diff --git a/.github/tests/config-k0s.yaml b/.github/tests/config-k0s.yaml index 1b02aa4aca9..211e143095a 100644 --- a/.github/tests/config-k0s.yaml +++ b/.github/tests/config-k0s.yaml @@ -1,3 +1,4 @@ +# Test: k0s --- ci_test: true @@ -17,6 +18,7 @@ bootstrap_cloudflare_tunnel_secret: fake bootstrap_cloudflare_tunnel_id: fake bootstrap_node_cidr: 10.10.10.0/24 bootstrap_kube_api_addr: 10.10.10.254 +bootstrap_kube_api_hostname: fake bootstrap_k8s_gateway_addr: 10.10.10.253 bootstrap_external_ingress_addr: 10.10.10.252 bootstrap_internal_ingress_addr: 10.10.10.251 diff --git a/.github/tests/config-k3s-ipv4.yaml b/.github/tests/config-k3s-ipv4.yaml index 9cbfe954d8a..4693649254e 100644 --- a/.github/tests/config-k3s-ipv4.yaml +++ b/.github/tests/config-k3s-ipv4.yaml @@ -17,6 +17,7 @@ bootstrap_cloudflare_tunnel_secret: fake bootstrap_cloudflare_tunnel_id: fake bootstrap_node_cidr: 10.10.10.0/24 bootstrap_kube_api_addr: 10.10.10.254 +bootstrap_kube_api_hostname: fake bootstrap_k8s_gateway_addr: 10.10.10.253 bootstrap_external_ingress_addr: 10.10.10.252 bootstrap_internal_ingress_addr: 10.10.10.251 diff --git a/.github/tests/config-k3s-ipv6.yaml b/.github/tests/config-k3s-ipv6.yaml index 88e6acac9f8..8cf36213428 100644 --- a/.github/tests/config-k3s-ipv6.yaml +++ b/.github/tests/config-k3s-ipv6.yaml @@ -17,6 +17,7 @@ bootstrap_cloudflare_tunnel_secret: fake bootstrap_cloudflare_tunnel_id: fake bootstrap_node_cidr: 10.10.10.0/24 bootstrap_kube_api_addr: 10.10.10.254 +bootstrap_kube_api_hostname: fake bootstrap_k8s_gateway_addr: 10.10.10.253 bootstrap_external_ingress_addr: 10.10.10.252 bootstrap_internal_ingress_addr: 10.10.10.251 diff --git a/.github/tests/config-k3s-no-kube-vip.yaml b/.github/tests/config-k3s-no-kube-vip.yaml index c5b42d1ee67..fe762ffcd3d 100644 --- a/.github/tests/config-k3s-no-kube-vip.yaml +++ b/.github/tests/config-k3s-no-kube-vip.yaml @@ -17,6 +17,7 @@ bootstrap_cloudflare_tunnel_secret: fake bootstrap_cloudflare_tunnel_id: fake bootstrap_node_cidr: 10.10.10.0/24 bootstrap_kube_api_addr: # left blank to not use kube-vip +bootstrap_kube_api_hostname: fake bootstrap_k8s_gateway_addr: 10.10.10.253 bootstrap_external_ingress_addr: 10.10.10.252 bootstrap_internal_ingress_addr: 10.10.10.251 diff --git a/bootstrap/tasks/validation/github.yaml b/bootstrap/tasks/validation/github.yaml index d02d58f7979..b5efeef675a 100644 --- a/bootstrap/tasks/validation/github.yaml +++ b/bootstrap/tasks/validation/github.yaml @@ -1,5 +1,6 @@ --- - name: Query Github username + when: not ci_test | default(false) ansible.builtin.uri: url: https://api.github.com/users/{{ bootstrap_github_username }} timeout: 5 @@ -8,13 +9,14 @@ register: result - name: Check if username exists + when: not ci_test | default(false) ansible.builtin.assert: that: result.json.login == bootstrap_github_username success_msg: Github user {{ bootstrap_github_username }} exists fail_msg: Github user {{ bootstrap_github_username }} does not exist - name: Query Github repo - when: not bootstrap_private_github_repo | default(false) + when: (not ci_test | default(false)) or (not bootstrap_private_github_repo | default(false)) ansible.builtin.uri: url: https://api.github.com/repos/{{ bootstrap_github_username }}/{{ bootstrap_github_repository_name }} timeout: 5 @@ -23,14 +25,14 @@ register: result - name: Check if repo exists - when: not bootstrap_private_github_repo | default(false) + when: (not ci_test | default(false)) or (not bootstrap_private_github_repo | default(false)) ansible.builtin.assert: that: result.json.full_name == bootstrap_github_username + '/' + bootstrap_github_repository_name success_msg: Github repo {{ bootstrap_github_username }}/{{ bootstrap_github_repository_name }} exists fail_msg: Github repo {{ bootstrap_github_username }}/{{ bootstrap_github_repository_name }} does not exist - name: Query Github repo branch - when: not bootstrap_private_github_repo | default(false) + when: (not ci_test | default(false)) or (not bootstrap_private_github_repo | default(false)) ansible.builtin.uri: url: https://api.github.com/repos/{{ bootstrap_github_username }}/{{ bootstrap_github_repository_name }}/branches/{{ bootstrap_github_repository_branch | default('main', true) }} timeout: 5 @@ -39,7 +41,7 @@ register: result - name: Check if repo branch exists - when: not bootstrap_private_github_repo | default(false) + when: (not ci_test | default(false)) or (not bootstrap_private_github_repo | default(false)) ansible.builtin.assert: that: result.json.name == bootstrap_github_repository_branch | default('main', true) success_msg: Github repo branch {{ bootstrap_github_repository_branch | default('main', true) }} exists diff --git a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 index 9c046672587..ba8224775c1 100644 --- a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 +++ b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/main.yaml.j2 @@ -19,7 +19,7 @@ k3s_registration_address: "{{ kube_api_addr }}" k3s_server_manifests_templates: - custom-cilium-helmchart.yaml.j2 - custom-coredns-helmchart.yaml.j2 -#% if bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr %# +#% if bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr | default('') %# # /var/lib/rancher/k3s/server/manifests k3s_server_manifests_urls: - url: https://raw.githubusercontent.com/kube-vip/website/main/content/manifests/rbac.yaml diff --git a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/supplemental.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/supplemental.yaml.j2 index bc1cca28489..fcb7ad05f9f 100644 --- a/bootstrap/templates/ansible/inventory/group_vars/kubernetes/supplemental.yaml.j2 +++ b/bootstrap/templates/ansible/inventory/group_vars/kubernetes/supplemental.yaml.j2 @@ -2,11 +2,14 @@ timezone: "#{ bootstrap_timezone }#" github_username: "#{ bootstrap_github_username }#" coredns_addr: "#{ bootstrap_service_cidr.split(',')[0] | nthhost(10) }#" -#% if bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr %# +#% if bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr | default('') %# kube_api_addr: "#{ bootstrap_kube_api_addr }#" #% else %# kube_api_addr: "#{ bootstrap_nodes.master[0].address }#" #% endif %# +#% if bootstrap_kube_api_hostname | default('') %# +kube_api_hostname: "#{ bootstrap_kube_api_hostname }#" +#% endif %# cluster_cidr: "#{ bootstrap_cluster_cidr.split(',')[0] }#" service_cidr: "#{ bootstrap_service_cidr.split(',')[0] }#" node_cidr: "#{ bootstrap_node_cidr }#" diff --git a/bootstrap/templates/ansible/inventory/group_vars/master/main.yaml.j2 b/bootstrap/templates/ansible/inventory/group_vars/master/main.yaml.j2 index ae6c257a02f..e4d09fc3414 100644 --- a/bootstrap/templates/ansible/inventory/group_vars/master/main.yaml.j2 +++ b/bootstrap/templates/ansible/inventory/group_vars/master/main.yaml.j2 @@ -12,6 +12,9 @@ k3s_server: #% endif %# tls-san: - "{{ kube_api_addr }}" + #% if bootstrap_kube_api_hostname | default('') %# + - "{{ kube_api_hostname }}" + #% endif %# docker: false flannel-backend: "none" # This needs to be in quotes disable: diff --git a/bootstrap/templates/ansible/playbooks/templates/kube-vip-static-pod.yaml.j2.j2 b/bootstrap/templates/ansible/playbooks/templates/kube-vip-static-pod.yaml.j2.j2 index 18d221a8bd5..58def6a80cd 100644 --- a/bootstrap/templates/ansible/playbooks/templates/kube-vip-static-pod.yaml.j2.j2 +++ b/bootstrap/templates/ansible/playbooks/templates/kube-vip-static-pod.yaml.j2.j2 @@ -1,4 +1,4 @@ -#% if bootstrap_distribution == 'k3s' and (bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr) %# +#% if bootstrap_distribution == 'k3s' and (bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr | default('')) %# --- apiVersion: v1 kind: Pod diff --git a/bootstrap/templates/k0s-config.yaml.j2 b/bootstrap/templates/k0s-config.yaml.j2 index 2e8c4a6604c..f2bd6d4d4ff 100644 --- a/bootstrap/templates/k0s-config.yaml.j2 +++ b/bootstrap/templates/k0s-config.yaml.j2 @@ -44,14 +44,14 @@ spec: api: sans: - "#{ bootstrap_kube_api_addr }#" - #% if bootstrap_kube_api_hostname is defined %# + #% if bootstrap_kube_api_hostname | default('') %# - "#{ bootstrap_kube_api_hostname }#" #% endif %# #% for item in bootstrap_nodes.master %# #% if item.address != bootstrap_kube_api_addr %# - "#{ item.address }#" #% endif %# - #% if (bootstrap_kube_api_hostname is not defined) or (item.name != bootstrap_kube_api_hostname) %# + #% if (not bootstrap_kube_api_hostname | default('')) or (item.name != bootstrap_kube_api_hostname | default('')) %# - "#{ item.name }#" #% endif %# #% endfor %# @@ -90,10 +90,10 @@ spec: ipv6: enabled: true #% endif %# - #% if bootstrap_nodes.master | length == 1 and not bootstrap_kube_api_addr %# - k8sServiceHost: "#{ bootstrap_nodes.master[0].address }#" - #% else %# + #% if bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr | default('') %# k8sServiceHost: "#{ bootstrap_kube_api_addr }#" + #% else %# + k8sServiceHost: "#{ bootstrap_nodes.master[0].address }#" #% endif %# k8sServicePort: 6443 kubeProxyReplacement: true diff --git a/bootstrap/templates/kubernetes/flux/vars/cluster-settings.yaml.j2 b/bootstrap/templates/kubernetes/flux/vars/cluster-settings.yaml.j2 index 196a2b83164..d2260499afd 100644 --- a/bootstrap/templates/kubernetes/flux/vars/cluster-settings.yaml.j2 +++ b/bootstrap/templates/kubernetes/flux/vars/cluster-settings.yaml.j2 @@ -7,10 +7,10 @@ metadata: data: TIMEZONE: "#{ bootstrap_timezone }#" COREDNS_ADDR: "#{ bootstrap_service_cidr.split(',')[0] | nthhost(10) }#" - #% if bootstrap_nodes.master | length == 1 and not bootstrap_kube_api_addr %# - KUBE_API_ADDR: "#{ bootstrap_nodes.master[0].address }#" - #% else %# + #% if bootstrap_nodes.master | length > 1 or bootstrap_kube_api_addr | default('') %# KUBE_API_ADDR: "#{ bootstrap_kube_api_addr }#" + #% else %# + KUBE_API_ADDR: "#{ bootstrap_nodes.master[0].address }#" #% endif %# CLUSTER_CIDR: "#{ bootstrap_cluster_cidr.split(',')[0] }#" SERVICE_CIDR: "#{ bootstrap_service_cidr.split(',')[0] }#" diff --git a/bootstrap/vars/config.sample.yaml b/bootstrap/vars/config.sample.yaml index 3104d69dd86..c144bec5e3b 100644 --- a/bootstrap/vars/config.sample.yaml +++ b/bootstrap/vars/config.sample.yaml @@ -4,7 +4,6 @@ # # Distribution can either be 'k3s' or 'k0s' -# Note that changing this to k0s will ignore `system_upgrade_controller` in the addons. bootstrap_distribution: k3s # Github username (e.g. onedr0p) @@ -43,12 +42,12 @@ bootstrap_cloudflare_tunnel_id: # CIDR your nodes are on (e.g. 192.168.1.0/24) bootstrap_node_cidr: # The IP address of the Kube API, choose an available IP in your nodes network that is not being used -# (Optional) Leave this blank if you are deploying a single master node, this will disable kube-vip in k3s -# or keepalived in k0s and use the master node IP instead +# Leave this blank if you are deploying a single master node, this will disable kube-vip in k3s +# and keepalived in k0s and use the master node IP instead bootstrap_kube_api_addr: -# The hostname of the Kube API, set this if you intend to call the Kube API by hostname rather than IP -# (Optional) This is currently only utilized in k0s and is added to the Kube API cert sans -# bootstrap_kube_api_hostname: +# (Optional) The hostname of the Kube API, set this if you intend to call the Kube API by +# hostname rather than IP. Hostname is added to the Kube API cert sans +bootstrap_kube_api_hostname: # The Load balancer IP for k8s_gateway, choose an available IP in your nodes network that is not being used bootstrap_k8s_gateway_addr: # The Load balancer IP for external ingress, choose an available IP in your nodes network that is not being used