deploy/clusters/templates/kubeadmconfigtemplate.yaml

   1 {{- range $clusterName, $cluster := .Values.clusters }}
   2 ---
   3 apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
   4 kind: KubeadmConfigTemplate
   5 metadata:
   6   name: {{ $clusterName }}-workers
   7 spec:
   8   template:
   9     spec:
  10       joinConfiguration:
  11         nodeRegistration:
  12           kubeletExtraArgs:
  13             node-labels: metal3.io/uuid={{ "{{" }} ds.meta_data.uuid {{ "}}" }}
  14             cpu-manager-policy: static
  15             topology-manager-policy: best-effort
  16             kube-reserved: cpu=100m,memory=256Mi
  17           name: '{{ "{{" }} ds.meta_data.name {{ "}}" }}'
  18       preKubeadmCommands:
  19 {{- if $cluster.networks }}
  20       # Without touching up /etc/hosts, kubeadm may pick the wrong
  21       # (i.e. provisioning network) address for the node IP
  22       - sed -i "1i $(ip -4 addr show dev {{ $cluster.networks.baremetal.interface }} | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | head -1) $(hostname)" /etc/hosts
  23 {{- end }}
  24       - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
  25       - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  26       - curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
  27       - add-apt-repository "deb https://apt.kubernetes.io/ kubernetes-xenial main"
  28       - apt update -y
  29       - apt-get install -y ca-certificates
  30       - /usr/local/bin/install-container-runtime.sh
  31       - apt-get install -y kubelet={{ $cluster.kubeVersion }} kubeadm={{ $cluster.kubeVersion }} kubectl={{ $cluster.kubeVersion }}
  32       - systemctl enable --now kubelet
  33       postKubeadmCommands:
  34       # This must be done after kubeadm as the cabpk provider relies
  35       # on files in /var/run, which won't persist after a reboot
  36       - /usr/local/bin/set_kernel_cmdline.sh
  37       files:
  38 {{ include "clusters.containerRuntime" $cluster | indent 6 }}
  39       - path: /etc/systemd/system/containerd.service.d/override.conf
  40         content: |
  41 {{ $.Files.Get "resources/override.conf" | indent 10 }}
  42       - path: /usr/local/bin/set_kernel_cmdline.sh
  43         permissions: '0777'
  44         content: |
  45 {{ $.Files.Get "resources/set_kernel_cmdline.sh" | indent 10 }}
  46       users:
  47       - name: {{ $cluster.userData.name }}
  48         shell: /bin/bash
  49         lockPassword: False # Necessary to allow password login
  50         passwd: {{ $cluster.userData.hashedPassword }}
  51         sshAuthorizedKeys:
  52         - {{ $cluster.userData.sshAuthorizedKey }}
  53         sudo: "ALL=(ALL) NOPASSWD:ALL"
  54       - name: root
  55         sshAuthorizedKeys:
  56         - {{ $cluster.userData.sshAuthorizedKey }}
  57 {{- end }}