Update Fedora Atomic from 27 to 28 on bare-metal
This commit is contained in:
parent
f40f60b83c
commit
915f89d3c8
|
@ -13,6 +13,10 @@ Notable changes between versions.
|
||||||
|
|
||||||
* Update from Fedora Atomic 27 to 28 ([#258](https://github.com/poseidon/typhoon/pull/258))
|
* Update from Fedora Atomic 27 to 28 ([#258](https://github.com/poseidon/typhoon/pull/258))
|
||||||
|
|
||||||
|
#### Bare-Metal
|
||||||
|
|
||||||
|
* Update from Fedora Atomic 27 to 28 ([#263](https://github.com/poseidon/typhoon/pull/263))
|
||||||
|
|
||||||
#### Google
|
#### Google
|
||||||
|
|
||||||
* Promote Google Cloud to stable
|
* Promote Google Cloud to stable
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
// Install Fedora to disk
|
// Install Fedora to disk
|
||||||
resource "matchbox_group" "fedora-install" {
|
resource "matchbox_group" "install" {
|
||||||
count = "${length(var.controller_names) + length(var.worker_names)}"
|
count = "${length(var.controller_names) + length(var.worker_names)}"
|
||||||
|
|
||||||
name = "${format("fedora-install-%s", element(concat(var.controller_names, var.worker_names), count.index))}"
|
name = "${format("fedora-install-%s", element(concat(var.controller_names, var.worker_names), count.index))}"
|
||||||
|
|
|
@ -17,7 +17,7 @@ network --bootproto=dhcp --device=link --activate --onboot=on
|
||||||
bootloader --timeout=1 --append="ds=nocloud\;seedfrom=/var/cloud-init/"
|
bootloader --timeout=1 --append="ds=nocloud\;seedfrom=/var/cloud-init/"
|
||||||
services --enabled=cloud-init,cloud-init-local,cloud-config,cloud-final
|
services --enabled=cloud-init,cloud-init-local,cloud-config,cloud-final
|
||||||
|
|
||||||
ostreesetup --osname="fedora-atomic" --remote="fedora-atomic" --url="${atomic_assets_endpoint}/repo" --ref=fedora/27/x86_64/atomic-host --nogpg
|
ostreesetup --osname="fedora-atomic" --remote="fedora-atomic" --url="${atomic_assets_endpoint}/repo" --ref=fedora/28/x86_64/atomic-host --nogpg
|
||||||
|
|
||||||
reboot
|
reboot
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ curl --retry 10 "${matchbox_http_endpoint}/generic?mac=${mac}&os=installed" -o /
|
||||||
echo "instance-id: iid-local01" > /var/cloud-init/meta-data
|
echo "instance-id: iid-local01" > /var/cloud-init/meta-data
|
||||||
|
|
||||||
rm -f /etc/ostree/remotes.d/fedora-atomic.conf
|
rm -f /etc/ostree/remotes.d/fedora-atomic.conf
|
||||||
ostree remote add fedora-atomic https://kojipkgs.fedoraproject.org/atomic/27 --set=gpgkeypath=/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-27-primary
|
ostree remote add fedora-atomic https://dl.fedoraproject.org/atomic/repo/ --set=gpgkeypath=/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-28-primary
|
||||||
|
|
||||||
# lock root user
|
# lock root user
|
||||||
passwd -l root
|
passwd -l root
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
locals {
|
locals {
|
||||||
default_assets_endpoint = "${var.matchbox_http_endpoint}/assets/fedora/27"
|
default_assets_endpoint = "${var.matchbox_http_endpoint}/assets/fedora/28"
|
||||||
atomic_assets_endpoint = "${var.atomic_assets_endpoint != "" ? var.atomic_assets_endpoint : local.default_assets_endpoint}"
|
atomic_assets_endpoint = "${var.atomic_assets_endpoint != "" ? var.atomic_assets_endpoint : local.default_assets_endpoint}"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,7 +17,7 @@ variable "atomic_assets_endpoint" {
|
||||||
description = <<EOD
|
description = <<EOD
|
||||||
HTTP endpoint serving the Fedora Atomic Host vmlinuz, initrd, os repo, and ostree repo (.e.g `http://example.com/some/path`).
|
HTTP endpoint serving the Fedora Atomic Host vmlinuz, initrd, os repo, and ostree repo (.e.g `http://example.com/some/path`).
|
||||||
|
|
||||||
Ensure the HTTP server directory contains `vmlinuz` and `initrd` files and `os` and `repo` directories. Leave unset to assume ${matchbox_http_endpoint}/assets/fedora/27
|
Ensure the HTTP server directory contains `vmlinuz` and `initrd` files and `os` and `repo` directories. Leave unset to assume ${matchbox_http_endpoint}/assets/fedora/28
|
||||||
EOD
|
EOD
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -121,16 +121,17 @@ sudo systemctl enable httpd --now
|
||||||
Download the [Fedora Atomic](https://getfedora.org/en/atomic/download/) ISO which contains install files and add them to the serve directory.
|
Download the [Fedora Atomic](https://getfedora.org/en/atomic/download/) ISO which contains install files and add them to the serve directory.
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo mount -o loop,ro Fedora-Atomic-ostree-*.iso /mnt
|
sudo mount -o loop,ro Fedora-AtomicHost-ostree-*.iso /mnt
|
||||||
sudo mkdir -p /var/www/html/fedora/27
|
sudo mkdir -p /var/www/html/fedora/28
|
||||||
sudo cp -av /mnt/* /var/www/html/fedora/27/
|
sudo cp -av /mnt/* /var/www/html/fedora/28/
|
||||||
|
sudo umount /mnt
|
||||||
```
|
```
|
||||||
|
|
||||||
Checkout the [fedora-atomic](https://pagure.io/fedora-atomic) ostree manifest repo.
|
Checkout the [fedora-atomic](https://pagure.io/fedora-atomic) ostree manifest repo.
|
||||||
|
|
||||||
```
|
```
|
||||||
git clone https://pagure.io/fedora-atomic.git && cd fedora-atomic
|
git clone https://pagure.io/fedora-atomic.git && cd fedora-atomic
|
||||||
git checkout f27
|
git checkout f28
|
||||||
```
|
```
|
||||||
|
|
||||||
Compose an ostree repo from RPM sources.
|
Compose an ostree repo from RPM sources.
|
||||||
|
@ -145,8 +146,8 @@ sudo rpm-ostree compose tree --repo=repo fedora-atomic-host.json
|
||||||
Serve the ostree `repo` as well.
|
Serve the ostree `repo` as well.
|
||||||
|
|
||||||
```
|
```
|
||||||
sudo cp -r repo /var/www/html/fedora/27/
|
sudo cp -r repo /var/www/html/fedora/28/
|
||||||
tree /var/www/html/fedora/27/
|
tree /var/www/html/fedora/28/
|
||||||
├── images
|
├── images
|
||||||
│ ├── pxeboot
|
│ ├── pxeboot
|
||||||
│ ├── initrd.img
|
│ ├── initrd.img
|
||||||
|
@ -158,7 +159,7 @@ tree /var/www/html/fedora/27/
|
||||||
Verify `vmlinuz`, `initrd.img`, and `repo` are accessible from the HTTP server (i.e. `atomic_assets_endpoint`).
|
Verify `vmlinuz`, `initrd.img`, and `repo` are accessible from the HTTP server (i.e. `atomic_assets_endpoint`).
|
||||||
|
|
||||||
```
|
```
|
||||||
curl http://example.com/fedora/27/
|
curl http://example.com/fedora/28/
|
||||||
```
|
```
|
||||||
|
|
||||||
!!! note
|
!!! note
|
||||||
|
@ -246,7 +247,7 @@ module "bare-metal-mercury" {
|
||||||
# bare-metal
|
# bare-metal
|
||||||
cluster_name = "mercury"
|
cluster_name = "mercury"
|
||||||
matchbox_http_endpoint = "http://matchbox.example.com"
|
matchbox_http_endpoint = "http://matchbox.example.com"
|
||||||
atomic_assets_endpoint = "http://example.com/fedora/27"
|
atomic_assets_endpoint = "http://example.com/fedora/28"
|
||||||
|
|
||||||
# configuration
|
# configuration
|
||||||
k8s_domain_name = "node1.example.com"
|
k8s_domain_name = "node1.example.com"
|
||||||
|
@ -400,7 +401,7 @@ Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/bare-me
|
||||||
|:-----|:------------|:--------|
|
|:-----|:------------|:--------|
|
||||||
| cluster_name | Unique cluster name | mercury |
|
| cluster_name | Unique cluster name | mercury |
|
||||||
| matchbox_http_endpoint | Matchbox HTTP read-only endpoint | "http://matchbox.example.com:port" |
|
| matchbox_http_endpoint | Matchbox HTTP read-only endpoint | "http://matchbox.example.com:port" |
|
||||||
| atomic_assets_endpoint | HTTP endpoint serving the Fedora Atomic vmlinuz, initrd.img, and ostree repo | "http://example.com/fedora/27" |
|
| atomic_assets_endpoint | HTTP endpoint serving the Fedora Atomic vmlinuz, initrd.img, and ostree repo | "http://example.com/fedora/28" |
|
||||||
| k8s_domain_name | FQDN resolving to the controller(s) nodes. Workers and kubectl will communicate with this endpoint | "myk8s.example.com" |
|
| k8s_domain_name | FQDN resolving to the controller(s) nodes. Workers and kubectl will communicate with this endpoint | "myk8s.example.com" |
|
||||||
| ssh_authorized_key | SSH public key for user 'fedora' | "ssh-rsa AAAAB3Nz..." |
|
| ssh_authorized_key | SSH public key for user 'fedora' | "ssh-rsa AAAAB3Nz..." |
|
||||||
| asset_dir | Path to a directory where generated assets should be placed (contains secrets) | "/home/user/.secrets/clusters/mercury" |
|
| asset_dir | Path to a directory where generated assets should be placed (contains secrets) | "/home/user/.secrets/clusters/mercury" |
|
||||||
|
|
Loading…
Reference in New Issue