Add infra

talos/readme.md

@@ -51,6 +51,8 @@ cluster:
   network:
     cni:
       name: none
+  proxy:
+    disabled: true
 ```
 
 Then apply the patch to the control plane yaml
@@ -70,17 +72,30 @@ And apply that control plane yaml with
 helm install \
     cilium \
     cilium/cilium \
-    --version 1.15.0 \
+    --version 1.15.1 \
     --namespace kube-system \
     --set ipam.mode=kubernetes \
-    --set=kubeProxyReplacement=disabled \
+    --set=kubeProxyReplacement=true \
     --set=securityContext.capabilities.ciliumAgent="{CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}" \
     --set=securityContext.capabilities.cleanCiliumState="{NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}" \
     --set=cgroup.autoMount.enabled=false \
-    --set=cgroup.hostRoot=/sys/fs/cgroup
+    --set=cgroup.hostRoot=/sys/fs/cgroup \
+    --set hubble.relay.enabled=true \
+    --set hubble.ui.enabled=true \
+    --set=k8sServiceHost=localhost \
+    --set=k8sServicePort=7445 \
+    --set operator.replicas=1
+```
+
+You can modify this after install with:
+
+```sh
+helm upgrade cilium cilium/cilium --version 1.15.1 \
+   --namespace kube-system \
+   --reuse-values \
+   --set operator.replicas=1
 ```
 
 ## Flux
 
-`flux bootstrap git --private-key-file=/config/.ssh/gitea --url ssh://git@gitea.home.joemonk.co.uk:2222/joe/gitops.git --branch ma
-in --path=clusters/talos`
+`flux bootstrap git --private-key-file=/config/.ssh/gitea --url ssh://git@gitea.home.joemonk.co.uk:2222/joe/gitops.git --branch main --path=clusters/talos`