Set kube-apiserver kubelet preferred address types

* Prefer InternalIP and ExternalIP over the node's hostname,
to match upstream behavior and kubeadm
* Previously, hostname-override was used to set node names
to internal IP's to work around some cloud providers not
resolving hostnames for instances (e.g. DO droplets)
This commit is contained in:
Dalton Hubble 2018-11-03 15:04:08 -07:00
parent 78c9fdc18f
commit 721c847943
29 changed files with 68 additions and 161 deletions

View File

@ -4,6 +4,8 @@ Notable changes between versions.
## Latest ## Latest
* Change kube-apiserver `--kubelet-preferred-address-types` to InternalIP,ExternalIP,Hostname
## v1.12.2 ## v1.12.2
* Kubernetes [v1.12.2](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1122) * Kubernetes [v1.12.2](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1122)

View File

@ -87,10 +87,10 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
```sh ```sh
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2 yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2 yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2 yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
``` ```
List the pods. List the pods.
@ -102,6 +102,7 @@ kube-system calico-node-1cs8z 2/2 Running 0
kube-system calico-node-d1l5b 2/2 Running 0 6m kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-h90v8 1/1 Running 1 6m kube-system kube-controller-manager-3271970485-h90v8 1/1 Running 1 6m
@ -111,6 +112,7 @@ kube-system kube-proxy-njn47 1/1 Running 0
kube-system kube-scheduler-3895335239-5x87r 1/1 Running 0 6m kube-system kube-scheduler-3895335239-5x87r 1/1 Running 0 6m
kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1 6m kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1 6m
kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m
kube-system pod-checkpointer-l6lrt-controller-0 1/1 Running 0 6m
``` ```
## Non-Goals ## Non-Goals

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -19,24 +19,9 @@ write_files:
ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt
ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key
ETCD_PEER_CLIENT_CERT_AUTH=true ETCD_PEER_CLIENT_CERT_AUTH=true
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/latest/meta-data/local-ipv4\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf - path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: | content: |
[Unit] [Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -97,7 +82,6 @@ runcmd:
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2" - "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0" - "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0"
- [systemctl, start, --no-block, etcd.service] - [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service]
- [systemctl, start, --no-block, kubelet.service] - [systemctl, start, --no-block, kubelet.service]
users: users:
- default - default

View File

@ -1,23 +1,8 @@
#cloud-config #cloud-config
write_files: write_files:
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/latest/meta-data/local-ipv4\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf - path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: | content: |
[Unit] [Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -69,7 +54,6 @@ bootcmd:
runcmd: runcmd:
- [systemctl, daemon-reload] - [systemctl, daemon-reload]
- [systemctl, restart, NetworkManager] - [systemctl, restart, NetworkManager]
- [systemctl, enable, cloud-metadata.service]
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2" - "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- [systemctl, start, --no-block, kubelet.service] - [systemctl, start, --no-block, kubelet.service]
users: users:

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${var.k8s_domain_name}"] api_servers = ["${var.k8s_domain_name}"]

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${var.k8s_domain_name}"] api_servers = ["${var.k8s_domain_name}"]

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -56,12 +56,9 @@ systemd:
contents: | contents: |
[Unit] [Unit]
Description=Kubelet via Hyperkube Description=Kubelet via Hyperkube
Requires=coreos-metadata.service
After=coreos-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
EnvironmentFile=/etc/kubernetes/kubelet.env EnvironmentFile=/etc/kubernetes/kubelet.env
EnvironmentFile=/run/metadata/coreos
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \ Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \
--volume=resolv,kind=host,source=/etc/resolv.conf \ --volume=resolv,kind=host,source=/etc/resolv.conf \
--mount volume=resolv,target=/etc/resolv.conf \ --mount volume=resolv,target=/etc/resolv.conf \
@ -93,7 +90,6 @@ systemd:
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \
--cni-conf-dir=/etc/kubernetes/cni/net.d \ --cni-conf-dir=/etc/kubernetes/cni/net.d \
--exit-on-lock-contention \ --exit-on-lock-contention \
--hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
--kubeconfig=/etc/kubernetes/kubeconfig \ --kubeconfig=/etc/kubernetes/kubeconfig \
--lock-file=/var/run/lock/kubelet.lock \ --lock-file=/var/run/lock/kubelet.lock \
--network-plugin=cni \ --network-plugin=cni \

View File

@ -31,12 +31,9 @@ systemd:
contents: | contents: |
[Unit] [Unit]
Description=Kubelet via Hyperkube Description=Kubelet via Hyperkube
Requires=coreos-metadata.service
After=coreos-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
EnvironmentFile=/etc/kubernetes/kubelet.env EnvironmentFile=/etc/kubernetes/kubelet.env
EnvironmentFile=/run/metadata/coreos
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \ Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \
--volume=resolv,kind=host,source=/etc/resolv.conf \ --volume=resolv,kind=host,source=/etc/resolv.conf \
--mount volume=resolv,target=/etc/resolv.conf \ --mount volume=resolv,target=/etc/resolv.conf \
@ -66,7 +63,6 @@ systemd:
--cluster_domain=${cluster_domain_suffix} \ --cluster_domain=${cluster_domain_suffix} \
--cni-conf-dir=/etc/kubernetes/cni/net.d \ --cni-conf-dir=/etc/kubernetes/cni/net.d \
--exit-on-lock-contention \ --exit-on-lock-contention \
--hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
--kubeconfig=/etc/kubernetes/kubeconfig \ --kubeconfig=/etc/kubernetes/kubeconfig \
--lock-file=/var/run/lock/kubelet.lock \ --lock-file=/var/run/lock/kubelet.lock \
--network-plugin=cni \ --network-plugin=cni \

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -19,24 +19,9 @@ write_files:
ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt
ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key
ETCD_PEER_CLIENT_CERT_AUTH=true ETCD_PEER_CLIENT_CERT_AUTH=true
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf - path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: | content: |
[Unit] [Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -94,7 +79,6 @@ runcmd:
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2" - "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0" - "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0"
- [systemctl, start, --no-block, etcd.service] - [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service]
- [systemctl, enable, kubelet.path] - [systemctl, enable, kubelet.path]
- [systemctl, start, --no-block, kubelet.path] - [systemctl, start, --no-block, kubelet.path]
users: users:

View File

@ -1,23 +1,8 @@
#cloud-config #cloud-config
write_files: write_files:
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf - path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: | content: |
[Unit] [Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -66,7 +51,6 @@ bootcmd:
- [modprobe, ip_vs] - [modprobe, ip_vs]
runcmd: runcmd:
- [systemctl, daemon-reload] - [systemctl, daemon-reload]
- [systemctl, enable, cloud-metadata.service]
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2" - "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- [systemctl, enable, kubelet.path] - [systemctl, enable, kubelet.path]
- [systemctl, start, --no-block, kubelet.path] - [systemctl, start, --no-block, kubelet.path]

View File

@ -155,10 +155,10 @@ In 5-10 minutes, the Kubernetes cluster will be ready.
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/tempest/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/tempest/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME STATUS ROLES AGE VERSION
ip-10-0-12-221 Ready 34m v1.12.2 ip-10-0-3-155 Ready controller,master 10m v1.12.2
ip-10-0-19-112 Ready 34m v1.12.2 ip-10-0-26-65 Ready node 10m v1.12.2
ip-10-0-4-22 Ready 34m v1.12.2 ip-10-0-41-21 Ready node 10m v1.12.2
``` ```
List the pods. List the pods.
@ -170,6 +170,7 @@ kube-system calico-node-1m5bf 2/2 Running 0
kube-system calico-node-7jmr1 2/2 Running 0 34m kube-system calico-node-7jmr1 2/2 Running 0 34m
kube-system calico-node-bknc8 2/2 Running 0 34m kube-system calico-node-bknc8 2/2 Running 0 34m
kube-system coredns-1187388186-wx1lg 1/1 Running 0 34m kube-system coredns-1187388186-wx1lg 1/1 Running 0 34m
kube-system coredns-1187388186-qjnvp 1/1 Running 0 34m
kube-system kube-apiserver-4mjbk 1/1 Running 0 34m kube-system kube-apiserver-4mjbk 1/1 Running 0 34m
kube-system kube-controller-manager-3597210155-j2jbt 1/1 Running 1 34m kube-system kube-controller-manager-3597210155-j2jbt 1/1 Running 1 34m
kube-system kube-controller-manager-3597210155-j7g7x 1/1 Running 0 34m kube-system kube-controller-manager-3597210155-j7g7x 1/1 Running 0 34m
@ -179,7 +180,7 @@ kube-system kube-proxy-sbbsh 1/1 Running 0
kube-system kube-scheduler-3359497473-5plhf 1/1 Running 0 34m kube-system kube-scheduler-3359497473-5plhf 1/1 Running 0 34m
kube-system kube-scheduler-3359497473-r7zg7 1/1 Running 1 34m kube-system kube-scheduler-3359497473-r7zg7 1/1 Running 1 34m
kube-system pod-checkpointer-4kxtl 1/1 Running 0 34m kube-system pod-checkpointer-4kxtl 1/1 Running 0 34m
kube-system pod-checkpointer-4kxtl-ip-10-0-12-221 1/1 Running 0 33m kube-system pod-checkpointer-4kxtl-ip-10-0-3-155 1/1 Running 0 33m
``` ```
## Going Further ## Going Further

View File

@ -360,10 +360,10 @@ bootkube[5]: Tearing down temporary bootstrap control plane...
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/mercury/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/mercury/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME STATUS ROLES AGE VERSION
node1.example.com Ready 11m v1.12.2 node1.example.com Ready controller,master 10m v1.12.2
node2.example.com Ready 11m v1.12.2 node2.example.com Ready node 10m v1.12.2
node3.example.com Ready 11m v1.12.2 node3.example.com Ready node 10m v1.12.2
``` ```
List the pods. List the pods.
@ -374,6 +374,7 @@ NAMESPACE NAME READY STATUS RES
kube-system calico-node-6qp7f 2/2 Running 1 11m kube-system calico-node-6qp7f 2/2 Running 1 11m
kube-system calico-node-gnjrm 2/2 Running 0 11m kube-system calico-node-gnjrm 2/2 Running 0 11m
kube-system calico-node-llbgt 2/2 Running 0 11m kube-system calico-node-llbgt 2/2 Running 0 11m
kube-system coredns-1187388186-dj3pd 1/1 Running 0 11m
kube-system coredns-1187388186-mx9rt 1/1 Running 0 11m kube-system coredns-1187388186-mx9rt 1/1 Running 0 11m
kube-system kube-apiserver-7336w 1/1 Running 0 11m kube-system kube-apiserver-7336w 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m

View File

@ -151,10 +151,10 @@ In 3-6 minutes, the Kubernetes cluster will be ready.
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/nemo/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/nemo/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME STATUS ROLES AGE VERSION
10.132.110.130 Ready 10m v1.12.2 nemo-controller-0 Ready controller,master 10m v1.12.2
10.132.115.81 Ready 10m v1.12.2 nemo-worker-0 Ready node 10m v1.12.2
10.132.124.107 Ready 10m v1.12.2 nemo-worker-1 Ready node 10m v1.12.2
``` ```
List the pods. List the pods.
@ -162,6 +162,7 @@ List the pods.
``` ```
NAMESPACE NAME READY STATUS RESTARTS AGE NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-1187388186-ld1j7 1/1 Running 0 11m kube-system coredns-1187388186-ld1j7 1/1 Running 0 11m
kube-system coredns-1187388186-rdhf7 1/1 Running 0 11m
kube-system kube-apiserver-n10qr 1/1 Running 0 11m kube-system kube-apiserver-n10qr 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-37gtw 1/1 Running 1 11m kube-system kube-controller-manager-3271970485-37gtw 1/1 Running 1 11m
kube-system kube-controller-manager-3271970485-p52t5 1/1 Running 0 11m kube-system kube-controller-manager-3271970485-p52t5 1/1 Running 0 11m
@ -174,7 +175,7 @@ kube-system kube-proxy-k35rc 1/1 Running 0
kube-system kube-scheduler-3895335239-2bc4c 1/1 Running 0 11m kube-system kube-scheduler-3895335239-2bc4c 1/1 Running 0 11m
kube-system kube-scheduler-3895335239-b7q47 1/1 Running 1 11m kube-system kube-scheduler-3895335239-b7q47 1/1 Running 1 11m
kube-system pod-checkpointer-pr1lq 1/1 Running 0 11m kube-system pod-checkpointer-pr1lq 1/1 Running 0 11m
kube-system pod-checkpointer-pr1lq-10.132.115.81 1/1 Running 0 10m kube-system pod-checkpointer-pr1lq-nemo-controller-0 1/1 Running 0 10m
``` ```
## Going Further ## Going Further

View File

@ -196,10 +196,10 @@ In 5-10 minutes, the Kubernetes cluster will be ready.
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2 yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2 yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2 yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
``` ```
List the pods. List the pods.
@ -210,6 +210,7 @@ NAMESPACE NAME READY STATUS RESTART
kube-system calico-node-1cs8z 2/2 Running 0 6m kube-system calico-node-1cs8z 2/2 Running 0 6m
kube-system calico-node-d1l5b 2/2 Running 0 6m kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m

View File

@ -168,10 +168,10 @@ In 4-8 minutes, the Kubernetes cluster will be ready.
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/tempest/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/tempest/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME STATUS ROLES AGE VERSION
ip-10-0-12-221 Ready 34m v1.12.2 ip-10-0-3-155 Ready controller,master 10m v1.12.2
ip-10-0-19-112 Ready 34m v1.12.2 ip-10-0-26-65 Ready node 10m v1.12.2
ip-10-0-4-22 Ready 34m v1.12.2 ip-10-0-41-21 Ready node 10m v1.12.2
``` ```
List the pods. List the pods.
@ -183,6 +183,7 @@ kube-system calico-node-1m5bf 2/2 Running 0
kube-system calico-node-7jmr1 2/2 Running 0 34m kube-system calico-node-7jmr1 2/2 Running 0 34m
kube-system calico-node-bknc8 2/2 Running 0 34m kube-system calico-node-bknc8 2/2 Running 0 34m
kube-system coredns-1187388186-wx1lg 1/1 Running 0 34m kube-system coredns-1187388186-wx1lg 1/1 Running 0 34m
kube-system coredns-1187388186-qjnvp 1/1 Running 0 34m
kube-system kube-apiserver-4mjbk 1/1 Running 0 34m kube-system kube-apiserver-4mjbk 1/1 Running 0 34m
kube-system kube-controller-manager-3597210155-j2jbt 1/1 Running 1 34m kube-system kube-controller-manager-3597210155-j2jbt 1/1 Running 1 34m
kube-system kube-controller-manager-3597210155-j7g7x 1/1 Running 0 34m kube-system kube-controller-manager-3597210155-j7g7x 1/1 Running 0 34m
@ -192,7 +193,7 @@ kube-system kube-proxy-sbbsh 1/1 Running 0
kube-system kube-scheduler-3359497473-5plhf 1/1 Running 0 34m kube-system kube-scheduler-3359497473-5plhf 1/1 Running 0 34m
kube-system kube-scheduler-3359497473-r7zg7 1/1 Running 1 34m kube-system kube-scheduler-3359497473-r7zg7 1/1 Running 1 34m
kube-system pod-checkpointer-4kxtl 1/1 Running 0 34m kube-system pod-checkpointer-4kxtl 1/1 Running 0 34m
kube-system pod-checkpointer-4kxtl-ip-10-0-12-221 1/1 Running 0 33m kube-system pod-checkpointer-4kxtl-ip-10-0-3-155 1/1 Running 0 33m
``` ```
## Going Further ## Going Further

View File

@ -112,7 +112,7 @@ module "azure-ramius" {
asset_dir = "/home/user/.secrets/clusters/ramius" asset_dir = "/home/user/.secrets/clusters/ramius"
# optional # optional
worker_count = 3 worker_count = 2
host_cidr = "10.0.0.0/20" host_cidr = "10.0.0.0/20"
} }
``` ```
@ -168,7 +168,6 @@ NAME STATUS ROLES AGE VERSION
ramius-controller-0 Ready controller,master 24m v1.12.2 ramius-controller-0 Ready controller,master 24m v1.12.2
ramius-worker-000001 Ready node 25m v1.12.2 ramius-worker-000001 Ready node 25m v1.12.2
ramius-worker-000002 Ready node 24m v1.12.2 ramius-worker-000002 Ready node 24m v1.12.2
ramius-worker-000005 Ready node 24m v1.12.2
``` ```
List the pods. List the pods.

View File

@ -317,10 +317,10 @@ bootkube[5]: Tearing down temporary bootstrap control plane...
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/mercury/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/mercury/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME STATUS ROLES AGE VERSION
node1.example.com Ready 11m v1.12.2 node1.example.com Ready controller,master 10m v1.12.2
node2.example.com Ready 11m v1.12.2 node2.example.com Ready node 10m v1.12.2
node3.example.com Ready 11m v1.12.2 node3.example.com Ready node 10m v1.12.2
``` ```
List the pods. List the pods.
@ -331,6 +331,7 @@ NAMESPACE NAME READY STATUS RES
kube-system calico-node-6qp7f 2/2 Running 1 11m kube-system calico-node-6qp7f 2/2 Running 1 11m
kube-system calico-node-gnjrm 2/2 Running 0 11m kube-system calico-node-gnjrm 2/2 Running 0 11m
kube-system calico-node-llbgt 2/2 Running 0 11m kube-system calico-node-llbgt 2/2 Running 0 11m
kube-system coredns-1187388186-dj3pd 1/1 Running 0 11m
kube-system coredns-1187388186-mx9rt 1/1 Running 0 11m kube-system coredns-1187388186-mx9rt 1/1 Running 0 11m
kube-system kube-apiserver-7336w 1/1 Running 0 11m kube-system kube-apiserver-7336w 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m

View File

@ -163,10 +163,10 @@ In 3-6 minutes, the Kubernetes cluster will be ready.
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/nemo/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/nemo/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME STATUS ROLES AGE VERSION
10.132.110.130 Ready 10m v1.12.2 nemo-controller-0 Ready controller,master 10m v1.12.2
10.132.115.81 Ready 10m v1.12.2 nemo-worker-0 Ready node 10m v1.12.2
10.132.124.107 Ready 10m v1.12.2 nemo-worker-1 Ready node 10m v1.12.2
``` ```
List the pods. List the pods.
@ -174,6 +174,7 @@ List the pods.
``` ```
NAMESPACE NAME READY STATUS RESTARTS AGE NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-1187388186-ld1j7 1/1 Running 0 11m kube-system coredns-1187388186-ld1j7 1/1 Running 0 11m
kube-system coredns-1187388186-rdhf7 1/1 Running 0 11m
kube-system kube-apiserver-n10qr 1/1 Running 0 11m kube-system kube-apiserver-n10qr 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-37gtw 1/1 Running 1 11m kube-system kube-controller-manager-3271970485-37gtw 1/1 Running 1 11m
kube-system kube-controller-manager-3271970485-p52t5 1/1 Running 0 11m kube-system kube-controller-manager-3271970485-p52t5 1/1 Running 0 11m
@ -186,7 +187,7 @@ kube-system kube-proxy-k35rc 1/1 Running 0
kube-system kube-scheduler-3895335239-2bc4c 1/1 Running 0 11m kube-system kube-scheduler-3895335239-2bc4c 1/1 Running 0 11m
kube-system kube-scheduler-3895335239-b7q47 1/1 Running 1 11m kube-system kube-scheduler-3895335239-b7q47 1/1 Running 1 11m
kube-system pod-checkpointer-pr1lq 1/1 Running 0 11m kube-system pod-checkpointer-pr1lq 1/1 Running 0 11m
kube-system pod-checkpointer-pr1lq-10.132.115.81 1/1 Running 0 10m kube-system pod-checkpointer-pr1lq-nemo-controller-0 1/1 Running 0 10m
``` ```
## Going Further ## Going Further

View File

@ -171,10 +171,10 @@ In 4-8 minutes, the Kubernetes cluster will be ready.
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2 yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2 yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2 yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
``` ```
List the pods. List the pods.
@ -185,6 +185,7 @@ NAMESPACE NAME READY STATUS RESTART
kube-system calico-node-1cs8z 2/2 Running 0 6m kube-system calico-node-1cs8z 2/2 Running 0 6m
kube-system calico-node-d1l5b 2/2 Running 0 6m kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m

View File

@ -86,10 +86,10 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
``` ```
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig $ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes $ kubectl get nodes
NAME STATUS AGE VERSION NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2 yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2 yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2 yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
``` ```
List the pods. List the pods.
@ -100,6 +100,7 @@ NAMESPACE NAME READY STATUS RESTART
kube-system calico-node-1cs8z 2/2 Running 0 6m kube-system calico-node-1cs8z 2/2 Running 0 6m
kube-system calico-node-d1l5b 2/2 Running 0 6m kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m
@ -110,6 +111,7 @@ kube-system kube-proxy-njn47 1/1 Running 0
kube-system kube-scheduler-3895335239-5x87r 1/1 Running 0 6m kube-system kube-scheduler-3895335239-5x87r 1/1 Running 0 6m
kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1 6m kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1 6m
kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m
kube-system pod-checkpointer-l6lrt-controller-0 1/1 Running 0 6m
``` ```
## Help ## Help

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests) # Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" { module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8" source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}" cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"] api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

View File

@ -19,25 +19,9 @@ write_files:
ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt
ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key
ETCD_PEER_CLIENT_CERT_AUTH=true ETCD_PEER_CLIENT_CERT_AUTH=true
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
-H "Metadata-Flavor: Google"\
--url http://metadata.google.internal/computeMetadata/v1/instance/hostname\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf - path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: | content: |
[Unit] [Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -98,7 +82,6 @@ runcmd:
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2" - "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0" - "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0"
- [systemctl, start, --no-block, etcd.service] - [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service]
- [systemctl, start, --no-block, kubelet.service] - [systemctl, start, --no-block, kubelet.service]
users: users:
- default - default

View File

@ -1,24 +1,8 @@
#cloud-config #cloud-config
write_files: write_files:
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
-H "Metadata-Flavor: Google"\
--url http://metadata.google.internal/computeMetadata/v1/instance/hostname\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf - path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: | content: |
[Unit] [Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service Wants=rpc-statd.service
[Service] [Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -70,7 +54,6 @@ bootcmd:
runcmd: runcmd:
- [systemctl, daemon-reload] - [systemctl, daemon-reload]
- [systemctl, restart, NetworkManager] - [systemctl, restart, NetworkManager]
- [systemctl, enable, cloud-metadata.service]
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2" - "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- [systemctl, start, --no-block, kubelet.service] - [systemctl, start, --no-block, kubelet.service]
users: users: