135 lines
4.3 KiB
YAML
135 lines
4.3 KiB
YAML
# DO NOT CALL BUTANE DIRECTLY AGAINST THIS FILE
|
|
# IT IS MEANT TO BE CALLED BY lighter
|
|
variant: fcos
|
|
version: 1.5.0
|
|
storage:
|
|
files:
|
|
# Hostname gets replaced with lighter
|
|
- path: /etc/hostname
|
|
mode: 420
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
{{HOSTNAME}}
|
|
# CRI-O DNF module
|
|
- path: /etc/dnf/modules.d/cri-o.module
|
|
mode: 0644
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
[cri-o]
|
|
name=cri-o
|
|
stream=1.29
|
|
profiles=
|
|
state=enabled
|
|
# YUM repository for kubeadm, kubelet and kubectl
|
|
- path: /etc/yum.repos.d/kubernetes.repo
|
|
mode: 0644
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
[kubernetes]
|
|
name=Kubernetes
|
|
baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
|
|
enabled=1
|
|
gpgcheck=1
|
|
repo_gpgcheck=1
|
|
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
|
|
# configuring automatic loading of br_netfilter on startup
|
|
- path: /etc/modules-load.d/br_netfilter.conf
|
|
mode: 0644
|
|
overwrite: true
|
|
contents:
|
|
inline: br_netfilter
|
|
# setting kernel parameters required by kubelet
|
|
- path: /etc/sysctl.d/kubernetes.conf
|
|
mode: 0644
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
net.bridge.bridge-nf-call-iptables=1
|
|
net.ipv4.ip_forward=1
|
|
# Runs on first boot, script to install kubelet dependencies
|
|
- path: /usr/local/bin/first-boot.sh
|
|
mode: 0744
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
#!/bin/bash
|
|
rpm-ostree install kubelet kubeadm kubectl cri-o vim etcd
|
|
|
|
systemctl reboot
|
|
- path: /home/steven/cluster-config.yaml
|
|
mode: 0600
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
apiVersion: kubeadm.k8s.io/v1beta3
|
|
kind: ClusterConfiguration
|
|
controllerManager:
|
|
extraArgs:
|
|
flex-volume-plugin-dir: "/var/lib/kubelet/volumeplugins/nodeagent~uds"
|
|
networking:
|
|
podSubnet: "10.244.0.0/16"
|
|
controlPlaneEndpoint: "10.69.69.50"
|
|
---
|
|
apiVersion: kubeadm.k8s.io/v1beta3
|
|
kind: InitConfiguration
|
|
nodeRegistration:
|
|
kubeletExtraArgs:
|
|
volume-plugin-dir: "/var/lib/kubelet/volumeplugins/nodeagent~uds"
|
|
- path: /home/steven/join-config.yaml
|
|
mode: 0600
|
|
overwrite: true
|
|
contents:
|
|
inline: |
|
|
apiVersion: kubeadm.k8s.io/v1beta3
|
|
kind: JoinConfiguration
|
|
nodeRegistration:
|
|
kubeletExtraArgs:
|
|
volume-plugin-dir: "/var/lib/kubelet/volumeplugins/nodeagent~uds"
|
|
passwd: # setting login credentials
|
|
users:
|
|
- name: steven
|
|
ssh_authorized_keys:
|
|
- ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFup2oRKxwGCalMZ2CyguodtmUDDCkLm/sYHhnaAtDn5 zelle@tater
|
|
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCf2HvSx2ls2KhHn3tISbYbx9NpYSKw+ESmOdxscZJuCEMKDEOdBuOJ5E3CpA+A+QiLY+qlXGPOyNKwmjVPFr6TzNwBciehcs3bFKAvar2vrJsQkUXAJiBzJWiQceGwto3zq6nIAO/tx7s3P6KVPuxegGyXAMv/7Fc8cytOk8q05Xt+7hUyz0LbCZ6j66/Qa7c8eJz8Vho1Oe1BpIhhcZbSovZrKgBOhpyIdUtxh/W5KnFsbIq4MPPVCRHN7IVrXcvkPsTQ6OGeJAsqun+zF3KupQs0Xqt157EmOn5D41x5QY7kts11QZiKmeeSFYt2gRaY7VtAlEfar0fgXWOyQ/Uf steven-pixel6a
|
|
groups: [ sudo, docker ]
|
|
systemd:
|
|
units:
|
|
- name: first-boot.service
|
|
enabled: true
|
|
contents: |
|
|
[Unit]
|
|
Before=systemd-user-sessions.service
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
ConditionPathExists=!/var/lib/first-boot
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/usr/local/bin/first-boot.sh
|
|
ExecStartPost=/usr/bin/touch /var/lib/first-boot
|
|
RemainAfterExit=yes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
- name: second-boot.service
|
|
enabled: true
|
|
contents: |
|
|
[Unit]
|
|
Before=systemd-user-sessions.service
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
ConditionPathExists=/var/lib/first-boot
|
|
ConditionPathExists=!/var/lib/second-boot
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=/usr/bin/systemctl enable --now crio kubelet
|
|
ExecStartPost=/usr/bin/touch /var/lib/second-boot
|
|
RemainAfterExit=yes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|