Frequently asked questions

Flux and the GitOps Toolkit frequently asked questions.

Troubleshooting

Troubleshooting advice can be found on our Troubleshooting Cheatsheet.

General questions

Bundles

How to overwrite parameters for specific components

You might want to overwrite specific options for the components. To achieve this, you must specify values in JSON or YAML format using the values- option.

For example, if you want to overwrite k8sServiceHost and k8sServicePort for cilium, take a look at its values.yaml file.

Then specify these options in the values-cilium section of your Cozystack configuration, as shown below:

apiVersion: v1
kind: ConfigMap
metadata:
  name: cozystack
  namespace: cozy-system
data:
  bundle-name: "distro-full"
  ipv4-pod-cidr: "10.244.0.0/16"
  ipv4-svc-cidr: "10.96.0.0/16"
  values-cilium: |
    cilium:
      k8sServiceHost: 11.22.33.44
      k8sServicePort: 6443

How to disable some components from bundle

Sometimes you may need to disable specific components within a bundle. To do this, use the bundle-disable option and provide a comma-separated list of the components you want to disable. For example:

apiVersion: v1
kind: ConfigMap
metadata:
  name: cozystack
  namespace: cozy-system
data:
  bundle-name: "paas-full"
  bundle-disable: "linstor,dashboard"
  ipv4-pod-cidr: "10.244.0.0/16"
  ipv4-svc-cidr: "10.96.0.0/16"

⚠️ Disabling components using this option will not remove them if they are already installed. To remove them, you must delete the Helm release manually using the kubectl delete hr -n <namespace> <component> command.

Operations

How to enable access to dashboard via ingress-controller

Update your ingress application and enable dashboard: true option in it.
Dashboard will become available under: https://dashboard.<your_domain>

How to cleanup etcd state

Sometimes you might want to flush the etcd state from a node. You can use the following command:

talosctl reset --system-labels-to-wipe=EPHEMERAL --graceful=false --reboot

⚠️ This command will remove the state from the specified node. Use it with caution.

How to generate kubeconfig for tenant users

Use the following script:

user=tenant-root

cluster=$(kubectl config get-contexts | awk '$1 == "*" {print $3}')
token=$(kubectl get secret -n "$user" "$user" -o go-template='{{ printf "%s\n" (index .data "token" | base64decode) }}')

kubectl config view --minify --raw > tenant-kubeconfig
kubectl config --kubeconfig tenant-kubeconfig unset users
kubectl config --kubeconfig tenant-kubeconfig unset contexts
kubectl config --kubeconfig tenant-kubeconfig set "users.$user.token" "$token"  --set-raw-bytes=true
kubectl config --kubeconfig tenant-kubeconfig set "contexts.$user@$cluster.user" "$user"
kubectl config --kubeconfig tenant-kubeconfig set "contexts.$user@$cluster.namespace" "$user"
kubectl config --kubeconfig tenant-kubeconfig set "contexts.$user@$cluster.cluster" "$cluster"
kubectl config --kubeconfig tenant-kubeconfig set current-context "$user@$cluster"

in the result, you’ll receive the tenant-kubeconfig file, which you can provide to the user.

How to configure Cozystack using FluxCD or ArgoCD

Here you can find reference repository to learn how to configure Cozystack services using GitOps approach:

https://github.com/aenix-io/cozystack-gitops-example

Last modified 2024-08-03: Fix typo (e818f6b)