diff --git a/butane/k8s-leader-install.yaml b/butane/k8s-leader-install.yaml index d70f56c..e936385 100644 --- a/butane/k8s-leader-install.yaml +++ b/butane/k8s-leader-install.yaml @@ -11,165 +11,19 @@ passwd: - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDDph3zh6ojSvH44k13z9B6xj+Hargo3uzkxnYv5s5NI4yagNuBXEc3aS++KdocND+FtVfLK+iVE8qHo2bvmpMmVkqU6WU2apN7DfIP0QGLlSGeo+UOZ9hGeEDlgVO4AOnZKZ5kPGBEPZ84JXuE9CmhKfwEVCK8w3B8XQttA8alFl4A4/4F14x2w4njsSLY1H3b0qah7hgYKU5zHIGLg8Lxx+1BxGIF0l5n5m5rqAskRNaF+aYbs0CcWHv49bPK0sJJ0qPV2r2sq8BlzuZFHExnZRIxpsIXdce4Bm4rdlGi7tBmmurLk4OOtDkwvhD0LMaNJf10k6QLSmRUTVzgsYz/dmGxopbMtwwIXkwi014uSZgi8wAuznXx5I4j2TUGPZHOVf+1iw/yaxWlgTVOSoX7ZxyhDgW5cCgZZGNzU5UWe0vUuVTB+hfSMj50/Q6+Vi92/mDMbPhm4nBoVzD5DT15mB+yGyN45Ej61m0JzVUyZexfvVaffEug1/u5dnwilP0WGKr4i2OXxOXtvSdAs5rlZjvppZk6IxRCwXIcPwEFL97ZrQZAxlVS5Nh+ZnlSwTe3zfQhzHj1ao0AdCAHFPUEdoUPJhSb0OjyCvZ9XZ1KCkXhuhuN/3IUhuoWl4soNCeC3KmU/USx1wda438Exj0hM1mTyBZScDPGyD9nw78DGw== Philippe Caseiro" systemd: units: - - name: install-cni.service + - name: installer.service enabled: true contents: | [Unit] - Description=Install CNI plugins K8S - Wants = network-online.target - After = network.target network-online.target - ConditionPathExists=!/opt/cni/bin/firewall - [Service] - Type=forking - TimeoutStartSec=180 - RemainAfterExit=yes - KillMode=process - Environment="CNI_VERSION=v0.8.2" - Environment="ARCH=amd64" - Environment="URL=https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux-${ARCH}-${CNI_VERSION}.tgz" - ExecStartPre=/bin/mkdir -p /opt/cni/bin - ExecStart=/bin/sh -c "/usr/bin/curl -L ${URL} | /usr/bin/tar -C /opt/cni/bin -xz" - [Install] - WantedBy=multi-user.target - - name: install-crictl.service - enabled: true - contents: | - [Unit] - Description=Install crictl - Wants = network-online.target - After = network.target network-online.target - ConditionPathExists=!/opt/bin/crictl - [Service] - Type=forking - TimeoutStartSec=180 - RemainAfterExit=yes - KillMode=process - Environment="DOWNLOAD_DIR=/opt/bin" - Environment="CRICTL_VERSION=v1.22.0" - Environment="ARCH=amd64" - Environment="URL=https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-linux-${ARCH}.tar.gz" - ExecStartPre=/bin/mkdir -p ${DOWNLOAD_DIR} - ExecStart=/bin/sh -c "/usr/bin/curl -L ${URL} | /usr/bin/tar -C $DOWNLOAD_DIR -xz" - [Install] - WantedBy=multi-user.target - - name: install-kubernetes.service - enabled: true - contents: | - [Unit] - Description=Install K8S - Wants = network-online.target - After = network.target network-online.target - ConditionPathExists=!/opt/bin/kubelet - [Service] - WorkingDirectory=/opt/bin - Type=forking - TimeoutStartSec=180 - RemainAfterExit=yes - KillMode=process - Environment="KUBE_RELEASE=v1.25.4" - Environment="ARCH=amd64" - Environment="DOWNLOAD_DIR=/opt/bin" - Environment="URL=https://storage.googleapis.com/kubernetes-release/release/${KUBE_RELEASE}/bin/linux/${ARCH}" - ExecStartPre=/bin/mkdir -p ${DOWNLOAD_DIR} - ExecStart=/bin/sh -c "/usr/bin/curl -L --remote-name-all ${URL}/{kubeadm,kubelet,kubectl}" - ExecStartPost=/bin/sh -c "/bin/chmod +x ${DOWNLOAD_DIR}/{kubeadm,kubelet,kubectl}" - [Install] - WantedBy=multi-user.target - - name: install-cilium.service - enabled: false - contents: | - [Unit] - Description=Install Cilium client - Wants = network-online.target - After = network.target network-online.target - ConditionPathExists=!/opt/bin/cilium - [Service] - WorkingDirectory=/opt/bin - Type=forking - TimeoutStartSec=180 - RemainAfterExit=yes - KillMode=process - Environment="CILIUM_RELEASE=v0.12.8" - Environment="ARCH=amd64" - Environment="DOWNLOAD_DIR=/opt/bin" - Environment="URL=https://github.com/cilium/cilium-cli/releases/download/${CILIUM_RELEASE}/cilium-linux-${ARCH}.tar.gz - ExecStartPre=/bin/mkdir -p ${DOWNLOAD_DIR} - ExecStart=/bin/sh -c "/usr/bin/curl -L ${URL} | /usr/bin/tar -C ${DOWNLOAD_DIR} -xz" - [Install] - WantedBy=multi-user.target - - name: kubelet.service - enabled: true - contents: | - [Unit] - Description=The Kubernetes Node Agent - Documentation=https://kubernetes.io/docs/home/ - Wants=network-online.target + Requires=network-online.target After=network-online.target [Service] - ExecStart=/opt/bin/kubelet - Restart=always - StartLimitInterval=0 - RestartSec=10 - [Install] - WantedBy=multi-user.target - dropins: - - name: 10-kubeadm.conf - contents: | - [Service] - Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" - Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml" - EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env - EnvironmentFile=-/etc/default/kubelet - ExecStart= - ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS - - name: init-cluster.service - enabled: true - contents: | - [Unit] - Description=Kubernetes cluster init - Documentation=https://kubernetes.io/docs/home/ - Wants=network-online.target - After=network-online.target install-kubernetes.service - ConditionPathExists=!/opt/libexec/kubernetes/kubelet-plugins/volume/exec/ - [Service] - WorkingDirectory=/opt/bin Type=forking - TimeoutStartSec=360 + TimeoutStartSec=600 RemainAfterExit=yes - KillMode=process - Environment="caSecretKey=$(date | sha256sum | awk \'{print $1}`')" - Environment="SET_HOSTNAME=leader.ks.cadoles.com" - Environment="PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/opt/bin" - Environment="KUBECONFIG=/etc/kubernetes/admin.conf" - ExecStartPre=/bin/sh -c "/usr/bin/hostnamectl hostname ${SET_HOSTNAME}" - ExecStart=/opt/bin/kubeadm init --config /root/kubeadm-config.yaml --upload-certs - ExecStartPost=/bin/sh -c "/bin/mkdir -p /home/cadoles/.kube" - ExecStartPost=/bin/sh -c "/bin/cp -i /etc/kubernetes/admin.conf /home/cadoles/.kube/config" - ExecStartPost=/bin/sh -c "/bin/chown cadoles:cadoles /home/cadoles/.kube/config" + ExecStart=/usr/bin/sh -c "flatcar-install -d /dev/vda -i /opt/ignition.json && udevadm settle && systemctl reboot" [Install] WantedBy=multi-user.target - - name: install-network-cni.service - enabled: true - contents: | - [Unit] - Description=Install network CNI (calico) - Documentation=https://kubernetes.io/docs/home/ - Wants=network-online.target - After=network-online.target init-cluster.service - ConditionPathExists=!/opt/cni/bin/calico - [Service] - WorkingDirectory=/opt/bin - Type=forking - TimeoutStartSec=360 - RemainAfterExit=yes - KillMode=process - Environment="KUBECONFIG=/etc/kubernetes/admin.conf" - Environment="CIDR=10.244.0.0/16" - Environment="URL=https://raw.githubusercontent.com/projectcalico/calico/v3.24.5/manifests/calico.yaml" - ExecStart=/opt/bin/kubectl apply -f ${URL} - [Install] - WantedBy=multi-user.target - storage: disks: - device: /dev/vda @@ -183,38 +37,9 @@ storage: wipe_filesystem: true label: ROOT files: - - path: /etc/sysctl.d/k8s.conf - mode: 0600 + - path: /opt/ignition.json + filesystem: root + mode: 700 contents: - inline: | - net.bridge.bridge-nf-call-ip6tables = 1 - net.bridge.bridge-nf-call-iptables = 1 - - path: /root/kubeadm-config.yaml - mode: 0644 - contents: - inline: | - apiVersion: kubeadm.k8s.io/v1beta3 - kind: InitConfiguration - certificateKey: b4edd5fb7aec1b90e06c68e090213621f621e31353a165dabeed0f8617c341b6 - nodeRegistration: - name: leader.ks.cadoles.com - kubeletExtraArgs: - volume-plugin-dir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/" - --- - apiVersion: kubeadm.k8s.io/v1beta3 - kind: ClusterConfiguration - networking: - podSubnet: 10.244.0.0/16 - controllerManager: - extraArgs: - flex-volume-plugin-dir: "/opt/libexec/kubernetes/kubelet-plugins/volume/exec/" - --- - apiVersion: kubeproxy.config.k8s.io/v1alpha1 - kind: KubeProxyConfiguration - mode: "ipvs" - ipvs: - strictARP: true - --- - kind: KubeletConfiguration - apiVersion: kubelet.config.k8s.io/v1beta1 - cgroupDriver: systemd + remote: + url: http://192.168.40.3/leader.json \ No newline at end of file