djpbessems/Go.Rig-Operator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Drop initial code

Browse Source
This commit is contained in:
Danny Bessems
2026-01-15 09:58:01 +00:00
parent 227d957219
commit 1e7c9ba5cb
228 changed files with 19883 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
deploy/harvester/cloud-config-templates/rke2-ubuntu-22.04-cloudinit-cp.yaml Normal file
View File

@@ -0,0 +1,120 @@
apiVersion: v1
data:
cloudInit: |
#cloud-config
package_update: false
package_upgrade: false
snap:
commands:
00: snap refresh --hold=forever
package_reboot_if_required: true
packages:
- qemu-guest-agent
- yq
- jq
runcmd:
- sysctl -w net.ipv6.conf.all.disable_ipv6=1
- systemctl enable --now qemu-guest-agent.service
- [sh, '/root/updates.sh']
disable_root: true
ssh_pwauth: false
groups:
- etcd
users:
- name: rancher
gecos: Rancher service account
hashed_passwd: $6$Jn9gljJAbr9tjxD2$4D4O5YokrpYvYd5lznvtuWRPWWcREo325pEhn5r5vzfIU/1fX6werOG4LlXxNNBOkmbKaabekQ9NQL32IZOiH1
lock_passwd: false
shell: /bin/bash
groups: [users, sudo, docker]
sudo: ALL=(ALL:ALL) ALL
ssh_authorized_keys:
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEwWnnOTAu0LlAZRczQ0Z0KvNlUdPhGQhpZie+nF1O3s'
- name: etcd
gecos: ETCD service account
lock_passwd: true
shell: /sbin/nologin
groups: [etcd]
write_files:
- path: /root/updates.sh
permissions: '0550'
content: |
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive
apt-mark hold linux-headers-generic
apt-mark hold linux-headers-virtual
apt-mark hold linux-image-virtual
apt-mark hold linux-virtual
apt-get update
apt-get upgrade -y
apt-get autoremove -y
- path: /var/lib/rancher/rke2/server/manifests/disable-sa-automount.yaml
permissions: '0600'
owner: root:root
content: |
apiVersion: v1
kind: ServiceAccount
metadata:
name: disable-automount-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: disable-automount-clusterrole
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["get", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: disable-automount-binding
subjects:
- kind: ServiceAccount
name: disable-automount-sa
namespace: kube-system
roleRef:
kind: ClusterRole
name: disable-automount-clusterrole
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: disable-default-sa-automount
namespace: kube-system
spec:
schedule: "0 0 * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
serviceAccountName: disable-automount-sa
containers:
- name: kubectl-patcher
image: alpine/kubectl:1.35.0
command:
- /bin/sh
- -c
- |
for n in $(kubectl get namespaces -o=jsonpath="{.items[*]['metadata.name']}"); do
echo "Patching default SA in namespace: $n"
kubectl patch serviceaccount default -p '{"automountServiceAccountToken": false}' -n $n
done
restartPolicy: OnFailure
kind: ConfigMap
metadata:
labels:
harvesterhci.io/cloud-init-template: user
name: rke2-ubuntu-22.04-cloudinit-cp
namespace: vanderlande

52
deploy/harvester/cloud-config-templates/rke2-ubuntu-22.04-cloudinit.yaml Executable file
View File

@@ -0,0 +1,52 @@
apiVersion: v1
data:
cloudInit: |
#cloud-config
package_update: false
package_upgrade: false
snap:
commands:
00: snap refresh --hold=forever
package_reboot_if_required: true
packages:
- qemu-guest-agent
- yq
- jq
runcmd:
- sysctl -w net.ipv6.conf.all.disable_ipv6=1
- systemctl enable --now qemu-guest-agent.service
- [sh, '/root/updates.sh']
disable_root: true
ssh_pwauth: false
users:
- name: rancher
gecos: Rancher service account
hashed_passwd: $6$Jn9gljJAbr9tjxD2$4D4O5YokrpYvYd5lznvtuWRPWWcREo325pEhn5r5vzfIU/1fX6werOG4LlXxNNBOkmbKaabekQ9NQL32IZOiH1
lock_passwd: false
shell: /bin/bash
groups: [users, sudo, docker]
sudo: ALL=(ALL:ALL) ALL
ssh_authorized_keys:
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEwWnnOTAu0LlAZRczQ0Z0KvNlUdPhGQhpZie+nF1O3s'
write_files:
- path: /root/updates.sh
permissions: '0550'
content: |
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive
apt-mark hold linux-headers-generic
apt-mark hold linux-headers-virtual
apt-mark hold linux-image-virtual
apt-mark hold linux-virtual
apt-get update
apt-get upgrade -y
apt-get autoremove -y
kind: ConfigMap
metadata:
labels:
harvesterhci.io/cloud-init-template: user
name: rke2-ubuntu-22.04-cloudinit
namespace: vanderlande

120
deploy/harvester/cloud-config-templates/rke2-ubuntu-24.04-cloudinit-cp.yaml Normal file
View File

@@ -0,0 +1,120 @@
apiVersion: v1
data:
cloudInit: |
#cloud-config
package_update: false
package_upgrade: false
snap:
commands:
00: snap refresh --hold=forever
package_reboot_if_required: true
packages:
- qemu-guest-agent
- yq
- jq
runcmd:
- sysctl -w net.ipv6.conf.all.disable_ipv6=1
- systemctl enable --now qemu-guest-agent.service
- [sh, '/root/updates.sh']
disable_root: true
ssh_pwauth: false
groups:
- etcd
users:
- name: rancher
gecos: Rancher service account
hashed_passwd: $6$Jn9gljJAbr9tjxD2$4D4O5YokrpYvYd5lznvtuWRPWWcREo325pEhn5r5vzfIU/1fX6werOG4LlXxNNBOkmbKaabekQ9NQL32IZOiH1
lock_passwd: false
shell: /bin/bash
groups: [users, sudo, docker]
sudo: ALL=(ALL:ALL) ALL
ssh_authorized_keys:
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEwWnnOTAu0LlAZRczQ0Z0KvNlUdPhGQhpZie+nF1O3s'
- name: etcd
gecos: ETCD service account
lock_passwd: true
shell: /sbin/nologin
groups: [etcd]
write_files:
- path: /root/updates.sh
permissions: '0550'
owner: root:root
content: |
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive
apt-mark hold linux-headers-generic
apt-mark hold linux-headers-virtual
apt-mark hold linux-image-virtual
apt-mark hold linux-virtual
apt-get update
apt-get upgrade -y
apt-get autoremove -y
- path: /var/lib/rancher/rke2/server/manifests/disable-sa-automount.yaml
permissions: '0600'
owner: root:root
content: |
apiVersion: v1
kind: ServiceAccount
metadata:
name: disable-automount-sa
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: disable-automount-clusterrole
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["get", "patch"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: disable-automount-binding
subjects:
- kind: ServiceAccount
name: disable-automount-sa
namespace: kube-system
roleRef:
kind: ClusterRole
name: disable-automount-clusterrole
apiGroup: rbac.authorization.k8s.io
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: disable-default-sa-automount
namespace: kube-system
spec:
schedule: "0 0 * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
spec:
serviceAccountName: disable-automount-sa
containers:
- name: kubectl-patcher
image: alpine/kubectl:1.35.0
command:
- /bin/sh
- -c
- |
for n in $(kubectl get namespaces -o=jsonpath="{.items[*]['metadata.name']}"); do
echo "Patching default SA in namespace: $n"
kubectl patch serviceaccount default -p '{"automountServiceAccountToken": false}' -n $n
done
restartPolicy: OnFailure
kind: ConfigMap
metadata:
labels:
harvesterhci.io/cloud-init-template: user
name: rke2-ubuntu-24.04-cloudinit-cp
namespace: vanderlande

52
deploy/harvester/cloud-config-templates/rke2-ubuntu-24.04-cloudinit.yaml Executable file
View File

@@ -0,0 +1,52 @@
apiVersion: v1
data:
cloudInit: |
#cloud-config
package_update: false
package_upgrade: false
snap:
commands:
00: snap refresh --hold=forever
package_reboot_if_required: true
packages:
- qemu-guest-agent
- yq
- jq
runcmd:
- sysctl -w net.ipv6.conf.all.disable_ipv6=1
- systemctl enable --now qemu-guest-agent.service
- [sh, '/root/updates.sh']
disable_root: true
ssh_pwauth: false
users:
- name: rancher
gecos: Rancher service account
hashed_passwd: $6$Jn9gljJAbr9tjxD2$4D4O5YokrpYvYd5lznvtuWRPWWcREo325pEhn5r5vzfIU/1fX6werOG4LlXxNNBOkmbKaabekQ9NQL32IZOiH1
lock_passwd: false
shell: /bin/bash
groups: [users, sudo, docker]
sudo: ALL=(ALL:ALL) ALL
ssh_authorized_keys:
- 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEwWnnOTAu0LlAZRczQ0Z0KvNlUdPhGQhpZie+nF1O3s'
write_files:
- path: /root/updates.sh
permissions: '0550'
content: |
#!/bin/bash
export DEBIAN_FRONTEND=noninteractive
apt-mark hold linux-headers-generic
apt-mark hold linux-headers-virtual
apt-mark hold linux-image-virtual
apt-mark hold linux-virtual
apt-get update
apt-get upgrade -y
apt-get autoremove -y
kind: ConfigMap
metadata:
labels:
harvesterhci.io/cloud-init-template: user
name: rke2-ubuntu-24.04-cloudinit
namespace: vanderlande

33
deploy/harvester/image/ubuntu-22.04-2025-11-25.yaml Executable file
View File

@@ -0,0 +1,33 @@
apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineImage
metadata:
annotations:
harvesterhci.io/storageClassName: harvester-longhorn
finalizers:
- wrangler.cattle.io/vm-image-controller
generateName: ubuntu-22.04-
generation: 1
labels:
harvesterhci.io/image-type: raw_qcow2
harvesterhci.io/imageDisplayName: ubuntu-22.04-2025-11-25
harvesterhci.io/os-release-date: '2025-11-25'
harvesterhci.io/os-type: ubuntu
harvesterhci.io/os-version: '22.04'
name: ubuntu-22.04-7mg64
namespace: vanderlande
uid: 894bb600-bb7d-4bd3-926f-b91616cd54be
spec:
backend: backingimage
checksum: ''
displayName: ubuntu-22.04-2025-11-25
pvcName: ''
pvcNamespace: ''
retry: 3
sourceType: download
storageClassParameters:
migratable: 'true'
numberOfReplicas: '3'
staleReplicaTimeout: '30'
targetStorageClassName: harvester-longhorn
url: >-
https://cloud-images.ubuntu.com/jammy/20251125/jammy-server-cloudimg-amd64.img

33
deploy/harvester/image/ubuntu-24.04-2025-11-26.yaml Executable file
View File

@@ -0,0 +1,33 @@
apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineImage
metadata:
annotations:
harvesterhci.io/storageClassName: harvester-longhorn
finalizers:
- wrangler.cattle.io/vm-image-controller
generateName: ubuntu-24.04-
generation: 1
labels:
harvesterhci.io/image-type: raw_qcow2
harvesterhci.io/imageDisplayName: ubuntu-24.04-2025-11-26
harvesterhci.io/os-release-date: '2025-11-26'
harvesterhci.io/os-type: ubuntu
harvesterhci.io/os-version: '24.04'
name: ubuntu-24.04-qhtpc
namespace: vanderlande
uid: 23b60ae3-d5bd-4b10-9587-94e56b39c018
spec:
backend: backingimage
checksum: ''
displayName: ubuntu-24.04-2025-11-26
pvcName: ''
pvcNamespace: ''
retry: 3
sourceType: download
storageClassParameters:
migratable: 'true'
numberOfReplicas: '3'
staleReplicaTimeout: '30'
targetStorageClassName: harvester-longhorn
url: >-
https://cloud-images.ubuntu.com/noble/20251126/noble-server-cloudimg-amd64.img

94
deploy/harvester/templates/rke2-ubuntu-22.04-8fzp2.yaml Executable file
View File

@@ -0,0 +1,94 @@
apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineTemplateVersion
metadata:
annotations:
template-version.harvesterhci.io/customName: m8HEQq4ebp
generateName: rke2-ubuntu-22.04-
generation: 2
labels:
template.harvesterhci.io/templateID: rke2-ubuntu-22.04
name: rke2-ubuntu-22.04-8fzp2
namespace: vanderlande
ownerReferences:
- apiVersion: harvesterhci.io/v1beta1
blockOwnerDeletion: true
controller: true
kind: VirtualMachineTemplate
name: rke2-ubuntu-22.04
# UID of the VirtualMachineTemplate to link to
uid: 8358985a-2a3d-4d06-a656-eb5e69d3137d
# UID is of the VirtualMachineTemplateVersion used by the secret
uid: 0c581ffb-8681-4054-a3c1-078a22dc53d8
spec:
templateId: vanderlande/rke2-ubuntu-22.04
vm:
metadata:
annotations:
harvesterhci.io/enableCPUAndMemoryHotplug: 'true'
# Image StorageClass name is defined by the image suffix, i.e. ubuntu-22.04-7mg64 -> longhorn-image-7mg64
harvesterhci.io/volumeClaimTemplates: '[{"metadata":{"name":"-disk-0-q0xip","annotations":{"harvesterhci.io/imageId":"vanderlande/image-7mg64"}},"spec":{"accessModes":["ReadWriteMany"],"resources":{"requests":{"storage":"60Gi"}},"volumeMode":"Block","storageClassName":"longhorn-image-7mg64"}}]'
template-version.harvesterhci.io/customName: m8HEQq4ebp
creationTimestamp: null
labels:
harvesterhci.io/os: ubuntu
spec:
runStrategy: RerunOnFailure
template:
metadata:
annotations:
harvesterhci.io/sshNames: '["vanderlande/harvester-cnv-node"]'
creationTimestamp: null
spec:
affinity: {}
domain:
cpu:
cores: 1
maxSockets: 16
sockets: 4
threads: 1
devices:
disks:
- bootOrder: 1
disk:
bus: virtio
name: disk-0
- disk:
bus: virtio
name: cloudinitdisk
inputs:
- bus: usb
name: tablet
type: tablet
interfaces:
- bridge: {}
model: virtio
name: default
features:
acpi:
enabled: true
machine:
type: ''
memory:
guest: 8Gi
maxGuest: 32Gi
resources:
limits:
cpu: '16'
memory: 32Gi
evictionStrategy: LiveMigrateIfPossible
networks:
- multus:
networkName: vanderlande/vm-lan
name: default
terminationGracePeriodSeconds: 120
volumes:
- name: disk-0
persistentVolumeClaim:
claimName: '-disk-0-q0xip'
- cloudInitNoCloud:
networkDataSecretRef:
name: rke2-ubuntu-22.04-lbbfn
secretRef:
name: rke2-ubuntu-22.04-lbbfn
name: cloudinitdisk

18
deploy/harvester/templates/rke2-ubuntu-22.04-secret-lbbfn.yaml Executable file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
data:
# Updated user data should be imported from rke2-ubuntu-22.04-cloudinit and base64 encoded
networkdata: ""
userdata: I2Nsb3VkLWNvbmZpZwpwYWNrYWdlX3VwZGF0ZTogZmFsc2UKcGFja2FnZV91cGdyYWRlOiBmYWxzZQpzbmFwOgogIGNvbW1hbmRzOgogICAgMDogc25hcCByZWZyZXNoIC0taG9sZD1mb3JldmVyCnBhY2thZ2VfcmVib290X2lmX3JlcXVpcmVkOiB0cnVlCnBhY2thZ2VzOgogIC0gcWVtdS1ndWVzdC1hZ2VudAogIC0geXEKICAtIGpxCgpydW5jbWQ6CiAgLSBzeXNjdGwgLXcgbmV0LmlwdjYuY29uZi5hbGwuZGlzYWJsZV9pcHY2PTEKICAtIHN5c3RlbWN0bCBlbmFibGUgLS1ub3cgcWVtdS1ndWVzdC1hZ2VudC5zZXJ2aWNlCiAgLSAtIHNoCiAgICAtIC9yb290L3VwZGF0ZXMuc2gKCmRpc2FibGVfcm9vdDogdHJ1ZQpzc2hfcHdhdXRoOiBmYWxzZQp1c2VyczoKICAtIG5hbWU6IHJhbmNoZXIKICAgIGdlY29zOiBSYW5jaGVyIHNlcnZpY2UgYWNjb3VudAogICAgaGFzaGVkX3Bhc3N3ZDogJDYkSm45Z2xqSkFicjl0anhEMiQ0RDRPNVlva3JwWXZZZDVsem52dHVXUlBXV2NSRW8zMjVwRWhuNXI1dnpmSVUvMWZYNndlck9HNExsWHhOTkJPa21iS2FhYmVrUTlOUUwzMklaT2lIMQogICAgbG9ja19wYXNzd2Q6IGZhbHNlCiAgICBzaGVsbDogL2Jpbi9iYXNoCiAgICBncm91cHM6IFsgdXNlcnMsIHN1ZG8sIGRvY2tlciBdCiAgICBzdWRvOiBBTEw9KEFMTCkKICAgIHNzaF9hdXRob3JpemVkX2tleXM6CiAgICAgIC0gJ3NzaC1lZDI1NTE5CiAgICAgICAgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUV3V25uT1RBdTBMbEFaUmN6UTBaMEt2TmxVZFBoR1FocFppZStuRjFPM3MnCgp3cml0ZV9maWxlczoKICAtIHBhdGg6IC9yb290L3VwZGF0ZXMuc2gKICAgIHBlcm1pc3Npb25zOiAnMDU1MCcKICAgIGNvbnRlbnQ6IHwKICAgICAgIyEvYmluL2Jhc2gKICAgICAgZXhwb3J0IERFQklBTl9GUk9OVEVORD1ub25pbnRlcmFjdGl2ZQogICAgICBhcHQtbWFyayBob2xkIGxpbnV4LWhlYWRlcnMtZ2VuZXJpYwogICAgICBhcHQtbWFyayBob2xkIGxpbnV4LWhlYWRlcnMtdmlydHVhbAogICAgICBhcHQtbWFyayBob2xkIGxpbnV4LWltYWdlLXZpcnR1YWwKICAgICAgYXB0LW1hcmsgaG9sZCBsaW51eC12aXJ0dWFsCiAgICAgIGFwdC1nZXQgdXBkYXRlCiAgICAgIGFwdC1nZXQgdXBncmFkZSAteQogICAgICBhcHQtZ2V0IGF1dG9yZW1vdmUgLXkgICAgCnNzaF9hdXRob3JpemVkX2tleXM6CiAgLSBzc2gtZWQyNTUxOQogICAgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUV3V25uT1RBdTBMbEFaUmN6UTBaMEt2TmxVZFBoR1FocFppZStuRjFPM3MKICAgIEhhcnZlc3RlciBDTlYgTm9kZQo=
kind: Secret
metadata:
labels:
harvesterhci.io/cloud-init-template: harvester
name: rke2-ubuntu-22.04-lbbfn
namespace: vanderlande
ownerReferences:
- apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineTemplateVersion
name: rke2-ubuntu-22.04-8fzp2
# UID of the VirtualMachineTemplateVersion to link to
uid: 0c581ffb-8681-4054-a3c1-078a22dc53d8
type: secret

10
deploy/harvester/templates/rke2-ubuntu-22.04-template.yaml Executable file
View File

@@ -0,0 +1,10 @@
apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineTemplate
metadata:
name: rke2-ubuntu-22.04
namespace: vanderlande
# UID needs to be specified explicitly as it is used in template version.
uid: 8358985a-2a3d-4d06-a656-eb5e69d3137d
spec:
defaultVersionId: vanderlande/rke2-ubuntu-22.04-8fzp2

18
deploy/harvester/templates/rke2-ubuntu-24.04-secret-3bl5k.yaml Executable file
View File

@@ -0,0 +1,18 @@
apiVersion: v1
data:
networkdata: ""
# Updated user data should be imported from rke2-ubuntu-24.04-cloudinit and base64 encoded
userdata: I2Nsb3VkLWNvbmZpZwpwYWNrYWdlX3VwZGF0ZTogdHJ1ZQpwYWNrYWdlX3VwZ3JhZGU6IGZhbHNlCnNuYXA6CiAgY29tbWFuZHM6CiAgICAwOiBzbmFwIHJlZnJlc2ggLS1ob2xkPWZvcmV2ZXIKcGFja2FnZV9yZWJvb3RfaWZfcmVxdWlyZWQ6IHRydWUKcGFja2FnZXM6CiAgLSBxZW11LWd1ZXN0LWFnZW50CiAgLSB5cQogIC0ganEKCnJ1bmNtZDoKICAtIHN5c2N0bCAtdyBuZXQuaXB2Ni5jb25mLmFsbC5kaXNhYmxlX2lwdjY9MQogIC0gc3lzdGVtY3RsIGVuYWJsZSAtLW5vdyBxZW11LWd1ZXN0LWFnZW50LnNlcnZpY2UKICAtIC0gc2gKICAgIC0gL3Jvb3QvdXBkYXRlcy5zaAoKZGlzYWJsZV9yb290OiB0cnVlCnNzaF9wd2F1dGg6IGZhbHNlCnVzZXJzOgogIC0gbmFtZTogcmFuY2hlcgogICAgZ2Vjb3M6IFJhbmNoZXIgc2VydmljZSBhY2NvdW50CiAgICBoYXNoZWRfcGFzc3dkOiAkNiRKbjlnbGpKQWJyOXRqeEQyJDRENE81WW9rcnBZdllkNWx6bnZ0dVdSUFdXY1JFbzMyNXBFaG41cjV2emZJVS8xZlg2d2VyT0c0TGxYeE5OQk9rbWJLYWFiZWtROU5RTDMySVpPaUgxCiAgICBsb2NrX3Bhc3N3ZDogZmFsc2UKICAgIHNoZWxsOiAvYmluL2Jhc2gKICAgIGdyb3VwczogWyB1c2Vycywgc3VkbywgZG9ja2VyIF0KICAgIHN1ZG86IEFMTD0oQUxMOkFMTCkgQUxMCiAgICBzc2hfYXV0aG9yaXplZF9rZXlzOgogICAgICAtICdzc2gtZWQyNTUxOQogICAgICAgIEFBQUFDM056YUMxbFpESTFOVEU1QUFBQUlFd1dubk9UQXUwTGxBWlJjelEwWjBLdk5sVWRQaEdRaHBaaWUrbkYxTzNzJwoKd3JpdGVfZmlsZXM6CiAgLSBwYXRoOiAvcm9vdC91cGRhdGVzLnNoCiAgICBwZXJtaXNzaW9uczogJzA1NTAnCiAgICBjb250ZW50OiB8CiAgICAgICMhL2Jpbi9iYXNoCiAgICAgIGV4cG9ydCBERUJJQU5fRlJPTlRFTkQ9bm9uaW50ZXJhY3RpdmUKICAgICAgYXB0LW1hcmsgaG9sZCBsaW51eC1oZWFkZXJzLWdlbmVyaWMKICAgICAgYXB0LW1hcmsgaG9sZCBsaW51eC1oZWFkZXJzLXZpcnR1YWwKICAgICAgYXB0LW1hcmsgaG9sZCBsaW51eC1pbWFnZS12aXJ0dWFsCiAgICAgIGFwdC1tYXJrIGhvbGQgbGludXgtdmlydHVhbAogICAgICBhcHQtZ2V0IHVwZGF0ZQogICAgICBhcHQtZ2V0IHVwZ3JhZGUgLXkKICAgICAgYXB0LWdldCBhdXRvcmVtb3ZlIC15ICAgIApzc2hfYXV0aG9yaXplZF9rZXlzOgogIC0gc3NoLWVkMjU1MTkKICAgIEFBQUFDM056YUMxbFpESTFOVEU1QUFBQUlFd1dubk9UQXUwTGxBWlJjelEwWjBLdk5sVWRQaEdRaHBaaWUrbkYxTzNzCiAgICBIYXJ2ZXN0ZXIgQ05WIE5vZGUK
kind: Secret
metadata:
labels:
harvesterhci.io/cloud-init-template: harvester
name: rke2-ubuntu-24.04-3bl5k
namespace: vanderlande
ownerReferences:
- apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineTemplateVersion
name: rke2-ubuntu-24.04-xrv5n
# UID of the VirtualMachineTemplateVersion to link to
uid: ad96ea4b-3d5a-4de3-adb0-0eb3c99920b2
type: secret

10
deploy/harvester/templates/rke2-ubuntu-24.04-template.yaml Executable file
View File

@@ -0,0 +1,10 @@
apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineTemplate
metadata:
name: rke2-ubuntu-24.04
namespace: vanderlande
# UID needs to be specified explicitly as it is used in template version and secret.
uid: cf644217-0be1-47f0-8c7f-2594f633da26
spec:
defaultVersionId: vanderlande/rke2-ubuntu-24.04-xrv5n

94
deploy/harvester/templates/rke2-ubuntu-24.04-xrv5n.yaml Executable file
View File

@@ -0,0 +1,94 @@
apiVersion: harvesterhci.io/v1beta1
kind: VirtualMachineTemplateVersion
metadata:
annotations:
template-version.harvesterhci.io/customName: VfNPzXKspc
generateName: rke2-ubuntu-24.04-
generation: 2
labels:
template.harvesterhci.io/templateID: rke2-ubuntu-24.04
name: rke2-ubuntu-24.04-xrv5n
namespace: vanderlande
ownerReferences:
- apiVersion: harvesterhci.io/v1beta1
blockOwnerDeletion: true
controller: true
kind: VirtualMachineTemplate
name: rke2-ubuntu-24.04
# UID of the VirtualMachineTemplate to link to
uid: cf644217-0be1-47f0-8c7f-2594f633da26
# UID is of the VirtualMachineTemplateVersion used by the secret
uid: ad96ea4b-3d5a-4de3-adb0-0eb3c99920b2
spec:
templateId: vanderlande/rke2-ubuntu-24.04
vm:
metadata:
annotations:
harvesterhci.io/enableCPUAndMemoryHotplug: "true"
# Image StorageClass name is defined by the image suffix, i.e. ubuntu-24.04-qhtpc -> longhorn-image-qhtpc
harvesterhci.io/volumeClaimTemplates: '[{"metadata":{"name":"-disk-0-jprp0","annotations":{"harvesterhci.io/imageId":"vanderlande/image-qhtpc"}},"spec":{"accessModes":["ReadWriteMany"],"resources":{"requests":{"storage":"60Gi"}},"volumeMode":"Block","storageClassName":"longhorn-image-qhtpc"}}]'
template-version.harvesterhci.io/customName: VfNPzXKspc
creationTimestamp: null
labels:
harvesterhci.io/os: ubuntu
spec:
runStrategy: RerunOnFailure
template:
metadata:
annotations:
harvesterhci.io/sshNames: '["vanderlande/harvester-cnv-node"]'
creationTimestamp: null
spec:
affinity: {}
domain:
cpu:
cores: 1
maxSockets: 16
sockets: 4
threads: 1
devices:
disks:
- bootOrder: 1
disk:
bus: virtio
name: disk-0
- disk:
bus: virtio
name: cloudinitdisk
inputs:
- bus: usb
name: tablet
type: tablet
interfaces:
- bridge: {}
model: virtio
name: default
features:
acpi:
enabled: true
machine:
type: ""
memory:
guest: 8Gi
maxGuest: 32Gi
resources:
limits:
cpu: "16"
memory: 32Gi
evictionStrategy: LiveMigrateIfPossible
networks:
- multus:
networkName: vanderlande/vm-lan
name: default
terminationGracePeriodSeconds: 120
volumes:
- name: disk-0
persistentVolumeClaim:
claimName: -disk-0-jprp0
- cloudInitNoCloud:
networkDataSecretRef:
name: rke2-ubuntu-24.04-3bl5k
secretRef:
name: rke2-ubuntu-24.04-3bl5k
name: cloudinitdisk