apiVersion: cluster.x-k8s.io/v1beta1 kind: Cluster metadata: labels: cluster.x-k8s.io/cluster-name: single-node name: single-node namespace: eksa-system spec: clusterNetwork: pods: cidrBlocks: [192.168.0.0/16] services: cidrBlocks: [10.96.0.0/12] controlPlaneEndpoint: host: 1.2.3.4 port: 6443 controlPlaneRef: apiVersion: controlplane.cluster.x-k8s.io/v1beta1 kind: KubeadmControlPlane name: single-node infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: TinkerbellCluster name: single-node --- apiVersion: controlplane.cluster.x-k8s.io/v1beta1 kind: KubeadmControlPlane metadata: name: single-node namespace: eksa-system spec: kubeadmConfigSpec: clusterConfiguration: imageRepository: public.ecr.aws/eks-distro/kubernetes etcd: local: imageRepository: public.ecr.aws/eks-distro/etcd-io imageTag: v3.4.16-eks-1-21-4 dns: imageRepository: public.ecr.aws/eks-distro/coredns imageTag: v1.8.3-eks-1-21-4 apiServer: extraArgs: feature-gates: ServiceLoadBalancerClass=true initConfiguration: nodeRegistration: kubeletExtraArgs: provider-id: PROVIDER_ID read-only-port: "0" anonymous-auth: "false" tls-cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 taints: [] joinConfiguration: nodeRegistration: ignorePreflightErrors: - DirAvailable--etc-kubernetes-manifests kubeletExtraArgs: provider-id: PROVIDER_ID read-only-port: "0" anonymous-auth: "false" tls-cipher-suites: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 taints: [] files: - content: | apiVersion: v1 kind: Pod metadata: creationTimestamp: null name: kube-vip namespace: kube-system spec: containers: - args: - manager env: - name: vip_arp value: "true" - name: port value: "6443" - name: vip_cidr value: "32" - name: cp_enable value: "true" - name: cp_namespace value: kube-system - name: vip_ddns value: "false" - name: vip_leaderelection value: "true" - name: vip_leaseduration value: "15" - name: vip_renewdeadline value: "10" - name: vip_retryperiod value: "2" - name: address value: 1.2.3.4 # kube-vip daemon in worker node watches for LoadBalancer services. # When there is no worker node, make kube-vip in control-plane nodes watch - name: svc_enable value: "true" image: public.ecr.aws/l0g8r8j6/kube-vip/kube-vip:v0.3.7-eks-a-v0.0.0-dev-build.581 imagePullPolicy: IfNotPresent name: kube-vip resources: {} securityContext: capabilities: add: - NET_ADMIN - NET_RAW volumeMounts: - mountPath: /etc/kubernetes/admin.conf name: kubeconfig hostNetwork: true volumes: - hostPath: path: /etc/kubernetes/admin.conf name: kubeconfig status: {} owner: root:root path: /etc/kubernetes/manifests/kube-vip.yaml users: - name: tink-user sshAuthorizedKeys: - 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1BK73XhIzjX+meUr7pIYh6RHbvI3tmHeQIXY5lv7aztN1UoX+bhPo3dwo2sfSQn5kuxgQdnxIZ/CTzy0p0GkEYVv3gwspCeurjmu0XmrdmaSGcGxCEWT/65NtvYrQtUE5ELxJ+N/aeZNlK2B7IWANnw/82913asXH4VksV1NYNduP0o1/G4XcwLLSyVFB078q/oEnmvdNIoS61j4/o36HVtENJgYr0idcBvwJdvcGxGnPaqOhx477t+kfJAa5n5dSA5wilIaoXH5i1Tf/HsTCM52L+iNCARvQzJYZhzbWI1MDQwzILtIBEQCJsl2XSqIupleY8CxqQ6jCXt2mhae+wPc3YmbO5rFvr2/EvC57kh3yDs1Nsuj8KOvD78KeeujbR8n8pScm3WDp62HFQ8lEKNdeRNj6kB8WnuaJvPnyZfvzOhwG65/9w13IBl7B1sWxbFnq2rMpm5uHVK7mAmjL0Tt8zoDhcE1YJEnp9xte3/pvmKPkST5Q/9ZtR9P5sI+02jY0fvPkPyC03j2gsPixG7rpOCwpOdbny4dcj0TDeeXJX8er+oVfJuLYz0pNWJcT2raDdFfcqvYA0B0IyNYlj5nWX4RuEcyT3qocLReWPnZojetvAG/H8XwOh7fEVGqHAKOVSnPXCSQJPl6s0H12jPJBDJMTydtYPEszl4/CeQ==' sudo: ALL=(ALL) NOPASSWD:ALL format: cloud-config machineTemplate: infrastructureRef: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: TinkerbellMachineTemplate name: single-node-control-plane-template-1234567890000 replicas: 1 rolloutStrategy: rollingUpdate: maxSurge: 1 version: v1.21.2-eks-1-21-4 --- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: TinkerbellMachineTemplate metadata: name: single-node-control-plane-template-1234567890000 namespace: eksa-system spec: template: spec: hardwareAffinity: required: - labelSelector: matchLabels: type: cp templateOverride: | global_timeout: 6000 id: "" name: single-node tasks: - actions: - environment: COMPRESSED: "true" DEST_DISK: '{{ index .Hardware.Disks 0 }}' IMG_URL: https://ubuntu.gz image: "" name: stream-image timeout: 600 - environment: DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 2 }}' DEST_PATH: /etc/netplan/config.yaml DIRMODE: "0755" FS_TYPE: ext4 GID: "0" MODE: "0644" STATIC_NETPLAN: "true" UID: "0" image: "" name: write-netplan pid: host timeout: 90 - environment: CONTENTS: 'network: {config: disabled}' DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 2 }}' DEST_PATH: /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg DIRMODE: "0700" FS_TYPE: ext4 GID: "0" MODE: "0600" UID: "0" image: "" name: disable-cloud-init-network-capabilities timeout: 90 - environment: CONTENTS: | datasource: Ec2: metadata_urls: [http://5.6.7.8:50061,http://5.6.7.8:50061] strict_id: false manage_etc_hosts: localhost warnings: dsid_missing_source: off DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 2 }}' DEST_PATH: /etc/cloud/cloud.cfg.d/10_tinkerbell.cfg DIRMODE: "0700" FS_TYPE: ext4 GID: "0" MODE: "0600" UID: "0" image: "" name: add-tink-cloud-init-config timeout: 90 - environment: CONTENTS: | datasource: Ec2 DEST_DISK: '{{ formatPartition ( index .Hardware.Disks 0 ) 2 }}' DEST_PATH: /etc/cloud/ds-identify.cfg DIRMODE: "0700" FS_TYPE: ext4 GID: "0" MODE: "0600" UID: "0" image: "" name: add-tink-cloud-init-ds-config timeout: 90 - image: "" name: reboot-image pid: host timeout: 90 volumes: - /worker:/worker name: single-node volumes: - /dev:/dev - /dev/console:/dev/console - /lib/firmware:/lib/firmware:ro worker: '{{.device_1}}' version: "0.1" --- apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: TinkerbellCluster metadata: name: single-node namespace: eksa-system spec: imageLookupFormat: --kube-v1.21.2-eks-1-21-4.raw.gz imageLookupBaseRegistry: /