hetzner-alpine-k8s/config.yaml
Knut Ahlers 7ba01f01a1
Simplify config, upgrade to K8s 1.30.0
- sever connection to upstream
- remove Docker setup
- use local packer binary to build
- add support for writing arbitrary files
- cleanup repo

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-04-21 15:52:40 +02:00

173 lines
3.9 KiB
YAML

---
apk_tools_version: v2.14.4
apk_tools_arch: x86_64
apk_tools_url: https://gitlab.alpinelinux.org/api/v4/projects/5/packages/generic//{{ apk_tools_version }}/{{ apk_tools_arch }}/apk.static
apk_tools_checksum: sha256:42cea2a41dc09b263f04bb0ade8a2ba251256b91f89095ecc8a19903b2b3e39e
alpine_mirror: https://dl-cdn.alpinelinux.org/alpine
alpine_repositories:
- url: '{{ alpine_mirror }}/edge/main'
- tag: 'community'
url: '{{ alpine_mirror }}/edge/community'
- tag: 'testing'
url: '{{ alpine_mirror }}/edge/testing'
- tag: 'luzifer'
url: 'https://alpinerepo.hub.luzifer.io/repo'
alpine_repository_keys:
- name: 'alpine@ahlers.me-64562ea3.rsa.pub'
public_key: |
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArxxCxVKukbb/zGHBv1ks
Gu+eRHNCf7aPyUZVEwMdBSO3GYaVC5np1wtzCZzG+1BVQEdgyomxzB2dU0hTSBIZ
myu+u7344+4/XzbcIwNOfGyduYhlIDvQ4UMzFZfq0oXU9QTmsVl0iqi1CT8J4LWr
X5i6h/zkmURCvTkK9SoZ3S+LcnCS8becUdiJpQksMQ8nFr6MtwN92W4fzyHTJYI9
p+tuWr9j71xHLujWQU7aio+qGpvIS9y3R4eIkJ+YRRpTiZi7x+Aixn3JaGF0zk2h
tsApoPQbVqomgDPYX6JrMx1T5amkONz1vwhg9QTYISafQg0sbrQYBrjKDZBM0zZw
vUpVKHjr0S1rMJhzNXvoYBFwDv/d15B8B8QDyTKRJkhcfKpjN2UPinB0DNozJ8L5
l8VmxKdiA0zbbvWuhRMo9Svkhn/N55M+cH4Xmkf+3Z8frqmQf5b02mDfh4kMLRKT
SBwkqgx/Kqceiw8ZIDprPY3tr6ThQ9oJOzI8NomNmvmanWHJtm6oBNiyvH3G9cfe
+CeXkOhwwug+xrnNsA8bedFLfm2XB5Y6k/xs88604igHxfjbAWXjIyHhrNAD885s
cbZ7WJTWYHuoltHwFvmq5Z8ZFuFpqbWH7B618rLR92AmHGaaje8m4vVeUcTq2TeN
Ld4erUMnkwbBDYOIlAc/vzMCAwEAAQ==
-----END PUBLIC KEY-----
boot_size: +100m
root_size: '0'
hostname: alpine-k8s
dhcp_interfaces: [eth0, eth1]
packages:
# Alpine base system
openssh: ''
syslinux: ''
linux-virt: ''
sudo: '@community'
vim: ''
cloud-init: '@community'
e2fsprogs-extra: ''
py3-pyserial: '@community'
py3-netifaces: '@community'
wireguard-tools: ''
chrony: ''
chrony-openrc: ''
# K8s requirements
open-iscsi: ''
open-iscsi-openrc: ''
udev: ''
cni-plugin-calico: '@luzifer'
cni-plugins: '@community'
cri-tools: '@community'
containerd: '@community'
containerd-openrc: '@community'
nfs-utils: ''
uuidgen: ''
kubelet: '@luzifer=1.30.0-r0'
kubeadm: '@luzifer=1.30.0-r0'
kubectl: '@luzifer=1.30.0-r0'
services:
devfs: sysinit
dmesg: sysinit
hwdrivers: sysinit
udev: sysinit
udev-trigger: sysinit
udev-settle: sysinit
hwclock: boot
modules: boot
sysctl: boot
hostname: boot
bootmisc: boot
syslog: boot
networking: boot
mount-ro: shutdown
killprocs: shutdown
savecache: shutdown
chronyd: default
sshd: default
udev-postmount: default
# K8s requirements
containerd: default
iscsid: default
kubelet: default
ntpd: default
nameservers:
- 185.12.64.1
- 185.12.64.2
- 2a01:4ff:ff00::add:1
- 2a01:4ff:ff00::add:2
sysctl:
net.ipv4.ip_forward: 1
net.bridge.bridge-nf-call-iptables: 1
extlinux_modules:
- ext4
mkinitfs_features:
- ata
- base
- ext4
- keymap
- kms
- nvme
- raid
- scsi
- virtio
kernel_modules:
- ipv6
- af_packet
default_kernel_opts:
- quiet
write_files:
# Configure chrony
- dest: /etc/chrony/chrony.conf
content: |
server ptbtime1.ptb.de iburst
server ptbtime2.ptb.de iburst
initstepslew 10 ptbtime1.ptb.de
driftfile /var/lib/chrony/chrony.drift
rtcsync
cmdport 0
# Disable overwriting network config
- dest: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
content: |
network: {config: disabled}
# Fix prometheus errors: Write service
- dest: /etc/local.d/sharemetrics.start
content: |
#!/bin/sh
mount --make-rshared /
mode: '0755'
# kernel stuff
- dest: /etc/modules-load.d/k8s.conf
content: |
br_netfilter
chroot_commands:
# Fix prometheus errors: Enable sharemetrics service
- 'rc-update add local'
# Force --cloud-provider=external
- "sed -i 's/command_args=\"/command_args=\"--cloud-provider=external /' /etc/init.d/kubelet"
...