feat: add shared bins volume for uv and cobbler-enc (#61)

- Add puppet-shared-bins PVC (10GB) for shared binaries
- Mount /opt/bin in both compiler and master deployments
- Add init container to install uv binary and cobbler script to shared volume
- Update cobbler-enc to use absolute path and uv cache directory
- Configure puppet.conf to reference cobbler-enc from /opt/bin

Reviewed-on: #61
This commit was merged in pull request #61.
This commit is contained in:
2026-03-20 22:49:31 +11:00
parent c1ea6e1e81
commit f474c5c530
5 changed files with 59 additions and 7 deletions
@@ -94,6 +94,8 @@ spec:
- mountPath: /var/lib/puppet/keys/
name: eyaml-keys
readOnly: true
- mountPath: /opt/bin/
name: puppet-shared-bins
initContainers:
- name: copy-configmaps
image: busybox:1.35
@@ -107,8 +109,6 @@ spec:
cp /configmaps/puppet.conf /etc/puppetlabs/puppet/puppet.conf
cp /configmaps/puppetdb.conf /etc/puppetlabs/puppet/puppetdb.conf
cp /configmaps/autosign.conf /etc/puppetlabs/puppet/autosign.conf
cp /configmaps/cobbler-enc /etc/puppetlabs/puppet/cobbler-enc
chmod +x /etc/puppetlabs/puppet/cobbler-enc
echo "Configmap files copied successfully"
volumeMounts:
- mountPath: /etc/puppetlabs/puppet/
@@ -122,9 +122,6 @@ spec:
- mountPath: /configmaps/autosign.conf
name: compiler-autosign-conf
subPath: autosign.conf
- mountPath: /configmaps/cobbler-enc
name: puppet-cobbler-enc
subPath: cobbler-enc
- args:
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
mkdir -p /etc/puppetlabs/code/environments;
@@ -175,6 +172,35 @@ spec:
name: puppet-code-volume
- mountPath: /etc/puppetlabs/puppet/
name: puppet-puppet-volume
- name: setup-shared-bins
image: git.unkin.net/unkin/almalinux9-base:20260308
command:
- sh
- -c
args:
- |
echo "Setting up shared binaries..."
mkdir -p /opt/bin
mkdir -p /opt/bin/.cache/uv
# Copy cobbler to shared bin volume
cp /configmaps/cobbler-enc /opt/bin/cobbler-enc
chmod +x /opt/bin/cobbler-enc
# Install uv to shared bin volume
cd /tmp
wget -O uv-x86_64-unknown-linux-gnu.tar.gz https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/github/astral-sh/uv/releases/download/0.9.20/uv-x86_64-unknown-linux-gnu.tar.gz
tar xf uv-x86_64-unknown-linux-gnu.tar.gz
cp uv-x86_64-unknown-linux-gnu/uv /opt/bin/uv
chmod +x /opt/bin/uv
echo "Shared binaries setup completed"
volumeMounts:
- mountPath: /opt/bin/
name: puppet-shared-bins
- mountPath: /configmaps/cobbler-enc
name: puppet-cobbler-enc
subPath: cobbler-enc
securityContext:
fsGroup: 999
volumes:
@@ -200,5 +226,8 @@ spec:
- name: puppet-cobbler-enc
configMap:
name: puppet-cobbler-enc
- name: puppet-shared-bins
persistentVolumeClaim:
claimName: puppet-shared-bins
strategy:
type: RollingUpdate
@@ -93,6 +93,8 @@ spec:
- mountPath: /var/lib/puppet/keys/
name: eyaml-keys
readOnly: true
- mountPath: /opt/bin/
name: puppet-shared-bins
initContainers:
- args:
- mkdir -p /etc/puppetlabs/puppet/eyaml/keys;
@@ -163,3 +165,6 @@ spec:
secret:
secretName: eyaml-keys
defaultMode: 0600
- name: puppet-shared-bins
persistentVolumeClaim:
claimName: puppet-shared-bins
@@ -124,3 +124,21 @@ spec:
requests:
storage: 10Gi
storageClassName: cephfs-raid6-delete
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/component: puppet-shared-bins
app.kubernetes.io/instance: puppetserver
app.kubernetes.io/name: puppetserver
app.kubernetes.io/version: 0.9.20
name: puppet-shared-bins
namespace: puppet
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
storageClassName: cephfs-raid6-delete
+1 -1
View File
@@ -1,4 +1,4 @@
#!/usr/bin/env -S uv run --quiet --script
#!/usr/bin/env -S /opt/bin/uv run --quiet --cache-dir /opt/bin/.cache/uv --script
# /// script
# requires-python = ">=3.11"
# dependencies = ['pyyaml','requests']
@@ -13,7 +13,7 @@ environmentpath = /etc/puppetlabs/code/environments
[master]
node_terminus = exec
external_nodes = /etc/puppetlabs/puppet/cobbler-enc
external_nodes = /opt/bin/cobbler-enc
autosign = /etc/puppetlabs/puppet/autosign.conf
default_manifest = /etc/puppetlabs/code/environments/develop/manifests
default_environment = develop