K0sctl + XCP-ng proxy
Remember:
-
add http_proxy and https_proxy to the environment
-
add no_proxy to the environment
-
add privateInterface and privateAddress to the host if needed
-
ensure that there is default route on interface
apiVersion: k0sctl.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: k0s-cluster
spec:
hosts:
- ssh:
address: 10.0.0.1
user: root
port: 22
keyPath: /root/.ssh/id_ed25519
role: controller
#privateInterface: enX0
#privateAddress: 10.0.0.1
environment:
HTTP_PROXY: "http://<proxy>:8080"
HTTPS_PROXY: "http://<proxy>:8080"
NO_PROXY: "localhost,127.0.0.1,<cluster network>,10.244.0.0/16,10.96.0.0/12"
- ssh:
address: 10.0.0.2
user: root
port: 22
keyPath: /root/.ssh/id_ed25519
role: controller
#privateInterface: enX0
#privateAddress: 10.0.0.2
environment:
HTTP_PROXY: "http://<proxy>:8080"
HTTPS_PROXY: "http://<proxy>:8080"
NO_PROXY: "localhost,127.0.0.1,<cluster network>,10.244.0.0/16,10.96.0.0/12"
- ssh:
address: 10.0.0.3
user: root
port: 22
keyPath: /root/.ssh/id_ed25519
role: controller
#privateInterface: enX0
#privateAddress: 10.0.0.3
environment:
HTTP_PROXY: "http://<proxy>:8080"
HTTPS_PROXY: "http://<proxy>:8080"
NO_PROXY: "localhost,127.0.0.1,<cluster network>,10.244.0.0/16,10.96.0.0/12"
- ssh:
address: 10.0.0.4
user: root
port: 22
keyPath: /root/.ssh/id_ed25519
role: worker
#privateInterface: enX0
#privateAddress: 10.0.0.4
environment:
HTTP_PROXY: "http://<proxy>:8080"
HTTPS_PROXY: "http://<proxy>:8080"
NO_PROXY: "localhost,127.0.0.1,<cluster network>,10.244.0.0/16,10.96.0.0/12"
- ssh:
address: 10.0.0.5
user: root
port: 22
keyPath: /root/.ssh/id_ed25519
role: worker
#privateInterface: enX0
#privateAddress: 10.0.0.5
environment:
HTTP_PROXY: "http://<proxy>:8080"
HTTPS_PROXY: "http://<proxy>:8080"
NO_PROXY: "localhost,127.0.0.1,<cluster network>,10.244.0.0/16,10.96.0.0/12"
- ssh:
address: 10.0.0.6
user: root
port: 22
keyPath: /root/.ssh/id_ed25519
role: worker
#privateInterface: enX0
#privateAddress: 10.0.0.6
environment:
HTTP_PROXY: "http://<proxy>:8080"
HTTPS_PROXY: "http://<proxy>:8080"
NO_PROXY: "localhost,127.0.0.1,<cluster network>,10.244.0.0/16,10.96.0.0/12"
k0s:
version: 1.32.3+k0s.0
dynamicConfig: false
config:
apiVersion: k0s.k0sproject.io/v1beta1
kind: Cluster
metadata:
name: k0s-xcp-cluster0
spec:
api:
#address: 10.0.0.32
#onlyBindToAddress: true
# externalAddress: 10.0.0.30
k0sApiPort: 9443
port: 6443
sans:
- 127.0.0.1
- 10.0.0.1
- 10.0.0.2
- 10.0.0.3
- 10.0.0.4
- 10.0.0.5
- 10.0.0.6
extraArgs:
default-not-ready-toleration-seconds: "50"
default-unreachable-toleration-seconds: "50"
controllerManager:
extraArgs:
node-monitor-grace-period: 20s
node-monitor-period: 2s
installConfig:
users:
etcdUser: etcd
kineUser: kube-apiserver
konnectivityUser: konnectivity-server
kubeAPIserverUser: kube-apiserver
kubeSchedulerUser: kube-scheduler
konnectivity:
adminPort: 8133
agentPort: 8132
network:
kubeProxy:
disabled: false
mode: iptables
nodeLocalLoadBalancing:
enabled: true
type: EnvoyProxy
kuberouter:
autoMTU: true
mtu: 0
peerRouterASNs: ""
peerRouterIPs: ""
podCIDR: 10.244.0.0/16
provider: kuberouter
serviceCIDR: 10.96.0.0/12
clusterDomain: cluster.local
dualStack:
enabled: false
podSecurityPolicy:
defaultPolicy: 00-k0s-privileged
storage:
type: etcd
telemetry:
enabled: false
extensions:
helm:
repositories:
- name: stable
url: https://charts.helm.sh/stable
- name: bitnami
url: https://charts.bitnami.com/bitnami
- name: traefik
url: https://traefik.github.io/charts
- name: longhorn
url: https://charts.longhorn.io
- name: jetstack
url: https://charts.jetstack.io
- name: descheduler
url: https://kubernetes-sigs.github.io/descheduler/
- name: filebrowse
url: https://utkuozdemir.org/helm-charts
charts: