K3S-HOME/platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78 Commits 1 Branch 0 Tags
b650c0af566132d881751aff3348efa0db3aa89f
Commit Graph

25 Commits

Author SHA1 Message Date
Mayne0213
d079b8582a PERF(platform): use 20% memory increase instead of VPA 
- Update argocd controller memory 1700Mi→2040Mi (+20%)
- Update argocd server memory 138Mi→166Mi (+20%)
- Update argocd repo-server memory 1536Mi→1843Mi (+20%)
- Update cert-manager memory 96Mi→115Mi (+20%)
- Update cert-manager webhook memory 96Mi→115Mi (+20%)
- Update cert-manager cainjector memory 192Mi→230Mi (+20%)
 2026-01-10 14:37:21 +09:00
Mayne0213
26ca07623e PERF(platform): adjust resources based on VPA 
- Update argocd controller cpu 126m→350m, memory 1700Mi→640Mi
- Update argocd server memory 138Mi→121Mi
- Update argocd repo-server cpu 15m→49m, memory 1536Mi→933Mi
- Update argocd-image-updater cpu 10m→15m, memory 64Mi→100Mi
- Update cert-manager cpu 23m→15m, memory 96Mi→100Mi
- Update cert-manager webhook cpu 23m→15m, memory 96Mi→100Mi
- Update cert-manager cainjector cpu 23m→15m, memory 192Mi→237Mi
 2026-01-10 14:31:28 +09:00
Mayne0213
57ef8ebca1 PERF(cert-manager): reduce replicas to 1 
- Reduce cert-manager replicas to 1
- Reduce cainjector replicas to 1
- Reduce webhook replicas to 1
 2026-01-10 13:31:46 +09:00
Mayne0213
03ca19b771 feat(argocd): enable ServiceMonitor for metrics collection 
- Add serviceMonitor.enabled: true to controller, server, repoServer
- Allows Prometheus to scrape ArgoCD metrics

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 03:36:29 +09:00
Mayne0213
249e451990 FIX(cert-manager): enable ServiceMonitor for Prometheus 
- Enable ServiceMonitor to allow Prometheus direct scraping
- Fix missing metrics in Grafana dashboard after OTel migration
- Cert-manager uses exported_namespace label which requires ServiceMonitor
 2026-01-10 02:56:02 +09:00
Mayne0213
f5ea1b9fc6 CHORE(cert-manager): increase cainjector memory 
- Increase cainjector memory request and limit from 96Mi to 192Mi
- Maintain CPU request at 23m
 2026-01-10 02:09:27 +09:00
Mayne0213
a422382bc2 FIX(cert-manager): increase memory to prevent OOM 
- Increase controller memory from 64Mi to 96Mi
- Increase webhook memory from 64Mi to 96Mi
- Increase cainjector memory from 64Mi to 96Mi
- Increase CPU requests from 15m to 23m (1.5x)
 2026-01-10 01:17:36 +09:00
Mayne0213
56af1a9a17 CHORE(resources): set memory limits equal to memory requests 
- Align memory limits with memory requests for guaranteed QoS class
- argocd: controller, server, repoServer, redis
- traefik: main container
- cert-manager: main, webhook, cainjector
- argocd-image-updater: main container
 2026-01-10 01:17:35 +09:00
Mayne0213
561a07399a FIX(cert-manager): merge duplicate webhook and cainjector sections 
- Merge webhook.affinity into webhook section
- Merge cainjector.affinity into cainjector section
- Fix YAML structure to prevent configuration override
 2026-01-09 21:43:36 +09:00
Mayne0213
da93a2e346 FEAT(platform): enable HA with replica 2 and soft anti-affinity 
- Add replicaCount: 2 to cert-manager components
- Add soft pod anti-affinity for node distribution
- Remove descheduler (moved to separate location)
 2026-01-09 21:43:36 +09:00
Mayne0213
2e2f75dd6b PERF(resources): remove CPU limits - keep memory limits only 
- CPU throttling prevents app startup, not crashes
- Memory OOM is the real cascading failure cause
- CPU request ensures fair scheduling
 2026-01-07 23:48:39 +09:00
Mayne0213
82781cb4f1 REFACTOR(cert-manager): move issuer to manifests 
- Move ClusterIssuer to manifests/ folder
- Separate from Helm chart configuration
 2026-01-06 01:38:31 +09:00
Mayne0213
cc8bd860fe REFACTOR(repo): platform repo structure 
- Add application.yaml for ArgoCD app-of-apps
- Add kustomization.yaml with platform components
- Add renovate.json for automated updates
- Update cert-manager/argocd.yaml repoURL to platform repo
- Update traefik/argocd.yaml repoURL to platform repo
 2026-01-04 23:28:29 +09:00
Mayne0213
7e687ef657 REFACTOR(repo): migrate repoURL to K3S-HOME 
- Update repository URL to K3S-HOME organization
- Change from personal to organization repo
 2026-01-04 23:28:29 +09:00
Mayne0213
7772f6547f REFACTOR(authelia): remove kanidm 
- and restore authelia
- Delete kanidm folder
- Remove oauth2-proxy from velero
- Restore velero ingress to use authelia middleware
- Update kustomization.yaml to use authelia instead of kanidm
 2026-01-04 23:28:29 +09:00
Mayne0213
59ae6fb777 REFACTOR(argocd): remove serversideapply 
- from argocd applications
- Fixes OutOfSync issues caused by operator-added default values
- ServerSideApply causes stricter field management that conflicts with
  CRD defaults
 2026-01-04 23:28:29 +09:00
Mayne0213
d80a212e6e REFACTOR(traefik): switch from HAProxy 
- to Traefik ingress controller
- Update all ingress files to use ingressClassName: traefik
- Update cert-manager ClusterIssuer to use traefik class
- Remove haproxy.org annotations from ingress files
- Update vault helm-values to use traefik
 2026-01-04 23:28:29 +09:00
Mayne0213
f2325ffcc9 REFACTOR(gitea): migrate repoURL to GitHub 
- Update repository URL to GitHub
- Change source control provider
 2026-01-04 23:28:29 +09:00
Mayne0213
1d7970a42f REFACTOR(goldilocks): use managedNS for labels 
- Remove namespace.yaml files
- Add managedNamespaceMetadata with Goldilocks label
- Set CreateNamespace=true in syncOptions
- Update kustomization.yaml to remove namespace.yaml references
 2026-01-04 23:28:29 +09:00
Mayne0213
521d5491ff FEAT(cert-manager): integrate cert-manager 
- Add cert-manager configuration
- Enable TLS certificate management
 2026-01-04 23:28:29 +09:00
Mayne0213
7955466676 FIX(argocd): helm valueFiles paths in ArgoCD 
- Applications
- Update valueFiles paths from helm-values/<app>.yaml to helm-
  values.yaml
- Fixes ComparisonError after folder restructuring

Applications fixed:
- cert-manager
- cnpg
- external-secrets
- vault
- vpa
- velero
 2025-12-29 02:29:50 +09:00
Mayne0213
ce2ee8d39e REFACTOR(repo): restructure infra folder structure 
- Remove argocd/, helm-values/, ingress/ subdirectories
- Move files to parent directory with standardized names
- Add namespace.yaml to all apps with Goldilocks labels
- Preserve vault/ subdirectories (falco, velero)
- Update main kustomization.yaml to reference argocd.yaml files directly
- Comment out argocd.yaml in each app's kustomization.yaml to prevent
  circular reference

Applications restructured:
- cert-manager (2 ArgoCD apps)
- external-secrets
- reloader
- vault (2 ArgoCD apps)
- velero (2 ArgoCD apps)
- falco
- cnpg
- haproxy
- metallb
- vpa
- argocd
 2025-12-29 02:21:00 +09:00
Mayne0213
0c79aea82f FIX(cert-manager): cert-manager 
- to use haproxy ingress class
Changed from nginx to haproxy to match the current ingress controller.
This resolves the ArgoCD sync loop in cluster-infrastructure.
 2025-12-28 16:46:43 +09:00
Mayne0213
ed6410ee90 CHORE(argocd): update ArgoCD applications to point to cluster-infrastructure 
- Update repoURL to cluster-infrastructure repo
- Change source repository reference
 2025-12-17 15:12:46 +09:00
Mayne0213
8c43c992f0 INIT(repo): cluster infrastructure setup 2025-12-17 15:04:56 +09:00