From 67d1ce453cda44d0baaaf63ceab3287e89aec4e7 Mon Sep 17 00:00:00 2001
From: Viktor Barzin <viktorbarzin@meta.com>
Date: Thu, 19 Mar 2026 19:57:13 +0000
Subject: [PATCH] add /sentinel dir to cloud-init for kured reboot gating

The kured sentinel gate DaemonSet requires /sentinel to exist on
all nodes. Without it, kured pods get stuck in ContainerCreating
with hostPath mount failure. Previously created manually; now
provisioned automatically for new nodes.
---
 modules/create-template-vm/cloud_init.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/modules/create-template-vm/cloud_init.yaml b/modules/create-template-vm/cloud_init.yaml
index 79d1de8c..82a57b52 100644
--- a/modules/create-template-vm/cloud_init.yaml
+++ b/modules/create-template-vm/cloud_init.yaml
@@ -67,6 +67,8 @@ runcmd:
   - ${containerd_config_update_command}
   - systemctl restart containerd
   - systemctl enable --now iscsid
+  # Create /sentinel directory for kured reboot gating (sentinel gate DaemonSet)
+  - mkdir -p /sentinel
   # Create 4Gi swap file for worker node memory pressure relief (NOT for master — etcd is latency-critical)
   - fallocate -l 4G /swapfile
   - chmod 600 /swapfile