TB Platform Init
Bootstrap resources and services for tb-platform clusters
The TB Platform Init ApplicationSets deploy bootstrap resources to the three tb-platform clusters (dev, qa, prod). These include namespaces, RBAC, secret stores, and initial services.
ArgoCD Resources
| ApplicationSet | Generated Applications | Target |
|---|---|---|
tb-platform-init-resources | 3 (one per env) | Remote clusters |
tb-platform-init-services | 3 (one per env) | Local cluster (argocd namespace) |
File Path: application-sets/tb-platform-init.yaml
Init Resources ApplicationSet
Deploys bootstrap resources directly to each tb-platform cluster.
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: tb-platform-init-resources
namespace: argocd
spec:
goTemplate: true
goTemplateOptions: ['missingkey=error']
generators:
- list:
elements:
- environment: dev
cluster: https://10.64.128.34
path: k8s/infra-services/cluster-init/overlays/tb-platform-dev/init-resources
- environment: qa
cluster: https://10.64.128.50
path: k8s/infra-services/cluster-init/overlays/tb-platform-qa/init-resources
- environment: prod
cluster: https://10.64.128.66
path: k8s/infra-services/cluster-init/overlays/tb-platform-prod/init-resources
template:
metadata:
name: 'tb-platform-{{.environment}}-init-resources'
labels:
cluster: 'tb-platform-{{.environment}}'
environment: '{{.environment}}'
spec:
project: 'tb-platform-infra'
source:
repoURL: https://github.com/Titanbay/infra-services.git
targetRevision: 'main'
path: '{{.path}}'
destination:
server: '{{.cluster}}'
syncPolicy:
automated:
prune: true
syncOptions:
- ServerSideApply=true
Generated Applications
| Application | Cluster | Source Path |
|---|---|---|
tb-platform-dev-init-resources | 10.64.128.34 | cluster-init/overlays/tb-platform-dev/init-resources |
tb-platform-qa-init-resources | 10.64.128.50 | cluster-init/overlays/tb-platform-qa/init-resources |
tb-platform-prod-init-resources | 10.64.128.66 | cluster-init/overlays/tb-platform-prod/init-resources |
Init Services ApplicationSet
Deploys ArgoCD Applications to the local cluster that manage services on remote clusters.
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: tb-platform-init-services
namespace: argocd
spec:
goTemplate: true
goTemplateOptions: ['missingkey=error']
generators:
- list:
elements:
- environment: dev
cluster: https://kubernetes.default.svc
path: k8s/infra-services/cluster-init/overlays/tb-platform-dev/init-services
- environment: qa
cluster: https://kubernetes.default.svc
path: k8s/infra-services/cluster-init/overlays/tb-platform-qa/init-services
- environment: prod
cluster: https://kubernetes.default.svc
path: k8s/infra-services/cluster-init/overlays/tb-platform-prod/init-services
template:
metadata:
name: 'tb-platform-{{.environment}}-init-services'
labels:
cluster: 'tb-platform-{{.environment}}'
environment: '{{.environment}}'
spec:
project: 'tb-platform-infra'
source:
repoURL: https://github.com/Titanbay/infra-services.git
targetRevision: 'main'
path: '{{.path}}'
destination:
server: '{{.cluster}}'
namespace: 'argocd'
syncPolicy:
automated:
prune: true
syncOptions:
- ServerSideApply=true
Generated Applications
| Application | Destination | Source Path |
|---|---|---|
tb-platform-dev-init-services | Local (argocd) | cluster-init/overlays/tb-platform-dev/init-services |
tb-platform-qa-init-services | Local (argocd) | cluster-init/overlays/tb-platform-qa/init-services |
tb-platform-prod-init-services | Local (argocd) | cluster-init/overlays/tb-platform-prod/init-services |
Source Structure
k8s/infra-services/cluster-init/
├── base/
│ └── cluster-resources/
│ └── tb-platform/
│ ├── argocd/ # ArgoCD default project
│ ├── namespaces/ # Common namespaces
│ ├── rbac/ # RBAC resources
│ └── secret-stores/ # External Secrets stores
└── overlays/
├── tb-platform-dev/
│ ├── init-resources/ # Bootstrap resources for dev
│ │ └── kustomization.yaml
│ └── init-services/ # Service Applications for dev
│ └── kustomization.yaml
├── tb-platform-qa/
│ ├── init-resources/
│ └── init-services/
└── tb-platform-prod/
├── init-resources/
└── init-services/
What Gets Deployed
Init Resources (to remote clusters)
- Namespaces: Standard namespaces for services
- RBAC: ClusterRoles and ClusterRoleBindings
- Secret Stores: External Secrets SecretStore resources
- ArgoCD Project: Default AppProject for the cluster
Init Services (Applications on hub)
- Additional ArgoCD Applications that deploy services to the remote cluster
- These Applications are created in the
argocdnamespace on the hub
How to Update
Adding Bootstrap Resources
- Add resources to
k8s/infra-services/cluster-init/base/cluster-resources/tb-platform/ - Reference them in the environment overlay’s
kustomization.yaml - Commit and push to
main
Environment-Specific Resources
- Add resources to
k8s/infra-services/cluster-init/overlays/tb-platform-<env>/init-resources/ - Update the overlay’s
kustomization.yaml - Commit and push to
main
Adding Init Services
- Create Application YAML in
cluster-init/overlays/tb-platform-<env>/init-services/ - Add to the overlay’s
kustomization.yaml - Commit and push to
main
Cluster Endpoints
| Environment | Cluster IP |
|---|---|
| Dev | https://10.64.128.34 |
| QA | https://10.64.128.50 |
| Prod | https://10.64.128.66 |
Related ApplicationSets
Other ApplicationSets that deploy to tb-platform clusters:
| ApplicationSet | Purpose |
|---|---|
tb-platform-external-secrets | External Secrets Operator |
tb-platform-grafana-alloy | Telemetry collection |
tb-platform-1password-operator | Secret injection |
tb-platform-config-connector-operator | GCP resource management |