Compare commits

..

No commits in common. "27f1df27a8f4a9cbe04e24f0e788c4b59b006f76" and "d271b2468514f98a5045b72b8c3226d7b388e023" have entirely different histories.

10 changed files with 14 additions and 90 deletions

View file

@ -1,43 +0,0 @@
# Global settings for nodeSelector and tolerations
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"
# startupapicheck specific settings
startupapicheck:
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"
# Cainjector specific settings
cainjector:
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"
# Webhook specific settings
webhook:
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"

View file

@ -1,8 +0,0 @@
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"

View file

@ -1,19 +0,0 @@
controller:
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"
speaker:
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"

View file

@ -1,8 +0,0 @@
nodeSelector:
com.van-hemmen.role: gateway
com.van-hemmen.hosting: ovh
tolerations:
- key: "com.van-hemmen.role"
operator: "Equal"
value: "gateway"
effect: "NoSchedule"

View file

@ -5,6 +5,8 @@ metadata:
namespace: metallb-system namespace: metallb-system
spec: spec:
addresses: addresses:
- 5.196.149.159/32
- 5.196.149.200/32
- 5.196.149.203/32 - 5.196.149.203/32
--- ---
apiVersion: metallb.io/v1beta1 apiVersion: metallb.io/v1beta1

6
scripts/00_install_metalLB.sh Executable file → Normal file
View file

@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
set -e set -ex
helm repo add metallb https://metallb.github.io/metallb helm repo add metallb https://metallb.github.io/metallb
helm repo update helm repo update
kubectl create namespace metallb-system || true kubectl create namespace metallb-system
kubectl label namespace metallb-system pod-security.kubernetes.io/enforce=privileged kubectl label namespace metallb-system pod-security.kubernetes.io/enforce=privileged
helm install metallb metallb/metallb --namespace metallb-system -f ./helm-values/metallb.yaml helm install metallb metallb/metallb --namespace metallb-system

6
scripts/01_install_traefik.sh Executable file → Normal file
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -ex
# This script installs Traefik using Helm, with MetalLB load balancer configuration. # This script installs Traefik using Helm, with MetalLB load balancer configuration.
# Ensure you pass the IP from the MetalLB pool as an argument when running the script. # Ensure you pass the IP from the MetalLB pool as an argument when running the script.
@ -20,11 +20,11 @@ helm repo add traefik https://traefik.github.io/charts
helm repo update helm repo update
# Creating the Traefik namespace # Creating the Traefik namespace
kubectl create namespace traefik || true kubectl create namespace traefik
# Uncomment the line below to enable privileged pod security policy for the namespace # Uncomment the line below to enable privileged pod security policy for the namespace
kubectl label namespace traefik pod-security.kubernetes.io/enforce=privileged kubectl label namespace traefik pod-security.kubernetes.io/enforce=privileged
# Installing Traefik with the MetalLB IP specified # Installing Traefik with the MetalLB IP specified
helm install traefik traefik/traefik --namespace traefik -f helm-values/traefik.yaml \ helm install traefik traefik/traefik --namespace traefik \
--set service.type=LoadBalancer \ --set service.type=LoadBalancer \
--set service.loadBalancerIP=$METALLB_IP --set service.loadBalancerIP=$METALLB_IP

View file

@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
set -e set -ex
helm repo add jetstack https://charts.jetstack.io helm repo add jetstack https://charts.jetstack.io
helm repo update helm repo update
kubectl create namespace cert-manager || true kubectl create namespace cert-manager
helm install cert-manager jetstack/cert-manager --namespace cert-manager -f helm-values/cert-manager.yaml \ helm install cert-manager jetstack/cert-manager --namespace cert-manager \
--set installCRDs=true --set installCRDs=true

6
scripts/04_install_external_dns.sh Executable file → Normal file
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -ex
# Check if the Cloudflare API token is provided as an argument # Check if the Cloudflare API token is provided as an argument
if [ -z "$1" ]; then if [ -z "$1" ]; then
@ -17,10 +17,10 @@ helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update helm repo update
# Create the namespace for external DNS # Create the namespace for external DNS
kubectl create namespace external-dns || true kubectl create namespace external-dns
# Install the external-dns chart with the provided Cloudflare API token # Install the external-dns chart with the provided Cloudflare API token
helm install external-dns bitnami/external-dns --namespace external-dns -f helm-values/external-dns.yaml \ helm install external-dns bitnami/external-dns --namespace external-dns \
--set provider=cloudflare \ --set provider=cloudflare \
--set cloudflare.apiToken="$CLOUDFLARE_API_TOKEN" \ --set cloudflare.apiToken="$CLOUDFLARE_API_TOKEN" \
--set txtOwnerId=external-dns --set txtOwnerId=external-dns