From a059ed7ade733540bb55bd826e8b3388456246e0 Mon Sep 17 00:00:00 2001 From: Mattanja Kern Date: Fri, 17 Mar 2023 13:58:09 +0100 Subject: [PATCH 1/2] Set allow_scheduling_on_control_plane before using it Before this, the label exclude-from-external-load-balancers is set to true on control planes even if allow_scheduling_on_control_plane is set to true in the kube.tf file. --- locals.tf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/locals.tf b/locals.tf index ad937004..4b35cbee 100644 --- a/locals.tf +++ b/locals.tf @@ -103,9 +103,8 @@ locals { # Default k3s node labels default_agent_labels = concat([], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []) - default_control_plane_labels = concat(["node.kubernetes.io/exclude-from-external-load-balancers=${local.allow_scheduling_on_control_plane ? "true" : "false"}"], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []) - allow_scheduling_on_control_plane = (local.is_single_node_cluster || local.using_klipper_lb) ? true : var.allow_scheduling_on_control_plane + default_control_plane_labels = concat(["node.kubernetes.io/exclude-from-external-load-balancers=${local.allow_scheduling_on_control_plane ? "true" : "false"}"], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []) # Default k3s node taints default_control_plane_taints = concat([], local.allow_scheduling_on_control_plane ? [] : ["node-role.kubernetes.io/control-plane:NoSchedule"]) From f16960ac658269304ece184f56f0fbb7762071dd Mon Sep 17 00:00:00 2001 From: Mattanja Kern Date: Fri, 17 Mar 2023 14:35:01 +0100 Subject: [PATCH 2/2] Invert condition for exclude-from-external-load-balancers --- locals.tf | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/locals.tf b/locals.tf index 4b35cbee..79e10d8d 100644 --- a/locals.tf +++ b/locals.tf @@ -101,10 +101,14 @@ locals { # disable k3s extras disable_extras = concat(["local-storage"], local.using_klipper_lb ? [] : ["servicelb"], ["traefik"], var.enable_metrics_server ? [] : ["metrics-server"]) + # Determine if scheduling should be allowed on control plane nodes, which will be always true for single node clusters and clusters using the klipper lb or if scheduling is allowed on control plane nodes + allow_scheduling_on_control_plane = (local.is_single_node_cluster || local.using_klipper_lb) ? true : var.allow_scheduling_on_control_plane + # Determine if loadbalancer target should be allowed on control plane nodes, which will be always true for single node clusters or if scheduling is allowed on control plane nodes + allow_loadbalancer_target_on_control_plane = local.is_single_node_cluster ? true : var.allow_scheduling_on_control_plane + # Default k3s node labels default_agent_labels = concat([], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []) - allow_scheduling_on_control_plane = (local.is_single_node_cluster || local.using_klipper_lb) ? true : var.allow_scheduling_on_control_plane - default_control_plane_labels = concat(["node.kubernetes.io/exclude-from-external-load-balancers=${local.allow_scheduling_on_control_plane ? "true" : "false"}"], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []) + default_control_plane_labels = concat(["node.kubernetes.io/exclude-from-external-load-balancers=${local.allow_loadbalancer_target_on_control_plane ? "false" : "true"}"], var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []) # Default k3s node taints default_control_plane_taints = concat([], local.allow_scheduling_on_control_plane ? [] : ["node-role.kubernetes.io/control-plane:NoSchedule"])