djpbessems/Go.Rig-Operator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Drop initial code

Browse Source
This commit is contained in:
Danny Bessems
2026-01-15 09:58:01 +00:00
parent 227d957219
commit 1e7c9ba5cb
228 changed files with 19883 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
deploy/rancher/helm/rke2/Chart.yaml Normal file
View File

@@ -0,0 +1,7 @@
apiVersion: v2
name: rke2-cluster
description: RKE2 cluster designed for usage directly on Harvester
type: application
version: 0.1.1
appVersion: 0.1.1

69
deploy/rancher/helm/rke2/templates/rke2_cp_secret.yaml Normal file
View File

@@ -0,0 +1,69 @@
{{- range $i := until (.Values.control_plane.node_count | int) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $.Values.cluster_name }}-cp-{{ $i }}-cloudinit
namespace: {{ $.Values.cluster_namespace }}
stringData:
userdata: |
#cloud-config
{{- if $.Values.vm.qemu_agent_install }}
package_update: true
packages:
- qemu-guest-agent
{{- end }}
write_files:
{{- if $.Values.control_plane.files }}
{{ $.Values.control_plane.files | toYaml | indent 4 }}
{{- end }}
- path: /etc/rancher/rke2/config.yaml
owner: root
content: |
token: {{ $.Values.shared_token }}
{{- if ne $i 0 }}
server: https://{{ $.Values.control_plane.vip }}:9345
{{- end }}
system-default-registry: {{ $.Values.system_default_registry }}
tls-san:
- {{ $.Values.cluster_name }}-cp-{{ $i }}
- {{ $.Values.control_plane.vip }}
secrets-encryption: true
write-kubeconfig-mode: 0640
use-service-account-credentials: true
{{- if hasKey $.Values "registry_config" }}
- path: /etc/rancher/rke2/registries.yaml
owner: root
content: |-
{{ $.Values.registry_config | toYaml | indent 8 }}
{{- end }}
- path: /etc/hosts
owner: root
content: |
127.0.0.1 localhost
127.0.0.1 {{$.Values.cluster_name }}-cp-{{ $i }}
runcmd:
{{- if $.Values.vm.qemu_agent_enable }}
- - systemctl
- enable
- '--now'
- qemu-guest-agent.service
{{- end }}
{{- if not $.Values.vm.airgapped_image }}
- mkdir -p /var/lib/rancher/rke2-artifacts && wget https://raw.githubusercontent.com/rancher/rke2/refs/heads/master/install.sh -O /var/lib/rancher/install.sh && chmod +x /var/lib/rancher/install.sh
{{- end}}
- INSTALL_RKE2_VERSION={{ $.Values.rke2_version }} /var/lib/rancher/install.sh
- systemctl enable rke2-server.service
- useradd -r -c "etcd user" -s /sbin/nologin -M etcd -U
- systemctl start rke2-server.service
ssh_authorized_keys:
- {{ $.Values.ssh_pub_key }}
{{- if ne $.Values.control_plane.ipam "dhcp" }}
{{- if hasKey $.Values.control_plane "network" }}
networkdata: |
{{ index $.Values.control_plane.network $i | indent 4 }}
{{- end}}
{{- else}}
networkdata: ""
{{- end}}
{{- end}}

89
deploy/rancher/helm/rke2/templates/rke2_cp_vm.yaml Normal file
View File

@@ -0,0 +1,89 @@
{{- range $i := until (.Values.control_plane.node_count | int) }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ $.Values.cluster_name }}-cp-disk-{{ $i }}
namespace: {{ $.Values.cluster_namespace }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ $.Values.control_plane.node_disk_gb }}Gi
storageClassName: {{ $.Values.storage.class }}
volumeMode: Block
---
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
namespace: {{ $.Values.cluster_namespace }}
annotations:
# harvesterhci.io/volumeClaimTemplates: |
# [{"metadata":{"name":"{{ $.Values.cluster_name }}-cp-disk-{{ $i }}","annotations":{"harvesterhci.io/imageId":"{{ $.Values.vm.image_namespace }}/{{ $.Values.vm.image }}","helm.app":"rke2"}},"spec":{"accessModes":["ReadWriteOnce"],"resources":{"requests":{"storage":"{{ $.Values.control_plane.node_disk_gb }}Gi"}},"volumeMode":"Block","storageClassName":"{{ $.Values.storage.class }}"}}]
# network.harvesterhci.io/ips: '[]'
labels:
harvesterhci.io/creator: harvester
harvesterhci.io/os: {{ $.Values.vm.os }}
name: {{ $.Values.cluster_name }}-cp-{{ $i }}
finalizers:
- harvesterhci.io/VMController.UnsetOwnerOfPVCs
spec:
runStrategy: RerunOnFailure
template:
metadata:
annotations: {}
labels:
harvesterhci.io/vmName: {{ $.Values.cluster_name }}-cp-{{ $i }}
spec:
domain:
machine:
type: ''
cpu:
cores: {{ $.Values.control_plane.cpu_count }}
sockets: 1
threads: 1
devices:
interfaces:
- bridge: {}
model: virtio
name: default
disks:
- name: disk-0
disk:
bus: virtio
bootOrder: 1
- name: cloudinitdisk
disk:
bus: virtio
hostDevices: []
resources:
limits:
memory: {{ $.Values.control_plane.memory_gb }}Gi
cpu: {{ $.Values.control_plane.cpu_count }}
features:
acpi:
enabled: {{ $.Values.vm.uefi_enabled }}
firmware:
bootloader:
efi:
secureBoot: false
evictionStrategy: LiveMigrate
hostname: {{ $.Values.cluster_name }}-cp-{{ $i }}
networks:
- name: default
multus:
networkName: {{ $.Values.cluster_namespace }}/{{ $.Values.network_name }}
volumes:
- name: disk-0
persistentVolumeClaim:
claimName: {{ $.Values.cluster_name }}-cp-disk-{{ $i }}
- name: cloudinitdisk
cloudInitNoCloud:
secretRef:
name: {{ $.Values.cluster_name }}-cp-{{ $i }}-cloudinit
networkDataSecretRef:
name: {{ $.Values.cluster_name }}-cp-{{ $i }}-cloudinit
affinity: {}
terminationGracePeriodSeconds: 120
{{- end }}

46
deploy/rancher/helm/rke2/templates/rke2_lb.yaml Normal file
View File

@@ -0,0 +1,46 @@
---
apiVersion: loadbalancer.harvesterhci.io/v1beta1
kind: IPPool
metadata:
name: {{ $.Values.cluster_name }}-pool
spec:
ranges:
- gateway: {{ .Values.control_plane.loadbalancer_gateway }}
rangeEnd: {{ .Values.control_plane.vip }}
rangeStart: {{ .Values.control_plane.vip }}
subnet: {{ .Values.control_plane.loadbalancer_subnet }}
selector: {}
---
apiVersion: loadbalancer.harvesterhci.io/v1beta1
kind: LoadBalancer
metadata:
name: {{ .Values.cluster_name }}-lb
#namespace: default
spec:
healthCheck:
failureThreshold: 2
port: 6443
successThreshold: 3
timeoutSeconds: 5
periodSeconds: 5
ipam: pool
ipPool: {{ .Values.cluster_name }}-pool
listeners:
- name: k8s-api
port: 6443
protocol: TCP
backendPort: 6443
- name: ingress
port: 443
protocol: TCP
backendPort: 443
- name: join
port: 9345
protocol: TCP
backendPort: 9345
workloadType: vm
backendServerSelector:
harvesterhci.io/vmName:
{{- range $i := until (.Values.control_plane.node_count | int)}}
- {{ $.Values.cluster_name }}-cp-{{ $i }}
{{- end}}

66
deploy/rancher/helm/rke2/templates/rke2_worker_secret.yaml Normal file
View File

@@ -0,0 +1,66 @@
{{- range $i := until (.Values.worker.node_count | int) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $.Values.cluster_name }}-worker-{{ $i }}-cloudinit
namespace: {{ $.Values.cluster_namespace }}
stringData:
userdata: |
#cloud-config
{{- if $.Values.vm.qemu_agent_install }}
package_update: true
packages:
- qemu-guest-agent
{{- end }}
write_files:
{{- if $.Values.worker.files }}
{{ $.Values.worker.files | toYaml | indent 4 }}
{{- end }}
- path: /etc/rancher/rke2/config.yaml
owner: root
content: |
token: {{ $.Values.shared_token }}
{{- if ne $i 0 }}
server: https://{{ $.Values.control_plane.vip }}:9345
{{- end }}
system-default-registry: {{ $.Values.system_default_registry }}
secrets-encryption: true
write-kubeconfig-mode: 0640
use-service-account-credentials: true
{{- if hasKey $.Values "registry_config" }}
- path: /etc/rancher/rke2/registries.yaml
owner: root
content: |-
{{ $.Values.registry_config | toYaml | indent 8 }}
{{- end }}
- path: /etc/hosts
owner: root
content: |
127.0.0.1 localhost
127.0.0.1 {{$.Values.cluster_name }}-worker-{{ $i }}
runcmd:
{{- if $.Values.vm.qemu_agent_enable }}
- - systemctl
- enable
- '--now'
- qemu-guest-agent.service
{{- end }}
{{- if not $.Values.vm.airgapped_image }}
#- mkdir -p /var/lib/rancher/rke2-artifacts && wget https://get.rke2.io -O /var/lib/rancher/install.sh && chmod +x /var/lib/rancher/install.sh
- mkdir -p /var/lib/rancher/rke2-artifacts && wget https://raw.githubusercontent.com/rancher/rke2/refs/heads/master/install.sh -O /var/lib/rancher/install.sh && chmod +x /var/lib/rancher/install.sh
{{- end}}
- INSTALL_RKE2_VERSION={{ $.Values.rke2_version }} INSTALL_RKE2_TYPE="agent" /var/lib/rancher/install.sh
- systemctl enable rke2-server.service
- systemctl start rke2-server.service
ssh_authorized_keys:
- {{ $.Values.ssh_pub_key }}
{{- if ne $.Values.worker.ipam "dhcp" }}
{{- if hasKey $.Values.worker "network" }}
networkdata: |
{{ index $.Values.worker.network $i | indent 4 }}
{{- end}}
{{- else}}
networkdata: ""
{{- end}}
{{- end}}

74
deploy/rancher/helm/rke2/templates/rke2_worker_vm.yaml Normal file
View File

@@ -0,0 +1,74 @@
{{- range $i := until (.Values.worker.node_count | int) }}
---
apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
namespace: {{ $.Values.cluster_namespace }}
annotations:
harvesterhci.io/volumeClaimTemplates: |
[{"metadata":{"name":"{{ $.Values.cluster_name }}-worker-disk-{{ $i }}","annotations":{"harvesterhci.io/imageId":"{{ $.Values.vm.image_namespace }}/{{ $.Values.vm.image }}","helm.app":"rke2"}},"spec":{"accessModes":["ReadWriteMany"],"resources":{"requests":{"storage":"{{ $.Values.worker.node_disk_gb }}Gi"}},"volumeMode":"Block","storageClassName":"{{ $.Values.storage.class }}"}}]
network.harvesterhci.io/ips: '[]'
labels:
harvesterhci.io/creator: harvester
harvesterhci.io/os: {{ $.Values.vm.os }}
name: {{ $.Values.cluster_name }}-worker-{{ $i }}
finalizers:
- harvesterhci.io/VMController.UnsetOwnerOfPVCs
spec:
runStrategy: RerunOnFailure
template:
metadata:
annotations: {}
labels:
harvesterhci.io/vmName: {{ $.Values.cluster_name }}-worker-{{ $i }}
spec:
domain:
machine:
type: ''
cpu:
cores: {{ $.Values.worker.cpu_count }}
sockets: 1
threads: 1
devices:
interfaces:
- bridge: {}
model: virtio
name: default
disks:
- name: disk-0
disk:
bus: virtio
bootOrder: 1
- name: cloudinitdisk
disk:
bus: virtio
hostDevices: []
resources:
limits:
memory: {{ $.Values.worker.memory_gb }}Gi
cpu: {{ $.Values.worker.cpu_count }}
features:
acpi:
enabled: {{ $.Values.vm.uefi_enabled }}
firmware:
bootloader:
efi:
secureBoot: false
evictionStrategy: LiveMigrate
hostname: {{ $.Values.cluster_name }}-worker-{{ $i }}
networks:
- name: default
multus:
networkName: {{ $.Values.cluster_namespace }}/{{ $.Values.network_name }}
volumes:
- name: disk-0
persistentVolumeClaim:
claimName: {{ $.Values.cluster_name }}-worker-disk-{{ $i }}
- name: cloudinitdisk
cloudInitNoCloud:
secretRef:
name: {{ $.Values.cluster_name }}-worker-{{ $i }}-cloudinit
networkData: ""
affinity: {}
terminationGracePeriodSeconds: 120
{{- end }}

92
deploy/rancher/helm/rke2/values.yaml Normal file
View File

@@ -0,0 +1,92 @@
cluster_name: mycluster
cluster_namespace: default
shared_token: insecuretoken
system_default_registry: "" #! empty value: use embedded default
#! non-empty value: use as regsitry to source rke2 runtime image from
#! if your VM image contains the tarballs for RKE2, it will use those first
rke2_version: v1.26.10+rke2r2
ssh_pub_key: "" #! the public ssh key to inject onto each node, required if you want to fetch a kubeconfig
# registry_config:
# configs:
# "rgcrprod.azurecr.us":
# auth:
# username: test
# password: test
storage:
class: longhorn
vm:
image_namespace: default #! namespace in your harvester cluster containing the vm base image
image: ubuntu #! name of base vm image to use for your RKE2 nodes
os: linux
distro: ubuntu #! flag used for specific cloud-init code tied to Ubuntu vs others (netplan)
uefi_enabled: true
qemu_agent_install: true #! flag for installation of the qemu-agent service (Requires internet)
qemu_agent_enable: true #! flag for enabling the qemu-agent
airgapped_image: false #! flag to alert helm that your VM image already has the RKE2 install script (and does not need to download it)
network_name: host
control_plane:
node_count: 1
cpu_count: 4
memory_gb: 8
node_disk_gb: 40
loadbalancer_gateway: 10.10.0.1
loadbalancer_subnet: 10.10.0.0/24
files: []
# files:
# - path: /tmp/test
# owner: root
# content: |
# created a file
vip: #! this is the VIP for the Harvester LoadBalancer object, ensure it is a routable IP
ipam: dhcp #! this can be dhcp or static, static requires an equal amount of cloud-init network-data entries
# network:
# - | #! ubuntu example
# network:
# version: 2
# renderer: networkd
# ethernets:
# enp1s0:
# dhcp4: no
# addresses: [ "10.10.0.6/24" ]
# gateway4: 10.10.0.1
# nameservers:
# addresses:
# - 10.10.0.1
worker:
node_count: 1
cpu_count: 4
memory_gb: 8
node_disk_gb: 40
files: []
# files:
# - path: /tmp/test
# owner: root
# content: |
# created a file
ipam: dhcp #! this can be dhcp or static, static requires an equal amount of cloud-init network-data entries
# network:
# - |
# network:
# version: 2
# renderer: networkd
# ethernets:
# enp1s0:
# dhcp4: no
# addresses: [ "10.10.0.20/24" ]
# gateway4: 10.10.0.1
# nameservers:
# addresses:
# - 10.10.0.1