Commit Graph

44 Commits

Author SHA1 Message Date
Karim Naufal
cb012699a6
merged staging 2022-05-04 03:24:45 +02:00
Michael Karbowiak
6fa7daa21d Remove the requirement of Helm, and use the K3s HelmChart CRD installation method instead 2022-05-02 22:49:08 +02:00
Philipp
eb99ec5859
Add private CIDR for calico 2022-04-30 00:11:07 +02:00
Karim Naufal
df155b9b3a set policy to abort 2022-03-21 22:13:27 +01:00
Marco Nenciarini
98ccc2742d
Improve stability of traefik load balancer IP
By default, if the helm chart installation or upgrade fails for any
reason, the whole helm chart is deleted and recreated from scratch,
with a new load balancer bound to a new IP.

By setting the traefik helm chart failure policy to `stop`, we prevent
the load balancer service from being recreated in case of chart
upgrade failure, at the cost of requiring manual user intervention to
restore automatic upgrades.
2022-03-21 19:12:16 +01:00
Paul Haerle
ad5af04c0b
Merge branch 'master' into name-suffixes 2022-03-06 21:39:39 +01:00
Michael Schietzsch
adac340457
fix naming-conventions 2022-03-05 11:00:40 +01:00
Michael Schietzsch
8634a1dc2f
added additional traefik option 2022-03-05 07:41:53 +01:00
Karim Naufal
ae731a7746 added a flag for the node names 2022-03-05 04:02:09 +01:00
Karim Naufal
b2d160f33a tweaked traefik name to align with the rest of the ressources 2022-03-05 03:23:42 +01:00
phaer
5cf6f9eef4 add random pet names for cluster & nodes 2022-03-04 22:04:07 +01:00
phaer
52b3d9b82c lb -> load_balancer...
...to keep variables and output naming consistent
2022-02-26 12:10:50 +01:00
phaer
406ba988bf use jsonencode, not template for config.ign 2022-02-19 15:07:39 +01:00
Karim Naufal
1165389fc3 fix ip_not_available error 2022-02-16 10:56:22 +01:00
Karim Naufal
fec695086a k3s-install ready for testing 2022-02-16 03:18:40 +01:00
phaer
347ba42866 replace kustomization.yaml.tpl with yamlencode
benefit is replacing inline strings in yaml with proper files
locally while still just deploying a single file to the remote
host.
2022-02-11 23:49:54 +01:00
phaer
92937f0081 cleanup first control plane provisioning...
* move yaml to subdirectory of /tmp
* reformat loop waiting for /readyz endpoint
* add logging message
* split provisioner because sensitive var.hcloud_token prohibits
  log output
2022-02-11 22:47:57 +01:00
phaer
9dc4952665 Expose kubeconfig in outputs...
* To do so, we need to ensure that the generated kubeconfig is part of
  terraforms dependency graph. This has the additional benefit of not
  depending on local files anymore which should enable multi-user
  setups.

* This also means that we can't deploy CCM, CSI & Traefik from our local
  host, because we don't have kubeconfig.yaml locally while provisioning
  the control plane, only afterwards.

* So we just run kubectl apply on the control plane itself, after k3s is
  ready.

* To do so, we need to deploy all manifests. I've merged the patches
  into a single kustomization.yaml file, because that makes the
  deployment of those files to the control-plane server easier.

* we could also put the traefik config into the same kustomization file,
  which would save us one of the file provisioner blocks. I didn't want
  this PR to get any bigger, and will consider merging this config later
  on. kustomization.yaml is small enough that we could yamlencode() for
  it and store the patches in separate files again, not as
  inline-strings which is kind of ugly.
2022-02-11 12:45:03 +01:00
Karim Naufal
cd6b5e2768 pre master 2022-02-10 03:01:40 +01:00
phaer
cd63a5bc18 re-add agent.conf...
...because it's not worth the necessary overrides/hacks
in the base image to remove it.
2022-02-08 09:00:14 +01:00
phaer
960311ebd4 use yamlencode for k3s configs...
...and remove the now, hopefully unneeded workaround for
agent.conf, all values are in config.yaml now
2022-02-08 09:00:12 +01:00
Marco Nenciarini
7e6eb731dd
Add setting to allow_scheduling_on_control_plane 2022-02-07 16:11:41 +01:00
Karim Naufal
ee7a0af8aa
Merge pull request #43 from mnencia/taint
Taint control-plane nodes with node-role.kubernetes.io/master:NoSchedule
2022-02-07 15:56:39 +01:00
Marco Nenciarini
8ee732e694
Taint control-plane nodes with node-role.kubernetes.io/master:NoSchedule 2022-02-07 12:30:43 +01:00
Marco Nenciarini
f37c6c73c4
Really disable servicelb 2022-02-07 12:29:26 +01:00
Karim Naufal
919e1087f8 added kured and fixed initial ignition disk partitioning 2022-02-07 09:36:21 +01:00
Karim Naufal
fba212de47 added kured and fixed initial ignition disk partitioning 2022-02-07 08:46:10 +01:00
Karim Naufal
7532e7a4d5 initial k3s on MicroOS on Hetzner ok 2022-02-06 08:40:51 +01:00
Marco Nenciarini
63eb166eb9
Configure eth1 and set hostname 2022-02-05 19:34:36 +01:00
Karim Naufal
623954e5ef microOS eth1 still down 2022-02-05 01:22:35 +01:00
Karim Naufal
3f0f0ca705 microOS prep 2022-02-05 00:02:25 +01:00
Olivier Wenger
23d17382ac Replaced httpChallenge with tlsChallenge
Co-authored-by: Marco Nenciarini <mnencia@kcore.it>
2022-02-03 09:29:56 +01:00
Olivier Wenger
285e115475 added letsencrypt configuration for traefik 2022-02-03 09:29:56 +01:00
phaer
b0838c8a01 ingress: don't use private ip, make ipv6 optional 2022-01-25 15:05:29 +01:00
Karim Naufal
cd9bcd9710 added possibility to use latest containers for CCM and CSI 2022-01-15 09:04:21 +01:00
Karim Naufal
8b0e0666ef removed kustomization of CCM and CSI images, now more vanilla 2022-01-14 09:33:34 +01:00
Dennis Hoppe
05332e7ae3
Make version of CCM / CSI configurable 2022-01-13 14:28:00 +01:00
Karim Naufal
7582b7299e Tweaked Readme 2022-01-06 10:59:36 +01:00
Karim Naufal
6944546cfa Tweaked Readme 2022-01-06 07:16:18 +01:00
Karim Naufal
76a1e00805 added traefik 2022-01-05 15:04:22 +01:00
Karim Naufal
5d315c4427 removed disabling of network policy and traefik now default as more capable 2022-01-03 06:15:27 +01:00
Karim Naufal
8de7171cf5 Switched to k3os and removed cilium 2021-12-05 10:50:51 +01:00
Karim Naufal
8113016f86 k3os ok 2021-12-03 02:11:52 +01:00
Karim Naufal
61f8093951 k3os master ok 2021-11-30 23:09:34 +01:00