Skip to content
This repository has been archived by the owner on Dec 17, 2023. It is now read-only.

giannoug/kubernetes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

168 Commits
.github
.github
 
 
apps
apps
 
 
base
base
 
 
charts
charts
 
 
configs
configs
 
 
crds
crds
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 

Repository files navigation

k3s flux renovate

☸ k8s clusters backed by Flux v2

Kubernetes clusters using the GitOps tool Flux.
The Git repository is driving the state of the Kubernetes clusters. The awesome Flux SOPS integration is used to encrypt secrets with age.

📂 Repository structure

The Git repository contains the following directories:

📁
├─📁 apps
│  ├─📁 all          # apps available for intallation
│  └─📁 ...          # kustomization and overlays for app installations per cluster
├─📁 base
│  ├─📁 flux-system  # flux & gitops operator
│  └─📁 ...          # flux configuration per cluster
├─📁 charts          # helm chart repos
├─📁 config          # configs per cluster
└─📁 crds            # custom resources required by apps

🤖 Automation

Renovate Bot makes sure the components are never outdated.

It creates PullRequests when Helm charts or Docker images have newer versions available and even keeps Flux and k3s up-to-date.

🤝 Thanks

Big shout out to Pumba98, k8s@home and everyone from awesome-home-kubernetes for the inspiration ❤️

📖 Notes

📍 Bootstrap Notes

Install your favorite OS, and install K3s without traefik (we do that ourselves).

# curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable=traefik" sh -

Create your personal age key and overwrite the Kubernetes secret with it.

# age-keygen -o age.agekey

# cat ~/age.agekey |
kubectl create secret generic sops-age \
--namespace=flux-system \
--from-file=age.agekey=/dev/stdin \
--dry-run=client \
-o yaml > base/flux-system/init/flux-sops-age-secret.sops.yaml

# export SOPS_AGE_RECIPIENTS=age1hlfnnwk9z9jynzngesd0j35n6rmpry70z9zak6ullmvesvvjge2sjc9nsf

# sops --encrypt --encrypted-regex '^(data|stringData)$' --in-place base/flux-system/init/flux-sops-age-secret.sops.yaml

# flux install --export > base/flux-system/gotk-components.yaml
📍 Installation Notes

tl;dr

# kubectl create namespace flux-system --dry-run=client -o yaml | kubectl apply -f -
# sops -d ./base/flux-system/init/flux-sops-age-secret.sops.yaml | kubectl apply -f -
# kubectl apply --kustomize=./base/flux-system
# kubectl apply --kustomize=./base/cultured-crocodile
  1. Pre-create the flux-system namespace
# kubectl create namespace flux-system --dry-run=client -o yaml | kubectl apply -f -
  1. Add the Flux age key in-order for Flux to decrypt SOPS secrets
# sops -d ./base/flux-system/init/flux-sops-age-secret.sops.yaml | kubectl apply -f -
  1. Install Flux
# kubectl apply --kustomize=./base/flux-system
  1. Configure Flux
# kubectl apply --kustomize=./base/cultured-crocodile

About

Managing Kubernetes clusters in 2023

Topics

kubernetes k3s fluxcd flux2 k8s-at-home

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Contributors 3

  •  
  •  
  •