From ba2ab6435b5f381a075c35c39d14a1d7596d7a45 Mon Sep 17 00:00:00 2001 From: Vegard Hagen Date: Sat, 10 Aug 2024 17:56:54 +0200 Subject: [PATCH] chore(cleanup): Cleanup after cluster rebuild --- .../homepage/blog/remark42/deployment.yaml | 6 +++ k8s/apps/media/arr/lidarr/deployment.yaml | 1 + k8s/apps/media/arr/prowlarr/deployment.yaml | 1 + k8s/apps/media/arr/radarr/deployment.yaml | 1 + k8s/apps/media/arr/sonarr/deployment.yaml | 1 + k8s/apps/media/arr/torrent/deployment.yaml | 1 + k8s/apps/media/jellyfin/pvc.yaml | 2 +- k8s/apps/media/plex/pvc.yaml | 2 +- k8s/infra/network/gateway/gw-euclid.yaml | 24 ----------- k8s/infra/network/gateway/kustomization.yaml | 1 - tofu/kubernetes/main.tf | 24 +++++------ tofu/kubernetes/output.tf | 5 +++ tofu/kubernetes/providers.tf | 2 +- tofu/kubernetes/talos/config.tf | 10 +++-- tofu/kubernetes/talos/image.tf | 41 +++++++++++++++++++ tofu/kubernetes/talos/output.tf | 3 +- tofu/kubernetes/talos/providers.tf | 2 +- 17 files changed, 81 insertions(+), 46 deletions(-) delete mode 100644 k8s/infra/network/gateway/gw-euclid.yaml diff --git a/k8s/apps/homepage/blog/remark42/deployment.yaml b/k8s/apps/homepage/blog/remark42/deployment.yaml index f8894fe..f623a78 100644 --- a/k8s/apps/homepage/blog/remark42/deployment.yaml +++ b/k8s/apps/homepage/blog/remark42/deployment.yaml @@ -51,6 +51,8 @@ spec: volumeMounts: - name: remark42 mountPath: /srv/var + - name: backup + mountPath: /backup resources: requests: cpu: 50m @@ -62,3 +64,7 @@ spec: - name: remark42 persistentVolumeClaim: claimName: remark42 + - name: backup + nfs: + server: 192.168.1.55 + path: /mnt/pool-0/backup diff --git a/k8s/apps/media/arr/lidarr/deployment.yaml b/k8s/apps/media/arr/lidarr/deployment.yaml index d35ed80..783b515 100644 --- a/k8s/apps/media/arr/lidarr/deployment.yaml +++ b/k8s/apps/media/arr/lidarr/deployment.yaml @@ -42,6 +42,7 @@ spec: envFrom: - configMapRef: name: common-env + optional: true volumeMounts: - name: lidarr-config mountPath: /config diff --git a/k8s/apps/media/arr/prowlarr/deployment.yaml b/k8s/apps/media/arr/prowlarr/deployment.yaml index 831d24e..cf96f32 100644 --- a/k8s/apps/media/arr/prowlarr/deployment.yaml +++ b/k8s/apps/media/arr/prowlarr/deployment.yaml @@ -42,6 +42,7 @@ spec: envFrom: - configMapRef: name: common-env + optional: true volumeMounts: - name: prowlarr-config mountPath: /config diff --git a/k8s/apps/media/arr/radarr/deployment.yaml b/k8s/apps/media/arr/radarr/deployment.yaml index bfbb55d..2ba71e6 100644 --- a/k8s/apps/media/arr/radarr/deployment.yaml +++ b/k8s/apps/media/arr/radarr/deployment.yaml @@ -42,6 +42,7 @@ spec: envFrom: - configMapRef: name: common-env + optional: true volumeMounts: - name: radarr-config mountPath: /config diff --git a/k8s/apps/media/arr/sonarr/deployment.yaml b/k8s/apps/media/arr/sonarr/deployment.yaml index 9c363bd..06d1815 100644 --- a/k8s/apps/media/arr/sonarr/deployment.yaml +++ b/k8s/apps/media/arr/sonarr/deployment.yaml @@ -42,6 +42,7 @@ spec: envFrom: - configMapRef: name: common-env + optional: true volumeMounts: - name: sonarr-config mountPath: /config diff --git a/k8s/apps/media/arr/torrent/deployment.yaml b/k8s/apps/media/arr/torrent/deployment.yaml index eb5dcb1..48e11cf 100644 --- a/k8s/apps/media/arr/torrent/deployment.yaml +++ b/k8s/apps/media/arr/torrent/deployment.yaml @@ -63,6 +63,7 @@ spec: envFrom: - configMapRef: name: common-env + optional: true volumeMounts: - name: torrent-config mountPath: /config diff --git a/k8s/apps/media/jellyfin/pvc.yaml b/k8s/apps/media/jellyfin/pvc.yaml index 9ab3d56..59319f0 100644 --- a/k8s/apps/media/jellyfin/pvc.yaml +++ b/k8s/apps/media/jellyfin/pvc.yaml @@ -5,7 +5,7 @@ metadata: namespace: jellyfin spec: storageClassName: proxmox-csi - volumeName: pv-jellyfin-config + volumeName: pv-jellyfin accessModes: - ReadWriteOnce resources: diff --git a/k8s/apps/media/plex/pvc.yaml b/k8s/apps/media/plex/pvc.yaml index 4b6e189..c82e8a9 100644 --- a/k8s/apps/media/plex/pvc.yaml +++ b/k8s/apps/media/plex/pvc.yaml @@ -5,7 +5,7 @@ metadata: namespace: plex spec: storageClassName: proxmox-csi - volumeName: pv-plex-config + volumeName: pv-plex accessModes: - ReadWriteOnce resources: diff --git a/k8s/infra/network/gateway/gw-euclid.yaml b/k8s/infra/network/gateway/gw-euclid.yaml deleted file mode 100644 index baf5152..0000000 --- a/k8s/infra/network/gateway/gw-euclid.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: gateway.networking.k8s.io/v1 -kind: Gateway -metadata: - name: euclid - namespace: gateway - annotations: - cert-manager.io/issuer: cloudflare-issuer -spec: - gatewayClassName: cilium - infrastructure: - annotations: - io.cilium/lb-ipam-ips: 192.168.1.220 - listeners: - - protocol: HTTPS - port: 443 - name: https-gateway - hostname: "*.euclid.stonegarden.dev" - tls: - certificateRefs: - - kind: Secret - name: cert-euclid - allowedRoutes: - namespaces: - from: All diff --git a/k8s/infra/network/gateway/kustomization.yaml b/k8s/infra/network/gateway/kustomization.yaml index 35490c5..c648aeb 100644 --- a/k8s/infra/network/gateway/kustomization.yaml +++ b/k8s/infra/network/gateway/kustomization.yaml @@ -6,6 +6,5 @@ resources: - ns.yaml - cloudflare-api-token.yaml - cloudflare-issuer.yaml - - gw-euclid.yaml - gw-stonegarden.yaml - gw-tls-passthrough.yaml diff --git a/tofu/kubernetes/main.tf b/tofu/kubernetes/main.tf index 5ed31e9..a867801 100644 --- a/tofu/kubernetes/main.tf +++ b/tofu/kubernetes/main.tf @@ -6,7 +6,7 @@ module "talos" { } image = { - version = "v1.7.6" + version = "v1.8.0-alpha.1" schematic = file("${path.module}/talos/image/schematic.yaml") } @@ -17,9 +17,9 @@ module "talos" { cluster = { name = "talos" - endpoint = "192.168.1.101" + endpoint = "192.168.1.102" gateway = "192.168.1.1" - talos_version = "v1.7" + talos_version = "v1.8" proxmox_cluster = "homelab" } @@ -53,15 +53,15 @@ module "talos" { cpu = 4 ram_dedicated = 4096 } - "work-00" = { - host_node = "abel" - machine_type = "controlplane" - ip = "192.168.1.110" - mac_address = "BC:24:11:2E:A8:00" - vm_id = 810 - cpu = 8 - ram_dedicated = 4096 - } +# "work-00" = { +# host_node = "abel" +# machine_type = "worker" +# ip = "192.168.1.110" +# mac_address = "BC:24:11:2E:A8:00" +# vm_id = 810 +# cpu = 8 +# ram_dedicated = 4096 +# } } } diff --git a/tofu/kubernetes/output.tf b/tofu/kubernetes/output.tf index 36c4601..8f8fe7b 100644 --- a/tofu/kubernetes/output.tf +++ b/tofu/kubernetes/output.tf @@ -26,3 +26,8 @@ output "talos_config" { value = module.talos.client_configuration.talos_config sensitive = true } + +output "image_schematic" { + // "dcac6b92c17d1d8947a0cee5e0e6b6904089aa878c70d66196bb1138dbd05d1a" + value = module.talos.schematic_id +} \ No newline at end of file diff --git a/tofu/kubernetes/providers.tf b/tofu/kubernetes/providers.tf index c948dd0..8d810e9 100644 --- a/tofu/kubernetes/providers.tf +++ b/tofu/kubernetes/providers.tf @@ -10,7 +10,7 @@ terraform { } talos = { source = "siderolabs/talos" - version = "0.5.0" + version = "0.6.0-alpha.1" } restapi = { source = "Mastercard/restapi" diff --git a/tofu/kubernetes/talos/config.tf b/tofu/kubernetes/talos/config.tf index 419e71b..1fa2da4 100644 --- a/tofu/kubernetes/talos/config.tf +++ b/tofu/kubernetes/talos/config.tf @@ -47,8 +47,9 @@ resource "talos_machine_configuration_apply" "this" { resource "talos_machine_bootstrap" "this" { depends_on = [talos_machine_configuration_apply.this] - for_each = var.nodes - node = each.value.ip + //for_each = var.nodes + //node = each.value.ip + node = [for k, v in var.nodes : v.ip if v.machine_type == "controlplane"][2] endpoint = var.cluster.endpoint client_configuration = talos_machine_secrets.this.client_configuration } @@ -58,6 +59,7 @@ data "talos_cluster_health" "this" { talos_machine_configuration_apply.this, talos_machine_bootstrap.this ] + skip_kubernetes_checks = false client_configuration = data.talos_client_configuration.this.client_configuration control_plane_nodes = [for k, v in var.nodes : v.ip if v.machine_type == "controlplane"] worker_nodes = [for k, v in var.nodes : v.ip if v.machine_type == "worker"] @@ -67,12 +69,12 @@ data "talos_cluster_health" "this" { } } -data "talos_cluster_kubeconfig" "this" { +resource "talos_cluster_kubeconfig" "this" { depends_on = [ talos_machine_bootstrap.this, data.talos_cluster_health.this ] - node = [for k, v in var.nodes : v.ip if v.machine_type == "controlplane"][1] + node = [for k, v in var.nodes : v.ip if v.machine_type == "controlplane"][2] endpoint = var.cluster.endpoint client_configuration = talos_machine_secrets.this.client_configuration timeouts = { diff --git a/tofu/kubernetes/talos/image.tf b/tofu/kubernetes/talos/image.tf index 38d3630..e051b28 100644 --- a/tofu/kubernetes/talos/image.tf +++ b/tofu/kubernetes/talos/image.tf @@ -2,11 +2,13 @@ locals { version = var.image.version schematic = var.image.schematic schematic_id = jsondecode(data.http.schematic_id.response_body)["id"] + #schematic_id = talos_image_factory_schematic.this.id image_id = "${local.schematic_id}_${local.version}" update_version = coalesce(var.image.update_version, var.image.version) update_schematic = coalesce(var.image.update_schematic, var.image.schematic) update_schematic_id = jsondecode(data.http.updated_schematic_id.response_body)["id"] + #update_schematic_id = talos_image_factory_schematic.this.id update_image_id = "${local.update_schematic_id}_${local.update_version}" } @@ -22,6 +24,45 @@ data "http" "updated_schematic_id" { request_body = local.update_schematic } +/* Testing out new provider schematic feature */ + +data "talos_image_factory_extensions_versions" "this" { + talos_version = var.image.version + filters = { + names = [ + "i915-ucode", + "intel-ucode", + "qemu-guest-agent" + ] + } +} + +resource "talos_image_factory_schematic" "generated" { + schematic = yamlencode( + { + customization = { + systemExtensions = { + officialExtensions = data.talos_image_factory_extensions_versions.this.extensions_info.*.name + } + } + } + ) +} + +output "schematic_id" { + value = talos_image_factory_schematic.generated.id +} + +resource "talos_image_factory_schematic" "this" { + schematic = local.schematic +} + +resource "talos_image_factory_schematic" "updated" { + schematic = local.update_schematic +} + +/* Testing out new provider schematic feature */ + resource "proxmox_virtual_environment_download_file" "this" { for_each = toset(distinct([for k, v in var.nodes : "${v.host_node}_${v.update == true ? local.update_image_id : local.image_id}"])) diff --git a/tofu/kubernetes/talos/output.tf b/tofu/kubernetes/talos/output.tf index f24e678..eaec952 100644 --- a/tofu/kubernetes/talos/output.tf +++ b/tofu/kubernetes/talos/output.tf @@ -8,6 +8,7 @@ output "client_configuration" { } output "kube_config" { - value = data.talos_cluster_kubeconfig.this + #value = data.talos_cluster_kubeconfig.this + value = talos_cluster_kubeconfig.this sensitive = true } diff --git a/tofu/kubernetes/talos/providers.tf b/tofu/kubernetes/talos/providers.tf index 6c36705..6497804 100644 --- a/tofu/kubernetes/talos/providers.tf +++ b/tofu/kubernetes/talos/providers.tf @@ -6,7 +6,7 @@ terraform { } talos = { source = "siderolabs/talos" - version = ">=0.5.0" + version = ">=0.6.0-alpha.1" } } }