-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provision cluster and bootstrap flux #6
Conversation
infrastructure/equinix-metal/ansible-playbooks/main-playbook.yml
Outdated
Show resolved
Hide resolved
@nikimanoledaki has now access to add repo secrets |
5a04d38
to
39e86f2
Compare
I'm going to pre-empt a review comment already - could you enable GPG so that signed commits are verified and then rebase, please? Thank you! |
I am using gpg keys but not sure why its not giving a verified tag in every commit? |
I'm also using gpg keys so not sure either. This is still blocked on the S3 bucket but we're getting closer. Once access is sorted will rebase or even create a new branch and cherry pick to have cleaner history. |
Yes, nearly there! 🤞 Ross, cp sounds good 👍 |
c770503
to
e632666
Compare
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com> Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> * Provision cluster with OpenTofu Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com> * feat: Remove ansible and add worker node Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com> * fix: Add -enable to tofu init Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com> * fix: User data * first iteration adding k3s for k8s clusters bootstrap todo: need to test the script Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> * comment to point out where is the kubeconfig Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> * added var for k3s.version Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> * removed deps for k3s agent token to use terraform/random NOTE: value will be added via env vars Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> --------- Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com> Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> Co-authored-by: Ross Fairbanks <ross@rossfairbanks.com> Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
workerplane vm depend on controlplane vm's k3s.service to be running Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
used cilium cli Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>
Co-authored-by: Ross Fairbanks <ross@rossfairbanks.com> Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
e632666
to
773d51f
Compare
@nikimanoledaki @dipankardas011 I've rebased and edited all commits so they are signed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice ready for merge 👍🏼
Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> now kepler serviceMonitor is visible to promtheus Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> removed the kube-prometheus fluxcd manifest refer pr cncf-tags#12 Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> refactored the comments in the manifest Signed-off-by: Dipankar Das <dipankardas0115@gmail.com> Co-authored-by: Ross Fairbanks <rossf7@users.noreply.github.com> Co-authored-by: Niki Manoledaki <niki.manoledaki@grafana.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
I made some "final final" changes and renamed some of the vars. The PR description is updated with the new secret names. Just needs the S3 bucket and then the secrets can be added and this can be merged. |
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: nikimanoledaki <niki.manoledaki@grafana.com>
Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>
used this https://raw.githubusercontent.com/sustainable-computing-io/kepler/main/grafana-dashboards/Kepler-Exporter.json Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>
Signed-off-by: Dipankar Das <dipankardas0115@gmail.com>
Signed-off-by: Antonio Di Turi <anto.dituri@gmail.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Signed-off-by: nikimanoledaki <niki.manoledaki@grafana.com>
Signed-off-by: nikimanoledaki <niki.manoledaki@grafana.com>
Signed-off-by: nikimanoledaki <niki.manoledaki@grafana.com>
Signed-off-by: nikimanoledaki <niki.manoledaki@grafana.com>
Signed-off-by: Ross Fairbanks <ross@rossfairbanks.com>
Going to create a fresh branch and cp to clean the history a bit. Please ignore for now. 🙏 |
Closing in favor of #28 |
This is provisions the Equinix infra using OpenTofu and K3s and bootstraps Flux.
These secrets need to be added to the repo.
AWS_ACCESS_KEY_ID
for S3 bucket to store stateAWS_SECRET_ACCESS_KEY
EQUINIX_AUTH_TOKEN
the Equinix project API keyEQUINIX_PROJECT_ID
the Equinix project IDFLUX_GITHUB_TOKEN
the GitHub token used to bootstrap FluxK3S_TOKEN
the K3s token for joining nodesSSH_PUBLIC_KEY
added as an Equinix project SSH keySSH_PRIVATE_KEY
needed so tofu can access nodesIssue