diff options
| author | Patrick Spek <p.spek@tyil.nl> | 2024-06-24 19:18:19 +0200 |
|---|---|---|
| committer | Patrick Spek <p.spek@tyil.nl> | 2024-06-24 19:18:19 +0200 |
| commit | b28c5b851a6d59b86f596310794d0b8fd718fb5a (patch) | |
| tree | 84249ae4cbda20de01586da23218051a04c146cb | |
| parent | 81bc1fdb032f4a4afacca94275a3948f9cb17722 (diff) | |
Another attempt at dual-stack k3s
| -rw-r--r-- | defaults | 9 | ||||
| -rw-r--r-- | hosts.d/nouki.tyil.net | 1 | ||||
| -rw-r--r-- | hosts.d/oolah.tyil.net | 1 | ||||
| -rw-r--r-- | hosts.d/qohrei.tyil.net | 1 | ||||
| -rw-r--r-- | hosts.d/ricui.tyil.net | 1 | ||||
| -rw-r--r-- | playbooks.d/k3s-master/playbook.bash | 1 | ||||
| -rw-r--r-- | playbooks.d/k3s-node/playbook.bash | 1 |
7 files changed, 10 insertions, 5 deletions
@@ -11,23 +11,22 @@ dns.upstream.4=2001:470:71:6dc::53 etc-nixos.path=/etc/nixos etc-portage.path=/etc/portage k3s-master.bind-address&=k3s-node.bind-address -k3s-master.cluster-cidr=172.28.0.0/16 +k3s-master.cluster-cidr=fd00:8::0/48,172.28.0.0/16 k3s-master.cluster-domain=k3s.tyil.nl k3s-master.external-ip&=k3s-node.internal-ip k3s-master.flannel-iface&=k3s-node.flannel-iface k3s-master.internal-ip&=k3s-node.internal-ip -k3s-master.service-cidr=172.25.0.0/16 +k3s-master.service-cidr=fd00:5::0/108,172.25.0.0/16 k3s-master.service-node-port-min=1025 -k3s-node.bind-address&=vpn-tinc.ipv4 +k3s-node.bind-address&=vpn-tinc.ipv6 k3s-node.cluster-cidr&=k3s-master.cluster-cidr k3s-node.cluster-domain&=k3s-master.cluster-domain k3s-node.cluster-domain=k3s.tyil.nl -k3s-node.entry.host=10.57.1.6 +k3s-node.entry.host=[fd68:1057:1992:3381:0:1:3317:1] k3s-node.flannel-iface&=vpn-tinc.name k3s-node.external-ip&=k3s-node.internal-ip k3s-node.role=agent k3s-node.service-cidr&=k3s-master.service-cidr -k3s-node.internal-ip&=vpn-tinc.ipv4 nftables.input.icmp.ipv4.policy=accept nftables.input.icmp.ipv4.rate=2/second nftables.input.icmp.ipv6.policy=accept diff --git a/hosts.d/nouki.tyil.net b/hosts.d/nouki.tyil.net index cefffc2..bd0f098 100644 --- a/hosts.d/nouki.tyil.net +++ b/hosts.d/nouki.tyil.net @@ -1,3 +1,4 @@ +k3s-node.internal-ip=fd68:1057:1992:3381:0:2:3317:1,10.57.2.1 k3s-node.role=server meta.provider=self vpn-tinc.ipv4=10.57.2.1 diff --git a/hosts.d/oolah.tyil.net b/hosts.d/oolah.tyil.net index 17a3bc1..a70c3b0 100644 --- a/hosts.d/oolah.tyil.net +++ b/hosts.d/oolah.tyil.net @@ -1,4 +1,5 @@ k3s-node.role=server +k3s-node.internal-ip=fd68:1057:1992:3381:0:1:3317:1,10.57.1.1 meta.provider=self vpn-tinc.ipv4=10.57.1.1 vpn-tinc.ipv6=fd68:1057:1992:3381:0:1:3317:1 diff --git a/hosts.d/qohrei.tyil.net b/hosts.d/qohrei.tyil.net index 8a2f990..cbbf444 100644 --- a/hosts.d/qohrei.tyil.net +++ b/hosts.d/qohrei.tyil.net @@ -1,3 +1,4 @@ +k3s-node.internal-ip=fd68:1057:1992:3381:0:1:1:3,10.57.1.6 k3s-node.role=server meta.provider=hetzner nftables.input.interfaces.cilium*.policy=accept diff --git a/hosts.d/ricui.tyil.net b/hosts.d/ricui.tyil.net index fb1eb76..9c4c8b5 100644 --- a/hosts.d/ricui.tyil.net +++ b/hosts.d/ricui.tyil.net @@ -1,3 +1,4 @@ +k3s-node.internal-ip=fd68:1057:1992:3381:0:1:1:4,10.57.1.7 meta.provider=hetzner nftables.input.interfaces.cilium*.policy=accept nftables.input.interfaces.lxc*.policy=accept diff --git a/playbooks.d/k3s-master/playbook.bash b/playbooks.d/k3s-master/playbook.bash index f19fe8c..30f6e4a 100644 --- a/playbooks.d/k3s-master/playbook.bash +++ b/playbooks.d/k3s-master/playbook.bash @@ -11,6 +11,7 @@ playbook_add() { node-ip: "$(config "$BASHTARD_PLAYBOOK.internal-ip" "127.0.0.1")" bind-address: "$(config "$BASHTARD_PLAYBOOK.bind-address" "0.0.0.0")" flannel-backend: wireguard-native + flannel-ipv6-masq: true cluster-cidr: "$(config "$BASHTARD_PLAYBOOK.cluster-cidr" "172.19.0.0/16")" cluster-domain: "$(config "$BASHTARD_PLAYBOOK.cluster-domain" "cluster.local")" service-cidr: "$(config "$BASHTARD_PLAYBOOK.service-cidr" "172.20.0.0/16")" diff --git a/playbooks.d/k3s-node/playbook.bash b/playbooks.d/k3s-node/playbook.bash index e5eb2a6..0cf54c2 100644 --- a/playbooks.d/k3s-node/playbook.bash +++ b/playbooks.d/k3s-node/playbook.bash @@ -60,6 +60,7 @@ playbook_add() { cluster-cidr: "$(config "$BASHTARD_PLAYBOOK.cluster-cidr" "172.19.0.0/16")" cluster-domain: "$(config "$BASHTARD_PLAYBOOK.cluster-domain" "cluster.local")" flannel-backend: wireguard-native + flannel-ipv6-masq: true service-cidr: "$(config "$BASHTARD_PLAYBOOK.service-cidr" "172.20.0.0/16")" service-node-port-range: "$(config "$BASHTARD_PLAYBOOK.service-node-port-min" "30000")-$(config "$BASHTARD_PLAYBOOK.service-node-port-max" "32767")" disable: |