chore: k3s tf module & spectrum module cleanup && cilium l2 support (#19)

Author: enjenjenje

.gitignore

@@ -5,3 +5,4 @@
 .direnv
 kubeconfig
 talosconfig
+provider_project/*

ephemeral/main.tf

@@ -30,7 +30,6 @@ module "spectrum" {
     local_sensitive_file.kubeconfig,
   ]
   source     = "../terraform-modules/spectrum"
-  components = ["kubevirt"]
   network    = var.github_branch
   cluster    = "ephemeral"
 

examples/k3s/README.md

@@ -0,0 +1,27 @@
+# Kubernetes cluster based on k3s
+
+This example deploys *k3s based* Kubernetes cluster on a specific host.
+
+### Requirements
+- installed [**Terraform**](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli) on your laptop
+- installed [**autok3s**](https://github.com/cnrancher/autok3s?tab=readme-ov-file#quick-start-tldr) on your laptop
+- target server accessible via `ssh`
+
+### Instruction
+- Copy files in this directory to your Fluence related *provider* directory
+- Update values with your own in `config.tf` file
+```
+locals {
+server_name  =  "example"
+server_ip_address  =  "1.1.1.1.1"
+ssh_key  =  "~/.ssh/key"
+ssh_user  =  "root"
+ssh_port  =  "22"
+}
+```
+- deploy using `terraform`
+```
+terraform init
+terraform apply
+```
+- you can check your freshly installed cluster in [**autok3s UI**](https://github.com/cnrancher/autok3s?tab=readme-ov-file#quick-start-tldr) 

examples/k3s/config.tf

@@ -0,0 +1,7 @@
+locals {
+  server_name       = "example"
+  server_ip_address = "1.1.1.1.1"
+  ssh_key           = "~/.ssh/key"
+  ssh_user          = "root"
+  ssh_port          = "22"
+}

examples/k3s/main.tf

@@ -0,0 +1,21 @@
+module "k3s" {
+  source               = "github.com/fluencelabs/spectrum//terraform-modules/k3s"
+  kubeconfigs_location = "${path.root}/secrets"
+  server_name          = local.server_name
+  server_ip_address    = local.server_ip_address
+  ssh_key              = local.ssh_key
+  ssh_user             = local.ssh_user
+  ssh_port             = local.ssh_port
+}
+
+provider "helm" {
+  kubernetes {
+    config_path = module.k3s.kubeconfig_file
+  }
+}
+
+module "spectrum" {
+  depends_on      = [module.k3s]
+  source          = "github.com/fluencelabs/spectrum//terraform-modules/spectrum"
+  cluster_flavour = "k3s"
+}

flux/components/cilium-l2/kustomization.yaml

@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - ./manifests.yaml

flux/components/cilium-l2/manifests.yaml

@@ -0,0 +1,23 @@
+---
+apiVersion: "cilium.io/v2alpha1"
+kind: CiliumL2AnnouncementPolicy
+metadata:
+  name: fluence-l2
+  namespace: kube-system
+spec:
+  serviceSelector:
+    matchLabels:
+      fluence: cloudless.dev  
+  externalIPs: true
+  loadBalancerIPs: true
+---
+apiVersion: "cilium.io/v2alpha1"
+kind: CiliumLoadBalancerIPPool
+metadata:
+  name: fluence-l2
+  namespace: kube-system
+spec:
+  serviceSelector:
+    matchLabels:
+      fluence: cloudless.dev     
+

terraform-modules/k3s/autok3s.tf

@@ -0,0 +1,60 @@
+resource "terraform_data" "k3s-init" {
+
+  input = var.server_name
+  provisioner "local-exec" {
+    command = <<EOT
+        autok3s create --provider  native --docker-script  https://get.docker.com --k3s-channel  stable --k3s-install-script  https://get.k3s.io \
+        --master-extra-args '--disable servicelb,traefik --flannel-backend none --disable-kube-proxy --disable-network-policy' \
+        --name ${var.server_name} --rollback --ssh-key-path ${var.ssh_key} --ssh-port ${var.ssh_port} --ssh-user ${var.ssh_user} --master-ips ${var.server_ip_address} \
+        --enable explorer
+    EOT
+
+  }
+
+  provisioner "local-exec" {
+    when    = destroy
+    command = <<EOT
+        autok3s delete -p native --name ${self.input} -f
+    EOT
+
+  }
+}
+
+resource "terraform_data" "k3s-gen-kubeconfig" {
+  depends_on = [
+    terraform_data.k3s-init
+  ]
+  input = "${var.kubeconfigs_location}/kubeconfig.yaml"
+  provisioner "local-exec" {
+    command = <<EOT
+        mkdir -p ${var.kubeconfigs_location} && \
+        autok3s kubectl config use-context ${var.server_name} && \
+        autok3s kubectl config view --minify=true --raw > ${var.kubeconfigs_location}/kubeconfig.yaml
+    EOT
+
+  }
+
+  provisioner "local-exec" {
+    when    = destroy
+    command = <<EOT
+        rm -rf ${self.input}.yaml
+    EOT
+  }
+}
+
+resource "terraform_data" "os-init" {
+
+  connection {
+    type        = "ssh"
+    user        = var.ssh_user
+    port        = var.ssh_port
+    private_key = file(var.ssh_key)
+    host        = var.server_ip_address
+  }
+
+  provisioner "remote-exec" {
+    inline = [
+      "curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash"
+    ]
+  }
+}

terraform-modules/k3s/output.tf

@@ -0,0 +1,4 @@
+output "kubeconfig_file" {
+  description = "kubeconfig file location"
+  value       = "${terraform_data.k3s-gen-kubeconfig.input}"
+}

terraform-modules/k3s/variables.tf

@@ -0,0 +1,20 @@
+variable "kubeconfigs_location" {
+  default = "./secrets"
+}
+
+variable "server_name" {
+}
+
+variable "server_ip_address" {
+}
+
+variable "ssh_key" {
+}
+
+variable "ssh_port" {
+  default = "22"
+}
+
+variable "ssh_user" {
+  default = "root"
+}