Skip to content

Instantly share code, notes, and snippets.

@purwandi

purwandi/k0sctl-config.yaml

Last active October 7, 2022 17:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save purwandi/c71d713c9dbc00d6b5a80a97b43f65bb to your computer and use it in GitHub Desktop.
Save purwandi/c71d713c9dbc00d6b5a80a97b43f65bb to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
cat > grub <<'EOF'
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
# For full documentation of the options in this file, see:
# info -f grub -n 'Simple configuration'
EOF
sudo mv grub /etc/default/grub
Raw
k0sctl-config.yaml
apiVersion: k0sctl.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: k0s-cluster
spec:
hosts:
- ssh:
address: 165.22.56.253
user: root
keyPath: /Users/purwandi/.ssh/id_rsa
role: controller
privateAddress: 10.130.0.2
installFlags:
- --taints
- ssh:
address: 165.22.56.253
user: root
keyPath: /Users/purwandi/.ssh/id_rsa
role: controller
privateAddress: 10.130.0.2
# uploadBinary: true
# k0sBinaryPath: /usr/local/bin/1.23.8/k0s-v1.23.8+k0s.0-amd64
# files:
# - name: image-bundle
# src: ./1.23.8/k0s-airgap-bundle-v1.23.8+k0s.0-amd64
# dstDir: /var/lib/k0s/images/
# perm: 0711
# - name: k0s-ctl
# src: ./1.23.8/k0s-v1.23.8+k0s.0-amd64
# dstDir: /usr/local/bin/
# perm: 0711
- ssh:
address: 157.245.53.246
user: root
role: worker
privateAddress: 10.130.0.3
installFlags:
- --labels="node.k0sproject.io/role=infra"
- ssh:
address: 157.245.61.88
user: root
role: worker
privateAddress: 10.130.0.4
installFlags:
- --labels="node.k0sproject.io/role=infra"
- ssh:
address: 157.245.52.23
user: root
role: worker
privateAddress: 10.130.0.5
installFlags:
- --labels="node.k0sproject.io/role=worker"
- ssh:
address: 157.245.52.140
user: root
role: worker
privateAddress: 10.130.0.6
installFlags:
- --labels="node.k0sproject.io/role=worker"
- ssh:
address: 157.245.52.174
user: root
role: worker
privateAddress: 10.130.0.7
installFlags:
- --labels="node.k0sproject.io/role=worker"
k0s:
version: v1.24.2+k0s.0
# version: v1.23.8+k0s.0
config:
apiVersion: k0s.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: my-k0s-cluster
spec:
api:
address: 165.22.56.253
sans:
- 165.22.56.253
- 10.130.0.2
extraArgs:
service-node-port-range: 30000-32767
# podSecurityPolicy:
# defaultPolicy: 00-k0s-privileged
# defaultPolicy: 99-k0s-restricted
telemetry:
enabled: false
network:
# podCIDR: 10.244.0.0/16
serviceCIDR: 10.96.0.0/16
provider: custom
kubeProxy:
disabled: true
extensions:
helm:
repositories:
- name: cilium
url: https://helm.cilium.io
charts:
- name: cilium
chartname: cilium/cilium
version: "1.12.0"
namespace: kube-system
values: |
kubeProxyReplacement: "strict"
k8sServiceHost: 165.22.56.253
k8sServicePort: 6443
containerRuntime:
integration: containerd
global:
encryption:
enabled: true
nodeEncryption: true
operator:
replicas: 1
hubble:
relay:
enabled: true
ui:
enabled: true
ipam:
# -- Configure IP Address Management mode.
# ref: https://docs.cilium.io/en/stable/concepts/networking/ipam/
mode: "cluster-pool"
operator:
# -- Deprecated in favor of ipam.operator.clusterPoolIPv4PodCIDRList.
# IPv4 CIDR range to delegate to individual nodes for IPAM.
clusterPoolIPv4PodCIDRList:
- "10.244.0.0/16"
Raw
nginx.conf
## tcp LB and SSL passthrough for backend ##
stream {
upstream master_servers {
server 192.168.122.11:6443 max_fails=3 fail_timeout=10s;
server 192.168.122.12:6443 max_fails=3 fail_timeout=10s;
}
log_format basic '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
access_log /var/log/nginx/access.log basic;
error_log /var/log/nginx/error.log;
server {
listen 6443;
proxy_pass master_servers;
proxy_next_upstream on;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment