diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 932cb68..f1b5d82 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -15,11 +15,9 @@ make -C capi-lab eval $(make -C capi-lab --silent dev-env) ``` -Next install Cluster API into our newly created kind cluster alongside with our controller manager. +Next install our CAPMS provider into the cluster. ```bash -EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION=true clusterctl init - # repeat this whenever you make changes make push-to-capi-lab ``` diff --git a/capi-lab/deploy.yaml b/capi-lab/deploy.yaml index 01218c9..71c93c3 100644 --- a/capi-lab/deploy.yaml +++ b/capi-lab/deploy.yaml @@ -10,7 +10,6 @@ roles: - name: ansible-common - name: metal-roles - - name: cert-manager - name: prometheus - name: firewall-controller-manager vars: @@ -18,4 +17,4 @@ firewall_controller_manager_ca: "{{ lookup('file', playbook_dir + '/fcm-certs/ca.pem') }}" firewall_controller_manager_cert: "{{ lookup('file', playbook_dir + '/fcm-certs/tls.crt') }}" firewall_controller_manager_cert_key: "{{ lookup('file', playbook_dir + '/fcm-certs/tls.key') }}" - - name: cluster-api-provider-metal-stack + - name: cluster-api diff --git a/capi-lab/roles/cert-manager/README.md b/capi-lab/roles/cert-manager/README.md deleted file mode 100644 index b38276e..0000000 --- a/capi-lab/roles/cert-manager/README.md +++ /dev/null @@ -1,14 +0,0 @@ -# cert-manager - -Deploys [cert-manager](https://github.com/jetstack/cert-manager) to the Kubernetes cluster. - -## Requirements - -- [ansible-common](https://github.com/metal-stack/ansible-common) - -## Variables - -| Name | Mandatory | Description | -| --------------------------------------------- | --------- | ---------------------------------------------------------------- | -| cert_manager_version | | The cert-manager version to deploy | -| cert_manager_lets_encrypt_expiry_mail_address | | A mail address to which Let's Encrypt is gonna send expiry mails | diff --git a/capi-lab/roles/cert-manager/defaults/main.yaml b/capi-lab/roles/cert-manager/defaults/main.yaml deleted file mode 100644 index 82e00df..0000000 --- a/capi-lab/roles/cert-manager/defaults/main.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -cert_manager_version: "v1.16.1" -cert_manager_lets_encrypt_expiry_mail_address: expiry@capi-metal-stack.cloud diff --git a/capi-lab/roles/cert-manager/tasks/main.yml b/capi-lab/roles/cert-manager/tasks/main.yml deleted file mode 100644 index 376384e..0000000 --- a/capi-lab/roles/cert-manager/tasks/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -- name: Check mandatory variables for this role are set - assert: - fail_msg: "not all mandatory variables given, check role documentation" - quiet: yes - that: - - cert_manager_lets_encrypt_expiry_mail_address is not none - -- name: Create cert-manager namespace - k8s: - definition: - apiVersion: v1 - kind: Namespace - metadata: - name: cert-manager - labels: - name: cert-manager - certmanager.k8s.io/disable-validation: "true" - -- name: Deploy cert-manager - include_role: - name: ansible-common/roles/helm-chart - vars: - helm_chart: cert-manager - helm_repo: https://charts.jetstack.io - helm_force: false - helm_release_name: cert-manager - helm_target_namespace: cert-manager - helm_chart_version: "{{ cert_manager_version }}" - helm_value_file_template: cert-manager-values.yaml diff --git a/capi-lab/roles/cert-manager/templates/cert-manager-values.yaml b/capi-lab/roles/cert-manager/templates/cert-manager-values.yaml deleted file mode 100644 index 5313695..0000000 --- a/capi-lab/roles/cert-manager/templates/cert-manager-values.yaml +++ /dev/null @@ -1,2 +0,0 @@ ---- -installCRDs: true diff --git a/capi-lab/roles/cluster-api-provider-metal-stack/tasks/main.yaml b/capi-lab/roles/cluster-api-provider-metal-stack/tasks/main.yaml deleted file mode 100644 index e30c889..0000000 --- a/capi-lab/roles/cluster-api-provider-metal-stack/tasks/main.yaml +++ /dev/null @@ -1,34 +0,0 @@ ---- -- name: Create namespace - k8s: - definition: - apiVersion: v1 - kind: Namespace - metadata: - name: "{{ cluster_api_provider_metal_stack_namespace }}" - labels: - name: "{{ cluster_api_provider_metal_stack_namespace }}" - -# - name: Deploy capi-operator -# include_role: -# name: ansible-common/roles/helm-chart -# vars: -# helm_repo: "https://kubernetes-sigs.github.io/cluster-api-operator" -# helm_chart: cluster-api-operator -# helm_target_namespace: "{{ cluster_api_provider_metal_stack_namespace }}" -# helm_release_name: capi-operator -# helm_chart_version: "0.14.0" -# helm_value_file_template: "operator-values.yaml" - -# - name: Deploy cap-provider-metal-stack backing resources -# k8s: -# definition: "{{ lookup('file', item) }}" -# namespace: "{{ cluster_api_provider_metal_stack_namespace }}" -# with_fileglob: -# - "{{ playbook_dir }}/../config/crd/bases/*.yaml" -# - "{{ playbook_dir }}/../config/rbac/*_role.yaml" - -# - name: Deploy cap-provider-metal-stack -# k8s: -# definition: "{{ lookup('template', 'controller.yaml') }}" -# namespace: "{{ cluster_api_provider_metal_stack_namespace }}" diff --git a/capi-lab/roles/cluster-api-provider-metal-stack/templates/controller.yaml b/capi-lab/roles/cluster-api-provider-metal-stack/templates/controller.yaml deleted file mode 100644 index 2e843ad..0000000 --- a/capi-lab/roles/cluster-api-provider-metal-stack/templates/controller.yaml +++ /dev/null @@ -1,113 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/name: cluster-api-provider-metal-stack - name: metal-stack-controller-manager ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/name: cluster-api-provider-metal-stack - name: metal-stack-leader-election-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: leader-election-role -subjects: -- kind: ServiceAccount - name: metal-stack-controller-manager - namespace: {{ cluster_api_provider_metal_stack_namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/name: cluster-api-provider-metal-stack - name: metal-stack-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: manager-role -subjects: -- kind: ServiceAccount - name: metal-stack-controller-manager - namespace: {{ cluster_api_provider_metal_stack_namespace }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: metal-api -data: - api-url: "{{ cluster_api_provider_metal_stack_metal_api_url | b64encode }}" - api-hmac: "{{ cluster_api_provider_metal_stack_metal_api_hmac | b64encode }}" ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: metal-stack-controller-manager - labels: - control-plane: metal-stack-controller-manager - app.kubernetes.io/name: cluster-api-provider-metal-stack -spec: - selector: - matchLabels: - control-plane: metal-stack-controller-manager - replicas: 1 - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - control-plane: metal-stack-controller-manager - spec: - serviceAccountName: metal-stack-controller-manager - securityContext: - runAsNonRoot: true - containers: - - command: - - /manager - args: - - --leader-elect - - --health-probe-bind-address=:8081 - image: "{{ cluster_api_provider_metal_stack_controller_image_name }}:{{ cluster_api_provider_metal_stack_controller_image_tag }}" - imagePullPolicy: IfNotPresent - name: manager - env: - - name: METAL_API_URL - valueFrom: - secretKeyRef: - name: metal-api - key: api-url - - name: METAL_API_HMAC - valueFrom: - secretKeyRef: - name: metal-api - key: api-hmac - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - terminationGracePeriodSeconds: 10 diff --git a/capi-lab/roles/cluster-api-provider-metal-stack/templates/operator-values.yaml b/capi-lab/roles/cluster-api-provider-metal-stack/templates/operator-values.yaml deleted file mode 100644 index ed97d53..0000000 --- a/capi-lab/roles/cluster-api-provider-metal-stack/templates/operator-values.yaml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/capi-lab/roles/cluster-api-provider-metal-stack/defaults/main.yaml b/capi-lab/roles/cluster-api/defaults/main.yaml similarity index 92% rename from capi-lab/roles/cluster-api-provider-metal-stack/defaults/main.yaml rename to capi-lab/roles/cluster-api/defaults/main.yaml index 089a462..fda7e56 100644 --- a/capi-lab/roles/cluster-api-provider-metal-stack/defaults/main.yaml +++ b/capi-lab/roles/cluster-api/defaults/main.yaml @@ -1,4 +1,6 @@ --- +cluster_api_version: v1.9.3 + cluster_api_provider_metal_stack_namespace: cap-metal-stack cluster_api_provider_metal_stack_controller_image_name: cap-metal-stack-controller diff --git a/capi-lab/roles/cluster-api/tasks/main.yaml b/capi-lab/roles/cluster-api/tasks/main.yaml new file mode 100644 index 0000000..dda4555 --- /dev/null +++ b/capi-lab/roles/cluster-api/tasks/main.yaml @@ -0,0 +1,22 @@ +--- +- name: Create namespace + k8s: + definition: + apiVersion: v1 + kind: Namespace + metadata: + name: "{{ cluster_api_provider_metal_stack_namespace }}" + labels: + name: "{{ cluster_api_provider_metal_stack_namespace }}" + +- name: Install clusterctl + become: yes + get_url: + url: "https://github.com/kubernetes-sigs/cluster-api/releases/download/{{ cluster_api_version }}/clusterctl-linux-amd64" + dest: /usr/local/bin/clusterctl + mode: '0755' + +- name: Run clusterctl init + command: clusterctl init + environment: + EXP_KUBEADM_BOOTSTRAP_FORMAT_IGNITION: "true"