diff --git a/hosts/vm-k1s/configuration.nix b/hosts/vm-k1s/configuration.nix index 474edf3..b13f1dd 100644 --- a/hosts/vm-k1s/configuration.nix +++ b/hosts/vm-k1s/configuration.nix @@ -33,6 +33,8 @@ enable = true; extraFlags = [ "--cluster-domain ${inputs.secrets.lab.k3s.clusterDomain}" + "--flannel-backend=none" + "--disable-network-policy" ]; disable = [ # "coredns" # CoreDNS is required for Flux to be able to bootstrap the cluster (Flux needs to resolve the git repo) @@ -41,6 +43,7 @@ "local-storage" "metrics-server" "runtimes" + "kube-proxy" ]; manifests = { git-ssh-key = { @@ -57,6 +60,25 @@ }; }; autoDeployCharts = { + # cilium = { + # name = "cilium"; + # repo = "oci://quay.io/cilium/charts/cilium"; + # version = "1.18.6"; + # hash = "sha256-+yr38lc5X1+eXCFE/rq/K0m4g/IiNFJHuhB+Nu24eUs="; + # createNamespace = true; + # targetNamespace = "cilium-system"; + # values = { + # operator.replicas = 1; + # hubble.relay.enabled = true; + # hubble.peerService.clusterDomain = inputs.secrets.lab.k3s.clusterDomain; + # hubble.ui.enabled = true; + # kubeProxyReplacement = true; + # gatewayAPI.enabled = true; + # }; + # extraFieldDefinitions = { + # spec.bootstrap = true; + # }; + # }; flux-operator = { name = "flux-operator"; repo = "oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator"; @@ -64,6 +86,9 @@ hash = "sha256-nb0mzEWC3IwjPenQ4LSWBN0NNJc2cc68RB+G60xBOEM="; createNamespace = true; targetNamespace = "flux-system"; + extraFieldDefinitions = { + spec.bootstrap = true; + }; extraDeploy = [ { apiVersion = "fluxcd.controlplane.io/v1"; @@ -152,11 +177,14 @@ environment.variables = { KUBECONFIG = "/etc/rancher/k3s/k3s.yaml"; + CILIUM_NAMESPACE = "cilium-system"; }; environment.systemPackages = with pkgs; [ fluxcd k9s + cilium-cli + hubble ]; # Use correct disko profile