config/configs/node-bootstrap.yaml

---
# early system configuration
anti_phishing_code: "Direktil<3"

modules: /modules.sqfs

auths:
{{ .vars.bootstrap_auths |yaml }}

networks:
- name: loopback
  interfaces: [ { var: iface, n: 1, regexps: [ "^lo$" ] } ]
  script: |
    ip a add 127.0.0.1/8 dev lo
    ip a add ::1/128 dev lo
    ip li set lo up

{{- if .vars.net_custom }}
{{ .vars.net_custom | indent "    " }}
{{- else }}
    ip link add name main type bond
    ip addr add {{.host.ip}}/{{.vars.netmask}} dev main
    ip link set main up
{{-   if .vars.gateway_mask }}
    ip route add {{.vars.gateway}}/{{.vars.gateway_mask}} dev main
{{-   end }}
    ip route add default via {{.vars.gateway}}

    cat >>/etc/resolv.conf <<EOF
{{- range .vars.dns }}
    nameserver {{.}}
{{- end }}
    EOF

- name: main
  interfaces:
  - var: ifaces
    n: -1 # grab all matches
    regexps:
    - {{ .vars.iface }}
  script: |
    for iface in $ifaces
    do
      ip link set $iface master main
      ip li set $iface up
    done

{{- end }}

lvm:
- vg: storage
  pvs:
    n: 1
    regexps:
    - {{ .vars.devname_match }}

  defaults:
    fs: ext4

  lvs:
  - name: bootstrap
    size: 2g

  - name: varlog
    extents: 10%VG

{{ if .vars.is_master }}
  - name: etcd
    extents: 10%VG
{{ end }}
  - name: kubelet
    extents: 5%VG

  - name: containerd
    extents: {{ .vars.containerd_size }}

crypt:
{{- if .vars.encrypt_disks }}
  - dev: /dev/storage/bootstrap
  - dev: /dev/storage/varlog
  - dev: /dev/storage/kubelet
  - dev: /dev/storage/containerd
  {{- if .vars.is_master }}
  - dev: /dev/storage/etcd
  {{- end }}
{{- end }}
  - prefix: /dev/storage/k8s-crypt-
    name:   k8s-pv-crypt-

bootstrap:
{{- if .vars.encrypt_disks }}
  dev: /dev/mapper/bootstrap
{{- else }}
  dev: /dev/storage/bootstrap
{{- end }}
{{ if .vars.dls_base_url }}
  seed: {{ .vars.dls_base_url }}/hosts-by-token/{{ host_download_token }}/bootstrap.tar
{{ end }}