fcos-worker.bu (4781B)
1 variant: fcos 2 version: 1.4.0 3 passwd: 4 users: 5 - name: core 6 ssh_authorized_keys: 7 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIITpgxTnebhBnFyjWiF1nPM7Wl7qF+ce3xy/FvA4ZVN+ vincent@wakasu 8 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGxstR3xEf87leVVDS3GVPx8Ap9+eP+OfkSvM26V54XP vincent@shikoku 9 - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJoArpBsTXr3m6q2QnA1vI1DSwmgdU0OAp7DUxcxl9CJfeZIEs/iAerk8jmHgJ2xCEF6SpzI0FWSQIXy8dKpF4wLJ0tCoq5LqQx3jEzy3NUBLfxK+/Baa1te4qG2YImlgnzmEEm5uZlCGZRY2L/U9+4Hwo1AgD69Zzin6QGh2pyTWpmZ/WyhwIfGgqsnlM9XlaVzlMHYfStDi+rUU6XEAfdSqo1SnWKDBHc3mDYGTVhfAlt2LucLKu7oI2MsSlSxva072BExctadtB3TGHbt8gRJZj8CdwgRNhT+hFfbsL6YDvQn6dhTSMuiD8sBEvVble0Nj4p+Q6ROCRIuMuhgh3 cardno:10_153_832 10 - name: robot 11 password_hash: "$y$j9T$8AHcgGEznx/VnaNnbHufj/$zE.UJBpbrZiIKS3FcVLg.VBawvflIDZYn1dzKhJb7x0" 12 ssh_authorized_keys: 13 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIITpgxTnebhBnFyjWiF1nPM7Wl7qF+ce3xy/FvA4ZVN+ vincent@wakasu 14 - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGxstR3xEf87leVVDS3GVPx8Ap9+eP+OfkSvM26V54XP vincent@shikoku 15 - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJoArpBsTXr3m6q2QnA1vI1DSwmgdU0OAp7DUxcxl9CJfeZIEs/iAerk8jmHgJ2xCEF6SpzI0FWSQIXy8dKpF4wLJ0tCoq5LqQx3jEzy3NUBLfxK+/Baa1te4qG2YImlgnzmEEm5uZlCGZRY2L/U9+4Hwo1AgD69Zzin6QGh2pyTWpmZ/WyhwIfGgqsnlM9XlaVzlMHYfStDi+rUU6XEAfdSqo1SnWKDBHc3mDYGTVhfAlt2LucLKu7oI2MsSlSxva072BExctadtB3TGHbt8gRJZj8CdwgRNhT+hFfbsL6YDvQn6dhTSMuiD8sBEvVble0Nj4p+Q6ROCRIuMuhgh3 cardno:10_153_832 16 groups: [ sudo ] 17 storage: 18 directories: 19 - path: /var/cache/rpm-ostree-install 20 files: 21 # CRI-O DNF module 22 - path: /etc/dnf/modules.d/cri-o.module 23 mode: 0644 24 overwrite: true 25 contents: 26 inline: | 27 [cri-o] 28 name=cri-o 29 stream=1.29 30 profiles= 31 state=enabled 32 # YUM repository for kubeadm, kubelet and kubectl 33 - path: /etc/yum.repos.d/kubernetes.repo 34 mode: 0644 35 overwrite: true 36 contents: 37 inline: | 38 [kubernetes] 39 name=Kubernetes 40 baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-aarch64 41 enabled=1 42 gpgcheck=1 43 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg 44 https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 45 # configuring automatic loading of br_netfilter on startup 46 - path: /etc/modules-load.d/br_netfilter.conf 47 mode: 0644 48 overwrite: true 49 contents: 50 inline: br_netfilter 51 # setting kernel parameters required by kubelet 52 - path: /etc/sysctl.d/kubernetes.conf 53 mode: 0644 54 overwrite: true 55 contents: 56 inline: | 57 net.bridge.bridge-nf-call-iptables=1 58 net.ipv4.ip_forward=1 59 - path: /etc/hostname 60 mode: 0644 61 contents: 62 inline: ~HOSTNAME~ 63 disks: 64 - # The link to the block device the OS was booted from. 65 device: /dev/disk/by-id/coreos-boot-disk 66 # We do not want to wipe the partition table since this is the primary 67 # device. 68 wipe_table: false 69 partitions: 70 - number: 4 71 label: root 72 size_mib: 15360 # 15GB 73 resize: true 74 - size_mib: 0 75 # We assign a descriptive label to the partition. This is important 76 # for referring to it in a device-agnostic way in other parts of the 77 # configuration. 78 label: var 79 filesystems: 80 - path: /var 81 device: /dev/disk/by-partlabel/var 82 # We can select the filesystem we'd like. 83 format: ext4 84 # Ask Butane to generate a mount unit for us so that this filesystem 85 # gets mounted in the real root. 86 with_mount_unit: true 87 88 systemd: 89 units: 90 - name: rpm-ostree-install@.service 91 enabled: true 92 contents: | 93 [Unit] 94 Description=Layer %i with rpm-ostree 95 Wants=network-online.target 96 After=network-online.target 97 Before=zincati.service 98 ConditionPathExists=!/var/cache/rpm-ostree-install/%i.stamp 99 100 [Service] 101 Type=oneshot 102 RemainAfterExit=yes 103 ExecStart=/usr/bin/flock /var/cache/rpm-ostree-install/.lock -c "/usr/bin/rpm-ostree install --assumeyes --idempotent --apply-live --allow-inactive %i | tee /var/cache/rpm-ostree-install/%i.stamp" 104 105 [Install] 106 WantedBy=multi-user.target 107 - name: rpm-ostree-install@python3.service 108 enabled: true 109 - name: rpm-ostree-install@libselinux-python3.service 110 enabled: true 111 - name: rpm-ostree-install@kubeadm.service 112 enabled: true 113 - name: rpm-ostree-install@kubelet.service 114 enabled: true 115 - name: rpm-ostree-install@kubectl.service 116 enabled: true 117 - name: rpm-ostree-install@cri-o.service 118 enabled: true 119 - name: rpm-ostree-install@htop.service 120 enabled: true