Skip to content

feat: apply namespaces, wire make cluster-up end-to-end #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
CodeBuildder merged 1 commit into from
Apr 14, 2026
Merged

feat: apply namespaces, wire make cluster-up end-to-end #25

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 47 additions & 25 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,59 +1,81 @@
.PHONY: help cluster-up cluster-down deploy-cilium deploy-falco deploy-kyverno \
deploy-observability deploy-agent deploy-ui status clean
.PHONY: help cluster-up cluster-down cluster-status deploy-cilium deploy-falco \
deploy-kyverno deploy-observability deploy-agent deploy-ui \
hubble-ui grafana-ui k9s clean

help:
@echo "Argus — available commands:"
@echo ""
@echo " Cluster"
@echo " make cluster-up Provision OrbStack VMs and bootstrap k3s"
@echo " make cluster-down Stop all OrbStack VMs"
@echo " make cluster-status Show node and pod status"
@echo " make cluster-up Provision VMs, install k3s, Cilium, namespaces"
@echo " make cluster-down Stop all OrbStack VMs"
@echo " make cluster-status Show node and pod status"
@echo ""
@echo " Security"
@echo " make deploy-cilium Install Cilium CNI + enable Hubble"
@echo " make deploy-falco Install Falco via Helm"
@echo " make deploy-kyverno Install Kyverno + apply policies"
@echo " make deploy-falco Install Falco via Helm"
@echo " make deploy-kyverno Install Kyverno + apply policies"
@echo ""
@echo " Observability"
@echo " make deploy-observability Install Prometheus + Grafana + Loki"
@echo ""
@echo " Application"
@echo " make deploy-agent Build and deploy AI agent"
@echo " make deploy-ui Build and deploy React UI"
@echo " make deploy-agent Build and deploy AI agent"
@echo " make deploy-ui Build and deploy React UI"
@echo ""
@echo " Utilities"
@echo " make hubble-ui Open Hubble network flow UI"
@echo " make grafana-ui Port-forward Grafana to localhost:3000"
@echo " make k9s Open k9s cluster terminal UI"
@echo " make clean Destroy VMs and reset kubeconfig"
@echo " make hubble-ui Open Hubble network flow UI"
@echo " make grafana-ui Port-forward Grafana to localhost:3000"
@echo " make k9s Open k9s cluster terminal UI"
@echo " make clean Destroy VMs and reset kubeconfig"

cluster-up:
@echo "TODO: implement in cluster/bootstrap/"
@echo "==> Provisioning VMs..."
@bash cluster/bootstrap/01-provision-vms.sh
@echo "==> Installing k3s master..."
@bash cluster/bootstrap/02-install-master.sh
@echo "==> Joining workers..."
@bash cluster/bootstrap/03-join-workers.sh
@echo "==> Installing Cilium..."
@bash cluster/bootstrap/04-install-cilium.sh
@echo "==> Applying namespaces..."
@kubectl apply -f cluster/namespaces/namespaces.yaml
@echo "==> Cluster is ready."

cluster-down:
orb stop k3s-master k3s-worker1 k3s-worker2

cluster-status:
kubectl get nodes -o wide
kubectl get pods -A

deploy-cilium:
@echo "TODO: implement after cluster-up is working"
@echo "==> Nodes:"
@kubectl get nodes -o wide
@echo ""
@echo "==> Pods (all namespaces):"
@kubectl get pods -A
@echo ""
@echo "==> Cilium status:"
@cilium status

deploy-falco:
@echo "TODO: implement after Cilium is running"
helm repo add falcosecurity https://falcosecurity.github.io/charts
helm repo update
helm upgrade --install falco falcosecurity/falco \
--namespace kube-system \
--values security/falco/values.yaml

deploy-kyverno:
@echo "TODO: implement after Falco is running"
helm repo add kyverno https://kyverno.github.io/kyverno
helm repo update
helm upgrade --install kyverno kyverno/kyverno \
--namespace kube-system \
--create-namespace
kubectl apply -f security/kyverno/

deploy-observability:
@echo "TODO: implement after security layer is deployed"
@echo "TODO: implement in Module 3"

deploy-agent:
@echo "TODO: implement after observability is running"
@echo "TODO: implement in Module 4"

deploy-ui:
@echo "TODO: implement after agent is running"
@echo "TODO: implement in Module 5"

hubble-ui:
cilium hubble ui
Expand Down
19 changes: 18 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,24 @@

## Local setup

[fill in after Module 1 is complete]
### Prerequisites
- macOS (Apple Silicon M-series)
- OrbStack installed (`brew install orbstack`)
- CLI tools: `brew install kubectl helm k3sup cilium-cli hubble k9s`

### Spin up the cluster
```bash
make cluster-up
```

This provisions 3 OrbStack VMs, installs k3s, deploys Cilium with eBPF
kube-proxy replacement, enables Hubble, and creates all namespaces.

### Verify
```bash
make cluster-status
cilium hubble ui
```

## Architecture decisions

Expand Down
Loading