From 90b1ffad7f2dc686ece643af7fc7e19cc9381670 Mon Sep 17 00:00:00 2001 From: Tanguy Herbron Date: Tue, 4 Jul 2023 22:53:05 +0200 Subject: [PATCH] feat(taint): Add selective taint for outbound node --- README.md | 6 +++++- environments/dev/kustomization.yaml | 5 +++-- environments/dev/metallb-patch.yaml | 13 +++++++++++++ environments/dev/postgres-operator-patch.yaml | 1 - 4 files changed, 21 insertions(+), 4 deletions(-) create mode 100644 environments/dev/metallb-patch.yaml diff --git a/README.md b/README.md index 355022a..70eee39 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ | Traefik | Reverse proxy and load balancer | Public & Private | Socrates & Pythagoras-b | - | - | - | Configured | Configured | - | Completed5 | Backbone | | ArgoCD | Declarative GitOPS CD | Private | Pythagoras-b | - | - | - | Configured | Configured | - | Completed | Backbone | | Vaultwarden | Password manager | Public | Pythagoras-b | PostgreSQL | - | 4AM K8s CronJob | Configured | Not available | Configured | Completed | Completed | -| Gitea | Version control system | Public | Pythagoras-b | PostgreSQL | User created content | Not configured | Not configured | Not configured | Not configured | Partial4 | Awaiting | +| Gitea | Version control system | Public | Pythagoras-b | PostgreSQL | User created content | Not configured | Configured | Not configured | Configured | Partial4 | Awaiting | | Grafana | Graph visualizer | Public | Pythagoras-b | - | - | Not configured | Configured | Not configured | Configured | Partial | Awaiting | | Prometheus | Metrics aggregator | Private | Pythagoras-b | TBD | - | Not configured | Configured | Not configured | Not configured | Partial | Awaiting | | Loki | Log aggregator | Private | Pythagoras-b | TBD | - | Not configured | Configured | Not configured | Not configured | Partial | Awaiting | @@ -93,6 +93,10 @@ Setup the cluster's backbone ``` kubectl apply -k environment/dev ``` +Taint the outsider node to not be scheduled on unless actively setup +``` +kubectl taint nodes outsider type=services:NoSchedule +``` DO NOT FORGET TO INSTALL THE SOPS PART diff --git a/environments/dev/kustomization.yaml b/environments/dev/kustomization.yaml index 7617a0e..d421aaf 100644 --- a/environments/dev/kustomization.yaml +++ b/environments/dev/kustomization.yaml @@ -27,6 +27,7 @@ resources: - ../../argo patchesStrategicMerge: - - ../../environments/dev/traefik-internal-service.yaml - - ../../environments/dev/traefik-external-service.yaml + #- ../../environments/dev/traefik-internal-service.yaml + #- ../../environments/dev/traefik-external-service.yaml - ../../environments/dev/postgres-operator-patch.yaml + - ../../environments/dev/metallb-patch.yaml diff --git a/environments/dev/metallb-patch.yaml b/environments/dev/metallb-patch.yaml new file mode 100644 index 0000000..1ef3ae7 --- /dev/null +++ b/environments/dev/metallb-patch.yaml @@ -0,0 +1,13 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: speaker + namespace: metallb-system +spec: + template: + spec: + tolerations: + - key: "type" + operator: "Equal" + value: "services" + effect: "NoSchedule" diff --git a/environments/dev/postgres-operator-patch.yaml b/environments/dev/postgres-operator-patch.yaml index 49b1a16..6e9ca4f 100644 --- a/environments/dev/postgres-operator-patch.yaml +++ b/environments/dev/postgres-operator-patch.yaml @@ -6,7 +6,6 @@ metadata: spec: template: spec: - nodeName: hb-wide-1 containers: - name: "service" env: