17654835e7
Bootstrap manifests for the GX10 cluster platform layer (NUC->GX10 migration). Direct-applied to GX10 + LIVE: step-ca-acme ClusterIssuer Ready (ACME->noc1 step-ca), Traefik v3.6.10 via RKE2 HelmChart CRD at MetalLB VIP 10.0.57.202 (prod-pool, temp parallel-run; no clash with live old .200). Under gx10/ NOT apps/* to avoid the old ApplicationSet auto-deploying GX10 manifests to the OLD cluster.
GX10 cluster platform layer (NOT old-cluster ArgoCD)
These manifests bootstrap the GX10 RKE2 cluster's platform layer for the NUC→GX10
migration. They are direct-applied to the GX10 (its own kubectl) during
bootstrap, and live under gx10/ (NOT apps/) so the OLD cluster's bluejay-infra
ApplicationSet (whose apps/* generator targets the OLD cluster) does NOT
auto-deploy them there. Once ArgoCD is stood up on the GX10, a GX10-only
ApplicationSet (apps-gx10/*) will own these.
step-ca-acme.yaml— cert-manager ClusterIssuer (ACME → noc1 step-ca, in-spec caBundle). APPLIED + Ready.traefik-helmchart.yaml— Traefik v3.6.10 (chart 39.0.5) via the RKE2 HelmChart CRD, LoadBalancer VIP 10.0.57.202 (prod-pool; temp parallel-run VIP — canonical .200 reclaimed at cutover). APPLIED.
cert-manager v1.17.2 was installed separately (upstream static manifest). See
docs/ai-agents/gx10-migration-continuation-2026-06-14.md + memory
project_gx10_ai_node_2026_06_13.