Hugo Renard · Hugo Renard · Hugo Renard · 7771dce0 · 7771dce0 · 7771dce0
--- a/pkg/adalovelace/adalovelace.go
+++ b/pkg/adalovelace/adalovelace.go
@@ -20,7 +20,6 @@ type Provisioner struct {
 	DryRun     bool
 }

-// content holds our static web server content.
 //go:embed templates/*/*
 var tplFS embed.FS

@@ -68,7 +67,7 @@ func (p Provisioner) CheckRequirements() error {
 			Command:    "k0sctl",
 			Args:       []string{"version"},
 			Regex:      `version: (.*)`,
-			Constraint: "0.10.2",
+			Constraint: "0.13.x",
 		},
 		{
 			Command:    "terraform",

--- a/pkg/adalovelace/templates/ansible/tasks/firewall-worker.yaml
+++ b/pkg/adalovelace/templates/ansible/tasks/firewall-worker.yaml
@@ -11,8 +11,8 @@
        name: "{{ cluster.name }}-{{ item.key }}"
      spec:
        node: "{{ cluster.name }}-{{ item.key }}"
-        interfaceName: "*"
-        expectedIPs: ["{{ item.value.publicIp }}","{{ item.value.privateIp }}"]
+        interfaceName: ""
+        expectedIPs: ["{{ item.value.publicIp }}", "{{ item.value.privateIp }}"]
  loop: "{{ cluster.nodes | dict2items }}"
  loop_control:
    label: "{{ item.key }}"
@@ -29,37 +29,38 @@
        name: default.host-firewall
      spec:
        egress:
-        - action: Allow
-          destination: {}
-          source: {}
+          - action: Allow
+            destination: {}
+            source: {}
        ingress:
-        - action: Allow
-          destination:
-            nets:
-            - 127.0.0.0/8
-          source: {}
-        - action: Allow
-          destination: {}
-          protocol: ICMP
-          source: {}
-        - action: Allow
-          destination:
-            ports:
-            - 22
-          protocol: TCP
-          source: {}
-        - action: Allow
-          destination:
-            ports:
-            - 10250
-          protocol: TCP
-          source:
-            nets:
-            - "{{ cluster.network.cidr }}"
-        - action: Log
-          destination: {}
-          source: {}
+          - action: Allow
+            destination:
+              nets:
+                - 127.0.0.0/8
+            source: {}
+          - action: Allow
+            destination: {}
+            protocol: ICMP
+            source: {}
+          - action: Allow
+            destination:
+              ports:
+                - 22
+            protocol: TCP
+            source: {}
+          - action: Allow
+            destination:
+              ports:
+                - 10250 # Kubelet
+                - 10249 # Kube proxy metrics
+            protocol: TCP
+            source:
+              nets:
+                - "{{ cluster.network.cidr }}"
+          - action: Log
+            destination: {}
+            source: {}
        selector: has(kubernetes.io/hostname)
        types:
-        - Ingress
-        - Egress
+          - Ingress
+          - Egress
--- a/pkg/adalovelace/templates/k0s/k0sctl.yaml
+++ b/pkg/adalovelace/templates/k0s/k0sctl.yaml
@@ -12,7 +12,7 @@ spec:
    privateAddress: {{ .PrivateIP }}
 {{ end }}
  k0s:
-    version: v1.23.9+k0s.0
+    version: 1.23.9+k0s.0
    config:
      apiVersion: k0s.k0sproject.io/v1beta1
      kind: Cluster