Mercurial > code > home > repos > infra

changeset 84:eb38553a6806

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
trying to fix k3s networking but this doesn't work yet
author drewp@bigasterisk.com
date Sun, 26 Jun 2022 01:43:13 -0700
parents 9e66c3f17351
children 1ac08aba5ae5
files kube.py templates/kube/config.yaml.j2 templates/kube/coredns.yaml templates/kube/flannel.link templates/kube/k3s_flannel.conf.j2 templates/kube/k3s_resolv.conf.j2 templates/kube/node-config.yaml.j2
diffstat 7 files changed, 39 insertions(+), 15 deletions(-) [+]
line wrap: on
line diff
--- a/kube.py	Sun Jun 26 01:41:56 2022 -0700
+++ b/kube.py	Sun Jun 26 01:43:13 2022 -0700
@@ -7,10 +7,10 @@
 is_pi = host.get_fact(LinuxDistribution)['name'] in ['Debian', 'Raspbian GNU/Linux']
 
 # https://github.com/k3s-io/k3s/releases
-k3s_version = 'v1.24.1+k3s1'
+k3s_version = 'v1.24.2-rc1+k3s1'
 
 # https://github.com/GoogleContainerTools/skaffold/releases
-skaffold_version = 'v1.38.0'
+skaffold_version = 'v1.39.0'
 
 master_ip = "10.5.0.1"
 server_node = 'bang'
@@ -31,7 +31,7 @@
         group='root',
         mode='755',
         cache_time=43000,
-        # force=True,  # to get a new version
+        #force=True,  # to get a new version
     )
 
     if is_pi:
@@ -41,11 +41,11 @@
             files.line(path='/boot/cmdline.txt', line='.*', replace=cmdline)
             # pi needs reboot now
 
-        server.shell(commands=[
-            'update-alternatives --set iptables /usr/sbin/iptables-nft',
-            'update-alternatives --set ip6tables /usr/sbin/ip6tables-nft',
-        ])
-        # needs reboot if this changed
+    server.shell(commands=[
+        'update-alternatives --set iptables /usr/sbin/iptables-nft',
+        'update-alternatives --set ip6tables /usr/sbin/ip6tables-nft',
+    ])
+    # needs reboot if this changed
 
     # See https://github.com/rancher/k3s/issues/1802 and https://rancher.com/docs/k3s/latest/en/installation/private-registry/
     files.directory(path='/etc/rancher/k3s')
@@ -70,6 +70,15 @@
         wg_ip=host.host_data['wireguard_address'],
     )
     files.template(
+        src='templates/kube/k3s_flannel.conf.j2',
+        dest='/etc/k3s_flannel.conf',
+        master_ip=master_ip,
+        wg_ip=host.host_data['wireguard_address'],
+    )
+    files.put(
+        src='templates/kube/flannel.link',  #
+        dest='/etc/systemd/network/10-flannel.link')  # then reboot
+    files.template(
         src='templates/kube/k3s.service.j2',
         dest=f'/etc/systemd/system/{service_name}',
         role='server' if host.name == 'bang' else 'agent',
--- a/templates/kube/config.yaml.j2	Sun Jun 26 01:41:56 2022 -0700
+++ b/templates/kube/config.yaml.j2	Sun Jun 26 01:43:13 2022 -0700
@@ -4,6 +4,8 @@
 http-listen-port: 6443
 #{{ master_ip }}
 node-ip: {{ wg_ip }}
-
+flannel-backend: host-gw
+flannel-iface: ens5
+#flannel-conf: /etc/k3s_flannel.conf
 disable:
   - traefik
\ No newline at end of file
--- a/templates/kube/coredns.yaml	Sun Jun 26 01:41:56 2022 -0700
+++ b/templates/kube/coredns.yaml	Sun Jun 26 01:43:13 2022 -0700
@@ -53,7 +53,7 @@
   namespace: kube-system
 data:
   Corefile: |
-    # update 2022-05-17T10:38
+    # update 2022-06-20T21:58
     .:53 {
         errors
         health
@@ -68,15 +68,13 @@
           fallthrough
         }
         prometheus :9153
-        forward . 10.5.0.1
-        #/etc/resolv.conf
+        forward . dns://10.5.0.1
         cache 30
         loop
         reload
         loadbalance
         log
     }
-    import /etc/coredns/custom/*.server
 ---
 apiVersion: apps/v1
 kind: Deployment
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/templates/kube/flannel.link	Sun Jun 26 01:43:13 2022 -0700
@@ -0,0 +1,7 @@
+# from https://github.com/flannel-io/flannel/issues/1155
+
+[Match]
+OriginalName=flannel*
+
+[Link]
+MACAddressPolicy=none
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/templates/kube/k3s_flannel.conf.j2	Sun Jun 26 01:43:13 2022 -0700
@@ -0,0 +1,9 @@
+{
+	"EnableIPv4": true,
+	"Network": "10.42.0.0/16",
+	"EnableIPv6": false,
+	"IPv6Network": "::/0",
+	"Backend": {
+		"Type": "host-gw"
+	}
+}
--- a/templates/kube/k3s_resolv.conf.j2	Sun Jun 26 01:41:56 2022 -0700
+++ b/templates/kube/k3s_resolv.conf.j2	Sun Jun 26 01:43:13 2022 -0700
@@ -1,6 +1,5 @@
 # written by pyinfra
 
-
 nameserver 10.5.0.1
 #options edns0
 search bigasterisk.com
\ No newline at end of file
--- a/templates/kube/node-config.yaml.j2	Sun Jun 26 01:41:56 2022 -0700
+++ b/templates/kube/node-config.yaml.j2	Sun Jun 26 01:43:13 2022 -0700
@@ -3,4 +3,4 @@
 node-ip: {{ wg_ip }}
 token: {{ token }}
 server: https://{{ master_ip }}:6443 
-resolv-conf: /etc/k3s_resolv.conf
\ No newline at end of file
+resolv-conf: /etc/k3s_resolv.conf