# DO NOT CALL BUTANE DIRECTLY AGAINST THIS FILE # IT IS MEANT TO BE CALLED BY lighter variant: fcos version: 1.5.0 storage: files: # Hostname gets replaced with lighter - path: /etc/hostname mode: 420 overwrite: true contents: inline: | {{HOSTNAME}} # CRI-O DNF module - path: /etc/dnf/modules.d/cri-o.module mode: 0644 overwrite: true contents: inline: | [cri-o] name=cri-o stream=1.29 profiles= state=enabled # YUM repository for kubeadm, kubelet and kubectl - path: /etc/yum.repos.d/kubernetes.repo mode: 0644 overwrite: true contents: inline: | [kubernetes] name=Kubernetes baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/ enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key # configuring automatic loading of br_netfilter on startup - path: /etc/modules-load.d/br_netfilter.conf mode: 0644 overwrite: true contents: inline: br_netfilter # setting kernel parameters required by kubelet - path: /etc/sysctl.d/kubernetes.conf mode: 0644 overwrite: true contents: inline: | net.bridge.bridge-nf-call-iptables=1 net.ipv4.ip_forward=1 # Runs on first boot, script to install kubelet dependencies - path: /usr/local/bin/first-boot.sh mode: 0744 overwrite: true contents: inline: | #!/bin/bash rpm-ostree install kubelet kubeadm kubectl cri-o vim etcd systemctl reboot - path: /home/steven/cluster-config.yaml mode: 0600 overwrite: true contents: inline: | apiVersion: kubeadm.k8s.io/v1beta3 kind: ClusterConfiguration controllerManager: extraArgs: flex-volume-plugin-dir: "/var/lib/kubelet/volumeplugins/nodeagent~uds" networking: podSubnet: "10.244.0.0/16" controlPlaneEndpoint: "10.69.69.50" --- apiVersion: kubeadm.k8s.io/v1beta3 kind: InitConfiguration nodeRegistration: kubeletExtraArgs: volume-plugin-dir: "/var/lib/kubelet/volumeplugins/nodeagent~uds" - path: /home/steven/join-config.yaml mode: 0600 overwrite: true contents: inline: | apiVersion: kubeadm.k8s.io/v1beta3 kind: JoinConfiguration nodeRegistration: kubeletExtraArgs: volume-plugin-dir: "/var/lib/kubelet/volumeplugins/nodeagent~uds" passwd: # setting login credentials users: - name: steven ssh_authorized_keys: - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFup2oRKxwGCalMZ2CyguodtmUDDCkLm/sYHhnaAtDn5 zelle@tater - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf2HvSx2ls2KhHn3tISbYbx9NpYSKw+ESmOdxscZJuCEMKDEOdBuOJ5E3CpA+A+QiLY+qlXGPOyNKwmjVPFr6TzNwBciehcs3bFKAvar2vrJsQkUXAJiBzJWiQceGwto3zq6nIAO/tx7s3P6KVPuxegGyXAMv/7Fc8cytOk8q05Xt+7hUyz0LbCZ6j66/Qa7c8eJz8Vho1Oe1BpIhhcZbSovZrKgBOhpyIdUtxh/W5KnFsbIq4MPPVCRHN7IVrXcvkPsTQ6OGeJAsqun+zF3KupQs0Xqt157EmOn5D41x5QY7kts11QZiKmeeSFYt2gRaY7VtAlEfar0fgXWOyQ/Uf steven-pixel6a groups: [ sudo, docker ] systemd: units: - name: first-boot.service enabled: true contents: | [Unit] Before=systemd-user-sessions.service Wants=network-online.target After=network-online.target ConditionPathExists=!/var/lib/first-boot [Service] Type=oneshot ExecStart=/usr/local/bin/first-boot.sh ExecStartPost=/usr/bin/touch /var/lib/first-boot RemainAfterExit=yes [Install] WantedBy=multi-user.target - name: second-boot.service enabled: true contents: | [Unit] Before=systemd-user-sessions.service Wants=network-online.target After=network-online.target ConditionPathExists=/var/lib/first-boot ConditionPathExists=!/var/lib/second-boot [Service] Type=oneshot ExecStart=/usr/bin/systemctl enable --now crio kubelet ExecStartPost=/usr/bin/touch /var/lib/second-boot RemainAfterExit=yes [Install] WantedBy=multi-user.target