add kubelet mounts

for openebs local -- this provides low latency PV storage for databases and the like.
2024-09-05 00:36:11 -05:00 · 2024-09-05 00:36:11 -05:00 · fb9ca1f9b0
commit fb9ca1f9b0
parent ad7fc04320
3 changed files with 45 additions and 1 deletions
--- a/.envrc
+++ b/.envrc
@ -3,5 +3,7 @@ export KUBECONFIG="$(expand_path ./kubeconfig)"
 export SOPS_AGE_KEY_FILE="$(expand_path ./age.key)"
 export TALOSCONFIG="$(expand_path ./kubernetes/bootstrap/talos/clusterconfig/talosconfig)"
 export KREW_ROOT="$(expand_path ~/.krew/bin)";
+export CLUSTER="theshire"
+export KUBERNETES_DIR="$(expand_path ./kubernetes)"
 PATH_add $KREW_ROOT
 use nix
--- a/kubernetes/bootstrap/talos/clusterconfig/.gitignore
+++ b/kubernetes/bootstrap/talos/clusterconfig/.gitignore
@ -6,3 +6,4 @@ theshire-merry.yaml
 theshire-rosie.yaml
 talosconfig
 theshire-gandalf-01.yaml
+theshire-shadowfax-01.yaml
--- a/kubernetes/bootstrap/talos/talconfig.yaml
+++ b/kubernetes/bootstrap/talos/talconfig.yaml
@ -116,6 +116,47 @@ nodes:
        machine:
          sysctls:
            vm.nr_hugepages: "1024"
+      - &kubelet_extra_mounts |-
+        machine:
+          kubelet:
+            extraMounts:
+              - destination: /var/openebs/local
+                type: bind
+                source: /var/openebs/local
+                options:
+                  - bind
+                  - rshared
+                  - rw
+  - hostname: shadowfax-01
+    disableSearchDomain: true
+    ipAddress: 10.1.1.69
+    controlPlane: false
+    installDiskSelector:
+      busPath: /pci0000:00/0000:00:01.1/0000:02:00.0/virtio6/host0/target0:0:0/0:0:0:1/
+    networkInterfaces:
+      - interface: enp5s0
+        dhcp: true
+    patches:
+      - |-
+        machine:
+          sysctls:
+            net.core.bpf_jit_harden: 1
+            vm.nr_hugepages: "1024"
+      - *kubelet_extra_mounts
+
+    kernelModules:
+      - name: nvidia
+      - name: nvidia_uvm
+      - name: nvidia_drm
+      - name: nvidia_modeset
+    schematic:
+      customization:
+        systemExtensions:
+          officialExtensions:
+            - siderolabs/amd-ucode
+            - siderolabs/nonfree-kmod-nvidia
+            - siderolabs/nvidia-container-toolkit
+
 worker:
  schematic:
    customization:
@ -135,7 +176,7 @@ controlPlane:
          - siderolabs/intel-ucode
          - siderolabs/i915-ucode
  patches:
-     # Disable search domain everywhere
+    # Disable search domain everywhere
    - |-
      machine:
        network: