diff --git a/nixos/kubeadm/modules/k8s-common.nix b/nixos/kubeadm/modules/k8s-common.nix index e44c66b..718281d 100644 --- a/nixos/kubeadm/modules/k8s-common.nix +++ b/nixos/kubeadm/modules/k8s-common.nix @@ -132,7 +132,38 @@ in mkdir -p /etc/kubernetes/manifests ctr image pull "${kubeVipImage}" - ctr run --rm --net-host "${kubeVipImage}" kube-vip /kube-vip manifest pod \ + ctr tasks kill kube-vip-bootstrap 2>/dev/null || true + ctr tasks rm kube-vip-bootstrap 2>/dev/null || true + ctr containers rm kube-vip-bootstrap 2>/dev/null || true + + echo "==> Starting kube-vip daemon to claim VIP $vip" + ctr run --net-host -d "${kubeVipImage}" kube-vip-bootstrap /kube-vip \ + --interface "$iface" \ + --address "$vip" \ + --controlplane \ + --services \ + --arp \ + --leaderElection + + sleep 3 + + echo "==> Waiting for VIP $vip to be claimed" + for i in $(seq 1 30); do + if ip -4 addr show | grep -q "$vip"; then + echo "==> VIP $vip is bound" + break + fi + echo "Waiting for VIP... ($i/30)" + sleep 1 + done + + if ! ip -4 addr show | grep -q "$vip"; then + echo "==> WARNING: VIP not bound, checking kube-vip logs:" + ctr task logs kube-vip-bootstrap 2>&1 | tail -20 || true + fi + + echo "==> Creating kube-vip static pod manifest" + ctr run --rm --net-host "${kubeVipImage}" kube-vip-manifest /kube-vip manifest pod \ --interface "$iface" \ --address "$vip" \ --controlplane \ @@ -141,6 +172,8 @@ in --leaderElection \ > /etc/kubernetes/manifests/kube-vip.yaml + echo "==> kube-vip static pod manifest created" + rm -f /var/lib/kubelet/config.yaml /var/lib/kubelet/kubeadm-flags.env systemctl unmask kubelet || true @@ -236,6 +269,11 @@ in sleep 2 done + echo "==> Stopping bootstrap kube-vip (static pod will take over)" + ctr tasks kill kube-vip-bootstrap 2>/dev/null || true + ctr tasks rm kube-vip-bootstrap 2>/dev/null || true + ctr containers rm kube-vip-bootstrap 2>/dev/null || true + mkdir -p /root/.kube cp /etc/kubernetes/admin.conf /root/.kube/config chmod 600 /root/.kube/config