Merge "Add target infra phases to sub-cluster type"
This commit is contained in:
commit
cd8ac4924f
|
@ -5,6 +5,12 @@ metadata:
|
|||
labels:
|
||||
airshipit.org/deploy-k8s: "false"
|
||||
spec:
|
||||
files:
|
||||
k8scontrol:
|
||||
subcluster_controlplane_image:
|
||||
url: https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
|
||||
checksum: 4a6909d1480ac30d676accd7b37ec711
|
||||
|
||||
helm_repositories:
|
||||
grafana:
|
||||
url: https://grafana.github.io/helm-charts
|
||||
|
@ -71,10 +77,16 @@ spec:
|
|||
image: quay.io/thanos/thanos:v0.17.2
|
||||
sip:
|
||||
sip:
|
||||
auth:
|
||||
image: quay.io/dexidp/dex:v2.20.0
|
||||
kube-rbac-proxy:
|
||||
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0
|
||||
manager:
|
||||
image: quay.io/airshipit/sip:51e7ff85d617c0e94fa98920fdbacce3ad9e6bc0
|
||||
jump_host:
|
||||
image: quay.io/airshipit/jump-host:latest
|
||||
load_balancer:
|
||||
image: haproxy:2.3.2
|
||||
vino:
|
||||
vino:
|
||||
kube-rbac-proxy:
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
resources:
|
||||
- ../../../../../type/multi-tenant/sub-clusters/wordpress/controlplane
|
||||
- ../../../target/catalogues
|
||||
|
||||
transformers:
|
||||
- ../../../../../type/multi-tenant/sub-clusters/wordpress/controlplane/replacements
|
|
@ -0,0 +1,6 @@
|
|||
resources:
|
||||
- ../../../../../type/multi-tenant/sub-clusters/wordpress/provide-infra
|
||||
- ../../../target/catalogues
|
||||
|
||||
transformers:
|
||||
- ../../../../../type/multi-tenant/sub-clusters/wordpress/provide-infra/replacements
|
|
@ -0,0 +1,7 @@
|
|||
resources:
|
||||
- ../../../../../type/multi-tenant/sub-clusters/wordpress/workers
|
||||
- ../../../target/catalogues
|
||||
- metal3machinetemplate.yaml
|
||||
|
||||
transformers:
|
||||
- ../../../../../type/multi-tenant/sub-clusters/wordpress/workers/replacements
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
|
||||
kind: Metal3MachineTemplate
|
||||
metadata:
|
||||
name: worker-1
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
image:
|
||||
url: http://10.23.24.102:80/images/data-plane.qcow2
|
||||
checksum: http://10.23.24.102:80/images/data-plane.qcow2.md5sum
|
|
@ -8,4 +8,5 @@ resources:
|
|||
|
||||
patchesStrategicMerge:
|
||||
- versions-airshipctl.yaml
|
||||
- versions-treasuremap.yaml
|
||||
- networking.yaml
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: VersionsCatalogue
|
||||
metadata:
|
||||
name: versions-treasuremap
|
||||
spec:
|
||||
files:
|
||||
k8scontrol:
|
||||
# Use locally generated images
|
||||
subcluster_controlplane_image:
|
||||
url: http://10.23.24.1:8099/target-image.qcow2
|
||||
checksum: http://10.23.24.1:8099/target-image.qcow2.md5sum
|
|
@ -3,4 +3,3 @@ kind: Kustomization
|
|||
resources:
|
||||
- ../../../airship-core/shared/catalogues
|
||||
- subcluster-networking.yaml
|
||||
|
||||
|
|
|
@ -46,7 +46,8 @@ spec:
|
|||
name: http
|
||||
|
||||
wordpress:
|
||||
# This stanza is replaced directly into lma's networking catalogue
|
||||
# This stanza is replaced directly into the Wordpress sub-cluster's
|
||||
# networking catalogue at the site level.
|
||||
kubernetes:
|
||||
serviceCidr: "10.0.80.0/20"
|
||||
podCidr: "192.168.0.0/18"
|
||||
|
@ -55,4 +56,14 @@ spec:
|
|||
port: 6443
|
||||
apiserverCertSANs: [10.23.25.201, 10.23.24.201]
|
||||
|
||||
port_range: ["11040:11059"]
|
||||
exposed_services:
|
||||
- name: auth
|
||||
nodePort: 30556
|
||||
- name: jumpHost
|
||||
nodePort: 30001
|
||||
- name: loadBalancerControlPlane
|
||||
nodePort: 30002
|
||||
# TODO: Uncomment when SIP supports a Worker load balancer.
|
||||
# Potential ports that can be used by sub-cluster services.
|
||||
# - name: loadBalancerWorkers
|
||||
# nodePort: ["30003:30020"]
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
resources:
|
||||
- ../../../../sub-cluster/controlplane
|
|
@ -0,0 +1,2 @@
|
|||
resources:
|
||||
- ../../../../../sub-cluster/controlplane/replacements
|
|
@ -1,3 +1,26 @@
|
|||
# NOTE: The contents of these phases are delivered to the target cluster.
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
metadata:
|
||||
name: provide-infra
|
||||
config:
|
||||
documentEntryPoint: sub-clusters/wordpress/provide-infra
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
metadata:
|
||||
name: controlplane
|
||||
config:
|
||||
documentEntryPoint: sub-clusters/wordpress/controlplane
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
metadata:
|
||||
name: workers
|
||||
config:
|
||||
documentEntryPoint: sub-clusters/wordpress/workers
|
||||
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
resources:
|
||||
- sipcluster.yaml
|
|
@ -0,0 +1,3 @@
|
|||
resources:
|
||||
- networking.yaml
|
||||
- versions.yaml
|
|
@ -0,0 +1,47 @@
|
|||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: ReplacementTransformer
|
||||
metadata:
|
||||
name: subcluster-provide-infra-networking-replacements
|
||||
annotations:
|
||||
config.kubernetes.io/function: |-
|
||||
container:
|
||||
image: quay.io/airshipit/replacement-transformer:v2
|
||||
replacements:
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: subcluster-networking
|
||||
fieldref: "{.spec.wordpress.exposed_services[?(.name == 'auth')].nodePort}"
|
||||
target:
|
||||
objref:
|
||||
kind: SIPCluster
|
||||
name: wordpress
|
||||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||
# but we only deploy one instance of each.
|
||||
fieldrefs: ["{.spec.services.auth[0].nodePort}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: subcluster-networking
|
||||
fieldref: "{.spec.wordpress.exposed_services[?(.name == 'jumpHost')].nodePort}"
|
||||
target:
|
||||
objref:
|
||||
kind: SIPCluster
|
||||
name: wordpress
|
||||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||
# but we only deploy one instance of each.
|
||||
fieldrefs: ["{.spec.services.jumpHost[0].nodePort}"]
|
||||
# NOTE: newer versions of SIP will have an additional load balancer for the
|
||||
# worker nodes.
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: subcluster-networking
|
||||
fieldref: "{.spec.wordpress.exposed_services[?(.name == 'loadBalancerControlPlane')].nodePort}"
|
||||
target:
|
||||
objref:
|
||||
kind: SIPCluster
|
||||
name: wordpress
|
||||
# NOTE: The SIPCluster CR accepts multiple infra service definitions,
|
||||
# but we only deploy one instance of each.
|
||||
fieldrefs: ["{.spec.services.loadBalancer[0].nodePort}"]
|
|
@ -0,0 +1,40 @@
|
|||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: ReplacementTransformer
|
||||
metadata:
|
||||
name: subcluster-provide-infra-versions-replacements
|
||||
annotations:
|
||||
config.kubernetes.io/function: |-
|
||||
container:
|
||||
image: quay.io/airshipit/replacement-transformer:v2
|
||||
replacements:
|
||||
# Replace SIPCluster CR images
|
||||
- source:
|
||||
objref:
|
||||
kind: VersionsCatalogue
|
||||
name: versions-treasuremap
|
||||
fieldref: "{.spec.images.sip.sip.auth.image}"
|
||||
target:
|
||||
objref:
|
||||
kind: SIPCluster
|
||||
name: lma
|
||||
fieldrefs: ["{.spec.services.auth[*].image}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VersionsCatalogue
|
||||
name: versions-treasuremap
|
||||
fieldref: "{.spec.images.sip.sip.jump_host.image}"
|
||||
target:
|
||||
objref:
|
||||
kind: SIPCluster
|
||||
name: lma
|
||||
fieldrefs: ["{.spec.services.jumpHost[*].image}"]
|
||||
- source:
|
||||
objref:
|
||||
kind: VersionsCatalogue
|
||||
name: versions-treasuremap
|
||||
fieldref: "{.spec.images.sip.sip.load_balancer.image}"
|
||||
target:
|
||||
objref:
|
||||
kind: SIPCluster
|
||||
name: lma
|
||||
fieldrefs: ["{.spec.services.loadBalancer[*].image}"]
|
|
@ -0,0 +1,92 @@
|
|||
apiVersion: airship.airshipit.org/v1
|
||||
kind: SIPCluster
|
||||
metadata:
|
||||
name: wordpress
|
||||
namespace: sipcluster-system
|
||||
finalizers:
|
||||
- sip.airship.airshipit.org/finalizer
|
||||
spec:
|
||||
nodes:
|
||||
ControlPlane:
|
||||
labelSelector:
|
||||
vino.airshipit.org/flavor: control-plane
|
||||
spreadTopology: PerRack
|
||||
count:
|
||||
active: 1
|
||||
standby: 1
|
||||
Worker:
|
||||
labelSelector:
|
||||
vino.airshipit.org/flavor: worker
|
||||
spreadTopology: PerHost
|
||||
count:
|
||||
active: 2
|
||||
standby: 1 # Slew for upgrades
|
||||
services:
|
||||
auth:
|
||||
- image: quay.io/dexidp/dex
|
||||
nodeInterfaceId: oam-ipv4
|
||||
nodePort: 30556
|
||||
TLSCrt: |
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDBjCCAe6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwptaW5p
|
||||
a3ViZUNBMB4XDTIxMDMxNzExNDYzMFoXDTMxMDMxNjExNDYzMFowFTETMBEGA1UE
|
||||
AxMKbWluaWt1YmVDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKs1
|
||||
ujCXS/HDS9dSOJWfotlrQj46V4oL8q5dOmLXSvqfISINzdXK9XrBo/1INQ2RmFL/
|
||||
oXbCwvT1PhRkm/KS/LN3dgsbPjb6/meKsrLOpKPtTAm29+c7h87ZkwHi2LPZO+3w
|
||||
bVp49ERCg89VjfIStvGefJvKaz1Rq3WTZN96216dSY2sShON07ELv4pZPJGjEHg6
|
||||
U6c4UgMdnye3FUUxaayqjZbLKcN/mNkI7kMzy4e0RZ4Y3WTlr0nxDVuYiz8v9usa
|
||||
rHO5Pu9w40FAudlmMrSB9Qj8ED/VtooW4qewm4oUdHrmzJ86vamWLll2keHt4MAY
|
||||
5mG0vglWqm2zEL8jJWUCAwEAAaNhMF8wDgYDVR0PAQH/BAQDAgKkMB0GA1UdJQQW
|
||||
MBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
|
||||
BBQs35Wcd1nnNOP1YuzwousJxfATmDANBgkqhkiG9w0BAQsFAAOCAQEAbspb0RE5
|
||||
vOeObqLY7JEMlNvnxbnHceIpltZpnq5ZGbDHEBUEyBUnDnO7UZrxw2qmDgvpUPot
|
||||
jNxgWzDcxb7kuli6Ehc1Nbtm8HKFf3xx5d1dTBuPj8i6njB/3kVbYZOHGcFxku62
|
||||
ac8KQT8EdaQdTtwoQLhfGl3P++afg7kfvcm962PKYWDGcbXbbJxEf1YDuy2dY2/Z
|
||||
u5rOyAIhRSOm68edMhy/0Bdq3NBmT5icptMawEBrJXW7tNOnbSLu6qtQqSX8w58u
|
||||
2ZnZouCSXMfLYKNuDWVuhe/WfCv9ZKr/Izcz1raBquo8yDt4qsxDPfix/QSqUxRc
|
||||
kDR2hHk/Mfv+rg==
|
||||
-----END CERTIFICATE-----
|
||||
TLSKey: |
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAqzW6MJdL8cNL11I4lZ+i2WtCPjpXigvyrl06YtdK+p8hIg3N
|
||||
1cr1esGj/Ug1DZGYUv+hdsLC9PU+FGSb8pL8s3d2Cxs+Nvr+Z4qyss6ko+1MCbb3
|
||||
5zuHztmTAeLYs9k77fBtWnj0REKDz1WN8hK28Z58m8prPVGrdZNk33rbXp1JjaxK
|
||||
E43TsQu/ilk8kaMQeDpTpzhSAx2fJ7cVRTFprKqNlsspw3+Y2QjuQzPLh7RFnhjd
|
||||
ZOWvSfENW5iLPy/26xqsc7k+73DjQUC52WYytIH1CPwQP9W2ihbip7CbihR0eubM
|
||||
nzq9qZYuWXaR4e3gwBjmYbS+CVaqbbMQvyMlZQIDAQABAoIBAC3cZ3JqpKIvERqt
|
||||
YJDbwRCCRa1LjXVh+/Cu8lvVlbUKeSKZFgDlq9nlEttewy9OR8I7zXF1fCmHo8hs
|
||||
psVUkDI2lr0k4AZ0Nz9fDL0O01VB1DNp+n/LF3bWGyXPMQMD9qSm2XP5oFzEgHBC
|
||||
V5J3Zt/T90b38r/rJ4WIJOYkD60I/mQ2oB9I6QsUDSxeH9a/L1BEHvGcBtfbqWlA
|
||||
b7BBRBjRCdtbV67pFpspSnWmIwDBF3GNbjjPyWiRCicLQeZ+Eysc4GbeT89A76xN
|
||||
q76uPH/+vo5fafm86AURN59QA6/qaCvrlE02gt9FbFW/cN0Bs7y3OSl2e8/si6tz
|
||||
n4Nwq8ECgYEA4F4oAitnCfAKhHr501qaJk4uj5YuzQktANjPp9Bo5x/FThF497gN
|
||||
KvumUlq4Z3H7ivXk0WEYb5v2erXtgXoj6o/uAL+5FQyRBpUDa5FpeAi64e0Vzhtk
|
||||
UUd5RXoC0eITdF8zaXHJsYTNv6jDA33Flqkk7bioTWi0VrTFlwp5mRUCgYEAw1kB
|
||||
HmuV1LSqmwXf/6NIO2mmSBLNWC4JY/qAV9HlCxKhv9fXhl99m0lQRPs2TZIYrkCY
|
||||
Q0entaYY+2EQn1HBm7sdGnoy5tOYb9Lg89zzP23MJDLAQ+eXRTyl25W3qQVnrRzx
|
||||
o00EFX6QhySbuBditiu75wjN1Q2IY+jE81MozxECgYBU6s3xpEOnOzZ/1ZtgJtZY
|
||||
0RZGOe0UpPhnbaeKOBK8BwZB+dLyzrINJplYagWJAVbWzSIBLOJ2u2yaHOj7LCMT
|
||||
z82gcu+1y7/H4fYdbDeiuosgnv61tyBMsuRvKzKOBSaf0LhAnFRd34mPlGvakmuK
|
||||
DhJv9oecZJh8iIaQF+LV0QKBgFDDQHIqOqTZGNvEvwo6oIdns4aCt4Dob5t1GpC0
|
||||
R4SfbF4bR5DXc9+6nMQYNCg36ZpJPGo8errf894iEDQ+IdRXtL2YnejOvGwm/Df2
|
||||
Nl8X7tlcXh705ZaLb2rsaCUqBeYNXF2OXszgKbKl0Pd4O6hjRmlLO4YE9UmRF7Qd
|
||||
wnZxAoGBAKN9LgEmOq3GTDbWvnKRDG8q1MjMOOLRuqryQWXF3KP/+oPB2XUrw7Eg
|
||||
Sw9yBi8GZ6PseG1W5LnwT2vAeDaLRrAr8QrDmd+Aj+og7CVD82Gy/k8Uh0TyCUlF
|
||||
DOY0q5Hu9iPlqk3ZQqGJKcms+97jD7JPGsPOH0+LcK9sEI6fJOna
|
||||
-----END RSA PRIVATE KEY-----
|
||||
CertManagerNS: cert-manager
|
||||
jumpHost:
|
||||
- image: quay.io/airshipit/jump-host
|
||||
nodePort: 30001
|
||||
nodeInterfaceId: oam-ipv4
|
||||
bmc:
|
||||
proxy: false
|
||||
sshAuthorizedKeys:
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyaozS8kZRw2a1d0O4YXhxtJlDPThqIZilGCsXLbukIFOyMUmMTwQAtwWp5epwU1+5ponC2uBENB6xCCj3cl5Rd43d2/B6HxyAPQGKo6/zKYGAKW2nzYDxSWMl6NUSsiJAyXUA7ZlNZQe0m8PmaferlkQyLLZo3NJpizz6U6ZCtxvj43vEl7NYWnLUEIzGP9zMqltIGnD4vYrU9keVKKXSsp+DkApnbrDapeigeGATCammy2xRrUQDuOvGHsfnQbXr2j0onpTIh0PiLrXLQAPDg8UJRgVB+ThX+neI3rQ320djzRABckNeE6e4Kkwzn+QdZsmA2SDvM9IU7boK1jVQlgUPp7zF5q3hbb8Rx7AadyTarBayUkCgNlrMqth+tmTMWttMqCPxJRGnhhvesAHIl55a28Kzz/2Oqa3J9zwzbyDIwlEXho0eAq3YXEPeBhl34k+7gOt/5Zdbh+yacFoxDh0LrshQgboAijcVVaXPeN0LsHEiVvYIzugwIvCkoFMPWoPj/kEGzPY6FCkVneDA7VoLTCoG8dlrN08Lf05/BGC7Wllm66pTNZC/cKXP+cjpQn1iEuiuPxnPldlMHx9sx2y/BRoft6oT/GzqkNy1NTY/xI+MfmxXnF5kwSbcTbzZQ9fZ8xjh/vmpPBgDNrxOEAT4N6OG7GQIhb9HEhXQCQ== example-key
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwpOyZjZ4gB0OTvmofH3llh6cBCWaEiEmHZWSkDXr8Bih6HcXVOtYMcFi/ZnUVGUBPw3ATNQBZUaVCYKeF+nDfKTJ9hmnlsyHxV2LeMsVg1o15Pb6f+QJuavEqtE6HI7mHyId4Z1quVTJXDWDW8OZEG7M3VktauqAn/e9UJvlL0bGmTFD1XkNcbRsWMRWkQgt2ozqlgrpPtvrg2/+bNucxX++VUjnsn+fGgAT07kbnrZwppGnAfjbYthxhv7GeSD0+Z0Lf1kiKy/bhUqXsZIuexOfF0YrRyUH1KBl8GCX2OLBYvXHyusByqsrOPiROqRdjX5PsK6HSAS0lk0niTt1p example-key-2
|
||||
nodeSSHPrivateKeys: ssh-private-keys
|
||||
loadBalancer:
|
||||
- image: haproxy
|
||||
nodePort: 30000
|
||||
nodeInterfaceId: oam-ipv4
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
resources:
|
||||
- ../../../../sub-cluster/workers
|
|
@ -0,0 +1,2 @@
|
|||
resources:
|
||||
- ../../../../../sub-cluster/workers/replacements
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ../../../function/k8scontrol-ha
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ../../../../function/k8scontrol-ha/replacements
|
|
@ -1,3 +1,41 @@
|
|||
# NOTE: The contents of these phases are delivered to the target cluster.
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
metadata:
|
||||
name: provide-infra
|
||||
clusterName: target
|
||||
config:
|
||||
executorRef:
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: KubernetesApply
|
||||
name: kubernetes-apply
|
||||
documentEntryPoint: sub-clusters/sub-cluster/provide-infra
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
metadata:
|
||||
name: controlplane
|
||||
clusterName: target
|
||||
config:
|
||||
executorRef:
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: KubernetesApply
|
||||
name: kubernetes-apply
|
||||
documentEntryPoint: sub-clusters/sub-cluster/controlplane
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
metadata:
|
||||
name: workers
|
||||
clusterName: target
|
||||
config:
|
||||
executorRef:
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: KubernetesApply
|
||||
name: kubernetes-apply
|
||||
documentEntryPoint: sub-clusters/sub-cluster/workers
|
||||
|
||||
---
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: Phase
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
# NOTE: This directory should not be inherited; it should be redefined within the
|
||||
# type that defines the actual sub-cluster.
|
||||
resources: []
|
|
@ -0,0 +1,30 @@
|
|||
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
|
||||
kind: KubeadmConfigTemplate
|
||||
metadata:
|
||||
name: worker-1
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
joinConfiguration:
|
||||
nodeRegistration:
|
||||
name: '{{ ds.meta_data.name }}'
|
||||
kubeletExtraArgs:
|
||||
node-labels: 'metal3.io/uuid={{ ds.meta_data.uuid }},node-type=worker'
|
||||
provider-id: 'metal3://{{ ds.meta_data.uuid }}'
|
||||
feature-gates: "IPv6DualStack=true"
|
||||
files:
|
||||
- path: "/etc/systemd/system/docker.service.d/http-proxy.conf"
|
||||
content: |
|
||||
[Service]
|
||||
Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY"
|
||||
Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY"
|
||||
Environment="NO_PROXY=REPLACEMENT_NO_PROXY"
|
||||
preKubeadmCommands:
|
||||
# Restart docker to apply any proxy settings
|
||||
- export HOME=/root
|
||||
- systemctl restart docker
|
||||
users:
|
||||
- name: ubuntu
|
||||
sshAuthorizedKeys:
|
||||
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK5jnOafJwnoN+vp77LgayzLZ7O6tu96cObzwjIEwOowi2KHTk+G4sUXzE4mt2QbPTbyOF45d/omcRZYixrTmYwwtJ9QGPbwWw/qpCRzVo5uV4qbwBd3iRUqXryOmZRCCFac678JXZS9f8AfOP9rHkh2jqhA6dJdtvqYTOpPLtmw8pYjScH/YqBXZObNSFS5PlSPl901UhZH4FNUAuYeR9JGY99wgM+R9XHRRgfBPJzwzvOQ7ZYfvxb+n4TuBr7u7jZtYC+pmG/eOYbIt2/vexO0y/rNomtC+hjDAXZO2VFwHejYW6r+ZPpkNrdr+5U8s0aENGg4BJkVa2n3LwUrZF segorov@node1
|
||||
sudo: ALL=(ALL) NOPASSWD:ALL
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- kubeadmconfigtemplate.yaml
|
||||
- machinedeployment.yaml
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: cluster.x-k8s.io/v1alpha3
|
||||
kind: MachineDeployment
|
||||
metadata:
|
||||
name: worker-1
|
||||
labels:
|
||||
cluster.x-k8s.io/cluster-name: target-cluster
|
||||
spec:
|
||||
clusterName: target-cluster
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
cluster.x-k8s.io/cluster-name: target-cluster
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
cluster.x-k8s.io/cluster-name: target-cluster
|
||||
spec:
|
||||
clusterName: target-cluster
|
||||
version: v1.18.3
|
||||
bootstrap:
|
||||
configRef:
|
||||
name: worker-1
|
||||
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
|
||||
kind: KubeadmConfigTemplate
|
||||
infrastructureRef:
|
||||
name: worker-1
|
||||
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
|
||||
kind: Metal3MachineTemplate
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- workers-env-vars.yaml
|
||||
- versions.yaml
|
|
@ -0,0 +1,20 @@
|
|||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: ReplacementTransformer
|
||||
metadata:
|
||||
name: subcluster-workers-versions-replacements
|
||||
annotations:
|
||||
config.kubernetes.io/function: |-
|
||||
container:
|
||||
image: quay.io/airshipit/replacement-transformer:v2
|
||||
replacements:
|
||||
# Replace the controlplane disk image in the Metal3MachineTemplate
|
||||
- source:
|
||||
objref:
|
||||
kind: VariableCatalogue
|
||||
name: versions-treasuremap
|
||||
fieldref: "{.spec.files.k8scontrol.subcluster_controlplane_image}"
|
||||
target:
|
||||
objref:
|
||||
kind: Metal3MachineTemplate
|
||||
name: worker-1
|
||||
fieldrefs: ["{.spec.template.spec.image}"]
|
|
@ -0,0 +1,41 @@
|
|||
# These rules inject env vars into the workers.
|
||||
apiVersion: airshipit.org/v1alpha1
|
||||
kind: ReplacementTransformer
|
||||
metadata:
|
||||
name: workers-env-vars-replacements
|
||||
annotations:
|
||||
config.kubernetes.io/function: |-
|
||||
container:
|
||||
image: quay.io/airshipit/replacement-transformer:latest
|
||||
replacements:
|
||||
# Replace the proxy vars
|
||||
- source:
|
||||
objref:
|
||||
name: env-vars-catalogue
|
||||
fieldref: env.HTTP_PROXY
|
||||
target:
|
||||
objref:
|
||||
kind: KubeadmConfigTemplate
|
||||
name: worker-1
|
||||
fieldrefs:
|
||||
- "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTP_PROXY%"
|
||||
- source:
|
||||
objref:
|
||||
name: env-vars-catalogue
|
||||
fieldref: env.HTTPS_PROXY
|
||||
target:
|
||||
objref:
|
||||
kind: KubeadmConfigTemplate
|
||||
name: worker-1
|
||||
fieldrefs:
|
||||
- "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_HTTPS_PROXY%"
|
||||
- source:
|
||||
objref:
|
||||
name: env-vars-catalogue
|
||||
fieldref: env.NO_PROXY
|
||||
target:
|
||||
objref:
|
||||
kind: KubeadmConfigTemplate
|
||||
name: worker-1
|
||||
fieldrefs:
|
||||
- "spec.template.spec.files[path=/etc/systemd/system/docker.service.d/http-proxy.conf].content%REPLACEMENT_NO_PROXY%"
|
|
@ -1 +1,3 @@
|
|||
# NOTE: This directory should not be inherited; it should be redefined within the
|
||||
# type that defines the actual sub-cluster.
|
||||
resources: []
|
||||
|
|
Loading…
Reference in New Issue