Initial commit: Turbo Mothership bare metal management cluster

- k0s bootstrap with Cilium and OpenEBS - ArgoCD apps for infra, CAPI, Tinkerbell, and Netris - Ansible playbooks for virtual baremetal lab and Netris switches - CAPI provider manifests for k0smotron and Tinkerbell
2025-12-15 19:59:58 +01:00
commit df9937f0c3
39 changed files with 1961 additions and 0 deletions
--- a/bootstrap/k0s.yaml
+++ b/bootstrap/k0s.yaml
@@ -0,0 +1,101 @@
+apiVersion: k0s.k0sproject.io/v1beta1
+kind: ClusterConfig
+metadata:
+  name: k0s
+  namespace: kube-system
+spec:
+  api:
+    address: 65.109.94.180
+    ca:
+      certificatesExpireAfter: 8760h0m0s
+      expiresAfter: 87600h0m0s
+    k0sApiPort: 9443
+    port: 6443
+    sans:
+    - 65.109.94.180
+    - 2a01:4f9:3051:48ca::2
+  controllerManager: {}
+  extensions:
+    helm:
+      concurrencyLevel: 5
+      repositories:
+        - name: cilium
+          url: https://helm.cilium.io/
+        - name: openebs
+          url: https://openebs.github.io/openebs
+      charts:
+        - name: cilium
+          chartname: cilium/cilium
+          version: "1.18.4"
+          namespace: kube-system
+          order: 1
+          values: |
+            cluster:
+              name: local
+            k8sServiceHost: 65.109.94.180
+            k8sServicePort: 6443
+            kubeProxyReplacement: true
+            operator:
+              replicas: 1
+            routingMode: tunnel
+            tunnelProtocol: vxlan
+        - name: openebs
+          chartname: openebs/openebs
+          version: "4.2.0"
+          namespace: openebs
+          order: 2
+          values: |
+            localpv-provisioner:
+              localpv:
+                basePath: /var/openebs/local
+            engines:
+              replicated:
+                mayastor:
+                  enabled: false
+              local:
+                zfs:
+                  enabled: false
+                rawfile:
+                  enabled: false
+                lvm:
+                  enabled: false
+            loki:
+              enabled: false
+            minio:
+              enabled: false
+            alloy:
+              enabled: false
+  installConfig:
+    users:
+      etcdUser: etcd
+      kineUser: kube-apiserver
+      konnectivityUser: konnectivity-server
+      kubeAPIserverUser: kube-apiserver
+      kubeSchedulerUser: kube-scheduler
+  network:
+    clusterDomain: cluster.local
+    dualStack:
+      enabled: true 
+      IPv6podCIDR: fd00::/108
+      IPv6serviceCIDR: fd01::/108
+    kubeProxy:
+      disabled: true
+    nodeLocalLoadBalancing:
+      enabled: false
+      envoyProxy:
+        apiServerBindPort: 7443
+        konnectivityServerBindPort: 7132
+      type: EnvoyProxy
+    podCIDR: 10.240.0.0/16
+    provider: custom 
+    serviceCIDR: 10.99.0.0/12
+  scheduler: {}
+  storage:
+    etcd:
+      ca:
+        certificatesExpireAfter: 8760h0m0s
+        expiresAfter: 87600h0m0s
+      peerAddress: 127.0.0.1
+    type: etcd
+  telemetry:
+    enabled: false