diff --git a/Makefile b/Makefile index 860fdf2333..3a85533b89 100644 --- a/Makefile +++ b/Makefile @@ -127,7 +127,7 @@ build-local-agent-image: ## Build the Zarf agent image to be used in a locally b init-package: ## Create the zarf init package (must `brew install coreutils` on macOS and have `docker` first) @test -s $(ZARF_BIN) || $(MAKE) - $(ZARF_BIN) package create -o build -a $(ARCH) --confirm . + $(ZARF_BIN) package create -o build -a $(ARCH) --confirm ./packages/init # INTERNAL: used to build a release version of the init package with a specific agent image release-init-package: diff --git a/packages/distros/k3s/common/zarf.yaml b/packages/distros/k3s/common/zarf.yaml deleted file mode 100644 index 0a2b6b287e..0000000000 --- a/packages/distros/k3s/common/zarf.yaml +++ /dev/null @@ -1,55 +0,0 @@ -kind: ZarfInitConfig -metadata: - name: distro-k3s - -variables: - - name: K3S_ARGS - description: Arguments to pass to K3s - default: --disable traefik - -components: - - name: k3s - only: - localOS: linux - description: > - *** REQUIRES ROOT (not sudo) *** - Install K3s, a certified Kubernetes distribution built for IoT & Edge computing. - K3s provides the cluster need for Zarf running in Appliance Mode as well as can - host a low-resource Gitops Service if not using an existing Kubernetes platform. - actions: - onDeploy: - defaults: - maxRetries: 5 - before: - - cmd: ./zarf internal is-valid-hostname - maxRetries: 0 - description: Check if the current system has a, RFC1123 compliant hostname - # If running RHEL variant, disable firewalld - # https://rancher.com/docs/k3s/latest/en/advanced/#additional-preparation-for-red-hat-centos-enterprise-linux - # NOTE: The empty echo prevents infinite retry loops on non-RHEL systems where the exit code would be an error - - cmd: "[ -e /etc/redhat-release ] && systemctl disable firewalld --now || echo ''" - description: If running a RHEL variant, disable 'firewalld' per k3s docs - after: - # Configure K3s systemd service - - cmd: systemctl daemon-reload - description: Reload the system services - - cmd: systemctl enable k3s - description: Enable 'k3s' to run at system boot - - cmd: systemctl restart k3s - description: Start the 'k3s' system service - onRemove: - before: - - cmd: /opt/zarf/zarf-clean-k3s.sh - description: Remove 'k3s' from the system - - cmd: rm /opt/zarf/zarf-clean-k3s.sh - description: Remove the cleanup script - files: - # K3s removal script - - source: zarf-clean-k3s.sh - target: /opt/zarf/zarf-clean-k3s.sh - executable: true - # The K3s systemd service definition - - source: k3s.service - target: /etc/systemd/system/k3s.service - symlinks: - - /etc/systemd/system/multi-user.target.wants/k3s.service diff --git a/packages/distros/k3s/common/k3s.service b/packages/distros/k3s/k3s.service similarity index 100% rename from packages/distros/k3s/common/k3s.service rename to packages/distros/k3s/k3s.service diff --git a/packages/distros/k3s/common/zarf-clean-k3s.sh b/packages/distros/k3s/zarf-clean-k3s.sh similarity index 100% rename from packages/distros/k3s/common/zarf-clean-k3s.sh rename to packages/distros/k3s/zarf-clean-k3s.sh diff --git a/packages/distros/k3s/zarf.yaml b/packages/distros/k3s/zarf.yaml index 0813b1ee38..49feef0e85 100644 --- a/packages/distros/k3s/zarf.yaml +++ b/packages/distros/k3s/zarf.yaml @@ -3,16 +3,33 @@ metadata: name: distro-k3s description: Used to establish a new Zarf cluster +variables: + - name: K3S_ARGS + description: Arguments to pass to K3s + default: --disable traefik + components: # AMD-64 version of the K3s stack - name: k3s - import: - path: common - name: k3s only: + localOS: linux cluster: architecture: amd64 + description: > + *** REQUIRES ROOT (not sudo) *** + Install K3s, a certified Kubernetes distribution built for IoT & Edge computing. + K3s provides the cluster need for Zarf running in Appliance Mode as well as can + host a low-resource Gitops Service if not using an existing Kubernetes platform. files: + # K3s removal script + - source: zarf-clean-k3s.sh + target: /opt/zarf/zarf-clean-k3s.sh + executable: true + # The K3s systemd service definition + - source: k3s.service + target: /etc/systemd/system/k3s.service + symlinks: + - /etc/systemd/system/multi-user.target.wants/k3s.service # Include the actual K3s binary - source: https://github.com/k3s-io/k3s/releases/download/v1.28.4+k3s2/k3s shasum: 9014535a4cd20c788282d60398a06279983562093455b53ab76701539ce67acf @@ -29,20 +46,56 @@ components: target: /var/lib/rancher/k3s/agent/images/k3s.tar.zst actions: onDeploy: + defaults: + maxRetries: 5 before: - cmd: if [ "$(uname -m)" != "x86_64" ]; then echo "this package architecture is amd64, but the target system has a different architecture. These architectures must be the same" && exit 1; fi description: Check that the host architecture matches the package architecture maxRetries: 0 + - cmd: ./zarf internal is-valid-hostname + maxRetries: 0 + description: Check if the current system has a, RFC1123 compliant hostname + # If running RHEL variant, disable firewalld + # https://rancher.com/docs/k3s/latest/en/advanced/#additional-preparation-for-red-hat-centos-enterprise-linux + # NOTE: The empty echo prevents infinite retry loops on non-RHEL systems where the exit code would be an error + - cmd: "[ -e /etc/redhat-release ] && systemctl disable firewalld --now || echo ''" + description: If running a RHEL variant, disable 'firewalld' per k3s docs + after: + # Configure K3s systemd service + - cmd: systemctl daemon-reload + description: Reload the system services + - cmd: systemctl enable k3s + description: Enable 'k3s' to run at system boot + - cmd: systemctl restart k3s + description: Start the 'k3s' system service + onRemove: + before: + - cmd: /opt/zarf/zarf-clean-k3s.sh + description: Remove 'k3s' from the system + - cmd: rm /opt/zarf/zarf-clean-k3s.sh + description: Remove the cleanup script # ARM-64 version of the K3s stack - name: k3s - import: - path: common - name: k3s only: + localOS: linux cluster: architecture: arm64 + description: > + *** REQUIRES ROOT (not sudo) *** + Install K3s, a certified Kubernetes distribution built for IoT & Edge computing. + K3s provides the cluster need for Zarf running in Appliance Mode as well as can + host a low-resource Gitops Service if not using an existing Kubernetes platform. files: + # K3s removal script + - source: zarf-clean-k3s.sh + target: /opt/zarf/zarf-clean-k3s.sh + executable: true + # The K3s systemd service definition + - source: k3s.service + target: /etc/systemd/system/k3s.service + symlinks: + - /etc/systemd/system/multi-user.target.wants/k3s.service # Include the actual K3s binary - source: https://github.com/k3s-io/k3s/releases/download/v1.28.4+k3s2/k3s-arm64 shasum: 1ae72ca06d3302f3e86ef92e6e8f84e14a084da69564e87d6e2e75f62e72388d @@ -59,7 +112,31 @@ components: target: /var/lib/rancher/k3s/agent/images/k3s.tar.zst actions: onDeploy: + defaults: + maxRetries: 5 before: - cmd: if [ "$(uname -m)" != "aarch64" ] && [ "$(uname -m)" != "arm64" ]; then echo "this package architecture is arm64, but the target system has a different architecture. These architectures must be the same" && exit 1; fi description: Check that the host architecture matches the package architecture maxRetries: 0 + - cmd: ./zarf internal is-valid-hostname + maxRetries: 0 + description: Check if the current system has a, RFC1123 compliant hostname + # If running RHEL variant, disable firewalld + # https://rancher.com/docs/k3s/latest/en/advanced/#additional-preparation-for-red-hat-centos-enterprise-linux + # NOTE: The empty echo prevents infinite retry loops on non-RHEL systems where the exit code would be an error + - cmd: "[ -e /etc/redhat-release ] && systemctl disable firewalld --now || echo ''" + description: If running a RHEL variant, disable 'firewalld' per k3s docs + after: + # Configure K3s systemd service + - cmd: systemctl daemon-reload + description: Reload the system services + - cmd: systemctl enable k3s + description: Enable 'k3s' to run at system boot + - cmd: systemctl restart k3s + description: Start the 'k3s' system service + onRemove: + before: + - cmd: /opt/zarf/zarf-clean-k3s.sh + description: Remove 'k3s' from the system + - cmd: rm /opt/zarf/zarf-clean-k3s.sh + description: Remove the cleanup script diff --git a/zarf.yaml b/packages/init/zarf.yaml similarity index 75% rename from zarf.yaml rename to packages/init/zarf.yaml index 0932f8155b..4a8c49b0c8 100644 --- a/zarf.yaml +++ b/packages/init/zarf.yaml @@ -6,33 +6,33 @@ metadata: components: - name: k3s import: - path: packages/distros/k3s + path: ../distros/k3s # This package moves the injector & registries binaries - name: zarf-injector required: true import: - path: packages/zarf-registry + path: ../zarf-registry # Creates the temporary seed-registry - name: zarf-seed-registry required: true import: - path: packages/zarf-registry + path: ../zarf-registry # Creates the permanent registry - name: zarf-registry required: true import: - path: packages/zarf-registry + path: ../zarf-registry # Creates the pod+git mutating webhook - name: zarf-agent required: true import: - path: packages/zarf-agent + path: ../zarf-agent # (Optional) Adds a git server to the cluster - name: git-server import: - path: packages/gitea + path: ../gitea