From 8775cbde8d490c05fa8a75ac89cfed82e6b0a4ef Mon Sep 17 00:00:00 2001 From: Dreaded_X Date: Sat, 15 Feb 2025 03:52:12 +0100 Subject: [PATCH] Moved kube-vip to new organization + version update --- .../infra/kube-vip.yaml | 13 ++++++++++ .../kube-vip/kustomization.yaml | 8 ------ infra/kube-vip/cluster-role-binding.yaml | 12 +++++++++ .../kube-vip/cluster-role.yaml | 25 +++---------------- .../kube-vip/config-map-kubevip.yaml | 1 - .../kube-vip/daemon-set-enp2s0.yaml | 1 - .../kube-vip/daemon-set-enp3s0.yaml | 1 - infra/kube-vip/kustomization.yaml | 11 ++++++++ infra/kube-vip/service-account.yaml | 4 +++ scripts/init.sh | 2 +- 10 files changed, 44 insertions(+), 34 deletions(-) create mode 100644 clusters/titan.lan.huizinga.dev/infra/kube-vip.yaml delete mode 100644 clusters/titan.lan.huizinga.dev/kube-vip/kustomization.yaml create mode 100644 infra/kube-vip/cluster-role-binding.yaml rename clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.rbac.yaml => infra/kube-vip/cluster-role.yaml (51%) rename clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.config.yaml => infra/kube-vip/config-map-kubevip.yaml (87%) rename clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp2s0.yaml => infra/kube-vip/daemon-set-enp2s0.yaml (99%) rename clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp3s0.yaml => infra/kube-vip/daemon-set-enp3s0.yaml (99%) create mode 100644 infra/kube-vip/kustomization.yaml create mode 100644 infra/kube-vip/service-account.yaml diff --git a/clusters/titan.lan.huizinga.dev/infra/kube-vip.yaml b/clusters/titan.lan.huizinga.dev/infra/kube-vip.yaml new file mode 100644 index 0000000..993eefc --- /dev/null +++ b/clusters/titan.lan.huizinga.dev/infra/kube-vip.yaml @@ -0,0 +1,13 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: kube-vip + namespace: flux-system +spec: + interval: 15m + path: ./infra/kube-vip + prune: true + timeout: 2m + sourceRef: + kind: GitRepository + name: flux-system diff --git a/clusters/titan.lan.huizinga.dev/kube-vip/kustomization.yaml b/clusters/titan.lan.huizinga.dev/kube-vip/kustomization.yaml deleted file mode 100644 index 5d44287..0000000 --- a/clusters/titan.lan.huizinga.dev/kube-vip/kustomization.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - kube-vip.rbac.yaml - - kube-vip.app.enp3s0.yaml - - kube-vip.app.enp2s0.yaml - - https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/refs/tags/v0.0.10/manifest/kube-vip-cloud-controller.yaml - - kube-vip.config.yaml diff --git a/infra/kube-vip/cluster-role-binding.yaml b/infra/kube-vip/cluster-role-binding.yaml new file mode 100644 index 0000000..c42f22f --- /dev/null +++ b/infra/kube-vip/cluster-role-binding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: system:kube-vip-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:kube-vip-role +subjects: + - kind: ServiceAccount + name: kube-vip + namespace: kube-system diff --git a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.rbac.yaml b/infra/kube-vip/cluster-role.yaml similarity index 51% rename from clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.rbac.yaml rename to infra/kube-vip/cluster-role.yaml index d6ecc93..93db6b9 100644 --- a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.rbac.yaml +++ b/infra/kube-vip/cluster-role.yaml @@ -1,9 +1,3 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: kube-vip - namespace: kube-system ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -16,26 +10,13 @@ rules: verbs: ["update"] - apiGroups: [""] resources: ["services", "endpoints"] - verbs: ["list","get","watch", "update"] + verbs: ["list", "get", "watch", "update"] - apiGroups: [""] resources: ["nodes"] - verbs: ["list","get","watch", "update", "patch"] + verbs: ["list", "get", "watch", "update", "patch"] - apiGroups: ["coordination.k8s.io"] resources: ["leases"] verbs: ["list", "get", "watch", "update", "create"] - apiGroups: ["discovery.k8s.io"] resources: ["endpointslices"] - verbs: ["list","get","watch", "update"] ---- -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: system:kube-vip-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:kube-vip-role -subjects: -- kind: ServiceAccount - name: kube-vip - namespace: kube-system + verbs: ["list", "get", "watch", "update"] diff --git a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.config.yaml b/infra/kube-vip/config-map-kubevip.yaml similarity index 87% rename from clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.config.yaml rename to infra/kube-vip/config-map-kubevip.yaml index 99facae..9dc8e82 100644 --- a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.config.yaml +++ b/infra/kube-vip/config-map-kubevip.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: kubevip - namespace: kube-system data: # 10.0.2.1 is reserved for control plane # 10.0.2.2 is reserved for traefik diff --git a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp2s0.yaml b/infra/kube-vip/daemon-set-enp2s0.yaml similarity index 99% rename from clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp2s0.yaml rename to infra/kube-vip/daemon-set-enp2s0.yaml index 3c07c9a..318518b 100644 --- a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp2s0.yaml +++ b/infra/kube-vip/daemon-set-enp2s0.yaml @@ -6,7 +6,6 @@ metadata: app.kubernetes.io/name: kube-vip-ds app.kubernetes.io/version: v0.8.3 name: kube-vip-ds-enp2s0 - namespace: kube-system spec: selector: matchLabels: diff --git a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp3s0.yaml b/infra/kube-vip/daemon-set-enp3s0.yaml similarity index 99% rename from clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp3s0.yaml rename to infra/kube-vip/daemon-set-enp3s0.yaml index 5faa085..4cf5ed8 100644 --- a/clusters/titan.lan.huizinga.dev/kube-vip/kube-vip.app.enp3s0.yaml +++ b/infra/kube-vip/daemon-set-enp3s0.yaml @@ -6,7 +6,6 @@ metadata: app.kubernetes.io/name: kube-vip-ds app.kubernetes.io/version: v0.8.3 name: kube-vip-ds-enp3s0 - namespace: kube-system spec: selector: matchLabels: diff --git a/infra/kube-vip/kustomization.yaml b/infra/kube-vip/kustomization.yaml new file mode 100644 index 0000000..a202b91 --- /dev/null +++ b/infra/kube-vip/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: kube-system +resources: + - ./service-account.yaml + - ./cluster-role.yaml + - ./cluster-role-binding.yaml + - ./daemon-set-enp2s0.yaml + - ./daemon-set-enp3s0.yaml + - https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/refs/tags/v0.0.11/manifest/kube-vip-cloud-controller.yaml + - ./config-map-kubevip.yaml diff --git a/infra/kube-vip/service-account.yaml b/infra/kube-vip/service-account.yaml new file mode 100644 index 0000000..6a34f0b --- /dev/null +++ b/infra/kube-vip/service-account.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kube-vip diff --git a/scripts/init.sh b/scripts/init.sh index 8312be5..377ba57 100755 --- a/scripts/init.sh +++ b/scripts/init.sh @@ -23,7 +23,7 @@ sed -i -e "s/127.0.0.1/$REMOTE_IP/" ~/.kube/config add_interface_label -kubectl apply -k ${SCRIPT_DIR}/../clusters/titan.lan.huizinga.dev/kube-vip/ +kubectl apply -k ${SCRIPT_DIR}/../infra/kube-vip/ # Add sops secret to the cluster kubectl apply -f ${SCRIPT_DIR}/namespace.yaml