From ad258de76ac4dddb85531e7d5e1b7f0558dc35fb Mon Sep 17 00:00:00 2001 From: Jaro Rivera Date: Tue, 30 Aug 2022 10:43:41 -0400 Subject: [PATCH] Adding kubevip --- .../kustomizations/kustomization-kubevip.yaml | 19 +++++ ...ap-kubevip-helm-chart-value-overrides.yaml | 0 kubevip/vip.rbac.yaml | 32 ++++++++ kubevip/vip.yaml | 77 +++++++++++++++++++ 4 files changed, 128 insertions(+) create mode 100644 bootstrap/kustomizations/kustomization-kubevip.yaml create mode 100644 kubevip/configmap-kubevip-helm-chart-value-overrides.yaml create mode 100644 kubevip/vip.rbac.yaml create mode 100644 kubevip/vip.yaml diff --git a/bootstrap/kustomizations/kustomization-kubevip.yaml b/bootstrap/kustomizations/kustomization-kubevip.yaml new file mode 100644 index 0000000..12bc97a --- /dev/null +++ b/bootstrap/kustomizations/kustomization-kubevip.yaml @@ -0,0 +1,19 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 +kind: Kustomization +metadata: + name: kubevip + namespace: flux-system +spec: + interval: 15m + path: ./kubevip + prune: true # remove any elements later removed from the above path + timeout: 2m # if not set, this defaults to interval duration, which is 1h + sourceRef: + kind: GitRepository + name: flux-system + validation: server + healthChecks: + - apiVersion: apps/v1 + kind: DaemonSet + name: kubevip + namespace: kube-system diff --git a/kubevip/configmap-kubevip-helm-chart-value-overrides.yaml b/kubevip/configmap-kubevip-helm-chart-value-overrides.yaml new file mode 100644 index 0000000..e69de29 diff --git a/kubevip/vip.rbac.yaml b/kubevip/vip.rbac.yaml new file mode 100644 index 0000000..0480d0e --- /dev/null +++ b/kubevip/vip.rbac.yaml @@ -0,0 +1,32 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kube-vip + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" + name: system:kube-vip-role +rules: + - apiGroups: [""] + resources: ["services", "services/status", "nodes", "endpoints"] + verbs: ["list","get","watch", "update"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["list", "get", "watch", "update", "create"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: system:kube-vip-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:kube-vip-role +subjects: +- kind: ServiceAccount + name: kube-vip + namespace: kube-system diff --git a/kubevip/vip.yaml b/kubevip/vip.yaml new file mode 100644 index 0000000..f82e388 --- /dev/null +++ b/kubevip/vip.yaml @@ -0,0 +1,77 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: kube-vip-ds + namespace: kube-system +spec: + selector: + matchLabels: + name: kube-vip-ds + template: + metadata: + labels: + name: kube-vip-ds + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: Exists + - matchExpressions: + - key: node-role.kubernetes.io/control-plane + operator: Exists + containers: + - args: + - manager + env: + - name: vip_arp + value: "true" + - name: port + value: "6443" + - name: vip_interface + value: "eth0" + - name: vip_cidr + value: "32" + - name: cp_enable + value: "true" + - name: cp_namespace + value: kube-system + - name: vip_ddns + value: "false" + - name: svc_enable + value: "false" + - name: vip_leaderelection + value: "true" + - name: vip_leaseduration + value: "15" + - name: vip_renewdeadline + value: "10" + - name: vip_retryperiod + value: "2" + - name: address + value: 172.16.10.30 + image: ghcr.io/kube-vip/kube-vip:v0.5.0 + imagePullPolicy: Always + name: kube-vip + resources: {} + securityContext: + capabilities: + add: + - NET_ADMIN + - NET_RAW + - SYS_TIME + hostNetwork: true + serviceAccountName: kube-vip + tolerations: + - effect: NoSchedule + operator: Exists + - effect: NoExecute + operator: Exists + updateStrategy: {} +status: + currentNumberScheduled: 0 + desiredNumberScheduled: 0 + numberMisscheduled: 0 + numberReady: 0