Remove deprecated Argo CD application configurations and related files for noble cluster, including root-application.yaml, kustomization.yaml, and individual application manifests for argocd, cilium, longhorn, kube-vip, and monitoring components. Update kube-vip daemonset.yaml to enhance deployment strategy and environment variables for improved configuration.

2026-03-27 23:02:17 -04:00
parent 4263da65d8
commit d2c53fc553
37 changed files with 778 additions and 1042 deletions
--- a/clusters/noble/apps/kube-vip/vip-daemonset.yaml
+++ b/clusters/noble/apps/kube-vip/vip-daemonset.yaml
@@ -4,6 +4,11 @@ metadata:
  name: kube-vip-ds
  namespace: kube-system
 spec:
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+      maxSurge: 0
  selector:
    matchLabels:
      app.kubernetes.io/name: kube-vip-ds
@@ -13,6 +18,9 @@ spec:
        app.kubernetes.io/name: kube-vip-ds
    spec:
      hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
+      priorityClassName: system-node-critical
+      terminationGracePeriodSeconds: 90
      serviceAccountName: kube-vip
      nodeSelector:
        node-role.kubernetes.io/control-plane: ""
@@ -32,6 +40,12 @@ spec:
          args:
            - manager
          env:
+            # Leader election identity must be the Kubernetes node name (hostNetwork
+            # hostname is not always the same; without this, no leader → no VIP).
+            - name: vip_nodename
+              valueFrom:
+                fieldRef:
+                  fieldPath: spec.nodeName
            - name: vip_arp
              value: "true"
            - name: address
@@ -41,29 +55,29 @@ spec:
            # Physical uplink from `talosctl -n <cp-ip> get links` (this cluster: ens18).
            - name: vip_interface
              value: "ens18"
+            # Must include "/" — kube-vip does netlink.ParseAddr(address + subnet); "32" breaks (192.168.50.x32).
            - name: vip_subnet
-              value: "32"
+              value: "/32"
            - name: vip_leaderelection
              value: "true"
            - name: cp_enable
              value: "true"
            - name: cp_namespace
              value: "kube-system"
+            # Control-plane VIP only until stable: with svc_enable=true the services leader-election
+            # path calls log.Fatal on many failures / leadership moves → CrashLoopBackOff on all CP nodes.
+            # Re-enable "true" after pods are 1/1; if they loop again, capture: kubectl logs -n kube-system -l app.kubernetes.io/name=kube-vip-ds --previous --tail=100
            - name: svc_enable
-              value: "true"
-            # Env is svc_election (not servicesElection); see pkg/kubevip/config_envvar.go
-            - name: svc_election
-              value: "true"
+              value: "false"
            - name: vip_leaseduration
-              value: "5"
+              value: "15"
            - name: vip_renewdeadline
-              value: "3"
+              value: "10"
            - name: vip_retryperiod
-              value: "1"
+              value: "2"
          securityContext:
            capabilities:
              add:
                - NET_ADMIN
                - NET_RAW
                - SYS_TIME
-