adf8704f4c
- allow payloads to run in privileged mode.
- update kube-register to latest upstream (v0.0.3).
- jump into the etcd2 bandwagon.
- etcd master on master node.
- etcd proxies in nodes.
- update docs to reflect minimum required CoreOS version.
- 653.0.0 is the first to ship with etcd2, which we now consume.
- propagate changes on coreos/cloud-configs/ also to aws/cloud-configs/.
- update tested k8s versions that this addresses in the
getting-started-guides table ence making sure we are consistent across
it regarding the versions we claim to have tested, add myself there as
contact too.
- do not assume that cloud-init shortcuts will get everything right.
- they won't (as setup-network-environment who populates *_ipv4, etc
only runs way later).
- use flannel's plain defaults, as they should just be enough for the
common case.
Signed-off-by: António Meireles <antonio.meireles@reformi.st>
105 lines
3.7 KiB
YAML
105 lines
3.7 KiB
YAML
#cloud-config
|
|
write-files:
|
|
- path: /opt/bin/wupiao
|
|
permissions: '0755'
|
|
content: |
|
|
#!/bin/bash
|
|
# [w]ait [u]ntil [p]ort [i]s [a]ctually [o]pen
|
|
[ -n "$1" ] && [ -n "$2" ] && while ! curl --output /dev/null \
|
|
--silent --head --fail \
|
|
http://${1}:${2}; do sleep 1 && echo -n .; done;
|
|
exit $?
|
|
coreos:
|
|
etcd2:
|
|
listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
|
|
initial-cluster: master=http://<master-private-ip>:2380
|
|
proxy: on
|
|
fleet:
|
|
metadata: "role=node"
|
|
units:
|
|
- name: fleet.service
|
|
command: start
|
|
- name: flanneld.service
|
|
command: start
|
|
drop-ins:
|
|
- name: 50-network-config.conf
|
|
content: |
|
|
[Unit]
|
|
Requires=etcd2.service
|
|
[Service]
|
|
ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}'
|
|
- name: docker.service
|
|
command: start
|
|
drop-ins:
|
|
- name: 51-docker-mirror.conf
|
|
content: |
|
|
[Unit]
|
|
Requires=flanneld.service
|
|
After=flanneld.service
|
|
[Service]
|
|
Environment=DOCKER_OPTS='--registry-mirror=http://<master-private-ip>:5000'
|
|
- name: setup-network-environment.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Setup Network Environment
|
|
Documentation=https://github.com/kelseyhightower/setup-network-environment
|
|
Requires=network-online.target
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
ExecStartPre=-/usr/bin/mkdir -p /opt/bin
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/setup-network-environment
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/setup-network-environment
|
|
ExecStart=/opt/bin/setup-network-environment
|
|
RemainAfterExit=yes
|
|
Type=oneshot
|
|
- name: kube-proxy.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Proxy
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
Requires=setup-network-environment.service
|
|
After=setup-network-environment.service
|
|
|
|
[Service]
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kube-proxy
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-proxy
|
|
# wait for kubernetes master to be up and ready
|
|
ExecStartPre=/opt/bin/wupiao <master-private-ip> 8080
|
|
ExecStart=/opt/bin/kube-proxy \
|
|
--master=<master-private-ip>:8080 \
|
|
--logtostderr=true
|
|
Restart=always
|
|
RestartSec=10
|
|
- name: kube-kubelet.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Kubelet
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
Requires=setup-network-environment.service
|
|
After=setup-network-environment.service
|
|
|
|
[Service]
|
|
EnvironmentFile=/etc/network-environment
|
|
ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kubelet
|
|
ExecStartPre=/usr/bin/chmod +x /opt/bin/kubelet
|
|
# wait for kubernetes master to be up and ready
|
|
ExecStartPre=/opt/bin/wupiao <master-private-ip> 8080
|
|
ExecStart=/opt/bin/kubelet \
|
|
--address=0.0.0.0 \
|
|
--port=10250 \
|
|
--hostname_override=$private_ipv4 \
|
|
--api_servers=<master-private-ip>:8080 \
|
|
--allow_privileged=true \
|
|
--logtostderr=true \
|
|
--healthz_bind_address=0.0.0.0 \
|
|
--healthz_port=10248
|
|
Restart=always
|
|
RestartSec=10
|
|
update:
|
|
group: alpha
|
|
reboot-strategy: off
|