Update Argo CD configuration by enabling service in kube-vip daemonset, replacing argocd-ingress with argocd-server-lb, and updating documentation to reflect changes.

2026-03-27 04:06:52 -04:00
parent cbbbf1cfc3
commit d39b253693
5 changed files with 24 additions and 32 deletions
--- a/clusters/noble/apps/kube-vip/vip-daemonset.yaml
+++ b/clusters/noble/apps/kube-vip/vip-daemonset.yaml
@@ -41,9 +41,9 @@ spec:
            - name: cp_enable
              value: "true"
            - name: svc_enable
-              value: "false"
+              value: "true"
            - name: servicesElection
-              value: "false"
+              value: "true"
          securityContext:
            capabilities:
              add:
--- a/clusters/noble/bootstrap/argocd/argocd-ingress.yaml
+++ b/clusters/noble/bootstrap/argocd/argocd-ingress.yaml
@@ -1,25 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: argocd-server
-  namespace: argocd
-  annotations:
-    ingress.cilium.io/backend-protocol: HTTPS
-spec:
-  ingressClassName: cilium
-  tls:
-    - hosts:
-        - argo.noble.lab.pcenicni.dev
-      secretName: argocd-server-tls
-  rules:
-    - host: argo.noble.lab.pcenicni.dev
-      http:
-        paths:
-          - path: /
-            pathType: Prefix
-            backend:
-              service:
-                name: argocd-server
-                port:
-                  number: 443
-
--- a/clusters/noble/bootstrap/argocd/argocd-server-lb.yaml
+++ b/clusters/noble/bootstrap/argocd/argocd-server-lb.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: argocd-server-lb
+  namespace: argocd
+spec:
+  type: LoadBalancer
+  loadBalancerIP: 192.168.50.231
+  selector:
+    app.kubernetes.io/name: argocd-server
+  ports:
+    - name: https
+      protocol: TCP
+      port: 443
+      targetPort: 8080
+
--- a/clusters/noble/bootstrap/argocd/kustomization.yaml
+++ b/clusters/noble/bootstrap/argocd/kustomization.yaml
@@ -5,5 +5,5 @@ resources:
  - namespace.yaml
  - https://raw.githubusercontent.com/argoproj/argo-cd/v2.14.7/manifests/install.yaml
  - default-appproject.yaml
-  - argocd-ingress.yaml
+  - argocd-server-lb.yaml

--- a/talos/README.md
+++ b/talos/README.md
@@ -112,15 +112,16 @@ nc -vz 192.168.50.230 6443

 ## 9) Argo CD via DNS host (no port)

-Argo CD is exposed through Cilium Ingress with host:
+Argo CD is exposed through a kube-vip managed LoadBalancer Service:

 - `argo.noble.lab.pcenicni.dev`

-Ingress manifest:
+Manifests:

- `clusters/noble/bootstrap/argocd/argocd-ingress.yaml`
+- `clusters/noble/bootstrap/argocd/argocd-server-lb.yaml`
+- `clusters/noble/apps/kube-vip/vip-daemonset.yaml` (`svc_enable: "true"`)

 After syncing manifests, create a Pi-hole DNS A record:

- `argo.noble.lab.pcenicni.dev` -> `192.168.50.230`
+- `argo.noble.lab.pcenicni.dev` -> `192.168.50.231`