feat: enable ceph on k8s nodes (#362)

- enable enough ceph/frr to join to cephfs
- notify sshd when restarting the network
- update ssh principals to include all ssh interfaces

Reviewed-on: #362
This commit was merged in pull request #362.
This commit is contained in:
2025-07-19 20:30:46 +10:00
parent c5c40c3bfd
commit 3cfafbac44
10 changed files with 122 additions and 7 deletions
+17 -7
View File
@@ -1,6 +1,6 @@
---
hiera_include:
- profiles::selinux::frr
- profiles::selinux::setenforce
- frrouting
- profiles::ceph::node
- profiles::ceph::client
@@ -12,6 +12,8 @@ profiles::packages::include:
bridge-utils: {}
cephadm: {}
profiles::selinux::setenforce::mode: disabled
profiles::ceph::client::manage_ceph_conf: false
profiles::ceph::client::manage_ceph_package: false
profiles::ceph::client::manage_ceph_paths: false
@@ -60,12 +62,15 @@ profiles::dns::base::primary_interface: loopback0
systemd::manage_networkd: true
systemd::manage_all_network_files: true
networking::interfaces:
enp2s0:
"%{hiera('networking_1000_iface')}":
type: physical
ipaddress: "%{hiera('networking_1000_ip')}"
gateway: 198.18.15.254
txqueuelen: 10000
forwarding: true
enp3s0:
"%{hiera('networking_2500_iface')}":
type: physical
ipaddress: "%{hiera('networking_2500_ip')}"
mtu: 1500
txqueuelen: 10000
forwarding: true
@@ -90,9 +95,9 @@ frrouting::ospfd_router_id: "%{hiera('networking_loopback0_ip')}"
frrouting::ospfd_redistribute:
- connected
frrouting::ospfd_interfaces:
enp2s0:
"%{hiera('networking_1000_iface')}":
area: 0.0.0.0
enp3s0:
"%{hiera('networking_2500_iface')}":
area: 0.0.0.0
loopback0:
area: 0.0.0.0
@@ -107,5 +112,10 @@ frrouting::daemons:
ssh::server::options:
ListenAddress:
- "%{hiera('networking_loopback0_ip')}"
- "%{facts.networking.interfaces.enp2s0.ip}"
- "%{facts.networking.interfaces.enp3s0.ip}"
- "%{hiera('networking_1000_ip')}"
- "%{hiera('networking_2500_ip')}"
profiles::ssh::sign::principals:
- "%{hiera('networking_loopback0_ip')}"
- "%{hiera('networking_1000_ip')}"
- "%{hiera('networking_2500_ip')}"