Fix ipv6 for worker nodes

hetzner/.gitignore

@@ -1,3 +1,4 @@
 _cfgs/
 controlplane-*.yaml
 templates/controlplane.yaml
+*.patch

hetzner/Makefile

@@ -6,6 +6,10 @@ prepare-image:
 	terraform init
 	terraform apply -auto-approve
 
+create-lb:
+	terraform init
+	terraform apply -auto-approve -target=hcloud_load_balancer.api
+
 create-config:
 	talosctl gen config --output-dir _cfgs --with-docs=false --with-examples=false talos-k8s-hezner https://127.0.0.1:6443
 
@@ -22,7 +26,6 @@ create-templates:
 	@yq eval -j '{"kubernetes": .}' _cfgs/tfstate.vars > terraform.tfvars.json
 
 create-controlplane:
-	terraform init
 	terraform apply -target=null_resource.controlplane
 
 create-infrastructure:

hetzner/instances-master.tf

@@ -36,7 +36,7 @@ resource "local_file" "controlplane" {
   count = lookup(var.controlplane, "count", 0)
   content = templatefile("${path.module}/templates/controlplane.yaml",
     merge(var.kubernetes, {
-      name           = "kube-api-${count.index + 1}"
+      name           = "master-${count.index + 1}"
       type           = count.index == 0 ? "init" : "controlplane"
       ipv4_local     = cidrhost(hcloud_network_subnet.core.ip_range, 11 + count.index)
       ipv4           = hcloud_server.controlplane[count.index].ipv4_address
@@ -48,7 +48,7 @@ resource "local_file" "controlplane" {
       hcloud_token   = var.hcloud_token
     })
   )
-  filename        = "controlplane-${count.index + 1}.yaml"
+  filename        = "_cfgs/controlplane-${count.index + 1}.yaml"
   file_permission = "0640"
 
   depends_on = [hcloud_server.controlplane]
@@ -57,7 +57,7 @@ resource "local_file" "controlplane" {
 resource "null_resource" "controlplane" {
   count = lookup(var.controlplane, "count", 0)
   provisioner "local-exec" {
-    command = "sleep 60 && talosctl apply-config --insecure --nodes ${hcloud_server.controlplane[count.index].ipv4_address} --file controlplane-${count.index + 1}.yaml"
+    command = "sleep 60 && talosctl apply-config --insecure --nodes ${hcloud_server.controlplane[count.index].ipv4_address} --file _cfgs/controlplane-${count.index + 1}.yaml"
   }
   depends_on = [hcloud_load_balancer_target.api, local_file.controlplane]
 }

hetzner/modules/templates/worker-patch.json.tpl

@@ -0,0 +1,32 @@
+[
+{ "op": "replace", "path": "/machine/network/interfaces", "value": [
+        {
+          "interface": "eth0",
+          "dhcp": true
+        },
+        {
+          "interface": "eth0",
+          "cidr": "${ipv6_address}/64",
+          "routes": [
+            {
+              "network": "::/0",
+              "gateway": "fe80::1",
+              "metric": 1024
+            }
+          ]
+        },
+        {
+          "interface": "eth1",
+          "dhcp": true
+        },
+        {
+          "interface": "dummy0",
+          "cidr": "169.254.2.53/32"
+        },
+        {
+          "interface": "dummy0",
+          "cidr": "fd00::169:254:2:53/128"
+        }
+      ]
+}
+]

hetzner/modules/worker/main.tf

@@ -30,6 +30,14 @@ resource "hcloud_server" "worker" {
       ssh_keys,
     ]
   }
+
+  # IPv6 hack
+  provisioner "local-exec" {
+    command = "echo '${templatefile("${path.module}/../templates/worker-patch.json.tpl", { ipv6_address = self.ipv6_address })}' > _cfgs/${var.vm_name}${count.index + 1}.patch"
+  }
+  provisioner "local-exec" {
+    command = "sleep 120 && talosctl --talosconfig _cfgs/talosconfig patch --nodes ${cidrhost(var.subnet, var.vm_ip_start + count.index)} machineconfig --patch-file _cfgs/${var.vm_name}${count.index + 1}.patch"
+  }
 }
 
 # resource "local_file" "worker" {

hetzner/network-lb.tf

@@ -4,6 +4,10 @@ resource "hcloud_load_balancer" "api" {
   location           = var.regions[0]
   load_balancer_type = "lb11"
   labels             = merge(var.tags, { type = "infra" })
+
+  provisioner "local-exec" {
+    command = "echo LB: ${self.ipv4}"
+  }
 }
 
 resource "hcloud_load_balancer_network" "api" {