From 5a716387a89f04629ec63141fda2e4b3b199d5e9 Mon Sep 17 00:00:00 2001
From: Vegard Hagen <vegard@edgeworks.no>
Date: Sun, 19 Jun 2022 16:38:08 +0200
Subject: [PATCH] feat(LoadBalancer): Adding MetalLB

---
 COMPONENTS.md            |   3 +-
 README.md                |  17 +++-
 crd.yaml                 |  34 +++++++
 dashboard.yaml           |   2 +-
 helm/metallb-values.yaml |   6 ++
 main.tf                  | 186 ++++++++++++++++++++-------------------
 6 files changed, 153 insertions(+), 95 deletions(-)
 create mode 100644 crd.yaml
 create mode 100644 helm/metallb-values.yaml

diff --git a/COMPONENTS.md b/COMPONENTS.md
index 90f7579..3bd46a5 100644
--- a/COMPONENTS.md
+++ b/COMPONENTS.md
@@ -1,7 +1,8 @@
 kubespray
 Argo autopilot
 
-Cilium
+CNI: Cilium
+LoadBalancer: MetalLB
 Traefik
 cert-manager?
 ArgoCD
diff --git a/README.md b/README.md
index f98daa5..81d9b33 100644
--- a/README.md
+++ b/README.md
@@ -35,9 +35,9 @@ cri-ctl: https://github.com/kubernetes-sigs/cri-tools
 nerdctl?
 
 
-We are going to use Cilium kube-proxy
+We are going to use Cilium kube-proxy (TODO)
 ```shell
-sudo kubeadm init --skip-phases=addon/kube-proxy
+sudo kubeadm init --skip-phases=addon/kube-proxy (TODO)
 sudo kubeadm init 
 ```
 
@@ -80,6 +80,12 @@ kubectl -n kube-system get pods --watch
 kubectl -n kube-system get pods -l k8s-app=cilium
 ```
 
+## MetalLB
+```shell
+helm repo add metallb https://metallb.github.io/metallb
+helm install metallb metallb/metallb
+```
+
 ## Deploy using Terraform
 https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/guides/getting-started
 ```shell
@@ -87,6 +93,13 @@ terraform plan
 terraform apply
 ```
 
+## Traefik IngressRoute CRD
+https://doc.traefik.io/traefik/v2.0/routing/providers/kubernetes-crd/
+```shell
+
+```
+
+
 ## Cleanup
 ```shell
 kubectl drain ratatoskr --delete-emptydir-data --force --ignore-daemonsets
diff --git a/crd.yaml b/crd.yaml
new file mode 100644
index 0000000..fc96abf
--- /dev/null
+++ b/crd.yaml
@@ -0,0 +1,34 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: ingressroutes.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  versions:
+    - name: v1
+      served: true
+      storage: true
+  names:
+    kind: IngressRoute
+    plural: ingressroutes
+    singular: ingressroute
+  scope: Namespaced
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: ingressroutetcps.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  versions:
+    - name: v1
+      served: true
+      storage: true
+  names:
+    kind: IngressRouteTCP
+    plural: ingressroutetcps
+    singular: ingressroutetcp
+  scope: Namespaced
\ No newline at end of file
diff --git a/dashboard.yaml b/dashboard.yaml
index c9e3c6c..5e560fb 100644
--- a/dashboard.yaml
+++ b/dashboard.yaml
@@ -7,7 +7,7 @@ spec:
   entryPoints:
     - web
   routes:
-    - match: Host(`traefik.localhost`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
+    - match: Host(`traefik.ratatoskr.myddns.rocks`)
       kind: Rule
       services:
         - name: api@internal
diff --git a/helm/metallb-values.yaml b/helm/metallb-values.yaml
new file mode 100644
index 0000000..06b6e2b
--- /dev/null
+++ b/helm/metallb-values.yaml
@@ -0,0 +1,6 @@
+configInline:
+  address-pools:
+    - name: default
+      protocol: layer2
+      addresses:
+        - 192.168.1.240-192.168.1.250
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 97f26cb..c25059f 100644
--- a/main.tf
+++ b/main.tf
@@ -4,7 +4,7 @@ terraform {
       source  = "hashicorp/kubernetes"
       version = ">= 2.0.0"
     }
-    helm = {
+    helm       = {
       source  = "hashicorp/helm"
       version = ">= 2.5.0"
     }
@@ -21,99 +21,103 @@ provider "helm" {
   }
 }
 
-resource "helm_release" "cilium" {
-  name = "cilium"
+#resource "helm_release" "cilium" {
+#  name = "cilium"
+#
+#  repository = "https://helm.cilium.io"
+#  chart      = "cilium"
+#  namespace  = "kube-system"
+#  version    = "1.11.5"
+#}
 
-  repository = "https://helm.cilium.io"
-  chart      = "cilium"
-  namespace  = "kube-system"
-  version    = "1.11.5"
+resource "kubernetes_namespace" "traefik" {
+  metadata {
+    name = "traefik"
+  }
 }
 
-#resource "kubernetes_namespace" "traefik" {
-#  metadata {
-#    name = "traefik"
-#  }
-#}
+resource "helm_release" "traefik" {
+  name = "traefik"
 
-#resource "helm_release" "traefik" {
-#  name = "traefik"
-#
-#  repository = "https://helm.traefik.io/traefik"
-#  chart = "traefik"
-#  namespace = "traefik"
-#  version = "10.20.0"
-#}
+  repository = "https://helm.traefik.io/traefik"
+  chart      = "traefik"
+  namespace  = "traefik"
+  version    = "10.20.0"
 
-#resource "kubernetes_service" "traefik" {
-#  metadata {
-#    name      = "traefik"
-#    namespace = kubernetes_namespace.traefik.metadata.0.name
-#  }
-#  spec {
-#    selector = {
-#      app = helm_release.traefik.manifest
-#      #app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
-#    }
-#
-#    type = "NodePort"
-#    port {
-#      node_port   = 9001
-#      port        = 9000
-#      target_port = 9000
-#    }
-#  }
-#}
+}
 
-#resource "kubernetes_namespace" "test" {
-#  metadata {
-#    name = "nginx"
-#  }
-#}
-#resource "kubernetes_deployment" "test" {
-#  metadata {
-#    name      = "nginx"
-#    namespace = kubernetes_namespace.test.metadata.0.name
-#  }
-#  spec {
-#    replicas = 2
-#    selector {
-#      match_labels = {
-#        app = "MyTestApp"
-#      }
-#    }
-#    template {
-#      metadata {
-#        labels = {
-#          app = "MyTestApp"
-#        }
-#      }
-#      spec {
-#        container {
-#          image = "nginx"
-#          name  = "nginx-container"
-#          port {
-#            container_port = 80
-#          }
-#        }
-#      }
-#    }
-#  }
-#}
-#resource "kubernetes_service" "test" {
-#  metadata {
-#    name      = "nginx"
-#    namespace = kubernetes_namespace.test.metadata.0.name
-#  }
-#  spec {
-#    selector = {
-#      app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
-#    }
-#    type = "NodePort"
-#    port {
-#      node_port   = 30201
-#      port        = 80
-#      target_port = 80
-#    }
-#  }
-#}
+resource "kubernetes_service" "traefik" {
+  metadata {
+    name      = "traefik"
+    namespace = kubernetes_namespace.traefik.metadata.0.name
+  }
+  spec {
+    selector = {
+      # Standard Helm chart label to locate pods
+      "app.kubernetes.io/name" = helm_release.traefik.name
+    }
+
+    type = "LoadBalancer"
+    port {
+      protocol    = "TCP"
+      port        = 80    # External exposed port to reach container
+      target_port = 9000  # Internal exposed port of container
+    }
+  }
+}
+
+resource "kubernetes_namespace" "test" {
+  metadata {
+    name = "nginx"
+  }
+}
+
+resource "kubernetes_deployment" "test" {
+  metadata {
+    name      = "nginx"
+    namespace = kubernetes_namespace.test.metadata.0.name
+  }
+  spec {
+    replicas = 2
+    selector {
+      match_labels = {
+        app = "MyTestApp"
+      }
+    }
+    template {
+      metadata {
+        labels = {
+          app = "MyTestApp"
+        }
+      }
+      spec {
+        container {
+          image = "nginx"
+          name  = "nginx-container"
+          port {
+            container_port = 80
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "test" {
+  metadata {
+    name      = "nginx"
+    namespace = kubernetes_namespace.test.metadata.0.name
+  }
+  spec {
+    selector = {
+      app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
+    }
+
+    type = "LoadBalancer"
+    port {
+      protocol    = "TCP"
+      port        = 80
+      target_port = 80
+    }
+  }
+}