From aa14a8a3a812e7078d871c0b058f8eac614628d1 Mon Sep 17 00:00:00 2001 From: Danny Bessems Date: Thu, 6 Jul 2023 13:01:35 +0200 Subject: [PATCH] fix: Refactor kustomize templates --- .../kustomization.cluster-template.j2 | 253 +++++++++--------- .../templates/kustomization.nodepool.j2 | 79 +++--- 2 files changed, 165 insertions(+), 167 deletions(-) diff --git a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2 index f273815..5a5628f 100644 --- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2 +++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2 @@ -3,8 +3,8 @@ kind: Kustomization resources: - cluster-template.yaml -patchesStrategicMerge: - - |- +patches: +- patch: |- apiVersion: v1 kind: Secret metadata: @@ -32,7 +32,7 @@ patchesStrategicMerge: [Network] public-network = "${VSPHERE_NETWORK}" type: Opaque - - |- +- patch: |- apiVersion: controlplane.cluster.x-k8s.io/v1beta1 kind: KubeadmControlPlane metadata: @@ -42,7 +42,7 @@ patchesStrategicMerge: kubeadmConfigSpec: clusterConfiguration: imageRepository: registry.{{ _template.network.fqdn }}/kubeadm - - |- +- patch: |- apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate metadata: @@ -53,7 +53,7 @@ patchesStrategicMerge: spec: clusterConfiguration: imageRepository: registry.{{ _template.network.fqdn }}/kubeadm - - |- +- patch: |- apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate metadata: @@ -86,7 +86,7 @@ patchesStrategicMerge: {{ _template.rootca | indent(width=14, first=False) | trim }} owner: root:root path: /usr/local/share/ca-certificates/root_ca.crt - - |- +- patch: |- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: VSphereMachineTemplate metadata: @@ -105,7 +105,7 @@ patchesStrategicMerge: nameservers: - {{ _template.network.dnsserver }} networkName: '${VSPHERE_NETWORK}' - - |- +- patch: |- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: VSphereMachineTemplate metadata: @@ -125,132 +125,131 @@ patchesStrategicMerge: - {{ _template.network.dnsserver }} networkName: '${VSPHERE_NETWORK}' -patchesJson6902: - - target: - group: controlplane.cluster.x-k8s.io - version: v1beta1 - kind: KubeadmControlPlane - name: .* - patch: |- - - op: add - path: /spec/kubeadmConfigSpec/files/- - value: - content: | - [plugins."io.containerd.grpc.v1.cri".registry] - config_path = "/etc/containerd/certs.d" - append: true - path: /etc/containerd/config.toml +- target: + group: controlplane.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmControlPlane + name: .* + patch: |- + - op: add + path: /spec/kubeadmConfigSpec/files/- + value: + content: | + [plugins."io.containerd.grpc.v1.cri".registry] + config_path = "/etc/containerd/certs.d" + append: true + path: /etc/containerd/config.toml {% for registry in _template.registries %} - - op: add - path: /spec/kubeadmConfigSpec/files/- - value: - content: | - server = "https://{{ registry }}" + - op: add + path: /spec/kubeadmConfigSpec/files/- + value: + content: | + server = "https://{{ registry }}" - [host."https://registry.{{ _template.network.fqdn }}/v2/library/{{ registry }}"] - capabilities = ["pull", "resolve"] - override_path = true - owner: root:root - path: /etc/containerd/certs.d/{{ registry }}/hosts.toml + [host."https://registry.{{ _template.network.fqdn }}/v2/library/{{ registry }}"] + capabilities = ["pull", "resolve"] + override_path = true + owner: root:root + path: /etc/containerd/certs.d/{{ registry }}/hosts.toml {% endfor %} - - op: add - path: /spec/kubeadmConfigSpec/files/- - value: - content: | - network: {config: disabled} - owner: root:root - path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg - - op: add - path: /spec/kubeadmConfigSpec/files/- - value: - content: | - {{ _template.rootca | indent(width=12, first=False) | trim }} - owner: root:root - path: /usr/local/share/ca-certificates/root_ca.crt - - target: - group: bootstrap.cluster.x-k8s.io - version: v1beta1 - kind: KubeadmConfigTemplate - name: .* - patch: |- + - op: add + path: /spec/kubeadmConfigSpec/files/- + value: + content: | + network: {config: disabled} + owner: root:root + path: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg + - op: add + path: /spec/kubeadmConfigSpec/files/- + value: + content: | + {{ _template.rootca | indent(width=12, first=False) | trim }} + owner: root:root + path: /usr/local/share/ca-certificates/root_ca.crt +- target: + group: bootstrap.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmConfigTemplate + name: .* + patch: |- {% for cmd in _template.runcmds %} - - op: add - path: /spec/template/spec/preKubeadmCommands/- - value: {{ cmd }} + - op: add + path: /spec/template/spec/preKubeadmCommands/- + value: {{ cmd }} {% endfor %} - - target: - group: controlplane.cluster.x-k8s.io - version: v1beta1 - kind: KubeadmControlPlane - name: .* - patch: |- +- target: + group: controlplane.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmControlPlane + name: .* + patch: |- {% for cmd in _template.runcmds %} - - op: add - path: /spec/kubeadmConfigSpec/preKubeadmCommands/- - value: {{ cmd }} + - op: add + path: /spec/kubeadmConfigSpec/preKubeadmCommands/- + value: {{ cmd }} {% endfor %} - - target: - group: infrastructure.cluster.x-k8s.io - version: v1beta1 - kind: VSphereMachineTemplate - name: \${CLUSTER_NAME} - patch: |- - - op: replace - path: /metadata/name - value: ${CLUSTER_NAME}-master - - target: - group: controlplane.cluster.x-k8s.io - version: v1beta1 - kind: KubeadmControlPlane - name: \${CLUSTER_NAME} - patch: |- - - op: replace - path: /metadata/name - value: ${CLUSTER_NAME}-master - - op: replace - path: /spec/machineTemplate/infrastructureRef/name - value: ${CLUSTER_NAME}-master - - target: - group: cluster.x-k8s.io - version: v1beta1 - kind: Cluster - name: \${CLUSTER_NAME} - patch: |- - - op: replace - path: /spec/controlPlaneRef/name - value: ${CLUSTER_NAME}-master +- target: + group: infrastructure.cluster.x-k8s.io + version: v1beta1 + kind: VSphereMachineTemplate + name: \${CLUSTER_NAME} + patch: |- + - op: replace + path: /metadata/name + value: ${CLUSTER_NAME}-master +- target: + group: controlplane.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmControlPlane + name: \${CLUSTER_NAME} + patch: |- + - op: replace + path: /metadata/name + value: ${CLUSTER_NAME}-master + - op: replace + path: /spec/machineTemplate/infrastructureRef/name + value: ${CLUSTER_NAME}-master +- target: + group: cluster.x-k8s.io + version: v1beta1 + kind: Cluster + name: \${CLUSTER_NAME} + patch: |- + - op: replace + path: /spec/controlPlaneRef/name + value: ${CLUSTER_NAME}-master - - target: - group: infrastructure.cluster.x-k8s.io - version: v1beta1 - kind: VSphereMachineTemplate - name: \${CLUSTER_NAME}-worker - patch: |- - - op: replace - path: /spec/template/spec/numCPUs - value: {{ _template.nodesize.cpu }} - - op: replace - path: /spec/template/spec/memoryMiB - value: {{ _template.nodesize.memory }} - - target: - group: cluster.x-k8s.io - version: v1beta1 - kind: MachineDeployment - name: \${CLUSTER_NAME}-md-0 - patch: |- - - op: replace - path: /metadata/name - value: ${CLUSTER_NAME}-worker - - op: replace - path: /spec/template/spec/bootstrap/configRef/name - value: ${CLUSTER_NAME}-worker - - target: - group: bootstrap.cluster.x-k8s.io - version: v1beta1 - kind: KubeadmConfigTemplate - name: \${CLUSTER_NAME}-md-0 - patch: |- - - op: replace - path: /metadata/name - value: ${CLUSTER_NAME}-worker +- target: + group: infrastructure.cluster.x-k8s.io + version: v1beta1 + kind: VSphereMachineTemplate + name: \${CLUSTER_NAME}-worker + patch: |- + - op: replace + path: /spec/template/spec/numCPUs + value: {{ _template.nodesize.cpu }} + - op: replace + path: /spec/template/spec/memoryMiB + value: {{ _template.nodesize.memory }} +- target: + group: cluster.x-k8s.io + version: v1beta1 + kind: MachineDeployment + name: \${CLUSTER_NAME}-md-0 + patch: |- + - op: replace + path: /metadata/name + value: ${CLUSTER_NAME}-worker + - op: replace + path: /spec/template/spec/bootstrap/configRef/name + value: ${CLUSTER_NAME}-worker +- target: + group: bootstrap.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmConfigTemplate + name: \${CLUSTER_NAME}-md-0 + patch: |- + - op: replace + path: /metadata/name + value: ${CLUSTER_NAME}-worker diff --git a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.nodepool.j2 b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.nodepool.j2 index eff0edc..6203098 100644 --- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.nodepool.j2 +++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.nodepool.j2 @@ -5,8 +5,8 @@ resources: - manifests/machinedeployment-{{ _template.cluster.name }}-worker.yaml - manifests/vspheremachinetemplate-{{ _template.cluster.name }}-worker.yaml -patchesStrategicMerge: - - |- +patches: +- patch: |- apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate metadata: @@ -31,7 +31,7 @@ patchesStrategicMerge: mounts: - - LABEL=blockstorage - /mnt/blockstorage - - |- +- patch: |- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: VSphereMachineTemplate metadata: @@ -43,42 +43,41 @@ patchesStrategicMerge: additionalDisksGiB: - {{ _template.nodepool.additionaldisk }} -patchesJson6902: - - target: - group: bootstrap.cluster.x-k8s.io - version: v1beta1 - kind: KubeadmConfigTemplate - name: {{ _template.cluster.name }}-worker - patch: |- - - op: replace - path: /metadata/name - value: {{ _template.cluster.name }}-worker-storage +- target: + group: bootstrap.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmConfigTemplate + name: {{ _template.cluster.name }}-worker + patch: |- + - op: replace + path: /metadata/name + value: {{ _template.cluster.name }}-worker-storage - - target: - group: cluster.x-k8s.io - version: v1beta1 - kind: MachineDeployment - name: {{ _template.cluster.name }}-worker - patch: |- - - op: replace - path: /metadata/name - value: {{ _template.cluster.name }}-worker-storage - - op: replace - path: /spec/template/spec/bootstrap/configRef/name - value: {{ _template.cluster.name }}-worker-storage - - op: replace - path: /spec/template/spec/infrastructureRef/name - value: {{ _template.cluster.name }}-worker-storage - - op: replace - path: /spec/replicas - value: {{ _template.nodepool.size }} +- target: + group: cluster.x-k8s.io + version: v1beta1 + kind: MachineDeployment + name: {{ _template.cluster.name }}-worker + patch: |- + - op: replace + path: /metadata/name + value: {{ _template.cluster.name }}-worker-storage + - op: replace + path: /spec/template/spec/bootstrap/configRef/name + value: {{ _template.cluster.name }}-worker-storage + - op: replace + path: /spec/template/spec/infrastructureRef/name + value: {{ _template.cluster.name }}-worker-storage + - op: replace + path: /spec/replicas + value: {{ _template.nodepool.size }} - - target: - group: infrastructure.cluster.x-k8s.io - version: v1beta1 - kind: VSphereMachineTemplate - name: {{ _template.cluster.name }}-worker - patch: |- - - op: replace - path: /metadata/name - value: {{ _template.cluster.name }}-worker-storage +- target: + group: infrastructure.cluster.x-k8s.io + version: v1beta1 + kind: VSphereMachineTemplate + name: {{ _template.cluster.name }}-worker + patch: |- + - op: replace + path: /metadata/name + value: {{ _template.cluster.name }}-worker-storage