V1.0.0
Release Features
- Setup automation install k8s cluster by using kubeadm
- Management cluster by one command
- Automate install CNI base on your choice
- Automate install Storage base on your choice
- Automate setup External IP for Load Balancer base on your choice
- SSO access to cluster by using OIDC with Keycloak
- Certificate Auto Creation with cert manager
- Automate setup Ingress base on your choice
- Automate setup GatewayAPI and replace Ingress base on your choice
- Role validation for validating input values to make sure we don't have any wrong input
Release link: v.1.0.0
Variable file that will store all your configuration.
General
| Key | Description | Type | Default / Example |
|---|---|---|---|
general.user |
Default system user | string | "kube" |
general.publish_key |
SSH public key | string | (your SSH public key) |
Cluster
| Key | Description | Type | Default / Example |
|---|---|---|---|
cluster.pod_network_cidr |
CIDR for pod networking | string | "172.30.0.0/16" |
cluster.version |
Kubernetes version | string | "1.32" |
cluster.high_avaibility |
Enable HA | bool | false |
cluster.cni |
Container Network Interface plugin | string | "cilium" |
cluster.oidc.enable |
Enable OIDC | bool | false |
cluster.oidc.url |
OIDC issuer URL | string | "https://keycloak.sysopcloud.online/realms/k8s" |
cluster.oidc.client_id |
OIDC client ID | string | "kubernetes" |
cluster.oidc.username_claim |
Claim to use as username | string | "preferred_username" |
cluster.oidc.groups_claim |
Claim to use as groups | string | "groups" |
cluster.cert_manager.enable |
Enable cert-manager | bool | true |
cluster.cert_manager.version |
cert-manager version | string | "1.16.1" |
cluster.cert_manager.cloudflared_email |
Cloudflare Email | string | "abc@hostmail.com" |
cluster.cert_manager.lets_encrypt_email |
Let's Encrypt Email | string | "abc@hostmail.com" |
cluster.cert_manager.domain_wildcard |
domain wildcard | string | "hostmail.com" |
Cilium
| Key | Description | Type | Default / Example |
|---|---|---|---|
cilium.version |
Cilium version | string | "1.16.7" |
cilium.replace_kube_proxy |
Replace kube-proxy | bool | false |
cilium.hubble_domain |
Hubble UI domain | string | "hubbleui.sysopcloud.online" |
cilium.lb |
Enable load balancer | bool | true |
cilium.address_pool |
Address pool (if any) | string | "" |
MetalLB
| Key | Description | Type | Default / Example |
|---|---|---|---|
metalLB.enable |
Enable MetalLB | bool | false |
metalLB.version |
MetalLB version | string | "v0.14.8" |
metalLB.address_pool |
Address pool | string | "" |
Ingress
| Key | Description | Type | Default / Example |
|---|---|---|---|
ingress.enable |
Enable ingress | bool | true |
ingress.class |
Ingress class name | string | "nginx" |
Service Mesh
| Key | Description | Type | Default / Example |
|---|---|---|---|
mesh.enable |
Enable Mesh | bool | true |
mesh.tool |
Mesh tool name | string | "istio" |
mesh.kiali.enable |
Enable Kiali | bool | true |
Gateway API
| Key | Description | Type | Default / Example |
|---|---|---|---|
gateway_api.enable |
Enable Gateway API | bool | false |
gateway_api.channel |
Channel (e.g. experimental) | string | "experimental" |
gateway_api.version |
Gateway API version | string | "v1.2.0" |
gateway_api.class |
GatewayClass driver | string | "kong" |
gateway_api.class_version |
GatewayClass version | string | "v1.5.0" |
Storage
| Key | Description | Type | Default / Example |
|---|---|---|---|
storage.enable |
Enable storage | bool | true |
storage.class |
Storage class | string | "nfs" |
storage.rancher.version |
Rancher local path version | string | "0.0.30" |
storage.rancher.directory |
Rancher path dir | string | "/home/kube" |
storage.longhorn.version |
Longhorn version | string | "1.7.2" |
storage.nfs.share_path |
NFS share path | string | "/home/data" |
Octant
| Key | Description | Type | Default / Example |
|---|---|---|---|
octant.enable |
Enable Octant UI | bool | false |
Metrics Server
| Key | Description | Type | Default / Example |
|---|---|---|---|
metrics_server.enable |
Enable metrics server | bool | false |
Monitoring
| Key | Description | Type | Default / Example |
|---|---|---|---|
monitoring.enable |
Enable monitoring | bool | false |
monitoring.monitor.stack |
Monitoring stack | string | "prometheus" |
monitoring.monitor.domain |
Monitoring domain | string | "sysopcloud.online" |
monitoring.logging.stack |
Logging stack | string | "loki" |
AWX
| Key | Description | Type | Default / Example |
|---|---|---|---|
awx.enable |
Enable AWX tool | bool | false |
GitOps
| Key | Description | Type | Default / Example |
|---|---|---|---|
gitops.enable |
Enable GitOps | bool | true |
gitops.tool |
GitOps tool | string | "argocd" |
gitops.argocd.version |
ArgoCD version | string | "7.6.12" |
gitops.argocd.image_updater_version |
Image updater version | string | "0.11.1" |
gitops.argocd.domain |
ArgoCD domain | string | "argocd.sysopcloud.online" |
Security (Cloudflare Tunnel)
| Key | Description | Type | Default / Example |
|---|---|---|---|
security.cloudflared.enable |
Enable cloudflared tunnel | bool | true |
security.cloudflared.hostname |
Tunnel hostname | string | "sysopcloud.online" |
security.cloudflared.external_dns.enable |
Enable external DNS | bool | true |
security.cloudflared.external_dns.target |
DNS target | string | "121af898-...cfargotunnel.com" |
security.safeline.enable |
Enable SafeLine Waf | bool | true |