HetznerTerra/infrastructure/addons/rancher/helmrelease-rancher.yaml

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: rancher
  namespace: flux-system
spec:
  interval: 10m
  timeout: 15m
  targetNamespace: cattle-system
  chart:
    spec:
      chart: ./infrastructure/charts/rancher
      sourceRef:
        kind: GitRepository
        name: platform
        namespace: flux-system
  install:
    createNamespace: true
    remediation:
      retries: 3
  upgrade:
    remediation:
      retries: 3
  values:
    hostname: rancher.silverside-gopher.ts.net
    systemDefaultRegistry: registry.rancher.com
    replicas: 1
    extraEnv:
      - name: CATTLE_PROMETHEUS_METRICS
        value: "true"
      - name: CATTLE_FEATURES
        value: "managed-system-upgrade-controller=false"
    webhook:
      image:
        repository: rancher/rancher-webhook
        tag: v0.9.3
        imagePullPolicy: IfNotPresent
    resources:
      requests:
        cpu: 500m
        memory: 512Mi
      limits:
        cpu: 1000m
        memory: 1Gi
    startupProbe:
      timeoutSeconds: 5
      periodSeconds: 10
      failureThreshold: 60
    affinity:
      nodeAffinity:
        requiredDuringSchedulingIgnoredDuringExecution:
          nodeSelectorTerms:
            - matchExpressions:
                - key: node-role.kubernetes.io/control-plane
                  operator: DoesNotExist
  valuesFrom:
    - kind: Secret
      name: rancher-bootstrap-password
      valuesKey: bootstrapPassword
      targetPath: bootstrapPassword