|
|
c5c5a7e469
|
FEAT(falco): add HAProxy Ingress for Falco UI
- Add HAProxy ingress at falco0213.kro.kr
- Configure SSL/TLS
|
2026-01-04 23:41:39 +09:00 |
|
|
|
ac5fde6ba4
|
FIX(repo): simplify ignoreDiff for all StatefulSets
- Simplify ignoreDifferences configuration
- Reduce complexity
|
2026-01-04 23:41:39 +09:00 |
|
|
|
70eb551871
|
FIX(falco): disable selfHeal for Falco
- Prevent StatefulSet drift issues
- Disable automatic healing
|
2026-01-04 23:41:39 +09:00 |
|
|
|
3f18a3cdf8
|
FEAT(repo): enhance syncPolicy and ignoreDiff for StatefulSet
- Add enhanced sync policy
- Configure ignoreDifferences for StatefulSet
|
2026-01-04 23:41:39 +09:00 |
|
|
|
c2b9175b8b
|
FIX(storage): improve ignoreDiff for StatefulSet PVC retention
- Improve ignoreDifferences configuration
- Handle PVC retention policy
|
2026-01-04 23:41:39 +09:00 |
|
|
|
18dac6b77f
|
FIX(falco): change Falco driver to modern_ebpf
- Use modern_ebpf driver for kernel 6.14 compatibility
- Fix kernel module issues
|
2026-01-04 23:41:39 +09:00 |
|
|
|
10308d48d0
|
FEAT(velero): Add Velero, Falco,
- and CNPG infrastructure components
Add three critical infrastructure components via GitOps:
- Velero: Backup and disaster recovery solution
- Configured with Minio S3 backend
- Daily full cluster backups (30-day retention)
- Hourly backups for critical namespaces (7-day retention)
- Credentials managed via External Secrets from Vault
- Falco: Runtime security monitoring
- eBPF-based threat detection
- Custom rules for container security
- Falcosidekick for alert forwarding
- Prometheus metrics enabled
- CNPG (CloudNativePG): PostgreSQL operator
- Kubernetes-native PostgreSQL management
- Automated failover and backups
- Will replace Bitnami PostgreSQL
All components follow existing GitOps patterns:
- Helm charts deployed via ArgoCD
- Values managed in Git
- Automated sync with selfHeal enabled
|
2026-01-04 23:41:39 +09:00 |
|
