Refactor noble cluster configurations by removing deprecated Argo CD application management files and transitioning to a streamlined Ansible-driven installation approach. Update kustomization.yaml files to reflect the new structure, ensuring clarity on resource management. Introduce new namespaces and configurations for cert-manager, external-secrets, and logging components, enhancing the overall deployment process. Add detailed README.md documentation for each component to guide users through the setup and management of the noble lab environment.

2026-03-28 17:02:50 -04:00
parent 41841abc84
commit 90fd8fb8a6
59 changed files with 28 additions and 38 deletions
--- a/clusters/noble/bootstrap/fluent-bit/namespace.yaml
+++ b/clusters/noble/bootstrap/fluent-bit/namespace.yaml
@@ -0,0 +1,10 @@
+# Fluent Bit (tail container logs → Loki) — apply before Helm.
+# HostPath mounts under /var/log require PSA privileged (same idea as monitoring/node-exporter).
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: logging
+  labels:
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/warn: privileged
--- a/clusters/noble/bootstrap/fluent-bit/values.yaml
+++ b/clusters/noble/bootstrap/fluent-bit/values.yaml
@@ -0,0 +1,40 @@
+# Fluent Bit — noble lab (DaemonSet; ship Kubernetes container logs to Loki gateway).
+#
+# Chart: fluent/fluent-bit — pin version on install (e.g. 0.56.0).
+# Install **after** Loki so `loki-gateway.loki.svc` exists.
+#
+# Talos: only **tail** `/var/log/containers` (no host **systemd** input — journal layout differs from typical Linux).
+#
+# kubectl apply -f clusters/noble/apps/fluent-bit/namespace.yaml
+# helm repo add fluent https://fluent.github.io/helm-charts
+# helm repo update
+# helm upgrade --install fluent-bit fluent/fluent-bit -n logging \
+#   --version 0.56.0 -f clusters/noble/apps/fluent-bit/values.yaml --wait --timeout 15m
+
+config:
+  inputs: |
+    [INPUT]
+        Name tail
+        Path /var/log/containers/*.log
+        multiline.parser docker, cri
+        Tag kube.*
+        Mem_Buf_Limit 5MB
+        Skip_Long_Lines On
+
+  filters: |
+    [FILTER]
+        Name kubernetes
+        Match kube.*
+        Merge_Log On
+        Keep_Log Off
+        K8S-Logging.Parser On
+        K8S-Logging.Exclude On
+
+  outputs: |
+    [OUTPUT]
+        Name loki
+        Match kube.*
+        Host loki-gateway.loki.svc.cluster.local
+        Port 80
+        tls Off
+        labels job=fluent-bit