From 18dfe45662c8990d716bc981e15aa2ca837a6614 Mon Sep 17 00:00:00 2001
From: Devin Buhl <devin@buhl.casa>
Date: Thu, 23 May 2024 09:49:16 -0400
Subject: [PATCH] fix: clean up replica counts across apps

Signed-off-by: Devin Buhl <devin@buhl.casa>
---
 .github/tests/config-talos.yaml                      |  2 +-
 .../apps/kube-system/cilium/app/helm-values.yaml.j2  |  2 ++
 .../apps/kube-system/coredns/app/helm-values.yaml.j2 |  8 --------
 .../apps/network/cloudflared/app/helmrelease.yaml.j2 |  1 -
 .../ingress-nginx/external/helmrelease.yaml.j2       | 12 ------------
 .../ingress-nginx/internal/helmrelease.yaml.j2       | 12 ------------
 6 files changed, 3 insertions(+), 34 deletions(-)

diff --git a/.github/tests/config-talos.yaml b/.github/tests/config-talos.yaml
index 3df4ce6dd..1136e99a2 100644
--- a/.github/tests/config-talos.yaml
+++ b/.github/tests/config-talos.yaml
@@ -17,7 +17,7 @@ bootstrap_node_inventory:
     disk: fake
     mac_addr: fake
 bootstrap_dns_servers: ["1.1.1.1", "1.0.0.1"]
-bootstrap_dntp_servers: ["time.cloudflare.com"]
+bootstrap_ntp_servers: ["time.cloudflare.com"]
 bootstrap_pod_network: 10.69.0.0/16
 bootstrap_service_network: 10.96.0.0/16
 bootstrap_controller_vip: 10.10.10.254
diff --git a/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/helm-values.yaml.j2 b/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/helm-values.yaml.j2
index 843f367a9..bf5d35765 100644
--- a/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/helm-values.yaml.j2
+++ b/bootstrap/templates/kubernetes/apps/kube-system/cilium/app/helm-values.yaml.j2
@@ -1,7 +1,9 @@
 ---
 autoDirectNodeRoutes: true
+#% if bootstrap_bgp.enabled %#
 bgpControlPlane:
   enabled: true
+#% endif %#
 bpf:
   masquerade: false
 cgroup:
diff --git a/bootstrap/templates/kubernetes/apps/kube-system/coredns/app/helm-values.yaml.j2 b/bootstrap/templates/kubernetes/apps/kube-system/coredns/app/helm-values.yaml.j2
index 56bf20637..2c358ee35 100644
--- a/bootstrap/templates/kubernetes/apps/kube-system/coredns/app/helm-values.yaml.j2
+++ b/bootstrap/templates/kubernetes/apps/kube-system/coredns/app/helm-values.yaml.j2
@@ -1,6 +1,5 @@
 ---
 fullnameOverride: coredns
-replicaCount: 1
 k8sAppLabelOverride: kube-dns
 serviceAccount:
   create: true
@@ -49,10 +48,3 @@ tolerations:
   - key: node-role.kubernetes.io/control-plane
     operator: Exists
     effect: NoSchedule
-topologySpreadConstraints:
-  - maxSkew: 1
-    topologyKey: kubernetes.io/hostname
-    whenUnsatisfiable: DoNotSchedule
-    labelSelector:
-      matchLabels:
-        app.kubernetes.io/instance: coredns
diff --git a/bootstrap/templates/kubernetes/apps/network/cloudflared/app/helmrelease.yaml.j2 b/bootstrap/templates/kubernetes/apps/network/cloudflared/app/helmrelease.yaml.j2
index f15dd501c..6392714b7 100644
--- a/bootstrap/templates/kubernetes/apps/network/cloudflared/app/helmrelease.yaml.j2
+++ b/bootstrap/templates/kubernetes/apps/network/cloudflared/app/helmrelease.yaml.j2
@@ -23,7 +23,6 @@ spec:
   values:
     controllers:
       cloudflared:
-        replicas: 2
         strategy: RollingUpdate
         annotations:
           reloader.stakater.com/auto: "true"
diff --git a/bootstrap/templates/kubernetes/apps/network/ingress-nginx/external/helmrelease.yaml.j2 b/bootstrap/templates/kubernetes/apps/network/ingress-nginx/external/helmrelease.yaml.j2
index 60b83c6b6..19bed5520 100644
--- a/bootstrap/templates/kubernetes/apps/network/ingress-nginx/external/helmrelease.yaml.j2
+++ b/bootstrap/templates/kubernetes/apps/network/ingress-nginx/external/helmrelease.yaml.j2
@@ -26,7 +26,6 @@ spec:
   values:
     fullnameOverride: ingress-nginx-external
     controller:
-      replicaCount: 1
       service:
         annotations:
           external-dns.alpha.kubernetes.io/hostname: "external.${SECRET_DOMAIN}"
@@ -73,19 +72,8 @@ spec:
         #% else %#
         default-ssl-certificate: "network/${SECRET_DOMAIN/./-}-staging-tls"
         #% endif %#
-      topologySpreadConstraints:
-        - maxSkew: 1
-          topologyKey: kubernetes.io/hostname
-          whenUnsatisfiable: DoNotSchedule
-          labelSelector:
-            matchLabels:
-              app.kubernetes.io/name: ingress-nginx
-              app.kubernetes.io/instance: ingress-nginx-external
-              app.kubernetes.io/component: controller
       resources:
         requests:
           cpu: 100m
         limits:
           memory: 500Mi
-    defaultBackend:
-      enabled: false
diff --git a/bootstrap/templates/kubernetes/apps/network/ingress-nginx/internal/helmrelease.yaml.j2 b/bootstrap/templates/kubernetes/apps/network/ingress-nginx/internal/helmrelease.yaml.j2
index 045eed32a..3c4793987 100644
--- a/bootstrap/templates/kubernetes/apps/network/ingress-nginx/internal/helmrelease.yaml.j2
+++ b/bootstrap/templates/kubernetes/apps/network/ingress-nginx/internal/helmrelease.yaml.j2
@@ -24,7 +24,6 @@ spec:
   values:
     fullnameOverride: ingress-nginx-internal
     controller:
-      replicaCount: 1
       service:
         annotations:
           io.cilium/lb-ipam-ips: "#{ bootstrap_cloudflare.ingress_vip }#"
@@ -70,19 +69,8 @@ spec:
         #% else %#
         default-ssl-certificate: "network/${SECRET_DOMAIN/./-}-staging-tls"
         #% endif %#
-      topologySpreadConstraints:
-        - maxSkew: 1
-          topologyKey: kubernetes.io/hostname
-          whenUnsatisfiable: DoNotSchedule
-          labelSelector:
-            matchLabels:
-              app.kubernetes.io/name: ingress-nginx
-              app.kubernetes.io/instance: ingress-nginx-internal
-              app.kubernetes.io/component: controller
       resources:
         requests:
           cpu: 100m
         limits:
           memory: 500Mi
-    defaultBackend:
-      enabled: false