disable CaaS for now

It's using a shitload of bandwidth
remove my-cluster
2025-06-01 11:14:31 -05:00 · 2025-05-22 16:07:56 -05:00 · 2025-05-22 21:02:38 +00:00 · 2025-05-22 21:02:23 +00:00 · 2025-05-22 16:01:20 -05:00 · 2025-05-10 18:43:43 -05:00
26 changed files with 154 additions and 49 deletions
--- a/apps/kipunji/kustomization.yaml
+++ b/apps/kipunji/kustomization.yaml
@ -1,6 +0,0 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - https://git.kill0.net/ryanc/kipunji/kustomize
  - ingress.yaml
--- a/apps/kubernaut/ingress.yaml
+++ b/apps/kubernaut/ingress.yaml
@ -3,9 +3,9 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
  annotations:
-    kubernetes.io/ingress.class: istio
+    kubernetes.io/ingress.class: traefik
-  name: kipunji-ingress
+  name: kubernaut-ingress
-  namespace: kipunji
+  namespace: kubernaut
 spec:
  rules:
    - http:
@ -14,6 +14,6 @@ spec:
            pathType: Prefix
            backend:
              service:
-                name: kipunji
+                name: kubernaut
                port:
                  name: web
--- a/apps/kubernaut/kustomization.yaml
+++ b/apps/kubernaut/kustomization.yaml
@ -0,0 +1,8 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: kubernaut
 resources:
  - secrets.yaml
  - https://git.kill0.net/ryanc/kubernaut/kustomize?ref=v0.2.2
  - ingress.yaml
--- a/apps/kubernaut/secrets.yaml
+++ b/apps/kubernaut/secrets.yaml
@ -0,0 +1,16 @@
 ---
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
  creationTimestamp: null
  name: kubernaut
  namespace: kubernaut
 spec:
  encryptedData:
    jwt_secret: AgBcARUqnBw3V5At/AbhfVoC1E+jgVXOkWHiWXFw+6ZoIljVOP3s2IJ1ORq5Lcynr1trwlre8cQrMCwTr8q05e2jH1MjVkZ33elzB1wpAjrZlrOwSgKURC8OfWOeIUQenq5pg8RLuOWFmvG/VLutus+lYBZ01kJICP0N0iZkIwZHRuJ527fXK9vhSA598Mn9Fki9W6dw0cA0PCUIDmyrIlBtKBnYrO/T899wbQakNoL3SXIgJ5gPug2gJG6O5YhJu5f2SBP0+paKcbRiGDIRVS17S8O49W/cNvYGGhovKWxozexYO/okDDeRToGCpeHcT0thZfpe6PvOVWM+tcW/ZPd8dhJF57wDliBPa3iC+kAzj3t2wLqNC5sEy2P3ZPEnRz3cHsyD51dbfpXZzXczNLai2shrsd872vCISkBGPF3b1r0aVbYcL1wyJRt1OI0CQq1cPomXrjyWZFK+oNyXXIdfdXz9zbLmmOCS7vL7cZu5sRbl33ClUWFPoTdjKe0whZ6oeUMXgI/AmVpLdqVUVs55MYt7qhTa6Eraws5gFBu2JKSn0W/fHOdhvzeU/SrWwpQR/iQmt/lRJS34Z8a22GrG3BqETwt6FWeLdNNpoHuoXtIQnO89y81cxVKUYKIhayLU0NNwegkENZ4WMm2aULqmtNo3F0tQkEfWB23cSOYQIVFVXf0F0WN5E6yPO4qiD926tJJbeMrzj9toEjGEl+FFLAwyfiuvC4TMregz8y2YUSmhkZ9WS0i8BTkCNq5jnZECg3DVBi5uP7exTXPYoc/q8TwvCw7owAK9c6g97fot5JST3mj+BPZyzCkALnyC8Ap4PHNpvWGG+MlGUzLzsieXb/FcamKepC8pR9AX5A+Pfrg=
    session_secret: AgB3+WGGt7x9Rn3ZcyP9z7xr1572aR1dLROI3815kj/98kJpvhIAjisWSfVQaaJRnLWaLBeWQgwIVQSFN7zcm7n4pYxVO4BqCwb/k3ZYJsUI5maR/meNnOvXrpp1+yKxmJXSHlh7/2WzzKUK9OwDT4qmoT2oJnjrKJNRoXvIbR42NTiO8CDtzHiJ6MNEY6oH+dra4GamJ/KjNXC7NUdSZSeq1HpOBudrsrYoCZ6MZxZfMsDG7ROHvIakcSN1ibfQwOjjucDJdZWm/L41cxgW3glvTql6cJtqa9yZpije2Wja1HUHGalnwaWyXFp/5jVpPgFGYZ4SHtyQOy5Hy275Gmee8qSQjvW8iLSor4/pXiEBArWRX0iPDqVudO9onMaYtQz+hz/MEXkhMvopfokrAyrSvUogrTq/1XfRABe1nAMXVrYo74w/27RiiBDEcoRzEra1f5UxrXHJ1B1LZ+iqTSRLrBw1iqPpOG7HDSSv80+m5OKai+ppptY3OcERF9HUA/BWeRHo7h2SbMfPRqVXXihtbgArCZoU570FryGfcHjwEffQIvKYKq/KjTcpRP0dTO/99mfY/Uw7VmdmYiQC4kG/kcxQ8yPgypQNl1YSfLnSBNZH1SRgXQAsY3hETZ74jbCyaPTvpoL/IVzTDo1YrBgTVjUcZoqYW+gwwj5bt9kQZFRL4FMsCNQ7V+wAtT9GmRNkf2cxbNawHknKYx4arGpWP0y6jorebaGzSpWPl8hY1jCipU2MZw2g7f9QVw+10Tik9FlzfkK457fR1pjBNRXlAe5e0MNfNNiuJtKfHZfbj32CNEEK7JZUumqkkUl1J+Lsa8vL3HvANxYgvhohNfJSY9D2G+DD8xbD2jk7P52150Y=
  template:
    metadata:
      creationTimestamp: null
      name: kubernaut
      namespace: kubernaut
--- a/clusters/k3s-cluster/apps.yaml
+++ b/clusters/k3s-cluster/apps.yaml
--- a/clusters/k3s-cluster/argo-rollouts/kustomization.yaml
+++ b/clusters/k3s-cluster/argo-rollouts/kustomization.yaml
--- a/clusters/k3s-cluster/argo-rollouts/namespace.yaml
+++ b/clusters/k3s-cluster/argo-rollouts/namespace.yaml
--- a/clusters/k3s-cluster/argocd/kustomization.yaml
+++ b/clusters/k3s-cluster/argocd/kustomization.yaml
--- a/clusters/k3s-cluster/argocd/namespace.yaml
+++ b/clusters/k3s-cluster/argocd/namespace.yaml
--- a/clusters/k3s-cluster/flux-system/gotk-components.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-components.yaml
@ -13,6 +13,65 @@ metadata:
    pod-security.kubernetes.io/warn-version: latest
  name: flux-system
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-egress
  namespace: flux-system
 spec:
  egress:
  - {}
  ingress:
  - from:
    - podSelector: {}
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-scraping
  namespace: flux-system
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
    ports:
    - port: 8080
      protocol: TCP
  podSelector: {}
  policyTypes:
  - Ingress
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
    app.kubernetes.io/version: v2.4.0
  name: allow-webhooks
  namespace: flux-system
 spec:
  ingress:
  - from:
    - namespaceSelector: {}
  podSelector:
    matchLabels:
      app: notification-controller
  policyTypes:
  - Ingress
 ---
 apiVersion: v1
 kind: ResourceQuota
 metadata:
--- a/clusters/k3s-cluster/flux-system/gotk-sync.yaml
+++ b/clusters/k3s-cluster/flux-system/gotk-sync.yaml
@ -20,7 +20,7 @@ metadata:
  namespace: flux-system
 spec:
  interval: 10m0s
-  path: ./clusters/my-cluster
+  path: ./clusters/k3s-cluster
  prune: true
  sourceRef:
    kind: GitRepository
--- a/clusters/k3s-cluster/flux-system/kustomization.yaml
+++ b/clusters/k3s-cluster/flux-system/kustomization.yaml
@ -17,7 +17,7 @@ patches:
              - name: manager
                env:
                  - name: "HTTPS_PROXY"
-                    value: "http://proxy-lb.lab.kill0.net:3128"
+                    value: "http://proxy-lb.lab.kill0.net.:3128"
                  - name: "NO_PROXY"
                    value: ".cluster.local.,.cluster.local,.svc,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
    target:
--- a/clusters/k3s-cluster/infrastructure.yaml
+++ b/clusters/k3s-cluster/infrastructure.yaml
--- a/clusters/k8s-cluster/flux-system/kustomization.yaml
+++ b/clusters/k8s-cluster/flux-system/kustomization.yaml
@ -17,9 +17,9 @@ patches:
              - name: manager
                env:
                  - name: "https_proxy"
-                    value: "http://proxy-lb.lab.kill0.net:3128"
+                    value: "http://proxy-lb.lab.kill0.net.:3128"
                  - name: "no_proxy"
-                    value: ".svc, 10.0.0.0/8, 127.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, k8s-ctrl-lb.lab.kill0.net, localhost, registry.lab.kill0.net"
+                    value: ".cluster.local., .cluster.local, .svc, 10.0.0.0/8, 127.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, k8s-ctrl-lb.lab.kill0.net, localhost, registry.lab.kill0.net"
    target:
      kind: Deployment
      labelSelector: app.kubernetes.io/part-of=flux
--- a/clusters/my-cluster/goldpinger/kustomization.yaml
+++ b/clusters/my-cluster/goldpinger/kustomization.yaml
@ -1,7 +1,7 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: goldpinger
+namespace: spegel
 resources:
  - namespace.yaml
  - repository.yaml
--- a/clusters/my-cluster/goldpinger/namespace.yaml
+++ b/clusters/my-cluster/goldpinger/namespace.yaml
@ -2,4 +2,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: goldpinger
+  name: spegel
--- a/clusters/k8s-cluster/spegel/release.yaml
+++ b/clusters/k8s-cluster/spegel/release.yaml
@ -0,0 +1,16 @@
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
  name: spegel
  namespace: spegel
 spec:
  interval: 1m
  chart:
    spec:
      chart: spegel
      version: v0.0.30
      interval: 5m
      sourceRef:
        kind: HelmRepository
        name: spegel
--- a/clusters/k8s-cluster/spegel/repository.yaml
+++ b/clusters/k8s-cluster/spegel/repository.yaml
@ -0,0 +1,10 @@
 ---
 apiVersion: source.toolkit.fluxcd.io/v1beta2
 kind: HelmRepository
 metadata:
  name: spegel
  namespace: spegel
 spec:
  type: "oci"
  interval: 5m0s
  url: oci://ghcr.io/spegel-org/helm-charts
--- a/clusters/my-cluster/goldpinger/release.yaml
+++ b/clusters/my-cluster/goldpinger/release.yaml
@ -1,21 +0,0 @@
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: goldpinger
  namespace: goldpinger
 spec:
  chart:
    spec:
      chart: goldpinger
      sourceRef:
        kind: HelmRepository
        name: goldpinger
  interval: 50m
  install:
    remediation:
      retries: 3
  values:
    goldpinger:
      isArgoRollouts: true
      reloadStrategy: annotations
--- a/clusters/my-cluster/goldpinger/repository.yaml
+++ b/clusters/my-cluster/goldpinger/repository.yaml
@ -1,9 +0,0 @@
 ---
 apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
  name: goldpinger
  namespace: goldpinger
 spec:
  interval: 5m
  url: https://bloomberg.github.io/goldpinger
--- a/infrastructure/controllers/envoy-gateway/namespace.yaml
+++ b/infrastructure/controllers/envoy-gateway/namespace.yaml
@ -0,0 +1,5 @@
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
  name: envoy-gateway-system
--- a/infrastructure/controllers/envoy-gateway/release.yaml
+++ b/infrastructure/controllers/envoy-gateway/release.yaml
@ -0,0 +1,12 @@
 ---
 apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
  name: eg
  namespace: envoy-gateway-system
 spec:
  interval: 10m
  releaseName: eg
  chartRef:
    kind: OCIRepository
    name: envoy-gateway
--- a/infrastructure/controllers/envoy-gateway/repository.yaml
+++ b/infrastructure/controllers/envoy-gateway/repository.yaml
@ -0,0 +1,11 @@
 ---
 apiVersion: source.toolkit.fluxcd.io/v1beta2
 kind: OCIRepository
 metadata:
  name: envoy-gateway
  namespace: envoy-gateway-system
 spec:
  interval: 10m
  url: oci://docker.io/envoyproxy/gateway-helm
  ref:
    semver: ">=1.3.2"
--- a/infrastructure/controllers/flagger/repository.yaml
+++ b/infrastructure/controllers/flagger/repository.yaml
@ -5,6 +5,5 @@ metadata:
  namespace: flagger-system
 spec:
  interval: 1h
-  url: oci://registry.lab.kill0.net:5004/fluxcd/charts
+  url: oci://ghcr.io/fluxcd/charts
  type: oci
  insecure: true
--- a/infrastructure/controllers/gateway-api/kustomization.yaml
+++ b/infrastructure/controllers/gateway-api/kustomization.yaml
@ -0,0 +1,5 @@
 ---
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
  - https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.2.0/standard-install.yaml
--- a/infrastructure/controllers/sealedsecrets/kustomization.yaml
+++ b/infrastructure/controllers/sealedsecrets/kustomization.yaml
@ -2,4 +2,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.28.0/controller.yaml
+  - https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.29.0/controller.yaml
Author	SHA1	Message	Date
Ryan Cavicchioni	aa6a14979d	disable CaaS for now It's using a shitload of bandwidth	2025-06-01 11:14:31 -05:00
Ryan Cavicchioni	8b644bb4fc	remove my-cluster	2025-05-22 16:07:56 -05:00
Flux	d53ae8082c	Add Flux sync manifests	2025-05-22 21:02:38 +00:00
Flux	d2e4b3dc6e	Add Flux v2.4.0 component manifests	2025-05-22 21:02:23 +00:00
Ryan Cavicchioni	e0743f2a68	add k3s cluster	2025-05-22 16:01:20 -05:00
Ryan Cavicchioni	82d8eb59dc	kubernaut v0.2.2	2025-05-10 18:43:43 -05:00
Ryan Cavicchioni	e6ebdfde7b	add Kubernaut secrets	2025-05-10 18:43:43 -05:00
Ryan Cavicchioni	16042a068d	remove Istio sidecar injections from Kubernaut	2025-05-10 17:37:10 -05:00
Ryan Cavicchioni	e150c253cc	sealed-secrets v0.29.0	2025-05-10 17:18:54 -05:00
Ryan Cavicchioni	709a880973	change kubernaut kubernetes.io/ingress.class to traefik	2025-05-09 18:08:05 -05:00
Ryan Cavicchioni	e93a85e4c6	kubernaut v0.2.1	2025-04-30 22:50:18 -05:00
Ryan Cavicchioni	ce67724c52	kubernaut v0.2.0	2025-04-29 14:47:54 -05:00
Ryan Cavicchioni	a246e3c4e9	add Envoy Gateway	2025-04-29 14:47:54 -05:00
Ryan Cavicchioni	7b8f81b9f0	kubernaut v0.1.4	2025-04-03 23:05:44 -05:00
Ryan Cavicchioni	6a7a733518	kubernaut v0.1.3	2025-04-02 21:15:49 -05:00
Ryan Cavicchioni	39278c0d2d	kubernaut v0.1.2	2025-04-01 21:09:58 -05:00
Ryan Cavicchioni	033d78746c	kubernaut v0.1.1	2025-04-01 20:55:40 -05:00
Ryan Cavicchioni	40738f47c7	move spegel to k8s	2025-03-26 00:26:18 -05:00
Ryan Cavicchioni	f903ad4b70	rename kipunji to kubernaut	2025-03-09 15:54:55 -05:00
Ryan Cavicchioni	6cee062b6a	add CaaS	2025-03-07 21:38:09 -06:00
Ryan Cavicchioni	77188e577d	enable Istio sidecar injection on kipunji namespace	2025-03-06 09:08:51 -06:00
Ryan Cavicchioni	0037c7b06a	fixup no_proxy format	2025-03-05 17:13:44 -06:00
Ryan Cavicchioni	452b589d26	remove Istio	2025-03-05 17:08:16 -06:00
Ryan Cavicchioni	e980ab1860	add Istio	2025-03-05 16:57:59 -06:00
Ryan Cavicchioni	456eecace2	add '.' at the end of proxy name	2025-03-04 22:28:35 -06:00
Ryan Cavicchioni	e12c431362	don't use registry mirror	2025-03-04 22:16:15 -06:00
Ryan Cavicchioni	416f09fccf	add Spegel	2025-03-04 17:40:40 -06:00
Ryan Cavicchioni	41912f685b	install Gateway API	2025-03-04 17:02:26 -06:00