Adding the hetzner-robot KubeAid App

argocd-helm-charts/capi-cluster/charts/hetzner/Chart.yaml

@@ -1,3 +1,3 @@
 apiVersion: v2
-name: hetzner
+name: capi-cluster for hetzner provider
 version: 1.0.0

argocd-helm-charts/capi-cluster/charts/hetzner/Readme.md → argocd-helm-charts/capi-cluster/charts/hetzner/README.md

@@ -1,7 +1,12 @@
 ## Hetzner K8s cluster via cluster-api
 
+## Setup
+
+```sh
+kubeaid-bootstrap
+```
+
 ## Improvements
 
-* Floating IP should be automatically pointing to current working node (the first node that got provisioned)
+* Floating IP should be automatically pointing to current working node (the first node that got provisioned) [Comlpeted]
 * Add option in kubeadmcontrolplane to remove taints (its supported in crd)
-*

argocd-helm-charts/capi-cluster/charts/hetzner/templates/HetznerBareMetalMachineTemplate.yaml

@@ -29,7 +29,7 @@ spec:
           size: 20G
         postInstallScript: |
           #!/bin/bash
-          if {{ .Values.robot.floating }}; then
+          if {{ .Values.robot }}; then
             wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
             chmod a+x /usr/local/bin/yq
             touch /etc/netplan/60-floating-ip.yaml && chmod 600 /etc/netplan/60-floating-ip.yaml

argocd-helm-charts/capi-cluster/charts/hetzner/values.yaml

@@ -1,6 +1,9 @@
 controlPlaneLoadBalancer:
   enabled: true
 
+controlPlaneEndpoint:
+  port: 6443
+
 robot:
   floating: false
 

argocd-helm-charts/ccm-hetzner/values.yaml

@@ -0,0 +1,2 @@
+secret:
+  name: cloud-credentials

argocd-helm-charts/hetzner-robot/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: hetzner-robot
+description: |
+  A Helm Chart to support automatic k8s floating IP failover, on hetzner physical servers.
+version: 0.1.0
+appVersion: "1.0.0"

argocd-helm-charts/hetzner-robot/templates/deployment.yaml

@@ -0,0 +1,70 @@
+---
+{{- if .Values.failoverIP | trim | eq "" }}
+{{- fail "failoverIP must be provided" }}
+{{- end }}
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-failover
+  labels:
+    app: {{ .Release.Name }}-failover
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-failover
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name }}-failover
+    spec:
+      containers:
+      - name: {{ .Release.Name }}-failover
+        image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+        env:
+        - name: FAILOVER_IP
+          value: {{ .Values.failoverIP }}
+        - name: NODE_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.hostIP
+        - name: INTERVAL
+          value: "{{ .Values.interval }}"
+        - name: API_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: {{ .cloudCredentialsSecretName }}
+              key: robot-user
+        - name: API_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ .cloudCredentialsSecretName }}
+              key: robot-password
+        - name: API_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: {{ .cloudCredentialsSecretName }}
+              key: hcloud
+        livenessProbe:
+          exec:
+            command:
+            - /bin/sh
+            - -c
+            - "pgrep hetzner-failover"
+          initialDelaySeconds: 30
+          periodSeconds: 10
+          timeoutSeconds: 5
+          failureThreshold: 3
+        readinessProbe:
+          exec:
+            command:
+            - /bin/sh
+            - -c
+            - "pgrep hetzner-failover"
+          initialDelaySeconds: 15
+          periodSeconds: 5
+          timeoutSeconds: 5
+          failureThreshold: 3
+      nodeSelector:
+        node-role.kubernetes.io/control-plane: ""

argocd-helm-charts/hetzner-robot/values.yaml

@@ -0,0 +1,12 @@
+---
+image:
+  repository: ghcr.io/obmondo/hetzner-robot
+  tag: v1.0.0
+
+# Failover IP that pod will manage
+failoverIP: ""
+
+# Interval to check the failover IP is running on the node, where pod is running
+interval: 60s
+
+cloudCredentialsSecretName: cloud-credentials