diff --git a/docs/azure/cluster-parameters.md b/docs/azure/cluster-parameters.md new file mode 100644 index 000000000..1d2ef69cf --- /dev/null +++ b/docs/azure/cluster-parameters.md @@ -0,0 +1,79 @@ +# Azure cluster parameters + +## Prerequisites + +- Azure CLI installed +- `az login` command executed + +## Cluster Identity + +To provide credentials for CAPI Azure provider (CAPZ) the `AzureClusterIdentity` +resource must be created. This should be done before provisioning any clusters. + + +To create the `AzureClusterIdentity` you should first get the desired `SubscriptionID` +by executing `az account list -o table` which will return list of subscriptions +available to user. + +Then you need to create service principal which will be used by CAPZ to interact +with Azure API. To do so you need to execute the following command: + +```bash + az ad sp create-for-rbac --role contributor --scopes="/subscriptions/" +``` + +The command will return json with the credentials for the service pricipal which +will look like this: + +```json + { + "appId": "29a3a125-7848-4ce6-9be9-a4b3eecca0ff", + "displayName": "azure-cli", + "password": "u_RANDOMHASH", + "tenant": "2f10bc28-959b-481f-b094-eb043a87570a", + } +``` + +*Note: make sure to save this credentials and treat them like passwords.* + +With the data from the json you can now create the `AzureClusterIdentity` object +and it's secret. + +The objects created with the data above can look somthing like this: + +**Secret**: + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: az-cluster-identity-secret +stringData: + clientSecret: u_RANDOMHASH +type: Opaque +``` + +**AzureClusterIdentity**: + +```yaml +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureClusterIdentity +metadata: + labels: + clusterctl.cluster.x-k8s.io/move-hierarchy: "true" + name: az-cluster-identity +spec: + allowedNamespaces: {} + clientID: + clientSecret: 29a3a125-7848-4ce6-9be9-a4b3eecca0ff + name: az-cluster-identity-secret + tenantID: 2f10bc28-959b-481f-b094-eb043a87570a + type: ServicePrincipal +``` + +These objects then should be referenced in the `Deployment` object in the +`.spec.config.clusterIdentity` field. + +Subcribtion ID which was used to create service principal should be the same the +same that will be used in the `.spec.config.subscriptionID` field of the `Deployment` +object. diff --git a/templates/azure-standalone-cp/.helmignore b/templates/azure-standalone-cp/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/templates/azure-standalone-cp/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/templates/azure-standalone-cp/Chart.yaml b/templates/azure-standalone-cp/Chart.yaml new file mode 100644 index 000000000..2a5408dd4 --- /dev/null +++ b/templates/azure-standalone-cp/Chart.yaml @@ -0,0 +1,19 @@ +apiVersion: v2 +name: azure-standalone-cp +description: | + An HMC template to deploy a k0s cluster on Azure with bootstrapped control plane nodes. +type: application +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.0.1 +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.30.2+k0s.0" +annotations: + hmc.mirantis.com/type: deployment + hmc.mirantis.com/infrastructure-providers: azure + hmc.mirantis.com/controlplane-providers: k0s + hmc.mirantis.com/bootstrap-providers: k0s diff --git a/templates/azure-standalone-cp/templates/_helpers.tpl b/templates/azure-standalone-cp/templates/_helpers.tpl new file mode 100644 index 000000000..dfd4b9b8b --- /dev/null +++ b/templates/azure-standalone-cp/templates/_helpers.tpl @@ -0,0 +1,23 @@ +{{- define "cluster.name" -}} + {{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{- define "azuremachinetemplate.controlplane.name" -}} + {{- include "cluster.name" . }}-cp-mt +{{- end }} + +{{- define "azuremachinetemplate.worker.name" -}} + {{- include "cluster.name" . }}-worker-mt +{{- end }} + +{{- define "k0scontrolplane.name" -}} + {{- include "cluster.name" . }}-cp +{{- end }} + +{{- define "k0sworkerconfigtemplate.name" -}} + {{- include "cluster.name" . }}-machine-config +{{- end }} + +{{- define "machinedeployment.name" -}} + {{- include "cluster.name" . }}-md +{{- end }} diff --git a/templates/azure-standalone-cp/templates/azurecluster.yaml b/templates/azure-standalone-cp/templates/azurecluster.yaml new file mode 100644 index 000000000..75769b590 --- /dev/null +++ b/templates/azure-standalone-cp/templates/azurecluster.yaml @@ -0,0 +1,17 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureCluster +metadata: + name: {{ include "cluster.name" . }} +spec: + identityRef: + kind: AzureClusterIdentity + name: {{ .Values.clusterIdentity.name }} + namespace: {{ .Values.clusterIdentity.namespace }} + location: {{ .Values.location }} + {{- if .Values.bastion.enabled }} + {{- with .Values.bastion.bastionSpec }} + bastionSpec: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- end }} + subscriptionID: {{ .Values.subscriptionID }} diff --git a/templates/azure-standalone-cp/templates/azuremachinetemplate-controlplane.yaml b/templates/azure-standalone-cp/templates/azuremachinetemplate-controlplane.yaml new file mode 100644 index 000000000..eb1f2916a --- /dev/null +++ b/templates/azure-standalone-cp/templates/azuremachinetemplate-controlplane.yaml @@ -0,0 +1,14 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureMachineTemplate +metadata: + name: {{ include "azuremachinetemplate.controlplane.name" . }} +spec: + template: + spec: + osDisk: + diskSizeGB: {{ .Values.controlPlane.rootVolumeSize }} + osType: Linux + {{- if not (quote .Values.controlPlane.sshPublicKey | empty) }} + sshPublicKey: {{ .Values.controlPlane.sshPublicKey }} + {{- end }} + vmSize: {{ .Values.controlPlane.vmSize }} diff --git a/templates/azure-standalone-cp/templates/azuremachinetemplate-worker.yaml b/templates/azure-standalone-cp/templates/azuremachinetemplate-worker.yaml new file mode 100644 index 000000000..e5e3d566f --- /dev/null +++ b/templates/azure-standalone-cp/templates/azuremachinetemplate-worker.yaml @@ -0,0 +1,14 @@ +apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 +kind: AzureMachineTemplate +metadata: + name: {{ include "azuremachinetemplate.worker.name" . }} +spec: + template: + spec: + osDisk: + diskSizeGB: {{ .Values.worker.rootVolumeSize }} + osType: Linux + {{- if not (quote .Values.worker.sshPublicKey | empty) }} + sshPublicKey: {{ .Values.worker.sshPublicKey }} + {{- end }} + vmSize: {{ .Values.worker.vmSize }} diff --git a/templates/azure-standalone-cp/templates/cluster.yaml b/templates/azure-standalone-cp/templates/cluster.yaml new file mode 100644 index 000000000..2ce7581f7 --- /dev/null +++ b/templates/azure-standalone-cp/templates/cluster.yaml @@ -0,0 +1,17 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: Cluster +metadata: + name: {{ include "cluster.name" . }} +spec: + {{- with .Values.clusterNetwork }} + clusterNetwork: + {{- toYaml . | nindent 4 }} + {{- end }} + controlPlaneRef: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: K0sControlPlane + name: {{ include "k0scontrolplane.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureCluster + name: {{ include "cluster.name" . }} diff --git a/templates/azure-standalone-cp/templates/k0scontrolplane.yaml b/templates/azure-standalone-cp/templates/k0scontrolplane.yaml new file mode 100644 index 000000000..daa056d93 --- /dev/null +++ b/templates/azure-standalone-cp/templates/k0scontrolplane.yaml @@ -0,0 +1,55 @@ +apiVersion: controlplane.cluster.x-k8s.io/v1beta1 +kind: K0sControlPlane +metadata: + name: {{ include "k0scontrolplane.name" . }} +spec: + replicas: {{ .Values.controlPlaneNumber }} + version: {{ .Values.k0s.version }} + k0sConfigSpec: + args: + - --enable-worker + - --enable-cloud-provider + - --kubelet-extra-args="--cloud-provider=external" + - --disable-components=konnectivity-server + k0s: + apiVersion: k0s.k0sproject.io/v1beta1 + kind: ClusterConfig + metadata: + name: k0s + spec: + api: + extraArgs: + anonymous-auth: "true" + network: + provider: calico + calico: + mode: vxlan + extensions: + helm: + repositories: + - name: cloud-provider-azure + url: https://raw.githubusercontent.com/kubernetes-sigs/cloud-provider-azure/master/helm/repo + - name: azuredisk-csi-driver + url: https://raw.githubusercontent.com/kubernetes-sigs/azuredisk-csi-driver/master/charts + charts: + - name: cloud-provider-azure + namespace: kube-system + chartname: cloud-provider-azure/cloud-provider-azure + version: 1.30.4 + values: | + cloudControllerManager: + nodeSelector: + node-role.kubernetes.io/control-plane: "true" + - name: azuredisk-csi-driver + namespace: kube-system + chartname: azuredisk-csi-driver/azuredisk-csi-driver + version: 1.30.3 + values: | + linux: + kubelet: "/var/lib/k0s/kubelet" + machineTemplate: + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureMachineTemplate + name: {{ include "azuremachinetemplate.controlplane.name" . }} + namespace: {{ .Release.Namespace }} diff --git a/templates/azure-standalone-cp/templates/k0sworkerconfigtemplate.yaml b/templates/azure-standalone-cp/templates/k0sworkerconfigtemplate.yaml new file mode 100644 index 000000000..562e4fdeb --- /dev/null +++ b/templates/azure-standalone-cp/templates/k0sworkerconfigtemplate.yaml @@ -0,0 +1,11 @@ +apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 +kind: K0sWorkerConfigTemplate +metadata: + name: {{ include "k0sworkerconfigtemplate.name" . }} +spec: + template: + spec: + version: {{ .Values.k0s.version }} + args: + - --enable-cloud-provider + - --kubelet-extra-args="--cloud-provider=external" diff --git a/templates/azure-standalone-cp/templates/machinedeployment.yaml b/templates/azure-standalone-cp/templates/machinedeployment.yaml new file mode 100644 index 000000000..464ae0ceb --- /dev/null +++ b/templates/azure-standalone-cp/templates/machinedeployment.yaml @@ -0,0 +1,26 @@ +apiVersion: cluster.x-k8s.io/v1beta1 +kind: MachineDeployment +metadata: + name: {{ include "machinedeployment.name" . }} +spec: + clusterName: {{ include "cluster.name" . }} + replicas: {{ .Values.workersNumber }} + selector: + matchLabels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + template: + metadata: + labels: + cluster.x-k8s.io/cluster-name: {{ include "cluster.name" . }} + spec: + version: {{ regexReplaceAll "\\+k0s.+$" .Values.k0s.version "" }} + clusterName: {{ include "cluster.name" . }} + bootstrap: + configRef: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: K0sWorkerConfigTemplate + name: {{ include "k0sworkerconfigtemplate.name" . }} + infrastructureRef: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: AzureMachineTemplate + name: {{ include "azuremachinetemplate.worker.name" . }} diff --git a/templates/azure-standalone-cp/values.schema.json b/templates/azure-standalone-cp/values.schema.json new file mode 100644 index 000000000..d605df340 --- /dev/null +++ b/templates/azure-standalone-cp/values.schema.json @@ -0,0 +1,122 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "description": "An HMC template to deploy a k0s cluster on Azure with bootstrapped control plane nodes.", + "type": "object", + "required": [ + "controlPlaneNumber", + "workersNumber", + "location" + ], + "properties": { + "controlPlaneNumber": { + "description": "The number of the control plane machines", + "type": "number", + "minimum": 1 + }, + "workersNumber": { + "description": "The number of the worker machines", + "type": "number", + "minimum": 1 + }, + "clusterNetwork": { + "type": "object", + "properties": { + "pods": { + "type": "object", + "properties": { + "cidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1, + "uniqueItems": true + } + } + }, + "services": { + "type": "object", + "properties": { + "cidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1, + "uniqueItems": true + } + } + } + } + }, + "location": { + "description": "Azure location to deploy the cluster in", + "type": "string" + }, + "bastion": { + "type": "object", + "description": "The configuration of the bastion host", + "required": [], + "properties": { + "enabled": { + "type": "boolean" + } + } + }, + "controlPlane": { + "description": "The configuration of the control plane machines", + "type": "object", + "required": [ + "vmSize" + ], + "properties": { + "sshPublicKey": { + "description": "SSH public key in base64 format, which will be used on the machine.", + "type": "string" + }, + "vmSize": { + "description": "The size of instance to create", + "type": "string" + }, + "rootVolumeSize": { + "description": "The size of the root volume of the instance (GB)", + "type": "integer" + } + } + }, + "worker": { + "description": "The configuration of the worker machines", + "type": "object", + "required": [ + "vmSize" + ], + "properties": { + "sshPublicKey": { + "description": "SSH public key in base64 format, which will be used on the machine.", + "type": "string" + }, + "vmSize": { + "description": "The size of instance to create", + "type": "string" + }, + "rootVolumeSize": { + "description": "The size of the root volume of the instance (GB)", + "type": "integer" + } + } + }, + "k0s": { + "description": "K0s parameters", + "type": "object", + "required": [ + "version" + ], + "properties": { + "version":{ + "description": "K0s version to use", + "type": "string" + } + } + } + } +} diff --git a/templates/azure-standalone-cp/values.yaml b/templates/azure-standalone-cp/values.yaml new file mode 100644 index 000000000..b6ad4dfdf --- /dev/null +++ b/templates/azure-standalone-cp/values.yaml @@ -0,0 +1,36 @@ +# Cluster parameters +controlPlaneNumber: 3 +workersNumber: 2 + +clusterNetwork: + pods: + cidrBlocks: + - "10.244.0.0/16" + services: + cidrBlocks: + - "10.96.0.0/12" + +# AWS cluster parameters +location: "" +subscriptionID: "" +bastion: + enabled: false + bastionSpec: + azureBastion: {} +clusterIdentity: + name: "" + namespace: hmc-system +# AWS machines parameters +controlPlane: + sshPublicKey: "" + vmSize: "" + rootVolumeSize: 30 + +worker: + sshPublicKey: "" + vmSize: "" + rootVolumeSize: 30 + +# K0s parameters +k0s: + version: v1.30.2+k0s.0 diff --git a/templates/hmc-templates/files/templates/azure-standalone-cp.yaml b/templates/hmc-templates/files/templates/azure-standalone-cp.yaml new file mode 100644 index 000000000..a8bd9856f --- /dev/null +++ b/templates/hmc-templates/files/templates/azure-standalone-cp.yaml @@ -0,0 +1,8 @@ +apiVersion: hmc.mirantis.com/v1alpha1 +kind: Template +metadata: + name: azure-standalone-cp +spec: + helm: + chartName: azure-standalone-cp + chartVersion: 0.0.1