-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.yaml
238 lines (211 loc) · 8.37 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
apiVersion: apps/v1
kind: Deployment
metadata:
name: ltsp-server
labels:
app: ltsp-server
spec:
selector:
matchLabels:
name: ltsp-server
replicas: 1
template:
metadata:
labels:
name: ltsp-server
spec:
hostNetwork: true
containers:
- name: tftpd
image: localhost:5000/ltsp:16.04
command: [ "/usr/sbin/in.tftpd", "-L", "-u", "tftp", "-a", ":69", "-s", "/var/lib/tftpboot" ]
lifecycle:
postStart:
exec:
command: ["/bin/sh", "-c", "cd /var/lib/tftpboot/ltsp/amd64; ln -sf config/lts.conf ." ]
volumeMounts:
- name: config
mountPath: "/var/lib/tftpboot/ltsp/amd64/config"
- name: nbd-server
image: localhost:5000/ltsp:16.04
command: [ "/bin/nbd-server-wrapper.sh" ]
volumes:
- name: config
configMap:
name: ltsp-config
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ltsp-config
data:
lts.conf: |
[default]
KEEP_SYSTEM_SERVICES = "ssh ureadahead dbus-org.freedesktop.login1 systemd-logind polkitd cgmanager ufw rpcbind nfs-kernel-server"
MODULE_01 = overlay
MODULE_02 = netconsole
MODULE_02 = br_netfilter
LDM_AUTOLOGIN = True
LDM_DEBUG_TERMINAL = True
PREINIT_00_TIME = "ln -sf /usr/share/zoneinfo/Europe/Rome /etc/localtime"
PREINIT_01_FIX_HOSTNAME = "sed -i '/^127.0.0.2/d' /etc/hosts"
FSTAB_01_SSH = "/dev/data/ssh /etc/ssh ext4 nofail,noatime,nodiratime 0 0"
FSTAB_02_JOURNALD = "/dev/data/journal /var/log/journal ext4 nofail,noatime,nodiratime 0 0"
FSTAB_03_DOCKER = "/dev/data/docker /var/lib/docker ext4 nofail,noatime,nodiratime 0 0"
# Each command will stop script execution when fail
RCFILE_01_SSH_SERVER = "cp /rofs/etc/ssh/*_config /etc/ssh; ssh-keygen -A"
RCFILE_02_SSH_CLIENT = "mkdir -p /root/.ssh/; echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCeLrS9C8bBpDRO0Scef32dm+Tpc3Hg8kLhU3Xn4+K0N0+DmvgbbYSuNy+dzFfMZVsXcvO9xbGI15i0PMUkrwXdsaM/F6jp2d/QIuMDIyEJ5RSJw0SvzUNEYZaMmU1rFt/kefY97aqTDdq/DeBGW+I3Jy1DvlxmzRw2HTL9yxLKnAQpFq2iZOfod29m54f1x2omNlDMiNDTsdzM6TbigpNNdI1h/LzfTvSxCie9ANwjLA+30nZpdj+cE4vUaMm4xmZrFGcoffGvC7Nsn2zM2sXKJC9Mqdhv+bBX27K8TkkRu47F0blBE+nRAPoGqfX/lE9H3TX186M15cBbTov29DCgZEXLKwY1PzEyrRuFhyPFDWJVB9l9ZiOHgHYXh54ExL1GxKrPhwQG847P5Vm16P+XqsEQlI7Xx3j2PW/CZyY977rLgoPjchXsQDA01FIA5tmlr8sZYk0IZvcTw4UnGcZAU5JEsViClyx8hv2mCSPotpfqqUvqn/EP5lttHK5np9s= root@ema-GL502VT' >> /root/.ssh/authorized_keys"
RCFILE_04_ROOT_PWD = "echo 'root:root' | chpasswd"
RCFILE_05_SYSCTL = "echo \"kernel.softlockup_panic=1 \nkernel.unknown_nmi_panic=1 \nfs.file-max=20000000 \nfs.nr_open=20000000 \nnet.ipv4.neigh.default.gc_thresh1=80000 \nnet.ipv4.neigh.default.gc_thresh2=90000 \nnet.ipv4.neigh.default.gc_thresh3=100000\" > /etc/sysctl.d/11-mycfg.conf && sysctl -p"
RCFILE_06_FORWARD = "echo 1 > /proc/sys/net/ipv4/ip_forward"
RCFILE_07_JOIN_K8S = "kubeadm join 192.166.0.1:6443 --token 861c98.ijxz132bqfsx2cjd --discovery-token-ca-cert-hash sha256:8dc86b1741711384708a5ac02bd7ea7918a51cd6acc3a76d98cc16a0528e84b1"
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: dhcp-server
labels:
app: dhcp-server
spec:
selector:
matchLabels:
name: dhcp-server
replicas: 1
template:
metadata:
labels:
name: dhcp-server
spec:
hostNetwork: true
containers:
- name: isc-dhcp-server
image: sirferdek/isc-dhcp-server:latest
volumeMounts:
- name: dhcpdconf
mountPath: "/etc/dhcp/"
- name: iscconfig
mountPath: "/etc/default/"
volumes:
- name: dhcpdconf
configMap:
name: dhcpdconf-configmap
- name: iscconfig
configMap:
name: iscconfig-configmap
---
apiVersion: v1
kind: ConfigMap
metadata:
name: dhcpdconf-configmap
data:
dhcpd.conf: |
#
# Sample configuration file for ISC dhcpd for Debian
#
# Attention: If /etc/ltsp/dhcpd.conf exists, that will be used as
# configuration file instead of this file.
#
#
# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-updates on;
ddns-update-style interim;
ddns-ttl 60;
update-static-leases on;
#forces your domain:
ignore client-updates;
#responds to leasequery:
allow leasequery;
# option definitions common to all supported networks...
option domain-name "kubernetes.kube";
option domain-name-servers 192.166.0.1,192.168.1.1,8.8.8.8,8.8.4.4;
#option routers 192.168.1.1;
option space ipxe;
option ipxe-encap-opts code 175 = encapsulate ipxe;
option ipxe.menu code 39 = unsigned integer 8;
option ipxe.no-pxedhcp code 176 = unsigned integer 8;
option arch code 93 = unsigned integer 16;
default-lease-time 600;
max-lease-time 7200;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
#subnet 10.152.187.0 netmask 255.255.255.0 {
#}
# This is a very basic subnet declaration.
#subnet 10.254.239.0 netmask 255.255.255.224 {
# range 10.254.239.10 10.254.239.20;
# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.
#subnet 10.254.239.32 netmask 255.255.255.224 {
# range dynamic-bootp 10.254.239.40 10.254.239.60;
# option broadcast-address 10.254.239.31;
# option routers rtr-239-32-1.example.org;
#}
# A slightly different configuration for an internal subnet.
subnet 192.166.0.0 netmask 255.255.255.0 {
range 192.166.0.10 192.166.0.250;
option ipxe.no-pxedhcp 1;
option routers 192.166.0.1;
filename "/ltsp/amd64/pxelinux.0";
}
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.
#host passacaglia {
# hardware ethernet 0:0:c0:5d:bd:95;
# filename "vmunix.passacaglia";
# server-name "toccata.fugue.com";
#}
# Fixed IP addresses can also be specified for hosts. These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP. Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
# hardware ethernet 08:00:07:26:c0:a5;
# fixed-address fantasia.fugue.com;
#}
# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
#class "foo" {
# match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}
#shared-network 224-29 {
# subnet 10.17.224.0 netmask 255.255.255.0 {
# option routers rtr-224.example.org;
# }
# subnet 10.0.29.0 netmask 255.255.255.0 {
# option routers rtr-29.example.org;
# }
# pool {
# allow members of "foo";
# range 10.17.224.10 10.17.224.250;
# }
# pool {
# deny members of "foo";
# range 10.0.29.10 10.0.29.230;
# }
#}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: iscconfig-configmap
data:
isc-dhcp-server: |
INTERFACES="enp3s0"