commit ee8ffeaf1135665c37c250d255f318f0c2262f12 Author: mike Date: Mon Jun 16 20:13:17 2025 -0400 feat: k0s cluster diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f940e0b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +kubeconfig diff --git a/k0sctl.yaml b/k0sctl.yaml new file mode 100644 index 0000000..ba06039 --- /dev/null +++ b/k0sctl.yaml @@ -0,0 +1,135 @@ +apiVersion: k0sctl.k0sproject.io/v1beta1 +kind: Cluster +metadata: + name: k0s-cluster + user: admin +spec: + hosts: + - ssh: + address: k1.lab.smig.tech + user: smig + port: 22 + keyPath: ~/.ssh/id_ed25519 + role: controller + - ssh: + address: k2.lab.smig.tech + user: smig + port: 22 + keyPath: ~/.ssh/id_ed25519 + role: worker + - ssh: + address: k3.lab.smig.tech + user: smig + port: 22 + keyPath: ~/.ssh/id_ed25519 + role: worker + - ssh: + address: k4.lab.smig.tech + user: smig + port: 22 + keyPath: ~/.ssh/id_ed25519 + role: worker + k0s: + config: + apiVersion: k0s.k0sproject.io/v1beta1 + kind: Cluster + metadata: + name: k0s + spec: + api: + k0sApiPort: 9443 + port: 6443 + installConfig: + users: + etcdUser: etcd + kineUser: kube-apiserver + konnectivityUser: konnectivity-server + kubeAPIserverUser: kube-apiserver + kubeSchedulerUser: kube-scheduler + konnectivity: + adminPort: 8133 + agentPort: 8132 + network: + kubeProxy: + disabled: true + # mode: iptables + kuberouter: + autoMTU: true + mtu: 0 + peerRouterASNs: "" + peerRouterIPs: "" + podCIDR: 10.244.0.0/16 + provider: custom + serviceCIDR: 10.96.0.0/12 + podSecurityPolicy: + defaultPolicy: 00-k0s-privileged + storage: + type: etcd + telemetry: + enabled: false + extensions: + helm: + repositories: + - name: cilium + url: https://helm.cilium.io/ + - name: cert-manager + url: https://charts.jetstack.io + charts: + - name: cert-manager + chartName: cert-manager/cert-manager + version: "v1.17.2" + namespace: cert-manager + values: | + crds: + enabled: true + - name: cilium + chartName: cilium/cilium + namespace: kube-system + version: "1.18.0-pre.3" + values: | + cluster: + name: k0s-cluster + envoy: + enabled: true + image: + digest: sha256:e265e4b2e10eaa19c4a5a305086f81bbe0f9f5f41fff60ab0ec6effdb21e2a79 + repository: git.thecodedom.com/smig/cilium-envoy + tag: latest + k8sServiceHost: k1.lab.smig.tech + k8sServicePort: 6443 + kubeProxyReplacement: true + operator: + replicas: 1 + routingMode: tunnel + tunnelProtocol: vxlan + nodeIPAM: + enabled: true + defaultLBServiceIPAM: nodeipam + gatewayAPI: + enabled: true + ingressController: + enabled: true + service: + externalTrafficPolicy: Cluster + options: + wait: + enabled: true + drain: + enabled: true + gracePeriod: 2m0s + timeout: 5m0s + force: true + ignoreDaemonSets: true + deleteEmptyDirData: true + podSelector: "" + skipWaitForDeleteTimeout: 0s + concurrency: + limit: 30 + workerDisruptionPercent: 10 + uploads: 5 + evictTaint: + enabled: false + taint: k0sctl.k0sproject.io/evict=true + effect: NoExecute + controllerWorkers: false +