Last active
March 6, 2021 08:50
-
-
Save pdostal/0ad575321881ffbbfb4a6a98eab6bd8d to your computer and use it in GitHub Desktop.
RancherOS infrastructure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$TTL 86400 | |
@ IN SOA host.pdostal.sh.cvut.cz. p.dostal.sh.cvut.cz. ( | |
2021030200 ; serial | |
28800 ; refresh | |
14400 ; retry | |
3600000 ; expire | |
86400 ; default_ttl | |
) | |
@ IN NS host.pdostal.sh.cvut.cz. | |
1 IN PTR host.pdostal.sh.cvut.cz. | |
10 IN PTR rancher-server.sh.cvut.cz. | |
11 IN PTR rancher-worker1.sh.cvut.cz. | |
12 IN PTR rancher-worker2.sh.cvut.cz. | |
13 IN PTR rancher-worker3.sh.cvut.cz. | |
21 IN PTR gitlab.sh.cvut.cz. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!ipxe | |
#chain http://boot.ipxe.org/demo/boot.php | |
set menu-timeout 5000 | |
set submenu-timeout ${menu-timeout} | |
isset ${menu-default} || set menu-default opensusetum | |
cpuid --ext 29 && set arch x86_64 || set arch i386 | |
cpuid --ext 29 && set archl amd64 || set archl i386 | |
cpuid --ext 29 && set tinycorek vmlinuz64 || set tinycorek vmlinuz | |
:start | |
menu Network boot menu | |
item --gap -- MAC: ${net0/mac} | |
item --gap -- IP4: ${net0/ip} | |
item --gap -- IP6: ${net0/ip6} | |
item --gap -- | |
item --key t opensusetum [t] Install openSUSE Tumbleweed | |
item --key k rancher-server [k] Install Rancher server on RancherOS | |
item --key w rancher-worker [w] Install Rancher worker on RancherOS | |
item --key g gitlab [g] Run GitLab on RancherOS | |
item --key m memtest [m] Run memtest | |
item --gap -- | |
item --key o others [o] netboot.cz | |
item --key s shell [s] Enter iPXE shell | |
item --gap -- | |
item --key R reboot [R] Reboot computer | |
item --key x exit [x] Exit iPXE | |
choose --timeout ${menu-timeout} --default ${menu-default} selected || goto cancel | |
set menu-timeout 0 | |
goto ${selected} | |
:cancel | |
echo You cancelled the menu, dropping you to a shell | |
:shell | |
echo Type 'exit' to get the back to the menu | |
shell | |
set menu-timeout 0 | |
set submenu-timeout 0 | |
goto start | |
:failed | |
echo Booting failed, dropping to shell | |
goto shell | |
:reboot | |
reboot | |
:exit | |
exit | |
:rancher-server | |
set rancherosbase http://releases.rancher.com/os/latest | |
kernel ${rancherosbase}/vmlinuz rancher.state.dev=LABEL=RANCHER_STATE rancher.state.wait rancher.password=rancher rancher.state.autoformat=[/dev/sda] rancher.cloud_init.datasources=[url:http://192.168.122.1/rancher-server.yaml] | |
initrd ${rancherosbase}/initrd | |
boot || goto failed | |
goto start | |
:rancher-worker | |
set rancherosbase http://releases.rancher.com/os/latest | |
kernel ${rancherosbase}/vmlinuz rancher.state.dev=LABEL=RANCHER_STATE rancher.state.wait rancher.password=rancher rancher.state.autoformat=[/dev/sda] rancher.cloud_init.datasources=[url:http://192.168.122.1/rancher-worker.yaml] | |
initrd ${rancherosbase}/initrd | |
boot || goto failed | |
goto start | |
:gitlab | |
set rancherosbase http://releases.rancher.com/os/latest | |
kernel ${rancherosbase}/vmlinuz rancher.state.dev=LABEL=RANCHER_STATE rancher.state.wait rancher.password=rancher rancher.state.autoformat=[/dev/sda] rancher.cloud_init.datasources=[url:http://192.168.122.1/gitlab.yaml] | |
initrd ${rancherosbase}/initrd | |
boot || goto failed | |
goto start | |
:opensusetum | |
set obase http://download.opensuse.org/tumbleweed/repo/oss/ | |
goto opensuseinst | |
:opensuseinst | |
kernel ${obase}boot/${arch}/loader/linux install=${obase} splash=verbose | |
initrd ${obase}boot/${arch}/loader/initrd | |
boot || goto failed | |
goto start | |
:memtest | |
kernel http://download.opensuse.org/tumbleweed/repo/oss/boot/${arch}/loader/memtest | |
boot || goto failed | |
goto start | |
:others | |
chain http://netboot.cz/index.ipxe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<domain type='kvm' id='17'> | |
<name>gitlab</name> | |
... | |
<interface type='network'> | |
<mac address='52:54:00:7e:c7:21'/> | |
<source network='default' portid='957add19-d153-4e6a-a54f-8fd7075a154d' bridge='virbr0'/> | |
<target dev='vnet17'/> | |
<model type='e1000'/> | |
<boot order='1'/> | |
<alias name='net0'/> | |
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> | |
</interface> | |
... | |
</domain> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#cloud-config | |
ssh_authorized_keys: | |
- ssh-rsa AAAA... | |
rancher: | |
ssh: | |
port: 10022 | |
services: | |
web: | |
image: gitlab/gitlab-ce:latest | |
restart: always | |
hostname: gitlab.pdostal.sh.cvut.cz | |
environment: | |
GITLAB_OMNIBUS_CONFIG: | | |
external_url 'https://gitlab.pdostal.sh.cvut.cz' | |
# Add any other gitlab.rb configuration here, each on its own line | |
ports: | |
- '80:80' | |
- '443:443' | |
- '22:22' | |
volumes: | |
- /gitlab/config:/etc/gitlab | |
- /gitlab/logs:/var/log/gitlab | |
- /gitlab/data:/var/opt/gitlab |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"Dhcp4": { | |
"interfaces-config": { | |
"interfaces": ["virbr0"] | |
}, | |
"lease-database": { | |
"type": "memfile", | |
"lfc-interval": 3600 | |
}, | |
"expired-leases-processing": { | |
"reclaim-timer-wait-time": 10, | |
"flush-reclaimed-timer-wait-time": 25, | |
"hold-reclaimed-time": 3600, | |
"max-reclaim-leases": 100, | |
"max-reclaim-time": 250, | |
"unwarned-reclaim-cycles": 5 | |
}, | |
"renew-timer": 900, | |
"rebind-timer": 1800, | |
"valid-lifetime": 3600, | |
"option-data": [ | |
{ | |
"name": "domain-name-servers", | |
"data": "192.168.122.1" | |
}, | |
{ | |
"name": "domain-name", | |
"data": "pdostal.sh.cvut.cz" | |
}, | |
{ | |
"name": "domain-search", | |
"data": "pdostal.sh.cvut.cz, sh.cvut.cz, switches.nat, sh.nat, pdostal.cz" | |
}, | |
{ | |
"name": "boot-file-name", | |
"data": "undionly.kpxe" | |
}, | |
{ | |
"name": "tftp-server-name", | |
"data": "192.168.122.1" | |
} | |
], | |
"client-classes": [ | |
#{ | |
# "name": "UEFI-32-1", | |
# "test": "substring(option[60].hex,0,20) == 'PXEClient:Arch:00006'", | |
# "boot-file-name": "tftp://192.168.122.1/undionly.kpxe" | |
#}, | |
#{ | |
# "name": "UEFI-32-2", | |
# "test": "substring(option[60].hex,0,20) == 'PXEClient:Arch:00002'", | |
# "boot-file-name": "tftp://192.168.122.1/undionly.kpxe" | |
#}, | |
#{ | |
# "name": "UEFI-64-1", | |
# "test": "substring(option[60].hex,0,20) == 'PXEClient:Arch:00007'", | |
# "boot-file-name": "tftp://192.168.122.1/undionly.kpxe" | |
#}, | |
#{ | |
# "name": "UEFI-64-2", | |
# "test": "substring(option[60].hex,0,20) == 'PXEClient:Arch:00008'", | |
# "boot-file-name": "tftp://192.168.122.1/undionly.kpxe" | |
#}, | |
#{ | |
# "name": "UEFI-64-3", | |
# "test": "substring(option[60].hex,0,20) == 'PXEClient:Arch:00009'", | |
# "boot-file-name": "tftp://192.168.122.1/undionly.kpxe" | |
#}, | |
#{ | |
# "name": "Legacy", | |
# "test": "substring(option[60].hex,0,20) == 'PXEClient:Arch:00000'", | |
# "boot-file-name": "tftp://192.168.122.1/undionly.kpxe" | |
#}, | |
{ | |
"name": "XClient_iPXE", | |
"test": "substring(option[77].hex,0,4) == 'iPXE'", | |
"boot-file-name": "tftp://192.168.122.1/boot.ipxe" | |
} | |
], | |
"subnet4": [ | |
{ | |
"subnet": "192.168.122.0/24", | |
"pools": [ | |
{ | |
"pool": "192.168.122.100 - 192.168.122.199" | |
} | |
], | |
"option-data": [ | |
{ | |
"name": "routers", | |
"data": "192.168.122.1" | |
} | |
], | |
"reservations": [ | |
{ | |
"hw-address": "52:54:00:de:4f:e2", | |
"ip-address": "192.168.122.3", | |
"hostname": "shell" | |
}, | |
{ | |
"hw-address": "52:54:00:7e:c7:10", | |
"ip-address": "192.168.122.10", | |
"hostname": "rancher-server" | |
}, | |
{ | |
"hw-address": "52:54:00:7e:c7:11", | |
"ip-address": "192.168.122.11", | |
"hostname": "rancher-worker1" | |
}, | |
{ | |
"hw-address": "52:54:00:7e:c7:12", | |
"ip-address": "192.168.122.12", | |
"hostname": "rancher-worker2" | |
}, | |
{ | |
"hw-address": "52:54:00:7e:c7:13", | |
"ip-address": "192.168.122.13", | |
"hostname": "rancher-worker3" | |
}, | |
{ | |
"hw-address": "52:54:00:7e:c7:21", | |
"ip-address": "192.168.122.21", | |
"hostname": "gitlab" | |
} | |
] | |
} | |
] | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zone "122.168.192.in-addr.arpa" { | |
type master; | |
file "122.168.192.in-addr.arpa.zone"; | |
}; | |
zone "pdostal.sh.cvut.cz" { | |
type master; | |
file "pdostal.sh.cvut.cz.zone"; | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$TTL 86400 | |
@ IN SOA pdostal.sh.cvut.cz. p.dostal.sh.cvut.cz. ( | |
2021030200 ; serial | |
28800 ; refresh | |
14400 ; retry | |
3600000 ; expire | |
86400 ; default_ttl | |
) | |
@ IN NS ns.pdostal.sh.cvut.cz. | |
@ IN A 147.32.30.64 | |
* IN A 147.32.30.64 | |
ns IN A 192.168.122.1 | |
host IN A 192.168.122.1 | |
rancher-server IN A 192.168.122.10 | |
rancher-worker1 IN A 192.168.122.11 | |
rancher-worker2 IN A 192.168.122.12 | |
rancher-worker3 IN A 192.168.122.13 | |
gitlab IN A 192.168.122.21 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#cloud-config | |
ssh_authorized_keys: | |
- ssh-rsa AAA... | |
rancher: | |
services: | |
rancher-server: | |
image: rancher/rancher | |
privileged: true | |
ports: | |
- 80:80 | |
- 443:443 | |
restart: always |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#cloud-config | |
ssh_authorized_keys: | |
- ssh-rsa AAA... | |
rancher: | |
services: | |
rancher-agent1: | |
image: rancher/rancher-agent:v2.5.5 | |
command: --server https://192.168.122.10 --token btndqtbvpmlxhrtzv9rv7fzkbb2mhzj2ntrdcxn69lgqrtn9564845 --ca-checksum 44b190b35e0454cc10b0c48197b2c139c97c3877b666023f336a9e867ecd7550 --worker | |
privileged: true | |
net: host | |
volumes: | |
- /var/run:/var/run | |
- /etc/kubernetes:/etc/kubernetes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment