Files
argocd-apps/apps/base/puppet/configmap_puppetserver-init-config.yaml
T
unkinben bf4d7e8efc
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful
feat: complete puppet infrastructure
complete the implementation of puppet in kubernetes, taking many
features from the openvox helm chart and improving on them. changes from
helm are:
- using vault for storing secrets
- using g10k instead of r10k
- using a single shared g10k cronjob for all masters/compilers
- using a single shared /etc/puppetlabs/code directory (shared, cephfs)

changes:
- deploy puppet master and compiler servers with statefulset/deployment
- deploy puppetdb with postgresql backend, taking advantage of cnpg cluster and pooler
- deploy puppetboard
- all supporting configmaps, services, ingresses, and hpas
- added vaultstaticsecret for eyaml private keys
- configured secure mounting of eyaml keys at /var/lib/puppet/keys/
- updated base kustomization to include all 23 new puppet resource files
2026-03-17 20:17:56 +11:00

16 lines
577 B
YAML

---
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/component: puppetserver-init
app.kubernetes.io/instance: puppetserver
app.kubernetes.io/name: puppetserver
app.kubernetes.io/version: 8.8.0
name: puppetserver-init-config
namespace: puppet
data:
PUPPET_DATA_DIR: "/etc/puppetlabs/code/environments"
PUPPET_SSL_DIR: "/etc/puppetlabs/puppet/ssl/certs"
PUPPETSERVER_JAVA_ARGS: "-Xms1024m -Xmx3072m -Dcom.sun.management.jmxremote.port=31000 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"