deploy/clusters/templates/kubeadmcontrolplane.yaml

   1 {{- range $clusterName, $cluster := .Values.clusters }}
   2 ---
   3 apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
   4 kind: KubeadmControlPlane
   5 metadata:
   6   name: {{ $clusterName }}
   7 spec:
   8   kubeadmConfigSpec:
   9     clusterConfiguration:
  10       apiServer:
  11         extraArgs:
  12           enable-admission-plugins: NodeRestriction,PodSecurityPolicy
  13     initConfiguration:
  14       nodeRegistration:
  15         kubeletExtraArgs:
  16           node-labels: metal3.io/uuid={{ "{{" }} ds.meta_data.uuid {{ "}}" }}
  17           cpu-manager-policy: static
  18           topology-manager-policy: best-effort
  19           kube-reserved: cpu=200m,memory=512Mi
  20         name: '{{ "{{" }} ds.meta_data.name {{ "}}" }}'
  21     joinConfiguration:
  22       controlPlane: {}
  23       nodeRegistration:
  24         kubeletExtraArgs:
  25           node-labels: metal3.io/uuid={{ "{{" }} ds.meta_data.uuid {{ "}}" }}
  26         name: '{{ "{{" }} ds.meta_data.name {{ "}}" }}'
  27     preKubeadmCommands:
  28 {{- if $cluster.networks }}
  29     # Without touching up /etc/hosts, kubeadm may pick the wrong
  30     # (i.e. provisioning network) address for the node IP
  31     - sed -i "1i $(ip -4 addr show dev {{ $cluster.networks.baremetal.interface }} | grep -oP '(?<=inet\s)\d+(\.\d+){3}' | head -1) $(hostname)" /etc/hosts
  32 {{- end }}
  33     - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
  34     - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  35     - curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
  36     - add-apt-repository "deb https://apt.kubernetes.io/ kubernetes-xenial main"
  37     - apt update -y
  38     - apt-get install -y ca-certificates
  39 {{- if $cluster.keepalived }}
  40     - apt-get install -y keepalived
  41     - systemctl enable --now keepalived
  42 {{- end }}
  43     - /usr/local/bin/install-container-runtime.sh
  44     - apt-get install -y kubelet={{ $cluster.kubeVersion }} kubeadm={{ $cluster.kubeVersion }} kubectl={{ $cluster.kubeVersion }}
  45     - systemctl enable --now kubelet
  46     postKubeadmCommands:
  47     - mkdir -p /home/ubuntu/.kube
  48     - cp /etc/kubernetes/admin.conf /home/ubuntu/.kube/config
  49     - chown ubuntu:ubuntu /home/ubuntu/.kube/config
  50     # This must be done after kubeadm as the cabpk provider relies on
  51     # files in /var/run, which won't persist after a reboot
  52     - /usr/local/bin/set_kernel_cmdline.sh
  53     files:
  54 {{ include "clusters.keepalived" $cluster | indent 4 }}
  55 {{ include "clusters.containerRuntime" $cluster | indent 4 }}
  56     - path: /etc/systemd/system/containerd.service.d/override.conf
  57       content: |
  58 {{ $.Files.Get "resources/override.conf" | indent 8 }}
  59     - path: /usr/local/bin/set_kernel_cmdline.sh
  60       permissions: '0777'
  61       content: |
  62 {{ $.Files.Get "resources/set_kernel_cmdline.sh" | indent 8 }}
  63     users:
  64     - name: {{ $cluster.userData.name }}
  65       shell: /bin/bash
  66       lockPassword: False # Necessary to allow password login
  67       passwd: {{ $cluster.userData.hashedPassword }}
  68       sshAuthorizedKeys:
  69       - {{ $cluster.userData.sshAuthorizedKey }}
  70       sudo: "ALL=(ALL) NOPASSWD:ALL"
  71     - name: root
  72       sshAuthorizedKeys:
  73       - {{ $cluster.userData.sshAuthorizedKey }}
  74   machineTemplate:
  75     infrastructureRef:
  76       apiVersion: infrastructure.cluster.x-k8s.io/v1alpha5
  77       kind: Metal3MachineTemplate
  78       name: {{ $clusterName }}-controlplane
  79     nodeDrainTimeout: 0s
  80   replicas: {{ $cluster.numControlPlaneMachines }}
  81   rolloutStrategy:
  82     rollingUpdate:
  83       maxSurge: 1
  84     type: RollingUpdate
  85   version: {{ $cluster.k8sVersion }}
  86 {{- end }}