feat(host/k8s,lib): nodeLabels & nodeTaints for k8s

2026-01-11 20:40:24 +01:00 · 2024-03-30 22:42:21 +08:00
parent e85712ca53
commit d9c804acca
5 changed files with 19 additions and 7 deletions
--- a/hosts/k8s/kubevirt-shoryu/default.nix
+++ b/hosts/k8s/kubevirt-shoryu/default.nix
@@ -22,6 +22,9 @@
    # use my own domain & kube-vip's virtual IP for the API server
    # so that the API server can always be accessed even if some nodes are down
    masterHost = "kubevirt-cluster-1.writefor.fun";
+    nodeLabels = [
+      "node-purpose=kubevirt"
+    ];
  };
 in {
  imports =
--- a/hosts/k8s/kubevirt-shushou/default.nix
+++ b/hosts/k8s/kubevirt-shushou/default.nix
@@ -20,6 +20,9 @@
    # use my own domain & kube-vip's virtual IP for the API server
    # so that the API server can always be accessed even if some nodes are down
    masterHost = "kubevirt-cluster-1.writefor.fun";
+    nodeLabels = [
+      "node-purpose=kubevirt"
+    ];
  };
 in {
  imports =
--- a/hosts/k8s/kubevirt-youko/default.nix
+++ b/hosts/k8s/kubevirt-youko/default.nix
@@ -20,6 +20,9 @@
    # use my own domain & kube-vip's virtual IP for the API server
    # so that the API server can always be accessed even if some nodes are down
    masterHost = "kubevirt-cluster-1.writefor.fun";
+    nodeLabels = [
+      "node-purpose=kubevirt"
+    ];
  };
 in {
  imports =
--- a/lib/genK3sAgentModule.nix
+++ b/lib/genK3sAgentModule.nix
@@ -2,6 +2,7 @@
  pkgs,
  masterHost,
  tokenFile,
+  nodeLabels ? [],
  ...
 }: let
  package = pkgs.k3s_1_29;
@@ -15,10 +16,11 @@ in {
    serverAddr = "https://${masterHost}:6443";
    # https://docs.k3s.io/cli/agent
    extraFlags = let
-      flagList = [
-        "--node-label=node-type=worker"
-        "--data-dir /var/lib/rancher/k3s"
-      ];
+      flagList =
+        [
+          "--data-dir /var/lib/rancher/k3s"
+        ]
+        ++ (map (label: "--node-label=${label}") nodeLabels);
    in
      pkgs.lib.concatStringsSep " " flagList;
  };
--- a/lib/genK3sServerModule.nix
+++ b/lib/genK3sServerModule.nix
@@ -10,7 +10,8 @@
  # this can be a domain name or an IP address(such as kube-vip's virtual IP)
  masterHost,
  clusterInit ? false,
-  addTaints ? false,
+  nodeLabels ? [],
+  nodeTaints ? [],
  ...
 }: let
  package = pkgs.k3s_1_29;
@@ -56,8 +57,8 @@ in {
          "--disable-network-policy"
          "--tls-san=${masterHost}"
        ]
-        # prevent workloads from running on the master
-        ++ (pkgs.lib.optionals addTaints ["--node-taint=CriticalAddonsOnly=true:NoExecute"]);
+        ++ (map (label: "--node-label=${label}") nodeLabels)
+        ++ (map (taint: "--node-taint=${taint}") nodeTaints);
    in
      pkgs.lib.concatStringsSep " " flagList;
  };