ZeroDownTime
/
alpine-overlay
3
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Activity

feat: move all ZDT custom config into an APK

This commit is contained in:
Stefan Reimer 2022-11-24 20:01:40 +01:00
parent 7890cfb794
commit 0e13e43677
14 changed files with 283 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
kubezero/aws-neuron-driver/APKBUILD
View File

@ -15,9 +15,9 @@ options="!check"
source="$pkgname-$pkgver.deb::https://apt.repos.neuron.amazonaws.com/pool/main/a/aws-neuron-dkms/aws-neuron-dkms_"$pkgver"_amd64.deb"
unpack() {
ar -x /var/cache/distfiles/$pkgname-$pkgver.deb
tar xfJ data.tar.xz
mv usr/src/aws-neuron-$pkgver $srcdir/$pkgname-$pkgver
ar -x "$srcdir/$pkgname-$pkgver.deb" && tar xfJo data.tar.xz
mv usr/src/aws-neuron-"$pkgver" "$srcdir/$pkgname-$pkgver"
rm -rf usr data.tar.xz control.tar.xz debian-binary
# What is wrong with AWS ?
find $srcdir/$pkgname-$pkgver -type d -exec chmod 755 {} \;

65
kubezero/zdt-base/APKBUILD
View File

@ -7,29 +7,84 @@ pkgdesc="ZeroDownTime Alpine additions and customizations"
url="https://git.zero-downtime.net/ZeroDownTime/alpine-overlay/src/branch/master/kubezero/zdt-base"
arch="noarch"
license="AGPL-3.0"
depends=""
depends="logrotate syslog-ng neofetch monit"
options="!check"
subpackages="$pkgname-aws"
subpackages="$pkgname-openrc $pkgname-aws"
install="$pkgname.post-install"
source="route53.py
source="
zdt-mount.init
zdt-sysctl.conf
https://raw.githubusercontent.com/pixelb/ps_mem/v3.14/ps_mem.py
syslog-ng.conf
syslog-ng.logrotate.conf
monitrc
monit_alert.sh.aws
neofetch.conf
zdt-ascii.txt
dhclient.conf
cloudbender.stop
route53.py
get_iam_sshkeys.py
"
build() {
return 0
sed -i -e 's,#!/usr/bin/env python,#!/usr/bin/env python3,' ps_mem.py
}
package() {
mkdir -p "$pkgdir"
# dhcp tuning for MTU
install -Dm644 "$srcdir"/dhclient.conf "$pkgdir"/etc/dhcp/dhclient.conf
# various sysctl tunings
install -Dm644 "$srcdir"/zdt-sysctl.conf "$pkgdir"/etc/sysctl.d/60-zdt.conf
# init script to find and mount /var
mkdir -p "$pkgdir"/etc/init.d
cp zdt-mount.init "$pkgdir"/etc/init.d/zdt-mount
# syslog-ng configs, json all into messages
install -Dm644 "$srcdir"/syslog-ng.conf "$pkgdir"/lib/zdt/syslog-ng.conf
install -Dm644 "$srcdir"/syslog-ng.logrotate.conf "$pkgdir"/lib/zdt/syslog-ng.logrotate.conf
# monit
mkdir -p "$pkgdir"/etc/monit.d
install -Dm600 "$srcdir"/monitrc "$pkgdir"/etc/monitrc.zdt
# ps_mem
install -Dm755 "$srcdir"/ps_mem.py "$pkgdir"/usr/sbin/ps_mem
# Neofetch
install -Dm644 "$srcdir"/neofetch.conf "$pkgdir"/etc/neofetch.conf
install -Dm644 "$srcdir"/zdt-ascii.txt "$pkgdir"/etc/neofetch-logo.txt
mkdir -p "$pkgdir"/etc/profile.d
echo '[ -n "$SSH_TTY" -a "$SHLVL" -eq 1 ] && neofetch --config /etc/neofetch.conf' > "$pkgdir"/etc/profile.d/motd.sh
}
aws() {
# Basic AWS tools
mkdir -p "$subpkgdir"
install -Dm755 "$srcdir"/route53.py "$subpkgdir"/usr/sbin/route53.py
install -Dm755 "$srcdir"/get_iam_sshkeys.py "$subpkgdir"/usr/sbin/get_iam_sshkeys.py
# Cloudbender SNS integration
install -Dm755 "$srcdir"/cloudbender.stop "$subpkgdir"/etc/local.d/cloudbender.stop
install -Dm755 "$srcdir"/monit_alert.sh.aws "$pkgdir"/usr/bin/monit_alert.sh
mkdir -p "$subpkgdir"/etc/cloudbender/shutdown.d
}
sha512sums="
16f4020e2e1f93b13b2ce140dea0c31066a55709cb3ae2ece54b9a6db57583e226bc43ac62be18f5a60274b87ae0de8c6bc613597988451853cdf085cae245eb zdt-mount.init
b9479835d8667fa99f8b1b140f969f0464a9bb3c60c7d19b57e306cfe82357d453932791e446caded71fddd379161ae8328367f1ee75ae3afc1b85e12294b621 zdt-sysctl.conf
76e6a4f309f31bfa07de2d3b1faebe5670722752e18157b69d6e868cbe9e85eda393aed0728b0347a01a810eee442844c78259f86ff71e3136a013f4cbfaaea4 ps_mem.py
9d087f2d4403a9c6d4d2f06fbb86519f2b8b134d8eb305facaef07c183815f917fb7bac916d39d504dbab7fdf3321a3f70954dde57e8986cc223371715bb1c54 syslog-ng.conf
484bdcf001b71ce5feed26935db437c613c059790b99f3f5a3e788b129f3e22ba096843585309993446a88c0ab5d60fd0fa530ef3cfb6de1fd34ffc828172329 syslog-ng.logrotate.conf
b928ba547af080a07dc9063d44cb0f258d0e88e7c5a977e8f1cf1263c23608f0a138b8ffca0cdf5818ee72fccb3ce8433f877811be3107bb9c275dfff988179c monitrc
64944727d658ff37e7ff9d22a23869e225e104d9229756ba4fef1fc481c56f782472a1c74f8127636b4a98d4545ae30e7d35822a1f0a0fa31a59ec8eaf8c0396 monit_alert.sh.aws
346b0170ada6cc1207ffb7b8ef138a1570a63c7df4d57618aa4b6b6c0d2df2197b0f5b23578ec83c641ee5e724865ac06985222e125809c990467426a0851b72 neofetch.conf
532b8e2eb04942ab20bdc36b5dea1c60239fcbfcb85706123f3e05c18d65c938b85e9072d964ae5793177625a8db47b532db1f5bd5ed5ecbb70d5a331666ff54 zdt-ascii.txt
c565516121b9e6f9d5f769511eb900546753e67cc4208d1b388fdce44cd28699261a5c3905f9a168d4b2d45ac65ac3a2a6a95335f1bbd76d2f444d5f50ec5c9e dhclient.conf
399356eaf09b41cde101aa9164eb492dc824e4bc75d8cd2197d1c2d6120349462dad2791609fb073285b3d3545067611f4608ff14b9d9586a46909269f496c02 cloudbender.stop
2d419d5c25a3829e99326b09876f459e48ab66f5756a8ad39b406c0f2829f5a323e8ff512afd8f32b7b07f24c88efa911bee495ce6c4d1925194cb54d3ba57bd route53.py
00eaff6c0a506580340b2547c3b1602a54238bac6090a15516839411478a4b4fdc138668b8ad23455445131f3a3e3fda175ed4bb0dd375402641c0e7b69c3218 get_iam_sshkeys.py
"

15
kubezero/zdt-base/cloudbender.stop Executable file
View File

@ -0,0 +1,15 @@
# Include dynamic config setting create at boot
[ -r /etc/cloudbender/rc.conf ] && . /etc/cloudbender/rc.conf
rm -f /tmp/shutdown.log
for cmd in $(ls /etc/cloudbender/shutdown.d/* | sort); do
. $cmd 1>>/tmp/shutdown.log 2>&1
done
[ $DEBUG -eq 1 ] && SHUTDOWNLOG="$(cat /tmp/shutdown.log)"
[ -n "$RC_REBOOT" ] && ACTION="rebooting" || ACTION="terminated"
[ -z "$DISABLE_SCALING_EVENTS" ] && cloudbender_sns_alarm.sh "Instance $ACTION" "" Info "$SHUTDOWNLOG"
sleep ${SHUTDOWN_PAUSE:-0}

12
kubezero/zdt-base/dhclient.conf Normal file
View File

@ -0,0 +1,12 @@
# Borrowed from Ubuntu 20.04LTS minimal EC2 AMi
option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;
send host-name = gethostname();
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, domain-search, host-name,
dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers,
netbios-name-servers, netbios-scope, interface-mtu,
rfc3442-classless-static-routes, ntp-servers;
timeout 300;

16
kubezero/zdt-base/etc/init.d/zdt-mount Normal file
View File

@ -0,0 +1,16 @@
#!/sbin/openrc-run
# vim:set ts=8 noet ft=sh:
description="ZDT stateful /var"
depend() {
after mdev
before syslog-ng
}
start() {
ebegin "Looking for suitable /var"
echo "fake it"
eend $?
}

11
kubezero/zdt-base/monit_alert.sh.aws Executable file
View File

@ -0,0 +1,11 @@
#!/bin/sh
LEVEL=${1}
shift
ATTACHMENT="$@"
if [ -n "${MONIT_SERVICE}${MONIT_EVENT}" -a -n "$MONIT_DESCRIPTION" ]; then
[ -x /var/lib/cloudbender/sns_alarm.sh ] && \
/var/lib/cloudbender/sns_alarm.sh "$MONIT_SERVICE - $MONIT_EVENT" "$MONIT_DESCRIPTION" "$LEVEL" "$ATTACHMENT"
fi

19
kubezero/zdt-base/monitrc Normal file
View File

@ -0,0 +1,19 @@
# Give instance 3 min to settle after boot
set daemon 30
with start delay 180
set log syslog
set httpd port 2812 and
use address localhost
allow localhost
allow admin:localmonit
# Basic rootfs check
# >80%: emergency logrotate
# >90%: warning
check filesystem rootfs with path /
if space usage > 80% then exec "/etc/periodic/hourly/logrotate"
if space usage > 90% then exec "/usr/bin/monit_alert.sh warning"
include /etc/monit.d/*.conf

35
kubezero/zdt-base/neofetch.conf Normal file
View File

@ -0,0 +1,35 @@
print_info() {
echo -e "\n"
prin "$(color 1)Welcome to Alpine - ZeroDownTime edition"
echo
prin "Release Notes:"
prin " - <https://kubezero.com/releases/>"
prin " - <https://alpinelinux.org/releases/>"
echo
info title
info underline
info "OS" distro
info "Host" model
info "Kernel" kernel
info "Uptime" uptime
# info "Packages" packages
info "CPU" cpu
info "GPU" gpu
info "Memory" memory
info "GPU Driver" gpu_driver # Linux/macOS only
info "CPU Usage" cpu_usage
info "Local IP" local_ip
info "Disk" disk
info underline
}
title_fqdn="off"
memory_percent="on"
colors=(1 2 15 15 15 15)
image_source="/etc/neofetch-logo.txt"
gap=0

22
kubezero/zdt-base/syslog-ng.conf Normal file
View File

@ -0,0 +1,22 @@
# syslog-ng, format all json into messages
# https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.23/administration-guide/63#TOPIC-1268643
@version: 3.36
@include "scl.conf"
options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
dns_cache(no); owner("root"); group("adm"); perm(0640);
stats_freq(0); bad_hostname("^gconfd$"); frac-digits(6);
};
source s_sys { system(); internal();};
destination d_mesg { file("/var/log/messages" template("$(format-json time=\"$UNIXTIME\" facility=\"$FACILITY\" host=\"$LOGHOST\" ident=\"$PROGRAM\" pid=\"$PID\" level=\"$PRIORITY\" message=\"$MESSAGE\")\n")); };
# filter ipvs loggging each SYN to closed port
# IPVS: rr: TCP 10.52.82.199:31021 - no destination available
filter f_drop_ipvs { not (facility(kern) and match("IPVS: rr:.*no destination available" value("MESSAGE"))); };
# "message":"net_ratelimit: 16 callbacks suppressed"
filter f_drop_ipvs_ratelimit { not (facility(kern) and match("net_ratelimit:.*callbacks suppressed" value("MESSAGE"))); };
log { source(s_sys); filter(f_drop_ipvs); filter(f_drop_ipvs_ratelimit); destination(d_mesg); };

13
kubezero/zdt-base/syslog-ng.logrotate.conf Normal file
View File

@ -0,0 +1,13 @@
/var/log/messages
{
nodateext
rotate 2
missingok
notifempty
compress
maxsize 32M
sharedscripts
postrotate
/etc/init.d/syslog-ng --ifstarted reload >/dev/null
endscript
}

21
kubezero/zdt-base/zdt-ascii.txt Normal file
View File

@ -0,0 +1,21 @@
\x1b[38;2;32;120;108m ..
ox@@@@@x
-x@@@@@@@@@@@@x-
.x@@@x- -x@@@x.
ox@@@@x ox@@@@@@@@x- x@@@@xo
@@@@@@@@ x@@@@@@@@@@@@x @@@@@@@@o
o @@@@@x -x@@@@@@@@x- x@@@@@ o
@@@x- @@@x- -x@@@o .x@@@.
@@@@@@@x. x@@@@@@@@@@@@@ o@@@@@@@.
@@@@@@@@@@xo @@@@@@ -x@@@@@xx@@@.
@@@@@@@@@@@@@@x- .x@@@@@x- -@@@.
@@@@@@@@ @@@@@@@@ x@@@@@x ox x@@@.
@@@@ -@@ @@@@@@@@ @@@@ -x@@x .@@@@@.
@@@@x @ @@@@@@@@ @@@x .-o .x@@@.
@@@@@x @xoo@@@@ @@@@xx .xxx -@@@.
@@@@@@@ @@@@ @@@@@ x@xo x@@@.
@@@@@@@. -x@@@@@@ @@@@ x. -x@@@@@
.@@@@@@@@@@@@@ @@@x .x@@@@@x
x@@@@@@@@@ @@@@x@@@@@
@@@@@@ @@@@@@.
o@@ @@x

25
kubezero/zdt-base/zdt-base.post-install Normal file
View File

@ -0,0 +1,25 @@
#!/bin/sh
# Enable SSH keepalive
sed -i -e 's/^[\s#]*TCPKeepAlive\s.*/TCPKeepAlive yes/' -e 's/^[\s#]*ClientAliveInterval\s.*/ClientAliveInterval 60/' /etc/ssh/sshd_config
echo 'enabled SSH keep alives'
# CgroupsV2
sed -i -e 's/^[\s#]*rc_cgroup_mode=.*/rc_cgroup_mode="unified"/' /etc/rc.conf
echo 'enabled cgroupv2'
# Setup syslog-ng json logging
cp /lib/zdt/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf
cp /lib/zdt/syslog-ng.logrotate.conf /etc/logrotate.d/syslog-ng
mv /etc/periodic/daily/logrotate /etc/periodic/hourly/
echo 'syslog-ng: all to /var/log/messages as json, rotate hourly'
# use init to spawn monit
echo ":2345:respawn:/usr/bin/monit -Ic /etc/monitrc.zdt" >> /etc/inittab
echo 'Enable monit via inittab'
# QoL
mv /etc/profile.d/color_prompt.sh.disabled /etc/profile.d/color_prompt.sh || true
echo 'alias rs="doas bash"' > /etc/profile.d/alias.sh

16
kubezero/zdt-base/zdt-mount.init Executable file
View File

@ -0,0 +1,16 @@
#!/sbin/openrc-run
# vim:set ts=8 noet ft=sh:
description="ZDT stateful /var"
depend() {
after mdev
before syslog-ng
}
start() {
ebegin "Looking for suitable /var"
echo "fake it"
eend $?
}

15
kubezero/zdt-base/zdt-sysctl.conf Normal file
View File

@ -0,0 +1,15 @@
net.core.somaxconn = 1024
net.core.netdev_max_backlog = 4096
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_wmem = 4096 12582912 16777216
net.ipv4.tcp_rmem = 4096 12582912 16777216
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_retries2 = 9
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.ip_no_pmtu_disc = 0
net.ipv4.ip_forward_use_pmtu = 0
kernel.panic = 10
kernel.panic_on_oops = 1
vm.oom_dump_tasks = 0