MichaelFisher1997
68dbd2e5b7
Reserve grafana/prometheus/flux alongside rancher during rebuild cleanup so stale tailnet devices do not force -1 hostnames. Tag the exposed Tailscale services so operator-managed proxies are provisioned with explicit prod/service tags from the tailnet policy.
24 lines
493 B
YAML
24 lines
493 B
YAML
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: rancher-tailscale
|
|
namespace: cattle-system
|
|
annotations:
|
|
tailscale.com/hostname: rancher
|
|
tailscale.com/tags: "tag:prod,tag:rancher"
|
|
tailscale.com/proxy-class: infra-stable
|
|
spec:
|
|
type: LoadBalancer
|
|
loadBalancerClass: tailscale
|
|
selector:
|
|
app: cattle-system-rancher
|
|
ports:
|
|
- name: http
|
|
port: 80
|
|
protocol: TCP
|
|
targetPort: 80
|
|
- name: https
|
|
port: 443
|
|
protocol: TCP
|
|
targetPort: 443
|