djpbessems/Go.Rig-Operator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Drop initial code

Browse Source
This commit is contained in:
Danny Bessems
2026-01-15 09:58:01 +00:00
parent 227d957219
commit 1e7c9ba5cb
228 changed files with 19883 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

265
deploy/rancher/capi/addon.yaml Normal file
View File

@@ -0,0 +1,265 @@
apiVersion: harvesterhci.io/v1beta1
kind: Addon
metadata:
labels:
addon.harvesterhci.io/experimental: "true"
name: rancher-embedded
namespace: rancher-embedded
spec:
chart: vcluster
version: 0.19.0
enabled: false
repo: https://charts.loft.sh
valuesContent: |-
vm_network_name: "k8s-network"
ssh_keypair: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyW9YbYPE3efCdHMBgnP8AeVfs5Lw8MBCLhXuteliil"
vm_image_name: "ubuntu-22.04"
vm_default_user: "ubuntu"
harvester_vip: "172.27.27.40"
rancher_url: "rancher-mgmt.product.lan"
harvester_kubeconfig_b64: "YXBpVmVyc2lvbjogdjEKa2luZDogQ29uZmlnCmNsdXN0ZXJzOgotIG5hbWU6ICJsb2NhbCIKICBjbHVzdGVyOgogICAgc2VydmVyOiAiaHR0cHM6Ly8xNzIuMjcuMjcuMTkwL2s4cy9jbHVzdGVycy9sb2NhbCIKICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSjJWRU5EUVwKICAgICAgVmRQWjBGM1NVSkJaMGxDUVVSQlMwSm5aM0ZvYTJwUFVGRlJSRUZxUWtkTlVuZDNSMmRaUkZaUlVVdEZlRTVyWlZjMWFHSlhiR29LWVwKICAgICAga2RzZW1SSFZuVmFXRWwwWWpOS2JrMVRXWGRLUVZsRVZsRlJSRVJDTVd0bFZ6Vm9ZbGRzYW1KSGJIcGtSMVoxV2xoSmRGa3lSa0ZOVlwKICAgICAgR014VDFSVmR3cFBSR2MxVFZSQlpVWjNNSGxPVkVWM1RVUk5lRTVxU1RSTlZFWmhSbmN3ZWs1VVJYZE5SRVY0VG1wSk5FMVVSbUZOUlwKICAgICAgVmw0U0VSQllVSm5UbFpDUVc5VUNrVXlValZpYlVaMFlWZE9jMkZZVGpCYVZ6VnNZMmt4ZG1OdFkzaEtha0ZyUW1kT1ZrSkJUVTFJVlwKICAgICAgMUkxWW0xR2RHRlhUbk5oV0U0d1dsYzFiR05wTVdvS1dWVkJlRTU2VlRWT1ZFRTBUMFJyZUUxR2EzZEZkMWxJUzI5YVNYcHFNRU5CVVwKICAgICAgVmxKUzI5YVNYcHFNRVJCVVdORVVXZEJSVUZWVlU0eFdtUmxURlY2UmdwTWFtSk1Wbk5TT1ZNMGJTdFRTWE5XWlVOa1JVcHVNVGhRYVwKICAgICAgWHBUYm1jMk5rNXhMMWhHVkZaT2RGRnFMMEl3T1hCR01GTXdUVFpMZDJSbmFHUldWM1Y1Q25vMWJFTmlSVzlVVkRaT1EwMUZRWGRFWlwKICAgICAgMWxFVmxJd1VFRlJTQzlDUVZGRVFXZExhMDFCT0VkQk1WVmtSWGRGUWk5M1VVWk5RVTFDUVdZNGQwaFJXVVFLVmxJd1QwSkNXVVZHU1wKICAgICAgRXd2Um5Ga05GRXJaamhpTlhkTFJtSjJUSEpwVTJrMWRtVnpUVUZ2UjBORGNVZFRUVFE1UWtGTlEwRXdaMEZOUlZWRFNVUk5XZ3BVUlwKICAgICAgWFl6VmpjM04zRjZja2RCTDBjNVdVUmxjMlUwVkdaNllWRlhiVmh3UWxWTE9FRm5XWFZJUVdsRlFXeHZaVEpNTVM5RU9VZE1VRGRXU1wKICAgICAgMU13TWxObUNsUnRRbHBxT1d4WVNVeFBSWEJJZDBkR05tSk1WR3hqUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0IgoKdXNlcnM6Ci0gbmFtZTogImxvY2FsIgogIHVzZXI6CiAgICB0b2tlbjogImt1YmVjb25maWctdXNlci1remo5OWJubmdmOmd4Nm1kdDVmMjlzZjRsY3R2Zm44Mnp4c3NsOXhydzJtNjg1NDhnOWpsN3psbHR2Nm00dHB6ZiIKCgpjb250ZXh0czoKLSBuYW1lOiAibG9jYWwiCiAgY29udGV4dDoKICAgIHVzZXI6ICJsb2NhbCIKICAgIGNsdXN0ZXI6ICJsb2NhbCIKCmN1cnJlbnQtY29udGV4dDogImxvY2FsIgo="
vcluster:
image: rancher/k3s:v1.30.6-k3s1
sync:
ingresses:
enabled: "true"
init:
manifestsTemplate: |-
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: cert-manager
spec:
chart: cert-manager
createNamespace: true
version: v1.13.0
repo: https://charts.jetstack.io
targetNamespace: cert-manager
valuesContent: |
installCRDs: true
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: bootstrap-cluster
spec:
chart: cluster-api-operator
repo: https://kubernetes-sigs.github.io/cluster-api-operator
version: v0.14.0
valuesContent: |
cert-manager:
enabled: true
bootstrap: rke2
controlPlane: rke2
---
apiVersion: v1
kind: Namespace
metadata:
name: caphv-system
---
apiVersion: operator.cluster.x-k8s.io/v1alpha2
kind: InfrastructureProvider
metadata:
name: harvester
namespace: caphv-system
spec:
version: v0.1.4
fetchConfig:
url: https://github.com/rancher-sandbox/cluster-api-provider-harvester/releases/download/v0.1.4/components.yaml
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
labels:
ccm: external
cluster.x-k8s.io/cluster-name: rke2-mgmt
cni: external
csi: external
name: rke2-mgmt
namespace: default
spec:
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
name: rke2-mgmt-control-plane
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
name: rke2-mgmt-hv
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
metadata:
name: rke2-mgmt-hv
namespace: default
spec:
identitySecret:
name: hv-identity-secret
namespace: default
loadBalancerConfig:
ipamType: dhcp
listeners:
- backendPort: 9345
name: rke2-server
port: 9345
protocol: TCP
- backendPort: 443
name: rke2-ingress
port: 443
protocol: TCP
server: {{ .Values.harvester_vip }}
targetNamespace: default
---
apiVersion: v1
data:
kubeconfig: {{ .Values.harvester_kubeconfig_b64 }}
kind: Secret
metadata:
name: hv-identity-secret
namespace: default
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
metadata:
name: rke2-mgmt-control-plane
namespace: default
spec:
agentConfig:
version: v1.29.6+rke2r1
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-cp-machine
namespace: default
replicas: 3
serverConfig:
cni: canal
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
metadata:
name: rke2-mgmt-worker
namespace: default
spec:
template:
spec:
agentConfig:
version: v1.29.6+rke2r1
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: MachineDeployment
metadata:
name: rke2-mgmt-workers
namespace: default
spec:
clusterName: rke2-mgmt
replicas: 0
selector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
template:
spec:
bootstrap:
configRef:
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
name: rke2-mgmt-worker
namespace: default
clusterName: rke2-mgmt
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-wk-machine
namespace: default
version: v1.29.6+rke2r1
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-wk-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
- {{ .Values.vm_network_name }}
sshKeyPair: default/{{ .Values.ssh_keypair }}
sshUser: {{ .Values.vm_default_user }}
volumes:
- bootOrder: 0
imageName: default/{{ .Values.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-cp-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
- {{ .Values.vm_network_name }}
sshKeyPair: default/{{ .Values.ssh_keypair }}
sshUser: {{ .Values.vm_default_user }}
volumes:
- bootOrder: 0
imageName: default/{{ .Values.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: addons.cluster.x-k8s.io/v1beta1
kind: ClusterResourceSet
metadata:
labels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
name: rke2-mgmt-rancher-crs-0
namespace: default
spec:
clusterSelector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
resources:
- kind: Secret
name: rancher-namespace
- kind: Secret
name: rancher-helmchart
- kind: Secret
name: certmanager-helmchart
strategy: Reconcile
---
apiVersion: v1
kind: Secret
metadata:
name: certmanager-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: cert-manager\n
\ namespace: default \nspec:\n bootstrap: true\n targetNamespace: cert-manager\n
\ createNamespace: true\n valuesContent: |-\n securityContext:\n runAsNonRoot:
true\n crds:\n enabled: true\n version: v1.16.1\n repo: https://charts.jetstack.io\n
\ chart: cert-manager\n"
type: addons.cluster.x-k8s.io/resource-set
---
apiVersion: v1
kind: Secret
metadata:
name: rancher-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: rancher\n
\ namespace: default \nspec:\n bootstrap: false\n targetNamespace: cattle-system\n
\ createNamespace: true\n set:\n hostname: {{ .Values.rancher_url }}\n
\ replicas: 3\n bootstrapPassword: admin\n valuesContent: |-\n global:\n
\ cattle:\n psp:\n enabled: false\n ingress:\n tls:\n
\ source: rancher\n repo: https://releases.rancher.com/server-charts/stable\n
\ chart: rancher\n version: v2.9.1\n"
type: addons.cluster.x-k8s.io/resource-set

90
deploy/rancher/capi/harvester-addon.yaml Normal file
View File

@@ -0,0 +1,90 @@
apiVersion: harvesterhci.io/v1beta1
kind: Addon
metadata:
labels:
addon.harvesterhci.io/experimental: 'true'
name: temp-vlcuster-fix
namespace: temp-vlcuster-fix
spec:
chart: vcluster
enabled: true
repo: https://charts.loft.sh
valuesContent: |-
serviceCIDR: 10.53.0.0/16
controlPlane:
distro:
k3s:
resources:
limits:
memory: 16096Mi
cpu: 8000m
enabled: true
imagePullPolicy: IfNotPresent
image:
tag: v1.33.4-k3s1
repository: rancher/k3s
sync:
toHost:
ingresses:
enabled: true
experimental:
deploy:
vcluster:
manifests: |-
apiVersion: v1
kind: Namespace
metadata:
name: cattle-system
---
apiVersion: v1
kind: Namespace
metadata:
name: cert-manager
labels:
certmanager.k8s.io/disable-validation: "true"
helm:
- chart:
name: cert-manager
repo: https://charts.jetstack.io
version: v1.8.0
release:
name: cert-manager
namespace: cert-manager
values: |-
installCRDs: true
- chart:
name: rancher
repo: https://releases.rancher.com/server-charts/latest
version: v2.12.0
release:
name: rancher
namespace: cattle-system
values: |-
hostname: rancher.product.lan
replicas: 1
bootstrapPassword: ce6XxaBTv9pHpGln
rancherImage: rancher/rancher
ingress:
tls:
source: rancher
global:
cattle:
psp:
enabled: "false"
extraEnv:
- name: CATTLE_AGENT_IMAGE
value: rancher/rancher-agent:v2.12.0
version: v0.28.0
status:
conditions:
- lastUpdateTime: '2025-10-24T13:24:37Z'
status: 'True'
type: Completed
- lastUpdateTime: '2025-10-24T13:24:37Z'
status: 'False'
type: InProgress
- lastUpdateTime: '2025-10-24T13:23:08Z'
status: 'False'
type: OperationFailed
status: AddonDeploySuccessful

294
deploy/rancher/capi/helmchart.yaml Normal file
View File

@@ -0,0 +1,294 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: rancher-embedded
spec:
chart: vcluster
version: 0.30.1
repo: https://charts.loft.sh
valuesContent: |
# vm_network_name: ${VM_NETWORK}
# ssh_keypair: ${VM_SSH_KEYPAIR}
# vm_image_name: ${VM_IMAGE_NAME}
# vm_default_user: ${VM_DEFAULT_USER}
# harvester_vip: ${HARVESTER_VIP}
# rancher_url: ${RANCHER_URL}
# harvester_kubeconfig_b64: ${HARVESTER_KUBECONFIG_B64}
#external:
controlPlane:
distro:
k3s:
enabled: true
image:
tag: v1.33.5-k3s1
statefulSet:
scheduling:
podManagementPolicy: OrderedReady
sync:
fromHost:
ingressClasses:
enabled: true
toHost:
ingresses:
enabled: true
experimental:
deploy:
vcluster:
#vm_network_name: "k8s-network"
#ssh_keypair: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyW9YbYPE3efCdHMBgnP8AeVfs5Lw8MBCLhXuteliil"
#vm_image_name: "ubuntu-22.04"
#vm_default_user: "ubuntu"
#harvester_vip: "172.27.27.40"
#rancher_url: "rancher-mgmt.product.lan"
#harvester_kubeconfig_b64: "YXBpVmVyc2lvbjogdjEKa2luZDogQ29uZmlnCmNsdXN0ZXJzOgotIG5hbWU6ICJsb2NhbCIKICBjbHVzdGVyOgogICAgc2VydmVyOiAiaHR0cHM6Ly8xNzIuMjcuMjcuMTkwL2s4cy9jbHVzdGVycy9sb2NhbCIKICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSjJWRU5EUVwKICAgICAgVmRQWjBGM1NVSkJaMGxDUVVSQlMwSm5aM0ZvYTJwUFVGRlJSRUZxUWtkTlVuZDNSMmRaUkZaUlVVdEZlRTVyWlZjMWFHSlhiR29LWVwKICAgICAga2RzZW1SSFZuVmFXRWwwWWpOS2JrMVRXWGRLUVZsRVZsRlJSRVJDTVd0bFZ6Vm9ZbGRzYW1KSGJIcGtSMVoxV2xoSmRGa3lSa0ZOVlwKICAgICAgR014VDFSVmR3cFBSR2MxVFZSQlpVWjNNSGxPVkVWM1RVUk5lRTVxU1RSTlZFWmhSbmN3ZWs1VVJYZE5SRVY0VG1wSk5FMVVSbUZOUlwKICAgICAgVmw0U0VSQllVSm5UbFpDUVc5VUNrVXlValZpYlVaMFlWZE9jMkZZVGpCYVZ6VnNZMmt4ZG1OdFkzaEtha0ZyUW1kT1ZrSkJUVTFJVlwKICAgICAgMUkxWW0xR2RHRlhUbk5oV0U0d1dsYzFiR05wTVdvS1dWVkJlRTU2VlRWT1ZFRTBUMFJyZUUxR2EzZEZkMWxJUzI5YVNYcHFNRU5CVVwKICAgICAgVmxKUzI5YVNYcHFNRVJCVVdORVVXZEJSVUZWVlU0eFdtUmxURlY2UmdwTWFtSk1Wbk5TT1ZNMGJTdFRTWE5XWlVOa1JVcHVNVGhRYVwKICAgICAgWHBUYm1jMk5rNXhMMWhHVkZaT2RGRnFMMEl3T1hCR01GTXdUVFpMZDJSbmFHUldWM1Y1Q25vMWJFTmlSVzlVVkRaT1EwMUZRWGRFWlwKICAgICAgMWxFVmxJd1VFRlJTQzlDUVZGRVFXZExhMDFCT0VkQk1WVmtSWGRGUWk5M1VVWk5RVTFDUVdZNGQwaFJXVVFLVmxJd1QwSkNXVVZHU1wKICAgICAgRXd2Um5Ga05GRXJaamhpTlhkTFJtSjJUSEpwVTJrMWRtVnpUVUZ2UjBORGNVZFRUVFE1UWtGTlEwRXdaMEZOUlZWRFNVUk5XZ3BVUlwKICAgICAgWFl6VmpjM04zRjZja2RCTDBjNVdVUmxjMlUwVkdaNllWRlhiVmh3UWxWTE9FRm5XWFZJUVdsRlFXeHZaVEpNTVM5RU9VZE1VRGRXU1wKICAgICAgMU13TWxObUNsUnRRbHBxT1d4WVNVeFBSWEJJZDBkR05tSk1WR3hqUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0IgoKdXNlcnM6Ci0gbmFtZTogImxvY2FsIgogIHVzZXI6CiAgICB0b2tlbjogImt1YmVjb25maWctdXNlci1remo5OWJubmdmOmd4Nm1kdDVmMjlzZjRsY3R2Zm44Mnp4c3NsOXhydzJtNjg1NDhnOWpsN3psbHR2Nm00dHB6ZiIKCgpjb250ZXh0czoKLSBuYW1lOiAibG9jYWwiCiAgY29udGV4dDoKICAgIHVzZXI6ICJsb2NhbCIKICAgIGNsdXN0ZXI6ICJsb2NhbCIKCmN1cnJlbnQtY29udGV4dDogImxvY2FsIgo="
manifestsTemplate: |-
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: cert-manager
spec:
chart: cert-manager
createNamespace: true
version: v1.13.0
repo: https://charts.jetstack.io
targetNamespace: cert-manager
valuesContent: |
installCRDs: true
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: bootstrap-cluster
spec:
chart: cluster-api-operator
repo: https://kubernetes-sigs.github.io/cluster-api-operator
version: v0.14.0
valuesContent: |
cert-manager:
enabled: true
bootstrap: rke2
controlPlane: rke2
---
apiVersion: v1
kind: Namespace
metadata:
name: caphv-system
---
apiVersion: operator.cluster.x-k8s.io/v1alpha2
kind: InfrastructureProvider
metadata:
name: harvester
namespace: caphv-system
spec:
version: v0.1.4
fetchConfig:
url: https://github.com/rancher-sandbox/cluster-api-provider-harvester/releases/download/v0.1.4/components.yaml
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
labels:
ccm: external
cluster.x-k8s.io/cluster-name: rke2-mgmt
cni: external
csi: external
name: rke2-mgmt
namespace: default
spec:
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
name: rke2-mgmt-control-plane
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
name: rke2-mgmt-hv
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
metadata:
name: rke2-mgmt-hv
namespace: default
spec:
identitySecret:
name: hv-identity-secret
namespace: default
loadBalancerConfig:
ipamType: dhcp
listeners:
- backendPort: 9345
name: rke2-server
port: 9345
protocol: TCP
- backendPort: 443
name: rke2-ingress
port: 443
protocol: TCP
#server: {{ .Values.experimental.deploy.vcluster.harvester_vip }}
server: 172.27.27.40
targetNamespace: default
---
apiVersion: v1
data:
#kubeconfig: {{ .Values.experimental.deploy.vcluster.harvester_kubeconfig_b64 }}
kubeconfig: "YXBpVmVyc2lvbjogdjEKa2luZDogQ29uZmlnCmNsdXN0ZXJzOgotIG5hbWU6ICJsb2NhbCIKICBjbHVzdGVyOgogICAgc2VydmVyOiAiaHR0cHM6Ly8xNzIuMjcuMjcuMTkwL2s4cy9jbHVzdGVycy9sb2NhbCIKICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSjJWRU5EUVwKICAgICAgVmRQWjBGM1NVSkJaMGxDUVVSQlMwSm5aM0ZvYTJwUFVGRlJSRUZxUWtkTlVuZDNSMmRaUkZaUlVVdEZlRTVyWlZjMWFHSlhiR29LWVwKICAgICAga2RzZW1SSFZuVmFXRWwwWWpOS2JrMVRXWGRLUVZsRVZsRlJSRVJDTVd0bFZ6Vm9ZbGRzYW1KSGJIcGtSMVoxV2xoSmRGa3lSa0ZOVlwKICAgICAgR014VDFSVmR3cFBSR2MxVFZSQlpVWjNNSGxPVkVWM1RVUk5lRTVxU1RSTlZFWmhSbmN3ZWs1VVJYZE5SRVY0VG1wSk5FMVVSbUZOUlwKICAgICAgVmw0U0VSQllVSm5UbFpDUVc5VUNrVXlValZpYlVaMFlWZE9jMkZZVGpCYVZ6VnNZMmt4ZG1OdFkzaEtha0ZyUW1kT1ZrSkJUVTFJVlwKICAgICAgMUkxWW0xR2RHRlhUbk5oV0U0d1dsYzFiR05wTVdvS1dWVkJlRTU2VlRWT1ZFRTBUMFJyZUUxR2EzZEZkMWxJUzI5YVNYcHFNRU5CVVwKICAgICAgVmxKUzI5YVNYcHFNRVJCVVdORVVXZEJSVUZWVlU0eFdtUmxURlY2UmdwTWFtSk1Wbk5TT1ZNMGJTdFRTWE5XWlVOa1JVcHVNVGhRYVwKICAgICAgWHBUYm1jMk5rNXhMMWhHVkZaT2RGRnFMMEl3T1hCR01GTXdUVFpMZDJSbmFHUldWM1Y1Q25vMWJFTmlSVzlVVkRaT1EwMUZRWGRFWlwKICAgICAgMWxFVmxJd1VFRlJTQzlDUVZGRVFXZExhMDFCT0VkQk1WVmtSWGRGUWk5M1VVWk5RVTFDUVdZNGQwaFJXVVFLVmxJd1QwSkNXVVZHU1wKICAgICAgRXd2Um5Ga05GRXJaamhpTlhkTFJtSjJUSEpwVTJrMWRtVnpUVUZ2UjBORGNVZFRUVFE1UWtGTlEwRXdaMEZOUlZWRFNVUk5XZ3BVUlwKICAgICAgWFl6VmpjM04zRjZja2RCTDBjNVdVUmxjMlUwVkdaNllWRlhiVmh3UWxWTE9FRm5XWFZJUVdsRlFXeHZaVEpNTVM5RU9VZE1VRGRXU1wKICAgICAgMU13TWxObUNsUnRRbHBxT1d4WVNVeFBSWEJJZDBkR05tSk1WR3hqUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0IgoKdXNlcnM6Ci0gbmFtZTogImxvY2FsIgogIHVzZXI6CiAgICB0b2tlbjogImt1YmVjb25maWctdXNlci1remo5OWJubmdmOmd4Nm1kdDVmMjlzZjRsY3R2Zm44Mnp4c3NsOXhydzJtNjg1NDhnOWpsN3psbHR2Nm00dHB6ZiIKCgpjb250ZXh0czoKLSBuYW1lOiAibG9jYWwiCiAgY29udGV4dDoKICAgIHVzZXI6ICJsb2NhbCIKICAgIGNsdXN0ZXI6ICJsb2NhbCIKCmN1cnJlbnQtY29udGV4dDogImxvY2FsIgo="
kind: Secret
metadata:
name: hv-identity-secret
namespace: default
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
metadata:
name: rke2-mgmt-control-plane
namespace: default
spec:
agentConfig:
version: v1.33.5+rke2r1
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-cp-machine
namespace: default
replicas: 3
serverConfig:
cni: canal
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
metadata:
name: rke2-mgmt-worker
namespace: default
spec:
template:
spec:
agentConfig:
version: v1.33.5+rke2r1
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: MachineDeployment
metadata:
name: rke2-mgmt-workers
namespace: default
spec:
clusterName: rke2-mgmt
replicas: 0
selector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
template:
spec:
bootstrap:
configRef:
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
name: rke2-mgmt-worker
namespace: default
clusterName: rke2-mgmt
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-wk-machine
namespace: default
version: v1.29.6+rke2r1
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-wk-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
#- {{ .Values.experimental.deploy.vcluster.vm_network_name }}
- k8s-network
#sshKeyPair: default/{{ .Values.experimental.deploy.vcluster.ssh_keypair }}
sshKeyPair: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyW9YbYPE3efCdHMBgnP8AeVfs5Lw8MBCLhXuteliil"
#sshUser: {{ .Values.experimental.deploy.vcluster.vm_default_user }}
sshUser: ubuntu
volumes:
- bootOrder: 0
imageName: default/{{ .Values.experimental.deploy.vcluster.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-cp-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
#- {{ .Values.experimental.deploy.vcluster.vm_network_name }}
- k8s-network
#sshKeyPair: default/{{ .Values.experimental.deploy.vcluster.ssh_keypair }}
sshKeyPair: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyW9YbYPE3efCdHMBgnP8AeVfs5Lw8MBCLhXuteliil"
#sshUser: {{ .Values.experimental.deploy.vcluster.vm_default_user }}
sshUser: ubuntu
volumes:
- bootOrder: 0
imageName: default/{{ .Values.experimental.deploy.vcluster.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: addons.cluster.x-k8s.io/v1beta1
kind: ClusterResourceSet
metadata:
labels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
name: rke2-mgmt-rancher-crs-0
namespace: default
spec:
clusterSelector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
resources:
- kind: Secret
name: rancher-namespace
- kind: Secret
name: rancher-helmchart
- kind: Secret
name: certmanager-helmchart
strategy: Reconcile
---
apiVersion: v1
kind: Secret
metadata:
name: certmanager-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: cert-manager\n
\ namespace: default \nspec:\n bootstrap: true\n targetNamespace: cert-manager\n
\ createNamespace: true\n valuesContent: |-\n securityContext:\n runAsNonRoot:
true\n crds:\n enabled: true\n version: v1.16.1\n repo: https://charts.jetstack.io\n
\ chart: cert-manager\n"
type: addons.cluster.x-k8s.io/resource-set
---
apiVersion: v1
kind: Secret
metadata:
name: rancher-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: rancher\n
\ namespace: default \nspec:\n bootstrap: false\n targetNamespace: cattle-system\n
\ createNamespace: true\n set:\n #hostname: {{ .Values.experimental.deploy.vcluster.rancher_url }}\n
\ hostname: rancher-mgmt.product.lan\n
\ replicas: 3\n bootstrapPassword: admin\n valuesContent: |-\n global:\n
\ cattle:\n psp:\n enabled: false\n ingress:\n tls:\n
\ source: rancher\n repo: https://releases.rancher.com/server-charts/latest\n
\ chart: rancher\n version: v2.12.3\n"
type: addons.cluster.x-k8s.io/resource-set

255
deploy/rancher/capi/vcluster-v019.yaml Normal file
View File

@@ -0,0 +1,255 @@
#vm_network_name: "k8s-network"
#ssh_keypair: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPyW9YbYPE3efCdHMBgnP8AeVfs5Lw8MBCLhXuteliil"
#vm_image_name: "ubuntu-22.04"
#vm_default_user: "ubuntu"
#harvester_vip: "172.27.27.40"
#rancher_url: "rancher-mgmt.product.lan"
#harvester_kubeconfig_b64: "YXBpVmVyc2lvbjogdjEKa2luZDogQ29uZmlnCmNsdXN0ZXJzOgotIG5hbWU6ICJsb2NhbCIKICBjbHVzdGVyOgogICAgc2VydmVyOiAiaHR0cHM6Ly8xNzIuMjcuMjcuMTkwL2s4cy9jbHVzdGVycy9sb2NhbCIKICAgIGNlcnRpZmljYXRlLWF1dGhvcml0eS1kYXRhOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVSjJWRU5EUVwKICAgICAgVmRQWjBGM1NVSkJaMGxDUVVSQlMwSm5aM0ZvYTJwUFVGRlJSRUZxUWtkTlVuZDNSMmRaUkZaUlVVdEZlRTVyWlZjMWFHSlhiR29LWVwKICAgICAga2RzZW1SSFZuVmFXRWwwWWpOS2JrMVRXWGRLUVZsRVZsRlJSRVJDTVd0bFZ6Vm9ZbGRzYW1KSGJIcGtSMVoxV2xoSmRGa3lSa0ZOVlwKICAgICAgR014VDFSVmR3cFBSR2MxVFZSQlpVWjNNSGxPVkVWM1RVUk5lRTVxU1RSTlZFWmhSbmN3ZWs1VVJYZE5SRVY0VG1wSk5FMVVSbUZOUlwKICAgICAgVmw0U0VSQllVSm5UbFpDUVc5VUNrVXlValZpYlVaMFlWZE9jMkZZVGpCYVZ6VnNZMmt4ZG1OdFkzaEtha0ZyUW1kT1ZrSkJUVTFJVlwKICAgICAgMUkxWW0xR2RHRlhUbk5oV0U0d1dsYzFiR05wTVdvS1dWVkJlRTU2VlRWT1ZFRTBUMFJyZUUxR2EzZEZkMWxJUzI5YVNYcHFNRU5CVVwKICAgICAgVmxKUzI5YVNYcHFNRVJCVVdORVVXZEJSVUZWVlU0eFdtUmxURlY2UmdwTWFtSk1Wbk5TT1ZNMGJTdFRTWE5XWlVOa1JVcHVNVGhRYVwKICAgICAgWHBUYm1jMk5rNXhMMWhHVkZaT2RGRnFMMEl3T1hCR01GTXdUVFpMZDJSbmFHUldWM1Y1Q25vMWJFTmlSVzlVVkRaT1EwMUZRWGRFWlwKICAgICAgMWxFVmxJd1VFRlJTQzlDUVZGRVFXZExhMDFCT0VkQk1WVmtSWGRGUWk5M1VVWk5RVTFDUVdZNGQwaFJXVVFLVmxJd1QwSkNXVVZHU1wKICAgICAgRXd2Um5Ga05GRXJaamhpTlhkTFJtSjJUSEpwVTJrMWRtVnpUVUZ2UjBORGNVZFRUVFE1UWtGTlEwRXdaMEZOUlZWRFNVUk5XZ3BVUlwKICAgICAgWFl6VmpjM04zRjZja2RCTDBjNVdVUmxjMlUwVkdaNllWRlhiVmh3UWxWTE9FRm5XWFZJUVdsRlFXeHZaVEpNTVM5RU9VZE1VRGRXU1wKICAgICAgMU13TWxObUNsUnRRbHBxT1d4WVNVeFBSWEJJZDBkR05tSk1WR3hqUFFvdExTMHRMVVZPUkNCRFJWSlVTVVpKUTBGVVJTMHRMUzB0IgoKdXNlcnM6Ci0gbmFtZTogImxvY2FsIgogIHVzZXI6CiAgICB0b2tlbjogImt1YmVjb25maWctdXNlci1remo5OWJubmdmOmd4Nm1kdDVmMjlzZjRsY3R2Zm44Mnp4c3NsOXhydzJtNjg1NDhnOWpsN3psbHR2Nm00dHB6ZiIKCgpjb250ZXh0czoKLSBuYW1lOiAibG9jYWwiCiAgY29udGV4dDoKICAgIHVzZXI6ICJsb2NhbCIKICAgIGNsdXN0ZXI6ICJsb2NhbCIKCmN1cnJlbnQtY29udGV4dDogImxvY2FsIgo="
vcluster:
image: rancher/k3s:v1.33.5-k3s1
sync:
ingresses:
enabled: true
init:
manifestsTemplate: |-
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: cert-manager
spec:
chart: cert-manager
createNamespace: true
version: v1.13.0
repo: https://charts.jetstack.io
targetNamespace: cert-manager
valuesContent: |
installCRDs: true
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: bootstrap-cluster
spec:
chart: cluster-api-operator
repo: https://kubernetes-sigs.github.io/cluster-api-operator
version: v0.14.0
valuesContent: |
cert-manager:
enabled: true
bootstrap: rke2
controlPlane: rke2
---
apiVersion: v1
kind: Namespace
metadata:
name: caphv-system
---
apiVersion: operator.cluster.x-k8s.io/v1alpha2
kind: InfrastructureProvider
metadata:
name: harvester
namespace: caphv-system
spec:
version: v0.1.4
fetchConfig:
url: https://github.com/rancher-sandbox/cluster-api-provider-harvester/releases/download/v0.1.4/components.yaml
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
labels:
ccm: external
cluster.x-k8s.io/cluster-name: rke2-mgmt
cni: external
csi: external
name: rke2-mgmt
namespace: default
spec:
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
name: rke2-mgmt-control-plane
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
name: rke2-mgmt-hv
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
metadata:
name: rke2-mgmt-hv
namespace: default
spec:
identitySecret:
name: hv-identity-secret
namespace: default
loadBalancerConfig:
ipamType: dhcp
listeners:
- backendPort: 9345
name: rke2-server
port: 9345
protocol: TCP
- backendPort: 443
name: rke2-ingress
port: 443
protocol: TCP
server: {{ .Values.harvester_vip }}
targetNamespace: default
---
apiVersion: v1
data:
kubeconfig: {{ .Values.harvester_kubeconfig_b64 }}
kind: Secret
metadata:
name: hv-identity-secret
namespace: default
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
metadata:
name: rke2-mgmt-control-plane
namespace: default
spec:
agentConfig:
version: v1.33.5+rke2r1
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-cp-machine
namespace: default
replicas: 3
serverConfig:
cni: canal
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
metadata:
name: rke2-mgmt-worker
namespace: default
spec:
template:
spec:
agentConfig:
version: v1.33.5+rke2r1
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: MachineDeployment
metadata:
name: rke2-mgmt-workers
namespace: default
spec:
clusterName: rke2-mgmt
replicas: 0
selector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
template:
spec:
bootstrap:
configRef:
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
name: rke2-mgmt-worker
namespace: default
clusterName: rke2-mgmt
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-wk-machine
namespace: default
version: v1.29.6+rke2r1
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-wk-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
- {{ .Values.vm_network_name }}
sshKeyPair: default/{{ .Values.ssh_keypair }}
sshUser: {{ .Values.vm_default_user }}
volumes:
- bootOrder: 0
imageName: default/{{ .Values.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-cp-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
- {{ .Values.vm_network_name }}
sshKeyPair: default/{{ .Values.ssh_keypair }}
sshUser: {{ .Values.vm_default_user }}
volumes:
- bootOrder: 0
imageName: default/{{ .Values.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: addons.cluster.x-k8s.io/v1beta1
kind: ClusterResourceSet
metadata:
labels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
name: rke2-mgmt-rancher-crs-0
namespace: default
spec:
clusterSelector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
resources:
- kind: Secret
name: rancher-namespace
- kind: Secret
name: rancher-helmchart
- kind: Secret
name: certmanager-helmchart
strategy: Reconcile
---
apiVersion: v1
kind: Secret
metadata:
name: certmanager-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: cert-manager\n
\ namespace: default \nspec:\n bootstrap: true\n targetNamespace: cert-manager\n
\ createNamespace: true\n valuesContent: |-\n securityContext:\n runAsNonRoot:
true\n crds:\n enabled: true\n version: v1.16.1\n repo: https://charts.jetstack.io\n
\ chart: cert-manager\n"
type: addons.cluster.x-k8s.io/resource-set
---
apiVersion: v1
kind: Secret
metadata:
name: rancher-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: rancher\n
\ namespace: default \nspec:\n bootstrap: false\n targetNamespace: cattle-system\n
\ createNamespace: true\n set:\n hostname: {{ .Values.rancher_url }}\n
\ replicas: 3\n bootstrapPassword: admin\n valuesContent: |-\n global:\n
\ cattle:\n psp:\n enabled: false\n ingress:\n tls:\n
\ source: rancher\n repo: https://releases.rancher.com/server-charts/latest\n
\ chart: rancher\n version: v2.12.3\n"
type: addons.cluster.x-k8s.io/resource-set

256
deploy/rancher/capi/vcluster.yaml Normal file
View File

@@ -0,0 +1,256 @@
controlPlane:
distro:
k3s:
enabled: true
image:
tag: v1.33.5-k3s1
statefulSet:
scheduling:
podManagementPolicy: OrderedReady
experimental:
deploy:
vcluster:
manifestsTemplate: |-
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: cert-manager
spec:
chart: cert-manager
createNamespace: true
version: v1.13.0
repo: https://charts.jetstack.io
targetNamespace: cert-manager
valuesContent: |
installCRDs: true
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: bootstrap-cluster
spec:
chart: cluster-api-operator
repo: https://kubernetes-sigs.github.io/cluster-api-operator
version: v0.14.0
valuesContent: |
cert-manager:
enabled: true
bootstrap: rke2
controlPlane: rke2
---
apiVersion: v1
kind: Namespace
metadata:
name: caphv-system
---
apiVersion: operator.cluster.x-k8s.io/v1alpha2
kind: InfrastructureProvider
metadata:
name: harvester
namespace: caphv-system
spec:
version: v0.1.4
fetchConfig:
url: https://github.com/rancher-sandbox/cluster-api-provider-harvester/releases/download/v0.1.4/components.yaml
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
labels:
ccm: external
cluster.x-k8s.io/cluster-name: rke2-mgmt
cni: external
csi: external
name: rke2-mgmt
namespace: default
spec:
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
name: rke2-mgmt-control-plane
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
name: rke2-mgmt-hv
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterCluster
metadata:
name: rke2-mgmt-hv
namespace: default
spec:
identitySecret:
name: hv-identity-secret
namespace: default
loadBalancerConfig:
ipamType: dhcp
listeners:
- backendPort: 9345
name: rke2-server
port: 9345
protocol: TCP
- backendPort: 443
name: rke2-ingress
port: 443
protocol: TCP
server: {{ .Values.harvester_vip }}
targetNamespace: default
---
apiVersion: v1
data:
kubeconfig: {{ .Values.harvester_kubeconfig_b64 }}
kind: Secret
metadata:
name: hv-identity-secret
namespace: default
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha1
kind: RKE2ControlPlane
metadata:
name: rke2-mgmt-control-plane
namespace: default
spec:
agentConfig:
version: v1.33.5+rke2r1
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-cp-machine
namespace: default
replicas: 3
serverConfig:
cni: canal
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
metadata:
name: rke2-mgmt-worker
namespace: default
spec:
template:
spec:
agentConfig:
version: v1.33.5+rke2r1
---
apiVersion: cluster.x-k8s.io/v1beta1
kind: MachineDeployment
metadata:
name: rke2-mgmt-workers
namespace: default
spec:
clusterName: rke2-mgmt
replicas: 0
selector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
template:
spec:
bootstrap:
configRef:
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha1
kind: RKE2ConfigTemplate
name: rke2-mgmt-worker
namespace: default
clusterName: rke2-mgmt
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
name: rke2-mgmt-wk-machine
namespace: default
version: v1.29.6+rke2r1
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-wk-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
- {{ .Values.vm_network_name }}
sshKeyPair: default/{{ .Values.ssh_keypair }}
sshUser: {{ .Values.vm_default_user }}
volumes:
- bootOrder: 0
imageName: default/{{ .Values.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha1
kind: HarvesterMachineTemplate
metadata:
name: rke2-mgmt-cp-machine
namespace: default
spec:
template:
spec:
cpu: 2
memory: 16Gi
networks:
- {{ .Values.vm_network_name }}
sshKeyPair: default/{{ .Values.ssh_keypair }}
sshUser: {{ .Values.vm_default_user }}
volumes:
- bootOrder: 0
imageName: default/{{ .Values.vm_image_name }}
volumeSize: 40Gi
volumeType: image
---
apiVersion: addons.cluster.x-k8s.io/v1beta1
kind: ClusterResourceSet
metadata:
labels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
name: rke2-mgmt-rancher-crs-0
namespace: default
spec:
clusterSelector:
matchLabels:
cluster.x-k8s.io/cluster-name: rke2-mgmt
resources:
- kind: Secret
name: rancher-namespace
- kind: Secret
name: rancher-helmchart
- kind: Secret
name: certmanager-helmchart
strategy: Reconcile
---
apiVersion: v1
kind: Secret
metadata:
name: certmanager-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: cert-manager\n
\ namespace: default \nspec:\n bootstrap: true\n targetNamespace: cert-manager\n
\ createNamespace: true\n valuesContent: |-\n securityContext:\n runAsNonRoot:
true\n crds:\n enabled: true\n version: v1.16.1\n repo: https://charts.jetstack.io\n
\ chart: cert-manager\n"
type: addons.cluster.x-k8s.io/resource-set
---
apiVersion: v1
kind: Secret
metadata:
name: rancher-helmchart
namespace: default
stringData:
data: "apiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: rancher\n
\ namespace: default \nspec:\n bootstrap: false\n targetNamespace: cattle-system\n
\ createNamespace: true\n set:\n hostname: {{ .Values.rancher_url }}\n
\ replicas: 3\n bootstrapPassword: admin\n valuesContent: |-\n global:\n
\ cattle:\n psp:\n enabled: false\n ingress:\n tls:\n
\ source: rancher\n repo: https://releases.rancher.com/server-charts/latest\n
\ chart: rancher\n version: v2.12.3\n"
type: addons.cluster.x-k8s.io/resource-set
sync:
fromHost:
ingressClasses:
enabled: true
toHost:
ingresses:
enabled: true