From f30a49fba5e519062842aba220ddd9acdba35e06 Mon Sep 17 00:00:00 2001 From: e3mrah <81884938+emrahbaysal@users.noreply.github.com> Date: Sat, 16 May 2026 12:12:38 +0400 Subject: [PATCH] Revert "fix(k3s): set cloud-provider=external + disable embedded CCM for hcloud-ccm (#1513)" (#1514) This reverts commit 7f0de7fa8267a2029f50097ba0002da11abc0850. Co-authored-by: hatiyildiz --- infra/hetzner/cloudinit-control-plane.tftpl | 2 +- infra/hetzner/cloudinit-worker.tftpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/hetzner/cloudinit-control-plane.tftpl b/infra/hetzner/cloudinit-control-plane.tftpl index 532e31f1..e44425bb 100644 --- a/infra/hetzner/cloudinit-control-plane.tftpl +++ b/infra/hetzner/cloudinit-control-plane.tftpl @@ -1398,7 +1398,7 @@ runcmd: # packet flow over Cilium WireGuard which requires non-overlapping # CIDRs end-to-end. Values are interpolated by OpenTofu from # local.region_cluster_cidr / local.region_service_cidr in main.tf. - - 'CP_PUBLIC_IPV4=$(curl -fsSL --retry 30 --retry-delay 2 http://169.254.169.254/hetzner/v1/metadata/public-ipv4) && curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=${k3s_version} K3S_TOKEN=${k3s_token} INSTALL_K3S_EXEC="server --cluster-init --flannel-backend=none --disable-network-policy --disable=traefik --disable=servicelb --cluster-cidr=${cluster_cidr} --service-cidr=${service_cidr} --node-ip=${cp_private_ip} --advertise-address=${cp_private_ip} --kubelet-arg=max-pods=220 --tls-san=${sovereign_fqdn} --tls-san=${cp_private_ip} --tls-san=$${CP_PUBLIC_IPV4} --kube-apiserver-arg=oidc-issuer-url=https://auth.${sovereign_fqdn}/realms/sovereign --kube-apiserver-arg=oidc-client-id=kubectl --kube-apiserver-arg=oidc-username-claim=preferred_username --kube-apiserver-arg=oidc-username-prefix=oidc: --kube-apiserver-arg=oidc-groups-claim=groups --kube-apiserver-arg=oidc-groups-prefix=oidc: --node-label catalyst.openova.io/role=control-plane --node-label openova.io/region=${region_canonical_label} --disable-cloud-controller --kubelet-arg=cloud-provider=external ${worker_count > 0 ? "--node-taint node-role.kubernetes.io/control-plane=true:NoSchedule " : ""}--write-kubeconfig-mode=0644" sh -' + - 'CP_PUBLIC_IPV4=$(curl -fsSL --retry 30 --retry-delay 2 http://169.254.169.254/hetzner/v1/metadata/public-ipv4) && curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=${k3s_version} K3S_TOKEN=${k3s_token} INSTALL_K3S_EXEC="server --cluster-init --flannel-backend=none --disable-network-policy --disable=traefik --disable=servicelb --cluster-cidr=${cluster_cidr} --service-cidr=${service_cidr} --node-ip=${cp_private_ip} --advertise-address=${cp_private_ip} --kubelet-arg=max-pods=220 --tls-san=${sovereign_fqdn} --tls-san=${cp_private_ip} --tls-san=$${CP_PUBLIC_IPV4} --kube-apiserver-arg=oidc-issuer-url=https://auth.${sovereign_fqdn}/realms/sovereign --kube-apiserver-arg=oidc-client-id=kubectl --kube-apiserver-arg=oidc-username-claim=preferred_username --kube-apiserver-arg=oidc-username-prefix=oidc: --kube-apiserver-arg=oidc-groups-claim=groups --kube-apiserver-arg=oidc-groups-prefix=oidc: --node-label catalyst.openova.io/role=control-plane --node-label openova.io/region=${region_canonical_label} ${worker_count > 0 ? "--node-taint node-role.kubernetes.io/control-plane=true:NoSchedule " : ""}--write-kubeconfig-mode=0644" sh -' # Wait for the API server to be reachable. Cilium needs to come up before # nodes Ready, so we wait specifically for the API endpoint. diff --git a/infra/hetzner/cloudinit-worker.tftpl b/infra/hetzner/cloudinit-worker.tftpl index fc10ee8f..fe79d79e 100644 --- a/infra/hetzner/cloudinit-worker.tftpl +++ b/infra/hetzner/cloudinit-worker.tftpl @@ -139,7 +139,7 @@ runcmd: # 45-HR install chain → Helm hooks → bp-* runtime pods). Caught on # prov #63 (cpx52 × 3): CP at 110/110 pods, bp-catalyst-platform's # catalyst-api pod stuck "Too many pods" → install hook timed out. - - 'curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=${k3s_version} K3S_URL=https://${cp_private_ip}:6443 K3S_TOKEN=${k3s_token} INSTALL_K3S_EXEC="agent --kubelet-arg=max-pods=220 --kubelet-arg=cloud-provider=external --node-label catalyst.openova.io/role=worker" sh -' + - 'curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=${k3s_version} K3S_URL=https://${cp_private_ip}:6443 K3S_TOKEN=${k3s_token} INSTALL_K3S_EXEC="agent --kubelet-arg=max-pods=220 --node-label catalyst.openova.io/role=worker" sh -' - mkdir -p /var/lib/catalyst - touch /var/lib/catalyst/cloud-init-complete final_message: "Catalyst worker bootstrap complete after $UPTIME seconds"