From 5bec757a164a0ccc3fbfb2d29de1e7c1353738cb Mon Sep 17 00:00:00 2001
From: ITQ <itq.dev@ya.ru>
Date: Wed, 20 Aug 2025 13:53:21 +0300
Subject: [PATCH] chore: improvements in docs

---
 README.md                                     | 38 +++++++++++++------
 configs/hosts                                 |  5 +++
 kubespray/group_vars/k8s_cluster/network.yaml | 23 -----------
 scripts/test                                  |  0
 .../configs/cloud-init/control-plane.yaml.tpl |  5 +++
 terraform/configs/cloud-init/worker.yaml.tpl  |  5 +++
 terraform/configs/hosts                       |  7 ----
 terraform/configs/k8s/manifest.yaml           | 38 +++++++++++++++++++
 terraform/main.tf                             |  9 +++--
 9 files changed, 85 insertions(+), 45 deletions(-)
 delete mode 100644 scripts/test
 delete mode 100644 terraform/configs/hosts
 create mode 100644 terraform/configs/k8s/manifest.yaml

diff --git a/README.md b/README.md
index 022d860..675c096 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,13 @@ Ensure you have the following installed on your system:
 
 NOTE: You must have `libvirt` daemon running
 
+### Generate SSH keypair
+
+```bash
+mkdir .ssh
+ssh-keygen -f .ssh/id_rsa
+```
+
 ### Goto Terraform directory
 
 ```bash
@@ -24,17 +31,6 @@ cd terraform
 cp .env.template .env
 ```
 
-### Add following records to hypervisor `/etc/hosts`
-
-```bash
-# ...
-10.6.6.10 control-plane
-2001:db8:ca2:2::10 control-plane
-
-10.6.6.20 worker-1
-2001:db8:ca2:2::20 worker-1
-```
-
 ### Init Terraform
 
 ```bash
@@ -46,3 +42,23 @@ terraform init
 ```bash
 terraform apply
 ```
+
+## Provisioning Kubernetes
+
+### Run provision script
+
+```bash
+./scripts/provision
+```
+
+## Testing dualstack
+
+### Apply manifest.yaml (on node)
+
+```bash
+sudo kubectl apply -f manifest.yaml
+```
+
+### Check access via IPv{4,6}
+
+You should access service via `10.6.6.10` and `2001:db8:ca2:2::10` inside cluster and on hypervisor.
diff --git a/configs/hosts b/configs/hosts
index 083ade3..ae7c463 100644
--- a/configs/hosts
+++ b/configs/hosts
@@ -1,2 +1,7 @@
+10.6.6.1  _gateway
+
+10.6.6.10 control-plane
 2001:db8:ca2:2::10 control-plane
+
+10.6.6.20 worker-1
 2001:db8:ca2:2::20 worker-1
diff --git a/kubespray/group_vars/k8s_cluster/network.yaml b/kubespray/group_vars/k8s_cluster/network.yaml
index db4a48d..5c86b54 100644
--- a/kubespray/group_vars/k8s_cluster/network.yaml
+++ b/kubespray/group_vars/k8s_cluster/network.yaml
@@ -1,30 +1,7 @@
 ---
 
-# Old settings
-# ipv4_stack: false
-# ipv6_stack: true
-
-# kube_network_plugin: calico
-
-# kube_pods_subnet_ipv6: fd85:ee78:d8a6:8607::1:0000/112
-# kube_service_addresses_ipv6: fd85:ee78:d8a6:8607::1000/116
-# kube_network_node_prefix_ipv6: 119
-# calico_ipv6pool_cidr: "{{ kube_pods_subnet_ipv6 }}"
-# calico_pool_blocksize_ipv6: 116
-# nat_outgoing_ipv6: true
-
-
-# Settings for ipv6 only from Kubespray github tests
-
 ipv4_stack: true
 ipv6_stack: true
 kube_network_plugin: calico
 etcd_deployment_type: kubeadm
 kube_proxy_mode: iptables
-enable_nodelocaldns: false
-
-
-# Settings for dualstack from Kubespray github tests
-
-# ipv4_stack: true
-# ipv6_stack: true
diff --git a/scripts/test b/scripts/test
deleted file mode 100644
index e69de29..0000000
diff --git a/terraform/configs/cloud-init/control-plane.yaml.tpl b/terraform/configs/cloud-init/control-plane.yaml.tpl
index 18e1e67..4cf3399 100644
--- a/terraform/configs/cloud-init/control-plane.yaml.tpl
+++ b/terraform/configs/cloud-init/control-plane.yaml.tpl
@@ -30,3 +30,8 @@ write_files:
     append: true
     encoding: b64
     content: ${hosts_file}
+  - path: /home/ubuntu/manifest.yaml
+    owner: ubuntu:ubuntu
+    encoding: b64
+    defer: true
+    content: ${manifest_file}
diff --git a/terraform/configs/cloud-init/worker.yaml.tpl b/terraform/configs/cloud-init/worker.yaml.tpl
index 79869af..fc04c2c 100644
--- a/terraform/configs/cloud-init/worker.yaml.tpl
+++ b/terraform/configs/cloud-init/worker.yaml.tpl
@@ -30,3 +30,8 @@ write_files:
     append: true
     encoding: b64
     content: ${hosts_file}
+  - path: /home/ubuntu/manifest.yaml
+    owner: ubuntu:ubuntu
+    encoding: b64
+    defer: true
+    content: ${manifest_file}
diff --git a/terraform/configs/hosts b/terraform/configs/hosts
deleted file mode 100644
index ae7c463..0000000
--- a/terraform/configs/hosts
+++ /dev/null
@@ -1,7 +0,0 @@
-10.6.6.1  _gateway
-
-10.6.6.10 control-plane
-2001:db8:ca2:2::10 control-plane
-
-10.6.6.20 worker-1
-2001:db8:ca2:2::20 worker-1
diff --git a/terraform/configs/k8s/manifest.yaml b/terraform/configs/k8s/manifest.yaml
new file mode 100644
index 0000000..b3fd357
--- /dev/null
+++ b/terraform/configs/k8s/manifest.yaml
@@ -0,0 +1,38 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-dualstack
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx-dualstack
+  template:
+    metadata:
+      labels:
+        app: nginx-dualstack
+    spec:
+      containers:
+        - name: nginx
+          image: nginx:alpine
+          ports:
+            - containerPort: 80
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-dualstack-svc
+spec:
+  type: LoadBalancer
+  externalIPs:
+    - 10.6.6.10
+    - 2001:db8:ca2:2::10
+  selector:
+    app: nginx-dualstack
+  ports:
+    - port: 80
+      targetPort: 80
+  ipFamilyPolicy: PreferDualStack
+  ipFamilies:
+    - IPv4
+    - IPv6
diff --git a/terraform/main.tf b/terraform/main.tf
index c4ec426..36cb349 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -35,17 +35,18 @@ resource "libvirt_volume" "worker_images" {
 data "template_file" "user_data" {
   for_each = local.user_templates
 
-  template = file("${path.module}/configs/cloud-init/${each.value}")
+  template = file("${path.root}/configs/cloud-init/${each.value}")
   vars = {
-    hosts_file     = base64encode(file("${path.module}/configs/hosts"))
-    ssh_public_key = file("../.ssh/id_rsa.pub")
+    hosts_file     = base64encode(file("${path.root}/../configs/hosts"))
+    manifest_file  = base64encode(file("${path.root}/configs/k8s/manifest.yaml"))
+    ssh_public_key = file("${path.root}/../.ssh/id_rsa.pub")
   }
 }
 
 data "template_file" "network_config" {
   for_each = local.user_templates
 
-  template = file("${path.module}/configs/cloud-init/network.yaml.tpl")
+  template = file("${path.root}/configs/cloud-init/network.yaml.tpl")
   vars = {
     ipv4_address = local.node_addrs[each.key].ipv4
     ipv4_prefix  = local.ipv4_prefix