Create Rancher cluster template chart (#24)

* Initiate rancher-cluster-templates chart

* Copied files from official examples repo

* Chart improvement

Remove duplicate code

* Add all empty providers even if empty

* Start updating all configs

* Review all configs

* Fix lint issues

* Validation started on Azure

* Make azure cluster creation work

.gitignore

@@ -3,4 +3,6 @@
 
 # local temporary files
 temp*.yaml
+temp.sh
 /charts/temp/
+values_mine.yaml

README.md

@@ -49,6 +49,7 @@ Helm charts to ease the deployment of containers on Kubernetes clusters and get
   * [Traefik](charts/traefik/README.md) 🗸
 * Management
   * [Rancher](charts/rancher/README.md) 🗸
+  * [Rancher Cluster Templates](charts/rancher-cluster-templates/README.md) 🗸
 * Observability
   * [Elastic Stack](charts/elastic-stack/README.md)
   * [OpenTelemetry Collector](charts/opentelemetry-collector/README.md) 🗸

charts/rancher-cluster-templates/CONTRIBUTING.md

@@ -0,0 +1,37 @@
+# Contribution guide
+
+## How to check the manifest code quality
+
+```bash
+# checks code style
+helm lint
+
+# checks the Kubernetes objects generated from the chart on a specific case defined in values_mine.yaml
+helm template my-cluster . -f values.yaml -f values_mine.yaml --namespace fleet-default > temp.yaml
+```
+
+## How to deploy the chart from the sources
+
+💡 This commands must be run on the Kubernetes cluster hosting Rancher (called `local` by default).
+
+### Example with a cluster on Azure
+
+```bash
+# copies the example
+cp examples/values_azure.yaml values_mine.yaml
+resourcekey=$(openssl rand -hex 6)
+sed -i "s/CLUSTER_NAME/az-rke2-$resourcekey/g" values_mine.yaml
+sed -i "s/AZURE_PREFIX/$USER-$resourcekey/g" values_mine.yaml
+sed -i "s/CLOUD_CREDENTIAL_SECRET/<secret_name>/g" values_mine.yaml
+
+# runs the installation with Helm
+helm upgrade --install rke2-azure-cluster01 . -f values.yaml -f values_mine.yaml --namespace fleet-default
+
+# removes the installation
+helm uninstall rke2-azure-cluster01 -n fleet-default
+```
+
+## How to troubleshoot
+
+* Follow the steps from the start by looking at the machine-provision job (in fleet-default namespace)
+* In case of issue with remaining Kubernetes resources even after helm uninstall, force delete the machine

charts/rancher-cluster-templates/Chart.yaml

@@ -0,0 +1,13 @@
+apiVersion: v2
+name: rancher-cluster-templates
+description: Helm chart for managing Rancher cluster templates
+type: application
+version: "0.1.0"
+appVersion: "0.1.0"
+annotations:
+  catalog.cattle.io/type: cluster-template
+  catalog.cattle.io/namespace: fleet-default
+maintainers:
+  - name: devpro
+    email: bertrand@devpro.fr
+home: https://github.com/devpro/helm-charts/tree/main/charts/rancher-cluster-templates

charts/rancher-cluster-templates/README.md

@@ -0,0 +1,58 @@
+# Helm chart for Kratos
+
+This Helm chart will create a Kubernetes cluster from Rancher through [Cluster Templates](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/manage-clusters/manage-cluster-templates).
+
+## Usage
+
+### Quickstart
+
+```bash
+# makes sure adds devpro Helm repository has been added
+helm repo add devpro https://devpro.github.io/helm-charts
+helm repo update
+
+# double checks you are connected to the Kubernetes cluster hosting Rancher
+kubectl get nodes
+
+# installs the chart with default parameters
+helm upgrade --install my-cluster rancher-cluster-templates -f values.yaml --namespace fleet-default
+
+# removes the installation
+helm uninstall my-cluster -n fleet-default
+```
+
+## Configuration
+
+### Infrastructure providers
+
+Provider                              | Examples                                                 | Templates                                               | Node Driver
+--------------------------------------|----------------------------------------------------------|---------------------------------------------------------|----------------
+**Amazon Web Services (AWS)**         | [values_aws](examples/values_aws.yaml)                   | [amazonec2config](templates/amazonec2config.yaml)       | `Amazon EC2`
+**Azure**                             | [values_azure](examples/values_azure.yaml)               | [azureconfig](templates/azureconfig.yaml)               | `Azure`
+**CloudScale**                        | [values_cloudscale](examples/values_cloudscale.yaml)     | [cloudscaleconfig](templates/cloudscaleconfig.yaml)     | `Cloudscale`
+**Digitial Ocean**                    | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `DigitalOcean`
+**Exoscale**                          | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `Exoscale`
+**Equinix Metal (previously Packet)** | [values_equinix](examples/values_equinix.yaml)           | [packetconfig](templates/packetconfig.yaml)             | `Equinix Metal`
+**Harvester**                         | [values_harvester](examples/values_harvester.yaml)       | [harvesterconfig](templates/harvesterconfig.yaml)       | `Harvester`
+**Linode**                            | [values_linode](examples/values_linode.yaml)             | [linodeconfig](templates/linodeconfig.yaml)             | `Linode`
+**Nutanix**                           | [values_nutanix](examples/values_nutanix.yaml)           | [nutanixconfig](templates/nutanixconfig.yaml)           | `Nutanix`
+**OpenStack**                         | [values_openstack](examples/values_openstack.yaml)       | [openstackconfig](templates/openstackconfig.yaml)       | `OpenStack`
+**Outscale**                          | [values_aws](examples/values_outscale.yaml)              | [outscaleconfig](templates/outscaleconfig.yaml)         | `Outscale`
+**VMware vSphere**                    | [values_vsphere](examples/values_vsphere.yaml)           | [vsphereconfig](templates/vsphereconfig.yaml)           | `vSphere`
+
+## Contributing
+
+Follow the [guide](CONTRIBUTING.md).
+
+### Going further
+
+* [Azure](docs/azure.md)
+* GitOps approach
+  * [ArgoCD](https://github.com/devpro/helm-charts#from-argocd)
+  * [Fleet](https://github.com/devpro/helm-charts#from-fleet)
+* [Rancher Apps](https://github.com/devpro/helm-charts#from-rancher)
+
+## Inspirations
+
+* [bloriot/rancher-cluster-templates](https://github.com/bloriot/rancher-cluster-templates)
+* [rancher/cluster-template-examples](https://github.com/rancher/cluster-template-examples)

charts/rancher-cluster-templates/docs/azure.md

@@ -0,0 +1,22 @@
+# Azure Cloud
+
+## Design
+
+* [Availability sets overview](https://learn.microsoft.com/en-us/azure/virtual-machines/availability-set-overview)
+
+## Configuration
+
+* Find image reference (ref. [Find Azure Marketplace image information using the Azure CLI](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/cli-ps-findimage))
+
+```bash
+# displays popular images
+az vm image list --output table
+
+# lists Ubuntu 20.04 images
+az vm image list --all --publisher="Canonical" --sku="20_04-lts-gen2"
+```
+
+## Troubleshooting
+
+* Open Monitor in Azure Portal, and look in Activity log for operations in error
+  * Click on the operation to see the detail of the error

charts/rancher-cluster-templates/examples/values_aws.yaml

@@ -0,0 +1,37 @@
+cloudprovider: aws
+
+cloudCredentialSecretName: aws
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  paused: false
+  name: nodepool-1
+  deviceName: "/dev/sda1"
+  encryptEbsVolume: false
+  endpoint: ""
+  iamInstanceProfile: ""
+  insecureTransport: false
+  instanceType: t3a.medium
+  region: us-west-2
+  createSecurityGroup: true
+  keypairName: ""
+  securityGroupReadonly: false
+  sshKeyContents: ""
+  subnetId: ""
+  monitoring: false
+  privateAddressOnly: false
+  requestSpotInstance: false
+  retries: 5
+  rootSize: 16
+  spotPrice: 0.5
+  sshUser: ubuntu
+  volumeType: gp2
+  useEbsOptimizedInstance: false
+  usePrivateAddress: false
+  userdata: ""
+  zone: a

charts/rancher-cluster-templates/examples/values_azure.yaml

@@ -0,0 +1,44 @@
+cluster:
+  name: CLUSTER_NAME
+
+cloudprovider: azure
+cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET  # Cloud Credential for Azure (example: cattle-global-data:<secret-id>)
+# agentEnvs: []
+
+# clusterMembers:
+# - principalName: "local://u-z8zl5"
+#   roleTemplateName: "cluster-member"
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  annotations: {}
+  quantity: 1
+  paused: false
+  name: nodepool-1
+  # displayName: ""
+  # rollingUpdate:
+  #   maxUnavailable: "5"
+  #   maxSurge: "1"
+  # machineDeploymentLabels: {}
+  # machineDeploymentAnnotations: {}
+  availabilitySet: "avs-AZURE_PREFIX"
+  environment: AzurePublicCloud
+  image: "Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:20.04.202307240"
+  managedDisks: true
+  nsg: "nsg-AZURE_PREFIX"
+  region: westus
+  openPort:
+    - 6443/tcp    # Kubernetes API
+    - 2379/tcp    # etcd client port
+    - 2380/tcp    # etcd peer port
+    - 10250/tcp   # kubelet
+  resourceGroup: "rg-AZURE_PREFIX"
+  size: Standard_DS2_v2
+  sshUser: azureuser
+  storageType: Standard_LRS
+  subnet: rke2
+  subnetPrefix: "192.168.0.0/16"
+  vnet: "vnet-AZURE_PREFIX"

charts/rancher-cluster-templates/examples/values_cloudscale.yaml

@@ -0,0 +1,13 @@
+cloudprovider: cloudscale
+
+cloudCredentialSecretName: cloudscale
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  paused: false
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_digitalocean.yaml

@@ -0,0 +1,20 @@
+cloudprovider: digitalocean
+
+cloudCredentialSecretName: digitalocean
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1
+  image: ubuntu-20-04-x64
+  ipv6: false
+  monitoring: false
+  privateNetworking: false
+  region: sfo3
+  size: s-4vcpu-8gb
+  sshPort: 22
+  sshUser: root

charts/rancher-cluster-templates/examples/values_equinix.yaml

@@ -0,0 +1,12 @@
+cloudprovider: equinix
+
+cloudCredentialSecretName: equinix
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_exoscale.yaml

@@ -0,0 +1,12 @@
+cloudprovider: exoscale
+
+cloudCredentialSecretName: exoscale
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_harvester.yaml

@@ -0,0 +1,20 @@
+cloudprovider: harvester
+
+cloudCredentialSecretName: harvester
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: harvester-nodepool-1
+  diskSize: 40
+  diskBus: virtio
+  cpuCount: 4
+  memorySize: 8
+  networkName: default/network-name-1
+  imageName: default/image-rand
+  vmNamespace: default
+  sshUser: ubuntu

charts/rancher-cluster-templates/examples/values_linode.yaml

@@ -0,0 +1,12 @@
+cloudprovider: linode
+
+cloudCredentialSecretName: linode
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_nutanix.yaml

@@ -0,0 +1,12 @@
+cloudprovider: nutanix
+
+cloudCredentialSecretName: nutanix
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_openstack.yaml

@@ -0,0 +1,12 @@
+cloudprovider: openstack
+
+cloudCredentialSecretName: openstack
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_outscale.yaml

@@ -0,0 +1,12 @@
+cloudprovider: outscale
+
+cloudCredentialSecretName: outscale
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  name: nodepool-1

charts/rancher-cluster-templates/examples/values_vsphere.yaml

@@ -0,0 +1,19 @@
+cloudprovider: vsphere
+
+cloudCredentialSecretName: vsphere
+
+nodepools:
+- etcd: true
+  controlplane: true
+  worker: true
+  labels: {}
+  taints: {}
+  quantity: 1
+  paused: false
+  name: nodepool-1
+  cpuCount: "2"
+  creationType: "vm"
+  diskSize: "20480"
+  sshPort: "22"
+  sshUserGroup: staff
+  vcenterPort: 443