k8s
A collection of Kubernetes objects for my home setup
Notes
kubeadm
kubeadm init --config kubeadm-init.conf --upload-certs
# run control plane join command printed by kubeadm on additional masters
Weave
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')&env.NO_MASQ_LOCAL=1"
Untaint master
kubectl taint nodes --all node-role.kubernetes.io/master-
Wait for coredns/control plane running
kubectl get pod --all-namespaces -owide --watch
metallb
kubectl apply -f 00-namespace.yaml -f metallb-system
Sealed secrets
kubectl apply -f /path/to/kubeseal-secret-key
kubectl apply -f kube-system/kubeseal
flux
kubectl apply -f flux
fluxctl --k8s-fwd-ns flux identity # add key to GitHub with write access
# wait a bit for repo clone
fluxctl --k8s-fwd-ns flux sync
Un/ignoring resources with flux
# Ignore
kubectl annotate <resource> "flux.weave.works/ignore"
# Unignore
kubectl annotate <resource> "flux.weave.works/ignore"-
# Ignore all in namespace
# (doesn't seem like there is --all-namespaces for this.)
kubectl -n default annotate all --all "flux.weave.works/ignore"
# Unignore all in namespace
kubectl -n default annotate all --all "flux.weave.works/ignore"-
See fluxcd/flux#1211 for more
TODO
- Translate notes section into a bootstrap shell script
Thanks
- Lots of inspiration drawn from nicolerenee/k8s-state. Particularly: iscsi, flux, and sealed secrets.