From c90d451d4ff20129199c473b08da6abf189bb8a2 Mon Sep 17 00:00:00 2001 From: Alexandr Demicev Date: Mon, 22 Jul 2024 15:17:53 +0200 Subject: [PATCH] Add working vSphere template Signed-off-by: Alexandr Demicev --- samples/vmware/README.md | 64 +-- ...pi-with-csi.yaml => cluster-template.yaml} | 415 +++++++++++++++--- samples/vmware/cluster.yaml | 23 - samples/vmware/machinedeployment.yaml | 33 -- samples/vmware/namespace.yaml | 5 - samples/vmware/rke2configtemplate.yaml | 16 - samples/vmware/rke2controlplane.yaml | 129 ------ samples/vmware/vspherecluster.yaml | 24 - samples/vmware/vspheremachinetemplate.yaml | 52 --- 9 files changed, 395 insertions(+), 366 deletions(-) rename samples/vmware/{vmware-cpi-with-csi.yaml => cluster-template.yaml} (61%) delete mode 100644 samples/vmware/cluster.yaml delete mode 100644 samples/vmware/machinedeployment.yaml delete mode 100644 samples/vmware/namespace.yaml delete mode 100644 samples/vmware/rke2configtemplate.yaml delete mode 100644 samples/vmware/rke2controlplane.yaml delete mode 100644 samples/vmware/vspherecluster.yaml delete mode 100644 samples/vmware/vspheremachinetemplate.yaml diff --git a/samples/vmware/README.md b/samples/vmware/README.md index 2ca78edb..af9d4add 100644 --- a/samples/vmware/README.md +++ b/samples/vmware/README.md @@ -1,39 +1,43 @@ # Example manifests -This config includes a kubevip loadbalancer on the controlplane nodes. The VIP of the loadbalancer for the Kubernetes API is set by the CABPR_CONTROLPLANE_ENDPOINT variable. +This config includes a kubevip loadbalancer on the controlplane nodes. The VIP of the loadbalancer for the Kubernetes API is set by the CONTROL_PLANE_ENDPOINT_IP. -Usage: +Prerequisites: -export environmental variables below +- VM template to be used for the cluster machine should be present in the vSphere environment. +- If airgapped environment is required then the VM template should already include RKE2 binaries as described in the [docs](https://docs.rke2.io/install/airgap#tarball-method). CAPRKE2 is using the tarball method to install RKE2 on the machines. +Any additional images like vSphere CPI image should be present in the local environment too. -``` -export CABPR_NAMESPACE=example -export CABPR_CLUSTER_NAME=rke2 -export CABPR_CP_REPLICAS=3 -export CABPR_WK_REPLICAS=2 -export KUBERNETES_VERSION=v1.24.6 -export RKE2_VERSION=v1.24.6+rke2r1 -export CABPR_CONTROLPLANE_ENDPOINT=192.168.1.100 - -export CABPR_VCENTER_HOSTNAME=vcenter.example.com -export CABPR_VCENTER_USERNAME=admin -export CABPR_VCENTER_PASSWORD=password -export CABPR_VCENTER_DATACENTER=datacenter -export CABPR_VCENTER_NETWORK=vmnetwork -export CABPR_VCENTER_THUMBPRINT= -export CABPR_VCENTER_DATASTORE=datastore -export CABPR_VCENTER_DISKSIZE=25 -export CABPR_VCENTER_FOLDER=vm-folder -export CABPR_VCENTER_RESOURCEPOOL="*/Resources/resoucrepool" -export CABPR_VCENTER_VM_VPCU=2 -export CABPR_VCENTER_VM_MEMORY=4096 -export CABPR_VCENTER_VM_TEMPLATE=template +To initialize Cluster API Provider vSphere, clusterctl requires the following variables, which should be set in ~/.cluster-api/clusterctl.yaml as the following: + +```bash +## -- Controller settings -- ## +VSPHERE_USERNAME: "" # The username used to access the remote vSphere endpoint +VSPHERE_PASSWORD: "" # The password used to access the remote vSphere endpoint + +## -- Required workload cluster default settings -- ## +VSPHERE_SERVER: "10.0.0.1" # The vCenter server IP or FQDN +VSPHERE_DATACENTER: "SDDC-Datacenter" # The vSphere datacenter to deploy the management cluster on +VSPHERE_DATASTORE: "DefaultDatastore" # The vSphere datastore to deploy the management cluster on +VSPHERE_NETWORK: "VM Network" # The VM network to deploy the management cluster on +VSPHERE_RESOURCE_POOL: "*/Resources" # The vSphere resource pool for your VMs +VSPHERE_FOLDER: "vm" # The VM folder for your VMs. Set to "" to use the root vSphere folder +VSPHERE_TEMPLATE: "ubuntu-1804-kube-v1.17.3" # The VM template to use for your management cluster. +CONTROL_PLANE_ENDPOINT_IP: "192.168.9.230" # the IP that kube-vip is going to use as a control plane endpoint +VSPHERE_TLS_THUMBPRINT: "..." # sha256 thumbprint of the vcenter certificate: openssl x509 -sha256 -fingerprint -in ca.crt -noout +EXP_CLUSTER_RESOURCE_SET: "true" # This enables the ClusterResourceSet feature that we are using to deploy CSI +VSPHERE_SSH_AUTHORIZED_KEY: "ssh-rsa AAAAB3N..." # The public ssh authorized key on all machines in this cluster. + # Set to "" if you don't want to enable SSH, or are using another solution. +"CPI_IMAGE_K8S_VERSION": "v1.30.0" # The version of the vSphere CPI image to be used by the CPI workloads + # Keep this close to the minimum Kubernetes version of the cluster being created. ``` -Create the namespace first. +Then run the following command to generate the RKE2 cluster manifests: + +```bash +clusterctl generate cluster --from https://github.com/rancher/cluster-api-provider-rke2/blob/main/samples/vmware/cluster-template.yaml -n example-vsphere rke2-vsphere > vsphere-rke2-clusterctl.yaml +``` -run: -```shell -envsubt < namespace.yaml | kubectl apply -f - -envsubt < *.yaml | kubectl apply -f - +```bash +kubectl apply -f vsphere-rke2-clusterctl.yaml ``` diff --git a/samples/vmware/vmware-cpi-with-csi.yaml b/samples/vmware/cluster-template.yaml similarity index 61% rename from samples/vmware/vmware-cpi-with-csi.yaml rename to samples/vmware/cluster-template.yaml index b41c2806..47f6dc00 100644 --- a/samples/vmware/vmware-cpi-with-csi.yaml +++ b/samples/vmware/cluster-template.yaml @@ -1,15 +1,295 @@ --- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + namespace: ${NAMESPACE} + name: ${CLUSTER_NAME} + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} +spec: + clusterNetwork: + pods: + cidrBlocks: + - 10.0.0.0/16 + serviceDomain: cluster.local + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: RKE2ControlPlane + name: ${CLUSTER_NAME} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: VSphereCluster + name: ${CLUSTER_NAME} +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: VSphereCluster +metadata: + name: ${CLUSTER_NAME} + namespace: ${NAMESPACE} +spec: + controlPlaneEndpoint: + host: ${CONTROL_PLANE_ENDPOINT_IP} + port: 6443 + identityRef: + kind: Secret + name: ${CLUSTER_NAME} + server: ${VSPHERE_SERVER} + thumbprint: ${VSPHERE_TLS_THUMBPRINT} +--- +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: RKE2ControlPlane +metadata: + name: ${CLUSTER_NAME} + namespace: ${NAMESPACE} +spec: + serverConfig: + disableComponents: + kubernetesComponents: + - cloudController + files: + - path: "/var/lib/rancher/rke2/server/manifests/coredns-config.yaml" + owner: "root:root" + permissions: "0640" + content: | + apiVersion: helm.cattle.io/v1 + kind: HelmChartConfig + metadata: + name: rke2-coredns + namespace: kube-system + spec: + valuesContent: |- + tolerations: + - key: "node.cloudprovider.kubernetes.io/uninitialized" + value: "true" + effect: "NoSchedule" + - path: "/var/lib/rancher/rke2/server/manifests/kubevip.yaml" + owner: "root:root" + permissions: "0640" + content: | + apiVersion: v1 + kind: ServiceAccount + metadata: + name: kube-vip + namespace: kube-system + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + name: system:kube-vip-role + rules: + - apiGroups: [""] + resources: ["services", "services/status", "nodes"] + verbs: ["list","get","watch", "update"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["list", "get", "watch", "update", "create"] + --- + kind: ClusterRoleBinding + apiVersion: rbac.authorization.k8s.io/v1 + metadata: + name: system:kube-vip-binding + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:kube-vip-role + subjects: + - kind: ServiceAccount + name: kube-vip + namespace: kube-system + --- + apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: null + name: kube-vip + namespace: kube-system + spec: + tolerations: + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + operator: Exists + containers: + - args: + - manager + env: + - name: cp_enable + value: "true" + - name: vip_interface + value: eth0 + - name: address + value: ${CONTROL_PLANE_ENDPOINT_IP} + - name: port + value: "6443" + - name: vip_arp + value: "true" + - name: vip_leaderelection + value: "true" + - name: vip_leaseduration + value: "15" + - name: vip_renewdeadline + value: "10" + - name: vip_retryperiod + value: "2" + image: ghcr.io/kube-vip/kube-vip:v0.5.5 + imagePullPolicy: IfNotPresent + name: kube-vip + resources: {} + securityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + volumeMounts: + - mountPath: /etc/rancher/rke2/rke2.yaml + name: kubeconfig + hostAliases: + - hostnames: + - kubernetes + ip: 127.0.0.1 + hostNetwork: true + serviceAccountName: kube-vip + volumes: + - hostPath: + path: /etc/rancher/rke2/rke2.yaml + type: File + name: kubeconfig + replicas: ${CONTROL_PLANE_MACHINE_COUNT} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: VSphereMachineTemplate + name: vsphere-controlplane + nodeDrainTimeout: 2m + preRKE2Commands: + - sleep 30 #fix to give OS time to become ready + version: ${RKE2_VERSION} + agentConfig: + additionalUserData: + config: | + users: + - name: capv + sudo: ALL=(ALL) NOPASSWD:ALL + ssh-authorized-keys: + - '${VSPHERE_SSH_AUTHORIZED_KEY}' + kubelet: + extraArgs: + - --cloud-provider=external + registrationMethod: "internal-first" + rolloutStrategy: + type: "RollingUpdate" + rollingUpdate: + maxSurge: 1 +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: VSphereMachineTemplate +metadata: + name: vsphere-controlplane + namespace: ${NAMESPACE} +spec: + template: + spec: + cloneMode: linkedClone + datacenter: ${VSPHERE_DATACENTER} + datastore: ${VSPHERE_DATASTORE} + diskGiB: 25 + folder: ${VSPHERE_FOLDER} + memoryMiB: 8192 + network: + devices: + - dhcp4: true + networkName: ${VSPHERE_NETWORK} + numCPUs: 2 + os: Linux + resourcePool: "${VSPHERE_RESOURCE_POOL}" + server: ${VSPHERE_SERVER} + storagePolicyName: "" + template: ${VSPHERE_TEMPLATE} + thumbprint: ${VSPHERE_TLS_THUMBPRINT} +--- +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + labels: + cluster.x-k8s.io/cluster-name: ${NAMESPACE} + name: worker-md-0 + namespace: ${NAMESPACE} +spec: + clusterName: ${CLUSTER_NAME} + replicas: ${WORKER_MACHINE_COUNT} + selector: + matchLabels: {} + template: + metadata: + labels: + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + spec: + version: ${RKE2_VERSION} + clusterName: ${CLUSTER_NAME} + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: RKE2ConfigTemplate + name: rke2-agent + namespace: ${NAMESPACE} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: VSphereMachineTemplate + name: vsphere-worker + namespace: ${NAMESPACE} +--- +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: RKE2ConfigTemplate +metadata: + namespace: ${NAMESPACE} + name: rke2-agent +spec: + template: + spec: + preRKE2Commands: + - sleep 30 # fix to give OS time to become ready + agentConfig: + kubelet: + extraArgs: + - "--cloud-provider=external" +--- +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: VSphereMachineTemplate +metadata: + name: vsphere-worker + namespace: ${NAMESPACE} +spec: + template: + spec: + cloneMode: linkedClone + datacenter: ${VSPHERE_DATACENTER} + datastore: ${VSPHERE_DATASTORE} + diskGiB: 25 + folder: ${VSPHERE_FOLDER} + memoryMiB: 8192 + network: + devices: + - dhcp4: true + networkName: ${VSPHERE_NETWORK} + numCPUs: 2 + os: Linux + resourcePool: "${VSPHERE_RESOURCE_POOL}" + server: ${VSPHERE_SERVER} + storagePolicyName: "" + template: ${VSPHERE_TEMPLATE} + thumbprint: ${VSPHERE_TLS_THUMBPRINT} +--- apiVersion: addons.cluster.x-k8s.io/v1beta1 kind: ClusterResourceSet metadata: labels: - cluster.x-k8s.io/cluster-name: ${CABPR_CLUSTER_NAME} - name: ${CABPR_CLUSTER_NAME}-crs-0 - namespace: ${CABPR_NAMESPACE} + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} + name: ${CLUSTER_NAME}-crs-0 + namespace: ${NAMESPACE} spec: clusterSelector: matchLabels: - cluster.x-k8s.io/cluster-name: ${CABPR_CLUSTER_NAME} + cluster.x-k8s.io/cluster-name: ${CLUSTER_NAME} resources: - kind: Secret name: vsphere-csi-controller @@ -35,17 +315,17 @@ spec: apiVersion: v1 kind: Secret metadata: - name: ${CABPR_CLUSTER_NAME} - namespace: ${CABPR_NAMESPACE} + name: ${CLUSTER_NAME} + namespace: ${NAMESPACE} stringData: - password: ${CABPR_VCENTER_PASSWORD} - username: ${CABPR_VCENTER_USERNAME} + password: ${VSPHERE_PASSWORD} + username: ${VSPHERE_USERNAME} --- apiVersion: v1 kind: Secret metadata: name: vsphere-csi-controller - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} stringData: data: | apiVersion: v1 @@ -165,7 +445,7 @@ data: kind: ConfigMap metadata: name: vsphere-csi-controller-role - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} --- apiVersion: v1 data: @@ -185,13 +465,13 @@ data: kind: ConfigMap metadata: name: vsphere-csi-controller-binding - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} --- apiVersion: v1 kind: Secret metadata: name: csi-vsphere-config - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} stringData: data: | apiVersion: v1 @@ -202,17 +482,17 @@ stringData: stringData: csi-vsphere.conf: |+ [Global] - cluster-id = "default/${CABPR_CLUSTER_NAME}" + cluster-id = "default/${CLUSTER_NAME}" - [VirtualCenter "${CABPR_VCENTER_HOSTNAME}"] - user = "${CABPR_VCENTER_USERNAME}" - password = "${CABPR_VCENTER_PASSWORD}" - datacenters = "${CABPR_VCENTER_DATACENTER}" + [VirtualCenter "${VSPHERE_SERVER}"] + user = "${VSPHERE_USERNAME}" + password = "${VSPHERE_PASSWORD}" + datacenters = "${VSPHERE_DATACENTER}" insecure-flag = 1 [Network] - public-network = "${CABPR_VCENTER_NETWORK}" + public-network = "${VSPHERE_NETWORK}" type: Opaque type: addons.cluster.x-k8s.io/resource-set @@ -229,7 +509,7 @@ data: kind: ConfigMap metadata: name: csi.vsphere.vmware.com - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} --- apiVersion: v1 data: @@ -362,7 +642,7 @@ data: kind: ConfigMap metadata: name: vsphere-csi-node - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} --- apiVersion: v1 data: @@ -487,13 +767,13 @@ data: kind: ConfigMap metadata: name: vsphere-csi-controller - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} --- apiVersion: v1 kind: Secret metadata: name: cloud-controller-manager - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} stringData: data: | apiVersion: v1 @@ -507,7 +787,7 @@ apiVersion: v1 kind: Secret metadata: name: cloud-provider-vsphere-credentials - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} stringData: data: | apiVersion: v1 @@ -516,8 +796,8 @@ stringData: name: cloud-provider-vsphere-credentials namespace: kube-system stringData: - ${CABPR_VCENTER_HOSTNAME}.password: ${CABPR_VCENTER_PASSWORD} - ${CABPR_VCENTER_HOSTNAME}.username: ${CABPR_VCENTER_USERNAME} + ${VSPHERE_SERVER}.password: ${VSPHERE_PASSWORD} + ${VSPHERE_SERVER}.username: ${VSPHERE_USERNAME} type: Opaque type: addons.cluster.x-k8s.io/resource-set --- @@ -528,6 +808,9 @@ data: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + labels: + component: cloud-controller-manager + vsphere-cpi-infra: role name: system:cloud-controller-manager rules: - apiGroups: @@ -559,6 +842,12 @@ data: - patch - update - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - patch - apiGroups: - "" resources: @@ -604,13 +893,15 @@ data: - get - watch - list - - delete - update - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: + labels: + component: cloud-controller-manager + vsphere-cpi-infra: cluster-role-binding name: system:cloud-controller-manager roleRef: apiGroup: rbac.authorization.k8s.io @@ -627,17 +918,15 @@ data: data: vsphere.conf: | global: + port: 443 secretName: cloud-provider-vsphere-credentials secretNamespace: kube-system - thumbprint: '${CABPR_VCENTER_THUMBPRINT}' + thumbprint: '${VSPHERE_TLS_THUMBPRINT}' vcenter: - ${CABPR_VCENTER_HOSTNAME}: + ${VSPHERE_SERVER}: datacenters: - - '${CABPR_VCENTER_DATACENTER}' - secretName: cloud-provider-vsphere-credentials - secretNamespace: kube-system - server: '${CABPR_VCENTER_HOSTNAME}' - thumbprint: '${CABPR_VCENTER_THUMBPRINT}' + - '${VSPHERE_DATACENTER}' + server: '${VSPHERE_SERVER}' kind: ConfigMap metadata: name: vsphere-cloud-config @@ -646,6 +935,9 @@ data: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: + labels: + component: cloud-controller-manager + vsphere-cpi-infra: role-binding name: servicecatalog.k8s.io:apiserver-authentication-reader namespace: kube-system roleRef: @@ -659,44 +951,41 @@ data: - kind: User name: cloud-controller-manager --- - apiVersion: v1 - kind: Service - metadata: - labels: - component: cloud-controller-manager - name: cloud-controller-manager - namespace: kube-system - spec: - ports: - - port: 443 - protocol: TCP - targetPort: 43001 - selector: - component: cloud-controller-manager - type: NodePort - --- apiVersion: apps/v1 kind: DaemonSet metadata: labels: - k8s-app: vsphere-cloud-controller-manager + component: cloud-controller-manager + tier: control-plane name: vsphere-cloud-controller-manager namespace: kube-system spec: selector: matchLabels: - k8s-app: vsphere-cloud-controller-manager + name: vsphere-cloud-controller-manager template: metadata: labels: - k8s-app: vsphere-cloud-controller-manager + component: cloud-controller-manager + name: vsphere-cloud-controller-manager + tier: control-plane spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists containers: - args: - --v=2 - --cloud-provider=vsphere - --cloud-config=/etc/cloud/vsphere.conf - image: gcr.io/cloud-provider-vsphere/cpi/release/manager:v1.18.1 + image: gcr.io/cloud-provider-vsphere/cpi/release/manager:${CPI_IMAGE_K8S_VERSION} name: vsphere-cloud-controller-manager resources: requests: @@ -706,6 +995,9 @@ data: name: vsphere-config-volume readOnly: true hostNetwork: true + priorityClassName: system-node-critical + securityContext: + runAsUser: 1001 serviceAccountName: cloud-controller-manager tolerations: - effect: NoSchedule @@ -713,8 +1005,13 @@ data: value: "true" - effect: NoSchedule key: node-role.kubernetes.io/master + operator: Exists + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane + operator: Exists - effect: NoSchedule key: node.kubernetes.io/not-ready + operator: Exists volumes: - configMap: name: vsphere-cloud-config @@ -724,4 +1021,14 @@ data: kind: ConfigMap metadata: name: cpi-manifests - namespace: ${CABPR_NAMESPACE} + namespace: ${NAMESPACE} +--- +apiVersion: v1 +kind: Secret +metadata: + name: ${CLUSTER_NAME} + namespace: ${NAMESPACE} +stringData: + password: ${VSPHERE_PASSWORD} + username: ${VSPHERE_USERNAME} +--- \ No newline at end of file diff --git a/samples/vmware/cluster.yaml b/samples/vmware/cluster.yaml deleted file mode 100644 index 56104832..00000000 --- a/samples/vmware/cluster.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: Cluster -metadata: - namespace: ${CABPR_NAMESPACE} - name: ${CABPR_CLUSTER_NAME} - labels: - cluster.x-k8s.io/cluster-name: ${CABPR_CLUSTER_NAME} -spec: - clusterNetwork: - pods: - cidrBlocks: - - 10.0.0.0/16 - serviceDomain: cluster.local - controlPlaneRef: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: RKE2ControlPlane - name: rke2-control-plane - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereCluster - name: ${CABPR_CLUSTER_NAME} - diff --git a/samples/vmware/machinedeployment.yaml b/samples/vmware/machinedeployment.yaml deleted file mode 100644 index e94fe851..00000000 --- a/samples/vmware/machinedeployment.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -apiVersion: cluster.x-k8s.io/v1beta1 -kind: MachineDeployment -metadata: - labels: - cluster.x-k8s.io/cluster-name: ${CABPR_NAMESPACE} - name: worker-md-0 - namespace: ${CABPR_NAMESPACE} -spec: - clusterName: ${CABPR_CLUSTER_NAME} - replicas: ${CABPR_WK_REPLICAS} - selector: - matchLabels: {} - template: - metadata: - labels: - cluster.x-k8s.io/cluster-name: ${CABPR_CLUSTER_NAME} - spec: - version: ${KUBERNETES_VERSION}+rke2r1 - clusterName: ${CABPR_CLUSTER_NAME} - bootstrap: - configRef: - apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 - kind: RKE2ConfigTemplate - name: rke2-agent - namespace: ${CABPR_NAMESPACE} - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereMachineTemplate - name: vsphere-worker - namespace: ${CABPR_NAMESPACE} - - diff --git a/samples/vmware/namespace.yaml b/samples/vmware/namespace.yaml deleted file mode 100644 index 663199c0..00000000 --- a/samples/vmware/namespace.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: ${CABPR_NAMESPACE} diff --git a/samples/vmware/rke2configtemplate.yaml b/samples/vmware/rke2configtemplate.yaml deleted file mode 100644 index 7dc6764f..00000000 --- a/samples/vmware/rke2configtemplate.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 -kind: RKE2ConfigTemplate -metadata: - namespace: ${CABPR_NAMESPACE} - name: rke2-agent -spec: - template: - spec: - preRKE2Commands: - - sleep 30 # fix to give OS time to become ready - agentConfig: - kubelet: - extraArgs: - - "--cloud-provider=external" - diff --git a/samples/vmware/rke2controlplane.yaml b/samples/vmware/rke2controlplane.yaml deleted file mode 100644 index 186eb80e..00000000 --- a/samples/vmware/rke2controlplane.yaml +++ /dev/null @@ -1,129 +0,0 @@ ---- -apiVersion: controlplane.cluster.x-k8s.io/v1beta1 -kind: RKE2ControlPlane -metadata: - name: rke2-control-plane - namespace: ${CABPR_NAMESPACE} -spec: - files: - - path: "/var/lib/rancher/rke2/server/manifests/coredns-config.yaml" - owner: "root:root" - permissions: "0640" - content: | - apiVersion: helm.cattle.io/v1 - kind: HelmChartConfig - metadata: - name: rke2-coredns - namespace: kube-system - spec: - valuesContent: |- - tolerations: - - key: "node.cloudprovider.kubernetes.io/uninitialized" - value: "true" - effect: "NoSchedule" - - path: "/var/lib/rancher/rke2/server/manifests/kubevip.yaml" - owner: "root:root" - permissions: "0640" - content: | - apiVersion: v1 - kind: ServiceAccount - metadata: - name: kube-vip - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRole - metadata: - annotations: - rbac.authorization.kubernetes.io/autoupdate: "true" - name: system:kube-vip-role - rules: - - apiGroups: [""] - resources: ["services", "services/status", "nodes"] - verbs: ["list","get","watch", "update"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["list", "get", "watch", "update", "create"] - --- - kind: ClusterRoleBinding - apiVersion: rbac.authorization.k8s.io/v1 - metadata: - name: system:kube-vip-binding - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:kube-vip-role - subjects: - - kind: ServiceAccount - name: kube-vip - namespace: kube-system - --- - apiVersion: v1 - kind: Pod - metadata: - creationTimestamp: null - name: kube-vip - namespace: kube-system - spec: - tolerations: - - effect: NoSchedule - key: node.cloudprovider.kubernetes.io/uninitialized - operator: Exists - containers: - - args: - - manager - env: - - name: cp_enable - value: "true" - - name: vip_interface - value: eth0 - - name: address - value: ${CABPR_CONTROLPLANE_ENDPOINT} - - name: port - value: "6443" - - name: vip_arp - value: "true" - - name: vip_leaderelection - value: "true" - - name: vip_leaseduration - value: "15" - - name: vip_renewdeadline - value: "10" - - name: vip_retryperiod - value: "2" - image: ghcr.io/kube-vip/kube-vip:v0.5.5 - imagePullPolicy: IfNotPresent - name: kube-vip - resources: {} - securityContext: - capabilities: - add: - - NET_ADMIN - - NET_RAW - volumeMounts: - - mountPath: /etc/rancher/rke2/rke2.yaml - name: kubeconfig - hostAliases: - - hostnames: - - kubernetes - ip: 127.0.0.1 - hostNetwork: true - serviceAccountName: kube-vip - volumes: - - hostPath: - path: /etc/rancher/rke2/rke2.yaml - type: File - name: kubeconfig - replicas: ${CABPR_CP_REPLICAS} - infrastructureRef: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: VSphereMachineTemplate - name: vsphere-controlplane - nodeDrainTimeout: 2m - preRKE2Commands: - - sleep 30 #fix to give OS time to become ready - version: ${RKE2_VERSION} - agentConfig: - kubelet: - extraArgs: - - "--cloud-provider=external" diff --git a/samples/vmware/vspherecluster.yaml b/samples/vmware/vspherecluster.yaml deleted file mode 100644 index 8d30cabf..00000000 --- a/samples/vmware/vspherecluster.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereCluster -metadata: - name: ${CABPR_CLUSTER_NAME} - namespace: ${CABPR_NAMESPACE} -spec: - controlPlaneEndpoint: - host: ${CABPR_CONTROLPLANE_ENDPOINT} - port: 6443 - identityRef: - kind: Secret - name: ${CABPR_CLUSTER_NAME} - server: ${CABPR_VCENTER_HOSTNAME} - thumbprint: ${CABPR_VCENTER_THUMBPRINT} ---- -apiVersion: v1 -kind: Secret -metadata: - name: ${CABPR_CLUSTER_NAME} - namespace: ${CABPR_NAMESPACE} -stringData: - password: ${CABPR_VCENTER_PASSWORD} - username: ${CABPR_VCENTER_USERNAME} diff --git a/samples/vmware/vspheremachinetemplate.yaml b/samples/vmware/vspheremachinetemplate.yaml deleted file mode 100644 index ea8d39bf..00000000 --- a/samples/vmware/vspheremachinetemplate.yaml +++ /dev/null @@ -1,52 +0,0 @@ ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereMachineTemplate -metadata: - name: vsphere-controlplane - namespace: ${CABPR_NAMESPACE} -spec: - template: - spec: - cloneMode: linkedClone - datacenter: ${CABPR_VCENTER_DATACENTER} - datastore: ${CABPR_VCENTER_DATASTORE} - diskGiB: ${CABPR_VCENTER_DISKSIZE} - folder: ${CABPR_VCENTER_FOLDER} - memoryMiB: ${CABPR_VCENTER_VM_MEMORY} - network: - devices: - - dhcp4: true - networkName: ${CABPR_VCENTER_NETWORK} - numCPUs: ${CABPR_VCENTER_VM_VPCU} - os: Linux - resourcePool: "${CABPR_VCENTER_RESOURCEPOOL}" - server: ${CABPR_VCENTER_HOSTNAME} - storagePolicyName: "" - template: ${CABPR_VCENTER_VM_TEMPLATE} - thumbprint: ${CABPR_VCENTER_THUMBPRINT} ---- -apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 -kind: VSphereMachineTemplate -metadata: - name: vsphere-worker - namespace: ${CABPR_NAMESPACE} -spec: - template: - spec: - cloneMode: linkedClone - datacenter: ${CABPR_VCENTER_DATACENTER} - datastore: ${CABPR_VCENTER_DATASTORE} - diskGiB: ${CABPR_VCENTER_DISKSIZE} - folder: ${CABPR_VCENTER_FOLDER} - memoryMiB: ${CABPR_VCENTER_VM_MEMORY} - network: - devices: - - dhcp4: true - networkName: ${CABPR_VCENTER_NETWORK} - numCPUs: ${CABPR_VCENTER_VM_VPCU} - os: Linux - resourcePool: "${CABPR_VCENTER_RESOURCEPOOL}" - server: ${CABPR_VCENTER_HOSTNAME} - storagePolicyName: "" - template: ${CABPR_VCENTER_VM_TEMPLATE} - thumbprint: ${CABPR_VCENTER_THUMBPRINT} \ No newline at end of file