Add private CIDR for calico
This commit is contained in:
parent
bfdca599b9
commit
eb99ec5859
26
init.tf
26
init.tf
@ -89,9 +89,9 @@ resource "null_resource" "kustomization" {
|
|||||||
, var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []),
|
, var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []),
|
||||||
patchesStrategicMerge = concat([
|
patchesStrategicMerge = concat([
|
||||||
file("${path.module}/kustomize/kured.yaml"),
|
file("${path.module}/kustomize/kured.yaml"),
|
||||||
file("${path.module}/kustomize/ccm.yaml"),
|
file("${path.module}/kustomize/system-upgrade-controller.yaml"),
|
||||||
file("${path.module}/kustomize/system-upgrade-controller.yaml")
|
"ccm.yaml"
|
||||||
], var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico.yaml")] : [])
|
], var.cni_plugin == "calico" ? ["calico.yaml"] : [])
|
||||||
})
|
})
|
||||||
destination = "/var/post_install/kustomization.yaml"
|
destination = "/var/post_install/kustomization.yaml"
|
||||||
}
|
}
|
||||||
@ -112,6 +112,26 @@ resource "null_resource" "kustomization" {
|
|||||||
destination = "/var/post_install/traefik_config.yaml"
|
destination = "/var/post_install/traefik_config.yaml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Upload the CCM patch config
|
||||||
|
provisioner "file" {
|
||||||
|
content = templatefile(
|
||||||
|
"${path.module}/templates/ccm.yaml.tpl",
|
||||||
|
{
|
||||||
|
cluster_cidr_ipv4 = local.cluster_cidr_ipv4
|
||||||
|
})
|
||||||
|
destination = "/var/post_install/ccm.yaml"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Upload the calico patch config
|
||||||
|
provisioner "file" {
|
||||||
|
content = templatefile(
|
||||||
|
"${path.module}/templates/calico.yaml.tpl",
|
||||||
|
{
|
||||||
|
cluster_cidr_ipv4 = local.cluster_cidr_ipv4
|
||||||
|
})
|
||||||
|
destination = "/var/post_install/calico.yaml"
|
||||||
|
}
|
||||||
|
|
||||||
# Upload the system upgrade controller plans config
|
# Upload the system upgrade controller plans config
|
||||||
provisioner "file" {
|
provisioner "file" {
|
||||||
content = templatefile(
|
content = templatefile(
|
||||||
|
@ -87,6 +87,9 @@ locals {
|
|||||||
hetzner_metadata_service_ipv4 = "169.254.169.254/32"
|
hetzner_metadata_service_ipv4 = "169.254.169.254/32"
|
||||||
hetzner_cloud_api_ipv4 = "213.239.246.1/32"
|
hetzner_cloud_api_ipv4 = "213.239.246.1/32"
|
||||||
|
|
||||||
|
# internal Pod CIDR, used for the controller and currently for calico
|
||||||
|
cluster_cidr_ipv4 = "10.42.0.0/16"
|
||||||
|
|
||||||
whitelisted_ips = [
|
whitelisted_ips = [
|
||||||
local.network_ipv4_cidr,
|
local.network_ipv4_cidr,
|
||||||
local.hetzner_metadata_service_ipv4,
|
local.hetzner_metadata_service_ipv4,
|
||||||
|
@ -14,3 +14,8 @@ spec:
|
|||||||
hostPath:
|
hostPath:
|
||||||
type: DirectoryOrCreate
|
type: DirectoryOrCreate
|
||||||
path: /var/lib/kubelet/volumeplugins/nodeagent~uds
|
path: /var/lib/kubelet/volumeplugins/nodeagent~uds
|
||||||
|
containers:
|
||||||
|
- name: calico-node
|
||||||
|
env:
|
||||||
|
- name: CALICO_IPV4POOL_CIDR
|
||||||
|
value: "${cluster_cidr_ipv4}"
|
@ -14,4 +14,4 @@ spec:
|
|||||||
- "--leader-elect=false"
|
- "--leader-elect=false"
|
||||||
- "--allow-untagged-cloud"
|
- "--allow-untagged-cloud"
|
||||||
- "--allocate-node-cidrs=true"
|
- "--allocate-node-cidrs=true"
|
||||||
- "--cluster-cidr=10.42.0.0/16"
|
- "--cluster-cidr=${cluster_cidr_ipv4}"
|
Loading…
Reference in New Issue
Block a user