Can redefine IPv6

2025-10-29 17:42:47 +00:00 · 2021-06-05 21:02:43 +03:00
parent da4c7a0fe9
commit c4158fea86
7 changed files with 29 additions and 21 deletions
--- a/hetzner/Makefile
+++ b/hetzner/Makefile
@@ -11,8 +11,8 @@ create-config:

 create-templates:
 	@yq ea -P '. as $$item ireduce ({}; . * $$item )' _cfgs/controlplane.yaml templates/controlplane.yaml.tpl > templates/controlplane.yaml
-	@echo 'podSubnets: "10.32.0.0/12"'       >  _cfgs/tfstate.vars
-	@echo 'serviceSubnets: "10.200.0.0/22"'  >> _cfgs/tfstate.vars
+	@echo 'podSubnets: "10.32.0.0/12,fd00:10:32::/102"'        >  _cfgs/tfstate.vars
+	@echo 'serviceSubnets: "10.200.0.0/22,fd40:10:200::/112"'  >> _cfgs/tfstate.vars
 	@yq eval '.cluster.network.dnsDomain' _cfgs/init.yaml | awk '{ print "domain: "$$1}'       >> _cfgs/tfstate.vars
 	@yq eval '.cluster.clusterName' _cfgs/init.yaml       | awk '{ print "cluster_name: "$$1}' >> _cfgs/tfstate.vars
 	@yq eval '.machine.token'  _cfgs/init.yaml            | awk '{ print "tokenmachine: "$$1}' >> _cfgs/tfstate.vars
@@ -22,9 +22,9 @@ create-templates:
 	@yq eval -j '{"kubernetes": .}' _cfgs/tfstate.vars > terraform.tfvars.json

 create-controlplane:
-	cd modules/worker && terraform init
 	terraform init
-	terraform apply -target=null_resource.controlplane_apply
+	terraform apply -target=null_resource.controlplane

 create-infrastructure:
+	cd modules/worker && terraform init
 	terraform apply
--- a/hetzner/instances-master.tf
+++ b/hetzner/instances-master.tf
@@ -17,6 +17,7 @@ resource "hcloud_server" "controlplane" {

  lifecycle {
    ignore_changes = [
+      image,
      server_type,
      user_data,
      ssh_keys,
@@ -53,10 +54,10 @@ resource "local_file" "controlplane" {
  depends_on = [hcloud_server.controlplane]
 }

-resource "null_resource" "controlplane_apply" {
+resource "null_resource" "controlplane" {
  count = lookup(var.controlplane, "count", 0)
  provisioner "local-exec" {
-    command = "sleep 60 && ./talosctl apply-config --insecure --nodes ${hcloud_server.controlplane[count.index].ipv4_address} --file controlplane-${count.index + 1}.yaml"
+    command = "sleep 60 && talosctl apply-config --insecure --nodes ${hcloud_server.controlplane[count.index].ipv4_address} --file controlplane-${count.index + 1}.yaml"
  }
-  depends_on = [local_file.controlplane]
+  depends_on = [hcloud_load_balancer_target.api, local_file.controlplane]
 }
--- a/hetzner/modules/worker/main.tf
+++ b/hetzner/modules/worker/main.tf
@@ -24,6 +24,8 @@ resource "hcloud_server" "worker" {

  lifecycle {
    ignore_changes = [
+      image,
+      server_type,
      user_data,
      ssh_keys,
    ]
--- a/hetzner/prepare/main.tf
+++ b/hetzner/prepare/main.tf
@@ -34,8 +34,9 @@ resource "hcloud_server" "talos" {
  provisioner "remote-exec" {
    inline = [
      "apt-get install -y wget",
-      "wget -O /tmp/openstack.tar.gz https://github.com/talos-systems/talos/releases/download/v0.11.0-alpha.0/openstack-amd64.tar.gz",
+      "wget -O /tmp/openstack.tar.gz https://github.com/talos-systems/talos/releases/download/${var.talos_version}/openstack-amd64.tar.gz",
      "cd /tmp && tar xzf /tmp/openstack.tar.gz && dd if=/tmp/disk.raw of=/dev/sda && sync",
+      "mount /dev/sda3 /mnt && sed -i 's/set timeout=3/set timeout=10/g' /mnt/grub/grub.cfg && umount /mnt",
      "shutdown -h now"
    ]
  }
--- a/hetzner/prepare/variables.tf
+++ b/hetzner/prepare/variables.tf
@@ -18,3 +18,9 @@ variable "tags" {
    environment = "Develop"
  }
 }
+
+variable "talos_version" {
+  description = "Talos image version"
+  type        = string
+  default     = "v0.10.0"
+}
--- a/hetzner/templates/controlplane.yaml.tpl
+++ b/hetzner/templates/controlplane.yaml.tpl
@@ -30,15 +30,15 @@ machine:
        cidr: "169.254.2.53/32"
      - interface: dummy0
        cidr: "fd00::169:254:2:53/128"
+  install:
+    disk: /dev/sda
+    bootloader: true
+    wipe: false
+    extraKernelArgs:
+      - elevator=noop
  sysctls:
    net.core.somaxconn: 65535
    net.core.netdev_max_backlog: 4096
-  install:
-    disk: /dev/sda
-    extraKernelArgs:
-      - elevator=noop
-    bootloader: true
-    wipe: false
  systemDiskEncryption:
    ephemeral:
      provider: luks2
@@ -49,15 +49,13 @@ cluster:
  controlPlane:
    endpoint: https://${lbv4}:6443
  network:
+    dnsDomain: ${domain}
+    podSubnets: ${format("[%s]",podSubnets)}
+    serviceSubnets: ${format("[%s]",serviceSubnets)}
    cni:
      name: custom
      urls:
        - https://raw.githubusercontent.com/sergelogvinov/terraform-talos/main/hetzner/deployments/cilium_result.yaml
-    dnsDomain: ${domain}
-    podSubnets:
-    - ${podSubnets}
-    serviceSubnets:
-    - ${serviceSubnets}
  proxy:
    disabled: true
    mode: ipvs
--- a/hetzner/variables.tf
+++ b/hetzner/variables.tf
@@ -14,8 +14,8 @@ variable "regions" {
 variable "kubernetes" {
  type = map(string)
  default = {
-    podSubnets     = "10.32.0.0/12"
-    serviceSubnets = "10.200.0.0/22"
+    podSubnets     = "10.32.0.0/12,f00d:10:32::/64"
+    serviceSubnets = "10.200.0.0/22,fd40:10:200::/112"
    domain         = "cluster.local"
    cluster_name   = "talos-k8s-hezner"
    tokenmachine   = ""