Skip to content

Commit

Permalink
working baseline of minimal tinkerbell chart without lb
Browse files Browse the repository at this point in the history
  • Loading branch information
ibrokethecloud committed Mar 21, 2024
1 parent 70ee842 commit cb606f8
Show file tree
Hide file tree
Showing 13 changed files with 198 additions and 440 deletions.
Binary file modified chart/tinkerbell-stack/charts/hegel-0.3.3.tgz
Binary file not shown.
Binary file modified chart/tinkerbell-stack/charts/rufio-0.2.6.tgz
Binary file not shown.
Binary file modified chart/tinkerbell-stack/charts/smee-0.3.1.tgz
Binary file not shown.
Binary file modified chart/tinkerbell-stack/charts/tink-0.2.2.tgz
Binary file not shown.
Original file line number Diff line number Diff line change
Expand Up @@ -33,60 +33,60 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- if .Values.hostNetwork }}
hostNetwork: true
{{- end }}
containers:
- image: {{ .Values.image }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
args:
- -log-level={{ .Values.logLevel }}
- -backend-kube-namespace={{ .Release.Namespace }}
- -dhcp-addr={{ printf "%v:%v" .Values.dhcp.ip .Values.dhcp.port }}
- -dhcp-enabled={{ .Values.dhcp.enabled }}
- -dhcp-http-ipxe-binary-url={{include "urlJoiner" (dict "urlDict" .Values.dhcp.httpIPXE.binaryUrl)}}
- -dhcp-http-ipxe-script-url={{include "urlJoiner" (dict "urlDict" .Values.dhcp.httpIPXE.scriptUrl)}}
- -dhcp-ip-for-packet={{ .Values.dhcp.ipForPacket }}
- -dhcp-syslog-ip={{ .Values.dhcp.syslogIp }}
- -dhcp-tftp-ip={{ .Values.dhcp.tftpIp }}:69
- -extra-kernel-args={{ join " " ( append .Values.http.additionlKernelArgs ( printf "tink_worker_image=%s" ( required "missing tinkWorkerImage" .Values.tinkWorkerImage ) ) ) }}
- -http-addr={{ printf "%v:%v" .Values.http.ip .Values.http.port }}
- -http-ipxe-binary-enabled={{ .Values.http.ipxeBinaryEnabled }}
- -http-ipxe-script-enabled={{ .Values.http.ipxeScriptEnabled }}
- -osie-url={{include "urlJoiner" (dict "urlDict" .Values.http.osieUrl)}}
- -tink-server={{ printf "tink-server:%v" .Values.http.tinkServer.port }}
- -tink-server-tls={{ .Values.http.tinkServer.tls }}
- -trusted-proxies={{ required "missing trustedProxies" ( join "," .Values.trustedProxies ) }}
- -syslog-addr={{ printf "%v:%v" .Values.syslog.ip .Values.syslog.port }}
- -syslog-enabled={{ .Values.syslog.enabled }}
- -ipxe-script-patch={{ .Values.ipxeScriptPatch }}
- -tftp-addr={{ printf "%v:%v" .Values.tftp.ip .Values.tftp.port }}
- -tftp-enabled={{ .Values.tftp.enabled }}
- -tftp-timeout={{ .Values.tftp.timeout }}
{{- range .Values.additionalArgs }}
- {{ . }}
{{- end }}
env:
- name: PUBLIC_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
{{- range .Values.additionalEnv }}
- name: {{ .name | quote }}
value: {{ .value | quote }}
{{- end }}
{{- if not .Values.hostNetwork }}
ports:
{{- include "smee.ports" ( merge ( dict "PortKey" "containerPort" ) .Values ) | indent 12 }}
- image: {{ .Values.image }}
imagePullPolicy: {{ .Values.imagePullPolicy }}
args:
- -log-level={{ .Values.logLevel }}
- -backend-kube-namespace={{ .Release.Namespace }}
- -dhcp-addr={{ printf "%v:%v" .Values.dhcp.ip .Values.dhcp.port }}
- -dhcp-enabled={{ .Values.dhcp.enabled }}
- -dhcp-http-ipxe-binary-url={{include "urlJoiner" (dict "urlDict" .Values.dhcp.httpIPXE.binaryUrl)}}
- -dhcp-http-ipxe-script-url={{include "urlJoiner" (dict "urlDict" .Values.dhcp.httpIPXE.scriptUrl)}}
- -dhcp-ip-for-packet={{ .Values.dhcp.ipForPacket }}
- -dhcp-syslog-ip={{ .Values.dhcp.syslogIp }}
- -dhcp-tftp-ip={{ .Values.dhcp.tftpIp }}:69
- -extra-kernel-args={{ join " " ( append .Values.http.additionlKernelArgs ( printf "tink_worker_image=%s" ( required "missing tinkWorkerImage" .Values.tinkWorkerImage ) ) ) }}
- -http-addr={{ printf "%v:%v" .Values.http.ip .Values.http.port }}
- -http-ipxe-binary-enabled={{ .Values.http.ipxeBinaryEnabled }}
- -http-ipxe-script-enabled={{ .Values.http.ipxeScriptEnabled }}
- -osie-url={{include "urlJoiner" (dict "urlDict" .Values.http.osieUrl)}}
- -tink-server={{ printf "$(PUBLIC_IP):%v" .Values.http.tinkServer.port }}
- -tink-server-tls={{ .Values.http.tinkServer.tls }}
- -trusted-proxies={{ required "missing trustedProxies" ( join "," .Values.trustedProxies ) }}
- -syslog-addr={{ printf "%v:%v" .Values.syslog.ip .Values.syslog.port }}
- -syslog-enabled={{ .Values.syslog.enabled }}
- -ipxe-script-patch={{ .Values.ipxeScriptPatch }}
- -tftp-addr={{ printf "%v:%v" .Values.tftp.ip .Values.tftp.port }}
- -tftp-enabled={{ .Values.tftp.enabled }}
- -tftp-timeout={{ .Values.tftp.timeout }}
{{- range .Values.additionalArgs }}
- {{ . }}
{{- end }}
env:
- name: PUBLIC_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
{{- range .Values.additionalEnv }}
- name: {{ .name | quote }}
value: {{ .value | quote }}
{{- end }}
name: {{ .Values.name }}
resources:
limits:
cpu: {{ .Values.resources.limits.cpu }}
memory: {{ .Values.resources.limits.memory }}
requests:
cpu: {{ .Values.resources.requests.cpu }}
memory: {{ .Values.resources.requests.memory }}
{{- if not .Values.hostNetwork }}
ports:
{{- include "smee.ports" ( merge ( dict "PortKey" "containerPort" ) .Values ) | indent 12 }}
{{- end }}
name: {{ .Values.name }}
resources:
limits:
cpu: {{ .Values.resources.limits.cpu }}
memory: {{ .Values.resources.limits.memory }}
requests:
cpu: {{ .Values.resources.requests.cpu }}
memory: {{ .Values.resources.requests.memory }}
serviceAccountName: {{ .Values.name }}
{{- if .Values.hostNetwork }}
hostNetwork: true
{{- end }}
{{- end }}
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
# The NGINX ConfigMap is in a separate file because its checksum is used to trigger updates in
# the deployment.
{{ if .Values.deploy -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-conf
namespace: {{ .Release.Namespace | quote }}
data:
nginx.conf: |
worker_processes 1;
events {
worker_connections 1024;
}
user root;
http {
server {
listen 50061;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
resolver $POD_NAMESERVER;
set $hegel_dns hegel.{{ .Release.Namespace }}.svc.cluster.local.; # needed in Kubernetes for dynamic DNS resolution
proxy_pass http://$hegel_dns:50061;
}
}
server {
listen 42113;
http2 on;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
resolver $POD_NAMESERVER;
set $tink_dns tink-server.{{ .Release.Namespace }}.svc.cluster.local.; # needed in Kubernetes for dynamic DNS resolution
grpc_pass grpc://$tink_dns:42113;
}
}
server {
listen 8080;
location / {
sendfile on;
sendfile_max_chunk 1m;
root /usr/share/nginx/html;
}
}
}
{{- end }}
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
{{- if .Values.deploy }}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: {{ .Values.name }}-nginx
name: {{ .Values.name }}-nginx
namespace: {{ .Release.Namespace | quote }}
spec:
replicas: {{ .Values.replicas }}
selector:
matchLabels:
app: {{ .Values.name }}-nginx
stack: tinkerbell
{{- with .Values.selector }}
{{- toYaml . | nindent 6 }}
{{- end }}
strategy:
type: {{ .Values.deployment.strategy.type }}
template:
metadata:
labels:
app: {{ .Values.name }}-nginx
stack: tinkerbell
{{- with .Values.selector }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
affinity:
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- {{ .Values.name }}
containers:
- name: {{ .Values.name }}-nginx
image: {{ .Values.nginxImage }}
command: ["/bin/bash", "-xeuc"]
args:
- |
POD_NAMESERVER=$(awk '/nameserver/ {print $2}' /etc/resolv.conf) \
envsubst '$POD_NAMESERVER' \
</tmp/nginx.conf.template \
>/etc/nginx/nginx.conf
exec nginx -g 'daemon off;'
ports:
- containerPort: 50061
hostPort: 50061
protocol: TCP
name: hegel-port
- containerPort: 42113
hostPort: 42113
protocol: TCP
name: tink-server
- containerPort: 8080
hostPort: 8080
protocol: TCP
name: hook-http
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
volumeMounts:
- mountPath: /tmp
readOnly: true
name: nginx-conf
- mountPath: /usr/share/nginx/html
name: hook-artifacts
volumes:
- name: nginx-conf
configMap:
name: nginx-conf
items:
- key: nginx.conf
path: nginx.conf.template
- name: hook-artifacts
hostPath:
path: /opt/hook
type: DirectoryOrCreate
serviceAccountName: {{ .Values.name }}
{{- end }}
1 change: 1 addition & 0 deletions chart/tinkerbell-stack/dependency_charts/smee/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -128,3 +128,4 @@ additionalArgs: []
additionalEnv: []
trustedProxies:
- "10.42.0.0/24"
nginxImage: nginx:1.25.1
4 changes: 1 addition & 3 deletions chart/tinkerbell-stack/templates/hook.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,12 @@ data:
cd /output
rm -f *.tar.gz checksum.txt vmlinuz* initramfs*
base_loc="{{ .Values.stack.hook.downloadURL }}"
files="$base_loc/hook_aarch64.tar.gz $base_loc/hook_x86_64.tar.gz $base_loc/checksum.txt"
files="$base_loc/hook_aarch64.tar.gz $base_loc/hook_x86_64.tar.gz"
tmp_dir=$(mktemp -d)
for f in ${files}; do
echo "${f}"
wget -P "${tmp_dir}" "${f}"
done
(cd "${tmp_dir}" && sha512sum -c checksum.txt)
mv "${tmp_dir}"/checksum.txt .
for f in ${tmp_dir}/*.tar.gz; do tar --no-same-permissions --overwrite -ozxvf "${f}" && rm -f "${f}"; done
rm -rf "${tmp_dir}"
---
Expand Down
92 changes: 0 additions & 92 deletions chart/tinkerbell-stack/templates/kubevip.yaml

This file was deleted.

Loading

0 comments on commit cb606f8

Please sign in to comment.