From 9e6c57084da19dda3528cd1bb3609bfe6838f48c Mon Sep 17 00:00:00 2001
From: Edward Cheng <edward@cheng.sydney>
Date: Tue, 11 Jun 2024 01:24:26 +1000
Subject: [PATCH] add cilium app

---
 .../infrastructure/cilium/app/release.yaml    | 43 +++++++++++++++++++
 .../infrastructure/cilium/app/repository.yaml |  8 ++++
 kubernetes/infrastructure/cilium/cilium.yaml  |  4 +-
 3 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 kubernetes/infrastructure/cilium/app/release.yaml
 create mode 100644 kubernetes/infrastructure/cilium/app/repository.yaml

diff --git a/kubernetes/infrastructure/cilium/app/release.yaml b/kubernetes/infrastructure/cilium/app/release.yaml
new file mode 100644
index 0000000..8be73c8
--- /dev/null
+++ b/kubernetes/infrastructure/cilium/app/release.yaml
@@ -0,0 +1,43 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: cilium
+  namespace: kube-system
+spec:
+  chart:
+    spec:
+      chart: cilium
+      version: 1.15.5
+      sourceRef:
+        kind: HelmRepository
+        namespace: kube-system
+        name: cilium
+  install:
+    crds: Create
+  upgrade:
+    crds: CreateReplace
+  interval: 1h
+  driftDetection:
+    mode: enabled
+  values:
+    global:
+      encryption:
+        enabled: true
+        nodeEncryption: true
+
+    policyEnforcementMode: default
+
+    operator:
+      replicas: 1
+
+    ipam:
+      mode: cluster-pool
+      operator:
+        clusterPoolIPv4PodCIDRList: [10.42.0.0/16]
+        clusterPoolIPv4MaskSize: 24
+
+    dnsProxy:
+      dnsRejectResponseCode: nameError
+
+    cni:
+      exclusive: false
diff --git a/kubernetes/infrastructure/cilium/app/repository.yaml b/kubernetes/infrastructure/cilium/app/repository.yaml
new file mode 100644
index 0000000..0ca641c
--- /dev/null
+++ b/kubernetes/infrastructure/cilium/app/repository.yaml
@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: cilium
+  namespace: kube-system
+spec:
+  interval: 1h
+  url: https://helm.cilium.io
diff --git a/kubernetes/infrastructure/cilium/cilium.yaml b/kubernetes/infrastructure/cilium/cilium.yaml
index 4365ce4..1ccc689 100644
--- a/kubernetes/infrastructure/cilium/cilium.yaml
+++ b/kubernetes/infrastructure/cilium/cilium.yaml
@@ -1,11 +1,11 @@
 apiVersion: kustomize.toolkit.fluxcd.io/v1
 kind: Kustomization
 metadata:
-  name: cilium-networkpolicies
+  name: cilium
   namespace: kube-system
 spec:
   interval: 1h
-  path: ./kubernetes/infrastructure/cilium/networkpolicies
+  path: ./kubernetes/infrastructure/cilium
   prune: true
   sourceRef:
     kind: GitRepository