amend README
This commit is contained in:
parent
85ad57d386
commit
c38218a3f1
54
README.md
54
README.md
|
@ -42,39 +42,49 @@ kubeseal --controller-namespace sealed-secrets -o yaml -n MYNS < ../../gitops-tb
|
|||
After installing k3s, do:
|
||||
|
||||
```
|
||||
# install Argo CD
|
||||
kubectl create ns argocd
|
||||
kubectl apply -n argocd -f https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml
|
||||
kubectl get pods -n argocd -l app.kubernetes.io/name=argocd-server -o name | cut -d'/' -f 2
|
||||
argocd login argocd-server
|
||||
|
||||
# Restore Sealed Secrets secret key
|
||||
kubectl create ns sealed-secrets
|
||||
kubectl apply -f ../gitops-tbrnt-private/sealed-secrets/master-key.yaml
|
||||
|
||||
# Instantiate Argo Root App
|
||||
kubectl apply -f _apps/apps.yaml
|
||||
|
||||
# Let Argo CD do it's job
|
||||
argocd app sync apps
|
||||
argocd app sync sealed-secrets
|
||||
argocd app sync -l app.kubernetes.io/instance=apps
|
||||
```
|
||||
|
||||
TODO:
|
||||
* private key restore
|
||||
* initial app provisioning
|
||||
* ...
|
||||
* Restore PVCs via K8up
|
||||
|
||||
## k3s on Alpine
|
||||
|
||||
* Install k3s: `apk add k3s cni-plugins iptables wireguard-virt wireguard-tools-wg`
|
||||
* Enable cgroups: `rc-update add cgroups default`
|
||||
* Adapt service file `/etc/init.d/k3s`:
|
||||
Prerequisits for installing k3s:
|
||||
|
||||
```
|
||||
#!/sbin/openrc-run
|
||||
apk add \
|
||||
iptables \
|
||||
wireguard-virt \
|
||||
bash \
|
||||
curl
|
||||
```
|
||||
|
||||
export PATH=/usr/share/cni-plugins/bin:$PATH
|
||||
Installing via [k3sup](https://github.com/alexellis/k3sup):
|
||||
|
||||
name="k3s"
|
||||
command="/usr/bin/k3s"
|
||||
command_args="$K3S_OPTS"
|
||||
command_background="yes"
|
||||
output_log="/var/log/k3s.log"
|
||||
error_log="/var/log/k3s.err"
|
||||
|
||||
start_stop_daemon_args="server"
|
||||
pidfile="/run/k3s.pid"
|
||||
|
||||
depend() {
|
||||
need net
|
||||
after firewall
|
||||
}
|
||||
```
|
||||
k3sup install \
|
||||
--ip=185.95.218.11 \
|
||||
--user=root \
|
||||
--local-path=~/.kube/config_knurrli2 \
|
||||
--sudo=false \
|
||||
--k3s-extra-args='--tls-san knurrli.tobrunet.ch --cluster-cidr 10.44.0.0/16 --flannel-backend wireguard'
|
||||
```
|
||||
|
||||
Helpful links:
|
||||
|
|
Reference in New Issue