scottk/terraform-talos
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/terraform-talos.git synced 2025-10-30 01:52:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

pods with global ipv6

Browse Source
This commit is contained in:
Serge Logvinov
2024-07-01 16:38:32 +03:00
parent dadcb60981
commit be81778aa1
4 changed files with 105 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
proxmox/Makefile
View File

@@ -24,8 +24,8 @@ create-config: ## Genereate talos configs
talosctl --talosconfig _cfgs/talosconfig config endpoint ${ENDPOINT} talosctl --talosconfig _cfgs/talosconfig config endpoint ${ENDPOINT}
create-templates: create-templates:
@echo 'podSubnets: "10.32.0.0/12,fd00:10:32::/102"' > _cfgs/tfstate.vars @echo 'podSubnets: "10.32.0.0/12,fd00:10:32::/64"' > _cfgs/tfstate.vars
@echo 'serviceSubnets: "10.200.0.0/22,fd40:10:200::/112"' >> _cfgs/tfstate.vars @echo 'serviceSubnets: "10.200.0.0/22,fd40:10:200::/108"' >> _cfgs/tfstate.vars
@echo 'apiDomain: api.cluster.local' >> _cfgs/tfstate.vars @echo 'apiDomain: api.cluster.local' >> _cfgs/tfstate.vars
@yq eval '.cluster.network.dnsDomain' _cfgs/controlplane.yaml | awk '{ print "domain: "$$1}' >> _cfgs/tfstate.vars @yq eval '.cluster.network.dnsDomain' _cfgs/controlplane.yaml | awk '{ print "domain: "$$1}' >> _cfgs/tfstate.vars
@yq eval '.cluster.clusterName' _cfgs/controlplane.yaml | awk '{ print "clusterName: "$$1}' >> _cfgs/tfstate.vars @yq eval '.cluster.clusterName' _cfgs/controlplane.yaml | awk '{ print "clusterName: "$$1}' >> _cfgs/tfstate.vars
@@ -42,7 +42,7 @@ create-templates:
@sops --encrypt --input-type=yaml --output-type=yaml _cfgs/talosconfig > _cfgs/talosconfig.sops.yaml @sops --encrypt --input-type=yaml --output-type=yaml _cfgs/talosconfig > _cfgs/talosconfig.sops.yaml
@git add -f _cfgs/talosconfig.sops.yaml _cfgs/ca.crt terraform.tfvars.sops.json @git add -f _cfgs/talosconfig.sops.yaml _cfgs/ca.crt terraform.tfvars.sops.json
create-controlplane-bootstrap: ## Bootstrap controlplane bootstrap: ## Bootstrap controlplane
talosctl --talosconfig _cfgs/talosconfig config endpoint ${ENDPOINT} talosctl --talosconfig _cfgs/talosconfig config endpoint ${ENDPOINT}
talosctl --talosconfig _cfgs/talosconfig --nodes ${CPFIRST} bootstrap talosctl --talosconfig _cfgs/talosconfig --nodes ${CPFIRST} bootstrap
@@ -60,7 +60,7 @@ nodes: ## Show kubernetes nodes
@kubectl get nodes -owide --sort-by '{.metadata.name}' --label-columns topology.kubernetes.io/region,topology.kubernetes.io/zone,node.kubernetes.io/instance-type @kubectl get nodes -owide --sort-by '{.metadata.name}' --label-columns topology.kubernetes.io/region,topology.kubernetes.io/zone,node.kubernetes.io/instance-type
system: system:
helm --kubeconfig=kubeconfig upgrade -i --namespace=kube-system --version=1.15.6 -f ../_deployments/vars/cilium.yaml \ helm --kubeconfig=kubeconfig upgrade -i --namespace=kube-system --version=1.15.6 -f deployments/cilium.yaml \
cilium cilium/cilium cilium cilium/cilium
kubectl --kubeconfig=kubeconfig -n kube-system delete svc cilium-agent kubectl --kubeconfig=kubeconfig -n kube-system delete svc cilium-agent
@@ -71,7 +71,6 @@ system:
metrics-server metrics-server/metrics-server metrics-server metrics-server/metrics-server
helm --kubeconfig=kubeconfig upgrade -i --namespace=kube-system -f deployments/talos-ccm.yaml \ helm --kubeconfig=kubeconfig upgrade -i --namespace=kube-system -f deployments/talos-ccm.yaml \
--set-string image.tag=edge \
--set useDaemonSet=true \ --set useDaemonSet=true \
talos-cloud-controller-manager \ talos-cloud-controller-manager \
oci://ghcr.io/siderolabs/charts/talos-cloud-controller-manager oci://ghcr.io/siderolabs/charts/talos-cloud-controller-manager

80
proxmox/deployments/cilium.yaml Normal file
View File

@@ -0,0 +1,80 @@
---
k8sServiceHost: "api.cluster.local"
k8sServicePort: "6443"
operator:
enabled: true
rollOutPods: true
replicas: 1
prometheus:
enabled: false
nodeSelector:
node-role.kubernetes.io/control-plane: ""
tolerations:
- operator: Exists
effect: NoSchedule
identityAllocationMode: crd
kubeProxyReplacement: strict
enableK8sEndpointSlice: true
localRedirectPolicy: true
tunnel: "vxlan"
autoDirectNodeRoutes: false
devices: [eth+]
healthChecking: true
cni:
install: true
ipam:
mode: "kubernetes"
k8s:
requireIPv4PodCIDR: true
requireIPv6PodCIDR: true
enableIPv6Masquerade: false
enableIPv4Masquerade: true
bpf:
masquerade: true
ipv4:
enabled: true
ipv6:
enabled: true
hostServices:
enabled: true
hostPort:
enabled: true
nodePort:
enabled: true
externalIPs:
enabled: true
hostFirewall:
enabled: true
ingressController:
enabled: false
securityContext:
privileged: true
hubble:
enabled: false
prometheus:
enabled: true
cgroup:
autoMount:
enabled: false
hostRoot: /sys/fs/cgroup
resources:
limits:
cpu: 2
memory: 2Gi
requests:
cpu: 100m
memory: 128Mi

18
proxmox/deployments/talos-ccm.yaml
View File

@@ -1,4 +1,8 @@
image:
repository: ghcr.io/sergelogvinov/talos-cloud-controller-manager
tag: nodeipam
service: service:
containerPort: 50258 containerPort: 50258
annotations: annotations:
@@ -8,6 +12,20 @@ service:
logVerbosityLevel: 4 logVerbosityLevel: 4
enabledControllers:
- cloud-node
- node-ipam-controller
extraArgs:
- --allocate-node-cidrs
- --cidr-allocator-type=CloudAllocator
- --node-cidr-mask-size-ipv4=24
- --node-cidr-mask-size-ipv6=80
# tolerations:
# - effect: NoSchedule
# operator: Exists
transformations: transformations:
- name: web - name: web
nodeSelector: nodeSelector:

5
proxmox/templates/controlplane.yaml.tpl
View File

@@ -72,8 +72,9 @@ cluster:
controllerManager: controllerManager:
image: registry.k8s.io/kube-controller-manager:${version} image: registry.k8s.io/kube-controller-manager:${version}
extraArgs: extraArgs:
node-cidr-mask-size-ipv4: 24 controllers: "*,tokencleaner,-node-ipam-controller"
node-cidr-mask-size-ipv6: 112 node-cidr-mask-size-ipv4: "24"
node-cidr-mask-size-ipv6: "80"
scheduler: scheduler:
image: registry.k8s.io/kube-scheduler:${version} image: registry.k8s.io/kube-scheduler:${version}
etcd: etcd: