6 Commits

Author SHA1 Message Date
unkinben e9c69e0586 chore: bump rke2 version
Build / precommit (pull_request) Successful in 4m45s
2026-01-17 01:48:06 +11:00
unkinben 1077bdcbc1 chore: update ceph gpgkey (#438)
- stop checking ceph gpgkey (fixme)
- use artifactapi for retrieving large rke image bundle

Reviewed-on: #438
2026-01-16 23:51:11 +11:00
unkinben 4e928585f5 fix: ceph repos remove dash (#437)
Reviewed-on: #437
2026-01-15 21:52:17 +11:00
unkinben dbe1398218 chore: centralise all yum repo configuration (#436)
- add 30+ repository definitions to AlmaLinux/all_releases.yaml with `ensure: absent` defaults
- update all role-specific hieradata files to use `ensure: present` pattern
- remove duplicated repository URL/GPG key configurations from individual roles
- maintains existing functionality while improving maintainability"

Reviewed-on: #436
2026-01-15 21:35:13 +11:00
unkinben 9f5b1cec82 fix: thundering hurd (#435)
- started all puppet clients at the same time, resulting in thundering herd
- add a randomness timer of 10 minutes

Reviewed-on: #435
2026-01-12 20:21:39 +11:00
unkinben 383bbb0507 fix: ensure join-api is functioning (#434)
- consul was directing new rke2 control nodes to a dead join api
- add additional check to verify its responding (not just up)

Reviewed-on: #434
2026-01-11 13:51:36 +11:00
8 changed files with 18 additions and 19 deletions
+4 -15
View File
@@ -127,27 +127,16 @@ profiles::yum::global::repos:
name: ceph
descr: ceph repository
target: /etc/yum.repos.d/ceph.repo
baseurl: https://packagerepo.service.consul/ceph/reef/rhel%{facts.os.release.major}/x86_64/
gpgkey: https://packagerepo.service.consul/ceph/reef/rhel%{facts.os.release.major}/x86_64/repodata/repomd.xml.key
gpgcheck: 1
baseurl: https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/ceph-reef/el%{facts.os.release.major}/%{facts.os.architecture}
gpgcheck: false
mirrorlist: absent
ceph-noarch:
ensure: absent
name: ceph-noarch
descr: ceph noarch repository
target: /etc/yum.repos.d/ceph.repo
baseurl: https://packagerepo.service.consul/ceph/reef/rhel%{facts.os.release.major}/noarch/
gpgkey: https://packagerepo.service.consul/ceph/reef/rhel%{facts.os.release.major}/x86_64/repodata/repomd.xml.key
gpgcheck: 1
mirrorlist: absent
ceph-reef:
ensure: absent
name: ceph-reef
descr: ceph reef repository
target: /etc/yum.repos.d/ceph.repo
baseurl: https://packagerepo.service.consul/ceph/reef/rhel%{facts.os.release.major}/%{facts.os.architecture}/
gpgkey: https://packagerepo.service.consul/ceph/reef/rhel%{facts.os.release.major}/%{facts.os.architecture}/repodata/repomd.xml.key
gpgcheck: 0
baseurl: https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/ceph-reef/el%{facts.os.release.major}/noarch
gpgcheck: false
mirrorlist: absent
# Rancher RKE2 repositories
+1 -1
View File
@@ -3,7 +3,7 @@ hiera_include:
- profiles::nginx::simpleproxy
profiles::yum::global::repos:
ceph-reef:
ceph:
ensure: present
profiles::ceph::client::keyrings:
+6
View File
@@ -58,6 +58,12 @@ consul::services:
tcp: "%{hiera('networking_loopback0_ip')}:9345"
interval: '10s'
timeout: '1s'
- id: 'rke2_server_ping_check'
name: 'rke2 Server Ping Check'
http: "https://%{hiera('networking_loopback0_ip')}:9345/ping"
interval: '10s'
timeout: '3s'
tls_skip_verify: true
profiles::consul::client::node_rules:
- resource: service
segment: api-k8s
+1 -1
View File
@@ -24,7 +24,7 @@ frrouting::ospfd_interfaces:
area: 0.0.0.1
profiles::yum::global::repos:
ceph-reef:
ceph:
ensure: present
profiles::ceph::client::keyrings:
+1 -1
View File
@@ -30,7 +30,7 @@ class rke2::install (
# download required archive of containers
archive { '/var/lib/rancher/rke2/agent/images/rke2-images.linux-amd64.tar.zst':
ensure => present,
source => "https://github.com/rancher/rke2/releases/download/v${rke2_version}%2B${rke2_release}/rke2-images.linux-amd64.tar.zst",
source => "https://artifactapi.k8s.syd1.au.unkin.net/api/v1/remote/github/rancher/rke2/releases/download/v${rke2_version}%2B${rke2_release}/rke2-images.linux-amd64.tar.zst",
require => [
Package["rke2-${node_type}"],
File['/var/lib/rancher/rke2/agent/images'],
+1 -1
View File
@@ -1,7 +1,7 @@
# rke2 params
class rke2::params (
Enum['server', 'agent'] $node_type = 'agent',
String $rke2_version = '1.33.4',
String $rke2_version = '1.33.7',
String $rke2_release = 'rke2r1',
Stdlib::Absolutepath $config_file = '/etc/rancher/rke2/config.yaml',
Hash $config_hash = {},
+2
View File
@@ -13,6 +13,8 @@ class profiles::puppet::client (
Boolean $show_diff = true,
Boolean $usecacheonfailure = false,
Integer $facts_soft_limit = 4096,
Boolean $splay = true,
Integer $splaylimit = 600,
) {
# dont manage puppet.conf if this is a puppetmaster
@@ -12,3 +12,5 @@ runtimeout = <%= @runtimeout %>
show_diff = <%= @show_diff %>
usecacheonfailure = <%= @usecacheonfailure %>
number_of_facts_soft_limit = <%= @facts_soft_limit %>
splay = <%= @splay %>
splaylimit = <%= @splaylimit %>