From 95e5284ddac12e100d252bbf9656afe0ec11bde4 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sat, 27 Jan 2024 18:37:02 +0100 Subject: [PATCH 1/7] add kube-vip as a service load balancer --- .github/ISSUE_TEMPLATE.md | 3 ++- inventory/sample/group_vars/all.yml | 9 +++++-- molecule/ipv6/overrides.yml | 2 +- molecule/single_node/overrides.yml | 2 +- roles/k3s_server/tasks/kube-vip.yml | 27 +++++++++++++++++++ roles/k3s_server/tasks/main.yml | 7 ++--- roles/k3s_server/templates/kubevip.yaml.j2 | 15 +++++++++++ roles/k3s_server/templates/vip.yaml.j2 | 2 +- roles/k3s_server_post/tasks/main.yml | 9 +++---- roles/k3s_server_post/tasks/metallb.yml | 5 ++++ .../k3s_server_post/templates/metallb.crs.j2 | 8 +++--- 11 files changed, 70 insertions(+), 19 deletions(-) create mode 100644 roles/k3s_server/tasks/kube-vip.yml create mode 100644 roles/k3s_server/templates/kubevip.yaml.j2 diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index d9553dee4..bb1b36a3a 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -54,7 +54,8 @@ kube_vip_tag_version: "" metal_lb_speaker_tag_version: "" metal_lb_controller_tag_version: "" -metal_lb_ip_range: "" +service_lb_type: "" +service_lb_ip_range: "" ``` ### Hosts diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 4f433af34..0541dc40b 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -56,6 +56,9 @@ extra_agent_args: >- # image tag for kube-vip kube_vip_tag_version: "v0.6.4" +# tag for kube-vip-cloud-provider manifest +kube_vip_cloud_provider_tag_version: "main" + # metallb type frr or native metal_lb_type: "native" @@ -71,8 +74,10 @@ metal_lb_mode: "layer2" metal_lb_speaker_tag_version: "v0.13.12" metal_lb_controller_tag_version: "v0.13.12" -# metallb ip range for load balancer -metal_lb_ip_range: "192.168.30.80-192.168.30.90" +# loadbalancer to use for services: "kube-vip" or "metallb" +service_lb_type: "metallb" +# ip range for service load balancer +service_lb_ip_range: "192.168.30.80-192.168.30.90" # Only enable if your nodes are proxmox LXC nodes, make sure to configure your proxmox nodes # in your hosts.ini file. diff --git a/molecule/ipv6/overrides.yml b/molecule/ipv6/overrides.yml index 44bbc07a8..f89eb60fe 100644 --- a/molecule/ipv6/overrides.yml +++ b/molecule/ipv6/overrides.yml @@ -23,7 +23,7 @@ apiserver_endpoint: fdad:bad:ba55::333 # We give MetalLB address space for both IPv4 and IPv6 - metal_lb_ip_range: + service_lb_ip_range: - fdad:bad:ba55::1b:0/112 - 192.168.123.80-192.168.123.90 diff --git a/molecule/single_node/overrides.yml b/molecule/single_node/overrides.yml index 799275efd..e889632ce 100644 --- a/molecule/single_node/overrides.yml +++ b/molecule/single_node/overrides.yml @@ -13,4 +13,4 @@ # Make sure that our IP ranges do not collide with those of the default scenario apiserver_endpoint: "192.168.30.223" - metal_lb_ip_range: "192.168.30.91-192.168.30.99" + service_lb_ip_range: "192.168.30.91-192.168.30.99" diff --git a/roles/k3s_server/tasks/kube-vip.yml b/roles/k3s_server/tasks/kube-vip.yml new file mode 100644 index 000000000..fc794a49c --- /dev/null +++ b/roles/k3s_server/tasks/kube-vip.yml @@ -0,0 +1,27 @@ +--- +- name: Create manifests directory on first master + file: + path: /var/lib/rancher/k3s/server/manifests + state: directory + owner: root + group: root + mode: 0644 + when: ansible_hostname == hostvars[groups[group_name_master | default('master')][0]]['ansible_hostname'] + +- name: Download vip cloud provider manifest to first master + ansible.builtin.get_url: + url: "https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/{{ kube_vip_cloud_provider_tag_version }}/manifest/kube-vip-cloud-controller.yaml" # noqa yaml[line-length] + dest: "/var/lib/rancher/k3s/server/manifests/kube-vip-cloud-controller.yaml" + owner: root + group: root + mode: 0644 + when: ansible_hostname == hostvars[groups[group_name_master | default('master')][0]]['ansible_hostname'] + +- name: Copy kubevip configMap manifest to first master + template: + src: "kubevip.yaml.j2" + dest: "/var/lib/rancher/k3s/server/manifests/kubevip.yaml" + owner: root + group: root + mode: 0644 + when: ansible_hostname == hostvars[groups[group_name_master | default('master')][0]]['ansible_hostname'] diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index 5a396e0b6..8482678eb 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -26,9 +26,10 @@ - name: Deploy vip manifest include_tasks: vip.yml -- name: Deploy metallb manifest - include_tasks: metallb.yml - tags: metallb +- name: Deploy manifest for {{ service_lb_type }} + include_tasks: "{{ service_lb_type }}.yml" + tags: + - service_lb - name: Init cluster inside the transient k3s-init service command: diff --git a/roles/k3s_server/templates/kubevip.yaml.j2 b/roles/k3s_server/templates/kubevip.yaml.j2 new file mode 100644 index 000000000..e0dc781d7 --- /dev/null +++ b/roles/k3s_server/templates/kubevip.yaml.j2 @@ -0,0 +1,15 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: kubevip + namespace: kube-system +data: +{% if service_lb_ip_range is string %} +{# service_lb_ip_range was used in the legacy way: single string instead of a list #} +{# => transform to list with single element #} +{% set service_lb_ip_range = [service_lb_ip_range] %} +{% endif %} +{% for range in service_lb_ip_range %} + range-global: {{ range }} +{% endfor %} diff --git a/roles/k3s_server/templates/vip.yaml.j2 b/roles/k3s_server/templates/vip.yaml.j2 index 862aee642..0a527006e 100644 --- a/roles/k3s_server/templates/vip.yaml.j2 +++ b/roles/k3s_server/templates/vip.yaml.j2 @@ -43,7 +43,7 @@ spec: - name: vip_ddns value: "false" - name: svc_enable - value: "false" + value: "{{ 'true' if service_lb_type == 'kube-vip' else 'false' }}" - name: vip_leaderelection value: "true" - name: vip_leaseduration diff --git a/roles/k3s_server_post/tasks/main.yml b/roles/k3s_server_post/tasks/main.yml index 505eebfdd..42d870f45 100644 --- a/roles/k3s_server_post/tasks/main.yml +++ b/roles/k3s_server_post/tasks/main.yml @@ -6,9 +6,6 @@ - name: Deploy metallb pool include_tasks: metallb.yml - tags: metallb - -- name: Remove tmp directory used for manifests - file: - path: /tmp/k3s - state: absent + tags: + - service_lb + when: service_lb_type == "metallb" diff --git a/roles/k3s_server_post/tasks/metallb.yml b/roles/k3s_server_post/tasks/metallb.yml index 24219479e..1afdfb932 100644 --- a/roles/k3s_server_post/tasks/metallb.yml +++ b/roles/k3s_server_post/tasks/metallb.yml @@ -99,3 +99,8 @@ - IPAddressPool - BGPPeer - BGPAdvertisement + +- name: Remove tmp directory used for manifests + file: + path: /tmp/k3s + state: absent diff --git a/roles/k3s_server_post/templates/metallb.crs.j2 b/roles/k3s_server_post/templates/metallb.crs.j2 index 562f561fa..b52006dd5 100644 --- a/roles/k3s_server_post/templates/metallb.crs.j2 +++ b/roles/k3s_server_post/templates/metallb.crs.j2 @@ -5,12 +5,12 @@ metadata: namespace: metallb-system spec: addresses: -{% if metal_lb_ip_range is string %} -{# metal_lb_ip_range was used in the legacy way: single string instead of a list #} +{% if service_lb_ip_range is string %} +{# service_lb_ip_range was used in the legacy way: single string instead of a list #} {# => transform to list with single element #} -{% set metal_lb_ip_range = [metal_lb_ip_range] %} +{% set service_lb_ip_range = [service_lb_ip_range] %} {% endif %} -{% for range in metal_lb_ip_range %} +{% for range in service_lb_ip_range %} - {{ range }} {% endfor %} From 0c266f07105e47da4d09d3218cd35c75f036b6a1 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sun, 28 Jan 2024 16:49:39 +0100 Subject: [PATCH 2/7] mend contract --- .github/ISSUE_TEMPLATE.md | 7 +++++-- inventory/sample/group_vars/all.yml | 12 ++++++++---- molecule/ipv6/overrides.yml | 2 +- molecule/single_node/overrides.yml | 2 +- roles/k3s_server/tasks/main.yml | 13 +++++++++---- roles/k3s_server/templates/kubevip.yaml.j2 | 6 +++--- roles/k3s_server_post/tasks/main.yml | 10 +++++++--- roles/k3s_server_post/tasks/metallb.yml | 5 ----- roles/k3s_server_post/templates/metallb.crs.j2 | 8 ++++---- 9 files changed, 38 insertions(+), 27 deletions(-) diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index bb1b36a3a..7c7e855e3 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -51,11 +51,14 @@ extra_agent_args: "" kube_vip_tag_version: "" +service_lb_type: "" +kube_vip_cloud_provider_tag_version: "" +kube_vip_lb_ip_range: "" + metal_lb_speaker_tag_version: "" metal_lb_controller_tag_version: "" -service_lb_type: "" -service_lb_ip_range: "" +metal_lb_ip_range: "" ``` ### Hosts diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 0541dc40b..8139a2c3a 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -56,9 +56,15 @@ extra_agent_args: >- # image tag for kube-vip kube_vip_tag_version: "v0.6.4" +# loadbalancer to use for services: "kube-vip" or "metallb" +service_lb_type: "metallb" + # tag for kube-vip-cloud-provider manifest kube_vip_cloud_provider_tag_version: "main" +# kube-vip ip range for load balancer +kube_vip_lb_ip_range: "192.168.30.80-192.168.30.90" + # metallb type frr or native metal_lb_type: "native" @@ -74,10 +80,8 @@ metal_lb_mode: "layer2" metal_lb_speaker_tag_version: "v0.13.12" metal_lb_controller_tag_version: "v0.13.12" -# loadbalancer to use for services: "kube-vip" or "metallb" -service_lb_type: "metallb" -# ip range for service load balancer -service_lb_ip_range: "192.168.30.80-192.168.30.90" +# metallb ip range for load balancer +metal_lb_ip_range: "192.168.30.80-192.168.30.90" # Only enable if your nodes are proxmox LXC nodes, make sure to configure your proxmox nodes # in your hosts.ini file. diff --git a/molecule/ipv6/overrides.yml b/molecule/ipv6/overrides.yml index f89eb60fe..44bbc07a8 100644 --- a/molecule/ipv6/overrides.yml +++ b/molecule/ipv6/overrides.yml @@ -23,7 +23,7 @@ apiserver_endpoint: fdad:bad:ba55::333 # We give MetalLB address space for both IPv4 and IPv6 - service_lb_ip_range: + metal_lb_ip_range: - fdad:bad:ba55::1b:0/112 - 192.168.123.80-192.168.123.90 diff --git a/molecule/single_node/overrides.yml b/molecule/single_node/overrides.yml index e889632ce..799275efd 100644 --- a/molecule/single_node/overrides.yml +++ b/molecule/single_node/overrides.yml @@ -13,4 +13,4 @@ # Make sure that our IP ranges do not collide with those of the default scenario apiserver_endpoint: "192.168.30.223" - service_lb_ip_range: "192.168.30.91-192.168.30.99" + metal_lb_ip_range: "192.168.30.91-192.168.30.99" diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index 8482678eb..f2bef9a8a 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -26,10 +26,15 @@ - name: Deploy vip manifest include_tasks: vip.yml -- name: Deploy manifest for {{ service_lb_type }} - include_tasks: "{{ service_lb_type }}.yml" - tags: - - service_lb +- name: Deploy metallb manifest + include_tasks: metallb.yml + tags: metallb + when: service_lb_type | default('metallb') == 'metallb' + +- name: Deploy kube-vip manifest + include_tasks: kube-vip.yml + tags: kubevip + when: service_lb_type | default('metallb') == 'kube-vip' - name: Init cluster inside the transient k3s-init service command: diff --git a/roles/k3s_server/templates/kubevip.yaml.j2 b/roles/k3s_server/templates/kubevip.yaml.j2 index e0dc781d7..547df12e6 100644 --- a/roles/k3s_server/templates/kubevip.yaml.j2 +++ b/roles/k3s_server/templates/kubevip.yaml.j2 @@ -5,10 +5,10 @@ metadata: name: kubevip namespace: kube-system data: -{% if service_lb_ip_range is string %} -{# service_lb_ip_range was used in the legacy way: single string instead of a list #} +{% if kube_vip_lb_ip_range is string %} +{# kube_vip_lb_ip_range was used in the legacy way: single string instead of a list #} {# => transform to list with single element #} -{% set service_lb_ip_range = [service_lb_ip_range] %} +{% set kube_vip_lb_ip_range = [kube_vip_lb_ip_range] %} {% endif %} {% for range in service_lb_ip_range %} range-global: {{ range }} diff --git a/roles/k3s_server_post/tasks/main.yml b/roles/k3s_server_post/tasks/main.yml index 42d870f45..56570d663 100644 --- a/roles/k3s_server_post/tasks/main.yml +++ b/roles/k3s_server_post/tasks/main.yml @@ -6,6 +6,10 @@ - name: Deploy metallb pool include_tasks: metallb.yml - tags: - - service_lb - when: service_lb_type == "metallb" + tags: metallb + when: service_lb_type | default('metallb') == 'metallb' + +- name: Remove tmp directory used for manifests + file: + path: /tmp/k3s + state: absent diff --git a/roles/k3s_server_post/tasks/metallb.yml b/roles/k3s_server_post/tasks/metallb.yml index 64f9a8b49..07a23b0f2 100644 --- a/roles/k3s_server_post/tasks/metallb.yml +++ b/roles/k3s_server_post/tasks/metallb.yml @@ -120,8 +120,3 @@ - IPAddressPool - BGPPeer - BGPAdvertisement - -- name: Remove tmp directory used for manifests - file: - path: /tmp/k3s - state: absent diff --git a/roles/k3s_server_post/templates/metallb.crs.j2 b/roles/k3s_server_post/templates/metallb.crs.j2 index b52006dd5..562f561fa 100644 --- a/roles/k3s_server_post/templates/metallb.crs.j2 +++ b/roles/k3s_server_post/templates/metallb.crs.j2 @@ -5,12 +5,12 @@ metadata: namespace: metallb-system spec: addresses: -{% if service_lb_ip_range is string %} -{# service_lb_ip_range was used in the legacy way: single string instead of a list #} +{% if metal_lb_ip_range is string %} +{# metal_lb_ip_range was used in the legacy way: single string instead of a list #} {# => transform to list with single element #} -{% set service_lb_ip_range = [service_lb_ip_range] %} +{% set metal_lb_ip_range = [metal_lb_ip_range] %} {% endif %} -{% for range in service_lb_ip_range %} +{% for range in metal_lb_ip_range %} - {{ range }} {% endfor %} From 17d405b0a7f1e202e05ddd43f3240c5a36221be9 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sun, 28 Jan 2024 16:55:48 +0100 Subject: [PATCH 3/7] fix for multiple IP ranges with kube-vip lb --- roles/k3s_server/templates/kubevip.yaml.j2 | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/roles/k3s_server/templates/kubevip.yaml.j2 b/roles/k3s_server/templates/kubevip.yaml.j2 index 547df12e6..40d8b50ed 100644 --- a/roles/k3s_server/templates/kubevip.yaml.j2 +++ b/roles/k3s_server/templates/kubevip.yaml.j2 @@ -10,6 +10,4 @@ data: {# => transform to list with single element #} {% set kube_vip_lb_ip_range = [kube_vip_lb_ip_range] %} {% endif %} -{% for range in service_lb_ip_range %} - range-global: {{ range }} -{% endfor %} + range-global: {{ kube_vip_lb_ip_range | join(',') }} From 91b2d1e059677245b0eee4850ed3fe7dd70f7c80 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sun, 28 Jan 2024 21:02:17 +0100 Subject: [PATCH 4/7] simplify configuration --- .github/ISSUE_TEMPLATE.md | 1 - inventory/sample/group_vars/all.yml | 10 ++++------ roles/k3s_server/tasks/kube-vip.yml | 2 +- roles/k3s_server/tasks/main.yml | 4 ++-- roles/k3s_server/templates/vip.yaml.j2 | 2 +- roles/k3s_server_post/tasks/main.yml | 2 +- 6 files changed, 9 insertions(+), 12 deletions(-) diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index 7c7e855e3..ad49c1834 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -51,7 +51,6 @@ extra_agent_args: "" kube_vip_tag_version: "" -service_lb_type: "" kube_vip_cloud_provider_tag_version: "" kube_vip_lb_ip_range: "" diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 8139a2c3a..19c182748 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -56,14 +56,12 @@ extra_agent_args: >- # image tag for kube-vip kube_vip_tag_version: "v0.6.4" -# loadbalancer to use for services: "kube-vip" or "metallb" -service_lb_type: "metallb" - # tag for kube-vip-cloud-provider manifest -kube_vip_cloud_provider_tag_version: "main" +#kube_vip_cloud_provider_tag_version: "main" -# kube-vip ip range for load balancer -kube_vip_lb_ip_range: "192.168.30.80-192.168.30.90" +# kube-vip ip range for load balancer +# (uncomment to use kube-vip for services instead of MetalLB) +#kube_vip_lb_ip_range: "192.168.30.80-192.168.30.90" # metallb type frr or native metal_lb_type: "native" diff --git a/roles/k3s_server/tasks/kube-vip.yml b/roles/k3s_server/tasks/kube-vip.yml index fc794a49c..d0c74afd7 100644 --- a/roles/k3s_server/tasks/kube-vip.yml +++ b/roles/k3s_server/tasks/kube-vip.yml @@ -10,7 +10,7 @@ - name: Download vip cloud provider manifest to first master ansible.builtin.get_url: - url: "https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/{{ kube_vip_cloud_provider_tag_version }}/manifest/kube-vip-cloud-controller.yaml" # noqa yaml[line-length] + url: "https://raw.githubusercontent.com/kube-vip/kube-vip-cloud-provider/{{ kube_vip_cloud_provider_tag_version | default('main') }}/manifest/kube-vip-cloud-controller.yaml" # noqa yaml[line-length] dest: "/var/lib/rancher/k3s/server/manifests/kube-vip-cloud-controller.yaml" owner: root group: root diff --git a/roles/k3s_server/tasks/main.yml b/roles/k3s_server/tasks/main.yml index f2bef9a8a..cc5f8239e 100644 --- a/roles/k3s_server/tasks/main.yml +++ b/roles/k3s_server/tasks/main.yml @@ -29,12 +29,12 @@ - name: Deploy metallb manifest include_tasks: metallb.yml tags: metallb - when: service_lb_type | default('metallb') == 'metallb' + when: kube_vip_lb_ip_range is not defined - name: Deploy kube-vip manifest include_tasks: kube-vip.yml tags: kubevip - when: service_lb_type | default('metallb') == 'kube-vip' + when: kube_vip_lb_ip_range is defined - name: Init cluster inside the transient k3s-init service command: diff --git a/roles/k3s_server/templates/vip.yaml.j2 b/roles/k3s_server/templates/vip.yaml.j2 index 0a527006e..1092557ac 100644 --- a/roles/k3s_server/templates/vip.yaml.j2 +++ b/roles/k3s_server/templates/vip.yaml.j2 @@ -43,7 +43,7 @@ spec: - name: vip_ddns value: "false" - name: svc_enable - value: "{{ 'true' if service_lb_type == 'kube-vip' else 'false' }}" + value: "{{ 'true' if kube_vip_lb_ip_range is defined else 'false' }}" - name: vip_leaderelection value: "true" - name: vip_leaseduration diff --git a/roles/k3s_server_post/tasks/main.yml b/roles/k3s_server_post/tasks/main.yml index 56570d663..e9b98422e 100644 --- a/roles/k3s_server_post/tasks/main.yml +++ b/roles/k3s_server_post/tasks/main.yml @@ -7,7 +7,7 @@ - name: Deploy metallb pool include_tasks: metallb.yml tags: metallb - when: service_lb_type | default('metallb') == 'metallb' + when: kube_vip_lb_ip_range is not defined - name: Remove tmp directory used for manifests file: From 11105f6fdd45a14a04b9a0be040bba7a70a27855 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sun, 28 Jan 2024 21:05:51 +0100 Subject: [PATCH 5/7] add molecule scenario kube-vip --- molecule/README.md | 2 ++ molecule/kube-vip/molecule.yml | 49 +++++++++++++++++++++++++++++++++ molecule/kube-vip/overrides.yml | 18 ++++++++++++ 3 files changed, 69 insertions(+) create mode 100644 molecule/kube-vip/molecule.yml create mode 100644 molecule/kube-vip/overrides.yml diff --git a/molecule/README.md b/molecule/README.md index 40c2feebd..f8d6b7052 100644 --- a/molecule/README.md +++ b/molecule/README.md @@ -15,6 +15,8 @@ We have these scenarios: Very similar to the default scenario, but uses only a single node for all cluster functionality. - **calico**: The same as single node, but uses calico cni instead of flannel. +- **kube-vip** + The same as single node, but uses kube-vip as service loadbalancer instead of MetalLB ## How to execute diff --git a/molecule/kube-vip/molecule.yml b/molecule/kube-vip/molecule.yml new file mode 100644 index 000000000..f9487f399 --- /dev/null +++ b/molecule/kube-vip/molecule.yml @@ -0,0 +1,49 @@ +--- +dependency: + name: galaxy +driver: + name: vagrant +platforms: + - name: control1 + box: generic/ubuntu2204 + memory: 4096 + cpus: 4 + config_options: + # We currently can not use public-key based authentication on Ubuntu 22.04, + # see: https://github.com/chef/bento/issues/1405 + ssh.username: "vagrant" + ssh.password: "vagrant" + groups: + - k3s_cluster + - master + interfaces: + - network_name: private_network + ip: 192.168.30.62 +provisioner: + name: ansible + env: + ANSIBLE_VERBOSITY: 1 + playbooks: + converge: ../resources/converge.yml + side_effect: ../resources/reset.yml + verify: ../resources/verify.yml + inventory: + links: + group_vars: ../../inventory/sample/group_vars +scenario: + test_sequence: + - dependency + - cleanup + - destroy + - syntax + - create + - prepare + - converge + # idempotence is not possible with the playbook in its current form. + - verify + # We are repurposing side_effect here to test the reset playbook. + # This is why we do not run it before verify (which tests the cluster), + # but after the verify step. + - side_effect + - cleanup + - destroy diff --git a/molecule/kube-vip/overrides.yml b/molecule/kube-vip/overrides.yml new file mode 100644 index 000000000..d6e972140 --- /dev/null +++ b/molecule/kube-vip/overrides.yml @@ -0,0 +1,18 @@ +--- +- name: Apply overrides + hosts: all + tasks: + - name: Override host variables + ansible.builtin.set_fact: + # See: + # https://github.com/flannel-io/flannel/blob/67d603aaf45ef80f5dd39f43714fc5e6f8a637eb/Documentation/troubleshooting.md#Vagrant + flannel_iface: eth1 + + # The test VMs might be a bit slow, so we give them more time to join the cluster: + retry_count: 45 + + # Make sure that our IP ranges do not collide with those of the other scenarios + apiserver_endpoint: "192.168.30.225" + # Use kube-vip instead of MetalLB + kube_vip_lb_ip_range: "192.168.30.110-192.168.30.119" + From d4f7ebc7479f0d6b4c32fe22a93c5279ccd50950 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sun, 28 Jan 2024 22:37:42 +0100 Subject: [PATCH 6/7] fix pre-commit errors --- inventory/sample/group_vars/all.yml | 6 +++--- molecule/kube-vip/overrides.yml | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/inventory/sample/group_vars/all.yml b/inventory/sample/group_vars/all.yml index 19c182748..f6f812016 100644 --- a/inventory/sample/group_vars/all.yml +++ b/inventory/sample/group_vars/all.yml @@ -57,11 +57,11 @@ extra_agent_args: >- kube_vip_tag_version: "v0.6.4" # tag for kube-vip-cloud-provider manifest -#kube_vip_cloud_provider_tag_version: "main" +# kube_vip_cloud_provider_tag_version: "main" -# kube-vip ip range for load balancer +# kube-vip ip range for load balancer # (uncomment to use kube-vip for services instead of MetalLB) -#kube_vip_lb_ip_range: "192.168.30.80-192.168.30.90" +# kube_vip_lb_ip_range: "192.168.30.80-192.168.30.90" # metallb type frr or native metal_lb_type: "native" diff --git a/molecule/kube-vip/overrides.yml b/molecule/kube-vip/overrides.yml index d6e972140..c64b1f3ce 100644 --- a/molecule/kube-vip/overrides.yml +++ b/molecule/kube-vip/overrides.yml @@ -15,4 +15,3 @@ apiserver_endpoint: "192.168.30.225" # Use kube-vip instead of MetalLB kube_vip_lb_ip_range: "192.168.30.110-192.168.30.119" - From ee0d5c5884fb4fe7bdcc9bfe5766c6885afecdf6 Mon Sep 17 00:00:00 2001 From: Gereon Vey Date: Sun, 28 Jan 2024 22:38:15 +0100 Subject: [PATCH 7/7] enable molecule scenario kube-vip in CI --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 682fa99ff..c93e9f41e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,6 +13,7 @@ jobs: - ipv6 - single_node - calico + - kube-vip fail-fast: false env: PYTHON_VERSION: "3.11"