode 100644 index a84ac17..0000000 --- a/system/Kured/chart-values.yml +++ /dev/null @@ -1,21 +0,0 @@ -configuration: - blockingPodSelector: - - io.drone=true - - timeZone: Europe/Amsterdam - startTime: 02:00 - endTime: 04:30 - -extraEnvVars: - - name: KURED_NOTIFY_URL - valueFrom: - secretKeyRef: - name: kured-secret - key: notifyUrl - -hostNetwork: false - -#metrics: -# create: false -#service: -# create: false diff --git a/system/Kured/sealedSecret-Kured.yml b/system/Kured/sealedSecret-Kured.yml deleted file mode 100644 index 5392ab9..0000000 --- a/system/Kured/sealedSecret-Kured.yml +++ /dev/null @@ -1,23 +0,0 @@ -{ - "kind": "SealedSecret", - "apiVersion": "bitnami.com/v1alpha1", - "metadata": { - "name": "kured-secret", - "namespace": "kured", - "creationTimestamp": null - }, - "spec": { - "template": { - "metadata": { - "name": "kured-secret", - "namespace": "kured", - "creationTimestamp": null - }, - "type": "Opaque", - "data": null - }, - "encryptedData": { - "notifyUrl": "AgAIIpIfkWK7JEkR0NrxvznV5a49UReEAvWJosNg+Lhe3rD+Z+TkpnRyuPkyfbwousSPHbwos5f02USUhsdxUjKP8BhEtvAzVlcFkktLhk7HHx+PUpr572oyDhrnHuwG6hhWVvnQph7hc+KUvqV6xKPF6zc+S7EtW0i0OapkenHvtItqw5/LZQ2C7FSEaXTxHS6TJkJd9505bcsq2vzRBaylHFytqsWA46OwgAVc1GB6wxDzBzM/uzWSUygJLAViyi+v4epHprf5siIsn7rjX71KFv9C/mNwlNS7feCSkaUOREzwdIOUaRxUSacauDPoE1adk+83ymAy87kn098Ctv4qgPgiu3k+nlqA3lLG0Vx/SlALNYgus53FCBrXXo50H3liZ7BOsRh8C3l7PWKQ4mMwNh3GN6yTBEdEEft3CEPl0l+EZ/WiLUKysetAezzWsLxjzII4igSR+t5j6PPW0iFGdKxFL+Q+K/WOrn9OIynKvlFy7EPZEqzm8lThBXO97r/O37ypGUCIK04Wj+vtfKhWTNhWycNVmsbt96g/ODHFzgJC0F7fwAfx+VBpDMg/BpNQeG9mm1Qc6fFMyQYHwoarXRXExqPn8fMxxPuU+EdxfioqSvcdLB31hAJcS+/39xEZT/YQtPWTZzQCkbwBweQWJdEuYudv7TnI4focpLu6/uaavoiGTCUcz4NHqGAGukrP2Lxk25sZwGSWNUEblcqfzx+4DyRllqAefLhRCI0OZmjiZ3Lwzb/xY0vypM3c+fxqnZhlPR4eGhPHSaQ=" - } - } -} diff --git a/system/UpgradeController/plan-Agent.yml.REMOVED b/system/UpgradeController/plan-Agent.yml.REMOVED deleted file mode 100644 index 73f13ca..0000000 --- a/system/UpgradeController/plan-Agent.yml.REMOVED +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: upgrade.cattle.io/v1 -kind: Plan -metadata: - name: agent-plan - namespace: system-upgrade -spec: - concurrency: 1 - cordon: true - nodeSelector: - matchExpressions: - - key: node-role.kubernetes.io/master - operator: DoesNotExist - prepare: - args: - - prepare - - server-plan - image: rancher/k3s-upgrade - serviceAccountName: system-upgrade - upgrade: - image: rancher/k3s-upgrade - channel: https://update.k3s.io/v1-release/channels/stable diff --git a/system/UpgradeController/plan-Server.yml b/system/UpgradeController/plan-Server.yml deleted file mode 100644 index 9c146ab..0000000 --- a/system/UpgradeController/plan-Server.yml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: upgrade.cattle.io/v1 -kind: Plan -metadata: - name: server-plan - namespace: system-upgrade -spec: - concurrency: 1 - cordon: true - nodeSelector: - matchExpressions: - - key: node-role.kubernetes.io/master - operator: In - values: - - "true" - serviceAccountName: system-upgrade - upgrade: - image: rancher/k3s-upgrade - channel: https://update.k3s.io/v1-release/channels/stable diff --git a/system/kube-vip/application-kube-vip.yaml b/system/kube-vip/application-kube-vip.yaml deleted file mode 100644 index 4d911c6..0000000 --- a/system/kube-vip/application-kube-vip.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kube-vip - namespace: argo-cd -spec: - destination: - namespace: kube-system - server: https://kubernetes.default.svc - project: default - source: - path: system/kube-vip - repoURL: https://code.spamasaurus.com/djpbessems/Kubernetes.K3s.installLog.git - targetRevision: HEAD - syncPolicy: - automated: - selfHeal: true diff --git a/system/kube-vip/daemonset-kube-vip-ds.yaml b/system/kube-vip/daemonset-kube-vip-ds.yaml deleted file mode 100644 index 1fa5656..0000000 --- a/system/kube-vip/daemonset-kube-vip-ds.yaml +++ /dev/null @@ -1,87 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - creationTimestamp: null - labels: - app.kubernetes.io/name: kube-vip-ds - app.kubernetes.io/version: v0.9.1 - name: kube-vip-ds - namespace: kube-system -spec: - selector: - matchLabels: - app.kubernetes.io/name: kube-vip-ds - template: - metadata: - creationTimestamp: null - labels: - app.kubernetes.io/name: kube-vip-ds - app.kubernetes.io/version: v0.9.1 - spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: Exists - - matchExpressions: - - key: node-role.kubernetes.io/control-plane - operator: Exists - containers: - - args: - - manager - env: - - name: vip_arp - value: "true" - - name: port - value: "6443" - - name: vip_nodename - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: vip_interface - value: eth0 - - name: vip_cidr - value: "32" - - name: dns_mode - value: first - - name: cp_enable - value: "true" - - name: cp_namespace - value: kube-system - - name: svc_enable - value: "true" - - name: svc_leasename - value: plndr-svcs-lock - - name: vip_leaderelection - value: "true" - - name: vip_leasename - value: plndr-cp-lock - - name: vip_leaseduration - value: "5" - - name: vip_renewdeadline - value: "3" - - name: vip_retryperiod - value: "1" - - name: address - value: 192.168.154.240 - - name: prometheus_server - value: :2112 - image: ghcr.io/kube-vip/kube-vip:v0.9.1 - imagePullPolicy: IfNotPresent - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - hostNetwork: true - serviceAccountName: kube-vip - tolerations: - - effect: NoSchedule - operator: Exists - - effect: NoExecute - operator: Exists - updateStrategy: {}