wigust
/
dotfiles


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
							#!/usr/bin/env bash

set -o nounset -o errexit -o pipefail

. /etc/environment
export LINUX_MODULE_DIRECTORY

coredns_image="${KUBELET_COREDNS_IMAGE:-/nix/store/1crdy15nv25jpbvknrzyhg6khv9ikhl9-docker-image-coredns-coredns-1.7.1.tar}"
pause_image="${KUBELET_PAUSE_IMAGE:-/nix/store/xjlwhyqjhx0j2sc41wfpsw1zvhn98vh5-docker-image-pause.tar.gz}"

if [[ -e /dev/lvm1/hpvolumes ]]
then
    echo "Device '/dev/lvm1/hpvolumes' exists." 2>&1
else
    /home/oleg/.guix-profile/sbin/lvchange -ay /dev/lvm1/hpvolumes
fi

if [[ -e /var/lib/kubelet/.maintenance ]]
then
    echo "File '/var/lib/kubelet/.maintenance' exists."
    exit 1
else
    echo "Creating '/var/lib/kubelet/.maintenance' file, user required to remove it in case of usual reboot."
    cat > /var/lib/kubelet/.maintenance <<'EOF'
# Remove this file and restart the 'kubelet' service.
# The 'kubelet' service automatically recreates this file and proseed.
EOF
fi

if [[ -e /proc/drbd ]]
then
    printf "DEBUG: '/proc/drbd' file already exist.\n" 2>&1
else
    modprobe drbd9
fi

if [[ $(ctr --namespace k8s.io images list) == *docker.io/coredns/coredns:1.7.1* ]]
then
    :
else
    cat "$coredns_image" | ctr -n k8s.io image import --all-platforms -
fi

if [[ $(ctr --namespace k8s.io images list) == *docker.io/library/pause:latest* ]]
then
    :
else
    zcat "$pause_image" | ctr -n k8s.io image import --all-platforms -
fi

if [[ -d /var/hpvolumes ]]
then
    if mountpoint --quiet /var/hpvolumes
    then
        :
    else
        # Uncomment if '/var/hpvolumes' directory is on a '/' file-system.
        # mount --bind /var/hpvolumes /var/hpvolumes
        mount /dev/lvm1/hpvolumes /var/hpvolumes

        mount --make-shared /var/hpvolumes
    fi
fi

# Add rlimits to service file by crosbymichael · Pull Request #1846
# https://github.com/containerd/containerd/pull/1846
containerd_pid="$(cat /run/containerd/containerd.pid)"
prlimit --pid "$containerd_pid" --nofile=1048576:1048576
prlimit --pid "$containerd_pid" --nproc=unlimited

kubelet \
    --address=192.168.0.144 \
    --node-ip=192.168.0.144 \
    --authentication-token-webhook \
    --authentication-token-webhook-cache-ttl=10s \
    --authorization-mode=Webhook \
    --client-ca-file=/etc/kubernetes/pki/ca.pem \
    --cluster-dns=10.8.255.254 \
    --cluster-domain=cluster.local \
    --hairpin-mode=hairpin-veth \
    --healthz-bind-address=127.0.0.1 \
    --healthz-port=10248 \
    --hostname-override=kube1 \
    --kubeconfig=/home/oleg/.local/share/chezmoi/dotfiles/kubernetes/kubeconfig \
    --pod-infra-container-image=pause \
    --port=10250 \
    --register-node=true \
    --register-with-taints=unschedulable=true:NoSchedule \
    --root-dir=/var/lib/kubelet \
    --tls-cert-file=/etc/kubernetes/pki/kubelet-client-kube1.pem \
    --tls-private-key-file=/etc/kubernetes/pki/kubelet-client-kube1-key.pem \
    --container-runtime=remote \
    --container-runtime-endpoint=unix:///run/containerd/containerd.sock \
    --fail-swap-on=false \
    --eviction-hard='nodefs.available<10Gi,nodefs.inodesFree<1000000,imagefs.available<10Gi,imagefs.inodesFree<1000000' \
    --image-gc-high-threshold 95 \
    --image-gc-low-threshold 90 \
    --pod-manifest-path=/etc/kubernetes/manifests