#0000 - Refine external-dns setup with error handling and Helm values

Replaced `set -ex` with `set -e` for cleaner error output and added Helm values configuration. Ensured namespace creation doesn't fail if it already exists, and specified a custom values file for better deployment flexibility.
#0000 - Refactor cert-manager setup and add Helm values file
2024-12-27 14:55:28 +01:00 · 2024-12-27 14:50:43 +01:00 · 2024-12-27 13:52:01 +01:00 · 2024-12-27 13:47:26 +01:00 · 2024-12-27 13:46:42 +01:00
10 changed files with 90 additions and 14 deletions
--- a/helm-values/cert-manager.yaml
+++ b/helm-values/cert-manager.yaml
@ -0,0 +1,43 @@
+# Global settings for nodeSelector and tolerations
+nodeSelector:
+  com.van-hemmen.role: gateway
+  com.van-hemmen.hosting: ovh
+
+tolerations:
+  - key: "com.van-hemmen.role"
+    operator: "Equal"
+    value: "gateway"
+    effect: "NoSchedule"
+
+# startupapicheck specific settings
+startupapicheck:
+  nodeSelector:
+    com.van-hemmen.role: gateway
+    com.van-hemmen.hosting: ovh
+  tolerations:
+    - key: "com.van-hemmen.role"
+      operator: "Equal"
+      value: "gateway"
+      effect: "NoSchedule"
+
+# Cainjector specific settings
+cainjector:
+  nodeSelector:
+    com.van-hemmen.role: gateway
+    com.van-hemmen.hosting: ovh
+  tolerations:
+    - key: "com.van-hemmen.role"
+      operator: "Equal"
+      value: "gateway"
+      effect: "NoSchedule"
+
+# Webhook specific settings
+webhook:
+  nodeSelector:
+    com.van-hemmen.role: gateway
+    com.van-hemmen.hosting: ovh
+  tolerations:
+    - key: "com.van-hemmen.role"
+      operator: "Equal"
+      value: "gateway"
+      effect: "NoSchedule"
--- a/helm-values/external-dns.yaml
+++ b/helm-values/external-dns.yaml
@ -0,0 +1,8 @@
+nodeSelector:
+  com.van-hemmen.role: gateway
+  com.van-hemmen.hosting: ovh
+tolerations:
+  - key: "com.van-hemmen.role"
+    operator: "Equal"
+    value: "gateway"
+    effect: "NoSchedule"
--- a/helm-values/metallb.yaml
+++ b/helm-values/metallb.yaml
@ -0,0 +1,19 @@
+controller:
+  nodeSelector:
+    com.van-hemmen.role: gateway
+    com.van-hemmen.hosting: ovh
+  tolerations:
+    - key: "com.van-hemmen.role"
+      operator: "Equal"
+      value: "gateway"
+      effect: "NoSchedule"
+
+speaker:
+  nodeSelector:
+    com.van-hemmen.role: gateway
+    com.van-hemmen.hosting: ovh
+  tolerations:
+    - key: "com.van-hemmen.role"
+      operator: "Equal"
+      value: "gateway"
+      effect: "NoSchedule"
--- a/helm-values/traefik.yaml
+++ b/helm-values/traefik.yaml
@ -0,0 +1,8 @@
+nodeSelector:
+  com.van-hemmen.role: gateway
+  com.van-hemmen.hosting: ovh
+tolerations:
+  - key: "com.van-hemmen.role"
+    operator: "Equal"
+    value: "gateway"
+    effect: "NoSchedule"
--- a/ressources/cert-manager.yaml
+++ b/ressources/cert-manager.yaml
--- a/ressources/metallb-ip.yaml
+++ b/ressources/metallb-ip.yaml
@ -5,8 +5,6 @@ metadata:
  namespace: metallb-system
 spec:
  addresses:
-    - 5.196.149.159/32
-    - 5.196.149.200/32
    - 5.196.149.203/32
 ---
 apiVersion: metallb.io/v1beta1
--- a/scripts/00_install_metalLB.sh
+++ b/scripts/00_install_metalLB.sh
@ -1,11 +1,11 @@
 #!/bin/bash

-set -ex
+set -e

 helm repo add metallb https://metallb.github.io/metallb
 helm repo update

-kubectl create namespace metallb-system
+kubectl create namespace metallb-system || true
 kubectl label namespace metallb-system pod-security.kubernetes.io/enforce=privileged

-helm install metallb metallb/metallb --namespace metallb-system
+helm install metallb metallb/metallb --namespace metallb-system -f ./helm-values/metallb.yaml
--- a/scripts/01_install_traefik.sh
+++ b/scripts/01_install_traefik.sh
@ -1,6 +1,6 @@
 #!/bin/bash

-set -ex
+set -e

 # This script installs Traefik using Helm, with MetalLB load balancer configuration.
 # Ensure you pass the IP from the MetalLB pool as an argument when running the script.
@ -20,11 +20,11 @@ helm repo add traefik https://traefik.github.io/charts
 helm repo update

 # Creating the Traefik namespace
-kubectl create namespace traefik
+kubectl create namespace traefik || true
 # Uncomment the line below to enable privileged pod security policy for the namespace
 kubectl label namespace traefik pod-security.kubernetes.io/enforce=privileged

 # Installing Traefik with the MetalLB IP specified
-helm install traefik traefik/traefik --namespace traefik \
+helm install traefik traefik/traefik --namespace traefik -f helm-values/traefik.yaml \
  --set service.type=LoadBalancer \
  --set service.loadBalancerIP=$METALLB_IP
--- a/scripts/02_install_cert_manager.sh
+++ b/scripts/02_install_cert_manager.sh
@ -1,11 +1,11 @@
 #!/bin/bash

-set -ex
+set -e

 helm repo add jetstack https://charts.jetstack.io
 helm repo update

-kubectl create namespace cert-manager
+kubectl create namespace cert-manager || true

-helm install cert-manager jetstack/cert-manager --namespace cert-manager \
+helm install cert-manager jetstack/cert-manager --namespace cert-manager -f helm-values/cert-manager.yaml \
  --set installCRDs=true
--- a/scripts/04_install_external_dns.sh
+++ b/scripts/04_install_external_dns.sh
@ -1,6 +1,6 @@
 #!/bin/bash

-set -ex
+set -e

 # Check if the Cloudflare API token is provided as an argument
 if [ -z "$1" ]; then
@ -17,10 +17,10 @@ helm repo add bitnami https://charts.bitnami.com/bitnami
 helm repo update

 # Create the namespace for external DNS
-kubectl create namespace external-dns
+kubectl create namespace external-dns || true

 # Install the external-dns chart with the provided Cloudflare API token
-helm install external-dns bitnami/external-dns --namespace external-dns \
+helm install external-dns bitnami/external-dns --namespace external-dns -f helm-values/external-dns.yaml \
  --set provider=cloudflare \
  --set cloudflare.apiToken="$CLOUDFLARE_API_TOKEN" \
  --set txtOwnerId=external-dns
Author	SHA1	Message	Date
Guillaume B.B. Van Hemmen	27f1df27a8	#0000 - Refine external-dns setup with error handling and Helm values Replaced `set -ex` with `set -e` for cleaner error output and added Helm values configuration. Ensured namespace creation doesn't fail if it already exists, and specified a custom values file for better deployment flexibility.	2024-12-27 14:55:28 +01:00
Guillaume B.B. Van Hemmen	02ad42a186	#0000 - Refactor cert-manager setup and add Helm values file Rename and reorganize scripts and configuration files for clarity. Updated `02_install_cert_manager.sh` to reference a new Helm values file for better configurability. Introduced nodeSelector and tolerations in `helm-values/cert-manager.yaml` for targeted deployment.	2024-12-27 14:50:43 +01:00
Guillaume B.B. Van Hemmen	6e543dbe6e	#0000 - Add custom node selectors and tolerations for Traefik deployment This commit introduces a Helm values file for Traefik to define node selectors and tolerations for targeting specific nodes. The installation script is updated to use the new values file, allowing more precise scheduling of Traefik pods. Additionally, a safeguard is added to namespace creation to prevent errors if it already exists.	2024-12-27 13:52:01 +01:00
Guillaume B.B. Van Hemmen	5e81dc3eba	#0000 - Set bash script to fail on error without printing commands Removed the `-x` flag from `set` to prevent printing each command during execution, improving log readability. The script will still terminate on errors with the `-e` flag.	2024-12-27 13:47:26 +01:00
Guillaume B.B. Van Hemmen	58986afe32	#0000 - Add MetalLB Helm values and update installation script Introduces custom `metallb.yaml` Helm values with node selectors and tolerations targeting specific nodes. Renames and adjusts MetalLB resource file, removing unused IPs. Updates installation script to apply the new Helm values and handle namespace creation idempotently.	2024-12-27 13:46:42 +01:00