Switch from Network Protocol Profiles to in-cluster IPAM

2023-03-14 15:43:11 +01:00
parent c0b2857be1
commit daa7a240cc
5 changed files with 81 additions and 38 deletions
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/ippool.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/ippool.j2
@ -0,0 +1,9 @@
+apiVersion: ipam.cluster.x-k8s.io/v1alpha1
+kind: InClusterIPPool
+metadata:
+  name: inclusterippool-{{ _template.cluster.name }}
+spec:
+  start: {{ _template.cluster.network.startip }}
+  end: {{ _template.cluster.network.endip }}
+  prefix: {{ _template.cluster.network.prefix }}
+  gateway: {{ _template.cluster.network.gateway }}
--- a/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/bootstrap/templates/kustomization.cluster-template.j2
@ -35,12 +35,6 @@ patchesStrategicMerge:
      template:
        spec:
          files:
-          - encoding: base64
-            content: |
-              {{ _template.script.encoded }}
-            permissions: '0744'
-            owner: root:root
-            path: /root/network.sh
          - content: |
              network: {config: disabled}
            owner: root:root
@ -49,6 +43,40 @@ patchesStrategicMerge:
              {{ _template.rootca | indent(width=14, first=False) | trim }}
            owner: root:root
            path: /usr/local/share/ca-certificates/root_ca.crt
+  - |-
+    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+    kind: VSphereMachineTemplate
+    metadata:
+      name: ${CLUSTER_NAME}
+      namespace: '${NAMESPACE}'
+    spec:
+      template:
+        spec:
+          network:
+            devices:
+            - dhcp4: false
+              addressesFromPools:
+              - apiGroup: ipam.cluster.x-k8s.io
+                kind: InClusterIPPool
+                name: inclusterippool-${CLUSTER_NAME}
+              networkName: '${VSPHERE_NETWORK}'
+  - |-
+    apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
+    kind: VSphereMachineTemplate
+    metadata:
+      name: ${CLUSTER_NAME}-worker
+      namespace: '${NAMESPACE}'
+    spec:
+      template:
+        spec:
+          network:
+            devices:
+            - dhcp4: false
+              addressesFromPools:
+              - apiGroup: ipam.cluster.x-k8s.io
+                kind: InClusterIPPool
+                name: inclusterippool-${CLUSTER_NAME}
+              networkName: '${VSPHERE_NETWORK}'

 patchesJson6902:
  - target:
@ -57,15 +85,6 @@ patchesJson6902:
      kind: KubeadmControlPlane
      name: .*
    patch: |-
-      - op: add
-        path: /spec/kubeadmConfigSpec/files/-
-        value:
-          encoding: base64
-          content: |
-            {{ _template.script.encoded }}
-          owner: root:root
-          path: /root/network.sh
-          permissions: '0744'
      - op: add
        path: /spec/kubeadmConfigSpec/files/-
        value: