unkinben
9572b08683
feat: include ceph service profiles in incus/node and k8s hieradata
...
ci/woodpecker/pr/ruby-validate Pipeline was successful
ci/woodpecker/pr/puppet-lint Pipeline was successful
ci/woodpecker/pr/yamllint Pipeline was successful
ci/woodpecker/pr/erb-validate Pipeline was successful
ci/woodpecker/pr/bolt-validate Pipeline was successful
ci/woodpecker/pr/epp-validate Pipeline was successful
ci/woodpecker/pr/ruby-check Pipeline was successful
ci/woodpecker/pr/puppet-validate Pipeline was successful
incus::node gets mon, mgr, mds, osd; k8s compute and control get osd only.
2026-04-05 23:23:38 +10:00
unkinben
c4d28d52bc
chore: remove helm deploys from puppet ( #444 )
...
- migrate helm deployments to terraform
Reviewed-on: #444
2026-01-30 20:52:51 +11:00
unkinben
dbe1398218
chore: centralise all yum repo configuration ( #436 )
...
- add 30+ repository definitions to AlmaLinux/all_releases.yaml with `ensure: absent` defaults
- update all role-specific hieradata files to use `ensure: present` pattern
- remove duplicated repository URL/GPG key configurations from individual roles
- maintains existing functionality while improving maintainability"
Reviewed-on: #436
2026-01-15 21:35:13 +11:00
unkinben
383bbb0507
fix: ensure join-api is functioning ( #434 )
...
- consul was directing new rke2 control nodes to a dead join api
- add additional check to verify its responding (not just up)
Reviewed-on: #434
2026-01-11 13:51:36 +11:00
unkinben
efbbb6bcb1
feat: moderate the k8s install ( #403 )
...
- only install a base config
- wait for 3 masters before deploying helm charts
- remove cluster-domain
- manage nginx ingres via rke2 helmconfig
Reviewed-on: #403
2025-10-12 17:50:24 +11:00
unkinben
b224cfb516
fix: cattle-system namespace ( #399 )
...
- cattle-system namespace is created earlier than helm
- leave namespaces.yaml to manage cattle-system namespace (required
before installing helm/rancher)
Reviewed-on: #399
2025-09-21 00:21:41 +10:00
unkinben
571a9b25a7
fix: resolve rke2-server errors ( #397 )
...
- kubectl yaml files must not use underscores
- replace unicode hyphen with ascii hyphen
Reviewed-on: #397
2025-09-20 18:40:18 +10:00
unkinben
762f415d2d
feat: k8s helm rework ( #396 )
...
- remove helm-generated-yaml, replace with helm execs
- template/parameterise ceph csi
Reviewed-on: #396
2025-09-20 17:40:41 +10:00
unkinben
4e77fb7ee7
feat: manage rancher, purelb, cert-manager ( #395 )
...
This change will install rancher, purelb and cert-manager, then
configure a dmz and common ip pool to be used by loadbalancers. The
nginx ingres controller is configured to use 198.18.200.0 (common) and
announce the ip from all nodes so that it becomes an anycast ip in ospf.
- manage the install of rancher, purelb and cert-manager
- add rancher ingress routes
- add nginx externalip/loadBalancer
Reviewed-on: #395
2025-09-14 20:59:39 +10:00
unkinben
6e4bc9fbc7
feat: adding rke2 ( #394 )
...
- manage rke2 repos
- add rke2 module (init, params, install, config, service)
- split roles::infra::k8s::node -> control/compute roles
- moved common k8s config into k8s.yaml
- add bootstrap_node, manage server and token fields in rke2 config
- manage install of helm
- manage node attributes (from puppet facts)
- manage frr exclusions for service/cluster network
Reviewed-on: #394
2025-09-14 13:27:49 +10:00
unkinben
0665873dc8
feat: update ospf source for learned routes ( #388 )
...
- enable changing the source address for learned ospf routes
- this enables the loopback0 interface to be used as a default src address
- ensure k8s nodes use loopback0 as default src
- ensure incus nodes use loopback0 as default src
Reviewed-on: #388
2025-09-07 16:09:21 +10:00
unkinben
ae4eb3a5eb
fix: set loopback0 as source for consul ( #387 )
...
- fix consul service checks for prodnxsr0001-0008
- ensure the loopback0 interface whats bound too
Reviewed-on: #387
2025-09-07 15:48:27 +10:00
unkinben
75ca7a5685
feat: add frr_exporter class ( #369 )
...
- add frr exporter to all nodes running frr
Reviewed-on: #369
2025-08-03 16:15:29 +10:00
unkinben
3cfafbac44
feat: enable ceph on k8s nodes ( #362 )
...
- enable enough ceph/frr to join to cephfs
- notify sshd when restarting the network
- update ssh principals to include all ssh interfaces
Reviewed-on: #362
2025-07-19 20:30:46 +10:00
unkinben
98f1961a07
benvin/ceph_common ( #360 )
...
Reviewed-on: #360
2025-07-15 20:38:39 +10:00
unkinben
eb1ada8ea5
fix: duplicate declatation ( #359 )
...
- only install ceph-common once
Reviewed-on: #359
2025-07-15 20:31:09 +10:00
unkinben
ec3e42901a
feat: add basic k8s node role ( #358 )
...
- update prodnxsr0001-8 to use networkd
- add basic k8s node role
Reviewed-on: #358
2025-07-15 20:18:17 +10:00
unkinben
ed1a4f6488
fix: missed address in consul service ( #303 )
...
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/303
2025-05-30 23:27:44 +10:00
unkinben
bdd833fa4e
feat: create basic k8s roles to start deployment ( #302 )
...
- just create roles so can deploy hosts
Reviewed-on: https://git.query.consul/unkinben/puppet-prod/pulls/302
2025-05-30 23:21:02 +10:00