A collection of Kubernetes objects for my home setup
kubeadm init --config kubeadm-init.conf --upload-certs
# run control plane join command printed by kubeadm on additional masterscilium install --helm-values=cilium-values.yamlkubectl taint nodes --all node-role.kubernetes.io/master-
kubectl taint nodes --all node-role.kubernetes.io/control-plane-kubectl get pod --all-namespaces -owide --watchkubectl apply -f 00-namespace.yaml -f metallb-systemkubectl apply -f /path/to/kubeseal-secret-key
kubectl apply -f kube-system/kubesealkubectl apply -f flux
fluxctl --k8s-fwd-ns flux identity # add key to GitHub with write access
# wait a bit for repo clone
fluxctl --k8s-fwd-ns flux sync# Ignore
kubectl annotate <resource> "flux.weave.works/ignore"
# Unignore
kubectl annotate <resource> "flux.weave.works/ignore"-
# Ignore all in namespace
# (doesn't seem like there is --all-namespaces for this.)
kubectl -n default annotate all --all "flux.weave.works/ignore"
# Unignore all in namespace
kubectl -n default annotate all --all "flux.weave.works/ignore"-See fluxcd/flux#1211 for more
- Translate notes section into a bootstrap shell script
- Update bootstrap for Cilium CNI
- Cilium kubeproxy-free setup to preserve source IPs coming in via metallb (more on DSR)
- Use Flux/HelmRelease CRDs better
- Lots of inspiration drawn from nicolerenee/k8s-state. Particularly: iscsi, flux, and sealed secrets.