-
Notifications
You must be signed in to change notification settings - Fork 79
Expand file tree
/
Copy pathmachine-a-tron.yaml
More file actions
141 lines (140 loc) · 3.64 KB
/
machine-a-tron.yaml
File metadata and controls
141 lines (140 loc) · 3.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
apiVersion: v1
kind: ServiceAccount
metadata:
name: machine-a-tron
---
apiVersion: v1
kind: ConfigMap
metadata:
name: machine-a-tron-config
data:
mat.toml: |
carbide_api_url = "https://carbide-api.forge-system.svc.cluster.local:1079"
interface = "NOTUSED"
tui_enabled = false
use_dhcp_api = true
use_pxe_api = true
bmc_mock_host_tar = "/opt/machine-a-tron/dell_poweredge_r750.tar.gz"
bmc_mock_dpu_tar = "/opt/machine-a-tron/nvidia_dpu.tar.gz"
bmc_mock_port = 1266
use_single_bmc_mock = true
mock_bmc_ssh_server = true
mock_bmc_ssh_port = 2222
persist_dir = "/tmp/machine-a-tron-data"
# machine-a-tron config generated from "just setup-k3s-env-ips"
[machines.config]
host_count = 10
dpu_per_host_count = 2
boot_delay = 10
dpu_reboot_delay = 1 # in units of seconds
host_reboot_delay = 1 # in units of seconds
vpc_count = 0
admin_dhcp_relay_address = "192.168.176.1"
oob_dhcp_relay_address = "192.168.192.1"
subnets_per_vpc = 0
run_interval_working = "1s"
run_interval_idle = "10s"
template_dir = "/opt/machine-a-tron/templates"
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: machine-a-tron-certificate
spec:
duration: 720h0m0s
renewBefore: 360h0m0s
secretName: machine-a-tron-certificate
privateKey:
algorithm: ECDSA
size: 384
issuerRef:
kind: Issuer
name: local-ca-issuer
group: cert-manager.io
dnsNames:
- machine-a-tron.forge-system.svc.cluster.local
- machine-a-tron-bmc-mock.forge-system.svc.cluster.local
uris:
- spiffe://forge.local/forge-system/sa/machine-a-tron
---
apiVersion: v1
kind: Service
metadata:
name: machine-a-tron-bmc-mock
labels:
app: machine-a-tron
spec:
selector:
app: machine-a-tron
ports:
- name: redfish
port: 1266
targetPort: redfish
protocol: TCP
- name: ssh
port: 22
targetPort: ssh
protocol: TCP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: machine-a-tron
labels:
app: machine-a-tron
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: machine-a-tron
template:
metadata:
labels:
app: machine-a-tron
spec:
serviceAccountName: machine-a-tron
containers:
- name: machine-a-tron
image: machine-a-tron
imagePullPolicy: IfNotPresent
command:
- /opt/machine-a-tron/bin/machine-a-tron
env:
- name: FORGE_ROOT_CA_PATH
value: /var/run/secrets/spiffe.io/ca.crt
- name: CLIENT_CERT_PATH
value: /var/run/secrets/spiffe.io/tls.crt
- name: CLIENT_KEY_PATH
value: /var/run/secrets/spiffe.io/tls.key
- name: MACHINE_A_TRON_CONFIG_PATH
value: /opt/machine-a-tron/config/mat.toml
ports:
- name: redfish
containerPort: 1266
- name: ssh
containerPort: 2222
readinessProbe:
tcpSocket:
port: redfish
initialDelaySeconds: 5
periodSeconds: 10
volumeMounts:
- name: spiffe
mountPath: /var/run/secrets/spiffe.io
readOnly: true
- name: config
mountPath: /opt/machine-a-tron/config
readOnly: true
- name: persist
mountPath: /tmp/machine-a-tron-data
volumes:
- name: spiffe
secret:
secretName: machine-a-tron-certificate
- name: config
configMap:
name: machine-a-tron-config
- name: persist
emptyDir: {}