60 lines
1.4 KiB
YAML
60 lines
1.4 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: tailscale-operator
|
|
namespace: tailscale-system
|
|
spec:
|
|
interval: 10m
|
|
timeout: 5m
|
|
chart:
|
|
spec:
|
|
chart: tailscale-operator
|
|
version: "1.90.x" # Update to match operator version
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: tailscale
|
|
namespace: flux-system
|
|
interval: 1h
|
|
valuesFrom:
|
|
# OAuth credentials loaded from SOPS-encrypted secret
|
|
- kind: Secret
|
|
name: operator-oauth
|
|
valuesKey: values.yaml
|
|
values:
|
|
# Operator configuration
|
|
operator:
|
|
hostname: keyboardvagabond-operator
|
|
replicaCount: 2
|
|
image:
|
|
repository: tailscale/k8s-operator
|
|
tag: v1.90.8
|
|
pullPolicy: IfNotPresent
|
|
# Node anti-affinity to distribute operator pods across nodes
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.kubernetes.io/name
|
|
operator: In
|
|
values:
|
|
- tailscale-operator
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Metrics configuration
|
|
metrics:
|
|
enabled: false
|
|
|
|
# Resource limits
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
|