From 60c8544295a65d4e670e885ea1919f4c0605944e Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Sat, 9 Oct 2021 21:35:57 +0200
Subject: [PATCH] Revert "cilium: Introduce new network provider to the
 clusters"

This reverts commit 8701a6ee6cf24e014af0753f57a828c677d544de.
---
 cli/Dockerfile                           | 11 ---------
 infrastructure/cilium/kustomization.yaml |  6 -----
 infrastructure/cilium/release.yaml       | 30 ------------------------
 infrastructure/cilium/repository.yaml    |  7 ------
 infrastructure/kustomization.yaml        |  1 -
 terraform/firewall.tf                    | 28 ----------------------
 6 files changed, 83 deletions(-)
 delete mode 100644 infrastructure/cilium/kustomization.yaml
 delete mode 100644 infrastructure/cilium/release.yaml
 delete mode 100644 infrastructure/cilium/repository.yaml

diff --git a/cli/Dockerfile b/cli/Dockerfile
index ace6b14a9..ff61c5b8c 100644
--- a/cli/Dockerfile
+++ b/cli/Dockerfile
@@ -53,15 +53,6 @@ ENV SOPS_RELEASE=${SOPS_RELEASE}
 RUN curl -L https://github.com/mozilla/sops/releases/download/${SOPS_RELEASE}/sops-${SOPS_RELEASE}.linux > ./sops \
     && install -o root -g root -m 0755 sops /usr/local/bin/sops
 
-# Cilium CLI cache
-FROM docker.io/library/fedora:34 as cilium
-ARG CILIUM_RELEASE=latest
-ENV CILIUM_RELEASE=${CILIUM_RELEASE}
-
-RUN curl -L --remote-name-all https://github.com/cilium/cilium-cli/releases/${CILIUM_RELEASE}/download/cilium-linux-amd64.tar.gz{,.sha256sum} && \
-  sha256sum --check cilium-linux-amd64.tar.gz.sha256sum && \
-  tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
-
 # Actual start of container build
 FROM docker.io/library/fedora:34
 
@@ -101,14 +92,12 @@ COPY --from=hcloud /usr/local/bin/hcloud /usr/local/bin/hcloud
 COPY --from=helm /usr/local/bin/helm /usr/local/bin/helm
 COPY --from=flux /usr/local/bin/flux /usr/local/bin/flux
 COPY --from=sops /usr/local/bin/sops /usr/local/bin/sops
-COPY --from=cilium /usr/local/bin/cilium /usr/local/bin/cilium
 
 RUN true \
     && echo "command -v flux >/dev/null && . <(flux completion bash)" >> /root/.bashrc \
     && echo "command -v kubectl >/dev/null && . <(kubectl completion bash)" >> /root/.bashrc \
     && echo "command -v helm >/dev/null && . <(helm completion bash)" >> /root/.bashrc \
     && echo "command -v hcloud >/dev/null && . <(hcloud completion bash)" >> /root/.bashrc \
-    && echo "command -v cilium >/dev/null && . <(cilium completion bash)" >> /root/.bashrc \
     && true
 
 # Create workspace
diff --git a/infrastructure/cilium/kustomization.yaml b/infrastructure/cilium/kustomization.yaml
deleted file mode 100644
index 7da405581..000000000
--- a/infrastructure/cilium/kustomization.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: kube-system
-resources:
-  - repository.yaml
-  - release.yaml
diff --git a/infrastructure/cilium/release.yaml b/infrastructure/cilium/release.yaml
deleted file mode 100644
index 0725c9acd..000000000
--- a/infrastructure/cilium/release.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
-  name: cilium
-  namespace: kube-system
-spec:
-  releaseName: cilium
-  chart:
-    spec:
-      chart: cilium
-      sourceRef:
-        kind: HelmRepository
-        name: cilium
-      version: 1.10.4
-  interval: 5m
-  values:
-    l7Proxy: false
-    encryption:
-      enabled: true
-      type: wireguard
-    hubble:
-      relay:
-        enabled: false
-      ui:
-        enabled: false
-    prometheus:
-      enabled: true
-    operator:
-      prometheus:
-        enabled: true
diff --git a/infrastructure/cilium/repository.yaml b/infrastructure/cilium/repository.yaml
deleted file mode 100644
index 16b7b9540..000000000
--- a/infrastructure/cilium/repository.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta1
-kind: HelmRepository
-metadata:
-  name: cilium
-spec:
-  interval: 30m
-  url: https://helm.cilium.io/
diff --git a/infrastructure/kustomization.yaml b/infrastructure/kustomization.yaml
index 6c97dbb92..8d3320ce6 100644
--- a/infrastructure/kustomization.yaml
+++ b/infrastructure/kustomization.yaml
@@ -1,7 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - cilium
   # kyverno
   - hcloud-csi
   - rook
diff --git a/terraform/firewall.tf b/terraform/firewall.tf
index 2bec9c95f..39e8b028e 100644
--- a/terraform/firewall.tf
+++ b/terraform/firewall.tf
@@ -54,34 +54,6 @@ resource "hcloud_firewall" "k8s-node" {
       port            = "9000-9999"
       source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
   }
-  rule {
-    description     = "Prometheus operator metrics"
-    direction       = "in"
-    protocol        = "tcp"
-    port            = "8472"
-    source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
-  }
-  rule {
-    description     = "Cilium VXLAN"
-    direction       = "in"
-    protocol        = "udp"
-    port            = "8472"
-    source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
-  }
-  rule {
-    description     = "Cilium health checks"
-    direction       = "in"
-    protocol        = "tcp"
-    port            = "4240"
-    source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
-  }
-  rule {
-    description     = "Cilium Wireguard"
-    direction       = "in"
-    protocol        = "udp"
-    port            = "51871"
-    source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
-  }
 }
 
 
-- 
GitLab