micqdf/TerraHome
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'fix: harden kubeadm scripts for proxy and preflight issues' (#78) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 20m33s
Details

Browse Source 
Reviewed-on: #78
This commit was merged in pull request #78.
This commit is contained in:
micqdf
2026-03-02 02:09:11 +00:00
parent f7f3c7df3e 02a6bca60b
commit 4569fcd2ea
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
nixos/kubeadm/modules/k8s-common.nix
View File

@@ -100,6 +100,8 @@ in
(pkgs.writeShellScriptBin "th-kubeadm-init" '' (pkgs.writeShellScriptBin "th-kubeadm-init" ''
set -euo pipefail set -euo pipefail
unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
iface="${config.terrahome.kubeadm.controlPlaneInterface}" iface="${config.terrahome.kubeadm.controlPlaneInterface}"
if ! ip link show "$iface" >/dev/null 2>&1; then if ! ip link show "$iface" >/dev/null 2>&1; then
iface="$(ip -o -4 route show to default | awk 'NR==1 {print $5}')" iface="$(ip -o -4 route show to default | awk 'NR==1 {print $5}')"
@@ -139,9 +141,13 @@ in
--leaderElection \ --leaderElection \
> /etc/kubernetes/manifests/kube-vip.yaml > /etc/kubernetes/manifests/kube-vip.yaml
systemctl stop kubelet || true
kubeadm reset -f || true
kubeadm init \ kubeadm init \
--control-plane-endpoint "$vip:6443" \ --control-plane-endpoint "$vip:6443" \
--upload-certs \ --upload-certs \
--ignore-preflight-errors=NumCPU \
--pod-network-cidr "$pod_subnet" \ --pod-network-cidr "$pod_subnet" \
--service-cidr "$service_subnet" \ --service-cidr "$service_subnet" \
--service-dns-domain "$domain" --service-dns-domain "$domain"
@@ -158,6 +164,7 @@ in
(pkgs.writeShellScriptBin "th-kubeadm-join-control-plane" '' (pkgs.writeShellScriptBin "th-kubeadm-join-control-plane" ''
set -euo pipefail set -euo pipefail
unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
if [ "$#" -lt 1 ]; then if [ "$#" -lt 1 ]; then
echo "Usage: th-kubeadm-join-control-plane '<kubeadm join ... --control-plane --certificate-key ...>'" echo "Usage: th-kubeadm-join-control-plane '<kubeadm join ... --control-plane --certificate-key ...>'"
exit 1 exit 1
@@ -194,16 +201,19 @@ in
--leaderElection \ --leaderElection \
> /etc/kubernetes/manifests/kube-vip.yaml > /etc/kubernetes/manifests/kube-vip.yaml
systemctl stop kubelet || true
eval "$1" eval "$1"
'') '')
(pkgs.writeShellScriptBin "th-kubeadm-join-worker" '' (pkgs.writeShellScriptBin "th-kubeadm-join-worker" ''
set -euo pipefail set -euo pipefail
unset http_proxy https_proxy HTTP_PROXY HTTPS_PROXY no_proxy NO_PROXY
if [ "$#" -lt 1 ]; then if [ "$#" -lt 1 ]; then
echo "Usage: th-kubeadm-join-worker '<kubeadm join ...>'" echo "Usage: th-kubeadm-join-worker '<kubeadm join ...>'"
exit 1 exit 1
fi fi
systemctl stop kubelet || true
eval "$1" eval "$1"
'') '')