feat: complete puppet infrastructure #29

Merged
unkinben merged 1 commits from benvin/puppetserver into main 2026-03-17 20:25:11 +11:00
Owner

complete the implementation of puppet in kubernetes, taking many
features from the openvox helm chart and improving on them. changes from
helm are:

  • using vault for storing secrets
  • using g10k instead of r10k
  • using a single shared g10k cronjob for all masters/compilers
  • using a single shared /etc/puppetlabs/code directory (shared, cephfs)

changes:

  • deploy puppet master and compiler servers with statefulset/deployment
  • deploy puppetdb with postgresql backend, taking advantage of cnpg cluster and pooler
  • deploy puppetboard
  • all supporting configmaps, services, ingresses, and hpas
  • added vaultstaticsecret for eyaml private keys
  • configured secure mounting of eyaml keys at /var/lib/puppet/keys/
  • updated base kustomization to include all 23 new puppet resource files
complete the implementation of puppet in kubernetes, taking many features from the openvox helm chart and improving on them. changes from helm are: - using vault for storing secrets - using g10k instead of r10k - using a single shared g10k cronjob for all masters/compilers - using a single shared /etc/puppetlabs/code directory (shared, cephfs) changes: - deploy puppet master and compiler servers with statefulset/deployment - deploy puppetdb with postgresql backend, taking advantage of cnpg cluster and pooler - deploy puppetboard - all supporting configmaps, services, ingresses, and hpas - added vaultstaticsecret for eyaml private keys - configured secure mounting of eyaml keys at /var/lib/puppet/keys/ - updated base kustomization to include all 23 new puppet resource files
unkinben added 1 commit 2026-03-17 20:24:10 +11:00
feat: complete puppet infrastructure
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
bf4d7e8efc
complete the implementation of puppet in kubernetes, taking many
features from the openvox helm chart and improving on them. changes from
helm are:
- using vault for storing secrets
- using g10k instead of r10k
- using a single shared g10k cronjob for all masters/compilers
- using a single shared /etc/puppetlabs/code directory (shared, cephfs)

changes:
- deploy puppet master and compiler servers with statefulset/deployment
- deploy puppetdb with postgresql backend, taking advantage of cnpg cluster and pooler
- deploy puppetboard
- all supporting configmaps, services, ingresses, and hpas
- added vaultstaticsecret for eyaml private keys
- configured secure mounting of eyaml keys at /var/lib/puppet/keys/
- updated base kustomization to include all 23 new puppet resource files
unkinben merged commit df1b9a5685 into main 2026-03-17 20:25:11 +11:00
unkinben deleted branch benvin/puppetserver 2026-03-17 20:25:11 +11:00
Sign in to join this conversation.
No Reviewers
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: unkin/argocd-apps#29