From 2c7fb752542f1f2f2f5af05ffc032b9e81e86e60 Mon Sep 17 00:00:00 2001 From: Roman Hros Date: Tue, 10 Sep 2024 10:22:11 +0200 Subject: [PATCH 1/2] Add managedSubnets only for non-kube-vip apiserver_loadbalancer Signed-off-by: Roman Hros --- .../scs/cluster-class/templates/cluster-class.yaml | 2 +- .../cluster-class/templates/openstack-cluster-template.yaml | 6 ------ providers/openstack/scs/cluster-class/values.yaml | 4 ---- 3 files changed, 1 insertion(+), 11 deletions(-) diff --git a/providers/openstack/scs/cluster-class/templates/cluster-class.yaml b/providers/openstack/scs/cluster-class/templates/cluster-class.yaml index e710a2ea..071935c0 100644 --- a/providers/openstack/scs/cluster-class/templates/cluster-class.yaml +++ b/providers/openstack/scs/cluster-class/templates/cluster-class.yaml @@ -811,7 +811,7 @@ cre ate group names like oidc:engineering and oidc:infra." matchResources: infrastructureCluster: true jsonPatches: - - op: replace + - op: add path: "/spec/template/spec/managedSubnets" valueFrom: template: | diff --git a/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml b/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml index cb9b3e60..ce689a2a 100644 --- a/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml +++ b/providers/openstack/scs/cluster-class/templates/openstack-cluster-template.yaml @@ -45,9 +45,3 @@ spec: portRangeMax: 4244 protocol: tcp description: "Allow Hubble traffic for Cilium" - managedSubnets: - - cidr: {{ .Values.node_cidr }} - dnsNameservers: - {{- range .Values.dns_nameservers }} - - {{ . }} - {{- end }} diff --git a/providers/openstack/scs/cluster-class/values.yaml b/providers/openstack/scs/cluster-class/values.yaml index 6e723216..ba9dd876 100644 --- a/providers/openstack/scs/cluster-class/values.yaml +++ b/providers/openstack/scs/cluster-class/values.yaml @@ -1,10 +1,6 @@ # mirrored from variables.tf -dns_nameservers: - - 5.1.66.255 - - 185.150.99.255 controller_flavor: SCS-2V-4-20 worker_flavor: SCS-2V-4-20 -node_cidr: 10.8.0.0/20 restrict_kubeapi: [] # newly introduced: From 34970f98ec57646ed8a0e0e5954a46e12f4c0a4a Mon Sep 17 00:00:00 2001 From: Roman Hros Date: Tue, 10 Sep 2024 10:25:42 +0200 Subject: [PATCH 2/2] Enable apiServerLoadBalancer only for octavia LB Signed-off-by: Roman Hros --- .../openstack/scs/cluster-class/templates/cluster-class.yaml | 4 ++-- providers/openstack/scs/cluster-class/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/providers/openstack/scs/cluster-class/templates/cluster-class.yaml b/providers/openstack/scs/cluster-class/templates/cluster-class.yaml index 071935c0..d0b62fa5 100644 --- a/providers/openstack/scs/cluster-class/templates/cluster-class.yaml +++ b/providers/openstack/scs/cluster-class/templates/cluster-class.yaml @@ -355,7 +355,7 @@ cre ate group names like oidc:engineering and oidc:infra." matchResources: infrastructureCluster: true jsonPatches: - - op: add + - op: replace path: "/spec/template/spec/apiServerLoadBalancer/enabled" value: true - op: add @@ -371,7 +371,7 @@ cre ate group names like oidc:engineering and oidc:infra." matchResources: infrastructureCluster: true jsonPatches: - - op: add + - op: replace path: "/spec/template/spec/apiServerLoadBalancer/enabled" value: true - op: add diff --git a/providers/openstack/scs/cluster-class/values.yaml b/providers/openstack/scs/cluster-class/values.yaml index ba9dd876..97e1c87a 100644 --- a/providers/openstack/scs/cluster-class/values.yaml +++ b/providers/openstack/scs/cluster-class/values.yaml @@ -4,7 +4,7 @@ worker_flavor: SCS-2V-4-20 restrict_kubeapi: [] # newly introduced: -openstack_loadbalancer_apiserver: true +openstack_loadbalancer_apiserver: false # TBD, currently needed: images: