github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor hyperkube, remove unnecessary packages, optimize layers, bump cni version, add new features, run kube-proxy in a daemonset

Browse Source
This commit is contained in:
Lucas Käldström
2016-08-25 01:24:05 +03:00
parent c958d3d4fd
commit d711fd8764
12 changed files with 197 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
cluster/images/hyperkube/setup-files.sh
View File

@@ -30,39 +30,40 @@ create_token() {
# list of Subject Alternative Names of the server TLS certificate
# Should contain internal IP, i.e. IP:10.0.0.1 for 10.0.0.0/24 cluster IP range
EXTRA_SANS=$1
DATA_DIR=/srv/kubernetes
# Files in /data are persistent across reboots, so we don't want to re-create the files if they already
# exist, because the state is persistent in etcd too, and we don't want a conflict between "old" data in
# etcd and "new" data that this script would create for apiserver. Therefore, if the file exist, skip it.
if [[ ! -f /data/ca.crt ]]; then
if [[ ! -f ${DATA_DIR}/ca.crt ]]; then
# Create HTTPS certificates
groupadd -f -r kube-cert-test
groupadd -f -r kube-cert
# hostname -I gets the ip of the node
CERT_DIR=/data CERT_GROUP=kube-cert-test /make-ca-cert.sh $(hostname -I | awk '{print $1}') ${EXTRA_SANS}
/make-ca-cert.sh $(hostname -I | awk '{print $1}') ${EXTRA_SANS}
echo "Certificates created $(date)"
else
echo "Certificates already found, not recreating."
fi
if [[ ! -f /data/basic_auth.csv ]]; then
if [[ ! -f ${DATA_DIR}/basic_auth.csv ]]; then
# Create basic token authorization
echo "admin,admin,admin" > /data/basic_auth.csv
echo "admin,admin,admin" > ${DATA_DIR}/basic_auth.csv
echo "basic_auth.csv created $(date)"
else
echo "basic_auth.csv already found, not recreating."
fi
if [[ ! -f /data/known_tokens.csv ]]; then
if [[ ! -f ${DATA_DIR}/known_tokens.csv ]]; then
# Create known tokens for service accounts
echo "$(create_token),admin,admin" >> /data/known_tokens.csv
echo "$(create_token),kubelet,kubelet" >> /data/known_tokens.csv
echo "$(create_token),kube_proxy,kube_proxy" >> /data/known_tokens.csv
echo "$(create_token),admin,admin" >> ${DATA_DIR}/known_tokens.csv
echo "$(create_token),kubelet,kubelet" >> ${DATA_DIR}/known_tokens.csv
echo "$(create_token),kube_proxy,kube_proxy" >> ${DATA_DIR}/known_tokens.csv
echo "known_tokens.csv created $(date)"
else