production: Give banco rancher node abilities
This prepares the node to be able to integrate banco into the production cluster.
octo-diff banco
diff origin/production/banco.softwareheritage.org current/banco.softwareheritage.org
*******************************************
+ Augeas[kmod::setting kmod::option zfs_arc_max zfs] =>
parameters =>
"changes": [
"set options[. = 'zfs'] zfs",
"set options[. = 'zfs']/zfs_arc_max 12634229760"
],
"incl": "/etc/modprobe.d/zfs.conf",
"lens": "Modprobe.lns"
*******************************************
+ Exec[create /srv/storage/space] =>
parameters =>
"command": "mkdir -p /srv/storage/space",
"creates": "/srv/storage/space",
"path": [
"/bin",
"/usr/bin",
"/sbin",
"/usr/sbin"
]
*******************************************
+ Exec[create /tmp] =>
parameters =>
"command": "mkdir -p /tmp",
"creates": "/tmp",
"path": [
"/bin",
"/usr/bin",
"/sbin",
"/usr/sbin"
]
*******************************************
+ Exec[enforce-sysctl-value-fs.inotify.max_user_instances] =>
parameters =>
"command": "/sbin/sysctl -w fs.inotify.max_user_instances=8192",
"unless": "/usr/bin/test \"$(/sbin/sysctl -n fs.inotify.max_user_instances)\...
*******************************************
+ Exec[enforce-sysctl-value-vm.max_map_count] =>
parameters =>
"command": "/sbin/sysctl -w vm.max_map_count=2097152",
"unless": "/usr/bin/test \"$(/sbin/sysctl -n vm.max_map_count)\" = 2097152"
*******************************************
+ Exec[sysctl-fs.inotify.max_user_instances] =>
parameters =>
"command": "sysctl -p /etc/sysctl.d/fs.inotify.max_user_instances.conf",
"path": [
"/usr/sbin",
"/sbin",
"/usr/bin",
"/bin"
],
"refreshonly": true
*******************************************
+ Exec[sysctl-vm.max_map_count] =>
parameters =>
"command": "sysctl -p /etc/sysctl.d/vm.max_map_count.conf",
"path": [
"/usr/sbin",
"/sbin",
"/usr/bin",
"/bin"
],
"refreshonly": true
*******************************************
+ Exec[update-sysctl.conf-fs.inotify.max_user_instances] =>
parameters =>
"command": "sed -i -e 's#^fs.inotify.max_user_instances *=.*#fs.inotify.max_...
"onlyif": "grep -E '^fs.inotify.max_user_instances *=' /etc/sysctl.conf",
"path": [
"/usr/sbin",
"/sbin",
"/usr/bin",
"/bin"
],
"refreshonly": true
*******************************************
+ Exec[update-sysctl.conf-vm.max_map_count] =>
parameters =>
"command": "sed -i -e 's#^vm.max_map_count *=.*#vm.max_map_count = 2097152#'...
"onlyif": "grep -E '^vm.max_map_count *=' /etc/sysctl.conf",
"path": [
"/usr/sbin",
"/sbin",
"/usr/bin",
"/bin"
],
"refreshonly": true
*******************************************
- File[/etc/default/unbound]
*******************************************
+ File[/etc/modprobe.d/aliases.conf] =>
parameters =>
"ensure": "file",
"group": "root",
"mode": "0644",
"owner": "root"
*******************************************
+ File[/etc/modprobe.d/blacklist.conf] =>
parameters =>
"ensure": "file",
"group": "root",
"mode": "0644",
"owner": "root"
*******************************************
+ File[/etc/modprobe.d/modprobe.conf] =>
parameters =>
"ensure": "file",
"group": "root",
"mode": "0644",
"owner": "root"
*******************************************
+ File[/etc/modprobe.d/zfs.conf] =>
parameters =>
"ensure": "file",
"group": "root",
"mode": "0644",
"owner": "root"
*******************************************
+ File[/etc/modprobe.d] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root"
*******************************************
+ File[/etc/rancher/rke2/config.yaml.d/50-snapshotter.yaml] =>
parameters =>
"content": "# File managed by puppet - modifications will be lost\nsnapshott...
"group": "root",
"mode": "0644",
"owner": "root"
*******************************************
+ File[/etc/rancher/rke2/config.yaml.d] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root"
*******************************************
+ File[/etc/rancher/rke2] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root"
*******************************************
+ File[/etc/rancher] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root"
*******************************************
File[/etc/resolv.conf] =>
parameters =>
content =>
@@ -2,3 +2,4 @@
_
search internal.softwareheritage.org softwareheritage.org
-nameserver 127.0.0.1
+nameserver 192.168.100.29
+nameserver 192.168.200.22
*******************************************
+ File[/etc/sysctl.d/99-sysctl.conf] =>
parameters =>
"ensure": "link",
"group": "root",
"owner": "root",
"target": "../sysctl.conf"
*******************************************
+ File[/etc/sysctl.d/fs.inotify.max_user_instances.conf] =>
parameters =>
"content": "fs.inotify.max_user_instances = 8192\n",
"group": "root",
"mode": "0644",
"notify": [
"Exec[sysctl-fs.inotify.max_user_instances]",
"Exec[update-sysctl.conf-fs.inotify.max_user_instances]"
],
"owner": "root"
*******************************************
+ File[/etc/sysctl.d/vm.max_map_count.conf] =>
parameters =>
"content": "vm.max_map_count = 2097152\n",
"group": "root",
"mode": "0644",
"notify": [
"Exec[sysctl-vm.max_map_count]",
"Exec[update-sysctl.conf-vm.max_map_count]"
],
"owner": "root"
*******************************************
+ File[/etc/sysctl.d] =>
parameters =>
"ensure": "directory",
"group": "root",
"mode": "0755",
"owner": "root",
"purge": false,
"recurse": false
*******************************************
- File[/etc/unbound/unbound.conf.d/forwarders.conf]
*******************************************
- File[/etc/unbound/unbound.conf.d/insecure.conf]
*******************************************
+ File[/srv/storage/space]
*******************************************
+ File[/tmp]
*******************************************
- File[/var/lib/unbound/root.key]
*******************************************
- File_line[unbound root auto update]
*******************************************
+ Kmod::Option[zfs_arc_max] =>
parameters =>
"ensure": "present",
"file": "/etc/modprobe.d/zfs.conf",
"module": "zfs",
"option": "zfs_arc_max",
"value": 12634229760
*******************************************
+ Kmod::Setting[kmod::option zfs_arc_max] =>
parameters =>
"category": "options",
"ensure": "present",
"file": "/etc/modprobe.d/zfs.conf",
"module": "zfs",
"option": "zfs_arc_max",
"value": 12634229760
*******************************************
+ Mount[/srv/storage/space] =>
parameters =>
"device": "saam:/srv/storage/space",
"dump": 0,
"ensure": "present",
"fstype": "nfs",
"options": "ro,soft,intr,rsize=8192,wsize=8192,noauto,x-systemd.automount,x-...
"pass": 0
*******************************************
+ Mount[/tmp] =>
parameters =>
"device": "tmpfs",
"dump": 0,
"ensure": "present",
"fstype": "tmpfs",
"options": "size=7998533632,nr_inodes=200m,noexec,nosuid,nodev,relatime,rw",...
"pass": 0
*******************************************
+ Mount[swap] =>
parameters =>
"device": "LABEL=\"swap\"",
"dump": 0,
"ensure": "present",
"fstype": "swap",
"options": "sw",
"pass": 0
*******************************************
- Package[dns-root-data]
*******************************************
- Package[unbound]
*******************************************
+ Package[zfs-dkms] =>
parameters =>
"ensure": "installed"
*******************************************
- Service[unbound]
*******************************************
+ Sysctl[fs.inotify.max_user_instances] =>
parameters =>
"enforce": true,
"suffix": ".conf",
"value": 8192
*******************************************
+ Sysctl[vm.max_map_count] =>
parameters =>
"enforce": true,
"suffix": ".conf",
"value": 2097152
*******************************************
+ Zfs[data/kubelet] =>
parameters =>
"atime": "off",
"compression": "zstd",
"ensure": "present",
"mountpoint": "/var/lib/kubelet"
*******************************************
+ Zfs[data/rancher] =>
parameters =>
"atime": "off",
"compression": "zstd",
"ensure": "present",
"mountpoint": "/var/lib/rancher"
*******************************************
+ Zfs[data/volumes] =>
parameters =>
"atime": "off",
"compression": "zstd",
"ensure": "present",
"mountpoint": "/srv/kubernetes/volumes"
*******************************************
+ Zpool[data] =>
parameters =>
"disk": [
"scsi-SDELL_PERC_H730_Mini_003b2814132815c21d00aa6038708741-part3"
],
"ensure": "present"
*******************************************
*** End octocatalog-diff on banco.softwareheritage.orgEdited by Antoine R. Dumont