ab/homelab
1
1
Fork 1
Code Issues Pull Requests 91 Actions Packages Wiki Activity
Files
0707becf61a1f3ec86996b434a216a0957a2fb79
homelab/k8s/core/kube-system-custom/node-external-ip-labeler.yaml
T
Ultradesu c850ad291a
Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 7s
Details
Check with kubeconform / lint (push) Successful in 7s
Details
Auto-update README / Generate README and Create MR (push) Successful in 5s
Details
Added node-external-ip-labeler.yaml
2026-06-16 02:24:22 +01:00

174 lines
5.8 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: node-external-ip-labeler
namespace: kube-system
labels:
app: node-external-ip-labeler
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: node-external-ip-labeler
labels:
app: node-external-ip-labeler
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "patch", "update"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: node-external-ip-labeler
labels:
app: node-external-ip-labeler
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: node-external-ip-labeler
subjects:
- kind: ServiceAccount
name: node-external-ip-labeler
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: node-external-ip-labeler
namespace: kube-system
labels:
app: node-external-ip-labeler
rules:
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: node-external-ip-labeler
namespace: kube-system
labels:
app: node-external-ip-labeler
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: node-external-ip-labeler
subjects:
- kind: ServiceAccount
name: node-external-ip-labeler
namespace: kube-system
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: node-external-ip-labeler
namespace: kube-system
labels:
app: node-external-ip-labeler
spec:
schedule: "17 3 * * *"
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 3
failedJobsHistoryLimit: 3
jobTemplate:
spec:
backoffLimit: 1
template:
metadata:
labels:
app: node-external-ip-labeler
spec:
serviceAccountName: node-external-ip-labeler
restartPolicy: Never
tolerations:
- operator: Exists
containers:
- name: fanout
image: bitnami/kubectl:latest
imagePullPolicy: IfNotPresent
command:
- /bin/bash
- -lc
args:
- |
set -euo pipefail
clean_name() {
echo "$1" \
| tr '[:upper:]' '[:lower:]' \
| tr -c 'a-z0-9-' '-' \
| sed 's/^-*//;s/-*$//' \
| cut -c1-45
}
for NODE_NAME in $(kubectl get nodes -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}'); do
NODE_CLEAN="$(clean_name "${NODE_NAME}")"
JOB_NAME="node-external-ip-${NODE_CLEAN}"
kubectl delete job "${JOB_NAME}" -n kube-system --ignore-not-found=true --wait=true --timeout=60s
cat <<EOF | kubectl apply -f -
apiVersion: batch/v1
kind: Job
metadata:
name: ${JOB_NAME}
namespace: kube-system
labels:
app: node-external-ip-labeler
target-node: "${NODE_CLEAN}"
spec:
ttlSecondsAfterFinished: 86400
backoffLimit: 2
template:
metadata:
labels:
app: node-external-ip-labeler
target-node: "${NODE_CLEAN}"
spec:
serviceAccountName: node-external-ip-labeler
nodeName: "${NODE_NAME}"
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
restartPolicy: Never
tolerations:
- operator: Exists
containers:
- name: label-node
image: bitnami/kubectl:latest
imagePullPolicy: IfNotPresent
env:
- name: NODE_NAME
value: "${NODE_NAME}"
command:
- /bin/bash
- -lc
args:
- |
set -euo pipefail
json_ip() {
sed -n 's/.*"ip"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p'
}
IPV4="\$(curl -fsS --connect-timeout 10 --max-time 30 'https://api.ipify.org?format=json' | json_ip)"
IP64="\$(curl -fsS --connect-timeout 10 --max-time 30 'https://api64.ipify.org?format=json' | json_ip || true)"
if [ -z "\${IPV4}" ]; then
echo "Unable to detect external IPv4 for node ${NODE_NAME}"
exit 1
fi
kubectl label node "${NODE_NAME}" external-ipv4="\${IPV4}" --overwrite
kubectl annotate node "${NODE_NAME}" homelab.hexor.cy/external-ipv4="\${IPV4}" --overwrite
if echo "\${IP64}" | grep -q ':'; then
kubectl annotate node "${NODE_NAME}" homelab.hexor.cy/external-ipv6="\${IP64}" --overwrite
elif [ -n "\${IP64}" ]; then
kubectl annotate node "${NODE_NAME}" homelab.hexor.cy/external-ipv4-api64="\${IP64}" --overwrite
fi
EOF
done
Reference in New Issue View Git Blame Copy Permalink