From e5385965cae73795bbc4b2390ea54ac9a5f296ec Mon Sep 17 00:00:00 2001 From: Nikhil Malik Date: Fri, 1 Nov 2024 19:40:49 +0900 Subject: [PATCH 1/2] GW API CICD added --- .github/workflows/k3s-loxi-gwapi.yml | 33 +++ cicd/k3s-flannel-loxilb-gwapi/Vagrantfile | 39 ++++ cicd/k3s-flannel-loxilb-gwapi/config.sh | 3 + cicd/k3s-flannel-loxilb-gwapi/gateway.yaml | 35 +++ .../gatewayclass.yaml | 7 + cicd/k3s-flannel-loxilb-gwapi/httpRoute.yaml | 56 +++++ cicd/k3s-flannel-loxilb-gwapi/httpsRoute.yaml | 56 +++++ .../ingress/loxilb-ingress-deploy.yml | 139 ++++++++++++ .../ingress/loxilb-secret.yml | 10 + cicd/k3s-flannel-loxilb-gwapi/k3s.yaml | 19 ++ .../k3s-flannel-loxilb-gwapi/kube-loxilb.yaml | 211 ++++++++++++++++++ cicd/k3s-flannel-loxilb-gwapi/loxilb-ip | 1 + cicd/k3s-flannel-loxilb-gwapi/loxilb.sh | 13 ++ cicd/k3s-flannel-loxilb-gwapi/master-ip | 1 + cicd/k3s-flannel-loxilb-gwapi/master.sh | 20 ++ cicd/k3s-flannel-loxilb-gwapi/node-token | 1 + cicd/k3s-flannel-loxilb-gwapi/rmconfig.sh | 3 + cicd/k3s-flannel-loxilb-gwapi/tcpRoute.yaml | 44 ++++ cicd/k3s-flannel-loxilb-gwapi/udpRoute.yaml | 44 ++++ cicd/k3s-flannel-loxilb-gwapi/validation.sh | 65 ++++++ cicd/k3s-flannel-loxilb-gwapi/wait_ready.sh | 8 + 21 files changed, 808 insertions(+) create mode 100644 .github/workflows/k3s-loxi-gwapi.yml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/Vagrantfile create mode 100755 cicd/k3s-flannel-loxilb-gwapi/config.sh create mode 100644 cicd/k3s-flannel-loxilb-gwapi/gateway.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/gatewayclass.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/httpRoute.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/httpsRoute.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-ingress-deploy.yml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/k3s.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/kube-loxilb.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/loxilb-ip create mode 100644 cicd/k3s-flannel-loxilb-gwapi/loxilb.sh create mode 100644 cicd/k3s-flannel-loxilb-gwapi/master-ip create mode 100755 cicd/k3s-flannel-loxilb-gwapi/master.sh create mode 100644 cicd/k3s-flannel-loxilb-gwapi/node-token create mode 100755 cicd/k3s-flannel-loxilb-gwapi/rmconfig.sh create mode 100644 cicd/k3s-flannel-loxilb-gwapi/tcpRoute.yaml create mode 100644 cicd/k3s-flannel-loxilb-gwapi/udpRoute.yaml create mode 100755 cicd/k3s-flannel-loxilb-gwapi/validation.sh create mode 100755 cicd/k3s-flannel-loxilb-gwapi/wait_ready.sh diff --git a/.github/workflows/k3s-loxi-gwapi.yml b/.github/workflows/k3s-loxi-gwapi.yml new file mode 100644 index 000000000..c40b82a5d --- /dev/null +++ b/.github/workflows/k3s-loxi-gwapi.yml @@ -0,0 +1,33 @@ +name: K3s-Loxi-GWAPI-Sanity-CI +on: + schedule: + # Runs "At 7:00 UTC every day-of-week" + - cron: '0 7 * * *' + workflow_dispatch: + inputs: + testName: + description: 'Test Run-Name' + required: true + default: 'k3s-loxi-gwapi' +jobs: + build: + name: k3s-loxi-gwapi-sanity + runs-on: [self-hosted, large] + if: github.repository == 'loxilb-io/loxilb' + steps: + - uses: actions/checkout@v2 + with: + submodules: recursive + - name: Run K3s LoxiGWAPI CICD + run: | + cd cicd/k3s-flannel-loxilb-gwapi + ./config.sh + ./validation.sh + ./rmconfig.sh + cd - + - name: Clean test-bed + if: success() || failure() + run: | + cd cicd/k3s-flannel-loxilb-gwapi/ || true + ./rmconfig.sh + cd - diff --git a/cicd/k3s-flannel-loxilb-gwapi/Vagrantfile b/cicd/k3s-flannel-loxilb-gwapi/Vagrantfile new file mode 100644 index 000000000..9520a9dee --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/Vagrantfile @@ -0,0 +1,39 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +workers = (ENV['WORKERS'] || "1").to_i +#box_name = (ENV['VAGRANT_BOX'] || "ubuntu/focal64") +box_name = (ENV['VAGRANT_BOX'] || "sysnet4admin/Ubuntu-k8s") +box_version = "0.7.1" +Vagrant.configure("2") do |config| + config.vm.box = "#{box_name}" + config.vm.box_version = "#{box_version}" + + if Vagrant.has_plugin?("vagrant-vbguest") + config.vbguest.auto_update = false + end + + config.vm.define "loxilb" do |loxilb| + loxilb.vm.hostname = 'llb1' + #loxilb.vm.network "forwarded_port", guest: 55002, host: 5502, protocol: "tcp" + loxilb.vm.network :private_network, ip: "192.168.80.90", :netmask => "255.255.255.0" + loxilb.vm.network :private_network, ip: "192.168.90.90", :netmask => "255.255.255.0" + loxilb.vm.provision :shell, :path => "loxilb.sh" + loxilb.vm.provider :virtualbox do |vbox| + vbox.customize ["modifyvm", :id, "--memory", 6000] + vbox.customize ["modifyvm", :id, "--cpus", 4] + end + end + + + config.vm.define "master" do |master| + master.vm.hostname = 'master' + master.vm.network :private_network, ip: "192.168.80.100", :netmask => "255.255.255.0" + master.vm.provision :shell, :path => "master.sh" + master.vm.provider :virtualbox do |vbox| + vbox.customize ["modifyvm", :id, "--memory", 8192] + vbox.customize ["modifyvm", :id, "--cpus", 4] + end + end + +end diff --git a/cicd/k3s-flannel-loxilb-gwapi/config.sh b/cicd/k3s-flannel-loxilb-gwapi/config.sh new file mode 100755 index 000000000..6b8ee48ef --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/config.sh @@ -0,0 +1,3 @@ +#!/bin/bash +vagrant global-status | grep -i virtualbox | cut -f 1 -d ' ' | xargs -L 1 vagrant destroy -f +vagrant up diff --git a/cicd/k3s-flannel-loxilb-gwapi/gateway.yaml b/cicd/k3s-flannel-loxilb-gwapi/gateway.yaml new file mode 100644 index 000000000..9e0f5932f --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/gateway.yaml @@ -0,0 +1,35 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: Gateway +metadata: + name: test-gateway + namespace: kube-system +spec: + gatewayClassName: test-gc + listeners: + - name: tcp-listener + protocol: TCP + port: 21818 + allowedRoutes: + kinds: + - kind: TCPRoute + - name: udp-listener + protocol: UDP + port: 21819 + allowedRoutes: + kinds: + - kind: UDPRoute + - name: http-listener + protocol: HTTP + port: 80 + allowedRoutes: + kinds: + - kind: HTTPRoute + - name: https-listener + protocol: HTTPS # Other possible value is `TLS` + port: 443 + tls: + mode: Terminate # If protocol is `TLS`, `Passthrough` is a possible mode + certificateRefs: + - kind: Secret + group: "" + name: loxilb-ssl diff --git a/cicd/k3s-flannel-loxilb-gwapi/gatewayclass.yaml b/cicd/k3s-flannel-loxilb-gwapi/gatewayclass.yaml new file mode 100644 index 000000000..9e1f67e20 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/gatewayclass.yaml @@ -0,0 +1,7 @@ +apiVersion: gateway.networking.k8s.io/v1 +kind: GatewayClass +metadata: + name: test-gc + namespace: kube-system +spec: + controllerName: "loxilb.io/loxilb" diff --git a/cicd/k3s-flannel-loxilb-gwapi/httpRoute.yaml b/cicd/k3s-flannel-loxilb-gwapi/httpRoute.yaml new file mode 100644 index 000000000..ab370bb82 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/httpRoute.yaml @@ -0,0 +1,56 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: http-deployment +spec: + replicas: 2 + selector: + matchLabels: + app: http + template: + metadata: + labels: + app: http + spec: + containers: + - name: http-pod + image: ghcr.io/loxilb-io/nginx:stable + imagePullPolicy: Always + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: http-service +spec: + selector: + app: http + ports: + - protocol: TCP + name: tcpport81 + port: 81 + targetPort: 8081 + - protocol: TCP + name: tcpport80 + port: 80 + targetPort: 8080 +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: test-http-route + namespace: kube-system +spec: + parentRefs: + - name: test-gateway + namespace: kube-system + sectionName: http-listener + hostnames: + - "test.loxilb.gateway.http" + rules: + - backendRefs: + - name: http-service + namespace: default + port: 80 diff --git a/cicd/k3s-flannel-loxilb-gwapi/httpsRoute.yaml b/cicd/k3s-flannel-loxilb-gwapi/httpsRoute.yaml new file mode 100644 index 000000000..49eae66ff --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/httpsRoute.yaml @@ -0,0 +1,56 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: https-deployment +spec: + replicas: 2 + selector: + matchLabels: + app: https + template: + metadata: + labels: + app: https + spec: + containers: + - name: https-pod + image: ghcr.io/loxilb-io/nginx:stable + imagePullPolicy: Always + ports: + - containerPort: 8080 + +--- +apiVersion: v1 +kind: Service +metadata: + name: https-service +spec: + selector: + app: https + ports: + - protocol: TCP + name: tcpport81 + port: 81 + targetPort: 8081 + - protocol: TCP + name: tcpport80 + port: 80 + targetPort: 8080 +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: test-https-route + namespace: kube-system +spec: + parentRefs: + - name: test-gateway + namespace: kube-system + sectionName: https-listener + hostnames: + - "test.loxilb.gateway.https" + rules: + - backendRefs: + - name: https-service + namespace: default + port: 80 diff --git a/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-ingress-deploy.yml b/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-ingress-deploy.yml new file mode 100644 index 000000000..054d47099 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-ingress-deploy.yml @@ -0,0 +1,139 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/instance: loxilb-ingress + app.kubernetes.io/name: loxilb-ingress + name: loxilb-ingress +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: loxilb-ingress + app.kubernetes.io/name: loxilb-ingress + name: loxilb-ingress + namespace: kube-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/instance: loxilb-ingress + app.kubernetes.io/name: loxilb-ingress + name: loxilb-ingress +rules: +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - endpoints + - services + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/instance: loxilb-ingress + app.kubernetes.io/name: loxilb-ingress + name: loxilb-ingress +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: loxilb-ingress +subjects: +- kind: ServiceAccount + name: loxilb-ingress + namespace: kube-system +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: loxilb-ingress + namespace: kube-system +spec: + selector: + matchLabels: + app: loxilb-ingress-app + app.kubernetes.io/instance: loxilb-ingress + app.kubernetes.io/name: loxilb-ingress + template: + metadata: + name: loxilb-ingress + labels: + app: loxilb-ingress-app + app.kubernetes.io/instance: loxilb-ingress + app.kubernetes.io/name: loxilb-ingress + spec: + #hostNetwork: true + #dnsPolicy: ClusterFirstWithHostNet + serviceAccountName: loxilb-ingress + containers: + - name: loxilb-ingress + volumeMounts: + - mountPath: "/opt/loxilb/cert/" + name: loxilb-ssl + image: "ghcr.io/loxilb-io/loxilb-ingress:latest" + imagePullPolicy: Always + command: [ "/bin/loxilb-ingress" ] + ports: + - containerPort: 11111 + livenessProbe: + httpGet: + path: netlox/v1/config/loadbalancer/all + port: 11111 + initialDelaySeconds: 30 + periodSeconds: 20 + timeoutSeconds: 5 + volumes: + - name: loxilb-ssl + secret: + secretName: loxilb-ssl diff --git a/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml b/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml new file mode 100644 index 000000000..73d691823 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml @@ -0,0 +1,10 @@ +apiVersion: v1 +data: + server.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZDVENDQXZHZ0F3SUJBZ0lVSENPekxWNlRFeVg2cjIxNllycFlOWWZOY2Zzd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZERVNNQkFHQTFVRUF3d0piRzk0YVd4aUxtbHZNQjRYRFRJME1EZ3dPREEyTXpNeE5Gb1hEVEkxTURndwpPREEyTXpNeE5Gb3dGREVTTUJBR0ExVUVBd3dKYkc5NGFXeGlMbWx2TUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGCkFBT0NBZzhBTUlJQ0NnS0NBZ0VBb2hMNWgxSlFFVVlpRExvR0hzdDNmM3ZrWkcyMWU1LzM2Rml1WDhsa1pOTkwKZUlUZmUzR1E0ci96K253N0oxSXdlc2VHdkkyZW5FNWtLYVdsZHhpekNEd2JxS21GRk1EMk1zQklEUlRJb2d4NgpOak1YUFlqQ1VxUlhVODJwNzhUa1Bvd1FqdllhcExiZ3REcWdiWWxMZC95VUg5aWdmcHo5VFY2d2grQlMvUDJwCnc1MUMrckRIUHdSM0JNL2hGNUtpeVZway9GNmJNQjZRSFE2bGk5SmR4ZEVNSGtDRXhPWUo1R01kVkEvRmUzODMKbTNwK2JucVd2OXdLTXF0d29LVVVEOFJ0TmdkUXJxSmp0elV3YXRmT0VkY3ptTG1uVXg2VjgyMk9weFhQeG4vSApiSmxUcy8vblRrV0FCWmFEVGFqQ2FnZUpCQnZ4Rk1Eci9mVUdQWlRPRUdEZkxxaE9HM0g4UDJmMGp1OHFpMUJ0Cnp0ODBmT2N2eElLME8veWJnemRINjB6YXJFcEZFRjFEcGF3a0hGWmZHYmVTdnpUeTZSVm0zWWxRRjc2NFZHTDQKSCtMMFFEcVI2Zm0veHoxaEhLbER6dFA2VUV1MjExUUc4RDUvQ1ZUVzdQQUIrMkRWbk1vN0JqRzYrVG55Z0ZqNApOUXZEaW9VQ1NwZzdRT2g2RWw0UjgwVHR1Vmo5bEsvbnVIR08yQ0hwclhnTzUyeWgrZzNzOUJVeXQ5eXVQQVFxCkhIeWsyT3hIc1dURnFTQ3VaNHo0NVI0NWFTcmNDd2t6N09xbWlVWTUrenduT1F5WlN3Y2JzUVhzbVNEUm9KUVcKR2lwSUp0VVZjcnZSbWIzWkFnRDVNdlVQRXpEYjVTME5La1lqczNvWnVBZXVjSGJSS080RkFMRlRDYi9JR2E4QwpBd0VBQWFOVE1GRXdIUVlEVlIwT0JCWUVGTDRJZFpKNE9Obk53cVVmdFhCR25STndwN0V0TUI4R0ExVWRJd1FZCk1CYUFGTDRJZFpKNE9Obk53cVVmdFhCR25STndwN0V0TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWkkKaHZjTkFRRUxCUUFEZ2dJQkFFWHg0Q3pUMnNTOCtMVjRHc0I2bDFtRWM5UFJiT205Q1pQK3M2MzQ5QVd5MXh3cwppUmlaYVJVcEJ2Skk1MHZYMjhaeWJRVXpPdVg3ZGE5bFIzWEhLM01QdHlVUk5NYkcySzlmbzVZQ1RqV3lTZEg1CnpJQm1RZVV0cXE1OVMwdytSQytUcC9xd3lveUlUajk2dGU0YmdheGhUV2RtazZUNFZjWkgwY1NQU0hEMG9DeFkKcHJDOVdnQ21kQ3JOWWQ0T2pxaUhwOERhWHFybGhmbWZXdThHaFJlcVNmL1pEOTBrSUw3aEx0OHBXYXRpQnZ3UAowRmtGMjNWcFBwZ0s0MElKM1NBcllSWXlIUllKaDNLK1QzZ2RQY0pOdUloaENrRE1YNUtKdlI1QXdUdWpEL1lKCjNTTVRzL1F0SnZScDd0Q0kxM1lwZXFiaHFoQnBtdzdVWFpSUnh4WURiNHU2L25oZUZkMS9NNjdsYTJtUmpvZlIKUDQxc2pRa1lQSkhsY2hVMHRkQnRjN203bVkrdFo1U2h4bklKZnFBS1pqTEpEZUJyYlhrS2hjNms4NFpBM09vQwpCajl1U3V1RERlUUJ0VDlYUHppOVZaV2pVWis2Zk42QlB0RHVRa0x4V2xacHN0TXJIUEhia1gvVXhmU2NuZEpiCkw0ZXBhTVVqUDJDWnd2NGFraUxjZmQzVXEwaENQZzVZNTNOL1cyWlJ2Y204aGlpcXptaDIyeUxMYUZEQXBOaGEKZitXdUNxNU1HQ2Rib3U1Wnk4TXRoaXZwRnhEUXAzWkh4RktXTGw3VGZpR0hRYXZVK0ZnUVdQUFUrOVVmYksyZQpQYmRSSmxoaVE1Z09VbHBWT1V6bGVxR3lhVldDRHpuQ3JlVWFVcnNzbkNZejdzQmNORTViYUl4dlptUmkKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + server.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ2lFdm1IVWxBUlJpSU0KdWdZZXkzZC9lK1JrYmJWN24vZm9XSzVmeVdSazAwdDRoTjk3Y1pEaXYvUDZmRHNuVWpCNng0YThqWjZjVG1RcApwYVYzR0xNSVBCdW9xWVVVd1BZeXdFZ05GTWlpREhvMk14YzlpTUpTcEZkVHphbnZ4T1ErakJDTzlocWt0dUMwCk9xQnRpVXQzL0pRZjJLQituUDFOWHJDSDRGTDgvYW5EblVMNnNNYy9CSGNFeitFWGtxTEpXbVQ4WHBzd0hwQWQKRHFXTDBsM0YwUXdlUUlURTVnbmtZeDFVRDhWN2Z6ZWJlbjV1ZXBhLzNBb3lxM0NncFJRUHhHMDJCMUN1b21PMwpOVEJxMTg0UjF6T1l1YWRUSHBYemJZNm5GYy9HZjhkc21WT3ovK2RPUllBRmxvTk5xTUpxQjRrRUcvRVV3T3Y5CjlRWTlsTTRRWU44dXFFNGJjZncvWi9TTzd5cUxVRzNPM3pSODV5L0VnclE3L0p1RE4wZnJUTnFzU2tVUVhVT2wKckNRY1ZsOFp0NUsvTlBMcEZXYmRpVkFYdnJoVVl2Z2Y0dlJBT3BIcCtiL0hQV0VjcVVQTzAvcFFTN2JYVkFidwpQbjhKVk5iczhBSDdZTldjeWpzR01icjVPZktBV1BnMUM4T0toUUpLbUR0QTZIb1NYaEh6Uk8yNVdQMlVyK2U0CmNZN1lJZW10ZUE3bmJLSDZEZXowRlRLMzNLNDhCQ29jZktUWTdFZXhaTVdwSUs1bmpQamxIamxwS3R3TENUUHMKNnFhSlJqbjdQQ2M1REpsTEJ4dXhCZXlaSU5HZ2xCWWFLa2dtMVJWeXU5R1p2ZGtDQVBreTlROFRNTnZsTFEwcQpSaU96ZWhtNEI2NXdkdEVvN2dVQXNWTUp2OGdacndJREFRQUJBb0lDQUFKVCt3SE5iUnA3c28zenpnYm1zWlNOCldpSFkyYWxwSHFmWHBOSmdWTkR4aTZUQ3Q0ZFRsaHNPbC9jZXR6RE8wc09tS3cvcDhDT1RQWklCR05KRE9tSXAKS0hqelp6Zjl3aVBsNHBKdERRK3dtRkFYQ0l0ZUhQM25RNzRaN0xnZUNSWFc2c2FJWHc2dkFFbFYwcytETHZvZApiUHZUdVNYUlp4MHRRWEVpaC93VUlVU2pSeE16OE5GaFg3MENmeTF5VTI2NU1rTFYyVXY2Z3M4N2o4UmJEZjlBCnBhWnFKNWp6NUJTYTVsaHl5cFpZQ3pVam9NMm5meTF5OE9BOVZIaDl5SGMxYjFMMmtzYlJBQTJQalBoRjF4bHUKeVE5OUs3Qk9nUEg4VGROVDZVSms1UXNQcE5mR1V0U2hEZkR2a1RNNjZkZlcwTFc2cVJtWlBJdlpUVERkM0J2SwpCN1NnOUs3bXZCbVlsNEpMM05pZXBJVjkvNEVPRzZsNi9QaGxUR0JVRUdrTmdNQ2dTaWxyc05qU2E4ZW9SZHdzCm40VmN5enNWeWZYaGFSTVBFTklLVWZJTmFuenpYRkY2ZFRyd3Azelo0RDNhVzNLdWltYUxJR0hCNXZZaGRFTGoKUE9PQVVXRkVXUjMxMVFMZ3hUUm53aStnRUNlMmhPVmNyUkZVcjhDdlVrWWRUT0FGQzdjUnBOUW5rSVdQNU1QbQpXZkRvM2dZRnkyZU45NGR1MHBzTzVabzlHMm5UMlpiTjl1d0FCMk1ibk91R0xiWVRFbWpHdVRIUVc5Uzd6TFBzCnJMUmtVdndvYWE4cVBmaGc4SWw2ak1mcG5heUdETnU1S2tVV05KcGFZaGp5Y2l6SkVGUjVicTF6UU1QZjE2Qk0KdVloWVMySEhuS1VhdFRmZ3hyNmxBb0lCQVFEa0E3UlB2MURtNmxKTXYzaUU0K1FRYzUyTDdueUJHc3FueEVzdwo1Ly9PN2gvd2ZMMkd4VzFzRXcrSUNDd1VmVjNwZjBqWEl2dktjM3V0YXByWjc2Tk5uWnJJU0syYnFCamZpc2VrCk9vMWRlRlQvNlVaOGxhOWVDMFF3UlVWMWdmZ1I2K0VCayttUDJjSWpJRDVKbkx1b1lLSFNwenRmZG15UEUrODUKVUtXRU5rR1BsN200aStqTzRwWUhYQXdhZVFkU2NSbjVPdVUyY3FBTkZVbmpRbmtQNnp6U2tJVkNUaFNGVkpUYgplZEpIOFNwbW9YL0IzL3VVSm9vVGFvWXQwb1V4NnJsR0xqTDhadUx0TUlVU1J0WUJNd2JuMDVQQkZ0cStuaitlClVtWEJqUEgxbURRN0tlWG1yZHlldHYzQWRUQjdjWUhMZW1GL0lNL1g5N3Brb2twVEFvSUJBUUMxOTJheDhReTkKWGkrNmlVNDIzTEx1R3p3a3EwNlVHeVdSMlBHM3pCeDlHRU5KNS9rV0FrSUdPWjlSMG1xOGRuTnJOeitROTFlawp4QlFJS0xGZzEvMVFWZ2VOMEw3TVJySWxSelBsa2NZYUkrNDFhbktKYUpsd3BMaDEza0RmdzRMUXpOLzhDcElrCk9KajBZWFpNNkpSbHlmTE5jQ1pURFBKVjY0R24vaFNDZ3RISndaRk9MdWZsalIzSVpQbEphcHBTNlNRUDBkVDYKeExmUEsyUWZGR251UTBETitsQjdPVTJMT3d4enF0UldsYWFjTnpOU3B0cUJ2NzMvVFFoQ1l5eVc0RnBReER4Vgo3MzJWZ0tvWVQ3dElpZFF5Z2NrWnp0NnFhRUNVQ0o3UmtuUVNyZDEvUHBITDBrdXkxNDIxc0VLdkUyWVpON21WCkNGYVlzRGdqb0orMUFvSUJBUURFckpGT0xEYUxSMWkvekhRWEpEN25GZUt4L1g2MUdiZnQ1N24zc0ZXTlZ3YUQKdUFUK2g3S3ZndTFscDY3bDZaRWt3OTYvZXZSMmx3LzU4RGNyZnJGOFZGSmJLWjFkNHl1NVBncWdGTVUwOTROUgp6aFEzaUNGZzNCVHdFZ0Fzc0hPYWVieDJVUEFvWFd0QVF5S1crak0vdEVKQTRuQ3JFZ25uakFsUGhjbU85Z0dzCjZ2R09SbGdFZzV0bk03Vlk3RVl0alZNYkQvci84UFV1ODhyczFMeDV4NjJKN3BDVE5hZ3JyVjVNeFpKazdaZG0KT1MxcXZGbFRXNzdEcXFHY1NyY0s3R3p0SlJKamRoZU5BY24yanRVdTZhV3VOMmgrSjhsOG5DRkIzYzdabVVwbgpUZWJYbFhjeGQ0d1I5c04veTFXTFZNZmhER21tYjFYMzhqMTdhaVR6QW9JQkFGN0VLTXlWSURCakkvSSszZWYrCmlvVXMwK2E0L0tSdmV1SjVISEcvTURzSjdzbEhzVlovK0lpcmE4aStEKzUwdGVscGpZWmUrbHNKN3ZETTJJdjYKRUtmTkZnUUthY09UTWVYdUxoM3FERVRDMzZVYitlaUwvQlZKQS9RR3VyeU9Zc3VCVjBrNDdDRkhCSW1KVklYNwpQb1hBWmQ0T0FUZVJiNGZGcmZHaWhtWHQ0WG4wZ0VzNmJIVUZTRFI4T2NPOWEvK3dBYUxuZ2NiVHVuSi9RNVpZCkdFOEk0WEFrWTlPNDVTU1VyUWgwT0QrYmtuaWEydlM1aHVTNXlpWnlwTkdHT3N1Y3JneVFGbWdlNE1XQ2k1TTcKdXVxdE5VRFVqTG9QSGJHYnQ3NGd1eTJqMnlWN1BQYXV6RmxjL1NWMzB3cURjRWNqa0RHajd0ZXB6d2VZQnJTdgpTMTBDZ2dFQUNqSHBrZE5VZkdzOGZnN0x4WDlFcURRZjY4SkhIblBscTQ1azFwN0U4UExmRytFVWNIMnUzekRzCjhmZDByTHAwb2Z3VEhONUNPMmhJVWhCVC9UU0poQ1VaOTZ2ZlRyeXVVWVJjdjZ2NkEvaW1OdFQ3MEQ0ZkZ0cXoKWnB3Si9GNzFwdVlJTmtwSEpteWIvSHdIZmxEdURyVkRjMFF3VmY2WkFPcE9QbnhzM0VHUElqNGdVcDFYMEdVcAp1TERCdVJtR0RFNEVKYUhYUjFHemM0YkduZVlUV0FnY1IxQ2MrbThuWnR3a2dxQWVia0ZtaXFmZDBPOGNkUDlUCkZKWjNSbkRJZHBCYmw0b0hJS0NiTWY0M2pkdlZnM2RTb0hwUTlXUkZ1MEhVQURqenJUS2Z5c0JLMFM3WnlZRmEKc1RoOGJ6QU01YXpBWlZSeHNTbXJiSm95VFRZM3pBPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= +kind: Secret +metadata: + creationTimestamp: null + name: loxilb-ssl + namespace: kube-system +type: Opaque diff --git a/cicd/k3s-flannel-loxilb-gwapi/k3s.yaml b/cicd/k3s-flannel-loxilb-gwapi/k3s.yaml new file mode 100644 index 000000000..fdf0e0adb --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/k3s.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +clusters: +- cluster: + certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTXpBME5UWTBNakF3SGhjTk1qUXhNVEF4TVRBeU1ESXdXaGNOTXpReE1ETXdNVEF5TURJdwpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTXpBME5UWTBNakF3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUOFNDRXB0NTBVc2lYVVM1WTlyUXNCRVZPb2ZMTWZWL1JYRlZGV2xNaDEKS2JXblFtMVIzTUJrYzhMNHdXalBlK3haRXdKVThFSmYySVZNWFFxOUZBTVdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVXR6ejBNRnd0SEVWMTZ2ckNBVXpQCkFpdlRGNHd3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUloQUlMN29pQjBJVHk2NFlVNjl6SGtzMHdmdW81SnJMOTgKT0lZb0kxVHc0Tmw1QWlCTk8xclptNkVJODZ6a3ArWFpCMG9ENU93cjl3T3c3QkxYZCtsZ1JyZ2VRdz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K + server: https://192.168.80.100:6443 + name: default +contexts: +- context: + cluster: default + user: default + name: default +current-context: default +kind: Config +preferences: {} +users: +- name: default + user: + client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJVWdabHVzR21TSFV3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOek13TkRVMk5ESXdNQjRYRFRJME1URXdNVEV3TWpBeU1Gb1hEVEkxTVRFdwpNVEV3TWpBeU1Gb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJJcFVGM2dGRDFuT2FrRlYKWjJzZk50MHE4RjVVUm81ZWUzK0JHSHN2K3lQWC9ucVJ0UmVpcGZUaVljQ1p3Ry9jL2VEMCtSMFp0aGIvWnNMcApaclJndlhDalNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjlxUzZJNDRFRkVHLzBRNysvczlheVR2VkxzakFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlFQWdsY2NydkZQNjFvMVYwbjNIWWkxdG1vSHhRNUdEbUtHZnZiRTFEUVo1ZWtDSUhTa2hUYmE5elA3MGNFZQpaQndOSlRTN1JneVlEYmpxYUFoazhNcFB6OHM5Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkakNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTXpBME5UWTBNakF3SGhjTk1qUXhNVEF4TVRBeU1ESXdXaGNOTXpReE1ETXdNVEF5TURJdwpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTXpBME5UWTBNakF3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFTc0E2U1ZGS3E0QnJWcmwxUUtmNjFseHpNQjQwWmlwRmYraC9lYmlsTkwKaWNRSlRjbkJ3WllLS0tIQmRaVHRMY3AyNzlzcHBGT2lKOUZCSkNUNnF6RGRvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWZha3VpT09CQlJCdjlFTy92N1BXCnNrNzFTN0l3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnRGJtQTZ4ME1rTStCZlhNN3ZtR1RhQ1dqbmtMYy9DU1cKU2lPcER1UHBPeXNDSUZQQU1DTXlkK2lQT0srQU53d0hEc1BVcmJrYkRkRmVNVDd3aWVpU0dQMGEKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUdNSzZsSFpUendsSGU1U3lNQzIxV2loRG9HK3FQNXBkaUM4UTA1UmZVM0xvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFaWxRWGVBVVBXYzVxUVZWbmF4ODIzU3J3WGxSR2psNTdmNEVZZXkvN0k5ZitlcEcxRjZLbAo5T0pod0puQWI5ejk0UFQ1SFJtMkZ2OW13dWxtdEdDOWNBPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= diff --git a/cicd/k3s-flannel-loxilb-gwapi/kube-loxilb.yaml b/cicd/k3s-flannel-loxilb-gwapi/kube-loxilb.yaml new file mode 100644 index 000000000..68a36bd91 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/kube-loxilb.yaml @@ -0,0 +1,211 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kube-loxilb + namespace: kube-system +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: kube-loxilb +rules: + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - watch + - list + - patch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - watch + - list + - patch + - apiGroups: + - "" + resources: + - endpoints + - services + - namespaces + - services/status + verbs: + - get + - watch + - list + - patch + - create + - update + - delete + - apiGroups: + - gateway.networking.k8s.io + resources: + - gatewayclasses + - gatewayclasses/status + - gateways + - gateways/status + - tcproutes + - udproutes + - httproutes + verbs: ["get", "watch", "list", "patch", "update"] + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + - patch + - create + - update + - delete + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - get + - watch + - list + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - watch + - list + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - bgppeer.loxilb.io + resources: + - bgppeerservices + verbs: + - get + - watch + - list + - create + - update + - delete + - apiGroups: + - bgppolicydefinedsets.loxilb.io + resources: + - bgppolicydefinedsetsservices + verbs: + - get + - watch + - list + - create + - update + - delete + - apiGroups: + - bgppolicydefinition.loxilb.io + resources: + - bgppolicydefinitionservices + verbs: + - get + - watch + - list + - create + - update + - delete + - apiGroups: + - bgppolicyapply.loxilb.io + resources: + - bgppolicyapplyservices + verbs: + - get + - watch + - list + - create + - update + - delete + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: kube-loxilb +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kube-loxilb +subjects: + - kind: ServiceAccount + name: kube-loxilb + namespace: kube-system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kube-loxilb + namespace: kube-system + labels: + app: kube-loxilb-app +spec: + replicas: 1 + selector: + matchLabels: + app: kube-loxilb-app + template: + metadata: + labels: + app: kube-loxilb-app + spec: + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + tolerations: + # Mark the pod as a critical add-on for rescheduling. + - key: CriticalAddonsOnly + operator: Exists + priorityClassName: system-node-critical + serviceAccountName: kube-loxilb + terminationGracePeriodSeconds: 0 + containers: + - name: kube-loxilb + image: ghcr.io/loxilb-io/kube-loxilb:latest + imagePullPolicy: Always + command: + - /bin/kube-loxilb + args: + #- --loxiURL=http://12.12.12.1:11111,http://14.14.14.1:11111 + - --loxiURL=http://192.168.80.90:11111 + - --cidrPools=defaultPool=192.168.80.90/32 + #- --monitor + #- --setBGP=64512 + #- --listenBGPPort=1791 + - --setRoles=0.0.0.0 + - --gatewayAPI + - --v=4 + #- --extBGPPeers=50.50.50.1:65101,51.51.51.1:65102 + - --setLBMode=1 + #- --config=/opt/loxilb/agent/kube-loxilb.conf + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: true + capabilities: + add: ["NET_ADMIN", "NET_RAW"] diff --git a/cicd/k3s-flannel-loxilb-gwapi/loxilb-ip b/cicd/k3s-flannel-loxilb-gwapi/loxilb-ip new file mode 100644 index 000000000..035eac923 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/loxilb-ip @@ -0,0 +1 @@ +192.168.90.90 diff --git a/cicd/k3s-flannel-loxilb-gwapi/loxilb.sh b/cicd/k3s-flannel-loxilb-gwapi/loxilb.sh new file mode 100644 index 000000000..74e66ae9b --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/loxilb.sh @@ -0,0 +1,13 @@ +export LOXILB_IP=$(ip a |grep global | grep -v '10.0.2.15' | grep -v '192.168.80' | awk '{print $2}' | cut -f1 -d '/') + +apt-get update +apt-get install -y software-properties-common +curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - +add-apt-repository -y "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" +apt-get update +apt-get install -y docker-ce +docker run -u root --cap-add SYS_ADMIN --restart unless-stopped --privileged -dit -v /dev/log:/dev/log --net=host --name loxilb ghcr.io/loxilb-io/loxilb:latest +echo alias loxicmd=\"sudo docker exec -it loxilb loxicmd\" >> ~/.bashrc +echo alias loxilb=\"sudo docker exec -it loxilb \" >> ~/.bashrc + +echo $LOXILB_IP > /vagrant/loxilb-ip diff --git a/cicd/k3s-flannel-loxilb-gwapi/master-ip b/cicd/k3s-flannel-loxilb-gwapi/master-ip new file mode 100644 index 000000000..d93c52a6c --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/master-ip @@ -0,0 +1 @@ +192.168.80.100 diff --git a/cicd/k3s-flannel-loxilb-gwapi/master.sh b/cicd/k3s-flannel-loxilb-gwapi/master.sh new file mode 100755 index 000000000..ea64e1585 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/master.sh @@ -0,0 +1,20 @@ +export MASTER_IP=$(ip a |grep global | grep -v '10.0.2.15' | grep '192.168.80' | awk '{print $2}' | cut -f1 -d '/') + +curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable traefik --disable servicelb --node-ip=${MASTER_IP}" sh - + +echo $MASTER_IP > /vagrant/master-ip +sudo cp /var/lib/rancher/k3s/server/node-token /vagrant/node-token +sudo sed -i -e "s/127.0.0.1/${MASTER_IP}/g" /etc/rancher/k3s/k3s.yaml +sudo cp /etc/rancher/k3s/k3s.yaml /vagrant/k3s.yaml +sudo kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml +sudo kubectl apply -f /vagrant/kube-loxilb.yaml +sudo kubectl apply -f /vagrant/ingress/loxilb-secret.yml +sudo kubectl apply -f /vagrant/ingress/loxilb-ingress-deploy.yml +sudo kubectl apply -f /vagrant/gatewayclass.yaml +sudo kubectl apply -f /vagrant/gateway.yaml +sudo kubectl apply -f /vagrant/tcpRoute.yaml +sudo kubectl apply -f /vagrant/udpRoute.yaml +sudo kubectl apply -f /vagrant/httpRoute.yaml +sudo kubectl apply -f /vagrant/httpsRoute.yaml +sleep 30 +/vagrant/wait_ready.sh diff --git a/cicd/k3s-flannel-loxilb-gwapi/node-token b/cicd/k3s-flannel-loxilb-gwapi/node-token new file mode 100644 index 000000000..0561d6385 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/node-token @@ -0,0 +1 @@ +K10bc3486af4689cdcdf3b2c71bc06c1d3c6b6f1e358921b112a9690bce1768113d::server:52f9779ec3fa234be68b2a5f685a577b diff --git a/cicd/k3s-flannel-loxilb-gwapi/rmconfig.sh b/cicd/k3s-flannel-loxilb-gwapi/rmconfig.sh new file mode 100755 index 000000000..f157b24ba --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/rmconfig.sh @@ -0,0 +1,3 @@ +#!/bin/bash +vagrant destroy -f master +vagrant destroy -f loxilb diff --git a/cicd/k3s-flannel-loxilb-gwapi/tcpRoute.yaml b/cicd/k3s-flannel-loxilb-gwapi/tcpRoute.yaml new file mode 100644 index 000000000..fa22ab4ee --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/tcpRoute.yaml @@ -0,0 +1,44 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: tcproute-deployment + namespace: kube-system +spec: + selector: + matchLabels: + app: tcproute-pod + replicas: 2 + template: + metadata: + labels: + app: tcproute-pod + spec: + containers: + - name: tcproute-pod + image: ghcr.io/loxilb-io/nginx:stable + ports: + - containerPort: 8080 +--- +apiVersion: gateway.networking.k8s.io/v1alpha2 +kind: TCPRoute +metadata: + name: test-tcproute + namespace: kube-system + labels: + selectorkey: app + selectorvalue: tcproute-pod + serviceBehaviour: create + annotations: + ### https://loxilb-io.github.io/loxilbdocs/kube-loxilb/ + #loxilb.io/liveness: "yes" + loxilb.io/lbmode: "fullnat" +spec: + # find gateway and gateway's listener + parentRefs: + - name: test-gateway # name of gateway + namespace: kube-system + sectionName: tcp-listener # name of listener + rules: + - backendRefs: + - name: tcproute-lb-service + port: 80 diff --git a/cicd/k3s-flannel-loxilb-gwapi/udpRoute.yaml b/cicd/k3s-flannel-loxilb-gwapi/udpRoute.yaml new file mode 100644 index 000000000..5999ff225 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/udpRoute.yaml @@ -0,0 +1,44 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: udproute-deployment + namespace: kube-system +spec: + selector: + matchLabels: + app: udproute-pod + replicas: 2 + template: + metadata: + labels: + app: udproute-pod + spec: + containers: + - name: udproute-pod + image: ghcr.io/loxilb-io/udp-echo:latest + ports: + - containerPort: 33333 +--- +apiVersion: gateway.networking.k8s.io/v1alpha2 +kind: UDPRoute +metadata: + name: test-udproute + namespace: kube-system + labels: + selectorkey: app + selectorvalue: udproute-pod + serviceBehaviour: create + annotations: + ### https://loxilb-io.github.io/loxilbdocs/kube-loxilb/ + #loxilb.io/liveness: "yes" + loxilb.io/lbmode: "fullnat" +spec: + # find gateway and gateway's listener + parentRefs: + - name: test-gateway # name of gateway + namespace: kube-system + sectionName: udp-listener # name of listener + rules: + - backendRefs: + - name: udproute-lb-service + port: 33333 diff --git a/cicd/k3s-flannel-loxilb-gwapi/validation.sh b/cicd/k3s-flannel-loxilb-gwapi/validation.sh new file mode 100755 index 000000000..83ccb155d --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/validation.sh @@ -0,0 +1,65 @@ +#!/bin/bash +source ../common.sh +echo k3s-loxi-gwapi + +if [ "$1" ]; then + KUBECONFIG="$1" +fi + +# Set space as the delimiter +IFS=' ' + +#sleep 45 + +echo -e "\n\nGateway Info\n" +vagrant ssh master -c 'sudo kubectl get gateway -A' 2> /dev/null +echo -e "\n\nTCPRoute Info\n" +vagrant ssh master -c 'sudo kubectl get tcproute -A' 2> /dev/null +echo -e "\n\nUDPRoute Info\n" +vagrant ssh master -c 'sudo kubectl get udproute -A' 2> /dev/null +echo -e "\n\nHTTPRoute Info\n" +vagrant ssh master -c 'sudo kubectl get httproute -A' 2> /dev/null +echo -e "\n\nService Info\n" +vagrant ssh master -c 'sudo kubectl get svc -A' 2> /dev/null +echo -e "\n\nEP Info\n" +vagrant ssh master -c 'sudo kubectl get ep -A' 2> /dev/null +echo -e "\n\nIngress Info\n" +vagrant ssh master -c 'sudo kubectl get ingress -A' 2> /dev/null +echo -e "\n\nLB service Info\n" +vagrant ssh loxilb -c 'sudo docker exec -i loxilb loxicmd get lb -o wide' 2> /dev/null +echo -e "\n\nLB ep Info\n" +vagrant ssh loxilb -c 'sudo docker exec -i loxilb loxicmd get ep -o wide' 2> /dev/null +echo -e "\n\n" +out=$(curl -s http://192.168.80.90:21818) +if [[ ${out} == *"Welcome to nginx"* ]]; then + echo -e "k3s-loxi-gwapi tcpRoute \t\t[OK]" +else + echo -e "k3s-loxi-gwapi tcpRoute \t\t[FAILED]" + code=1 +fi + +out=$(timeout 10 ../common/udp_client 192.168.80.90 21819) +if [[ ${out} == *"Client"* ]]; then + echo -e "k3s-loxi-gwapi udpRoute \t\t[OK]" +else + echo -e "k3s-loxi-gwapi udpRoute \t\t[FAILED]" + code=1 +fi + +out=$(curl -s --connect-timeout 30 -H "Application/json" -H "Content-type: application/json" -H "HOST: test.loxilb.gateway.http" http://192.168.80.90:80) +if [[ ${out} == *"Welcome to nginx"* ]]; then + echo -e "k3s-loxi-gwapi httpRoute \t\t[OK]" +else + echo -e "k3s-loxi-gwapi httpRoute \t\t[FAILED]" + code=1 +fi + +out=$(curl -s --connect-timeout 30 -H "Application/json" -H "Content-type: application/json" -H "HOST: test.loxilb.gateway.https" --insecure https://192.168.80.90:443) +if [[ ${out} == *"Welcome to nginx"* ]]; then + echo -e "k3s-loxi-gwapi httpRoute(https) \t[OK]" +else + echo -e "k3s-loxi-gwapi httpRoute(https) \t[FAILED]" + code=1 +fi + +exit $code diff --git a/cicd/k3s-flannel-loxilb-gwapi/wait_ready.sh b/cicd/k3s-flannel-loxilb-gwapi/wait_ready.sh new file mode 100755 index 000000000..3736a1ba7 --- /dev/null +++ b/cicd/k3s-flannel-loxilb-gwapi/wait_ready.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +function wait_cluster_ready_full { + sudo kubectl wait pod --all --for=condition=Ready --namespace=kube-system --timeout=240s + sudo kubectl wait pod --all --for=condition=Ready --namespace=default --timeout=60s +} + +wait_cluster_ready_full From 52b279c2ace31595a42f6c1089eaebfc390e3a25 Mon Sep 17 00:00:00 2001 From: Nikhil Malik Date: Mon, 4 Nov 2024 11:30:34 +0900 Subject: [PATCH 2/2] Updated as per comments in PR#860 --- .../ingress/loxilb-secret.yml | 10 --------- cicd/k3s-flannel-loxilb-gwapi/loxilb-ip | 1 - cicd/k3s-flannel-loxilb-gwapi/master-ip | 1 - cicd/k3s-flannel-loxilb-gwapi/master.sh | 21 ++++++++++++++++++- cicd/k3s-flannel-loxilb-gwapi/node-token | 1 - 5 files changed, 20 insertions(+), 14 deletions(-) delete mode 100644 cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml delete mode 100644 cicd/k3s-flannel-loxilb-gwapi/loxilb-ip delete mode 100644 cicd/k3s-flannel-loxilb-gwapi/master-ip delete mode 100644 cicd/k3s-flannel-loxilb-gwapi/node-token diff --git a/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml b/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml deleted file mode 100644 index 73d691823..000000000 --- a/cicd/k3s-flannel-loxilb-gwapi/ingress/loxilb-secret.yml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -data: - server.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZDVENDQXZHZ0F3SUJBZ0lVSENPekxWNlRFeVg2cjIxNllycFlOWWZOY2Zzd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0ZERVNNQkFHQTFVRUF3d0piRzk0YVd4aUxtbHZNQjRYRFRJME1EZ3dPREEyTXpNeE5Gb1hEVEkxTURndwpPREEyTXpNeE5Gb3dGREVTTUJBR0ExVUVBd3dKYkc5NGFXeGlMbWx2TUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGCkFBT0NBZzhBTUlJQ0NnS0NBZ0VBb2hMNWgxSlFFVVlpRExvR0hzdDNmM3ZrWkcyMWU1LzM2Rml1WDhsa1pOTkwKZUlUZmUzR1E0ci96K253N0oxSXdlc2VHdkkyZW5FNWtLYVdsZHhpekNEd2JxS21GRk1EMk1zQklEUlRJb2d4NgpOak1YUFlqQ1VxUlhVODJwNzhUa1Bvd1FqdllhcExiZ3REcWdiWWxMZC95VUg5aWdmcHo5VFY2d2grQlMvUDJwCnc1MUMrckRIUHdSM0JNL2hGNUtpeVZway9GNmJNQjZRSFE2bGk5SmR4ZEVNSGtDRXhPWUo1R01kVkEvRmUzODMKbTNwK2JucVd2OXdLTXF0d29LVVVEOFJ0TmdkUXJxSmp0elV3YXRmT0VkY3ptTG1uVXg2VjgyMk9weFhQeG4vSApiSmxUcy8vblRrV0FCWmFEVGFqQ2FnZUpCQnZ4Rk1Eci9mVUdQWlRPRUdEZkxxaE9HM0g4UDJmMGp1OHFpMUJ0Cnp0ODBmT2N2eElLME8veWJnemRINjB6YXJFcEZFRjFEcGF3a0hGWmZHYmVTdnpUeTZSVm0zWWxRRjc2NFZHTDQKSCtMMFFEcVI2Zm0veHoxaEhLbER6dFA2VUV1MjExUUc4RDUvQ1ZUVzdQQUIrMkRWbk1vN0JqRzYrVG55Z0ZqNApOUXZEaW9VQ1NwZzdRT2g2RWw0UjgwVHR1Vmo5bEsvbnVIR08yQ0hwclhnTzUyeWgrZzNzOUJVeXQ5eXVQQVFxCkhIeWsyT3hIc1dURnFTQ3VaNHo0NVI0NWFTcmNDd2t6N09xbWlVWTUrenduT1F5WlN3Y2JzUVhzbVNEUm9KUVcKR2lwSUp0VVZjcnZSbWIzWkFnRDVNdlVQRXpEYjVTME5La1lqczNvWnVBZXVjSGJSS080RkFMRlRDYi9JR2E4QwpBd0VBQWFOVE1GRXdIUVlEVlIwT0JCWUVGTDRJZFpKNE9Obk53cVVmdFhCR25STndwN0V0TUI4R0ExVWRJd1FZCk1CYUFGTDRJZFpKNE9Obk53cVVmdFhCR25STndwN0V0TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWkkKaHZjTkFRRUxCUUFEZ2dJQkFFWHg0Q3pUMnNTOCtMVjRHc0I2bDFtRWM5UFJiT205Q1pQK3M2MzQ5QVd5MXh3cwppUmlaYVJVcEJ2Skk1MHZYMjhaeWJRVXpPdVg3ZGE5bFIzWEhLM01QdHlVUk5NYkcySzlmbzVZQ1RqV3lTZEg1CnpJQm1RZVV0cXE1OVMwdytSQytUcC9xd3lveUlUajk2dGU0YmdheGhUV2RtazZUNFZjWkgwY1NQU0hEMG9DeFkKcHJDOVdnQ21kQ3JOWWQ0T2pxaUhwOERhWHFybGhmbWZXdThHaFJlcVNmL1pEOTBrSUw3aEx0OHBXYXRpQnZ3UAowRmtGMjNWcFBwZ0s0MElKM1NBcllSWXlIUllKaDNLK1QzZ2RQY0pOdUloaENrRE1YNUtKdlI1QXdUdWpEL1lKCjNTTVRzL1F0SnZScDd0Q0kxM1lwZXFiaHFoQnBtdzdVWFpSUnh4WURiNHU2L25oZUZkMS9NNjdsYTJtUmpvZlIKUDQxc2pRa1lQSkhsY2hVMHRkQnRjN203bVkrdFo1U2h4bklKZnFBS1pqTEpEZUJyYlhrS2hjNms4NFpBM09vQwpCajl1U3V1RERlUUJ0VDlYUHppOVZaV2pVWis2Zk42QlB0RHVRa0x4V2xacHN0TXJIUEhia1gvVXhmU2NuZEpiCkw0ZXBhTVVqUDJDWnd2NGFraUxjZmQzVXEwaENQZzVZNTNOL1cyWlJ2Y204aGlpcXptaDIyeUxMYUZEQXBOaGEKZitXdUNxNU1HQ2Rib3U1Wnk4TXRoaXZwRnhEUXAzWkh4RktXTGw3VGZpR0hRYXZVK0ZnUVdQUFUrOVVmYksyZQpQYmRSSmxoaVE1Z09VbHBWT1V6bGVxR3lhVldDRHpuQ3JlVWFVcnNzbkNZejdzQmNORTViYUl4dlptUmkKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - server.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ2lFdm1IVWxBUlJpSU0KdWdZZXkzZC9lK1JrYmJWN24vZm9XSzVmeVdSazAwdDRoTjk3Y1pEaXYvUDZmRHNuVWpCNng0YThqWjZjVG1RcApwYVYzR0xNSVBCdW9xWVVVd1BZeXdFZ05GTWlpREhvMk14YzlpTUpTcEZkVHphbnZ4T1ErakJDTzlocWt0dUMwCk9xQnRpVXQzL0pRZjJLQituUDFOWHJDSDRGTDgvYW5EblVMNnNNYy9CSGNFeitFWGtxTEpXbVQ4WHBzd0hwQWQKRHFXTDBsM0YwUXdlUUlURTVnbmtZeDFVRDhWN2Z6ZWJlbjV1ZXBhLzNBb3lxM0NncFJRUHhHMDJCMUN1b21PMwpOVEJxMTg0UjF6T1l1YWRUSHBYemJZNm5GYy9HZjhkc21WT3ovK2RPUllBRmxvTk5xTUpxQjRrRUcvRVV3T3Y5CjlRWTlsTTRRWU44dXFFNGJjZncvWi9TTzd5cUxVRzNPM3pSODV5L0VnclE3L0p1RE4wZnJUTnFzU2tVUVhVT2wKckNRY1ZsOFp0NUsvTlBMcEZXYmRpVkFYdnJoVVl2Z2Y0dlJBT3BIcCtiL0hQV0VjcVVQTzAvcFFTN2JYVkFidwpQbjhKVk5iczhBSDdZTldjeWpzR01icjVPZktBV1BnMUM4T0toUUpLbUR0QTZIb1NYaEh6Uk8yNVdQMlVyK2U0CmNZN1lJZW10ZUE3bmJLSDZEZXowRlRLMzNLNDhCQ29jZktUWTdFZXhaTVdwSUs1bmpQamxIamxwS3R3TENUUHMKNnFhSlJqbjdQQ2M1REpsTEJ4dXhCZXlaSU5HZ2xCWWFLa2dtMVJWeXU5R1p2ZGtDQVBreTlROFRNTnZsTFEwcQpSaU96ZWhtNEI2NXdkdEVvN2dVQXNWTUp2OGdacndJREFRQUJBb0lDQUFKVCt3SE5iUnA3c28zenpnYm1zWlNOCldpSFkyYWxwSHFmWHBOSmdWTkR4aTZUQ3Q0ZFRsaHNPbC9jZXR6RE8wc09tS3cvcDhDT1RQWklCR05KRE9tSXAKS0hqelp6Zjl3aVBsNHBKdERRK3dtRkFYQ0l0ZUhQM25RNzRaN0xnZUNSWFc2c2FJWHc2dkFFbFYwcytETHZvZApiUHZUdVNYUlp4MHRRWEVpaC93VUlVU2pSeE16OE5GaFg3MENmeTF5VTI2NU1rTFYyVXY2Z3M4N2o4UmJEZjlBCnBhWnFKNWp6NUJTYTVsaHl5cFpZQ3pVam9NMm5meTF5OE9BOVZIaDl5SGMxYjFMMmtzYlJBQTJQalBoRjF4bHUKeVE5OUs3Qk9nUEg4VGROVDZVSms1UXNQcE5mR1V0U2hEZkR2a1RNNjZkZlcwTFc2cVJtWlBJdlpUVERkM0J2SwpCN1NnOUs3bXZCbVlsNEpMM05pZXBJVjkvNEVPRzZsNi9QaGxUR0JVRUdrTmdNQ2dTaWxyc05qU2E4ZW9SZHdzCm40VmN5enNWeWZYaGFSTVBFTklLVWZJTmFuenpYRkY2ZFRyd3Azelo0RDNhVzNLdWltYUxJR0hCNXZZaGRFTGoKUE9PQVVXRkVXUjMxMVFMZ3hUUm53aStnRUNlMmhPVmNyUkZVcjhDdlVrWWRUT0FGQzdjUnBOUW5rSVdQNU1QbQpXZkRvM2dZRnkyZU45NGR1MHBzTzVabzlHMm5UMlpiTjl1d0FCMk1ibk91R0xiWVRFbWpHdVRIUVc5Uzd6TFBzCnJMUmtVdndvYWE4cVBmaGc4SWw2ak1mcG5heUdETnU1S2tVV05KcGFZaGp5Y2l6SkVGUjVicTF6UU1QZjE2Qk0KdVloWVMySEhuS1VhdFRmZ3hyNmxBb0lCQVFEa0E3UlB2MURtNmxKTXYzaUU0K1FRYzUyTDdueUJHc3FueEVzdwo1Ly9PN2gvd2ZMMkd4VzFzRXcrSUNDd1VmVjNwZjBqWEl2dktjM3V0YXByWjc2Tk5uWnJJU0syYnFCamZpc2VrCk9vMWRlRlQvNlVaOGxhOWVDMFF3UlVWMWdmZ1I2K0VCayttUDJjSWpJRDVKbkx1b1lLSFNwenRmZG15UEUrODUKVUtXRU5rR1BsN200aStqTzRwWUhYQXdhZVFkU2NSbjVPdVUyY3FBTkZVbmpRbmtQNnp6U2tJVkNUaFNGVkpUYgplZEpIOFNwbW9YL0IzL3VVSm9vVGFvWXQwb1V4NnJsR0xqTDhadUx0TUlVU1J0WUJNd2JuMDVQQkZ0cStuaitlClVtWEJqUEgxbURRN0tlWG1yZHlldHYzQWRUQjdjWUhMZW1GL0lNL1g5N3Brb2twVEFvSUJBUUMxOTJheDhReTkKWGkrNmlVNDIzTEx1R3p3a3EwNlVHeVdSMlBHM3pCeDlHRU5KNS9rV0FrSUdPWjlSMG1xOGRuTnJOeitROTFlawp4QlFJS0xGZzEvMVFWZ2VOMEw3TVJySWxSelBsa2NZYUkrNDFhbktKYUpsd3BMaDEza0RmdzRMUXpOLzhDcElrCk9KajBZWFpNNkpSbHlmTE5jQ1pURFBKVjY0R24vaFNDZ3RISndaRk9MdWZsalIzSVpQbEphcHBTNlNRUDBkVDYKeExmUEsyUWZGR251UTBETitsQjdPVTJMT3d4enF0UldsYWFjTnpOU3B0cUJ2NzMvVFFoQ1l5eVc0RnBReER4Vgo3MzJWZ0tvWVQ3dElpZFF5Z2NrWnp0NnFhRUNVQ0o3UmtuUVNyZDEvUHBITDBrdXkxNDIxc0VLdkUyWVpON21WCkNGYVlzRGdqb0orMUFvSUJBUURFckpGT0xEYUxSMWkvekhRWEpEN25GZUt4L1g2MUdiZnQ1N24zc0ZXTlZ3YUQKdUFUK2g3S3ZndTFscDY3bDZaRWt3OTYvZXZSMmx3LzU4RGNyZnJGOFZGSmJLWjFkNHl1NVBncWdGTVUwOTROUgp6aFEzaUNGZzNCVHdFZ0Fzc0hPYWVieDJVUEFvWFd0QVF5S1crak0vdEVKQTRuQ3JFZ25uakFsUGhjbU85Z0dzCjZ2R09SbGdFZzV0bk03Vlk3RVl0alZNYkQvci84UFV1ODhyczFMeDV4NjJKN3BDVE5hZ3JyVjVNeFpKazdaZG0KT1MxcXZGbFRXNzdEcXFHY1NyY0s3R3p0SlJKamRoZU5BY24yanRVdTZhV3VOMmgrSjhsOG5DRkIzYzdabVVwbgpUZWJYbFhjeGQ0d1I5c04veTFXTFZNZmhER21tYjFYMzhqMTdhaVR6QW9JQkFGN0VLTXlWSURCakkvSSszZWYrCmlvVXMwK2E0L0tSdmV1SjVISEcvTURzSjdzbEhzVlovK0lpcmE4aStEKzUwdGVscGpZWmUrbHNKN3ZETTJJdjYKRUtmTkZnUUthY09UTWVYdUxoM3FERVRDMzZVYitlaUwvQlZKQS9RR3VyeU9Zc3VCVjBrNDdDRkhCSW1KVklYNwpQb1hBWmQ0T0FUZVJiNGZGcmZHaWhtWHQ0WG4wZ0VzNmJIVUZTRFI4T2NPOWEvK3dBYUxuZ2NiVHVuSi9RNVpZCkdFOEk0WEFrWTlPNDVTU1VyUWgwT0QrYmtuaWEydlM1aHVTNXlpWnlwTkdHT3N1Y3JneVFGbWdlNE1XQ2k1TTcKdXVxdE5VRFVqTG9QSGJHYnQ3NGd1eTJqMnlWN1BQYXV6RmxjL1NWMzB3cURjRWNqa0RHajd0ZXB6d2VZQnJTdgpTMTBDZ2dFQUNqSHBrZE5VZkdzOGZnN0x4WDlFcURRZjY4SkhIblBscTQ1azFwN0U4UExmRytFVWNIMnUzekRzCjhmZDByTHAwb2Z3VEhONUNPMmhJVWhCVC9UU0poQ1VaOTZ2ZlRyeXVVWVJjdjZ2NkEvaW1OdFQ3MEQ0ZkZ0cXoKWnB3Si9GNzFwdVlJTmtwSEpteWIvSHdIZmxEdURyVkRjMFF3VmY2WkFPcE9QbnhzM0VHUElqNGdVcDFYMEdVcAp1TERCdVJtR0RFNEVKYUhYUjFHemM0YkduZVlUV0FnY1IxQ2MrbThuWnR3a2dxQWVia0ZtaXFmZDBPOGNkUDlUCkZKWjNSbkRJZHBCYmw0b0hJS0NiTWY0M2pkdlZnM2RTb0hwUTlXUkZ1MEhVQURqenJUS2Z5c0JLMFM3WnlZRmEKc1RoOGJ6QU01YXpBWlZSeHNTbXJiSm95VFRZM3pBPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= -kind: Secret -metadata: - creationTimestamp: null - name: loxilb-ssl - namespace: kube-system -type: Opaque diff --git a/cicd/k3s-flannel-loxilb-gwapi/loxilb-ip b/cicd/k3s-flannel-loxilb-gwapi/loxilb-ip deleted file mode 100644 index 035eac923..000000000 --- a/cicd/k3s-flannel-loxilb-gwapi/loxilb-ip +++ /dev/null @@ -1 +0,0 @@ -192.168.90.90 diff --git a/cicd/k3s-flannel-loxilb-gwapi/master-ip b/cicd/k3s-flannel-loxilb-gwapi/master-ip deleted file mode 100644 index d93c52a6c..000000000 --- a/cicd/k3s-flannel-loxilb-gwapi/master-ip +++ /dev/null @@ -1 +0,0 @@ -192.168.80.100 diff --git a/cicd/k3s-flannel-loxilb-gwapi/master.sh b/cicd/k3s-flannel-loxilb-gwapi/master.sh index ea64e1585..c062575da 100755 --- a/cicd/k3s-flannel-loxilb-gwapi/master.sh +++ b/cicd/k3s-flannel-loxilb-gwapi/master.sh @@ -1,14 +1,33 @@ export MASTER_IP=$(ip a |grep global | grep -v '10.0.2.15' | grep '192.168.80' | awk '{print $2}' | cut -f1 -d '/') +apt-get update && apt install -y libnss3-tools +ldconfig /usr/local/lib64/ | true +mkdir certs +cd certs +wget --retry-connrefused --waitretry=1 --read-timeout=20 --timeout=15 -t 3 https://github.com/FiloSottile/mkcert/releases/download/v1.4.3/mkcert-v1.4.3-linux-amd64 +chmod +x mkcert-v1.4.3-linux-amd64 +mv mkcert-v1.4.3-linux-amd64 mkcert +mkdir loxilb.io +export CAROOT=`pwd`/loxilb.io +./mkcert -install +./mkcert loxilb.io +mv loxilb.io.pem ../server.crt +mv loxilb.io-key.pem ../server.key +cd - + curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable traefik --disable servicelb --node-ip=${MASTER_IP}" sh - echo $MASTER_IP > /vagrant/master-ip sudo cp /var/lib/rancher/k3s/server/node-token /vagrant/node-token sudo sed -i -e "s/127.0.0.1/${MASTER_IP}/g" /etc/rancher/k3s/k3s.yaml sudo cp /etc/rancher/k3s/k3s.yaml /vagrant/k3s.yaml +sudo kubectl create secret tls loxilb-ssl --cert server.crt --key server.key -n kube-system -o yaml --dry-run >> loxilb-secret.yml +sed -i -e 's/tls.key/server.key/g' ./loxilb-secret.yml +sed -i -e 's/tls.crt/server.crt/g' ./loxilb-secret.yml +sed -i -e 's/kubernetes.io\/tls/Opaque/g' ./loxilb-secret.yml sudo kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/experimental-install.yaml sudo kubectl apply -f /vagrant/kube-loxilb.yaml -sudo kubectl apply -f /vagrant/ingress/loxilb-secret.yml +sudo kubectl apply -f loxilb-secret.yml sudo kubectl apply -f /vagrant/ingress/loxilb-ingress-deploy.yml sudo kubectl apply -f /vagrant/gatewayclass.yaml sudo kubectl apply -f /vagrant/gateway.yaml diff --git a/cicd/k3s-flannel-loxilb-gwapi/node-token b/cicd/k3s-flannel-loxilb-gwapi/node-token deleted file mode 100644 index 0561d6385..000000000 --- a/cicd/k3s-flannel-loxilb-gwapi/node-token +++ /dev/null @@ -1 +0,0 @@ -K10bc3486af4689cdcdf3b2c71bc06c1d3c6b6f1e358921b112a9690bce1768113d::server:52f9779ec3fa234be68b2a5f685a577b