Tom Alexander
|
0429f19364
|
Fix network for updated nix.
|
2026-06-14 08:47:16 -04:00 |
|
Tom Alexander
|
8054db8cfb
|
Generate certificates for the aggregation layer.
|
2026-06-14 08:47:16 -04:00 |
|
Tom Alexander
|
d611f0fe5a
|
Temporarily disable the firewall for debugging.
|
2026-06-14 08:47:16 -04:00 |
|
Tom Alexander
|
4c59dfd8b2
|
Enable hubble.
|
2026-06-14 08:47:15 -04:00 |
|
Tom Alexander
|
53fe030d97
|
Add a custom nftables firewall config.
|
2026-06-14 08:47:15 -04:00 |
|
Tom Alexander
|
724c05f03a
|
Enable the firewall.
Now that we have networking working, I can enable the firewall and confirm nothing breaks.
|
2026-06-14 08:47:15 -04:00 |
|
Tom Alexander
|
1528ae0764
|
More changes to try to fix coredns.
|
2026-06-14 08:47:14 -04:00 |
|
Tom Alexander
|
30f817dfe8
|
Move the kubelet yaml config into nix.
|
2026-06-14 08:47:14 -04:00 |
|
Tom Alexander
|
e55ece9dad
|
Use CoreDNS for in-cluster DNS requests and caching.
|
2026-06-14 08:47:14 -04:00 |
|
Tom Alexander
|
43633597fc
|
Build the cilium manifest automatically in nix.
|
2026-06-14 08:47:13 -04:00 |
|
Tom Alexander
|
90c88adb73
|
Allow pods to directly speak to the public internet on their own public IPv6 addresses.
|
2026-06-14 08:47:13 -04:00 |
|
Tom Alexander
|
cd78dc4680
|
Enable ipv4 and tunnel routing.
|
2026-06-14 08:47:13 -04:00 |
|
Tom Alexander
|
1da8e20d5b
|
Fix service cluster ip range.
Kubernetes only allows a /112 for service ip range.
|
2026-06-14 08:47:13 -04:00 |
|
Tom Alexander
|
ebe4505a6f
|
Add missing cidr declarations.
|
2026-06-14 08:47:12 -04:00 |
|
Tom Alexander
|
f962c679ca
|
Fix DNS resolution.
|
2026-06-14 08:47:12 -04:00 |
|
Tom Alexander
|
2e0c97bbf9
|
Install CoreDNS.
|
2026-06-14 08:47:11 -04:00 |
|
Tom Alexander
|
dbeb98112b
|
Move the cluster bootstrap into the keys flake.
Bootstrapping the cluster needs access to secrets, so I am moving it into the keys flake.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
958ae2b694
|
Set up flux.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
925eb99406
|
Add a bootstrap role.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
3cdaf980b5
|
Add a bootstrap role to load manifests into the cluster.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
c4caf5d103
|
Fix launching of containers.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
eab42023a9
|
Create a debugging role.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
fe6056cee7
|
Some networking fixes.
|
2026-06-14 08:47:10 -04:00 |
|
Tom Alexander
|
64ad4430bb
|
Add cilium bootstrap.
|
2026-06-14 08:47:09 -04:00 |
|
Tom Alexander
|
dd2d0b23e4
|
Installing the cni plugins.
|
2026-06-14 08:47:09 -04:00 |
|
Tom Alexander
|
eb82e8e5e3
|
Add kube-proxy.
|
2026-06-14 08:47:09 -04:00 |
|
Tom Alexander
|
f1382cfbb7
|
Add kubelet.
|
2026-06-14 08:47:09 -04:00 |
|
Tom Alexander
|
43df118e4f
|
Add worker nodes.
|
2026-06-14 08:47:09 -04:00 |
|
Tom Alexander
|
f3797b5c42
|
Add kube-scheduler.
|
2026-06-14 08:47:09 -04:00 |
|
Tom Alexander
|
593929598a
|
Add kube-controller-manager.
|
2026-06-14 08:47:08 -04:00 |
|
Tom Alexander
|
3a8569b0de
|
Fix launching kube-apiserver.
|
2026-06-14 08:47:08 -04:00 |
|
Tom Alexander
|
84738f7266
|
Move the encryption config into a package.
|
2026-06-14 08:47:08 -04:00 |
|
Tom Alexander
|
c863bfe136
|
Add controller proxy certs.
|
2026-06-14 08:47:08 -04:00 |
|
Tom Alexander
|
98a0d78e45
|
Add requestheader-client-ca.
|
2026-06-14 08:47:08 -04:00 |
|
Tom Alexander
|
87312b19fa
|
Add service account.
|
2026-06-14 08:47:07 -04:00 |
|
Tom Alexander
|
cb312752ba
|
Install kubernetes.
|
2026-06-14 08:47:07 -04:00 |
|
Tom Alexander
|
321d215a57
|
Add additional controllers.
|
2026-06-14 08:47:07 -04:00 |
|
Tom Alexander
|
21d5002e7f
|
Add configs for a new kubernetes cluster on NixOS.
|
2026-06-14 08:47:05 -04:00 |
|