Merge pull request #753 from TrekkieCoder/main

gh-87 cicd added for loxi-ingress

.github/workflows/k3s-loxi-ingress.yml

@@ -0,0 +1,25 @@
+name: K3s-Loxi-Ingress-Sanity-CI
+on:
+ # schedule:
+ # Runs "At 11:00 UTC every day-of-week"
+ # - cron: '0 11 * * *'
+ workflow_dispatch:
+ inputs:
+ testName:
+ description: 'Test Run-Name' 
+ required: true
+ default: 'k3s-loxi-ingress'
+jobs:
+ build:
+ name: k3s-loxi-ingress-sanity
+ runs-on: [self-hosted, large]
+ steps:
+ - uses: actions/checkout@v2
+ with:
+ submodules: recursive
+ - run: |
+ cd cicd/k3s-flannel-loxilb-ingress
+ ./config.sh
+ ./validation.sh
+ ./rmconfig.sh
+ cd -

cicd/k3s-flannel-loxilb-ingress/Vagrantfile

@@ -0,0 +1,39 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+workers = (ENV['WORKERS'] || "1").to_i
+#box_name = (ENV['VAGRANT_BOX'] || "ubuntu/focal64")
+box_name = (ENV['VAGRANT_BOX'] || "sysnet4admin/Ubuntu-k8s")
+box_version = "0.7.1"
+Vagrant.configure("2") do |config|
+ config.vm.box = "#{box_name}"
+ config.vm.box_version = "#{box_version}"
+
+ if Vagrant.has_plugin?("vagrant-vbguest")
+ config.vbguest.auto_update = false
+ end
+
+ config.vm.define "loxilb" do |loxilb|
+ loxilb.vm.hostname = 'llb1'
+ #loxilb.vm.network "forwarded_port", guest: 55002, host: 5502, protocol: "tcp"
+ loxilb.vm.network :private_network, ip: "192.168.80.9", :netmask => "255.255.255.0"
+ loxilb.vm.network :private_network, ip: "192.168.90.9", :netmask => "255.255.255.0"
+ loxilb.vm.provision :shell, :path => "loxilb.sh"
+ loxilb.vm.provider :virtualbox do |vbox|
+ vbox.customize ["modifyvm", :id, "--memory", 6000]
+ vbox.customize ["modifyvm", :id, "--cpus", 4]
+ end
+ end
+
+
+ config.vm.define "master" do |master|
+ master.vm.hostname = 'master'
+ master.vm.network :private_network, ip: "192.168.80.10", :netmask => "255.255.255.0"
+ master.vm.provision :shell, :path => "master.sh"
+ master.vm.provider :virtualbox do |vbox|
+ vbox.customize ["modifyvm", :id, "--memory", 8192]
+ vbox.customize ["modifyvm", :id, "--cpus", 4]
+ end
+ end
+
+end

cicd/k3s-flannel-loxilb-ingress/config.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+vagrant global-status | grep -i virtualbox | cut -f 1 -d ' ' | xargs -L 1 vagrant destroy -f
+vagrant up

cicd/k3s-flannel-loxilb-ingress/ingress/loxilb-ingress-deploy.yml

@@ -0,0 +1,266 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ labels:
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ name: loxilb-ingress
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ name: loxilb-ingress
+ namespace: kube-system
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: loxilb-ingress
+ namespace: kube-system
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - watch
+ - list
+ - patch
+ - apiGroups:
+ - ""
+ resources:
+ - pods
+ verbs:
+ - get
+ - watch
+ - list
+ - patch
+ - apiGroups:
+ - ""
+ resources:
+ - endpoints
+ - services
+ - services/status
+ verbs:
+ - get
+ - watch
+ - list
+ - patch
+ - update
+ - apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - get
+ - watch
+ - list
+ - apiGroups:
+ - authentication.k8s.io
+ resources:
+ - tokenreviews
+ verbs:
+ - create
+ - apiGroups:
+ - authorization.k8s.io
+ resources:
+ - subjectaccessreviews
+ verbs:
+ - create
+ - apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+ - apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingressclasses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - create
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - list
+ - watch
+ - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ name: loxilb-ingress
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - endpoints
+ - nodes
+ - pods
+ - secrets
+ - namespaces
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - coordination.k8s.io
+ resources:
+ - leases
+ verbs:
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+- apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - networking.k8s.io
+ - extensions
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingressclasses
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - discovery.k8s.io
+ resources:
+ - endpointslices
+ verbs:
+ - list
+ - watch
+ - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ name: loxilb-ingress
+ namespace: kube-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: loxilb-ingress
+subjects:
+- kind: ServiceAccount
+ name: loxilb-ingress
+ namespace: kube-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ name: loxilb-ingress
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: loxilb-ingress
+subjects:
+- kind: ServiceAccount
+ name: loxilb-ingress
+ namespace: kube-system
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: loxilb-ingress
+ namespace: kube-system
+spec:
+ selector:
+ matchLabels:
+ app: loxilb-ingress
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ template:
+ metadata:
+ name: loxilb-ingress
+ labels:
+ app: loxilb-ingress
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ spec:
+ #hostNetwork: true
+ #dnsPolicy: ClusterFirstWithHostNet
+ serviceAccountName: loxilb-ingress
+ containers:
+ - name: loxilb-ingress
+ volumeMounts:
+ - mountPath: "/opt/loxilb/cert/"
+ name: loxilb-ssl
+ image: "ghcr.io/loxilb-io/loxilb-ingress:latest"
+ imagePullPolicy: Always
+ command: [ "/bin/loxilb-ingress" ]
+ ports:
+ - containerPort: 11111
+ volumes:
+ - name: loxilb-ssl
+ secret:
+ secretName: loxilb-ssl

cicd/k3s-flannel-loxilb-ingress/ingress/loxilb-ingress-svc.yml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: loxilb-ingress-manager
+ namespace: kube-system
+ annotations:
+ loxilb.io/lbmode: "onearm"
+spec:
+ externalTrafficPolicy: Local
+ loadBalancerClass: loxilb.io/loxilb
+ selector:
+ app.kubernetes.io/instance: loxilb-ingress
+ app.kubernetes.io/name: loxilb-ingress
+ ports:
+ - name: http
+ port: 80
+ protocol: TCP
+ targetPort: 80
+ - name: https
+ port: 443
+ protocol: TCP
+ targetPort: 443
+ type: LoadBalancer