feat: k0s cluster

.gitignore

@@ -0,0 +1 @@
+kubeconfig

k0sctl.yaml

@@ -0,0 +1,135 @@
+apiVersion: k0sctl.k0sproject.io/v1beta1
+kind: Cluster
+metadata:
+  name: k0s-cluster
+  user: admin
+spec:
+  hosts:
+  - ssh:
+      address: k1.lab.smig.tech
+      user: smig
+      port: 22
+      keyPath: ~/.ssh/id_ed25519
+    role: controller
+  - ssh:
+      address: k2.lab.smig.tech
+      user: smig
+      port: 22
+      keyPath: ~/.ssh/id_ed25519
+    role: worker
+  - ssh:
+      address: k3.lab.smig.tech
+      user: smig
+      port: 22
+      keyPath: ~/.ssh/id_ed25519
+    role: worker
+  - ssh:
+      address: k4.lab.smig.tech
+      user: smig
+      port: 22
+      keyPath: ~/.ssh/id_ed25519
+    role: worker
+  k0s:
+    config:
+      apiVersion: k0s.k0sproject.io/v1beta1
+      kind: Cluster
+      metadata:
+        name: k0s
+      spec:
+        api:
+          k0sApiPort: 9443
+          port: 6443
+        installConfig:
+          users:
+            etcdUser: etcd
+            kineUser: kube-apiserver
+            konnectivityUser: konnectivity-server
+            kubeAPIserverUser: kube-apiserver
+            kubeSchedulerUser: kube-scheduler
+        konnectivity:
+          adminPort: 8133
+          agentPort: 8132
+        network:
+          kubeProxy:
+            disabled: true
+            # mode: iptables
+          kuberouter:
+            autoMTU: true
+            mtu: 0
+            peerRouterASNs: ""
+            peerRouterIPs: ""
+          podCIDR: 10.244.0.0/16
+          provider: custom
+          serviceCIDR: 10.96.0.0/12
+        podSecurityPolicy:
+          defaultPolicy: 00-k0s-privileged
+        storage:
+          type: etcd
+        telemetry:
+          enabled: false
+        extensions:
+          helm:
+            repositories:
+              - name: cilium
+                url: https://helm.cilium.io/
+              - name: cert-manager
+                url: https://charts.jetstack.io
+            charts:
+              - name: cert-manager
+                chartName: cert-manager/cert-manager
+                version: "v1.17.2"
+                namespace: cert-manager
+                values: |
+                  crds:
+                    enabled: true
+              - name: cilium
+                chartName: cilium/cilium
+                namespace: kube-system
+                version: "1.18.0-pre.3"
+                values: |
+                  cluster:
+                    name: k0s-cluster
+                  envoy:
+                    enabled: true
+                    image:
+                      digest: sha256:e265e4b2e10eaa19c4a5a305086f81bbe0f9f5f41fff60ab0ec6effdb21e2a79
+                      repository: git.thecodedom.com/smig/cilium-envoy
+                      tag: latest
+                  k8sServiceHost: k1.lab.smig.tech
+                  k8sServicePort: 6443
+                  kubeProxyReplacement: true
+                  operator:
+                    replicas: 1
+                  routingMode: tunnel
+                  tunnelProtocol: vxlan
+                  nodeIPAM:
+                    enabled: true
+                  defaultLBServiceIPAM: nodeipam
+                  gatewayAPI:
+                    enabled: true
+                  ingressController:
+                    enabled: true
+                    service:
+                      externalTrafficPolicy: Cluster
+  options:
+    wait:
+      enabled: true
+    drain:
+      enabled: true
+      gracePeriod: 2m0s
+      timeout: 5m0s
+      force: true
+      ignoreDaemonSets: true
+      deleteEmptyDirData: true
+      podSelector: ""
+      skipWaitForDeleteTimeout: 0s
+    concurrency:
+      limit: 30
+      workerDisruptionPercent: 10
+      uploads: 5
+    evictTaint:
+      enabled: false
+      taint: k0sctl.k0sproject.io/evict=true
+      effect: NoExecute
+      controllerWorkers: false
+