micqdf/TerraHome
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
351 Commits 3 Branches 1 Tag
bd866f7dac8e5b477e9e98808ed8b3b77f0edcdd
Commit Graph

351 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
micqdf
f53d087c9c Merge pull request 'fix: use valid kube-vip log flag value' (#100) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 6m29s
Details 
Reviewed-on: #100
 2026-03-03 00:26:08 +00:00
MichaelFisher1997
51b56e562e fix: use valid kube-vip log flag value
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
Details 
kube-vip expects an unsigned integer for --log. Replace --log -4 with --log 4 so manifest generation no longer fails during bootstrap.
 2026-03-03 00:25:25 +00:00
micqdf
0e0643a6fc Merge pull request 'refactor: add Python bootstrap controller with resumable state' (#99) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 11m46s
Details 
Reviewed-on: #99
 2026-03-03 00:10:19 +00:00
MichaelFisher1997
6fecfb3ee6 refactor: add Python bootstrap controller with resumable state
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
Details 
Introduce a clean orchestration layer in nixos/kubeadm/bootstrap/controller.py and slim rebuild-and-bootstrap.sh into a thin wrapper. The controller now owns preflight, rebuild, init, CNI install, join, and verify stages with persisted checkpoints on cp-1 plus a local state copy for CI debugging.
 2026-03-03 00:09:10 +00:00
micqdf
7a0016b003 Merge pull request 'fix: preserve kube-vip mount path and only swap hostPath to super-admin' (#98) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Has been cancelled
Details 
Reviewed-on: #98
 2026-03-03 00:00:48 +00:00
MichaelFisher1997
355273add5 fix: preserve kube-vip mount path and only swap hostPath to super-admin
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 19s
Details 
The previous replacement changed both mountPath and hostPath, causing kube-vip to lose its expected in-container kubeconfig path and exit. Keep mountPath at /etc/kubernetes/admin.conf, swap only hostPath during bootstrap, and enable kube-vip debug log level.
 2026-03-02 23:59:41 +00:00
micqdf
e5162c220c Merge pull request 'fix: bootstrap kube-vip without leader election' (#97) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 17m12s
Details 
Reviewed-on: #97
 2026-03-02 23:31:52 +00:00
MichaelFisher1997
262e9eb4d7 fix: bootstrap kube-vip without leader election
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
Details 
Run first-control-plane kube-vip manifest without --leaderElection so VIP can bind before API/RBAC are fully available. Also print kube-vip container exit details on failure.
 2026-03-02 23:28:44 +00:00
micqdf
84513f4bb8 Merge pull request 'fix: run kube-vip in control-plane-only mode during bootstrap' (#96) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 16m50s
Details 
Reviewed-on: #96
 2026-03-02 22:53:22 +00:00
MichaelFisher1997
c445638d4a fix: run kube-vip in control-plane-only mode during bootstrap
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 17s
Details 
Remove --services from kube-vip static pod manifests for init/join. Service LB mode can crash-loop during kubeadm bootstrap before cluster RBAC is ready, which prevented VIP binding.
 2026-03-02 22:52:44 +00:00
micqdf
678b383063 Merge pull request 'stage' (#95) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 17m14s
Details 
Reviewed-on: #95
 2026-03-02 22:33:27 +00:00
MichaelFisher1997
880bbcceca ci: speed up Terraform plan by skipping refresh in pipelines
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 16s
Details 
Use terraform plan -refresh=false in plan/apply workflows to avoid slow Proxmox state refresh on every push. This keeps CI fast while preserving apply behavior from the generated plan.
 2026-03-02 22:32:10 +00:00
MichaelFisher1997
190dc2e095 fix: restore compatibility with older nixos-rebuild sudo flag
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
Use --use-remote-sudo in rebuild script since the runner's nixos-rebuild does not support --sudo yet.
 2026-03-02 22:30:38 +00:00
micqdf
d86b0a32a2 Merge pull request 'fix: stabilize kubeadm bootstrap and reduce Proxmox plan latency' (#94) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 16m3s
Details 
Reviewed-on: #94
 2026-03-02 22:13:28 +00:00
MichaelFisher1997
a81799a2b5 fix: stabilize kubeadm bootstrap and reduce Proxmox plan latency
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
Move kubeadm reset ahead of kube-vip manifest generation, use super-admin.conf during bootstrap for kube-vip, and restore admin.conf after init. Also switch nixos-rebuild to --sudo and make QEMU guest agent optional so Terraform plan can skip slow guest-agent refreshes when it is not installed.
 2026-03-02 22:09:10 +00:00
micqdf
6c7182b8f5 Merge pull request 'fix: run kube-vip daemon before kubeadm init' (#93) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 24m52s
Details 
Reviewed-on: #93
 2026-03-02 21:02:11 +00:00
MichaelFisher1997
46c0786e57 fix: run kube-vip daemon before kubeadm init
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 10m8s
Details 
- Start kube-vip as a detached container to claim VIP before kubeadm init
- Wait for VIP to be bound before proceeding
- Generate static pod manifest for kube-vip
- Stop bootstrap kube-vip after API server is healthy (static pod takes over)
- Add kube-vip logs output if VIP fails to bind
 2026-03-02 20:39:28 +00:00
micqdf
8b15f061bc Merge pull request 'fix: skip kubeadm wait-control-plane phase, wait for VIP manually' (#92) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 23m51s
Details 
Reviewed-on: #92
 2026-03-02 19:42:56 +00:00
MichaelFisher1997
1af45ca51e fix: skip kubeadm wait-control-plane phase, wait for VIP manually
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Use --skip-phases=wait-control-plane to avoid 4-minute timeout
- Wait for kube-vip to bind VIP before checking API server health
- Add kube-vip logs and VIP status to debug output
 2026-03-02 19:37:06 +00:00
micqdf
c91d28a5dc Merge pull request 'fix: add image pre-pull and debug output for kubeadm init' (#91) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 26m27s
Details 
Reviewed-on: #91
 2026-03-02 18:36:46 +00:00
MichaelFisher1997
533f5a91e0 fix: add image pre-pull and debug output for kubeadm init
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Pre-pull k8s control plane images before init to speed up startup
- Add crictl pods and crictl ps -a output on failure for debugging
 2026-03-02 18:35:41 +00:00
micqdf
cfdfab3ec0 Merge pull request 'fix: disable webhook authz and clean stale kubelet configs' (#90) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 25m1s
Details 
Reviewed-on: #90
 2026-03-02 18:01:33 +00:00
MichaelFisher1997
c061dda31d fix: disable webhook authz and clean stale kubelet configs
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Add authorization.mode: AlwaysAllow to KubeletConfiguration
- Remove stale kubelet config.yaml before unmasking in all kubeadm scripts
- This prevents 'no client provided, cannot use webhook authorization' error
 2026-03-02 17:59:31 +00:00
micqdf
cec60c003c Merge pull request 'fix: disable kubelet webhook auth in kubeadm init config' (#89) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 25m1s
Details 
Reviewed-on: #89
 2026-03-02 16:50:31 +00:00
MichaelFisher1997
fb21fbef4f fix: disable kubelet webhook auth in kubeadm init config
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Use explicit kubeadm config file with KubeletConfiguration
- Disable webhook authentication which was causing 'no client provided' error
- Add ConditionPathExists to kubelet systemd unit
 2026-03-02 16:49:21 +00:00
micqdf
6cc57f8b0e Merge pull request 'fix: kubelet directories and containerd readiness' (#88) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 24m54s
Details 
Reviewed-on: #88
 2026-03-02 14:45:54 +00:00
MichaelFisher1997
1b76e07326 fix: kubelet directories and containerd readiness
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Create /var/lib/kubelet and /var/lib/kubelet/pki directories via tmpfiles
- Ensure containerd is running before kubeadm init
- Add kubelet logs output on kubeadm init failure for debugging
 2026-03-02 14:44:47 +00:00
micqdf
9d17dd17cc Merge pull request 'fix: remove kubelet ConditionPathExists, add daemon-reload' (#87) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 25m5s
Details 
Reviewed-on: #87
 2026-03-02 14:01:06 +00:00
MichaelFisher1997
db72dcab75 fix: remove kubelet ConditionPathExists, add daemon-reload
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Remove ConditionPathExists from kubelet service definition as it
  prevents kubelet from starting when managed by kubeadm
- Add systemctl daemon-reload after unmasking in all kubeadm scripts
- Add reset-failed for consistent state cleanup
 2026-03-02 13:58:49 +00:00
micqdf
23d61a6308 Merge pull request 'fix: mask kubelet before rebuild, unmask in kubeadm helpers' (#86) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 24m58s
Details 
Reviewed-on: #86
 2026-03-02 12:54:37 +00:00
MichaelFisher1997
d42e83358c fix: mask kubelet before rebuild, unmask in kubeadm helpers
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
- Mask kubelet service entirely before nixos-rebuild to prevent systemd
  from restarting it during switch
- Unmask kubelet in th-kubeadm-init/join scripts before starting
 2026-03-02 12:44:40 +00:00
micqdf
198c147b79 Merge pull request 'fix: prevent kubelet auto-start during rebuild' (#85) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 18m58s
Details 
Reviewed-on: #85
 2026-03-02 12:14:38 +00:00
MichaelFisher1997
93e43a546f fix: prevent kubelet auto-start during rebuild
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details 
Add wantedBy = [] to prevent kubelet from being started by multi-user.target
during nixos-rebuild switch. This allows rebuilds to succeed even when the
cluster is in a transitional state. Kubelet will be started by kubeadm
init/join commands instead.
 2026-03-02 12:13:05 +00:00
micqdf
3b03e68f3e Merge pull request 'fix: disable lingering kubelet service before node rebuild' (#84) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 18m50s
Details 
Reviewed-on: #84
 2026-03-02 10:09:20 +00:00
MichaelFisher1997
ab5cc8b01d fix: disable lingering kubelet service before node rebuild
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details
2026-03-02 10:08:27 +00:00
micqdf
92759407a6 Merge pull request 'fix: stop auto-enabling kubelet during base node rebuild' (#83) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 19m4s
Details 
Reviewed-on: #83
 2026-03-02 09:17:26 +00:00
MichaelFisher1997
f65a414959 fix: stop auto-enabling kubelet during base node rebuild
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 10m8s
Details
2026-03-02 09:13:53 +00:00
micqdf
03c6d0454a Merge pull request 'fix: gate kubelet startup until kubeadm config exists' (#82) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 18m56s
Details 
Reviewed-on: #82
 2026-03-02 08:40:39 +00:00
MichaelFisher1997
7c849ed019 fix: gate kubelet startup until kubeadm config exists
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details
2026-03-02 08:39:22 +00:00
micqdf
b8bd9686d3 Merge pull request 'fix: align kubelet systemd unit with kubeadm flags' (#81) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 18m42s
Details 
Reviewed-on: #81
 2026-03-02 03:48:09 +00:00
MichaelFisher1997
388b0c4f5d fix: align kubelet systemd unit with kubeadm flags
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details
2026-03-02 03:44:35 +00:00
micqdf
cfd72fa750 Merge pull request 'fix: ignore kubeadm HTTPProxyCIDR preflight in homelab workflow' (#80) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 28m13s
Details 
Reviewed-on: #80
 2026-03-02 03:10:37 +00:00
MichaelFisher1997
d810547675 fix: ignore kubeadm HTTPProxyCIDR preflight in homelab workflow
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details
2026-03-02 03:06:29 +00:00
micqdf
3ed3381140 Merge pull request 'fix: run kubeadm init/reset with clean environment' (#79) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 20m22s
Details 
Reviewed-on: #79
 2026-03-02 02:39:27 +00:00
MichaelFisher1997
9426968cd4 fix: run kubeadm init/reset with clean environment
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details
2026-03-02 02:36:57 +00:00
micqdf
4569fcd2ea Merge pull request 'fix: harden kubeadm scripts for proxy and preflight issues' (#78) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 20m33s
Details 
Reviewed-on: #78
 2026-03-02 02:09:11 +00:00
MichaelFisher1997
02a6bca60b fix: harden kubeadm scripts for proxy and preflight issues
Some checks failed
Terraform Plan / Terraform Plan (push) Has been cancelled
Details
2026-03-02 02:02:38 +00:00
micqdf
f7f3c7df3e Merge pull request 'fix: avoid sudo env loss for kube-vip image reference' (#77) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 20m59s
Details 
Reviewed-on: #77
 2026-03-02 01:32:53 +00:00
MichaelFisher1997
a098c0aa29 fix: avoid sudo env loss for kube-vip image reference
All checks were successful
Terraform Plan / Terraform Plan (push) Successful in 10m8s
Details
2026-03-02 01:27:44 +00:00
micqdf
766cd5db4f Merge pull request 'fix: correctly propagate remote command exit status' (#76) from stage into master
Some checks failed
Terraform Apply / Terraform Apply (push) Failing after 19m10s
Details 
Reviewed-on: #76
 2026-03-02 01:04:44 +00:00