From fb38b884b6393cbdd48500ef2b447f9d44660b55 Mon Sep 17 00:00:00 2001 From: Ashley Dumaine Date: Thu, 8 Feb 2024 15:26:00 -0500 Subject: [PATCH] use contentFrom for common init files --- templates/cluster-template.yaml | 139 +++++++++++++++++--------------- 1 file changed, 73 insertions(+), 66 deletions(-) diff --git a/templates/cluster-template.yaml b/templates/cluster-template.yaml index 4b1e95f9f..3436f78f3 100644 --- a/templates/cluster-template.yaml +++ b/templates/cluster-template.yaml @@ -63,43 +63,28 @@ spec: kubeadmConfigSpec: files: - path: /etc/containerd/config.toml - content: | - version = 2 - imports = ["/etc/containerd/conf.d/*.toml"] - [plugins] - [plugins."io.containerd.grpc.v1.cri"] - sandbox_image = "registry.k8s.io/pause:3.9" - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - runtime_type = "io.containerd.runc.v2" - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] - SystemdCgroup = true + contentFrom: + secret: + name: common-init-files + key: containerd-config.toml - path: /etc/modules-load.d/k8s.conf - content: | - overlay - br_netfilter + contentFrom: + secret: + name: common-init-files + key: k8s-modules.conf - path: /etc/sysctl.d/k8s.conf - content: | - net.bridge.bridge-nf-call-iptables = 1 - net.bridge.bridge-nf-call-ip6tables = 1 - net.ipv4.ip_forward = 1 - - path: /kubeadm-init.sh - content: | - #!/bin/bash - export DEBIAN_FRONTEND=noninteractive - hostnamectl set-hostname "$1" && hostname -F /etc/hostname - mkdir -p -m 755 /etc/apt/keyrings - VERSION=${2%.*} - curl -fsSL "https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/Release.key" | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg - echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list - apt-get update -y - apt-get install -y kubelet kubeadm kubectl containerd - apt-mark hold kubelet kubeadm kubectl containerd - modprobe overlay - modprobe br_netfilter - sysctl --system + contentFrom: + secret: + name: common-init-files + key: sysctl-k8s.conf + - path: /kubeadm-pre-init.sh + contentFrom: + secret: + name: common-init-files + key: kubeadm-pre-init.sh permissions: "0777" preKubeadmCommands: - - /kubeadm-init.sh '{{ ds.meta_data.label }}' "${KUBERNETES_VERSION}" + - /kubeadm-pre-init.sh '{{ ds.meta_data.label }}' "${KUBERNETES_VERSION}" clusterConfiguration: apiServer: extraArgs: @@ -177,46 +162,68 @@ spec: spec: files: - path: /etc/containerd/config.toml - content: | - version = 2 - imports = ["/etc/containerd/conf.d/*.toml"] - [plugins] - [plugins."io.containerd.grpc.v1.cri"] - sandbox_image = "registry.k8s.io/pause:3.9" - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] - runtime_type = "io.containerd.runc.v2" - [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] - SystemdCgroup = true + contentFrom: + secret: + name: common-init-files + key: containerd-config.toml - path: /etc/modules-load.d/k8s.conf - content: | - overlay - br_netfilter + contentFrom: + secret: + name: common-init-files + key: k8s-modules.conf - path: /etc/sysctl.d/k8s.conf - content: | - net.bridge.bridge-nf-call-iptables = 1 - net.bridge.bridge-nf-call-ip6tables = 1 - net.ipv4.ip_forward = 1 - - path: /kubeadm-init.sh - content: | - #!/bin/bash - export DEBIAN_FRONTEND=noninteractive - hostnamectl set-hostname "$1" && hostname -F /etc/hostname - mkdir -p -m 755 /etc/apt/keyrings - VERSION=${2%.*} - curl -fsSL "https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/Release.key" | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg - echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list - apt-get update -y - apt-get install -y kubelet kubeadm kubectl containerd - apt-mark hold kubelet kubeadm kubectl containerd - modprobe overlay - modprobe br_netfilter - sysctl --system + contentFrom: + secret: + name: common-init-files + key: sysctl-k8s.conf + - path: /kubeadm-pre-init.sh + contentFrom: + secret: + name: common-init-files + key: kubeadm-pre-init.sh permissions: "0777" preKubeadmCommands: - - /kubeadm-init.sh '{{ ds.meta_data.label }}' "${KUBERNETES_VERSION}" + - /kubeadm-pre-init.sh '{{ ds.meta_data.label }}' "${KUBERNETES_VERSION}" joinConfiguration: nodeRegistration: kubeletExtraArgs: cloud-provider: external provider-id: 'linode:///{{ ds.meta_data.region }}/{{ ds.meta_data.id }}' name: '{{ ds.meta_data.label }}' +--- +apiVersion: v1 +kind: Secret +metadata: + name: common-init-files +stringData: + containerd-config.toml: | + version = 2 + imports = ["/etc/containerd/conf.d/*.toml"] + [plugins] + [plugins."io.containerd.grpc.v1.cri"] + sandbox_image = "registry.k8s.io/pause:3.9" + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] + runtime_type = "io.containerd.runc.v2" + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] + SystemdCgroup = true + k8s-modules.conf: | + overlay + br_netfilter + sysctl-k8s.conf: | + net.bridge.bridge-nf-call-iptables = 1 + net.bridge.bridge-nf-call-ip6tables = 1 + net.ipv4.ip_forward = 1 + kubeadm-pre-init.sh: | + #!/bin/bash + export DEBIAN_FRONTEND=noninteractive + hostnamectl set-hostname "$1" && hostname -F /etc/hostname + mkdir -p -m 755 /etc/apt/keyrings + VERSION=${2%.*} + curl -fsSL "https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/Release.key" | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg + echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list + apt-get update -y + apt-get install -y kubelet kubeadm kubectl containerd + apt-mark hold kubelet kubeadm kubectl containerd + modprobe overlay + modprobe br_netfilter + sysctl --system