scottk/homelab
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/homelab.git synced 2025-10-30 17:37:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(ingress): Provision Traefik as an ingress controller

Browse Source
This commit is contained in:
Vegard Hagen
2022-05-29 12:04:44 +02:00
parent 18f8d9ede4
commit c8561e74c2
3 changed files with 98 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
README.md
View File

@@ -1,5 +1,17 @@
A Terraform script to provision a Kubernetes Cluster with stuff A Terraform script to provision a Kubernetes Cluster with stuff
# MAYBE JUST USE MINIKUBE?
```
minikube start --network-plugin=cni --cni=false
```
Need CNI (Cilium) LoadBalancer (MetaLB) and IngressController (Traefik) I think.
https://pgillich.medium.com/setup-on-premise-kubernetes-with-kubeadm-metallb-traefik-and-vagrant-8a9d8d28951a
Interesting: https://github.com/Mosibi/mosibi-kubernetes
# Setup cluster with kubeadm # Setup cluster with kubeadm
Disable swap for kubelet to work properly Disable swap for kubelet to work properly
@@ -22,7 +34,10 @@ sudo apt-get install -y containerd conntrack socat kubelet kubeadm kubectl
cri-ctl: https://github.com/kubernetes-sigs/cri-tools cri-ctl: https://github.com/kubernetes-sigs/cri-tools
nerdctl? nerdctl?
We are going to use Cilium kube-proxy
```shell ```shell
sudo kubeadm init --skip-phases=addon/kube-proxy
sudo kubeadm init sudo kubeadm init
``` ```
@@ -31,8 +46,17 @@ https://kubernetes.io/docs/tasks/tools/
```shell ```shell
mkdir -p $HOME/.kube mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config && sudo chown $(id -u):$(id -g) $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config ```
For remote kubectl
```shell
scp veh@192.168.1.12:/home/veh/.kube/config ~/.kube/config
```
## (Optional) Remove taint for single node use
```shell
kubectl taint nodes --all node-role.kubernetes.io/control-plane- node-role.kubernetes.io/master-
``` ```
## Install CNI ## Install CNI
@@ -40,13 +64,20 @@ We choose Cilium
https://docs.cilium.io/en/stable/gettingstarted/k8s-install-helm/ https://docs.cilium.io/en/stable/gettingstarted/k8s-install-helm/
```shell ```shell
helm repo add cilium https://helm.cilium.io/ cilium install
helm install cilium cilium/cilium --version 1.11.5 --namespace kube-system
``` ```
## (Optional) Remove taint for single node use
```shell ```shell
kubectl taint nodes --all node-role.kubernetes.io/control-plane- node-role.kubernetes.io/master- helm repo add cilium https://helm.cilium.io/
```
```shell
kubectl -n kube-system get pods --watch
```
### Validate
```shell
kubectl -n kube-system get pods -l k8s-app=cilium
``` ```
## Deploy using Terraform ## Deploy using Terraform
@@ -58,6 +89,8 @@ terraform apply
## Cleanup ## Cleanup
```shell ```shell
kubectl drain <node name> --delete-emptydir-data --force --ignore-daemonsets kubectl drain ratatoskr --delete-emptydir-data --force --ignore-daemonsets
kubeadm reset sudo kubeadm reset
sudo iptables -F && sudo iptables -t nat -F && sudo iptables -t mangle -F && sudo iptables -X
sudo ipvsadm -C
``` ```

14
dashboard.yaml Normal file
View File

@@ -0,0 +1,14 @@
# dashboard.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: dashboard
spec:
entryPoints:
- web
routes:
- match: Host(`traefik.localhost`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
kind: Rule
services:
- name: api@internal
kind: TraefikService

46
main.tf
View File

@@ -4,12 +4,16 @@ terraform {
source = "hashicorp/kubernetes" source = "hashicorp/kubernetes"
version = ">= 2.0.0" version = ">= 2.0.0"
} }
helm = {
source = "hashicorp/helm"
version = ">= 2.5.0"
}
} }
} }
#provider "kubernetes" { provider "kubernetes" {
# config_path = "~/.kube/config" config_path = "~/.kube/config"
#} }
provider "helm" { provider "helm" {
kubernetes { kubernetes {
@@ -24,9 +28,43 @@ resource "helm_release" "cilium" {
chart = "cilium" chart = "cilium"
namespace = "kube-system" namespace = "kube-system"
version = "1.11.5" version = "1.11.5"
} }
#resource "kubernetes_namespace" "traefik" {
# metadata {
# name = "traefik"
# }
#}
#resource "helm_release" "traefik" {
# name = "traefik"
#
# repository = "https://helm.traefik.io/traefik"
# chart = "traefik"
# namespace = "traefik"
# version = "10.20.0"
#}
#resource "kubernetes_service" "traefik" {
# metadata {
# name = "traefik"
# namespace = kubernetes_namespace.traefik.metadata.0.name
# }
# spec {
# selector = {
# app = helm_release.traefik.manifest
# #app = kubernetes_deployment.test.spec.0.template.0.metadata.0.labels.app
# }
#
# type = "NodePort"
# port {
# node_port = 9001
# port = 9000
# target_port = 9000
# }
# }
#}
#resource "kubernetes_namespace" "test" { #resource "kubernetes_namespace" "test" {
# metadata { # metadata {
# name = "nginx" # name = "nginx"