talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,249 Commits 8 Branches 0 Tags
Commit Graph

38 Commits

Author SHA1 Message Date
Tom Alexander
3c9901709f
Generate certificates for the aggregation layer. 2026-02-06 11:28:45 -05:00
Tom Alexander
1161ab9404
Temporarily disable the firewall for debugging. 2026-02-06 11:28:45 -05:00
Tom Alexander
1bbaa2689a
Enable hubble. 2026-02-06 11:28:44 -05:00
Tom Alexander
ea44e28256
Add a custom nftables firewall config. 2026-02-06 11:28:44 -05:00
Tom Alexander
72084f1a7e
Enable the firewall. 
Now that we have networking working, I can enable the firewall and confirm nothing breaks.
 2026-02-06 11:28:44 -05:00
Tom Alexander
9cae3bbae3
More changes to try to fix coredns. 2026-02-06 11:28:43 -05:00
Tom Alexander
c62071f80e
Move the kubelet yaml config into nix. 2026-02-06 11:28:43 -05:00
Tom Alexander
77c40726ff
Use CoreDNS for in-cluster DNS requests and caching. 2026-02-06 11:28:43 -05:00
Tom Alexander
96112bd40a
Build the cilium manifest automatically in nix. 2026-02-06 11:28:43 -05:00
Tom Alexander
6551fee05b
Allow pods to directly speak to the public internet on their own public IPv6 addresses. 2026-02-06 11:28:42 -05:00
Tom Alexander
f62e36b5af
Enable ipv4 and tunnel routing. 2026-02-06 11:28:42 -05:00
Tom Alexander
626f74ed2b
Fix service cluster ip range. 
Kubernetes only allows a /112 for service ip range.
 2026-02-06 11:28:42 -05:00
Tom Alexander
dcfbc0864e
Add missing cidr declarations. 2026-02-06 11:28:41 -05:00
Tom Alexander
f34e393803
Fix DNS resolution. 2026-02-06 11:28:41 -05:00
Tom Alexander
ffbd1b56c8
Install CoreDNS. 2026-02-06 11:28:41 -05:00
Tom Alexander
d97edf0add
Move the cluster bootstrap into the keys flake. 
Bootstrapping the cluster needs access to secrets, so I am moving it into the keys flake.
 2026-02-06 11:28:40 -05:00
Tom Alexander
c9450ff9fa
Set up flux. 2026-02-06 11:28:40 -05:00
Tom Alexander
1753b5b4a6
Add a bootstrap role. 2026-02-06 11:28:40 -05:00
Tom Alexander
38b2b9ebf4
Add a bootstrap role to load manifests into the cluster. 2026-02-06 11:28:40 -05:00
Tom Alexander
8e58c3ffbd
Fix launching of containers. 2026-02-06 11:28:40 -05:00
Tom Alexander
d9c290f8b1
Create a debugging role. 2026-02-06 11:28:39 -05:00
Tom Alexander
95f0a891ac
Some networking fixes. 2026-02-06 11:28:39 -05:00
Tom Alexander
816e72eac7
Add cilium bootstrap. 2026-02-06 11:28:39 -05:00
Tom Alexander
1da6250301
Installing the cni plugins. 2026-02-06 11:28:39 -05:00
Tom Alexander
c61da527f2
Add kube-proxy. 2026-02-06 11:28:39 -05:00
Tom Alexander
0463d2cbd1
Add kubelet. 2026-02-06 11:28:39 -05:00
Tom Alexander
fa24540bb3
Add worker nodes. 2026-02-06 11:28:39 -05:00
Tom Alexander
3b96f8d26c
Add kube-scheduler. 2026-02-06 11:28:38 -05:00
Tom Alexander
6483b20b89
Add kube-controller-manager. 2026-02-06 11:28:38 -05:00
Tom Alexander
65cd71f0c6
Fix launching kube-apiserver. 2026-02-06 11:28:38 -05:00
Tom Alexander
f8b8005ab2
Move the encryption config into a package. 2026-02-06 11:28:38 -05:00
Tom Alexander
d093c9185a
Add controller proxy certs. 2026-02-06 11:28:38 -05:00
Tom Alexander
1cd5ba2c5c
Add requestheader-client-ca. 2026-02-06 11:28:38 -05:00
Tom Alexander
626055e063
Add service account. 2026-02-06 11:28:37 -05:00
Tom Alexander
342a5e338c
Install kubernetes. 2026-02-06 11:28:37 -05:00
Tom Alexander
f4a2f57062
Add additional controllers. 2026-02-06 11:28:37 -05:00
Tom Alexander
9443348634
update, fixup ca9742f721eea9e7a19073706e4d80a1f8417838 2026-02-06 11:28:37 -05:00
Tom Alexander
2b29530047
Add configs for a new kubernetes cluster on NixOS. 2026-02-06 08:53:23 -05:00