house cluster wip

2023-11-27 03:31:14 +13:00 · 2023-11-27 03:31:14 +13:00 · cd19a7687c
commit cd19a7687c
parent 0923148d8e
4 changed files with 89 additions and 0 deletions
--- a/ansible/roles/k8s_control/files/kube00.balsillie.house_init
+++ b/ansible/roles/k8s_control/files/kube00.balsillie.house_init
@ -0,0 +1 @@
+sudo kubeadm init --control-plane-endpoint=api.cluster.balsillie.house --cri-socket=unix:///run/containerd/containerd.sock --pod-network-cidr="10.208.0.0/16,2400:8907:e002:7c10::/64" --service-cidr="10.224.0.0/16,2400:8907:e002:7c11::/108" --apiserver-advertise-address="10.192.110.91" --apiserver-advertise-address="2400:8907:e002:7c02::91" --apiserver-bind-port=6443 --apiserver-cert-extra-sans="api.cluster.balsillie.house" --apiserver-cert-extra-sans="10.192.110.90" --apiserver-cert-extra-sans="10.192.110.91" --apiserver-cert-extra-sans="2400:8907:e002:7c02::90" --apiserver-cert-extra-sans="2400:8907:e002:7c02::91" --node-name="kube00" --service-dns-domain="cluster.balsillie.house"
--- a/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_installation.yaml
+++ b/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_installation.yaml
@ -0,0 +1,52 @@
+apiVersion: operator.tigera.io/v1
+kind: Installation
+metadata:
+    name: default
+spec:
+    calicoNetwork:
+        bgp: Enabled
+        hostPorts: Enabled
+        ipPools:
+        -   blockSize: 20
+            cidr: 10.208.0.0/16
+            encapsulation: None
+            natOutgoing: Disabled
+            nodeSelector: all()
+        -   blockSize: 116
+            cidr: 2400:8907:e002:7c10::/64
+            encapsulation: None
+            natOutgoing: Disabled
+            nodeSelector: all()
+        linuxDataplane: Iptables
+
+---
+
+apiVersion: projectcalico.org/v3
+kind: BGPConfiguration
+metadata:
+    name: default
+spec:
+    asNumber: 64622
+    serviceClusterIPs:
+    -   cidr: 10.224.0.0/16
+    -   cidr: 2400:8907:e002:7c11::/108
+
+---
+
+apiVersion: crd.projectcalico.org/v1
+kind: BGPPeer
+metadata:
+    name: opnsense-v4
+spec:
+    asNumber: 64623
+    peerIP: 10.192.110.254
+
+---
+
+apiVersion: crd.projectcalico.org/v1
+kind: BGPPeer
+metadata:
+    name: opnsense-v6
+spec:
+    asNumber: 64623
+    peerIP: 2400:8907:e002:7c02::0254
--- a/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_ip_reservation.yaml
+++ b/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_ip_reservation.yaml
@ -0,0 +1,23 @@
+apiVersion: projectcalico.org/v3
+kind: IPReservation
+metadata:
+  name: default-ipreservation
+spec:
+  reservedCIDRs:
+  - 10.208.240.0/20
+  - 2400:8907:e002:7c10:ffff:ffff:ffff:f000/116
+
+# Static IPs:
+#
+# DNS (Bind9):
+#   10.208.240.1
+#   2400:8907:e002:7c10:ffff:ffff:ffff:f001
+#
+# Nginx:
+#
+# Mail:
+#
+# Matrix:
+#
+# Turn:
+# 
--- a/ansible/roles/k8s_network/files/cluster.balsillie.house/ippool.yaml
+++ b/ansible/roles/k8s_network/files/cluster.balsillie.house/ippool.yaml
@ -0,0 +1,13 @@
+apiVersion: projectcalico.org/v3
+kind: IPPool
+metadata:
+  name: default-ipv6-ippool
+spec:
+  allowedUses:
+  - Workload
+  - Tunnel
+  blockSize: 116
+  cidr: 2400:8907:e002:7c10::/64
+  ipipMode: Never
+  nodeSelector: all()
+  vxlanMode: Never
				`@ -0,0 +1 @@`
				sudo kubeadm init --control-plane-endpoint=api.cluster.balsillie.house --cri-socket=unix:///run/containerd/containerd.sock --pod-network-cidr="10.208.0.0/16,2400:8907:e002:7c10::/64" --service-cidr="10.224.0.0/16,2400:8907:e002:7c11::/108" --apiserver-advertise-address="10.192.110.91" --apiserver-advertise-address="2400:8907:e002:7c02::91" --apiserver-bind-port=6443 --apiserver-cert-extra-sans="api.cluster.balsillie.house" --apiserver-cert-extra-sans="10.192.110.90" --apiserver-cert-extra-sans="10.192.110.91" --apiserver-cert-extra-sans="2400:8907:e002:7c02::90" --apiserver-cert-extra-sans="2400:8907:e002:7c02::91" --node-name="kube00" --service-dns-domain="cluster.balsillie.house"