1. Infrastructure Charts
  2. cluster

cluster

Deploys cluster with Cluster API and Kubevirt, including addons.

Deploys a Kubernetes cluster with Cluster API and KubeVirt.

Includes the following addons:

Prerequisites

The chart requires the following addons to be installed on the host cluster:

Make sure to specify the namespace Argo CD is watching resources in using the argocdNamespace values option.

The chart requires a virtual machine image built from the Kubernetes image builder project available for download over HTTP(S). Make sure to set config.image to the url of the virtual machine image.

Secrets containing Cloudflare token, DNS API credentials, and MinIO bucket credentials on the host cluster are required. Make sure to create the secrets, specify the namespace of the secrets in config.externalSecrets.remoteNamespace, and authorize access to the secrets via config.rbac.

Install

To install the chart:

helm install my-release oci://ghcr.io/sneakybugs/cluster --version 4.0.2 --values values.yaml

Assuming you have a values.yaml with your values overrides:

Upgrade

To upgrade the chart:

helm upgrade my-release oci://ghcr.io/sneakybugs/cluster --version 4.0.2 --values values.yaml

Assuming you have a values.yaml with your values overrides:

Uninstall

To uninstall the chart:

helm uninstall my-release

Configuration

ParameterDescriptionDefault
nameOverrideOverride chart name.""
fullnameOverrideOverride full release name.""
argocdNamespaceNamespace to deploy Argo CD resources to.”argocd”
versions.calicoCalico version to deploy.”v3.30.3”
versions.certManagerCert Manager version to deploy.”v1.19.1”
versions.componentscluster-components chart version to deploy.”7.0.1”
versions.telemetryExporterComponentstelemetry-exporter-components chart version to deploy.”3.0.0”
versions.externalDNSExternalDNS version to deploy.”1.19.0”
versions.externalSecretsExternal Secrets version to deploy.”0.20.3”
versions.envoyGatewayEnvoy Gateway version to deploy.”1.5.4”
versions.kubeStateMetricsKube State Metrics chart version to deploy.”6.3.0”
versions.kubePrometheusStackkube-prometheus-stack chart version to deploy.”78.2.1”
versions.prometheusNodeExporterNode exporter chart version to deploy.”4.48.0”
versions.prometheusOperatorCRDsPrometheus Operator CRDs chart version to deploy.”24.0.1”
versions.openTelemetryOperatorOpenTelemetry Operator chart version to deploy.”0.97.1”
versions.veleroVelero chart version to deploy.”11.1.1”
versions.veleroPluginForAWSVelero AWS plugin version to deploy.”1.12.2”
versions.kroKro version to deploy.”0.4.1”
versions.cephCSIRBDceph-csi-rbd version to deploy.”3.15.0”
versions.metricsServerMetrics server version to deploy.”3.13.0”
features.backupsEnable Velero backups when true.true
features.telemetryExporterEnable OpenTelemetry exporter when true.true
features.kroEnable Kro when true.true
features.componentsDisable cluster-components chart when false.true
features.exporterComponentsDisable telemetry-exporter-components chart when false.true
config.podSubnetPod subnet to use.”10.243.0.0/16”
config.serviceSubnetService subnet to use.”10.95.0.0/16”
config.imageNode image to use.https://vmi.infra.sneakybugs.com/images/rocky-10.0-k8s-1.34.1-26a50db-20251016.0.qcow2
config.versionKubernetes version of the node image.”v1.34.1”
config.cephCSIRBD.rookNamespace”rook-ceph”
config.cephCSIRBD.blockPoolName”ceph-blockpool”
config.cephCSIRBD.cephMonitors[“10.0.0.0:6789”]
config.imageRegistries[{“prefix”: “docker.io”, “location”: “oci.infra.sneakybugs.com/docker”}, {“prefix”: “quay.io”, “location”: “oci.infra.sneakybugs.com/quay”}, {“prefix”: “ghcr.io”, “location”: “oci.infra.sneakybugs.com/ghcr”}, {“prefix”: “registry.k8s.io”, “location”: “oci.infra.sneakybugs.com/k8s”}, {“prefix”: “oci.external-secrets.io”, “location”: “oci.infra.sneakybugs.com/external-secrets”}]
config.gateway.hostname”*.infra.sneakybugs.com”
config.otlpExporter.endpointCentralized OpenTelemetry Collector endpoint to export telemetry to.”otel.infra.sneakybugs.com:4317”
config.externalSecrets.remoteNamespace”tenant-secrets”
config.externalDNSWebhook.repository”ghcr.io/sneakybugs/corewarden-externaldns-provider”
config.externalDNSWebhook.tag”4.1.2”
config.certManagerValues for cluster-components chart certManager field.{}
config.velero.storage.rookNamespaceRook namespace to use for backup ObjectBucketClaim in the management cluster.”rook-ceph”
config.velero.storage.cephObjectStoreNameRook CephObjectStore to use for the bucket in the management cluster.”ceph-objectstore”
config.velero.storage.cephObjectBucketStorageClassNameRook StorageClass name to use for the bucket in the management cluster.”ceph-bucket”
config.velero.storage.s3UrlS3 endpoint URL for backup storage.https://vmi.infra.sneakybugs.com
config.velero.storage.prefixPrefix to store backups in the S3 bucket, defaults to : if unspecified.""
config.velero.storage.accessModeBackup location access mode, ReadWrite or ReadOnly.”ReadWrite”
config.velero.backup.scheduleCron schedule to perform backups at.”0 4 * * *“
config.velero.backup.ttlTime to keep backups.”720h”
config.rbac.namespaceNamespace for role in the management cluster.”tenant-secrets”
config.rbac.rulesRole rules for the namespace in the management cluster.[{“apiGroups”: [""], “resources”: [“secrets”], “verbs”: [“get”, “list”, “watch”], “resourceNames”: [“cert-manager”, “external-dns”, “backup”]}, {“apiGroups”: [“authorization.k8s.io”], “resources”: [“selfsubjectrulesreviews”], “verbs”: [“create”]}]
nodes.controlPlane.replicasControl plane node count.1
nodes.controlPlane.resources.storageControl plane node disk size.”16Gi”
nodes.controlPlane.resources.coresControl plane node core count.2
nodes.controlPlane.resources.memoryControl plane node RAM size.”4Gi”
nodes.worker.replicasWorker node count.1
nodes.worker.resources.storageWorker node disk size.”32Gi”
nodes.worker.resources.coresWorker node core count.4
nodes.worker.resources.memoryWorker node RAM size.”8Gi”

Star the source on GitHub.