Housekeeping;Apply cluster-template kustomization
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
f03e0c3bda
commit
9c6e1ff386
@ -46,4 +46,4 @@
|
|||||||
docker://{{ item }} \
|
docker://{{ item }} \
|
||||||
docker-archive:./{{ ( item | regex_findall('[^/:]+'))[-2] }}_{{ lookup('ansible.builtin.password', '/dev/null length=5 chars=ascii_lowercase,digits seed={{ item }}') }}.tar:{{ item }}
|
docker-archive:./{{ ( item | regex_findall('[^/:]+'))[-2] }}_{{ lookup('ansible.builtin.password', '/dev/null length=5 chars=ascii_lowercase,digits seed={{ item }}') }}.tar:{{ item }}
|
||||||
chdir: /opt/metacluster/container-images
|
chdir: /opt/metacluster/container-images
|
||||||
loop: "{{ (containerimages_charts + containerimages_manifests + containerimages_kubeadm + dependencies.container_images) | flatten | unique | sort }}"
|
loop: "{{ (containerimages_charts + containerimages_kubeadm + containerimages_manifests + dependencies.container_images) | flatten | unique | sort }}"
|
||||||
|
@ -1,26 +0,0 @@
|
|||||||
clusterConfiguration:
|
|
||||||
imageRepository: registry.<fqdn>/kubeadm
|
|
||||||
|
|
||||||
files:
|
|
||||||
- [...]
|
|
||||||
- encoding: base64
|
|
||||||
content: |
|
|
||||||
IyEvYmluL2Jhc2gKdm10b29sc2QgLS1jbWQgJ2luZm8tZ2V0IGd1ZXN0aW5mby5vdmZFbnYnID4gL3RtcC9vdmZlbnYKCklQQWRkcmVzcz0kKHNlZCAtbiAncy8uKlByb3BlcnR5IG9lOmtleT0iZ3Vlc3RpbmZvLmludGVyZmFjZS4wLmlwLjAuYWRkcmVzcyIgb2U6dmFsdWU9IlwoW14iXSpcKS4qL1wxL3AnIC90bXAvb3ZmZW52KQpTdWJuZXRNYXNrPSQoc2VkIC1uICdzLy4qUHJvcGVydHkgb2U6a2V5PSJndWVzdGluZm8uaW50ZXJmYWNlLjAuaXAuMC5uZXRtYXNrIiBvZTp2YWx1ZT0iXChbXiJdKlwpLiovXDEvcCcgL3RtcC9vdmZlbnYpCkdhdGV3YXk9JChzZWQgLW4gJ3MvLipQcm9wZXJ0eSBvZTprZXk9Imd1ZXN0aW5mby5pbnRlcmZhY2UuMC5yb3V0ZS4wLmdhdGV3YXkiIG9lOnZhbHVlPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKRE5TPSQoc2VkIC1uICdzLy4qUHJvcGVydHkgb2U6a2V5PSJndWVzdGluZm8uZG5zLnNlcnZlcnMiIG9lOnZhbHVlPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKTUFDQWRkcmVzcz0kKHNlZCAtbiAncy8uKnZlOkFkYXB0ZXIgdmU6bWFjPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKCm1hc2syY2lkcigpIHsKICBjPTAKICB4PTAkKCBwcmludGYgJyVvJyAkezEvLy4vIH0gKQoKICB3aGlsZSBbICR4IC1ndCAwIF07IGRvCiAgICBsZXQgYys9JCgoeCUyKSkgJ3g+Pj0xJwogIGRvbmUKCiAgZWNobyAkYwp9CgpQcmVmaXg9JChtYXNrMmNpZHIgJFN1Ym5ldE1hc2spCgpjYXQgPiAvZXRjL25ldHBsYW4vMDEtbmV0Y2ZnLnlhbWwgPDxFT0YKbmV0d29yazoKICB2ZXJzaW9uOiAyCiAgcmVuZGVyZXI6IG5ldHdvcmtkCiAgZXRoZXJuZXRzOgogICAgaWQwOgogICAgICBzZXQtbmFtZTogZXRoMAogICAgICBtYXRjaDoKICAgICAgICBtYWNhZGRyZXNzOiAkTUFDQWRkcmVzcwogICAgICBhZGRyZXNzZXM6CiAgICAgICAgLSAkSVBBZGRyZXNzLyRQcmVmaXgKICAgICAgZ2F0ZXdheTQ6ICRHYXRld2F5CiAgICAgIG5hbWVzZXJ2ZXJzOgogICAgICAgIGFkZHJlc3NlcyA6IFskRE5TXQpFT0YKcm0gL2V0Yy9uZXRwbGFuLzUwKi55YW1sIC1mCgpzdWRvIG5ldHBsYW4gYXBwbHk=
|
|
||||||
owner: root:root
|
|
||||||
path: /root/network.sh
|
|
||||||
permissions: '0744'
|
|
||||||
- content: |
|
|
||||||
network: {config: disabled}
|
|
||||||
owner: root:root
|
|
||||||
path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
|
|
||||||
- content: |
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
[...]
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
owner: root:root
|
|
||||||
path: /usr/local/share/ca-certificates/root_ca.crt
|
|
||||||
|
|
||||||
preKubeadmCommands:
|
|
||||||
- [...]
|
|
||||||
- update-ca-certificates
|
|
||||||
- bash /root/network.sh
|
|
@ -40,6 +40,14 @@
|
|||||||
- item.path is search('.yaml')
|
- item.path is search('.yaml')
|
||||||
- item.path is not search("clusterctl.yaml|metadata.yaml")
|
- item.path is not search("clusterctl.yaml|metadata.yaml")
|
||||||
|
|
||||||
|
- name: Generate kustomization template
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: kustomization.cluster-template.j2
|
||||||
|
dest: /opt/metacluster/cluster-api/infrastructure-vsphere/{{ components.clusterapi.management.version.infrastructure_vsphere }}/kustomization.yaml
|
||||||
|
vars:
|
||||||
|
_template:
|
||||||
|
rootca: "{{ stepca_cm_certs.resources[0].data['root_ca.crt'] }}"
|
||||||
|
|
||||||
- name: Initialize Cluster API management cluster
|
- name: Initialize Cluster API management cluster
|
||||||
ansible.builtin.shell:
|
ansible.builtin.shell:
|
||||||
cmd: >-
|
cmd: >-
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
kubeadm_images: "{{ lookup('ansible.builtin.file', '/opt/metacluster/cluster-api/imagelist').splitlines() }}"
|
kubeadm_images: "{{ lookup('ansible.builtin.file', '/opt/metacluster/cluster-api/imagelist').splitlines() }}"
|
||||||
|
|
||||||
- name: Copy all stored rancher container images to dedicated project
|
- name: Copy kubeadm container images to dedicated project
|
||||||
ansible.builtin.uri:
|
ansible.builtin.uri:
|
||||||
url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/projects/kubeadm/repositories/{{ ( item | regex_findall('([^:/]+)') )[-2] }}/artifacts?from=library/{{ item | replace('/', '%2F') | replace(':', '%3A') }}
|
url: https://registry.{{ vapp['metacluster.fqdn'] }}/api/v2.0/projects/kubeadm/repositories/{{ ( item | regex_findall('([^:/]+)') )[-2] }}/artifacts?from=library/{{ item | replace('/', '%2F') | replace(':', '%3A') }}
|
||||||
method: POST
|
method: POST
|
||||||
|
@ -0,0 +1,101 @@
|
|||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
resources:
|
||||||
|
- cluster-template.yaml
|
||||||
|
patchesStrategicMerge:
|
||||||
|
- |-
|
||||||
|
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
|
||||||
|
kind: KubeadmControlPlane
|
||||||
|
metadata:
|
||||||
|
name: '${CLUSTER_NAME}'
|
||||||
|
namespace: '${NAMESPACE}'
|
||||||
|
spec:
|
||||||
|
kubeadmConfigSpec:
|
||||||
|
clusterConfiguration:
|
||||||
|
imageRepository: registry.<fqdn>/kubeadm
|
||||||
|
- |-
|
||||||
|
apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
|
||||||
|
kind: KubeadmConfigTemplate
|
||||||
|
metadata:
|
||||||
|
name: '${CLUSTER_NAME}-md-0'
|
||||||
|
namespace: '${NAMESPACE}'
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
clusterConfiguration:
|
||||||
|
imageRepository: registry.<fqdn>/kubeadm
|
||||||
|
- |-
|
||||||
|
apiVersion: bootstrap.cluster.x-k8s.io/v1beta1
|
||||||
|
kind: KubeadmConfigTemplate
|
||||||
|
metadata:
|
||||||
|
name: '${CLUSTER_NAME}-md-0'
|
||||||
|
namespace: '${NAMESPACE}'
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
files:
|
||||||
|
- encoding: base64
|
||||||
|
content: |
|
||||||
|
IyEvYmluL2Jhc2gKdm10b29sc2QgLS1jbWQgJ2luZm8tZ2V0IGd1ZXN0aW5mby5vdmZFbnYnID4gL3RtcC9vdmZlbnYKCklQQWRkcmVzcz0kKHNlZCAtbiAncy8uKlByb3BlcnR5IG9lOmtleT0iZ3Vlc3RpbmZvLmludGVyZmFjZS4wLmlwLjAuYWRkcmVzcyIgb2U6dmFsdWU9IlwoW14iXSpcKS4qL1wxL3AnIC90bXAvb3ZmZW52KQpTdWJuZXRNYXNrPSQoc2VkIC1uICdzLy4qUHJvcGVydHkgb2U6a2V5PSJndWVzdGluZm8uaW50ZXJmYWNlLjAuaXAuMC5uZXRtYXNrIiBvZTp2YWx1ZT0iXChbXiJdKlwpLiovXDEvcCcgL3RtcC9vdmZlbnYpCkdhdGV3YXk9JChzZWQgLW4gJ3MvLipQcm9wZXJ0eSBvZTprZXk9Imd1ZXN0aW5mby5pbnRlcmZhY2UuMC5yb3V0ZS4wLmdhdGV3YXkiIG9lOnZhbHVlPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKRE5TPSQoc2VkIC1uICdzLy4qUHJvcGVydHkgb2U6a2V5PSJndWVzdGluZm8uZG5zLnNlcnZlcnMiIG9lOnZhbHVlPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKTUFDQWRkcmVzcz0kKHNlZCAtbiAncy8uKnZlOkFkYXB0ZXIgdmU6bWFjPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKCm1hc2syY2lkcigpIHsKICBjPTAKICB4PTAkKCBwcmludGYgJyVvJyAkezEvLy4vIH0gKQoKICB3aGlsZSBbICR4IC1ndCAwIF07IGRvCiAgICBsZXQgYys9JCgoeCUyKSkgJ3g+Pj0xJwogIGRvbmUKCiAgZWNobyAkYwp9CgpQcmVmaXg9JChtYXNrMmNpZHIgJFN1Ym5ldE1hc2spCgpjYXQgPiAvZXRjL25ldHBsYW4vMDEtbmV0Y2ZnLnlhbWwgPDxFT0YKbmV0d29yazoKICB2ZXJzaW9uOiAyCiAgcmVuZGVyZXI6IG5ldHdvcmtkCiAgZXRoZXJuZXRzOgogICAgaWQwOgogICAgICBzZXQtbmFtZTogZXRoMAogICAgICBtYXRjaDoKICAgICAgICBtYWNhZGRyZXNzOiAkTUFDQWRkcmVzcwogICAgICBhZGRyZXNzZXM6CiAgICAgICAgLSAkSVBBZGRyZXNzLyRQcmVmaXgKICAgICAgZ2F0ZXdheTQ6ICRHYXRld2F5CiAgICAgIG5hbWVzZXJ2ZXJzOgogICAgICAgIGFkZHJlc3NlcyA6IFskRE5TXQpFT0YKcm0gL2V0Yy9uZXRwbGFuLzUwKi55YW1sIC1mCgpzdWRvIG5ldHBsYW4gYXBwbHk=
|
||||||
|
permissions: '0744'
|
||||||
|
- content: |
|
||||||
|
network: {config: disabled}
|
||||||
|
owner: root:root
|
||||||
|
path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
|
||||||
|
- content: |
|
||||||
|
{{ _template.rootca | indent(width=6, first=True) }}
|
||||||
|
owner: root:root
|
||||||
|
path: /usr/local/share/ca-certificates/root_ca.crt
|
||||||
|
|
||||||
|
patchesJson6902:
|
||||||
|
- target:
|
||||||
|
group: controlplane.cluster.x-k8s.io
|
||||||
|
version: v1beta1
|
||||||
|
kind: KubeadmControlPlane
|
||||||
|
name: .*
|
||||||
|
patch: |-
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/files/-
|
||||||
|
value:
|
||||||
|
encoding: base64
|
||||||
|
content: |
|
||||||
|
IyEvYmluL2Jhc2gKdm10b29sc2QgLS1jbWQgJ2luZm8tZ2V0IGd1ZXN0aW5mby5vdmZFbnYnID4gL3RtcC9vdmZlbnYKCklQQWRkcmVzcz0kKHNlZCAtbiAncy8uKlByb3BlcnR5IG9lOmtleT0iZ3Vlc3RpbmZvLmludGVyZmFjZS4wLmlwLjAuYWRkcmVzcyIgb2U6dmFsdWU9IlwoW14iXSpcKS4qL1wxL3AnIC90bXAvb3ZmZW52KQpTdWJuZXRNYXNrPSQoc2VkIC1uICdzLy4qUHJvcGVydHkgb2U6a2V5PSJndWVzdGluZm8uaW50ZXJmYWNlLjAuaXAuMC5uZXRtYXNrIiBvZTp2YWx1ZT0iXChbXiJdKlwpLiovXDEvcCcgL3RtcC9vdmZlbnYpCkdhdGV3YXk9JChzZWQgLW4gJ3MvLipQcm9wZXJ0eSBvZTprZXk9Imd1ZXN0aW5mby5pbnRlcmZhY2UuMC5yb3V0ZS4wLmdhdGV3YXkiIG9lOnZhbHVlPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKRE5TPSQoc2VkIC1uICdzLy4qUHJvcGVydHkgb2U6a2V5PSJndWVzdGluZm8uZG5zLnNlcnZlcnMiIG9lOnZhbHVlPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKTUFDQWRkcmVzcz0kKHNlZCAtbiAncy8uKnZlOkFkYXB0ZXIgdmU6bWFjPSJcKFteIl0qXCkuKi9cMS9wJyAvdG1wL292ZmVudikKCm1hc2syY2lkcigpIHsKICBjPTAKICB4PTAkKCBwcmludGYgJyVvJyAkezEvLy4vIH0gKQoKICB3aGlsZSBbICR4IC1ndCAwIF07IGRvCiAgICBsZXQgYys9JCgoeCUyKSkgJ3g+Pj0xJwogIGRvbmUKCiAgZWNobyAkYwp9CgpQcmVmaXg9JChtYXNrMmNpZHIgJFN1Ym5ldE1hc2spCgpjYXQgPiAvZXRjL25ldHBsYW4vMDEtbmV0Y2ZnLnlhbWwgPDxFT0YKbmV0d29yazoKICB2ZXJzaW9uOiAyCiAgcmVuZGVyZXI6IG5ldHdvcmtkCiAgZXRoZXJuZXRzOgogICAgaWQwOgogICAgICBzZXQtbmFtZTogZXRoMAogICAgICBtYXRjaDoKICAgICAgICBtYWNhZGRyZXNzOiAkTUFDQWRkcmVzcwogICAgICBhZGRyZXNzZXM6CiAgICAgICAgLSAkSVBBZGRyZXNzLyRQcmVmaXgKICAgICAgZ2F0ZXdheTQ6ICRHYXRld2F5CiAgICAgIG5hbWVzZXJ2ZXJzOgogICAgICAgIGFkZHJlc3NlcyA6IFskRE5TXQpFT0YKcm0gL2V0Yy9uZXRwbGFuLzUwKi55YW1sIC1mCgpzdWRvIG5ldHBsYW4gYXBwbHk=
|
||||||
|
permissions: '0744'
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/files/-
|
||||||
|
value:
|
||||||
|
content: |
|
||||||
|
network: {config: disabled}
|
||||||
|
owner: root:root
|
||||||
|
path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/files/-
|
||||||
|
value:
|
||||||
|
content: |
|
||||||
|
{{ _template.rootca | indent(width=8, first=True) }}
|
||||||
|
owner: root:root
|
||||||
|
path: /usr/local/share/ca-certificates/root_ca.crt
|
||||||
|
- target:
|
||||||
|
group: bootstrap.cluster.x-k8s.io
|
||||||
|
version: v1beta1
|
||||||
|
kind: KubeadmConfigTemplate
|
||||||
|
name: .*
|
||||||
|
patch: |-
|
||||||
|
- op: add
|
||||||
|
path: /spec/template/spec/preKubeadmCommands/-
|
||||||
|
value: update-ca-certificates
|
||||||
|
- op: add
|
||||||
|
path: /spec/template/spec/preKubeadmCommands/-
|
||||||
|
value: bash /root/network.sh
|
||||||
|
- target:
|
||||||
|
group: controlplane.cluster.x-k8s.io
|
||||||
|
version: v1beta1
|
||||||
|
kind: KubeadmControlPlane
|
||||||
|
name: .*
|
||||||
|
patch: |-
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/preKubeadmCommands/-
|
||||||
|
value: update-ca-certificates
|
||||||
|
- op: add
|
||||||
|
path: /spec/kubeadmConfigSpec/preKubeadmCommands/-
|
||||||
|
value: bash /root/network.sh
|
@ -220,8 +220,6 @@ dependencies:
|
|||||||
- quay.io/k8scsi/csi-node-driver-registrar:v2.0.1
|
- quay.io/k8scsi/csi-node-driver-registrar:v2.0.1
|
||||||
- quay.io/k8scsi/csi-provisioner:v2.0.0
|
- quay.io/k8scsi/csi-provisioner:v2.0.0
|
||||||
- quay.io/k8scsi/livenessprobe:v2.1.0
|
- quay.io/k8scsi/livenessprobe:v2.1.0
|
||||||
# This seems to be a hardcoded containerd dependency (see '/etc/containerd/config.toml' on a provisioned node)
|
|
||||||
- k8s.gcr.io/pause:3.6
|
|
||||||
|
|
||||||
static_binaries:
|
static_binaries:
|
||||||
- filename: clusterctl
|
- filename: clusterctl
|
||||||
|
Loading…
Reference in New Issue
Block a user