From bcbc560217bcfe8a4d29021e16dccd88c8f91ed2 Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Wed, 17 Jan 2024 15:34:53 -0800 Subject: [PATCH] ops(k8s): create app of apps project, deploy flannel with it --- devShell.nix | 59 +++++++++++++++++------------ k8s/application.yaml | 17 +++++++++ k8s/kustomization.yaml | 4 ++ k8s/system/flannel/application.yaml | 21 ++++++++++ k8s/system/project.yaml | 18 +++++++++ nixos/k3s.nix | 1 + systems/kuwubernetes/nixos.nix | 2 +- 7 files changed, 96 insertions(+), 26 deletions(-) create mode 100644 k8s/application.yaml create mode 100644 k8s/kustomization.yaml create mode 100644 k8s/system/flannel/application.yaml create mode 100644 k8s/system/project.yaml diff --git a/devShell.nix b/devShell.nix index a8f888f7..01a0270b 100644 --- a/devShell.nix +++ b/devShell.nix @@ -1,6 +1,8 @@ -{ inputs, system }: -let - meta = import ./meta.nix { inherit inputs system; }; +{ + inputs, + system, +}: let + meta = import ./meta.nix {inherit inputs system;}; inherit (meta) pkgs; nf-actions = pkgs.writeShellScriptBin "nf-actions" '' NF_CONFIG_FILES=($NF_CONFIG_ROOT/ci/{nodes,flake-cron}.nix) @@ -29,26 +31,33 @@ let cd "$NF_CONFIG_ROOT/tf" exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#nf-lint-tf" -- "$@" ''; -in -pkgs.mkShell { - nativeBuildInputs = with pkgs; [ - inetutils - sops - nf-actions - nf-actions-test - nf-update - nf-deploy - nf-tf - nf-lint-tf - ]; - shellHook = '' - export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix))) - export HOME_UID=$(id -u) - export HOME_USER=$(id -un) - export CI_PLATFORM="impure" - export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ./.}} - export NIX_PATH="$NIX_PATH:home=$NF_CONFIG_ROOT" - export NIX_SSHOPTS="''${NIX_SSHOPTS--p62954}" + nf-kustomize = pkgs.writeShellScriptBin "kustomize" '' + exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#pkgs.kustomize" -- "$@" ''; -} - + nf-argocd = pkgs.writeShellScriptBin "argocd" '' + exec nix run ''${FLAKE_OPTS-} "$NF_CONFIG_ROOT#pkgs.argocd" -- "$@" + ''; +in + pkgs.mkShell { + nativeBuildInputs = with pkgs; [ + inetutils + sops + nf-actions + nf-actions-test + nf-update + nf-deploy + nf-tf + nf-lint-tf + nf-kustomize + nf-argocd + ]; + shellHook = '' + export NIX_BIN_DIR=$(dirname $(readlink -f $(type -P nix))) + export HOME_UID=$(id -u) + export HOME_USER=$(id -un) + export CI_PLATFORM="impure" + export NF_CONFIG_ROOT=''${NF_CONFIG_ROOT-${toString ./.}} + export NIX_PATH="$NIX_PATH:home=$NF_CONFIG_ROOT" + export NIX_SSHOPTS="''${NIX_SSHOPTS--p62954}" + ''; + } diff --git a/k8s/application.yaml b/k8s/application.yaml new file mode 100644 index 00000000..26edc98a --- /dev/null +++ b/k8s/application.yaml @@ -0,0 +1,17 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: system + namespace: argocd +spec: + destination: + namespace: default + server: https://10.1.1.173:6443 + project: default + source: + repoURL: 'https://github.com/gensokyo-zone/infrastructure' + path: k8s/system + targetRevision: main + syncPolicy: + automated: + selfHeal: true \ No newline at end of file diff --git a/k8s/kustomization.yaml b/k8s/kustomization.yaml new file mode 100644 index 00000000..1f43d0d7 --- /dev/null +++ b/k8s/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- application.yaml diff --git a/k8s/system/flannel/application.yaml b/k8s/system/flannel/application.yaml new file mode 100644 index 00000000..29aa3eeb --- /dev/null +++ b/k8s/system/flannel/application.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: flannel + namespace: argocd +spec: + project: system + source: + repoURL: 'https://flannel-io.github.io/flannel/' + targetRevision: v0.24.x + helm: + valuesObject: + podCidr: 10.42.0.0/16 + chart: flannel + destination: + namespace: kube-flannel + server: https://10.1.1.173:6443 + syncPolicy: + syncOptions: + - CreateNamespace=true + - ServerSideApply=true \ No newline at end of file diff --git a/k8s/system/project.yaml b/k8s/system/project.yaml new file mode 100644 index 00000000..f595aea6 --- /dev/null +++ b/k8s/system/project.yaml @@ -0,0 +1,18 @@ +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: system + namespace: argocd +spec: + description: "Underlying services and controllers required for the operation of the cluster" + destinations: + - namespace: "*" + server: https://10.1.1.173:6443 + clusterResourceWhitelist: + - group: "*" + kind: "*" + namespaceResourceWhitelist: + - group: "*" + kind: "*" + sourceRepos: + - "*" \ No newline at end of file diff --git a/nixos/k3s.nix b/nixos/k3s.nix index 22283e2d..d9b48a27 100644 --- a/nixos/k3s.nix +++ b/nixos/k3s.nix @@ -13,6 +13,7 @@ disableAgent = false; # single node server+agent extraFlags = toString [ "--disable=servicelb" # we want to use metallb + # i guess it's kind of ok to keep the local path provisioner, even though i used to have the yaml files for deploying it on regular k8s ]; }; diff --git a/systems/kuwubernetes/nixos.nix b/systems/kuwubernetes/nixos.nix index 74b7f61d..bcf70a22 100644 --- a/systems/kuwubernetes/nixos.nix +++ b/systems/kuwubernetes/nixos.nix @@ -23,7 +23,7 @@ }; fileSystems."/" = { - device = "/dev/disk/by-uuid/efb3698c-2471-4b44-b82a-4b9d4a070da6"; + device = "/dev/disk/by-uuid/5ab5efe2-0250-4bf1-8fd6-3725cdd15031"; fsType = "ext4"; };