K0sctl cloud oracle
Remember:
-
add http_proxy and https_proxy to the environment
-
add no_proxy to the environment
-
add privateInterface and privateAddress to the host if needed
-
ensure that there is default route on interface
apiVersion: k0sctl.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: k0s-cluster
spec:
hosts:
- ssh:
address: 10.0.0.5
user: root
port: 44662
keyPath: /root/.ssh/id_ed25519
role: controller
- ssh:
address: 10.0.0.130
user: root
port: 44662
keyPath: /root/.ssh/id_ed25519
role: controller
- ssh:
address: 10.0.0.135
user: root
port: 44662
keyPath: /root/.ssh/id_ed25519
role: controller
- ssh:
address: 10.0.0.10
user: root
port: 44662
keyPath: /root/.ssh/id_ed25519
role: worker
- ssh:
address: 10.0.0.140
user: root
port: 44662
keyPath: /root/.ssh/id_ed25519
role: worker
# - ssh:
# address: 10.0.0.210
# user: root
# port: 44662
# keyPath: /root/.ssh/id_ed25519
# role: worker
- ssh:
address: 10.0.0.220
user: root
port: 44662
keyPath: /root/.ssh/id_ed25519
role: worker
k0s:
version: 1.32.1+k0s.0
dynamicConfig: false
config:
apiVersion: k0s.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: k0s-cluster0
spec:
api:
# address: 10.0.0.5
# externalAddress: 10.0.0.30
k0sApiPort: 9443
port: 6443
sans:
- 10.0.0.5
- 10.0.0.10
- 10.0.0.140
- 10.0.0.210
- 10.0.0.220
- 10.0.0.130
- 10.0.0.135
- <other external ips>
- 127.0.0.1
extraArgs:
default-not-ready-toleration-seconds: "50"
default-unreachable-toleration-seconds: "50"
controllerManager:
extraArgs:
node-monitor-grace-period: 20s
node-monitor-period: 2s
installConfig:
users:
etcdUser: etcd
kineUser: kube-apiserver
konnectivityUser: konnectivity-server
kubeAPIserverUser: kube-apiserver
kubeSchedulerUser: kube-scheduler
konnectivity:
adminPort: 8133
agentPort: 8132
network:
kubeProxy:
disabled: false
mode: iptables
nodeLocalLoadBalancing:
enabled: true
type: EnvoyProxy
kuberouter:
autoMTU: true
mtu: 0
peerRouterASNs: ""
peerRouterIPs: ""
podCIDR: 10.244.0.0/16
provider: kuberouter
serviceCIDR: 10.96.0.0/12
clusterDomain: cluster.local
dualStack:
enabled: false
podSecurityPolicy:
defaultPolicy: 00-k0s-privileged
storage:
type: etcd
telemetry:
enabled: false
extensions:
helm:
repositories:
- name: stable
url: https://charts.helm.sh/stable
- name: bitnami
url: https://charts.bitnami.com/bitnami
- name: traefik
url: https://traefik.github.io/charts
- name: longhorn
url: https://charts.longhorn.io
- name: jetstack
url: https://charts.jetstack.io
- name: descheduler
url: https://kubernetes-sigs.github.io/descheduler/
- name: filebrowse
url: https://utkuozdemir.org/helm-charts
#- name: metallb
# url: https://metallb.github.io/metallb
charts:
#- name: traefik
# chartname: traefik/traefik
# version: "24.0.0"
# namespace: kube-system
# values: |
# deployment:
# replicas: 3
#- name: longhorn
# chartname: longhorn/longhorn
# version: "1.4.2"
# namespace: longhorn-system
#- name: cert-manager
# chartname: jetstack/cert-manager
# version: "1.13"
# namespace: cert-manager
#- name: descheduler
# chartname: descheduler/descheduler
# version: "0.28.0"
# namespace: kube-system
#- name: filebrowse
# chartname: utkuozdemir/filebrowser
# version: 1.0.0
# namespace: default
#- name: metallb
# chartname: metallb/metallb
# #version: "4.5.6"
# namespace: metallb-system