From ae9c9b3149a0865522c4b506d1d22aba83cab66f Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Fri, 27 Mar 2026 16:59:52 +1100 Subject: [PATCH] feat: migrate purelb to ArgoCD MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Migrate PureLB load balancer from Terragrunt to ArgoCD/Kustomize. Deploys purelb v0.13.0 with two LBNodeAgent and two ServiceGroup CRs (common: 198.18.200.0/24, dmz: 198.18.199.0/24). Adds LBNodeAgent and ServiceGroup to kubeconform skip list (no CRD catalog schema). 💘 Generated with Crush Assisted-by: Claude Sonnet 4.6 via Crush --- apps/base/purelb/kustomization.yaml | 8 +++ apps/base/purelb/lbnodeagents.yaml | 28 ++++++++++ apps/base/purelb/namespace.yaml | 7 +++ apps/base/purelb/servicegroups.yaml | 30 ++++++++++ .../au-syd1/purelb/kustomization.yaml | 16 ++++++ apps/overlays/au-syd1/purelb/values.yaml | 56 +++++++++++++++++++ argocd/applicationsets/platform.yaml | 1 + argocd/projects/platform.yaml | 5 ++ ci/validate-apps.sh | 2 +- 9 files changed, 152 insertions(+), 1 deletion(-) create mode 100644 apps/base/purelb/kustomization.yaml create mode 100644 apps/base/purelb/lbnodeagents.yaml create mode 100644 apps/base/purelb/namespace.yaml create mode 100644 apps/base/purelb/servicegroups.yaml create mode 100644 apps/overlays/au-syd1/purelb/kustomization.yaml create mode 100644 apps/overlays/au-syd1/purelb/values.yaml diff --git a/apps/base/purelb/kustomization.yaml b/apps/base/purelb/kustomization.yaml new file mode 100644 index 0000000..c15a529 --- /dev/null +++ b/apps/base/purelb/kustomization.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + - lbnodeagents.yaml + - servicegroups.yaml diff --git a/apps/base/purelb/lbnodeagents.yaml b/apps/base/purelb/lbnodeagents.yaml new file mode 100644 index 0000000..568fd2f --- /dev/null +++ b/apps/base/purelb/lbnodeagents.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: purelb.io/v1 +kind: LBNodeAgent +metadata: + labels: + app.kubernetes.io/component: lbnodeagent + app.kubernetes.io/name: purelb + name: common + namespace: purelb +spec: + local: + extlbint: kube-lb0 + localint: default + sendgarp: false +--- +apiVersion: purelb.io/v1 +kind: LBNodeAgent +metadata: + labels: + app.kubernetes.io/component: lbnodeagent + app.kubernetes.io/name: purelb + name: dmz + namespace: purelb +spec: + local: + extlbint: kube-lb0 + localint: default + sendgarp: false diff --git a/apps/base/purelb/namespace.yaml b/apps/base/purelb/namespace.yaml new file mode 100644 index 0000000..8c19baa --- /dev/null +++ b/apps/base/purelb/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/name: purelb + name: purelb diff --git a/apps/base/purelb/servicegroups.yaml b/apps/base/purelb/servicegroups.yaml new file mode 100644 index 0000000..d82257a --- /dev/null +++ b/apps/base/purelb/servicegroups.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: purelb.io/v1 +kind: ServiceGroup +metadata: + labels: + app.kubernetes.io/component: servicegroup + app.kubernetes.io/name: purelb + name: common + namespace: purelb +spec: + local: + v4pools: + - aggregation: /32 + pool: 198.18.200.0/24 + subnet: 198.18.200.0/24 +--- +apiVersion: purelb.io/v1 +kind: ServiceGroup +metadata: + labels: + app.kubernetes.io/component: servicegroup + app.kubernetes.io/name: purelb + name: dmz + namespace: purelb +spec: + local: + v4pools: + - aggregation: /32 + pool: 198.18.199.0/24 + subnet: 198.18.199.0/24 diff --git a/apps/overlays/au-syd1/purelb/kustomization.yaml b/apps/overlays/au-syd1/purelb/kustomization.yaml new file mode 100644 index 0000000..71fd7bb --- /dev/null +++ b/apps/overlays/au-syd1/purelb/kustomization.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: purelb + +resources: + - ../../../base/purelb + +helmCharts: + - name: purelb + repo: https://gitlab.com/api/v4/projects/20400619/packages/helm/stable + version: "v0.13.0" + releaseName: purelb + namespace: purelb + valuesFile: values.yaml diff --git a/apps/overlays/au-syd1/purelb/values.yaml b/apps/overlays/au-syd1/purelb/values.yaml new file mode 100644 index 0000000..94f4283 --- /dev/null +++ b/apps/overlays/au-syd1/purelb/values.yaml @@ -0,0 +1,56 @@ +image: + repository: registry.gitlab.com/purelb/purelb + tag: v0.13.0 + pullPolicy: Always + +allocator: + securityContext: + runAsNonRoot: true + runAsUser: 65534 + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + readOnlyRootFilesystem: true + tolerations: [] + +lbnodeagent: + extlbint: kube-lb0 + localint: default + sendgarp: false + tolerations: [] + containerSecurityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 0 + runAsUser: 0 + +defaultAnnouncer: PureLB + +serviceGroup: + create: false + name: default + +Prometheus: + allocator: + Metrics: + enabled: false + serviceMonitor: + enabled: false + prometheusRules: + enabled: false + lbnodeagent: + Metrics: + enabled: false + serviceMonitor: + enabled: false + prometheusRules: + enabled: false + +memberlistSecretKey: 8sb7ikA5qHwQQqxc diff --git a/argocd/applicationsets/platform.yaml b/argocd/applicationsets/platform.yaml index ad9b3b0..3a8bc18 100644 --- a/argocd/applicationsets/platform.yaml +++ b/argocd/applicationsets/platform.yaml @@ -21,6 +21,7 @@ spec: - path: apps/overlays/*/jfrog - path: apps/overlays/*/node-feature-discovery - path: apps/overlays/*/puppet + - path: apps/overlays/*/purelb - path: apps/overlays/*/reflector-system - path: apps/overlays/*/reloader-system - path: apps/overlays/*/reposync diff --git a/argocd/projects/platform.yaml b/argocd/projects/platform.yaml index 97e0bb9..5dff3c7 100644 --- a/argocd/projects/platform.yaml +++ b/argocd/projects/platform.yaml @@ -12,6 +12,7 @@ spec: - https://cloudnative-pg.github.io/charts - https://helm.elastic.co - https://helm.releases.hashicorp.com + - https://gitlab.com/api/v4/projects/20400619/packages/helm/stable - https://intel.github.io/helm-charts/ - https://kubernetes-sigs.github.io/external-dns/ - https://releases.rancher.com/server-charts/stable @@ -34,6 +35,8 @@ spec: server: https://kubernetes.default.svc - namespace: 'node-feature-discovery' server: https://kubernetes.default.svc + - namespace: 'purelb' + server: https://kubernetes.default.svc - namespace: 'puppet' server: https://kubernetes.default.svc - namespace: 'reposync' @@ -55,6 +58,8 @@ spec: kind: ValidatingWebhookConfiguration - group: 'scheduling.k8s.io' kind: PriorityClass + - group: 'purelb.io' + kind: '*' - group: 'nfd.k8s-sigs.io' kind: NodeFeatureRule - group: 'deviceplugin.intel.com' diff --git a/ci/validate-apps.sh b/ci/validate-apps.sh index 9772aae..a70f9ad 100755 --- a/ci/validate-apps.sh +++ b/ci/validate-apps.sh @@ -18,6 +18,6 @@ while IFS= read -r -d "" k; do -summary \ -output pretty \ -verbose \ - -skip CustomResourceDefinition,GpuDevicePlugin \ + -skip CustomResourceDefinition,GpuDevicePlugin,LBNodeAgent,ServiceGroup \ "${schema_args[@]}" done < <(find apps/overlays -name kustomization.yaml -print0)