From 4936e0cc99f4341c1c9748beb55125ba4fe189bb Mon Sep 17 00:00:00 2001 From: Vojtech Mares Date: Wed, 23 Nov 2022 14:04:38 +0100 Subject: [PATCH] feat: add hcloud-cloud-controller-manager - needed for HCloud CSI driver to provide topology labels on nodes, so volumes can be provisioned --- .../apps/hcloud-cloud-controller-manager.yaml | 18 ++++ .../ccm-networks.yaml | 87 +++++++++++++++++++ 2 files changed, 105 insertions(+) create mode 100644 _argocd/apps/hcloud-cloud-controller-manager.yaml create mode 100644 cluster-components/hcloud-cloud-controller-manager/ccm-networks.yaml diff --git a/_argocd/apps/hcloud-cloud-controller-manager.yaml b/_argocd/apps/hcloud-cloud-controller-manager.yaml new file mode 100644 index 0000000..6cf2072 --- /dev/null +++ b/_argocd/apps/hcloud-cloud-controller-manager.yaml @@ -0,0 +1,18 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: hcloud-cloud-controller-manager + namespace: argocd +spec: + destination: + namespace: kube-system + server: https://kubernetes.default.svc + project: default + source: + path: cluster-components/hcloud-cloud-controller-manager + repoURL: https://gitlab.mareshq.com/gitops/mareshq/bee.git + targetRevision: HEAD + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/cluster-components/hcloud-cloud-controller-manager/ccm-networks.yaml b/cluster-components/hcloud-cloud-controller-manager/ccm-networks.yaml new file mode 100644 index 0000000..2903778 --- /dev/null +++ b/cluster-components/hcloud-cloud-controller-manager/ccm-networks.yaml @@ -0,0 +1,87 @@ +# NOTE: this release was tested against kubernetes v1.18.x +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cloud-controller-manager + namespace: kube-system +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: system:cloud-controller-manager +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: + - kind: ServiceAccount + name: cloud-controller-manager + namespace: kube-system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: hcloud-cloud-controller-manager + namespace: kube-system +spec: + replicas: 1 + revisionHistoryLimit: 2 + selector: + matchLabels: + app: hcloud-cloud-controller-manager + template: + metadata: + labels: + app: hcloud-cloud-controller-manager + spec: + serviceAccountName: cloud-controller-manager + dnsPolicy: Default + tolerations: + # this taint is set by all kubelets running `--cloud-provider=external` + # so we should tolerate it to schedule the cloud controller manager + - key: "node.cloudprovider.kubernetes.io/uninitialized" + value: "true" + effect: "NoSchedule" + - key: "CriticalAddonsOnly" + operator: "Exists" + # cloud controller manages should be able to run on masters + - key: "node-role.kubernetes.io/master" + effect: NoSchedule + operator: Exists + - key: "node-role.kubernetes.io/control-plane" + effect: NoSchedule + operator: Exists + - key: "node.kubernetes.io/not-ready" + effect: "NoSchedule" + hostNetwork: true + containers: + - image: hetznercloud/hcloud-cloud-controller-manager:v1.13.2 + name: hcloud-cloud-controller-manager + command: + - "/bin/hcloud-cloud-controller-manager" + - "--cloud-provider=hcloud" + - "--leader-elect=false" + - "--allow-untagged-cloud" + - "--allocate-node-cidrs=true" + - "--cluster-cidr=10.244.0.0/16" + resources: + requests: + cpu: 100m + memory: 50Mi + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: HCLOUD_TOKEN + valueFrom: + secretKeyRef: + name: hcloud + key: token + - name: HCLOUD_NETWORK + valueFrom: + secretKeyRef: + name: hcloud + key: network + priorityClassName: system-cluster-critical