Launch a cluster-local registry.

This registry can be accessed through proxies that run on each node
listening on port 5000. We send the proxy images to the nodes directly
to avoid requests that hit the network during cluster launch. For now,
we continue to pull the registry itself over the network, especially
given its large size (we should be able to dramatically shrink the
image). On GCE we create a PD and use that for storage, otherwise we
use an emptyDir. The registry is not enabled outside of GCE. All
communication is currently plain HTTP. In order to use SSL, we will
need to be able to request a certificate/key from the apiserver signed
by the apiserver's CA cert.

build/common.sh

@@ -100,6 +100,12 @@ readonly KUBE_DOCKER_WRAPPED_BINARIES=(
   kube-scheduler
 )
 
+# The set of addons images that should be prepopulated
+readonly KUBE_ADDON_PATHS=(
+  gcr.io/google_containers/pause:0.8.0
+  uluyol/kube-registry-proxy:0.2.3
+)
+
 # ---------------------------------------------------------------------------
 # Basic setup functions
 
@@ -602,6 +608,7 @@ function kube::release::package_server_tarballs() {
     local release_stage="${RELEASE_STAGE}/server/${platform_tag}/kubernetes"
     rm -rf "${release_stage}"
     mkdir -p "${release_stage}/server/bin"
+    mkdir -p "${release_stage}/addons"
 
     # This fancy expression will expand to prepend a path
     # (${LOCAL_OUTPUT_BINPATH}/${platform}/) to every item in the
@@ -610,6 +617,7 @@ function kube::release::package_server_tarballs() {
       "${release_stage}/server/bin/"
     
     kube::release::create_docker_images_for_server "${release_stage}/server/bin";
+    kube::release::write_addon_docker_images_for_server "${release_stage}/addons"
 
     # Include the client binaries here too as they are useful debugging tools.
     local client_bins=("${KUBE_CLIENT_BINARIES[@]}")
@@ -681,6 +689,27 @@ function kube::release::create_docker_images_for_server() {
   )
 }
 
+# This will pull and save docker images for addons which need to placed
+# on the nodes directly.
+function kube::release::write_addon_docker_images_for_server() {
+  # Create a sub-shell so that we don't pollute the outer environment
+  (
+    local addon_path
+    for addon_path in "${KUBE_ADDON_PATHS[@]}"; do
+      (
+        kube::log::status "Pulling and writing Docker image for addon: ${addon_path}"
+
+        local dest_name="${addon_path//\//\~}"
+        docker pull "${addon_path}"
+        docker save "${addon_path}" > "${1}/${dest_name}.tar"
+      ) &
+    done
+
+    kube::util::wait-for-jobs || { kube::log::error "unable to pull or write addon image"; return 1; }
+    kube::log::status "Addon images done"
+  )
+}
+
 # Package up the salt configuration tree.  This is an optional helper to getting
 # a cluster up and running.
 function kube::release::package_salt_tarball() {