samcday
commented
2 months ago Make sure that the FCOS artifacts (kernel/rootfs/initrd) are pulled through a caching proxy (#491)
Closed samcday closed 2 months ago
samcday
commented
2 months ago Make sure that the FCOS artifacts (kernel/rootfs/initrd) are pulled through a caching proxy (#491)
samcday
commented
2 months ago finally yeeted out an initial working version in the cluster. was quite a lot of reworking/massaging to get things ready. the Bash scripts that handle pixiecore API requests and generating Ignition end u p being fairly simple and straightforward, just a little finicky.
I haven't managed to get Squid to successfully bump TLS yet, and maybe I'll end up giving up on that. If so I'd need to slap a basic persistent caching Varnish in front of the upstream CoreOS download endpoint.
samcday
commented
2 months ago Did a few more rounds of improvements+fixes on the initial version. All nodes have been re-provisioned with the new flow.
This morning I wiggled the last bit in place to ensure that the initial boot artifacts (kernel+initrd+rootfs) are pulled via the Squid., so I'm (finally) closing this out as done.
Random fun aside: when a node PXE boots it's pulling the boot artifacts through Pixiecore -> Ingress-NGINX -> HAproxy -> Squid (+ maybe sibling Squid(s)). Kinda feel like I should throw a lightie or a Varnish in there, maybe win some bingo.
This way, as long as the cluster is healthy enough to run workloads, it's trivial to re-provision one of the nodes. Just kick the machine BootNext to NIC, and reboot.