-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflux.yaml
126 lines (126 loc) · 4.18 KB
/
flux.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/source.toolkit.fluxcd.io/ocirepository_v1beta2.json
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: OCIRepository
metadata:
name: flux-manifests
namespace: flux-system
spec:
interval: 10m
url: oci://ghcr.io/fluxcd/flux-manifests
ref:
tag: v2.0.0-rc.1
---
# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/kustomize.toolkit.fluxcd.io/kustomization_v1.json
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: flux
namespace: flux-system
spec:
interval: 10m
path: ./
prune: true
wait: true
sourceRef:
kind: OCIRepository
name: flux-manifests
patches:
# Remove the network policies that does not work with k3s
- patch: |
$patch: delete
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: not-used
target:
group: networking.k8s.io
kind: NetworkPolicy
# Increase the number of reconciliations that can be performed in parallel and bump the resources limits
# https://fluxcd.io/flux/cheatsheets/bootstrap/#increase-the-number-of-workers
- patch: |
- op: add
path: /spec/template/spec/containers/0/args/-
value: --concurrent=8
- op: add
path: /spec/template/spec/containers/0/args/-
value: --kube-api-qps=500
- op: add
path: /spec/template/spec/containers/0/args/-
value: --kube-api-burst=1000
- op: add
path: /spec/template/spec/containers/0/args/-
value: --requeue-dependency=5s
target:
kind: Deployment
name: (kustomize-controller|helm-controller|source-controller)
- patch: |
apiVersion: apps/v1
kind: Deployment
metadata:
name: not-used
spec:
template:
spec:
containers:
- name: manager
resources:
limits:
cpu: 2000m
memory: 2Gi
target:
kind: Deployment
name: (kustomize-controller|helm-controller|source-controller)
# Enable drift detection for HelmReleases and set the log level to debug
# https://fluxcd.io/flux/components/helm/helmreleases/#drift-detection
- patch: |
- op: add
path: /spec/template/spec/containers/0/args/-
value: --feature-gates=DetectDrift=true,CorrectDrift=false
- op: add
path: /spec/template/spec/containers/0/args/-
value: --log-level=debug
target:
kind: Deployment
name: helm-controller
# Enable Helm near OOM detection
# https://fluxcd.io/flux/cheatsheets/bootstrap/#enable-helm-near-oom-detection
- patch: |
- op: add
path: /spec/template/spec/containers/0/args/-
value: --feature-gates=OOMWatch=true
- op: add
path: /spec/template/spec/containers/0/args/-
value: --oom-watch-memory-threshold=95
- op: add
path: /spec/template/spec/containers/0/args/-
value: --oom-watch-interval=500ms
target:
kind: Deployment
name: helm-controller
# Enable notifications for 3rd party Flux controllers such as tf-controller
# https://fluxcd.io/flux/cheatsheets/bootstrap/#enable-notifications-for-third-party-controllers
- patch: |
- op: add
path: /spec/versions/1/schema/openAPIV3Schema/properties/spec/properties/eventSources/items/properties/kind/enum/-
value: Terraform
target:
kind: CustomResourceDefinition
name: alerts.notification.toolkit.fluxcd.io
- patch: |
- op: add
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/resources/items/properties/kind/enum/-
value: Terraform
target:
kind: CustomResourceDefinition
name: receivers.notification.toolkit.fluxcd.io
- patch: |
- op: add
path: /rules/-
value:
apiGroups: ["infra.contrib.fluxcd.io"]
resources: ["*"]
verbs: ["*"]
target:
kind: ClusterRole
name: crd-controller-flux-system