talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,262 Commits 9 Branches 0 Tags
Commit Graph

36 Commits

Author SHA1 Message Date
Tom Alexander
2e19d68ba5
Temporarily disable the firewall for debugging. 2026-02-21 15:11:14 -05:00
Tom Alexander
20007079df
Enable hubble. 2026-02-21 15:11:14 -05:00
Tom Alexander
a4353e438e
Add a custom nftables firewall config. 2026-02-21 15:11:13 -05:00
Tom Alexander
1902e132a7
Enable the firewall. 
Now that we have networking working, I can enable the firewall and confirm nothing breaks.
 2026-02-21 15:11:13 -05:00
Tom Alexander
7f6f8352c0
More changes to try to fix coredns. 2026-02-21 15:11:13 -05:00
Tom Alexander
8e043ba48a
Move the kubelet yaml config into nix. 2026-02-21 15:11:13 -05:00
Tom Alexander
e3c61fe4db
Use CoreDNS for in-cluster DNS requests and caching. 2026-02-21 15:11:12 -05:00
Tom Alexander
740e3a17e5
Build the cilium manifest automatically in nix. 2026-02-21 15:11:12 -05:00
Tom Alexander
5c4ac7ea59
Allow pods to directly speak to the public internet on their own public IPv6 addresses. 2026-02-21 15:11:12 -05:00
Tom Alexander
323e2fff83
Enable ipv4 and tunnel routing. 2026-02-21 15:11:12 -05:00
Tom Alexander
87429a2953
Fix service cluster ip range. 
Kubernetes only allows a /112 for service ip range.
 2026-02-21 15:11:11 -05:00
Tom Alexander
b5f9a7c812
Add missing cidr declarations. 2026-02-21 15:11:11 -05:00
Tom Alexander
f0e6b30c98
Fix DNS resolution. 2026-02-21 15:11:10 -05:00
Tom Alexander
f3e7d56b66
Install CoreDNS. 2026-02-21 15:11:09 -05:00
Tom Alexander
50ba6f7c87
Move the cluster bootstrap into the keys flake. 
Bootstrapping the cluster needs access to secrets, so I am moving it into the keys flake.
 2026-02-21 15:11:09 -05:00
Tom Alexander
2f1075c20c
Set up flux. 2026-02-21 15:11:09 -05:00
Tom Alexander
41a9bc263c
Add a bootstrap role. 2026-02-21 15:11:09 -05:00
Tom Alexander
8ca78b023e
Add a bootstrap role to load manifests into the cluster. 2026-02-21 15:11:09 -05:00
Tom Alexander
118c63a90d
Fix launching of containers. 2026-02-21 15:11:08 -05:00
Tom Alexander
05f7f18e93
Create a debugging role. 2026-02-21 15:11:08 -05:00
Tom Alexander
2d49aff563
Some networking fixes. 2026-02-21 15:11:08 -05:00
Tom Alexander
ac9fa195ae
Add cilium bootstrap. 2026-02-21 15:11:08 -05:00
Tom Alexander
af7ec0414e
Installing the cni plugins. 2026-02-21 15:11:08 -05:00
Tom Alexander
fbfa3dc5dc
Add kube-proxy. 2026-02-21 15:11:08 -05:00
Tom Alexander
2ac0bfe5f8
Add kubelet. 2026-02-21 15:11:07 -05:00
Tom Alexander
fb0d592a84
Add worker nodes. 2026-02-21 15:11:07 -05:00
Tom Alexander
13f3237359
Add kube-scheduler. 2026-02-21 15:11:07 -05:00
Tom Alexander
7365efd97f
Add kube-controller-manager. 2026-02-21 15:11:07 -05:00
Tom Alexander
8c59a1216f
Fix launching kube-apiserver. 2026-02-21 15:11:07 -05:00
Tom Alexander
cd86934dde
Move the encryption config into a package. 2026-02-21 15:11:07 -05:00
Tom Alexander
f57df2d855
Add controller proxy certs. 2026-02-21 15:11:06 -05:00
Tom Alexander
5f459db540
Add requestheader-client-ca. 2026-02-21 15:11:06 -05:00
Tom Alexander
9956009638
Add service account. 2026-02-21 15:11:06 -05:00
Tom Alexander
f713ac372b
Install kubernetes. 2026-02-21 15:11:06 -05:00
Tom Alexander
a140d691f4
Add additional controllers. 2026-02-21 15:11:06 -05:00
Tom Alexander
4c029aa0b0
Add configs for a new kubernetes cluster on NixOS. 2026-02-21 15:11:06 -05:00