feat(taint): Add selective taint for outbound node

This commit is contained in:
Tanguy Herbron 2023-07-04 22:53:05 +02:00
parent e1a8c920d8
commit 90b1ffad7f
4 changed files with 21 additions and 4 deletions

View File

@ -5,7 +5,7 @@
| Traefik | Reverse proxy and load balancer | Public & Private | Socrates & Pythagoras-b | - | - | - | Configured | Configured | - | Completed<sup>5</sup> | Backbone | | Traefik | Reverse proxy and load balancer | Public & Private | Socrates & Pythagoras-b | - | - | - | Configured | Configured | - | Completed<sup>5</sup> | Backbone |
| ArgoCD | Declarative GitOPS CD | Private | Pythagoras-b | - | - | - | Configured | Configured | - | Completed | Backbone | | ArgoCD | Declarative GitOPS CD | Private | Pythagoras-b | - | - | - | Configured | Configured | - | Completed | Backbone |
| Vaultwarden | Password manager | Public | Pythagoras-b | PostgreSQL | - | 4AM K8s CronJob | Configured | Not available | Configured | Completed | Completed | | Vaultwarden | Password manager | Public | Pythagoras-b | PostgreSQL | - | 4AM K8s CronJob | Configured | Not available | Configured | Completed | Completed |
| Gitea | Version control system | Public | Pythagoras-b | PostgreSQL | User created content | Not configured | Not configured | Not configured | Not configured | Partial<sup>4</sup> | Awaiting | | Gitea | Version control system | Public | Pythagoras-b | PostgreSQL | User created content | Not configured | Configured | Not configured | Configured | Partial<sup>4</sup> | Awaiting |
| Grafana | Graph visualizer | Public | Pythagoras-b | - | - | Not configured | Configured | Not configured | Configured | Partial | Awaiting | | Grafana | Graph visualizer | Public | Pythagoras-b | - | - | Not configured | Configured | Not configured | Configured | Partial | Awaiting |
| Prometheus | Metrics aggregator | Private | Pythagoras-b | TBD | - | Not configured | Configured | Not configured | Not configured | Partial | Awaiting | | Prometheus | Metrics aggregator | Private | Pythagoras-b | TBD | - | Not configured | Configured | Not configured | Not configured | Partial | Awaiting |
| Loki | Log aggregator | Private | Pythagoras-b | TBD | - | Not configured | Configured | Not configured | Not configured | Partial | Awaiting | | Loki | Log aggregator | Private | Pythagoras-b | TBD | - | Not configured | Configured | Not configured | Not configured | Partial | Awaiting |
@ -93,6 +93,10 @@ Setup the cluster's backbone
``` ```
kubectl apply -k environment/dev kubectl apply -k environment/dev
``` ```
Taint the outsider node to not be scheduled on unless actively setup
```
kubectl taint nodes outsider type=services:NoSchedule
```
DO NOT FORGET TO INSTALL THE SOPS PART DO NOT FORGET TO INSTALL THE SOPS PART

View File

@ -27,6 +27,7 @@ resources:
- ../../argo - ../../argo
patchesStrategicMerge: patchesStrategicMerge:
- ../../environments/dev/traefik-internal-service.yaml #- ../../environments/dev/traefik-internal-service.yaml
- ../../environments/dev/traefik-external-service.yaml #- ../../environments/dev/traefik-external-service.yaml
- ../../environments/dev/postgres-operator-patch.yaml - ../../environments/dev/postgres-operator-patch.yaml
- ../../environments/dev/metallb-patch.yaml

View File

@ -0,0 +1,13 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: speaker
namespace: metallb-system
spec:
template:
spec:
tolerations:
- key: "type"
operator: "Equal"
value: "services"
effect: "NoSchedule"

View File

@ -6,7 +6,6 @@ metadata:
spec: spec:
template: template:
spec: spec:
nodeName: hb-wide-1
containers: containers:
- name: "service" - name: "service"
env: env: