MichaelFisher1997
68dbd2e5b7
Reserve grafana/prometheus/flux alongside rancher during rebuild cleanup so stale tailnet devices do not force -1 hostnames. Tag the exposed Tailscale services so operator-managed proxies are provisioned with explicit prod/service tags from the tailnet policy.
21 lines
477 B
YAML
21 lines
477 B
YAML
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: flux-tailscale
|
|
namespace: flux-system
|
|
annotations:
|
|
tailscale.com/hostname: flux
|
|
tailscale.com/tags: "tag:prod,tag:flux"
|
|
tailscale.com/proxy-class: infra-stable
|
|
spec:
|
|
type: LoadBalancer
|
|
loadBalancerClass: tailscale
|
|
selector:
|
|
app.kubernetes.io/name: weave-gitops
|
|
app.kubernetes.io/instance: flux-system-weave-gitops
|
|
ports:
|
|
- name: http
|
|
port: 9001
|
|
protocol: TCP
|
|
targetPort: http
|