Add private CIDR for calico

This commit is contained in:
Philipp 2022-04-30 00:11:07 +02:00
parent bfdca599b9
commit eb99ec5859
No known key found for this signature in database
GPG Key ID: 24A7501396EB5432
4 changed files with 32 additions and 4 deletions

26
init.tf
View File

@ -89,9 +89,9 @@ resource "null_resource" "kustomization" {
, var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []), , var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []),
patchesStrategicMerge = concat([ patchesStrategicMerge = concat([
file("${path.module}/kustomize/kured.yaml"), file("${path.module}/kustomize/kured.yaml"),
file("${path.module}/kustomize/ccm.yaml"), file("${path.module}/kustomize/system-upgrade-controller.yaml"),
file("${path.module}/kustomize/system-upgrade-controller.yaml") "ccm.yaml"
], var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico.yaml")] : []) ], var.cni_plugin == "calico" ? ["calico.yaml"] : [])
}) })
destination = "/var/post_install/kustomization.yaml" destination = "/var/post_install/kustomization.yaml"
} }
@ -112,6 +112,26 @@ resource "null_resource" "kustomization" {
destination = "/var/post_install/traefik_config.yaml" destination = "/var/post_install/traefik_config.yaml"
} }
# Upload the CCM patch config
provisioner "file" {
content = templatefile(
"${path.module}/templates/ccm.yaml.tpl",
{
cluster_cidr_ipv4 = local.cluster_cidr_ipv4
})
destination = "/var/post_install/ccm.yaml"
}
# Upload the calico patch config
provisioner "file" {
content = templatefile(
"${path.module}/templates/calico.yaml.tpl",
{
cluster_cidr_ipv4 = local.cluster_cidr_ipv4
})
destination = "/var/post_install/calico.yaml"
}
# Upload the system upgrade controller plans config # Upload the system upgrade controller plans config
provisioner "file" { provisioner "file" {
content = templatefile( content = templatefile(

View File

@ -87,6 +87,9 @@ locals {
hetzner_metadata_service_ipv4 = "169.254.169.254/32" hetzner_metadata_service_ipv4 = "169.254.169.254/32"
hetzner_cloud_api_ipv4 = "213.239.246.1/32" hetzner_cloud_api_ipv4 = "213.239.246.1/32"
# internal Pod CIDR, used for the controller and currently for calico
cluster_cidr_ipv4 = "10.42.0.0/16"
whitelisted_ips = [ whitelisted_ips = [
local.network_ipv4_cidr, local.network_ipv4_cidr,
local.hetzner_metadata_service_ipv4, local.hetzner_metadata_service_ipv4,

View File

@ -14,3 +14,8 @@ spec:
hostPath: hostPath:
type: DirectoryOrCreate type: DirectoryOrCreate
path: /var/lib/kubelet/volumeplugins/nodeagent~uds path: /var/lib/kubelet/volumeplugins/nodeagent~uds
containers:
- name: calico-node
env:
- name: CALICO_IPV4POOL_CIDR
value: "${cluster_cidr_ipv4}"

View File

@ -14,4 +14,4 @@ spec:
- "--leader-elect=false" - "--leader-elect=false"
- "--allow-untagged-cloud" - "--allow-untagged-cloud"
- "--allocate-node-cidrs=true" - "--allocate-node-cidrs=true"
- "--cluster-cidr=10.42.0.0/16" - "--cluster-cidr=${cluster_cidr_ipv4}"