fentas/cattle.yaml

## cattle.yaml
#cloud-config

package_update: true
package_upgrade: true
package_reboot_if_required: true

disable_root: 1
ssh_pwauth:   0

manage-resolv-conf: true
resolv_conf:
  nameservers:
    - '1.1.1.1'
    - '8.8.8.8'

write_files:
- path: /etc/sysctl.d/20-k8s-sysctl.conf
  content: |
    kernel.dmesg_restrict=1
    kernel.pid_max=65535
    fs.file-max=512000
    vm.max_map_count=262144
    vm.swappiness=0
    net.ipv4.tcp_slow_start_after_idle=0
    net.ipv4.tcp_mtu_probling=1
    net.ipv4.tcp_congestion_control=bbr
    net.core.default_qdisc=fq
- path: /entrypoint.sh
  content: |
    #!/bin/bash
    set -euo pipefail

    LABEL_PREFIX="_replace_"
    TOKEN="_replace_"
    CA_CHECKSUM="_replace_"
    SERVER="_replace_"

    eaddress="eth0"
    iaddress="ens10"

    hostname="$(hostname)"

    declare -a roles
    declare -a labels
    labels+=("${LABEL_PREFIX}/cloud=hetzner")

    declare -A match
    match=([e]=etcd [c]=controlplane [w]=worker)
    for (( i=0; i<${#hostname}; i++ )); do
      role="${match[${hostname:$i:1}]-}"
      [ -n "${role}" ] || break
      roles+=("${role}")
      labels+=("${LABEL_PREFIX}/${role}=true")
    done

    eaddress="$(ip addr show "${eaddress}" | sed -E -ne 's/.*inet ([0-9.]+).*/\1/p' | head -n+1)"
    iaddress="$(ip addr show "${iaddress}" | sed -E -ne 's/.*inet ([0-9.]+).*/\1/p' | head -n+1)"

    docker run -d \
      --privileged \
      --restart=unless-stopped \
      --net=host \
      -v /etc/kubernetes:/etc/kubernetes \
      -v /var/run:/var/run rancher/rancher-agent:v2.4.2 \
      --server "${SERVER}" \
      --token "${TOKEN}" \
      --ca-checksum "${CA_CHECKSUM}" \
      --address "${eaddress}" \
      --internal-address "${iaddress}" \
      ${roles[@]/#/--} \
      ${labels[@]/#/--label }

users:
- name: user
  lock_passwd: true
  shell: /bin/bash
  ssh-authorized-keys:
    - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmmVuLEt28Mg8rCnbbxEu0NKs8Ae0mKin7kUtrUMIEQ3vAmFB9T9QECLr5hn50jE0kShYosEKXlK6pSZBLibS5L74Ij13TSJHQSXR6dMhjMQwlrUHZkMZk9cMsQ0aoxVhysy8LsWnXl648/CXySkeyyrncvYixeND5bWH8XkGmx6mEHjZQu+96rG6oteatjaf328Owub5HZ38IDFZ1cfaAOsv6zKEwyqDGzlmIH9ehuZI0mV5fTKagYd+zjbsmtKU5XuiTrZA+3IT2QnDKAM9ygn+Sju6PMOwdy3rzcpTxRYu/+fxKohIApyq9zWfJk9OKl+erSJZjTzEoAYdwY9DSt8T3Ag6Y48fIsGm4Okmnu4akPAuH9RtrZQlYP2v7ICJ+khvlY6fXHrUMXSIx4QTRLN4w+uJAp5MwkGqCTifaf7ngHM9SRCee4xK9P0493EvjA+EnCDFq5CflQmT23aLnLz+AcetS7kPkLCRHyevc36PJdn243+SvvU8MHwCV1jDUoe6Gm/OzubesJLCS/CWd/sYvR7BtiNRcIhQ/eWu3QlZTZdjqjctQvbFbslARlk0fL5a42PjRbVOxmzMhXHFoiQhtmXfW9uEkKy1YaAXtf3oVFY8TClw5gerRFOMUE/c2L0yMKOVxMcPuWI634d1WTevUJ65r36dp7NHKwy/gCQ=="
  groups:
    - ubuntu
    - docker
  sudo:
    - ALL=(ALL) NOPASSWD:ALL

packages:
  - apt-transport-https
  - ca-certificates
  - curl
  - software-properties-common
  - htop
  - rsync

runcmd:
  - /sbin/sysctl --system
  - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
  - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  - apt-get update -y
  - apt-get install -y docker-ce docker-ce-cli containerd.io
  - systemctl start docker
  - systemctl enable docker
  - bash /entrypoint.sh

final_message: "The system is finally up, after $UPTIME seconds"

## rancher.yaml
#cloud-config

package_update: true
package_upgrade: true
package_reboot_if_required: true

disable_root: 1
ssh_pwauth:   0

manage-resolv-conf: true
resolv_conf:
  nameservers:
    - '1.1.1.1'
    - '8.8.8.8'

write_files:
- path: /etc/network/interfaces.d/60-floating-ip.cfg
  content: |
    # set static ip
    auto eth0:1
    iface eth0:1 inet static
        address 78.47.156.8
        netmask 32

users:
- name: user
  lock_passwd: true
  shell: /bin/bash
  ssh-authorized-keys:
    - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmmVuLEt28Mg8rCnbbxEu0NKs8Ae0mKin7kUtrUMIEQ3vAmFB9T9QECLr5hn50jE0kShYosEKXlK6pSZBLibS5L74Ij13TSJHQSXR6dMhjMQwlrUHZkMZk9cMsQ0aoxVhysy8LsWnXl648/CXySkeyyrncvYixeND5bWH8XkGmx6mEHjZQu+96rG6oteatjaf328Owub5HZ38IDFZ1cfaAOsv6zKEwyqDGzlmIH9ehuZI0mV5fTKagYd+zjbsmtKU5XuiTrZA+3IT2QnDKAM9ygn+Sju6PMOwdy3rzcpTxRYu/+fxKohIApyq9zWfJk9OKl+erSJZjTzEoAYdwY9DSt8T3Ag6Y48fIsGm4Okmnu4akPAuH9RtrZQlYP2v7ICJ+khvlY6fXHrUMXSIx4QTRLN4w+uJAp5MwkGqCTifaf7ngHM9SRCee4xK9P0493EvjA+EnCDFq5CflQmT23aLnLz+AcetS7kPkLCRHyevc36PJdn243+SvvU8MHwCV1jDUoe6Gm/OzubesJLCS/CWd/sYvR7BtiNRcIhQ/eWu3QlZTZdjqjctQvbFbslARlk0fL5a42PjRbVOxmzMhXHFoiQhtmXfW9uEkKy1YaAXtf3oVFY8TClw5gerRFOMUE/c2L0yMKOVxMcPuWI634d1WTevUJ65r36dp7NHKwy/gCQ=="
  groups:
    - ubuntu
    - docker
  sudo:
    - ALL=(ALL) NOPASSWD:ALL

packages:
  - apt-transport-https
  - ca-certificates
  - curl
  - gnupg-agent
  - software-properties-common
  - git
  - gnupg2
  - htop
  - rsync
  - build-essential
  - vim

runcmd:
  - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -
  - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
  - curl -sL https://deb.nodesource.com/setup_13.x | sudo -E bash -
  - curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
  - echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
  - apt-get update -y
  - apt-get install -y docker-ce docker-ce-cli containerd.io nodejs yarn
  - curl -L https://github.com/docker/compose/releases/download/$(curl -s https://api.github.com/repos/docker/compose/releases/latest | grep "tag_name" | cut -d \" -f4)/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
  - chmod 755 /usr/local/bin/docker-compose
  - systemctl start docker
  - systemctl enable docker
  - systemctl restart networking

final_message: "The system is finally up, after $UPTIME seconds"
	#cloud-config

	package_update: true
	package_upgrade: true
	package_reboot_if_required: true

	disable_root: 1
	ssh_pwauth: 0

	manage-resolv-conf: true
	resolv_conf:
	nameservers:
	- '1.1.1.1'
	- '8.8.8.8'

	write_files:
	- path: /etc/sysctl.d/20-k8s-sysctl.conf
	content: \|
	kernel.dmesg_restrict=1
	kernel.pid_max=65535
	fs.file-max=512000
	vm.max_map_count=262144
	vm.swappiness=0
	net.ipv4.tcp_slow_start_after_idle=0
	net.ipv4.tcp_mtu_probling=1
	net.ipv4.tcp_congestion_control=bbr
	net.core.default_qdisc=fq
	- path: /entrypoint.sh
	content: \|
	#!/bin/bash
	set -euo pipefail

	LABEL_PREFIX="_replace_"
	TOKEN="_replace_"
	CA_CHECKSUM="_replace_"
	SERVER="_replace_"

	eaddress="eth0"
	iaddress="ens10"

	hostname="$(hostname)"

	declare -a roles
	declare -a labels
	labels+=("${LABEL_PREFIX}/cloud=hetzner")

	declare -A match
	match=([e]=etcd [c]=controlplane [w]=worker)
	for (( i=0; i<${#hostname}; i++ )); do
	role="${match[${hostname:$i:1}]-}"
	[ -n "${role}" ] \|\| break
	roles+=("${role}")
	labels+=("${LABEL_PREFIX}/${role}=true")
	done

	eaddress="$(ip addr show "${eaddress}" \| sed -E -ne 's/.inet ([0-9.]+)./\1/p' \| head -n+1)"
	iaddress="$(ip addr show "${iaddress}" \| sed -E -ne 's/.inet ([0-9.]+)./\1/p' \| head -n+1)"

	docker run -d \
	--privileged \
	--restart=unless-stopped \
	--net=host \
	-v /etc/kubernetes:/etc/kubernetes \
	-v /var/run:/var/run rancher/rancher-agent:v2.4.2 \
	--server "${SERVER}" \
	--token "${TOKEN}" \
	--ca-checksum "${CA_CHECKSUM}" \
	--address "${eaddress}" \
	--internal-address "${iaddress}" \
	${roles[@]/#/--} \
	${labels[@]/#/--label }

	users:
	- name: user
	lock_passwd: true
	shell: /bin/bash
	ssh-authorized-keys:
	- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmmVuLEt28Mg8rCnbbxEu0NKs8Ae0mKin7kUtrUMIEQ3vAmFB9T9QECLr5hn50jE0kShYosEKXlK6pSZBLibS5L74Ij13TSJHQSXR6dMhjMQwlrUHZkMZk9cMsQ0aoxVhysy8LsWnXl648/CXySkeyyrncvYixeND5bWH8XkGmx6mEHjZQu+96rG6oteatjaf328Owub5HZ38IDFZ1cfaAOsv6zKEwyqDGzlmIH9ehuZI0mV5fTKagYd+zjbsmtKU5XuiTrZA+3IT2QnDKAM9ygn+Sju6PMOwdy3rzcpTxRYu/+fxKohIApyq9zWfJk9OKl+erSJZjTzEoAYdwY9DSt8T3Ag6Y48fIsGm4Okmnu4akPAuH9RtrZQlYP2v7ICJ+khvlY6fXHrUMXSIx4QTRLN4w+uJAp5MwkGqCTifaf7ngHM9SRCee4xK9P0493EvjA+EnCDFq5CflQmT23aLnLz+AcetS7kPkLCRHyevc36PJdn243+SvvU8MHwCV1jDUoe6Gm/OzubesJLCS/CWd/sYvR7BtiNRcIhQ/eWu3QlZTZdjqjctQvbFbslARlk0fL5a42PjRbVOxmzMhXHFoiQhtmXfW9uEkKy1YaAXtf3oVFY8TClw5gerRFOMUE/c2L0yMKOVxMcPuWI634d1WTevUJ65r36dp7NHKwy/gCQ=="
	groups:
	- ubuntu
	- docker
	sudo:
	- ALL=(ALL) NOPASSWD:ALL

	packages:
	- apt-transport-https
	- ca-certificates
	- curl
	- software-properties-common
	- htop
	- rsync

	runcmd:
	- /sbin/sysctl --system
	- curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| apt-key add -
	- add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
	- apt-get update -y
	- apt-get install -y docker-ce docker-ce-cli containerd.io
	- systemctl start docker
	- systemctl enable docker
	- bash /entrypoint.sh

	final_message: "The system is finally up, after $UPTIME seconds"