feat: migrate cattle-system (Rancher) from Terraform to ArgoCD (#39)
- Add cattle-system base ArgoCD application with namespace, Vault integration, and ingress - Create cattle-system overlay for au-syd1 with Rancher Helm chart configuration - Update platform ApplicationSet to include cattle-system deployment - Update platform project to include Rancher Helm repository as source - Configure Rancher v2.13.1 with HA, TLS, audit logging, and bootstrap secret from Vault - Maintain one-to-one migration from Terraform configuration Reviewed-on: #39
This commit was merged in pull request #39.
This commit is contained in:
@@ -0,0 +1,14 @@
|
||||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- ../../../base/cattle-system
|
||||
|
||||
helmCharts:
|
||||
- name: rancher
|
||||
repo: https://releases.rancher.com/server-charts/stable
|
||||
version: "2.13.1"
|
||||
releaseName: rancher
|
||||
namespace: cattle-system
|
||||
valuesFile: values.yaml
|
||||
@@ -0,0 +1,40 @@
|
||||
hostname: rancher.k8s.syd1.au.unkin.net
|
||||
|
||||
bootstrapPassword: ""
|
||||
|
||||
extraEnv:
|
||||
- name: CATTLE_BOOTSTRAP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: rancher-bootstrap-secret
|
||||
key: password
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
|
||||
tls: external
|
||||
|
||||
replicas: 3
|
||||
|
||||
priorityClassName: rancher-critical
|
||||
|
||||
# Resource limits for production
|
||||
resources:
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 8Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
||||
|
||||
# Additional security settings
|
||||
antiAffinity: preferred
|
||||
|
||||
# Audit logging configuration
|
||||
auditLog:
|
||||
enabled: true
|
||||
destination: sidecar
|
||||
level: 1
|
||||
maxAge: 7
|
||||
maxBackup: 3
|
||||
maxSize: 100
|
||||
Reference in New Issue
Block a user