production: Give banco rancher node abilities

This prepares the node to be able to integrate banco into the production cluster.

octo-diff banco

diff origin/production/banco.softwareheritage.org current/banco.softwareheritage.org
*******************************************
+ Augeas[kmod::setting kmod::option zfs_arc_max zfs] =>
   parameters =>
     "changes": [
       "set options[. = 'zfs'] zfs",
       "set options[. = 'zfs']/zfs_arc_max 12634229760"
     ],
     "incl": "/etc/modprobe.d/zfs.conf",
     "lens": "Modprobe.lns"
*******************************************
+ Exec[create /srv/storage/space] =>
   parameters =>
     "command": "mkdir -p /srv/storage/space",
     "creates": "/srv/storage/space",
     "path": [
       "/bin",
       "/usr/bin",
       "/sbin",
       "/usr/sbin"
     ]
*******************************************
+ Exec[create /tmp] =>
   parameters =>
     "command": "mkdir -p /tmp",
     "creates": "/tmp",
     "path": [
       "/bin",
       "/usr/bin",
       "/sbin",
       "/usr/sbin"
     ]
*******************************************
+ Exec[enforce-sysctl-value-fs.inotify.max_user_instances] =>
   parameters =>
     "command": "/sbin/sysctl -w fs.inotify.max_user_instances=8192",
     "unless": "/usr/bin/test \"$(/sbin/sysctl -n fs.inotify.max_user_instances)\...
*******************************************
+ Exec[enforce-sysctl-value-vm.max_map_count] =>
   parameters =>
     "command": "/sbin/sysctl -w vm.max_map_count=2097152",
     "unless": "/usr/bin/test \"$(/sbin/sysctl -n vm.max_map_count)\" = 2097152"
*******************************************
+ Exec[sysctl-fs.inotify.max_user_instances] =>
   parameters =>
     "command": "sysctl -p /etc/sysctl.d/fs.inotify.max_user_instances.conf",
     "path": [
       "/usr/sbin",
       "/sbin",
       "/usr/bin",
       "/bin"
     ],
     "refreshonly": true
*******************************************
+ Exec[sysctl-vm.max_map_count] =>
   parameters =>
     "command": "sysctl -p /etc/sysctl.d/vm.max_map_count.conf",
     "path": [
       "/usr/sbin",
       "/sbin",
       "/usr/bin",
       "/bin"
     ],
     "refreshonly": true
*******************************************
+ Exec[update-sysctl.conf-fs.inotify.max_user_instances] =>
   parameters =>
     "command": "sed -i -e 's#^fs.inotify.max_user_instances *=.*#fs.inotify.max_...
     "onlyif": "grep -E '^fs.inotify.max_user_instances *=' /etc/sysctl.conf",
     "path": [
       "/usr/sbin",
       "/sbin",
       "/usr/bin",
       "/bin"
     ],
     "refreshonly": true
*******************************************
+ Exec[update-sysctl.conf-vm.max_map_count] =>
   parameters =>
     "command": "sed -i -e 's#^vm.max_map_count *=.*#vm.max_map_count = 2097152#'...
     "onlyif": "grep -E '^vm.max_map_count *=' /etc/sysctl.conf",
     "path": [
       "/usr/sbin",
       "/sbin",
       "/usr/bin",
       "/bin"
     ],
     "refreshonly": true
*******************************************
- File[/etc/default/unbound]
*******************************************
+ File[/etc/modprobe.d/aliases.conf] =>
   parameters =>
     "ensure": "file",
     "group": "root",
     "mode": "0644",
     "owner": "root"
*******************************************
+ File[/etc/modprobe.d/blacklist.conf] =>
   parameters =>
     "ensure": "file",
     "group": "root",
     "mode": "0644",
     "owner": "root"
*******************************************
+ File[/etc/modprobe.d/modprobe.conf] =>
   parameters =>
     "ensure": "file",
     "group": "root",
     "mode": "0644",
     "owner": "root"
*******************************************
+ File[/etc/modprobe.d/zfs.conf] =>
   parameters =>
     "ensure": "file",
     "group": "root",
     "mode": "0644",
     "owner": "root"
*******************************************
+ File[/etc/modprobe.d] =>
   parameters =>
     "ensure": "directory",
     "group": "root",
     "mode": "0755",
     "owner": "root"
*******************************************
+ File[/etc/rancher/rke2/config.yaml.d/50-snapshotter.yaml] =>
   parameters =>
     "content": "# File managed by puppet - modifications will be lost\nsnapshott...
     "group": "root",
     "mode": "0644",
     "owner": "root"
*******************************************
+ File[/etc/rancher/rke2/config.yaml.d] =>
   parameters =>
     "ensure": "directory",
     "group": "root",
     "mode": "0755",
     "owner": "root"
*******************************************
+ File[/etc/rancher/rke2] =>
   parameters =>
     "ensure": "directory",
     "group": "root",
     "mode": "0755",
     "owner": "root"
*******************************************
+ File[/etc/rancher] =>
   parameters =>
     "ensure": "directory",
     "group": "root",
     "mode": "0755",
     "owner": "root"
*******************************************
  File[/etc/resolv.conf] =>
   parameters =>
     content =>
      @@ -2,3 +2,4 @@
      _
       search internal.softwareheritage.org softwareheritage.org
      -nameserver 127.0.0.1
      +nameserver 192.168.100.29
      +nameserver 192.168.200.22
*******************************************
+ File[/etc/sysctl.d/99-sysctl.conf] =>
   parameters =>
     "ensure": "link",
     "group": "root",
     "owner": "root",
     "target": "../sysctl.conf"
*******************************************
+ File[/etc/sysctl.d/fs.inotify.max_user_instances.conf] =>
   parameters =>
     "content": "fs.inotify.max_user_instances = 8192\n",
     "group": "root",
     "mode": "0644",
     "notify": [
       "Exec[sysctl-fs.inotify.max_user_instances]",
       "Exec[update-sysctl.conf-fs.inotify.max_user_instances]"
     ],
     "owner": "root"
*******************************************
+ File[/etc/sysctl.d/vm.max_map_count.conf] =>
   parameters =>
     "content": "vm.max_map_count = 2097152\n",
     "group": "root",
     "mode": "0644",
     "notify": [
       "Exec[sysctl-vm.max_map_count]",
       "Exec[update-sysctl.conf-vm.max_map_count]"
     ],
     "owner": "root"
*******************************************
+ File[/etc/sysctl.d] =>
   parameters =>
     "ensure": "directory",
     "group": "root",
     "mode": "0755",
     "owner": "root",
     "purge": false,
     "recurse": false
*******************************************
- File[/etc/unbound/unbound.conf.d/forwarders.conf]
*******************************************
- File[/etc/unbound/unbound.conf.d/insecure.conf]
*******************************************
+ File[/srv/storage/space]
*******************************************
+ File[/tmp]
*******************************************
- File[/var/lib/unbound/root.key]
*******************************************
- File_line[unbound root auto update]
*******************************************
+ Kmod::Option[zfs_arc_max] =>
   parameters =>
     "ensure": "present",
     "file": "/etc/modprobe.d/zfs.conf",
     "module": "zfs",
     "option": "zfs_arc_max",
     "value": 12634229760
*******************************************
+ Kmod::Setting[kmod::option zfs_arc_max] =>
   parameters =>
     "category": "options",
     "ensure": "present",
     "file": "/etc/modprobe.d/zfs.conf",
     "module": "zfs",
     "option": "zfs_arc_max",
     "value": 12634229760
*******************************************
+ Mount[/srv/storage/space] =>
   parameters =>
     "device": "saam:/srv/storage/space",
     "dump": 0,
     "ensure": "present",
     "fstype": "nfs",
     "options": "ro,soft,intr,rsize=8192,wsize=8192,noauto,x-systemd.automount,x-...
     "pass": 0
*******************************************
+ Mount[/tmp] =>
   parameters =>
     "device": "tmpfs",
     "dump": 0,
     "ensure": "present",
     "fstype": "tmpfs",
     "options": "size=7998533632,nr_inodes=200m,noexec,nosuid,nodev,relatime,rw",...
     "pass": 0
*******************************************
+ Mount[swap] =>
   parameters =>
     "device": "LABEL=\"swap\"",
     "dump": 0,
     "ensure": "present",
     "fstype": "swap",
     "options": "sw",
     "pass": 0
*******************************************
- Package[dns-root-data]
*******************************************
- Package[unbound]
*******************************************
+ Package[zfs-dkms] =>
   parameters =>
     "ensure": "installed"
*******************************************
- Service[unbound]
*******************************************
+ Sysctl[fs.inotify.max_user_instances] =>
   parameters =>
     "enforce": true,
     "suffix": ".conf",
     "value": 8192
*******************************************
+ Sysctl[vm.max_map_count] =>
   parameters =>
     "enforce": true,
     "suffix": ".conf",
     "value": 2097152
*******************************************
+ Zfs[data/kubelet] =>
   parameters =>
     "atime": "off",
     "compression": "zstd",
     "ensure": "present",
     "mountpoint": "/var/lib/kubelet"
*******************************************
+ Zfs[data/rancher] =>
   parameters =>
     "atime": "off",
     "compression": "zstd",
     "ensure": "present",
     "mountpoint": "/var/lib/rancher"
*******************************************
+ Zfs[data/volumes] =>
   parameters =>
     "atime": "off",
     "compression": "zstd",
     "ensure": "present",
     "mountpoint": "/srv/kubernetes/volumes"
*******************************************
+ Zpool[data] =>
   parameters =>
     "disk": [
       "scsi-SDELL_PERC_H730_Mini_003b2814132815c21d00aa6038708741-part3"
     ],
     "ensure": "present"
*******************************************
*** End octocatalog-diff on banco.softwareheritage.org

Refs. swh/infra/sysadm-environment#5226 (closed)