This now has a zero diff against prod.
location fields in CephCluster.storage.nodes seem to have been removed
from the CRD at some point. Not sure how the CRUSH tree now gets
populated, but whatever, it's been working like this for a while
already. Same for CephObjectStore.gateway.type.
The Rook Operator has been zero-scaled for a while now due to b/6.
Change-Id: I30a836f273f4c1529f60fa9297c96b7aac412f59
For a while now we've had spurious diffs against Ceph on k0 because of
a ClusterRole with an aggregationRule.
The way these behave is that the config object has an empty rule list,
and instead populates an aggregationRule which combines other existing
ClusterRoles into that ClusterRole. The control plane then populates the
rule field when the object is read/acted on, which caused us to always
see a diff between the configuration of that ClusterRole.
This hacks together a hardcoded fix for this particular behaviour.
Porting kubecfg over to SSA would probably also fix this - but that's
too much work for now.
Change-Id: I357c1417d4023691e5809f1af23f58f364353388
This moves the diff-and-activate logic from cluster/nix/provision.nix
into ops/{provision,machines}.nix that can be used for both cluster
machines and bgpwtf machines.
The provisioning scripts now live per-NixOS-config, and anything under
ops.machines.$fqdn now has a .passthru.hscloud.provision derivation
which is that script. When ran, it will attempt to deploy onto the
target machine.
There's also a top-level tool at `ops.provision` which builds all
configurations / machines and can be called with the machine name/fqdn
to call the corresponding provisioner script.
clustercfg is changed to use the new provisioning logic.
Change-Id: I258abce9e8e3db42af35af102f32ab7963046353
Looks like .ml DNS servers are currently down, and this repository
import path is deprecated anyway. Really, we should bump Kubernetes...
Change-Id: I3e0c834a49ccf1111b9412371489bae5f80ff6ab
This fixes some issues with buildFHSUserEnv on newer NixOSes, where
stuff from the /run/current-system/sw/bin/* would want a newer glibc
than the glibc available in the FSHUserEnv. Whoops.
Change-Id: I5ed741b6d7979eb288fe6f88984bc5e6d0bdb923
nix-shell attempts to use packages from the system and fails to find git
installed via users.users.<name>.packages. Adding it to targetPkgs
resolves the issue and makes the dependency explicit.
Change-Id: Ie0c3e48065174a5032ced9c31236f65255483d08