From fb9ca1f9b0713a009b616dec46e4af1633dd96cb Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Thu, 5 Sep 2024 00:36:11 -0500
Subject: [PATCH] add kubelet mounts

for openebs local -- this provides low latency PV storage for databases
and the like.
---
 .envrc                                        |  2 +
 .../bootstrap/talos/clusterconfig/.gitignore  |  1 +
 kubernetes/bootstrap/talos/talconfig.yaml     | 43 ++++++++++++++++++-
 3 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/.envrc b/.envrc
index fe0b2e6..84ae7f9 100644
--- a/.envrc
+++ b/.envrc
@@ -3,5 +3,7 @@ export KUBECONFIG="$(expand_path ./kubeconfig)"
 export SOPS_AGE_KEY_FILE="$(expand_path ./age.key)"
 export TALOSCONFIG="$(expand_path ./kubernetes/bootstrap/talos/clusterconfig/talosconfig)"
 export KREW_ROOT="$(expand_path ~/.krew/bin)";
+export CLUSTER="theshire"
+export KUBERNETES_DIR="$(expand_path ./kubernetes)"
 PATH_add $KREW_ROOT
 use nix
diff --git a/kubernetes/bootstrap/talos/clusterconfig/.gitignore b/kubernetes/bootstrap/talos/clusterconfig/.gitignore
index 5eca777..fc9cac8 100644
--- a/kubernetes/bootstrap/talos/clusterconfig/.gitignore
+++ b/kubernetes/bootstrap/talos/clusterconfig/.gitignore
@@ -6,3 +6,4 @@ theshire-merry.yaml
 theshire-rosie.yaml
 talosconfig
 theshire-gandalf-01.yaml
+theshire-shadowfax-01.yaml
diff --git a/kubernetes/bootstrap/talos/talconfig.yaml b/kubernetes/bootstrap/talos/talconfig.yaml
index a73d8e4..6d161d0 100644
--- a/kubernetes/bootstrap/talos/talconfig.yaml
+++ b/kubernetes/bootstrap/talos/talconfig.yaml
@@ -116,6 +116,47 @@ nodes:
         machine:
           sysctls:
             vm.nr_hugepages: "1024"
+      - &kubelet_extra_mounts |-
+        machine:
+          kubelet:
+            extraMounts:
+              - destination: /var/openebs/local
+                type: bind
+                source: /var/openebs/local
+                options:
+                  - bind
+                  - rshared
+                  - rw
+  - hostname: shadowfax-01
+    disableSearchDomain: true
+    ipAddress: 10.1.1.69
+    controlPlane: false
+    installDiskSelector:
+      busPath: /pci0000:00/0000:00:01.1/0000:02:00.0/virtio6/host0/target0:0:0/0:0:0:1/
+    networkInterfaces:
+      - interface: enp5s0
+        dhcp: true
+    patches:
+      - |-
+        machine:
+          sysctls:
+            net.core.bpf_jit_harden: 1
+            vm.nr_hugepages: "1024"
+      - *kubelet_extra_mounts
+
+    kernelModules:
+      - name: nvidia
+      - name: nvidia_uvm
+      - name: nvidia_drm
+      - name: nvidia_modeset
+    schematic:
+      customization:
+        systemExtensions:
+          officialExtensions:
+            - siderolabs/amd-ucode
+            - siderolabs/nonfree-kmod-nvidia
+            - siderolabs/nvidia-container-toolkit
+
 worker:
   schematic:
     customization:
@@ -135,7 +176,7 @@ controlPlane:
           - siderolabs/intel-ucode
           - siderolabs/i915-ucode
   patches:
-     # Disable search domain everywhere
+    # Disable search domain everywhere
     - |-
       machine:
         network: