b60a3cca45
avoids race conditions (docker/docker-registry#892) when multiple workers are attempting to run sql migrations simultaneously. dunno why this isn't the registry's default since this isn't specially hard to trigger so we're just playing safe here. Signed-off-by: António Meireles <antonio.meireles@reformi.st>
200 lines
7.2 KiB
YAML
200 lines
7.2 KiB
YAML
#cloud-config
|
|
|
|
---
|
|
write_files:
|
|
- path: /opt/bin/waiter.sh
|
|
owner: root
|
|
content: |
|
|
#! /usr/bin/bash
|
|
until curl http://127.0.0.1:4001/v2/machines; do sleep 2; done
|
|
coreos:
|
|
fleet:
|
|
etcd-servers: http://localhost:4001
|
|
metadata: "role=master"
|
|
units:
|
|
- name: setup-network-environment.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Setup Network Environment
|
|
Documentation=https://github.com/kelseyhightower/setup-network-environment
|
|
Requires=network-online.target
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
ExecStartPre=-/usr/bin/mkdir -p /opt/bin
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/setup-network-environment
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/setup-network-environment
|
|
ExecStart=/opt/bin/setup-network-environment
|
|
RemainAfterExit=yes
|
|
Type=oneshot
|
|
- name: etcd.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=etcd
|
|
Requires=setup-network-environment.service
|
|
After=setup-network-environment.service
|
|
|
|
[Service]
|
|
EnvironmentFile=/etc/network-environment
|
|
User=etcd
|
|
PermissionsStartOnly=true
|
|
ExecStart=/usr/bin/etcd \
|
|
--name ${DEFAULT_IPV4} \
|
|
--addr ${DEFAULT_IPV4}:4001 \
|
|
--bind-addr 0.0.0.0 \
|
|
--cluster-active-size 1 \
|
|
--data-dir /var/lib/etcd \
|
|
--http-read-timeout 86400 \
|
|
--peer-addr ${DEFAULT_IPV4}:7001 \
|
|
--snapshot true
|
|
Restart=always
|
|
RestartSec=10s
|
|
- name: etcd-waiter.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=etcd waiter
|
|
Wants=network-online.target
|
|
Wants=etcd.service
|
|
After=etcd.service
|
|
After=network-online.target
|
|
Before=flanneld.service
|
|
|
|
[Service]
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/waiter.sh
|
|
ExecStart=/usr/bin/bash /opt/bin/waiter.sh
|
|
RemainAfterExit=true
|
|
Type=oneshot
|
|
- name: flanneld.service
|
|
command: start
|
|
drop-ins:
|
|
- name: 50-network-config.conf
|
|
content: |
|
|
[Service]
|
|
ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}'
|
|
ExecStart=
|
|
ExecStart=/usr/libexec/sdnotify-proxy /run/flannel/sd.sock \
|
|
/usr/bin/docker run --net=host --privileged=true --rm \
|
|
--volume=/run/flannel:/run/flannel \
|
|
--env=NOTIFY_SOCKET=/run/flannel/sd.sock \
|
|
--env-file=/run/flannel/options.env \
|
|
--volume=${ETCD_SSL_DIR}:/etc/ssl/etcd:ro \
|
|
quay.io/coreos/flannel:${FLANNEL_VER} /opt/bin/flanneld --ip-masq=true --iface=eth1
|
|
- name: docker-cache.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Docker cache proxy
|
|
Requires=early-docker.service
|
|
After=early-docker.service
|
|
Before=early-docker.target
|
|
|
|
[Service]
|
|
Restart=always
|
|
TimeoutStartSec=0
|
|
RestartSec=5
|
|
Environment="TMPDIR=/var/tmp/"
|
|
Environment="DOCKER_HOST=unix:///var/run/early-docker.sock"
|
|
ExecStartPre=-/usr/bin/docker kill docker-registry
|
|
ExecStartPre=-/usr/bin/docker rm docker-registry
|
|
ExecStartPre=/usr/bin/docker pull quay.io/devops/docker-registry:latest
|
|
# GUNICORN_OPTS is an workaround for
|
|
# https://github.com/docker/docker-registry/issues/892
|
|
ExecStart=/usr/bin/docker run --rm --net host --name docker-registry \
|
|
-e STANDALONE=false \
|
|
-e GUNICORN_OPTS=[--preload] \
|
|
-e MIRROR_SOURCE=https://registry-1.docker.io \
|
|
-e MIRROR_SOURCE_INDEX=https://index.docker.io \
|
|
-e MIRROR_TAGS_CACHE_TTL=1800 \
|
|
quay.io/devops/docker-registry:latest
|
|
- name: docker.service
|
|
drop-ins:
|
|
- name: 51-docker-mirror.conf
|
|
content: |
|
|
[Unit]
|
|
# making sure that docker-cache is up and that flanneld finished
|
|
# startup, otherwise containers won't land in flannel's network...
|
|
Requires=docker-cache.service flanneld.service
|
|
After=docker-cache.service flanneld.service
|
|
[Service]
|
|
Environment=DOCKER_OPTS='--registry-mirror=http://$private_ipv4:5000'
|
|
- name: kube-apiserver.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes API Server
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
Requires=etcd.service
|
|
After=etcd.service
|
|
|
|
[Service]
|
|
ExecStartPre=-/usr/bin/mkdir -p /opt/bin
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-apiserver
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-apiserver
|
|
ExecStart=/opt/bin/kube-apiserver \
|
|
--address=0.0.0.0 \
|
|
--port=8080 \
|
|
--portal_net=10.100.0.0/16 \
|
|
--etcd_servers=http://127.0.0.1:4001 \
|
|
--public_address_override=$private_ipv4 \
|
|
--logtostderr=true
|
|
Restart=always
|
|
RestartSec=10
|
|
- name: kube-controller-manager.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Controller Manager
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
Requires=kube-apiserver.service
|
|
After=kube-apiserver.service
|
|
|
|
[Service]
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-controller-manager
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-controller-manager
|
|
ExecStart=/opt/bin/kube-controller-manager \
|
|
--master=127.0.0.1:8080 \
|
|
--logtostderr=true
|
|
Restart=always
|
|
RestartSec=10
|
|
- name: kube-scheduler.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Scheduler
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
Requires=kube-apiserver.service
|
|
After=kube-apiserver.service
|
|
|
|
[Service]
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-scheduler
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-scheduler
|
|
ExecStart=/opt/bin/kube-scheduler --master=127.0.0.1:8080
|
|
Restart=always
|
|
RestartSec=10
|
|
- name: kube-register.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Registration Service
|
|
Documentation=https://github.com/kelseyhightower/kube-register
|
|
Requires=kube-apiserver.service
|
|
After=kube-apiserver.service
|
|
Requires=fleet.service
|
|
After=fleet.service
|
|
|
|
[Service]
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/kube-register
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-register
|
|
ExecStart=/opt/bin/kube-register \
|
|
--metadata=role=node \
|
|
--fleet-endpoint=unix:///var/run/fleet.sock \
|
|
--api-endpoint=http://127.0.0.1:8080
|
|
Restart=always
|
|
RestartSec=10
|
|
update:
|
|
group: alpha
|
|
reboot-strategy: off
|