k8s Infrastructure
These manifests set up:
- External Secrets: Allow us to pull secrets from a secrets provider
- Prometheus Stack: Cluster monitoring
- Loki + Promtail: Log aggregation, sending to Prometheus
- Longhorn and NFS: Storage providers
- cert-manager: Certificate provider
- Traefik: Ingress controller
Notes
We must install the CRDs before the controllers and the configs. We do this by creating a Flux Kustomization to apply the CRDs before applying the Kustomize overlay in this directory, which skips the CRDs.