scottyob · September 11, 2025 02:35
diff --git a/custom-resources.yaml b/custom-resources.yaml
 # This section includes base Calico installation configuration.
 # For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.Installation
 apiVersion: operator.tigera.io/v1
 kind: Installation
 metadata:
  name: default
 spec:
  # Configures Calico networking.
  calicoNetwork:
    ipPools:
    - name: default-ipv4-ippool
      blockSize: 26
      cidr: 10.244.0.0/16
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()
    - name: default-ipv6-ippool
      blockSize: 122
      cidr: fd00:10:244::/64
      encapsulation: VXLANCrossSubnet
      natOutgoing: Enabled
      nodeSelector: all()

 ---

 # This section configures the Calico API server.
 # For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.APIServer
 apiVersion: operator.tigera.io/v1
 kind: APIServer
 metadata:
  name: default
 spec: {}

 ---

 # Configures the Calico Goldmane flow aggregator.
 apiVersion: operator.tigera.io/v1
 kind: Goldmane
 metadata:
  name: default

 ---

 # Configures the Calico Whisker observability UI.
 apiVersion: operator.tigera.io/v1
 kind: Whisker
 metadata:
  name: default
diff --git a/kubeadm.conf b/kubeadm.conf
 apiVersion: kubeadm.k8s.io/v1beta4
 kind: InitConfiguration
 localAPIEndpoint:
  advertiseAddress: "10.11.1.205"
  bindPort: 6443

 ---
 apiVersion: kubeadm.k8s.io/v1beta4
 kind: ClusterConfiguration
 kubernetesVersion: "v1.34.0"
 controlPlaneEndpoint: "10.11.1.200:6443"
 apiServer:
  extraArgs:
    - name: "enable-admission-plugins"
      value: "NodeRestriction"
    - name: "audit-log-path"
      value: "/var/log/kubernetes/audit.log"
 scheduler:
  extraArgs:
    - name: "leader-elect"
      value: "true"
 networking:
  podSubnet: "10.244.0.0/16,fd00:10:244::/64"
  serviceSubnet: "10.96.0.0/12,fd00:10:96::/112"
  dnsDomain: "cluster.local"

 ---
 apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration
 cgroupDriver: "systemd"

 ---
 apiVersion: kubeproxy.config.k8s.io/v1alpha1
 kind: KubeProxyConfiguration
 mode: "iptables"
	# This section includes base Calico installation configuration.
	# For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.Installation
	apiVersion: operator.tigera.io/v1
	kind: Installation
	metadata:
	name: default
	spec:
	# Configures Calico networking.
	calicoNetwork:
	ipPools:
	- name: default-ipv4-ippool
	blockSize: 26
	cidr: 10.244.0.0/16
	encapsulation: VXLANCrossSubnet
	natOutgoing: Enabled
	nodeSelector: all()
	- name: default-ipv6-ippool
	blockSize: 122
	cidr: fd00:10:244::/64
	encapsulation: VXLANCrossSubnet
	natOutgoing: Enabled
	nodeSelector: all()

	---

	# This section configures the Calico API server.
	# For more information, see: https://docs.tigera.io/calico/latest/reference/installation/api#operator.tigera.io/v1.APIServer
	apiVersion: operator.tigera.io/v1
	kind: APIServer
	metadata:
	name: default
	spec: {}

	---

	# Configures the Calico Goldmane flow aggregator.
	apiVersion: operator.tigera.io/v1
	kind: Goldmane
	metadata:
	name: default

	---

	# Configures the Calico Whisker observability UI.
	apiVersion: operator.tigera.io/v1
	kind: Whisker
	metadata:
	name: default
	apiVersion: kubeadm.k8s.io/v1beta4
	kind: InitConfiguration
	localAPIEndpoint:
	advertiseAddress: "10.11.1.205"
	bindPort: 6443

	---
	apiVersion: kubeadm.k8s.io/v1beta4
	kind: ClusterConfiguration
	kubernetesVersion: "v1.34.0"
	controlPlaneEndpoint: "10.11.1.200:6443"
	apiServer:
	extraArgs:
	- name: "enable-admission-plugins"
	value: "NodeRestriction"
	- name: "audit-log-path"
	value: "/var/log/kubernetes/audit.log"
	scheduler:
	extraArgs:
	- name: "leader-elect"
	value: "true"
	networking:
	podSubnet: "10.244.0.0/16,fd00:10:244::/64"
	serviceSubnet: "10.96.0.0/12,fd00:10:96::/112"
	dnsDomain: "cluster.local"

	---
	apiVersion: kubelet.config.k8s.io/v1beta1
	kind: KubeletConfiguration
	cgroupDriver: "systemd"

	---
	apiVersion: kubeproxy.config.k8s.io/v1alpha1
	kind: KubeProxyConfiguration
	mode: "iptables"