From e55c0fe495480f0e15a6eb5a02daeb73d21005c9 Mon Sep 17 00:00:00 2001 From: Nat Allan <19149206+Truxnell@users.noreply.github.com> Date: Sat, 9 Mar 2024 13:13:05 +1100 Subject: [PATCH] fix: static ip node ep --- infrastructure/talos/hegira/talconfig.yaml | 14 +++++++++----- .../apps/kube-system/cilium/app/helmrelease.yaml | 2 +- kubernetes/bootstrap/cilium.yaml | 12 +++--------- 3 files changed, 13 insertions(+), 15 deletions(-) diff --git a/infrastructure/talos/hegira/talconfig.yaml b/infrastructure/talos/hegira/talconfig.yaml index 26a33bd422..3ff985afdc 100644 --- a/infrastructure/talos/hegira/talconfig.yaml +++ b/infrastructure/talos/hegira/talconfig.yaml @@ -1,7 +1,7 @@ clusterName: hegira -talosVersion: v1.4.4 -kubernetesVersion: 1.26.4 -endpoint: https://hegira.${DOMAINNAME}:6443 +talosVersion: v1.6.6 +kubernetesVersion: 1.27.7 +endpoint: https://10.8.20.30:6443 allowSchedulingOnMasters: true cniConfig: name: none @@ -21,6 +21,8 @@ nodes: - interface: eth0 mtu: 0 dhcp: true + vip: + ip: 10.8.20.30 - hostname: shodan.${DOMAINNAME} ipAddress: 10.8.20.42 controlPlane: true @@ -30,6 +32,8 @@ nodes: - interface: eth0 mtu: 0 dhcp: true + vip: + ip: 10.8.20.30 - hostname: icarus.${DOMAINNAME} ipAddress: 10.8.20.44 controlPlane: true @@ -39,6 +43,8 @@ nodes: - interface: eth0 mtu: 0 dhcp: true + vip: + ip: 10.8.20.30 controlPlane: inlinePatch: cluster: @@ -50,7 +56,6 @@ controlPlane: admissionControl: [] certSANs: - ${CLUSTERENDPOINTIP} - - heigra.${DOMAINNAME} extraArgs: feature-gates: MixedProtocolLBService=true,EphemeralContainers=True ca: @@ -89,7 +94,6 @@ controlPlane: key: ${MACHINECERTKEY} certSANs: - ${CLUSTERENDPOINTIP} - - hegira.${DOMAINNAME} files: - content: | [plugins."io.containerd.grpc.v1.cri"] diff --git a/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml b/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml index 240befd62d..a6fb252db9 100644 --- a/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml +++ b/kubernetes/apps/kube-system/cilium/app/helmrelease.yaml @@ -41,7 +41,7 @@ spec: kubeProxyReplacement: "strict" kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256 ipv4NativeRoutingCIDR: ${NETWORK_K8S_POD_CIDR} - k8sServiceHost: "hegira.${INTERNAL_DOMAIN}" + k8sServiceHost: "10.8.20.30" k8sServicePort: 6443 loadBalancer: algorithm: "maglev" diff --git a/kubernetes/bootstrap/cilium.yaml b/kubernetes/bootstrap/cilium.yaml index 3c0502e705..0392ea8a34 100644 --- a/kubernetes/bootstrap/cilium.yaml +++ b/kubernetes/bootstrap/cilium.yaml @@ -163,7 +163,6 @@ data: --- # Source: cilium/templates/cilium-agent/clusterrole.yaml - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -270,7 +269,6 @@ rules: --- # Source: cilium/templates/cilium-operator/clusterrole.yaml - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -378,7 +376,6 @@ rules: --- # Source: cilium/templates/cilium-agent/clusterrolebinding.yaml - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -399,7 +396,6 @@ subjects: --- # Source: cilium/templates/cilium-operator/clusterrolebinding.yaml - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -420,7 +416,6 @@ subjects: --- # Source: cilium/templates/cilium-agent/daemonset.yaml - apiVersion: apps/v1 kind: DaemonSet metadata: @@ -546,7 +541,7 @@ spec: key: custom-cni-conf optional: true - name: KUBERNETES_SERVICE_HOST - value: "hegira.natallan.com" + value: "10.8.20.30" - name: KUBERNETES_SERVICE_PORT value: "6443" lifecycle: @@ -634,7 +629,7 @@ spec: key: clean-cilium-bpf-state optional: true - name: KUBERNETES_SERVICE_HOST - value: "hegira.natallan.com" + value: "10.8.20.30" - name: KUBERNETES_SERVICE_PORT value: "6443" securityContext: @@ -713,7 +708,6 @@ spec: --- # Source: cilium/templates/cilium-operator/deployment.yaml - apiVersion: apps/v1 kind: Deployment metadata: @@ -785,7 +779,7 @@ spec: name: cilium-config optional: true - name: KUBERNETES_SERVICE_HOST - value: "hegira.natallan.com" + value: "10.8.20.30" - name: KUBERNETES_SERVICE_PORT value: "6443" livenessProbe: