Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expose PublicIp for Node #324

Merged
merged 2 commits into from
Mar 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions controllers/oscmachine_vm_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -437,6 +437,13 @@ func reconcileVm(ctx context.Context, clusterScope *scope.ClusterScope, machineS
Address: *privateIp,
},
)
// Expose Public IP if one is set
if publicIp, ok := vm.GetPublicIpOk(); ok {
addresses = append(addresses, corev1.NodeAddress{
Type: corev1.NodeExternalIP,
Address: *publicIp,
})
}
machineScope.SetAddresses(addresses)
err = vmSvc.AddCcmTag(clusterName, *privateDnsName, vmId)
if err != nil {
Expand Down
11 changes: 5 additions & 6 deletions example/rke2/ccm-rke2.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@ metadata:
name: osc-secret
namespace: kube-system
stringData:
key_id: OSC_ACCESS_KEY
access_key: OSC_SECRET_KEY
key_id: OSC_ACCESS_KEY
access_key: OSC_SECRET_KEY
aws_default_region: eu-west-2
aws_availability_zones: MY_AWS_AVAILABILITY_ZONES
osc_account_id: MY_OSC_ACCOUNT_ID
Expand All @@ -26,8 +26,7 @@ spec:
valuesContent: |-
tolerations:
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
operator: Exists
effect: NoSchedule
operator: Exists
- key: node-role.kubernetes.io/etcd
effect: NoExecute

effect: NoExecute
15 changes: 14 additions & 1 deletion example/rke2/image-builder/script/bootstrap.sh
Original file line number Diff line number Diff line change
@@ -1,4 +1,17 @@
#!/usr/bin/env bash
#!/bin/bash
# Copyright 2022 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -o errexit
set -o nounset
set -o pipefail
Expand Down
32 changes: 15 additions & 17 deletions example/rke2/osc-rke2-clusterctl.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@

apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
Expand All @@ -12,7 +11,7 @@ spec:
clusterNetwork:
pods:
cidrBlocks:
- 192.168.0.0/16
- 192.168.0.0/16
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1beta1
kind: RKE2ControlPlane
Expand Down Expand Up @@ -96,7 +95,7 @@ spec:
- name: rke2-osc-securitygrouprule-api-kubelet-kw
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.3.0/24"
fromPortRange: 10250
toPortRange: 10250
Expand All @@ -115,21 +114,21 @@ spec:
- name: rke2-osc-securitygrouprule-api-kubelet-kcp
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.4.0/24"
fromPortRange: 10250
toPortRange: 10250
- name: rke2-osc-securitygrouprule-kcp-nodeip-kw
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.3.0/24"
fromPortRange: 30000
toPortRange: 32767
- name: rke2-osc-securitygrouprule-kcp-nodeip-kcp
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.4.0/24"
fromPortRange: 30000
toPortRange: 32767
Expand Down Expand Up @@ -157,28 +156,28 @@ spec:
- name: rke2-osc-securitygrouprule-api-kw
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.3.0/24"
fromPortRange: 6443
toPortRange: 6443
- name: rke2-osc-securitygrouprule-api-kcp
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.4.0/24"
fromPortRange: 6443
toPortRange: 6443
- name: rke2-osc-securitygrouprule-etcd
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.4.0/24"
fromPortRange: 2378
toPortRange: 2381
- name: rke2-osc-securitygrouprule-kubelet-kcp
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.4.0/24"
fromPortRange: 10250
toPortRange: 10252
Expand All @@ -191,14 +190,14 @@ spec:
- name: rke2-osc-securitygrouprule-kw-nodeip-kw
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.3.0/24"
fromPortRange: 30000
toPortRange: 32767
- name: rke2-osc-securitygrouprule-kw-nodeip-kcp
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "10.0.4.0/24"
fromPortRange: 30000
toPortRange: 32767
Expand All @@ -208,7 +207,7 @@ spec:
- name: rke2-osc-securitygrouprule-lb
flow: Inbound
ipProtocol: tcp
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
# IpRange to authorize access to kubernetes endpoints (kube-apiserver), you must keep it and change it with a CIDR that best suits with your environment.
ipRange: "0.0.0.0/0"
fromPortRange: 6443
toPortRange: 6443
Expand Down Expand Up @@ -273,7 +272,7 @@ spec:
name: rke2-osc-control-plane
nodeDrainTimeout: 2m
preRKE2Commands:
- sudo hostnamectl set-hostname $(curl -s http://169.254.169.254/1.0/meta-data/hostname)
- sudo hostnamectl set-hostname $(curl -s http://169.254.169.254/1.0/meta-data/hostname)
replicas: 1
serverConfig:
cloudProviderName: external
Expand All @@ -290,7 +289,7 @@ spec:
node:
clusterName: rke2-osc
image:
name: ubuntu-2204-2204-rke2-v1.27.9-rke2r1
name: ubuntu-2204-2204-rke2-v1.27.9-rke2r1
keypair:
name: rke2-osc
deleteKeypair: false
Expand Down Expand Up @@ -376,7 +375,6 @@ spec:
template:
spec:
preRKE2Commands:
- sudo hostnamectl set-hostname $(curl -s http://169.254.169.254/1.0/meta-data/hostname)
- sudo hostnamectl set-hostname $(curl -s http://169.254.169.254/1.0/meta-data/hostname)
agentConfig:
version: v1.27.9+rke2r1

Loading