From c4d28d52bce77a0c01ec3016f3229139c44b20ac Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Fri, 30 Jan 2026 20:52:51 +1100 Subject: [PATCH] chore: remove helm deploys from puppet (#444) - migrate helm deployments to terraform Reviewed-on: https://git.unkin.net/unkin/puppet-prod/pulls/444 --- hieradata/roles/infra/k8s/control.yaml | 3 -- modules/rke2/files/ingress-route-rancher.yaml | 23 ---------- modules/rke2/files/purelb-config.yaml | 45 ------------------- modules/rke2/manifests/config.pp | 24 ---------- modules/rke2/manifests/helm.pp | 38 ---------------- 5 files changed, 133 deletions(-) delete mode 100644 modules/rke2/files/ingress-route-rancher.yaml delete mode 100644 modules/rke2/files/purelb-config.yaml diff --git a/hieradata/roles/infra/k8s/control.yaml b/hieradata/roles/infra/k8s/control.yaml index 4a1cc1b..cd7c6c1 100644 --- a/hieradata/roles/infra/k8s/control.yaml +++ b/hieradata/roles/infra/k8s/control.yaml @@ -3,9 +3,6 @@ rke2::node_type: server rke2::helm_install: true rke2::helm_repos: - rancher-stable: https://releases.rancher.com/server-charts/stable - purelb: https://gitlab.com/api/v4/projects/20400619/packages/helm/stable - jetstack: https://charts.jetstack.io harbor: https://helm.goharbor.io traefik: https://traefik.github.io/charts hashicorp: https://helm.releases.hashicorp.com diff --git a/modules/rke2/files/ingress-route-rancher.yaml b/modules/rke2/files/ingress-route-rancher.yaml deleted file mode 100644 index eb189f3..0000000 --- a/modules/rke2/files/ingress-route-rancher.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: rancher - namespace: cattle-system - annotations: - kubernetes.io/ingress.class: nginx -spec: - tls: - - hosts: [rancher.main.unkin.net] - secretName: tls-rancher - rules: - - host: rancher.main.unkin.net - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: rancher - port: - number: 80 diff --git a/modules/rke2/files/purelb-config.yaml b/modules/rke2/files/purelb-config.yaml deleted file mode 100644 index 23cf49b..0000000 --- a/modules/rke2/files/purelb-config.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: purelb.io/v1 -kind: LBNodeAgent -metadata: - name: common - namespace: purelb -spec: - local: - extlbint: kube-lb0 - localint: default - sendgarp: false ---- -apiVersion: purelb.io/v1 -kind: LBNodeAgent -metadata: - name: dmz - namespace: purelb -spec: - local: - extlbint: kube-lb0 - localint: default - sendgarp: false ---- -apiVersion: purelb.io/v1 -kind: ServiceGroup -metadata: - name: dmz - namespace: purelb -spec: - local: - v4pools: - - subnet: 198.18.199.0/24 - pool: 198.18.199.0/24 - aggregation: /32 ---- -apiVersion: purelb.io/v1 -kind: ServiceGroup -metadata: - name: common - namespace: purelb -spec: - local: - v4pools: - - subnet: 198.18.200.0/24 - pool: 198.18.200.0/24 - aggregation: /32 diff --git a/modules/rke2/manifests/config.pp b/modules/rke2/manifests/config.pp index 72d4c70..bed5688 100644 --- a/modules/rke2/manifests/config.pp +++ b/modules/rke2/manifests/config.pp @@ -68,30 +68,6 @@ class rke2::config ( # on the controller nodes only if $node_type == 'server' and $facts['k8s_masters'] and $facts['k8s_masters'] > 2 { - # wait for purelb helm to setup namespace - if 'purelb' in $facts['k8s_namespaces'] { - file {'/var/lib/rancher/rke2/server/manifests/purelb-config.yaml': - ensure => file, - owner => 'root', - group => 'root', - mode => '0644', - source => 'puppet:///modules/rke2/purelb-config.yaml', - require => Service['rke2-server'], - } - } - - # wait for rancher helm to setup namespace - if 'cattle-system' in $facts['k8s_namespaces'] { - file {'/var/lib/rancher/rke2/server/manifests/ingress-route-rancher.yaml': - ensure => file, - owner => 'root', - group => 'root', - mode => '0644', - source => 'puppet:///modules/rke2/ingress-route-rancher.yaml', - require => Service['rke2-server'], - } - } - # manage extra config config (these are not dependent on helm) $extra_config_files.each |$file| { diff --git a/modules/rke2/manifests/helm.pp b/modules/rke2/manifests/helm.pp index 8eb5536..392dcc6 100644 --- a/modules/rke2/manifests/helm.pp +++ b/modules/rke2/manifests/helm.pp @@ -38,44 +38,6 @@ class rke2::helm ( } } } - - # install specific helm charts to bootstrap environment - $plb_cmd = 'helm install purelb purelb/purelb \ - --create-namespace \ - --namespace=purelb \ - --repository-config /etc/helm/repositories.yaml' - exec { 'install_purelb': - command => $plb_cmd, - path => ['/usr/bin', '/bin'], - environment => ['KUBECONFIG=/etc/rancher/rke2/rke2.yaml'], - unless => 'helm list -n purelb | grep -q ^purelb', - } - - $cm_cmd = 'helm install cert-manager jetstack/cert-manager \ - --namespace cert-manager \ - --create-namespace \ - --set crds.enabled=true \ - --repository-config /etc/helm/repositories.yaml' - exec { 'install_cert_manager': - command => $cm_cmd, - path => ['/usr/bin', '/bin'], - environment => ['KUBECONFIG=/etc/rancher/rke2/rke2.yaml'], - unless => 'helm list -n cert-manager | grep -q ^cert-manager', - } - - $r_cmd = 'helm install rancher rancher-stable/rancher \ - --namespace cattle-system \ - --create-namespace \ - --set hostname=rancher.main.unkin.net \ - --set bootstrapPassword=admin \ - --set ingress.tls.source=secret \ - --repository-config /etc/helm/repositories.yaml' - exec { 'install_rancher': - command => $r_cmd, - path => ['/usr/bin', '/bin'], - environment => ['KUBECONFIG=/etc/rancher/rke2/rke2.yaml'], - unless => 'helm list -n cattle-system | grep -q ^rancher', - } } } }