update

2025-08-01 14:48:56 +00:00
parent d676962a6e
commit 6dd4e122bc
6 changed files with 297 additions and 1549 deletions
--- a/terraform/control-plane1.bu
+++ b/terraform/control-plane1.bu
@@ -7,23 +7,14 @@ passwd:
      ssh_authorized_keys:
        - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHEAlPo3v4U67Y3411pTjIMkQxwlFWdXrBJkSzXenDH flatcar@undercloud"

-networkd:
-  units:
-    - name: eth0.network
-      contents: |
-        [Match]
-        Name=eth0
-        
-        [Network]
-        Address=fd00:0:0:2::91/64
-        Gateway=fd00:0:0:2::3
-        DNS=fd00:0:0:3::1
-        Address=10.0.2.91/24
-        Gateway=10.0.2.3
-        DNS=10.0.3.1
-        Domains=undercloud.local
-
 storage:
+  directories:
+    - path: /opt/bin
+      overwrite: true
+      mode: 0755
+    - path: /opt/cni/bin
+      overwrite: true
+      mode: 755
  files:
    - path: /etc/hostname
      mode: 0644
@@ -31,6 +22,22 @@ storage:
        inline: |
          control-plane1

+    - path: /etc/systemd/network/00-eth.network
+      mode: 0644
+      contents:
+        inline: |
+          [Match]
+          Name=eth*
+          
+          [Network]
+          Address=fd00:0:0:2::91/64
+          Gateway=fd00:0:0:2::3
+          DNS=fd00:0:0:3::1
+          Address=10.0.2.91/24
+          Gateway=10.0.2.3
+          DNS=10.0.3.1
+          Domains=undercloud.local
+
    - path: /etc/hosts
      mode: 0644
      overwrite: true
@@ -81,35 +88,45 @@ storage:
          kernel.panic=10
          kernel.panic_on_oops=1

-    - path: /opt/kubernetes/bin/kubeadm
+    - path: /opt/bin/kubeadm
      mode: 0755
      contents:
        source: "http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubeadm"
-    - path: /opt/kubernetes/bin/kubelet
+
+    - path: /opt/bin/kubelet
      mode: 0755
      contents:
        source: "http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubelet"
-    - path: /opt/kubernetes/bin/kubectl
+
+    - path: /opt/bin/kubectl
      mode: 0755
      contents:
        source: "http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/kubectl"
-    - path: /opt/kubernetes/bin/calicoctl
+
+    - path: /opt/bin/calicoctl
      mode: 0755
      contents:
        source: "http://build-node.undercloud.local:3000/admin/undercloud-infrastructure/raw/branch/main/k8s-binaries/calicoctl"
+
    - path: /etc/kubernetes/kubeadm-init.yaml
      mode: 0644
      contents:
        inline: |
          apiVersion: kubeadm.k8s.io/v1beta3
          kind: InitConfiguration
+          localAPIEndpoint:
+            advertiseAddress: "fd00:0:0:2::91"
+            bindPort: 6443
          nodeRegistration:
            name: control-plane1
-            criSocket: /run/containerd/containerd.sock
+            criSocket: unix:///run/containerd/containerd.sock
+            kubeletExtraArgs:
+              node-ip: "fd00:0:0:2::91"
+          certificateKey: "fee7c3e5cfcac7e4774c6efca0464a42d897f30f7300340d6578b5cfb4a3d34b"
          bootstrapTokens:
            - token: "abcdef.0123456789abcdef"
              description: "default kubeadm bootstrap token"
-              ttl: 0
+              ttl: "0"
          ---
          apiVersion: kubeadm.k8s.io/v1beta3
          kind: ClusterConfiguration
@@ -122,7 +139,11 @@ storage:
          ---
          apiVersion: kubelet.config.k8s.io/v1beta1
          kind: KubeletConfiguration
+          address: "::"
+          healthzBindAddress: "::"
+          clusterDomain: "k8s.undercloud.local"
          volumePluginDir: /opt/libexec/kubernetes/kubelet-plugins/volume/exec
+          cgroupDriver: "systemd"

    - path: /etc/kubernetes/calico.yaml
      mode: 0644
@@ -168,22 +189,46 @@ systemd:
        [Install]
        WantedBy=multi-user.target

+    - name: kubelet.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=kubelet, the Kubernetes Node Agent
+        Documentation=https://kubernetes.io/docs/home
+        Wants=network-online.target
+        After=network-online.target containerd.service
+
+        [Service]
+        Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
+        Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
+        EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
+        ExecStart=/opt/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
+        Restart=always
+        StartLimitInterval=0
+        RestartSec=10
+
+        [Install]
+        WantedBy=multi-user.target
+
    - name: kubeadm-init.service
      enabled: true
      contents: |
        [Unit]
        Description=Kubeadm Init Cluster
-        After=network-online.target containerd.service
+        After=network-online.target containerd.service kubelet.service
        Wants=network-online.target

        [Service]
        Type=oneshot
-        ExecStart=/opt/kubernetes/bin/kubeadm init --config=/etc/kubernetes/kubeadm-init.yaml
+        Environment="PATH=/opt/bin:/usr/bin:/bin:/usr/sbin:/sbin"
+        ExecStartPre=/bin/sleep 30s
+        ExecStart=/opt/bin/kubeadm init --upload-certs --config=/etc/kubernetes/kubeadm-init.yaml
        ExecStartPost=/usr/bin/mkdir -p /home/core/.kube
        ExecStartPost=/usr/bin/cp -i /etc/kubernetes/admin.conf /home/core/.kube/config
        ExecStartPost=/usr/bin/chown core:core /home/core/.kube/config
-        ExecStartPost=/opt/kubernetes/bin/kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /etc/kubernetes/calico.yaml
-        RemainAfterExit=yes
-
+        #ExecStartPost=/opt/bin/kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /etc/kubernetes/calico.yaml
+        ExecStartPost=/usr/bin/systemctl disable kubeadm-init.service
+        Restart=on-failure
+        RestartSec=120s
        [Install]
        WantedBy=multi-user.target