update kube-vip to 0.3.8

Signed-off-by: Marques Johansson <[email protected]>
equinix · Sep 30, 2021 · 7a79b76 · 7a79b76
1 parent dcc5798
commit 7a79b76
Show file tree

Hide file tree

Showing 8 changed files with 40 additions and 38 deletions.
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/README.md b/README.md
@@ -182,10 +182,9 @@ A complete list of variables can be found at <https://registry.terraform.io/modu
 |     gcp_keys_path      | string  |             n/a             | The path to a directory with GCP service account keys   |
 |        bgp_asn         | string  |            65000            | BGP ASN to peer with Equinix Metal                      |
 |      ccm_version       | string  |           v2.0.0            | The version of the Equinix Metal CCM                    |
-|    kube_vip_version    | string  |            0.2.3            | The version of Kube-VIP to install                      |
+|    kube_vip_version    | string  |            0.3.8            | The version of Kube-VIP to install                      |
 |     anthos_version     | string  |            1.7.0            | The version of Google Anthos to install                 |
 |     ccm_deploy_url     | string  | **Too Long to put here...** | The deploy url for the Equinix Metal CCM                |
-| kube_vip_daemonset_url | string  | **Too Long to put here...** | The deploy url for the Kube-VIP Daemonset               |
 |    storage_provider    | string  |             n/a             | Enable a Storage module (examples: "portworx", "rook")  |
 |    storage_options     |   map   |             n/a             | Options specific to the storage module                  |
 

diff --git a/gcp-service-accts.tf b/gcp-service-accts.tf
@@ -59,8 +59,8 @@ resource "google_project_iam_member" "cloud_ops_sa_role_metricwriter" {
 }
 
 resource "google_project_iam_member" "cloud_ops_sa_role_resourcewriter" {
-  count = local.sa_count
-  role  = "roles/stackdriver.resourceMetadata.writer"
+  count  = local.sa_count
+  role   = "roles/stackdriver.resourceMetadata.writer"
   member = format("%s:%s", local.sa_text, google_service_account.cloud_ops_sa[count.index].email)
 }
 

diff --git a/main.tf b/main.tf
@@ -381,6 +381,9 @@ resource "null_resource" "install_ccm" {
 
 data "template_file" "kube_vip_ds" {
   template = file("${path.module}/templates/kube_vip_ds.yaml")
+  vars = {
+    kube_vip_ver = var.kube_vip_version
+  }
 }
 
 resource "null_resource" "install_kube_vip_daemonset" {

diff --git a/templates/ccm_secret.yaml b/templates/ccm_secret.yaml
@@ -8,7 +8,8 @@ stringData:
   cloud-sa.json: |
     {
       "apiKey": "${auth_token}",
-      "projectID": "${project_id}"
+      "projectID": "${project_id}",
+      "loadbalancer": "kube-vip://"
     }
 
 # This is just to get Kube-Vip working again... We should fix this soon
@@ -22,5 +23,6 @@ stringData:
   cloud-sa.json: |
     {
       "apiKey": "${auth_token}",
-      "projectID": "${project_id}"
+      "projectID": "${project_id}",
+      "loadbalancer": "kube-vip://"
     }
diff --git a/templates/kube_vip_ds.yaml b/templates/kube_vip_ds.yaml
@@ -64,7 +64,7 @@ spec:
           value: "true"
         - name: bgp_enable
           value: "true"
-        image: plndr/kube-vip:0.2.3
+        image: ghcr.io/kube-vip/kube-vip:v${kube_vip_ver}
         imagePullPolicy: Always
         name: kube-vip
         resources: {}

diff --git a/templates/kube_vip_install.sh b/templates/kube_vip_install.sh
@@ -4,8 +4,8 @@ export EIP='${eip}'
 KUBE_VIP_VER='${kube_vip_ver}'
 CLUSTER_NAME='${cluster_name}'
 COUNT='${count}'
-PACKET_API_KEY='${auth_token}'
-PACKET_PROJECT_ID='${project_id}'
+METAL_API_KEY='${auth_token}'
+METAL_PROJECT_ID='${project_id}'
 GREEN='\033[0;32m' # Color green
 YELLOW='\033[0;33m' # Color green
 NC='\033[0m' # No Color
@@ -26,18 +26,16 @@ function wait_for_path() {
 }
 
 function gen_kube_vip () {
-    sudo docker run --network host --rm plndr/kube-vip:$KUBE_VIP_VER manifest pod \
+    sudo docker run --network host --rm ghcr.io/kube-vip/kube-vip:v$KUBE_VIP_VER manifest pod \
 	--interface lo \
 	--vip $EIP \
 	--port 6444 \
-        --controlplane \
+	--controlplane \
 	--bgp \
-	--packet \
-	--packetKey $PACKET_API_KEY \
-        --packetProjectID $PACKET_PROJECT_ID \
+	--metal \
+	--metalKey $METAL_API_KEY \
+        --metalProjectID $METAL_PROJECT_ID \
         | sudo tee /root/bootstrap/vip.yaml
-    # Hack until manifest doesn't include this path
-    sed  -i "/\/etc\/ssl\/certs/,+2 d" /root/bootstrap/vip.yaml
 }
 
 function wait_for_docker () {

diff --git a/variables.tf b/variables.tf
@@ -112,7 +112,7 @@ variable "ccm_version" {
 
 variable "kube_vip_version" {
   type        = string
-  default     = "0.2.3"
+  default     = "0.3.8"
   description = "The version of Kube-VIP to use"
 }
 
@@ -122,12 +122,6 @@ variable "anthos_version" {
   description = "The version of Google Anthos to install"
 }
 
-variable "kube_vip_daemonset_url" {
-  type        = string
-  default     = "https://raw.githubusercontent.com/kube-vip/kube-vip/v0.3.8/docs/manifests/kube-vip-em.yaml"
-  description = "The deploy url for the Kube-VIP Daemonset"
-}
-
 variable "storage_module" {
   type        = string
   description = "The name of the storage module to enable. If set, use storage_options."