Initial commit

README.md

@@ -0,0 +1 @@
+This template repo is used to illustrate a [flux-managed Kubernetes cluster](http://localhost:8123/kubernetes/deployment/flux/), in Funky Penguin's Geek Cookbook

bootstrap/helmrepositories/helmrepository-podinfo.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: podinfo
+  namespace: flux-system
+spec:
+  interval: 15m
+  url: https://stefanprodan.github.io/podinfo

bootstrap/kustomizations/kustomization-podinfo.yaml

@@ -0,0 +1,19 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
+kind: Kustomization
+metadata:
+  name: podinfo
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: podinfo
+  prune: true # remove any elements later removed from the above path
+  timeout: 2m # if not set, this defaults to interval duration, which is 1h
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  validation: server
+  healthChecks:
+    - apiVersion: apps/v1
+      kind: Deployment
+      name: podinfo
+      namespace: podinfo

bootstrap/namespaces/namespace-podinfo.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: podinfo

podinfo/configmap-podinfo-helm-chart-value-overrides.yaml

@@ -0,0 +1,149 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  creationTimestamp: null
+  name: podinfo-helm-chart-value-overrides
+  namespace: podinfo
+data:
+  values.yaml: |-
+    # Default values for podinfo.
+
+    replicaCount: 1
+    logLevel: info
+    host: #0.0.0.0
+    backend: #http://backend-podinfo:9898/echo
+    backends: []
+
+    image:
+      repository: ghcr.io/stefanprodan/podinfo
+      tag: 6.0.3
+      pullPolicy: IfNotPresent
+
+    ui:
+      color: "#34577c"
+      message: "👋 Greetings, fellow geek!"
+      logo: "https://geek-cookbook.funkypenguin.co.nz/images/site-logo.svg"
+
+    # failure conditions
+    faults:
+      delay: false
+      error: false
+      unhealthy: false
+      unready: false
+      testFail: false
+      testTimeout: false
+
+    # Kubernetes Service settings
+    service:
+      enabled: true
+      annotations: {}
+      type: ClusterIP
+      metricsPort: 9797
+      httpPort: 9898
+      externalPort: 9898
+      grpcPort: 9999
+      grpcService: podinfo
+      nodePort: 31198
+      # the port used to bind the http port to the host
+      # NOTE: requires privileged container with NET_BIND_SERVICE capability -- this is useful for testing
+      # in local clusters such as kind without port forwarding
+      hostPort:
+
+    # enable h2c protocol (non-TLS version of HTTP/2)
+    h2c:
+      enabled: false
+
+    # enable tls on the podinfo service
+    tls:
+      enabled: false
+      # the name of the secret used to mount the certificate key pair
+      secretName:
+      # the path where the certificate key pair will be mounted
+      certPath: /data/cert
+      # the port used to host the tls endpoint on the service
+      port: 9899
+      # the port used to bind the tls port to the host
+      # NOTE: requires privileged container with NET_BIND_SERVICE capability -- this is useful for testing
+      # in local clusters such as kind without port forwarding
+      hostPort:
+
+    # create a certificate manager certificate (cert-manager required)
+    certificate:
+      create: false
+      # the issuer used to issue the certificate
+      issuerRef:
+        kind: ClusterIssuer
+        name: self-signed
+      # the hostname / subject alternative names for the certificate
+      dnsNames:
+        - podinfo
+
+    # metrics-server add-on required
+    hpa:
+      enabled: false
+      maxReplicas: 10
+      # average total CPU usage per pod (1-100)
+      cpu:
+      # average memory usage per pod (100Mi-1Gi)
+      memory:
+      # average http requests per second per pod (k8s-prometheus-adapter)
+      requests:
+
+    # Redis address in the format <host>:<port>
+    cache: ""
+    # Redis deployment
+    redis:
+      enabled: false
+      repository: redis
+      tag: 6.0.8
+
+    serviceAccount:
+      # Specifies whether a service account should be created
+      enabled: false
+      # The name of the service account to use.
+      # If not set and create is true, a name is generated using the fullname template
+      name:
+
+    # set container security context
+    securityContext: {}
+
+    ingress:
+      enabled: false
+      className: ""
+      annotations: {}
+        # kubernetes.io/ingress.class: nginx
+        # kubernetes.io/tls-acme: "true"
+      hosts:
+        - host: podinfo.local
+          paths:
+            - path: /
+              pathType: ImplementationSpecific
+      tls: []
+      #  - secretName: chart-example-tls
+      #    hosts:
+      #      - chart-example.local
+
+    linkerd:
+      profile:
+        enabled: false
+
+    # create Prometheus Operator monitor
+    serviceMonitor:
+      enabled: false
+      interval: 15s
+      additionalLabels: {}
+
+    resources:
+      limits:
+      requests:
+        cpu: 1m
+        memory: 16Mi
+
+    nodeSelector: {}
+
+    tolerations: []
+
+    affinity: {}
+
+    podAnnotations: {}
+

podinfo/helmrelease-podinfo.yaml

@@ -0,0 +1,21 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: podinfo
+  namespace: podinfo
+spec:
+  chart:
+    spec:
+      chart: podinfo
+      version: 6.x
+      sourceRef:
+        kind: HelmRepository
+        name: podinfo
+        namespace: flux-system
+  interval: 15m
+  timeout: 5m
+  releaseName: podinfo
+  valuesFrom:
+  - kind: ConfigMap
+    name: podinfo-helm-chart-value-overrides
+    valuesKey: values.yaml # This is the default, but best to be explicit for clarity