From 9311595d17276de74be7fc2a85385c412281049b Mon Sep 17 00:00:00 2001 From: Wahab Ali Date: Thu, 22 Aug 2024 01:45:40 -0400 Subject: [PATCH] Use CAPI capability of Flux's HelmRelease to install apps into target cluster --- templates/aws-standalone-cp/README.md | 11 +++++ .../templates/apps/cert-manager.yaml | 40 +++++++++++++++++++ .../templates/apps/nginx-ingress.yaml | 34 ++++++++++++++++ 3 files changed, 85 insertions(+) create mode 100644 templates/aws-standalone-cp/README.md create mode 100644 templates/aws-standalone-cp/templates/apps/cert-manager.yaml create mode 100644 templates/aws-standalone-cp/templates/apps/nginx-ingress.yaml diff --git a/templates/aws-standalone-cp/README.md b/templates/aws-standalone-cp/README.md new file mode 100644 index 000000000..c653998ec --- /dev/null +++ b/templates/aws-standalone-cp/README.md @@ -0,0 +1,11 @@ +## Install applications into Target Cluster + +To install applications into the target cluster created using Cluster API (CAPI) upon creation, a Flux `HelmRelease` object is to be made such that its `.spec.KubeConfig` references the kubeconfig of the target cluster. + +**Reference:** https://fluxcd.io/flux/components/helm/helmreleases/#remote-clusters--cluster-api + +This chart/template already defines the following applications under `templates/apps` to be installed into the target cluster: +1. cert-manager +2. nginx-ingress + +**Important:** The Flux objects added to `templates/apps` to install custom applications must have the `hmc.mirantis.com/managed: "true"` label to be reconciled by HMC. diff --git a/templates/aws-standalone-cp/templates/apps/cert-manager.yaml b/templates/aws-standalone-cp/templates/apps/cert-manager.yaml new file mode 100644 index 000000000..59e4df9c0 --- /dev/null +++ b/templates/aws-standalone-cp/templates/apps/cert-manager.yaml @@ -0,0 +1,40 @@ +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: cert-manager + labels: + hmc.mirantis.com/managed: "true" +spec: + interval: 24h + url: https://charts.jetstack.io +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ include "cluster.name" . }}-cert-manager + labels: + hmc.mirantis.com/managed: "true" +spec: + chart: + metadata: + labels: + hmc.mirantis.com/managed: "true" + spec: + chart: cert-manager + version: ">=v1.12.3" + sourceRef: + kind: HelmRepository + name: cert-manager + install: + createNamespace: true + remediation: + retries: -1 + interval: 10m + kubeConfig: + secretRef: + name: {{ include "cluster.name" . }}-kubeconfig + releaseName: cert-manager + targetNamespace: cert-manager + storageNamespace: cert-manager + values: + installCRDs: true diff --git a/templates/aws-standalone-cp/templates/apps/nginx-ingress.yaml b/templates/aws-standalone-cp/templates/apps/nginx-ingress.yaml new file mode 100644 index 000000000..0d3017c6a --- /dev/null +++ b/templates/aws-standalone-cp/templates/apps/nginx-ingress.yaml @@ -0,0 +1,34 @@ +apiVersion: source.toolkit.fluxcd.io/v1beta2 +kind: OCIRepository +metadata: + name: nginx-ingress + labels: + hmc.mirantis.com/managed: "true" +spec: + interval: 24h + url: oci://ghcr.io/nginxinc/charts/nginx-ingress + ref: + semver: "1.3.2" +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ include "cluster.name" . }}-nginx-ingress + labels: + hmc.mirantis.com/managed: "true" +spec: + targetNamespace: nginx-ingress + storageNamespace: nginx-ingress + kubeConfig: + secretRef: + name: {{ include "cluster.name" . }}-kubeconfig + interval: 10m + chartRef: + kind: OCIRepository + name: nginx-ingress + install: + createNamespace: true + remediation: + retries: -1 + values: + fullnameOverride: nginx-ingress