Initial deployment of Kubernetes control plane

This commit is contained in:
minish 2024-11-02 02:56:58 -04:00
parent 12b327ca88
commit 9bd1f0cfa1
Signed by: min
SSH Key Fingerprint: SHA256:NFjjdbkd6u7aoMlcrDCVvz6o2UBtlAuPm8IQ2vhZ3Fg
3 changed files with 37 additions and 0 deletions

View File

@ -15,6 +15,12 @@
"/var/lib/acme"
"/srv"
# k8s
"/var/lib/containerd"
"/var/lib/kubernetes"
"/var/lib/kubelet"
"/var/lib/kube-proxy"
];
files = [
"/etc/machine-id"

View File

@ -7,6 +7,7 @@
./gitea.nix
./synapse.nix
./nebula.nix
./k8s.nix
];
security.acme = {

View File

@ -0,0 +1,30 @@
{pkgs, ...}: let
kMasterIp = "10.13.0.1";
kMasterHostname = "silver";
kMasterApiServerPort = 6443;
in {
networking.extraHosts = "${kMasterIp} ${kMasterHostname}";
systemd.services.etcd.preStart = ''${pkgs.writeShellScript "etcd-wait" ''
while [ ! -f /var/lib/kubernetes/secrets/etcd.pem ]; do sleep 1; done
''}'';
services.kubernetes = {
roles = ["master" "node"];
masterAddress = kMasterHostname;
apiserverAddress = "https://${kMasterHostname}:${toString kMasterApiServerPort}";
apiserver = {
securePort = kMasterApiServerPort;
advertiseAddress = kMasterIp;
};
easyCerts = true;
# use coredns
addons.dns.enable = true;
# needed if you use swap
kubelet.extraOpts = "--fail-swap-on=false";
};
}