Update bare-metal Fedora CoreOS image location
* Use Fedora CoreOS production download streams (change) * Use live PXE kernel and initramfs images * https://getfedora.org/coreos/download/ * Update docs example to use public images (cache is still recommended at large scale) and stable stream
This commit is contained in:
parent
03ff3a9cf3
commit
dd930a2ff9
12
CHANGES.md
12
CHANGES.md
|
@ -4,6 +4,14 @@ Notable changes between versions.
|
||||||
|
|
||||||
## Latest
|
## Latest
|
||||||
|
|
||||||
|
#### Bare-Metal
|
||||||
|
|
||||||
|
* Update Fedora CoreOS images location
|
||||||
|
* Use Fedora CoreOS production [download](https://getfedora.org/coreos/download/) streams
|
||||||
|
* Use live PXE kernel and initramfs images
|
||||||
|
|
||||||
|
## v1.17.1
|
||||||
|
|
||||||
* Kubernetes [v1.17.1](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.17.md#v1171)
|
* Kubernetes [v1.17.1](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.17.md#v1171)
|
||||||
* Update CoreDNS from v1.6.5 to [v1.6.6](https://coredns.io/2019/12/11/coredns-1.6.6-release/) ([#602](https://github.com/poseidon/typhoon/pull/602))
|
* Update CoreDNS from v1.6.5 to [v1.6.6](https://coredns.io/2019/12/11/coredns-1.6.6-release/) ([#602](https://github.com/poseidon/typhoon/pull/602))
|
||||||
* Update Calico from v3.10.2 to v3.11.2 ([#604](https://github.com/poseidon/typhoon/pull/604))
|
* Update Calico from v3.10.2 to v3.11.2 ([#604](https://github.com/poseidon/typhoon/pull/604))
|
||||||
|
@ -12,6 +20,10 @@ Notable changes between versions.
|
||||||
* Enable kube-proxy metrics and allow Prometheus scrapes
|
* Enable kube-proxy metrics and allow Prometheus scrapes
|
||||||
* Allow TCP/10249 traffic with worker node sources
|
* Allow TCP/10249 traffic with worker node sources
|
||||||
|
|
||||||
|
#### AWS
|
||||||
|
|
||||||
|
* Update Fedora CoreOS AMI filter for fedora-coreos-31 ([#620](https://github.com/poseidon/typhoon/pull/620))
|
||||||
|
|
||||||
#### Google
|
#### Google
|
||||||
|
|
||||||
* Allow `terraform-provider-google` v3.0+ ([#617](https://github.com/poseidon/typhoon/pull/617))
|
* Allow `terraform-provider-google` v3.0+ ([#617](https://github.com/poseidon/typhoon/pull/617))
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
locals {
|
locals {
|
||||||
remote_kernel = "https://builds.coreos.fedoraproject.org/prod/streams/${var.os_stream}/builds/${var.os_version}/x86_64/fedora-coreos-${var.os_version}-installer-kernel-x86_64"
|
remote_kernel = "https://builds.coreos.fedoraproject.org/prod/streams/${var.os_stream}/builds/${var.os_version}/x86_64/fedora-coreos-${var.os_version}-live-kernel-x86_64"
|
||||||
remote_initrd = "https://builds.coreos.fedoraproject.org/prod/streams/${var.os_stream}/builds/${var.os_version}/x86_64/fedora-coreos-${var.os_version}-installer-initramfs.x86_64.img"
|
remote_initrd = "https://builds.coreos.fedoraproject.org/prod/streams/${var.os_stream}/builds/${var.os_version}/x86_64/fedora-coreos-${var.os_version}-live-initramfs.x86_64.img"
|
||||||
remote_args = [
|
remote_args = [
|
||||||
"ip=dhcp",
|
"ip=dhcp",
|
||||||
"rd.neednet=1",
|
"rd.neednet=1",
|
||||||
|
@ -10,8 +10,8 @@ locals {
|
||||||
"coreos.inst.install_dev=${var.install_disk}"
|
"coreos.inst.install_dev=${var.install_disk}"
|
||||||
]
|
]
|
||||||
|
|
||||||
cached_kernel = "/assets/fedora-coreos/fedora-coreos-${var.os_version}-installer-kernel-x86_64"
|
cached_kernel = "/assets/fedora-coreos/fedora-coreos-${var.os_version}-live-kernel-x86_64"
|
||||||
cached_initrd = "/assets/fedora-coreos/fedora-coreos-${var.os_version}-installer-initramfs.x86_64.img"
|
cached_initrd = "/assets/fedora-coreos/fedora-coreos-${var.os_version}-live-initramfs.x86_64.img"
|
||||||
cached_args = [
|
cached_args = [
|
||||||
"ip=dhcp",
|
"ip=dhcp",
|
||||||
"rd.neednet=1",
|
"rd.neednet=1",
|
||||||
|
|
|
@ -106,7 +106,7 @@ Read about the [many ways](https://coreos.com/matchbox/docs/latest/network-setup
|
||||||
TFTP chainloading to modern boot firmware, like iPXE, avoids issues with old NICs and allows faster transfer protocols like HTTP to be used.
|
TFTP chainloading to modern boot firmware, like iPXE, avoids issues with old NICs and allows faster transfer protocols like HTTP to be used.
|
||||||
|
|
||||||
!!! warning
|
!!! warning
|
||||||
Compile iPXE from [source](https://github.com/ipxe/ipxe) with support for [HTTPS downloads](https://ipxe.org/crypto). iPXE's pre-built firmware binaries do not enable this. Fedora does not provide images over HTTP.
|
Compile iPXE from [source](https://github.com/ipxe/ipxe) with support for [HTTPS downloads](https://ipxe.org/crypto). iPXE's pre-built firmware binaries do not enable this. Fedora CoreOS downloads are HTTPS-only.
|
||||||
|
|
||||||
## Terraform Setup
|
## Terraform Setup
|
||||||
|
|
||||||
|
@ -168,9 +168,8 @@ module "mercury" {
|
||||||
# bare-metal
|
# bare-metal
|
||||||
cluster_name = "mercury"
|
cluster_name = "mercury"
|
||||||
matchbox_http_endpoint = "http://matchbox.example.com"
|
matchbox_http_endpoint = "http://matchbox.example.com"
|
||||||
os_stream = "testing"
|
os_stream = "stable"
|
||||||
os_version = "30.20191002.0"
|
os_version = "31.20200113.3.1"
|
||||||
cached_install = true
|
|
||||||
|
|
||||||
# configuration
|
# configuration
|
||||||
k8s_domain_name = "node1.example.com"
|
k8s_domain_name = "node1.example.com"
|
||||||
|
@ -330,8 +329,8 @@ Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/bare-me
|
||||||
|:-----|:------------|:--------|
|
|:-----|:------------|:--------|
|
||||||
| cluster_name | Unique cluster name | "mercury" |
|
| cluster_name | Unique cluster name | "mercury" |
|
||||||
| matchbox_http_endpoint | Matchbox HTTP read-only endpoint | "http://matchbox.example.com:port" |
|
| matchbox_http_endpoint | Matchbox HTTP read-only endpoint | "http://matchbox.example.com:port" |
|
||||||
| os_stream | Fedora CoreOS release stream | "testing" |
|
| os_stream | Fedora CoreOS release stream | "stable" |
|
||||||
| os_version | Fedora CoreOS version to PXE and install | "30.20190716.1" |
|
| os_version | Fedora CoreOS version to PXE and install | "31.20200113.3.1" |
|
||||||
| k8s_domain_name | FQDN resolving to the controller(s) nodes. Workers and kubectl will communicate with this endpoint | "myk8s.example.com" |
|
| k8s_domain_name | FQDN resolving to the controller(s) nodes. Workers and kubectl will communicate with this endpoint | "myk8s.example.com" |
|
||||||
| ssh_authorized_key | SSH public key for user 'core' | "ssh-rsa AAAAB3Nz..." |
|
| ssh_authorized_key | SSH public key for user 'core' | "ssh-rsa AAAAB3Nz..." |
|
||||||
| controllers | List of controller machine detail objects (unique name, identifying MAC address, FQDN) | `[{name="node1", mac="52:54:00:a1:9c:ae", domain="node1.example.com"}]` |
|
| controllers | List of controller machine detail objects (unique name, identifying MAC address, FQDN) | `[{name="node1", mac="52:54:00:a1:9c:ae", domain="node1.example.com"}]` |
|
||||||
|
|
Loading…
Reference in New Issue