feat: add shared bins volume for uv and cobbler-enc
- Add puppet-shared-bins PVC (10GB) for shared binaries - Mount /opt/bin in both compiler and master deployments - Add init container to install uv binary and cobbler script to shared volume - Update cobbler-enc to use absolute path and uv cache directory - Configure puppet.conf to reference cobbler-enc from /opt/bin
This commit is contained in:
@@ -94,6 +94,8 @@ spec:
|
|||||||
- mountPath: /var/lib/puppet/keys/
|
- mountPath: /var/lib/puppet/keys/
|
||||||
name: eyaml-keys
|
name: eyaml-keys
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- mountPath: /opt/bin/
|
||||||
|
name: puppet-shared-bins
|
||||||
initContainers:
|
initContainers:
|
||||||
- name: copy-configmaps
|
- name: copy-configmaps
|
||||||
image: busybox:1.35
|
image: busybox:1.35
|
||||||
@@ -107,8 +109,6 @@ spec:
|
|||||||
cp /configmaps/puppet.conf /etc/puppetlabs/puppet/puppet.conf
|
cp /configmaps/puppet.conf /etc/puppetlabs/puppet/puppet.conf
|
||||||
cp /configmaps/puppetdb.conf /etc/puppetlabs/puppet/puppetdb.conf
|
cp /configmaps/puppetdb.conf /etc/puppetlabs/puppet/puppetdb.conf
|
||||||
cp /configmaps/autosign.conf /etc/puppetlabs/puppet/autosign.conf
|
cp /configmaps/autosign.conf /etc/puppetlabs/puppet/autosign.conf
|
||||||
cp /configmaps/cobbler-enc /etc/puppetlabs/puppet/cobbler-enc
|
|
||||||
chmod +x /etc/puppetlabs/puppet/cobbler-enc
|
|
||||||
echo "Configmap files copied successfully"
|
echo "Configmap files copied successfully"
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- mountPath: /etc/puppetlabs/puppet/
|
- mountPath: /etc/puppetlabs/puppet/
|
||||||
@@ -122,9 +122,6 @@ spec:
|
|||||||
- mountPath: /configmaps/autosign.conf
|
- mountPath: /configmaps/autosign.conf
|
||||||
name: compiler-autosign-conf
|
name: compiler-autosign-conf
|
||||||
subPath: autosign.conf
|
subPath: autosign.conf
|
||||||
- mountPath: /configmaps/cobbler-enc
|
|
||||||
name: puppet-cobbler-enc
|
|
||||||
subPath: cobbler-enc
|
|
||||||
- args:
|
- args:
|
||||||
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
|
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
|
||||||
mkdir -p /etc/puppetlabs/code/environments;
|
mkdir -p /etc/puppetlabs/code/environments;
|
||||||
@@ -175,6 +172,35 @@ spec:
|
|||||||
name: puppet-code-volume
|
name: puppet-code-volume
|
||||||
- mountPath: /etc/puppetlabs/puppet/
|
- mountPath: /etc/puppetlabs/puppet/
|
||||||
name: puppet-puppet-volume
|
name: puppet-puppet-volume
|
||||||
|
- name: setup-shared-bins
|
||||||
|
image: git.unkin.net/unkin/almalinux9-base:20260308
|
||||||
|
command:
|
||||||
|
- sh
|
||||||
|
- -c
|
||||||
|
args:
|
||||||
|
- |
|
||||||
|
echo "Setting up shared binaries..."
|
||||||
|
mkdir -p /opt/bin
|
||||||
|
mkdir -p /opt/bin/.cache/uv
|
||||||
|
|
||||||
|
# Copy cobbler to shared bin volume
|
||||||
|
cp /configmaps/cobbler-enc /opt/bin/cobbler-enc
|
||||||
|
chmod +x /opt/bin/cobbler-enc
|
||||||
|
|
||||||
|
# Install uv to shared bin volume
|
||||||
|
cd /tmp
|
||||||
|
wget -O uv-x86_64-unknown-linux-gnu.tar.gz https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/github/astral-sh/uv/releases/download/0.9.20/uv-x86_64-unknown-linux-gnu.tar.gz
|
||||||
|
tar xf uv-x86_64-unknown-linux-gnu.tar.gz
|
||||||
|
cp uv-x86_64-unknown-linux-gnu/uv /opt/bin/uv
|
||||||
|
chmod +x /opt/bin/uv
|
||||||
|
|
||||||
|
echo "Shared binaries setup completed"
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /opt/bin/
|
||||||
|
name: puppet-shared-bins
|
||||||
|
- mountPath: /configmaps/cobbler-enc
|
||||||
|
name: puppet-cobbler-enc
|
||||||
|
subPath: cobbler-enc
|
||||||
securityContext:
|
securityContext:
|
||||||
fsGroup: 999
|
fsGroup: 999
|
||||||
volumes:
|
volumes:
|
||||||
@@ -200,5 +226,8 @@ spec:
|
|||||||
- name: puppet-cobbler-enc
|
- name: puppet-cobbler-enc
|
||||||
configMap:
|
configMap:
|
||||||
name: puppet-cobbler-enc
|
name: puppet-cobbler-enc
|
||||||
|
- name: puppet-shared-bins
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: puppet-shared-bins
|
||||||
strategy:
|
strategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
|
|||||||
@@ -93,6 +93,8 @@ spec:
|
|||||||
- mountPath: /var/lib/puppet/keys/
|
- mountPath: /var/lib/puppet/keys/
|
||||||
name: eyaml-keys
|
name: eyaml-keys
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
- mountPath: /opt/bin/
|
||||||
|
name: puppet-shared-bins
|
||||||
initContainers:
|
initContainers:
|
||||||
- args:
|
- args:
|
||||||
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
|
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
|
||||||
@@ -163,3 +165,6 @@ spec:
|
|||||||
secret:
|
secret:
|
||||||
secretName: eyaml-keys
|
secretName: eyaml-keys
|
||||||
defaultMode: 0600
|
defaultMode: 0600
|
||||||
|
- name: puppet-shared-bins
|
||||||
|
persistentVolumeClaim:
|
||||||
|
claimName: puppet-shared-bins
|
||||||
|
|||||||
@@ -124,3 +124,21 @@ spec:
|
|||||||
requests:
|
requests:
|
||||||
storage: 10Gi
|
storage: 10Gi
|
||||||
storageClassName: cephfs-raid6-delete
|
storageClassName: cephfs-raid6-delete
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: PersistentVolumeClaim
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app.kubernetes.io/component: puppet-shared-bins
|
||||||
|
app.kubernetes.io/instance: puppetserver
|
||||||
|
app.kubernetes.io/name: puppetserver
|
||||||
|
app.kubernetes.io/version: 0.9.20
|
||||||
|
name: puppet-shared-bins
|
||||||
|
namespace: puppet
|
||||||
|
spec:
|
||||||
|
accessModes:
|
||||||
|
- ReadWriteMany
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Gi
|
||||||
|
storageClassName: cephfs-raid6-delete
|
||||||
|
|||||||
@@ -1,4 +1,4 @@
|
|||||||
#!/usr/bin/env -S uv run --quiet --script
|
#!/usr/bin/env -S /opt/bin/uv run --quiet --cache-dir /opt/bin/.cache/uv --script
|
||||||
# /// script
|
# /// script
|
||||||
# requires-python = ">=3.11"
|
# requires-python = ">=3.11"
|
||||||
# dependencies = ['pyyaml','requests']
|
# dependencies = ['pyyaml','requests']
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ environmentpath = /etc/puppetlabs/code/environments
|
|||||||
|
|
||||||
[master]
|
[master]
|
||||||
node_terminus = exec
|
node_terminus = exec
|
||||||
external_nodes = /etc/puppetlabs/puppet/cobbler-enc
|
external_nodes = /opt/bin/cobbler-enc
|
||||||
autosign = /etc/puppetlabs/puppet/autosign.conf
|
autosign = /etc/puppetlabs/puppet/autosign.conf
|
||||||
default_manifest = /etc/puppetlabs/code/environments/develop/manifests
|
default_manifest = /etc/puppetlabs/code/environments/develop/manifests
|
||||||
default_environment = develop
|
default_environment = develop
|
||||||
|
|||||||
Reference in New Issue
Block a user