Skip to content

Commit 952242d

Browse files
committed
notes
1 parent eda2db1 commit 952242d

3 files changed

Lines changed: 19 additions & 10 deletions

File tree

.claude/settings.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
{
2+
"enabledPlugins": {
3+
"superpowers@claude-plugins-official": true
4+
}
5+
}

CLAUDE.md

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -114,21 +114,21 @@ Applications deploy in strict order to prevent race conditions:
114114

115115
| Wave | Component | Purpose |
116116
|------|-----------|---------|
117-
| **-10** | Database Operators | CloudNative PG, Crunchy Postgres operators |
118-
| **0** | Foundation | Cilium (CNI), 1Password Connect, External Secrets Operator |
117+
| **0** | Foundation | Cilium (CNI), ArgoCD, 1Password Connect, External Secrets, AppProjects |
119118
| **1** | Storage | Longhorn, VolumeSnapshot Controller, VolSync |
120-
| **2** | System Services | Cert-Manager, External-DNS, GPU Operators, **Kyverno** (policies), Reloader |
121-
| **3** | Monitoring | Prometheus Stack, Loki, Tempo |
122-
| **4** | Infrastructure AppSet | Discovers `infrastructure/*` applications (Kyverno policies active) |
119+
| **2** | PVC Plumber | Backup existence checker (must run before Kyverno policies in Wave 4) |
120+
| **4** | Infrastructure AppSet | Deploys from explicit path list: cert-manager, external-dns, GPU operators, Kyverno, gateway, databases, etc. |
123121
| **5** | Monitoring AppSet | Discovers `monitoring/*` applications |
124122
| **6** | My-Apps AppSet | Discovers `my-apps/*/*` applications |
125123

126124
**Why this matters**:
127125
- Longhorn won't deploy until Cilium + External Secrets are healthy
128-
- Apps won't deploy until storage exists
129-
- Kyverno policies are active before apps create PVCs (enables automatic backup)
126+
- PVC Plumber (Wave 2) must run before Infrastructure AppSet (Wave 4) because Kyverno policies call PVC Plumber API
127+
- Kyverno, cert-manager, GPU operators etc. deploy via Infrastructure AppSet (Wave 4) before user apps (Wave 6)
130128
- This prevents "chicken-and-egg" dependency issues and SSD thrashing
131129

130+
**Important**: The Infrastructure AppSet uses an explicit list of paths (not glob discovery). To add a new infrastructure component, you must add its path to `infrastructure/controllers/argocd/apps/infrastructure-appset.yaml`.
131+
132132
## Directory Structure
133133

134134
```
@@ -813,4 +813,8 @@ kubectl exec -it gpu-pod -n app-name -- nvidia-smi
813813
- **[BOOTSTRAP.md](BOOTSTRAP.md)** - Complete cluster bootstrap guide
814814
- **[README.md](README.md)** - Overview and architecture diagrams
815815
- **[.github/copilot-instructions.md](.github/copilot-instructions.md)** - Detailed development patterns
816-
- **[docs/](docs/)** - Additional documentation (ArgoCD, storage, networking)
816+
- **[.github/instructions/](/.github/instructions/)** - Domain-specific instructions (ArgoCD, GPU, Talos, standards)
817+
- **[docs/backup-restore.md](docs/backup-restore.md)** - Detailed backup/restore workflow with architecture diagrams
818+
- **[docs/network-topology.md](docs/network-topology.md)** - Network architecture details
819+
- **[docs/network-policy.md](docs/network-policy.md)** - Cilium network policies
820+
- **[docs/argocd.md](docs/argocd.md)** - ArgoCD-specific documentation

infrastructure/controllers/argocd/apps/kustomization.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,5 +13,5 @@ resources:
1313
- pvc-plumber-app.yaml # Wave 2 - Backup existence checker for restore
1414
# ApplicationSets for automatic discovery
1515
- infrastructure-appset.yaml # Wave 4
16-
- monitoring-appset.yaml # Wave 3
17-
- my-apps-appset.yaml # Wave 4
16+
- monitoring-appset.yaml # Wave 5
17+
- my-apps-appset.yaml # Wave 6

0 commit comments

Comments
 (0)