diff --git a/deploy/osps/default/osp-rockylinux.yaml b/deploy/osps/default/osp-rockylinux.yaml index 0614d25a..9f47ca5b 100644 --- a/deploy/osps/default/osp-rockylinux.yaml +++ b/deploy/osps/default/osp-rockylinux.yaml @@ -19,7 +19,7 @@ metadata: namespace: kube-system spec: osName: "rockylinux" - osVersion: "9.6" + osVersion: "10.0" version: "v1.7.0" provisioningUtility: "cloud-init" supportedCloudProviders: @@ -61,6 +61,19 @@ spec: update-ca-trust {{- end }} + configureNetwork: |- + #cloud-config + DEFAULT_IFC_NAME=$(ip -o route get 1 | awk '{print $5}') + cat >/etc/cloud/cloud.cfg.d/99-network.cfg < /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg # Let NetworkManager manage resolv.conf @@ -179,7 +197,13 @@ spec: templates: containerRuntimeInstallation: |- yum install -y yum-utils - yum-config-manager --add-repo=https://download.docker.com/linux/rhel/docker-ce.repo + OS_MAJOR_VERSION=$(grep "^VERSION_ID=" /etc/os-release | cut -d '"' -f2 | cut -d '.' -f1) + + if [ "$OS_MAJOR_VERSION" = "10" ]; then + yum-config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo + else + yum-config-manager --add-repo=https://download.docker.com/linux/rhel/docker-ce.repo + fi yum install -y containerd.io-1.7* yum-plugin-versionlock yum versionlock add containerd.io @@ -444,7 +468,13 @@ spec: #!/usr/bin/env bash set -euo pipefail - modprobe ip_tables + OS_MAJOR_VERSION=$(grep "^VERSION_ID=" /etc/os-release | cut -d '"' -f2 | cut -d '.' -f1) + if [ "$OS_MAJOR_VERSION" = "10" ]; then + modprobe nf_tables + else + modprobe ip_tables + fi + modprobe ip_vs modprobe ip_vs_rr modprobe ip_vs_wrr @@ -536,6 +566,26 @@ spec: {{- end }} ipvsadm + OS_MAJOR_VERSION=$(grep "^VERSION_ID=" /etc/os-release | cut -d '"' -f2 | cut -d '.' -f1) + if [ "$OS_MAJOR_VERSION" = "10" ]; then + yum install -y \ + kernel-modules-extra-$(uname -r) \ + nftables + + sudo systemctl enable --now nftables + else + DEFAULT_IFC_NAME=$(ip -o route get 1 | grep -oP "dev \K\S+") + IFC_CFG_FILE=/etc/sysconfig/network-scripts/ifcfg-$DEFAULT_IFC_NAME + # Enable IPv6 and DHCPv6 on the default interface + grep IPV6INIT $IFC_CFG_FILE && sed -i '/IPV6INIT*/c IPV6INIT=yes' $IFC_CFG_FILE || echo "IPV6INIT=yes" >> $IFC_CFG_FILE + grep DHCPV6C $IFC_CFG_FILE && sed -i '/DHCPV6C*/c DHCPV6C=yes' $IFC_CFG_FILE || echo "DHCPV6C=yes" >> $IFC_CFG_FILE + grep IPV6_AUTOCONF $IFC_CFG_FILE && sed -i '/IPV6_AUTOCONF*/c IPV6_AUTOCONF=yes' $IFC_CFG_FILE || echo "IPV6_AUTOCONF=yes" >> $IFC_CFG_FILE + # Restart NetworkManager to apply for IPv6 configs + systemctl restart NetworkManager + # Let NetworkManager apply the DHCPv6 configs + sleep 3 + fi + systemctl disable --now firewalld || true {{- /* iscsid service is required on Nutanix machines for CSI driver to attach volumes. */}} @@ -547,17 +597,6 @@ spec: {{- template "safeDownloadBinariesScript" }} - DEFAULT_IFC_NAME=$(ip -o route get 1 | grep -oP "dev \K\S+") - IFC_CFG_FILE=/etc/sysconfig/network-scripts/ifcfg-$DEFAULT_IFC_NAME - # Enable IPv6 and DHCPv6 on the default interface - grep IPV6INIT $IFC_CFG_FILE && sed -i '/IPV6INIT*/c IPV6INIT=yes' $IFC_CFG_FILE || echo "IPV6INIT=yes" >> $IFC_CFG_FILE - grep DHCPV6C $IFC_CFG_FILE && sed -i '/DHCPV6C*/c DHCPV6C=yes' $IFC_CFG_FILE || echo "DHCPV6C=yes" >> $IFC_CFG_FILE - grep IPV6_AUTOCONF $IFC_CFG_FILE && sed -i '/IPV6_AUTOCONF*/c IPV6_AUTOCONF=yes' $IFC_CFG_FILE || echo "IPV6_AUTOCONF=yes" >> $IFC_CFG_FILE - # Restart NetworkManager to apply for IPv6 configs - systemctl restart NetworkManager - # Let NetworkManager apply the DHCPv6 configs - sleep 3 - mkdir -p /etc/systemd/system/kubelet.service.d/ # set kubelet nodeip environment variable /opt/bin/setup_net_env.sh