unkinben
4ef99b4573
fix: helm before rke2 managed manifests
...
Build / precommit (pull_request) Successful in 5m15s
- add fact to list namespaces
- require namespace before adding additional config
- renamed some files to better match what they are
2025-09-20 23:49:10 +10:00
unkinben
571a9b25a7
fix: resolve rke2-server errors ( #397 )
...
- kubectl yaml files must not use underscores
- replace unicode hyphen with ascii hyphen
Reviewed-on: #397
2025-09-20 18:40:18 +10:00
unkinben
762f415d2d
feat: k8s helm rework ( #396 )
...
- remove helm-generated-yaml, replace with helm execs
- template/parameterise ceph csi
Reviewed-on: #396
2025-09-20 17:40:41 +10:00
unkinben
4e77fb7ee7
feat: manage rancher, purelb, cert-manager ( #395 )
...
This change will install rancher, purelb and cert-manager, then
configure a dmz and common ip pool to be used by loadbalancers. The
nginx ingres controller is configured to use 198.18.200.0 (common) and
announce the ip from all nodes so that it becomes an anycast ip in ospf.
- manage the install of rancher, purelb and cert-manager
- add rancher ingress routes
- add nginx externalip/loadBalancer
Reviewed-on: #395
2025-09-14 20:59:39 +10:00
unkinben
6e4bc9fbc7
feat: adding rke2 ( #394 )
...
- manage rke2 repos
- add rke2 module (init, params, install, config, service)
- split roles::infra::k8s::node -> control/compute roles
- moved common k8s config into k8s.yaml
- add bootstrap_node, manage server and token fields in rke2 config
- manage install of helm
- manage node attributes (from puppet facts)
- manage frr exclusions for service/cluster network
Reviewed-on: #394
2025-09-14 13:27:49 +10:00
unkinben
0665873dc8
feat: update ospf source for learned routes ( #388 )
...
- enable changing the source address for learned ospf routes
- this enables the loopback0 interface to be used as a default src address
- ensure k8s nodes use loopback0 as default src
- ensure incus nodes use loopback0 as default src
Reviewed-on: #388
2025-09-07 16:09:21 +10:00
unkinben
ae4eb3a5eb
fix: set loopback0 as source for consul ( #387 )
...
- fix consul service checks for prodnxsr0001-0008
- ensure the loopback0 interface whats bound too
Reviewed-on: #387
2025-09-07 15:48:27 +10:00
unkinben
75ca7a5685
feat: add frr_exporter class ( #369 )
...
- add frr exporter to all nodes running frr
Reviewed-on: #369
2025-08-03 16:15:29 +10:00
unkinben
3cfafbac44
feat: enable ceph on k8s nodes ( #362 )
...
- enable enough ceph/frr to join to cephfs
- notify sshd when restarting the network
- update ssh principals to include all ssh interfaces
Reviewed-on: #362
2025-07-19 20:30:46 +10:00
unkinben
98f1961a07
benvin/ceph_common ( #360 )
...
Reviewed-on: #360
2025-07-15 20:38:39 +10:00
unkinben
eb1ada8ea5
fix: duplicate declatation ( #359 )
...
- only install ceph-common once
Reviewed-on: #359
2025-07-15 20:31:09 +10:00
unkinben
ec3e42901a
feat: add basic k8s node role ( #358 )
...
- update prodnxsr0001-8 to use networkd
- add basic k8s node role
Reviewed-on: #358
2025-07-15 20:18:17 +10:00
unkinben
ed1a4f6488
fix: missed address in consul service ( #303 )
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/303
2025-05-30 23:27:44 +10:00
unkinben
bdd833fa4e
feat: create basic k8s roles to start deployment ( #302 )
...
- just create roles so can deploy hosts
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/302
2025-05-30 23:21:02 +10:00