Skip to content

Commit

Permalink
Add extramanifests for kubelet-serving-cert-approver
Browse files Browse the repository at this point in the history
  • Loading branch information
@nidr0x
nidr0x committed Nov 17, 2024
1 parent c352680 commit e9ba820
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 87 deletions.
11 changes: 11 additions & 0 deletions .taskfiles/talos/taskfile.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,14 @@
---
# yaml-language-server: $schema=https://taskfile.dev/schema.json
version: "3"

tasks:
reset-node:
desc: Reset Talos on a single node [CLUSTER=main] [HOSTNAME=required]
prompt: Reset Talos node '{{.HOSTNAME}}' on the '{{.CLUSTER}}' cluster ... continue?
cmd: talosctl reset --nodes {{.HOSTNAME}} --graceful=false
requires:
vars: [CLUSTER, HOSTNAME]
preconditions:
- talosctl --nodes {{.HOSTNAME}} get machineconfig
- talosctl config info
4 changes: 2 additions & 2 deletions Taskfile.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
version: "3"

vars:
KUBERNETES_DIR: "{{.ROOT_DIR}}/terraform/talos"
K8S_CLUSTER: '{{.K8S_CLUSTER | default "main"}}'
CLUSTER: '{{.CLUSTER | default "main"}}'
CLUSTER_DIR: "{{.ROOT_DIR}}/kubernetes/{{.CLUSTER}}"

includes:
pre-commit:
Expand Down
131 changes: 46 additions & 85 deletions bootstrap/talos/talconfig.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,59 @@ nodes:
ipAddress: 192.168.1.90
installDisk: /dev/sda
controlPlane: true

- hostname: worker-01
ipAddress: 192.168.1.91
installDisk: /dev/sda

- hostname: worker-02
ipAddress: 192.168.1.92
installDisk: /dev/sda

patches:
- |-
- op: add
path: /machine/kubelet/extraArgs
value:
rotate-server-certificates: "true"
- op: add
path: /cluster/extraManifests
value:
- "https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/main/deploy/standalone-install.yaml"
- op: add
path: /machine/kubelet/extraMounts
value:
- destination: /var/local/openebs
type: bind
source: /var/local/openebs
options:
- rbind
- rshared
- rw
- op: add
path: /machine/sysctls
value:
vm.nr_hugepages: "1024"
- op: add
path: /machine/nodeLabels
value:
openebs.io/engine: mayastor
- op: add
path: /machine/disks
value:
- device: /dev/sda
- op: add
path: /machine/network/interfaces
value:
- deviceSelector:
physical: true
dhcp: true
- |
cluster:
network:
cni:
name: none
proxy:
disabled: true
controlPlane:
schematic:
customization:
Expand All @@ -36,48 +80,6 @@ controlPlane:
- siderolabs/intel-ucode
- siderolabs/i915-ucode
- siderolabs/qemu-guest-agent
patches:
- |-
- op: add
path: /machine/kubelet/extraArgs
value:
rotate-server-certificates: "true"
- op: add
path: /machine/kubelet/extraMounts
value:
- destination: /var/local/openebs
type: bind
source: /var/local/openebs
options:
- rbind
- rshared
- rw
- op: add
path: /machine/sysctls
value:
vm.nr_hugepages: "1024"
- op: add
path: /machine/nodeLabels
value:
openebs.io/engine: mayastor
- op: add
path: /machine/disks
value:
- device: /dev/sda
- op: add
path: /machine/network/interfaces
value:
- deviceSelector:
physical: true
dhcp: true
- |
cluster:
network:
cni:
name: none
proxy:
disabled: true
worker:
schematic:
customization:
Expand All @@ -88,44 +90,3 @@ worker:
- siderolabs/intel-ucode
- siderolabs/i915-ucode
- siderolabs/qemu-guest-agent
patches:
- |-
- op: add
path: /machine/kubelet/extraArgs
value:
rotate-server-certificates: "true"
- op: add
path: /machine/kubelet/extraMounts
value:
- destination: /var/local/openebs
type: bind
source: /var/local/openebs
options:
- rbind
- rshared
- rw
- op: add
path: /machine/sysctls
value:
vm.nr_hugepages: "1024"
- op: add
path: /machine/nodeLabels
value:
openebs.io/engine: mayastor
- op: add
path: /machine/disks
value:
- device: /dev/sda
- op: add
path: /machine/network/interfaces
value:
- deviceSelector:
physical: true
dhcp: true
- |
cluster:
network:
cni:
name: none
proxy:
disabled: true

0 comments on commit e9ba820

Please sign in to comment.