Flatcar Linux timesyncd & resolved overwrites (#132)

* Create flatcar_linux_timesyncd_overwrite_daemonset.yaml

initial commit

Signed-off-by: Stephan <[email protected]>

* Create flatcar_linux_timesyncd_overwrite_daemonset.yaml

- fixing typo
- moving to more specific folder

Signed-off-by: Stephan <[email protected]>

* Delete kubermatic-addons/custom-addon/flatcar-timesyncd directory

- removed old folder with wrong naming

Signed-off-by: Stephan <[email protected]>

* Create flatcar_linux_resolved_overwrite_daemonset.yaml

- initial commit

Signed-off-by: Stephan <[email protected]>

---------

Signed-off-by: Stephan <[email protected]>

kubermatic-addons/custom-addon/flatcar-linux-resolved-overwrite/flatcar_linux_resolved_overwrite_daemonset.yaml

@@ -0,0 +1,82 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: flatcar-linux-resolved-overwrite-conf
+  namespace: kube-system
+data:
+  resolv.conf: |
+    nameserver 1.1.1.1
+    nameserver 8.8.8.8
+    search .
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: flatcar-linux-resolved-overwrite
+  namespace: kube-system
+spec:
+  selector:
+    matchLabels:
+      name: flatcar-linux-resolved-overwrite
+  template:
+    metadata:
+      labels:
+        name: flatcar-linux-resolved-overwrite
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: v1.machine-controller.kubermatic.io/operating-system
+                operator: In
+                values:
+                - flatcar
+            - matchExpressions:
+              - key: v1.kubeone.io/operating-system
+                operator: In
+                values:
+                - flatcar
+      containers:
+      - name: flatcar-linux-resolved-overwrite
+        image: alpine:3.20.3
+        command:
+        - /bin/sh
+        - -c
+        - |
+          apk add --no-cache bash util-linux
+          while true; do
+            diff /tmp/conf/resolv.conf /tmp/resolv.conf.bak >/dev/null 2>&1
+            if [ $? != 0 ]; then
+              cp /tmp/conf/resolv.conf /tmp/resolv.conf.bak
+              export resolv=$(cat /tmp/conf/resolv.conf)
+              nsenter -t 1 -m -u -i -n -p -- bash -c "${STARTUP_SCRIPT}"
+              echo "DNS config was updated"
+            else
+              echo "DNS config is up to date"
+            fi
+            sleep 10
+          done
+        env:
+        - name: STARTUP_SCRIPT
+          value: |
+            set -xeuo pipefail
+            echo "$resolv" > /etc/resolv.conf
+            systemctl restart systemd-resolved
+        volumeMounts:
+        - name: flatcar-linux-resolved-overwrite-conf-volume
+          mountPath: /tmp/conf
+        resources:
+          limits:
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 16Mi
+        securityContext:
+          privileged: true
+      volumes:
+      - name: flatcar-linux-resolved-overwrite-conf-volume
+        configMap:
+          name: flatcar-linux-resolved-overwrite-conf
+      hostPID: true
+      terminationGracePeriodSeconds: 30

kubermatic-addons/custom-addon/flatcar_linux_timesyncd_overwrite/flatcar_linux_timesyncd_overwrite_daemonset.yaml

@@ -0,0 +1,83 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: flatcar-linux-timesyncd-conf
+  namespace: kube-system
+data:
+  timesyncd.conf: |
+    [Time]
+    NTP=1.1.1.1 8.8.8.8
+    #FallbackNTP=
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: flatcar-linux-timesyncd-overwrite
+  namespace: kube-system
+spec:
+  selector:
+    matchLabels:
+      name: flatcar-linux-timesyncd-overwrite
+  template:
+    metadata:
+      labels:
+        name: flatcar-linux-timesyncd-overwrite
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: v1.machine-controller.kubermatic.io/operating-system
+                operator: In
+                values:
+                - flatcar
+            - matchExpressions:
+              - key: v1.kubeone.io/operating-system
+                operator: In
+                values:
+                - flatcar
+      containers:
+      - name: flatcar-linux-timesyncd-overwrite
+        image: alpine:3.20.3
+        command:
+        - /bin/sh
+        - -c
+        - |
+          set -xeuo pipefail
+          apk add --no-cache bash util-linux
+          while true; do
+            diff /tmp/conf/timesyncd.conf /tmp/timesyncd.conf.bak >/dev/null 2>&1
+            if [ $? != 0 ]; then
+              cp /tmp/conf/timesyncd.conf /tmp/timesyncd.conf.bak
+              export timesyncd=$(cat /tmp/conf/timesyncd.conf)
+              nsenter -t 1 -m -u -i -n -p -- bash -c "${STARTUP_SCRIPT}"
+              echo "NTP config was updated"
+            else
+              echo "NTP config is up to date"
+            fi
+            sleep 10
+          done
+        env:
+        - name: STARTUP_SCRIPT
+          value: |
+            set -xeuo pipefail
+            echo "$timesyncd" > /etc/systemd/timesyncd.conf
+            systemctl restart systemd-timesyncd
+        volumeMounts:
+        - name: timesyncd-conf-volume
+          mountPath: /tmp/conf
+        resources:
+          limits:
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 16Mi
+        securityContext:
+          privileged: true
+      volumes:
+      - name: timesyncd-conf-volume
+        configMap:
+          name: timesyncd-conf
+      hostPID: true
+      terminationGracePeriodSeconds: 30