kjuulh/terraform-hcloud-kube-hetzner
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Merge branch 'cloud-init2' into single-host

Browse Source
This commit is contained in:
Karim Naufal 2022-03-04 16:09:23 +01:00
commit 22b4caf254
3 changed files with 23 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -4,6 +4,11 @@ crash.log
kubeconfig.yaml kubeconfig.yaml
kubeconfig.yaml-e kubeconfig.yaml-e
terraform.tfvars terraform.tfvars
<<<<<<< HEAD
plans-custom.yaml
traefik-custom.yaml
kured-custom.yaml
=======
plans.yaml plans.yaml
traefik_config.yaml traefik_config.yaml
kured.yaml >>>>>>> 32d43b50f40b30cba207fb5946dee422825d93ef

1
kustomize/kured.yaml
View File

@ -18,4 +18,3 @@ spec:
command: command:
- /usr/bin/kured - /usr/bin/kured
- --reboot-command=/usr/bin/systemctl reboot - --reboot-command=/usr/bin/systemctl reboot
- --reboot-sentinel=/var/run/reboot-needed

38
modules/host/templates/userdata.yaml.tpl
View File

@ -18,6 +18,11 @@ write_files:
AuthorizedKeysFile .ssh/authorized_keys AuthorizedKeysFile .ssh/authorized_keys
path: /etc/ssh/sshd_config.d/kube-hetzner.conf path: /etc/ssh/sshd_config.d/kube-hetzner.conf
# Set reboot method as "kured"
- content: |
REBOOT_METHOD=kured
path: /etc/transactional-update.conf
# Add ssh authorized keys # Add ssh authorized keys
ssh_authorized_keys: ssh_authorized_keys:
%{ for key in sshAuthorizedKeys ~} %{ for key in sshAuthorizedKeys ~}
@ -31,32 +36,23 @@ growpart:
# Make sure the hostname is set correctly # Make sure the hostname is set correctly
hostname: ${hostname} hostname: ${hostname}
preserve_hostname: true preserve_hostname: true
manage_etc_hosts: "localhost"
runcmd: runcmd:
# As above, make sure the hostname is not reset # As above, make sure the hostname is not reset
- [ sed, -i, 's#preserve_hostname: false#preserve_hostname: true#g', /etc/cloud/cloud.cfg] - [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME="yes"/NETCONFIG_NIS_SETDOMAINNAME="no"/g', /etc/sysconfig/network/config]
- [ sed, -i, 's#NETCONFIG_NIS_SETDOMAINNAME="yes"#NETCONFIG_NIS_SETDOMAINNAME="no"#g', /etc/sysconfig/network/config] - [sed, '-i', 's/DHCLIENT_SET_HOSTNAME="yes"/DHCLIENT_SET_HOSTNAME="no"/g', /etc/sysconfig/network/dhcp]
- [ sed, -i, 's#DHCLIENT_SET_HOSTNAME="yes"#DHCLIENT_SET_HOSTNAME="no"#g', /etc/sysconfig/network/dhcp]
# We set Google DNS servers # We set Cloudflare DNS servers, followed by Google as a backup
- [ sed, -i, 's#NETCONFIG_DNS_STATIC_SERVERS=""#NETCONFIG_DNS_STATIC_SERVERS="8.8.8.8 8.8.4.4"#g', /etc/sysconfig/network/config] - [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=""/NETCONFIG_DNS_STATIC_SERVERS="1.1.1.1 1.0.0.1 8.8.8.8"/g', /etc/sysconfig/network/config]
# Bound the amount of logs that can survive on the system # Bounds the amount of logs that can survive on the system
- [ sed, -i, 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf] - [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]
- [ sed, -i, 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf] - [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]
# Activate the private network # Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2
- systemctl reload network - [sed, '-i', 's/NUMBER_LIMIT="2-10"/NUMBER_LIMIT="4"/g', /etc/snapper/configs/root]
- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT="4-10"/NUMBER_LIMIT_IMPORTANT="3"/g', /etc/snapper/configs/root]
# Activate ssh configuration # Disables unneeded services
- systemctl reload sshd - [systemctl, disable, '--now', 'rebootmgr.service']
# Finishing automatic reboot via Kured setup
- rebootmgrctl set-strategy off
# Reduce the default number of snapshots from 2-10 number limit, to 4
# And from 4-10 number limit important, to 2
- snapper -c root set-config "NUMBER_LIMIT=4"
- snapper -c root set-config "NUMBER_LIMIT_IMPORTANT=2"