prskr/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

chore: upgrade k8s cluster

Browse source
This commit is contained in:
Peter 2023-07-11 20:56:33 +02:00
parent f50528f81e
commit 72fab36d11
Signed by: prskr
GPG key ID: C1DB5D2E8DB512F9
7 changed files with 37 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
infrastructure/k8s_flatcar_machines.tf
View file

@ -26,7 +26,7 @@ resource "hcloud_server" "machine" {
for_each = var.k3os_workers
name = each.key
server_type = each.value.server_type
datacenter = "hel1-dc2"
location = each.value.location
image = "ubuntu-22.04"
backups = each.value.backups
@ -59,7 +59,7 @@ resource "hcloud_server" "machine" {
private_key = tls_private_key.provisioning.private_key_pem
timeout = "2m"
}
provisioner "file" {
content = data.ct_config.machine-ignitions[each.key].rendered
destination = "/root/ignition.json"
@ -113,4 +113,4 @@ data "template_file" "core_user" {
vars = {
ssh_keys = jsonencode(concat(var.ssh_keys, [tls_private_key.provisioning.public_key_openssh]))
}
}
}

3
infrastructure/vars.tf
View file

@ -21,6 +21,7 @@ variable "k3os_workers" {
server_type = string
backups = bool
private_ip = string
location = string
}))
}
@ -39,4 +40,4 @@ variable "release_channel" {
condition = contains(["lts", "stable", "beta", "alpha"], var.release_channel)
error_message = "release_channel must be lts, stable, beta, or alpha."
}
}
}

2
infrastructure/versions.tf
View file

@ -8,7 +8,7 @@ terraform {
}
ct = {
source = "poseidon/ct"
version = "0.13.0"
version = "0.11.0"
}
template = {
source = "hashicorp/template"

18
infrastructure/vms.auto.tfvars
View file

@ -1,24 +1,18 @@
k3os_workers = {
"worker1-gen3" = {
backups = false
node_type = "worker"
server_type = "cx31"
private_ip = "172.23.2.24"
}
"worker1-gen4" = {
backups = false
node_type = "worker"
server_type = "cx31"
private_ip = "172.23.2.20"
location = "hel1"
}
"worker2-gen3" = {
"worker2-gen4" = {
backups = false
node_type = "worker"
server_type = "cx31"
private_ip = "172.23.2.25"
server_type = "cax21"
private_ip = "172.23.2.21"
location = "fsn1"
}
}
@ -33,4 +27,4 @@ vms = {
ssh_keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKfHZaI0F5GjAcrM8hjWqwMfULDkAZ2TOIBTQtRocg1F id_ed25519"]
release_channel = "stable"
release_channel = "stable"

12
k8s/roles/fider/files/resources/deployment.yaml
View file

@ -32,3 +32,15 @@ spec:
requests:
cpu: 50m
memory: 50Mi
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- fider
topologyKey: topology.kubernetes.io/zone

2
k8s/roles/fider/tasks/main.yml
View file

@ -40,6 +40,6 @@
BLOB_STORAGE_S3_ACCESS_KEY_ID: "{{ minio.rootUser | b64encode }}"
BLOB_STORAGE_S3_SECRET_ACCESS_KEY: "{{ minio.rootPassword | b64encode }}"
- name: Create kubernetes resources for lookup output
- name: Deploy Fider kustomization
k8s:
definition: "{{ lookup('kubernetes.core.kustomize', dir=([role_path, 'files'] | path_join)) }}"

22
k8s/roles/hcloud/templates/hcloud-csi.yml.j2
View file

@ -168,7 +168,7 @@ apiVersion: v1
kind: Service
metadata:
labels:
app: hcloud-csi
app: hcloud-csi-controller
name: hcloud-csi-controller-metrics
namespace: kube-system
spec:
@ -210,12 +210,14 @@ spec:
app: hcloud-csi-controller
spec:
containers:
- image: k8s.gcr.io/sig-storage/csi-attacher:v3.2.1
- args:
- --default-fstype=ext4
image: registry.k8s.io/sig-storage/csi-attacher:v4.1.0
name: csi-attacher
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: k8s.gcr.io/sig-storage/csi-resizer:v1.2.0
- image: registry.k8s.io/sig-storage/csi-resizer:v1.7.0
name: csi-resizer
volumeMounts:
- mountPath: /run/csi
@ -223,7 +225,7 @@ spec:
- args:
- --feature-gates=Topology=true
- --default-fstype=ext4
image: k8s.gcr.io/sig-storage/csi-provisioner:v2.2.2
image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0
name: csi-provisioner
volumeMounts:
- mountPath: /run/csi
@ -247,7 +249,7 @@ spec:
secretKeyRef:
key: token
name: hcloud
image: hetznercloud/hcloud-csi-driver:2.1.0
image: hetznercloud/hcloud-csi-driver:v2.3.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 5
@ -267,7 +269,7 @@ spec:
volumeMounts:
- mountPath: /run/csi
name: socket-dir
- image: k8s.gcr.io/sig-storage/livenessprobe:v2.3.0
- image: registry.k8s.io/sig-storage/livenessprobe:v2.10.0
imagePullPolicy: Always
name: liveness-probe
volumeMounts:
@ -306,7 +308,7 @@ spec:
containers:
- args:
- --kubelet-registration-path=/var/lib/kubelet/plugins/csi.hetzner.cloud/socket
image: k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.2.0
image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.7.0
name: csi-node-driver-registrar
volumeMounts:
- mountPath: /run/csi
@ -322,7 +324,7 @@ spec:
value: 0.0.0.0:9189
- name: ENABLE_METRICS
value: "true"
image: hetznercloud/hcloud-csi-driver:2.1.0
image: hetznercloud/hcloud-csi-driver:v2.3.2
imagePullPolicy: Always
livenessProbe:
failureThreshold: 5
@ -349,7 +351,7 @@ spec:
name: plugin-dir
- mountPath: /dev
name: device-dir
- image: k8s.gcr.io/sig-storage/livenessprobe:v2.3.0
- image: registry.k8s.io/sig-storage/livenessprobe:v2.10.0
imagePullPolicy: Always
name: liveness-probe
volumeMounts:
@ -386,7 +388,7 @@ metadata:
name: csi.hetzner.cloud
spec:
attachRequired: true
fsGroupPolicy: File
podInfoOnMount: true
volumeLifecycleModes:
- Persistent
fsGroupPolicy: File