commit 9dc46e2eff06e6c0b5142563bfba6849103047e7 Author: Dustin C. Hatch Date: Mon Jul 17 15:16:01 2023 -0500 Initial commit The first host running Fedora CoreOS (FCOS) is *k8s-aarch64-n0.pyrocufflink.blue*. This is a Raspberry Pi 4 that is a specialized member of the Kubernetes cluster. It hosts the Zigbee2MQTT and ZWaveJS2MQTT containers, and has the Zigbee and ZWave controller USB devices attached. diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..69f48e5 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.ign diff --git a/butane-watch.sh b/butane-watch.sh new file mode 100644 index 0000000..56e1a55 --- /dev/null +++ b/butane-watch.sh @@ -0,0 +1,9 @@ +#!/bin/sh +# vim: set sw=4 ts=4 sts=4 et : + +inotifywait -e CLOSE_WRITE -m . \ + | stdbuf -o 0 grep -F .yaml \ + | while read _ _ f; do + printf 'Regenerating %s from %s ...\n' "${f%.yaml}.ign" "${f}" + butane -d . ${f} > ${f%.yaml}.ign + done diff --git a/install-kubelet.service b/install-kubelet.service new file mode 100644 index 0000000..72e691a --- /dev/null +++ b/install-kubelet.service @@ -0,0 +1,19 @@ +# vim: set ft=systemd : +[Unit] +Description=Install Kubernetes/Kubelet +After=network-online.target +Wants=network-online.target +Before=zincati.service +ConditionPathExists=!/usr/bin/kubectl + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/rpm-ostree install --apply-live --allow-inactive \ + cri-o \ + iscsi-initiator-utils \ + kubernetes-node \ + kubernetes-kubeadm + +[Install] +WantedBy=multi-user.target diff --git a/k8s-aarch64-n0.yaml b/k8s-aarch64-n0.yaml new file mode 100644 index 0000000..15c6355 --- /dev/null +++ b/k8s-aarch64-n0.yaml @@ -0,0 +1,13 @@ +variant: fcos +version: 1.4.0 +ignition: + config: + merge: + - local: sshkeys.ign + - local: kubelet.ign +storage: + files: + - path: /etc/hostname + contents: + inline: k8s-aarch64-n0.pyrocufflink.blue + mode: 0644 diff --git a/kubelet.yaml b/kubelet.yaml new file mode 100644 index 0000000..189eaf0 --- /dev/null +++ b/kubelet.yaml @@ -0,0 +1,26 @@ +variant: fcos +version: 1.4.0 +storage: + files: + - path: /etc/systemd/system/install-kubelet.service + contents: + local: install-kubelet.service + mode: 0644 + - path: /etc/modules-load.d/k8s.conf + contents: + inline: |+ + br_netfilter + - path: /etc/sysctl.d/k8s.conf + contents: + inline: |+ + net.bridge.bridge-nf-call-iptables = 1 + net.bridge.bridge-nf-call-ip6tables = 1 + net.ipv4.ip_forward = 1 + links: + - path: /etc/resolv.conf + overwrite: true + target: ../run/systemd/resolve/resolv.conf +systemd: + units: + - name: install-kubelet.service + enabled: true diff --git a/sshkeys.yaml b/sshkeys.yaml new file mode 100644 index 0000000..53615a4 --- /dev/null +++ b/sshkeys.yaml @@ -0,0 +1,7 @@ +variant: fcos +version: 1.4.0 +passwd: + users: + - name: core + ssh_authorized_keys: + - sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAINZCN2cxMDwedJ1Ke23Z3CZRcOYjqW8fFqsooRus7RK0AAAABHNzaDo= dustin@rosalina.pyrocufflink.blue