Ben Vincent
efbbb6bcb1
- only install a base config - wait for 3 masters before deploying helm charts - remove cluster-domain - manage nginx ingres via rke2 helmconfig Reviewed-on: #403
82 lines
2.9 KiB
Puppet
82 lines
2.9 KiB
Puppet
# manage helm
|
|
class rke2::helm (
|
|
Enum['server', 'agent'] $node_type = $rke2::node_type,
|
|
Stdlib::Fqdn $bootstrap_node = $rke2::bootstrap_node,
|
|
Boolean $helm_install = $rke2::helm_install,
|
|
Hash $helm_repos = $rke2::helm_repos
|
|
){
|
|
|
|
# when installing helm, manage the repos
|
|
if $helm_install {
|
|
|
|
package {'helm':
|
|
ensure => installed,
|
|
}
|
|
|
|
file { '/etc/helm':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
# on the controller nodes only, and after 3 master nodes exist
|
|
if $node_type == 'server' and $facts['k8s_masters'] and $facts['k8s_masters'] > 2 {
|
|
|
|
# check if the repo already exists
|
|
$helm_repos.each | String $repo, Stdlib::HTTPSUrl $url | {
|
|
|
|
# if repo isnt in repo list from helm, install it
|
|
if ! $facts['helm_repos'].any |$existing| { $existing['name'] == $repo } {
|
|
|
|
exec { "helm_add_repo_${repo}":
|
|
command => "helm repo add ${repo} ${url} --repository-config /etc/helm/repositories.yaml",
|
|
path => ['/usr/bin'],
|
|
environment => [
|
|
'KUBECONFIG=/etc/rancher/rke2/rke2.yaml',
|
|
],
|
|
}
|
|
}
|
|
}
|
|
|
|
# install specific helm charts to bootstrap environment
|
|
$plb_cmd = 'helm install purelb purelb/purelb \
|
|
--create-namespace \
|
|
--namespace=purelb \
|
|
--repository-config /etc/helm/repositories.yaml'
|
|
exec { 'install_purelb':
|
|
command => $plb_cmd,
|
|
path => ['/usr/bin', '/bin'],
|
|
environment => ['KUBECONFIG=/etc/rancher/rke2/rke2.yaml'],
|
|
unless => 'helm list -n purelb | grep -q ^purelb',
|
|
}
|
|
|
|
$cm_cmd = 'helm install cert-manager jetstack/cert-manager \
|
|
--namespace cert-manager \
|
|
--create-namespace \
|
|
--set crds.enabled=true \
|
|
--repository-config /etc/helm/repositories.yaml'
|
|
exec { 'install_cert_manager':
|
|
command => $cm_cmd,
|
|
path => ['/usr/bin', '/bin'],
|
|
environment => ['KUBECONFIG=/etc/rancher/rke2/rke2.yaml'],
|
|
unless => 'helm list -n cert-manager | grep -q ^cert-manager',
|
|
}
|
|
|
|
$r_cmd = 'helm install rancher rancher-stable/rancher \
|
|
--namespace cattle-system \
|
|
--create-namespace \
|
|
--set hostname=rancher.main.unkin.net \
|
|
--set bootstrapPassword=admin \
|
|
--set ingress.tls.source=secret \
|
|
--repository-config /etc/helm/repositories.yaml'
|
|
exec { 'install_rancher':
|
|
command => $r_cmd,
|
|
path => ['/usr/bin', '/bin'],
|
|
environment => ['KUBECONFIG=/etc/rancher/rke2/rke2.yaml'],
|
|
unless => 'helm list -n cattle-system | grep -q ^rancher',
|
|
}
|
|
}
|
|
}
|
|
}
|