Use etcd system container on fedora-atomic

* Use the upstream etcd image packaged with the required
metadata to be usable as a system container (runc) under
systemd
This commit is contained in:
Dalton Hubble 2018-04-05 23:11:34 -07:00
parent 9969c357da
commit 8d7cfc1a45
4 changed files with 11 additions and 85 deletions

View File

@ -1,31 +1,5 @@
#cloud-config #cloud-config
write_files: write_files:
- path: /etc/systemd/system/etcd-member.service
content: |
[Unit]
Description=etcd-member
Documentation=https://github.com/coreos/etcd
Wants=network-online.target network.target
After=network-online.target
Requires=docker.service
After=docker.service
[Service]
EnvironmentFile=/etc/etcd/etcd.conf
ExecStartPre=/bin/mkdir -p /var/lib/etcd
ExecStart=/usr/bin/docker run --rm --name etcd-member \
--net=host \
-v /etc/pki/tls/certs:/usr/share/ca-certificates:ro,z \
-v /etc/ssl/etcd:/etc/ssl/certs:ro,Z \
-v /var/lib/etcd:/var/lib/etcd:Z \
--env-file=/etc/etcd/etcd.conf \
quay.io/coreos/etcd:v3.3.3
ExecStop=/usr/bin/docker stop etcd-member
Restart=on-failure
RestartSec=10s
TimeoutStartSec=0
LimitNOFILE=40000
[Install]
WantedBy=multi-user.target
- path: /etc/etcd/etcd.conf - path: /etc/etcd/etcd.conf
content: | content: |
ETCD_NAME=${etcd_name} ETCD_NAME=${etcd_name}
@ -134,11 +108,11 @@ bootcmd:
- [setenforce, Permissive] - [setenforce, Permissive]
runcmd: runcmd:
- [systemctl, daemon-reload] - [systemctl, daemon-reload]
- [systemctl, enable, etcd-member.service] - "atomic install --system --name=etcd quay.io/dghubble/etcd:99f87f9245ef2b2104fe2fc3550c21327b5a980f"
- [systemctl, start, --no-block, etcd-member.service] - [systemctl, start, --no-block, etcd.service]
- [systemctl, disable, firewalld, --now]
- [systemctl, enable, kubelet.service] - [systemctl, enable, kubelet.service]
- [systemctl, start, --no-block, kubelet.service] - [systemctl, start, --no-block, kubelet.service]
- [systemctl, disable, firewalld, --now]
users: users:
- default - default
- name: fedora - name: fedora

View File

@ -1,31 +1,5 @@
#cloud-config #cloud-config
write_files: write_files:
- path: /etc/systemd/system/etcd-member.service
content: |
[Unit]
Description=etcd-member
Documentation=https://github.com/coreos/etcd
Wants=network-online.target network.target
After=network-online.target
Requires=docker.service
After=docker.service
[Service]
EnvironmentFile=/etc/etcd/etcd.conf
ExecStartPre=/bin/mkdir -p /var/lib/etcd
ExecStart=/usr/bin/docker run --rm --name etcd-member \
--net=host \
-v /etc/pki/tls/certs:/usr/share/ca-certificates:ro,z \
-v /etc/ssl/etcd:/etc/ssl/certs:ro,Z \
-v /var/lib/etcd:/var/lib/etcd:Z \
--env-file=/etc/etcd/etcd.conf \
quay.io/coreos/etcd:v3.3.3
ExecStop=/usr/bin/docker stop etcd-member
Restart=on-failure
RestartSec=10s
TimeoutStartSec=0
LimitNOFILE=40000
[Install]
WantedBy=multi-user.target
- path: /etc/etcd/etcd.conf - path: /etc/etcd/etcd.conf
content: | content: |
ETCD_NAME=${etcd_name} ETCD_NAME=${etcd_name}
@ -131,8 +105,8 @@ bootcmd:
- [setenforce, Permissive] - [setenforce, Permissive]
runcmd: runcmd:
- [systemctl, daemon-reload] - [systemctl, daemon-reload]
- [systemctl, enable, etcd-member.service] - "atomic install --system --name=etcd quay.io/dghubble/etcd:99f87f9245ef2b2104fe2fc3550c21327b5a980f"
- [systemctl, start, --no-block, etcd-member.service] - [systemctl, start, --no-block, etcd.service]
- [hostnamectl, set-hostname, ${domain_name}] - [hostnamectl, set-hostname, ${domain_name}]
- [systemctl, enable, kubelet.path] - [systemctl, enable, kubelet.path]
- [systemctl, start, --no-block, kubelet.path] - [systemctl, start, --no-block, kubelet.path]

View File

@ -1,31 +1,5 @@
#cloud-config #cloud-config
write_files: write_files:
- path: /etc/systemd/system/etcd-member.service
content: |
[Unit]
Description=etcd-member
Documentation=https://github.com/coreos/etcd
Wants=network-online.target network.target
After=network-online.target
Requires=docker.service
After=docker.service
[Service]
EnvironmentFile=/etc/etcd/etcd.conf
ExecStartPre=/bin/mkdir -p /var/lib/etcd
ExecStart=/usr/bin/docker run --rm --name etcd-member \
--net=host \
-v /etc/pki/tls/certs:/usr/share/ca-certificates:ro,z \
-v /etc/ssl/etcd:/etc/ssl/certs:ro,Z \
-v /var/lib/etcd:/var/lib/etcd:Z \
--env-file=/etc/etcd/etcd.conf \
quay.io/coreos/etcd:v3.3.3
ExecStop=/usr/bin/docker stop etcd-member
Restart=on-failure
RestartSec=10s
TimeoutStartSec=0
LimitNOFILE=40000
[Install]
WantedBy=multi-user.target
- path: /etc/etcd/etcd.conf - path: /etc/etcd/etcd.conf
content: | content: |
ETCD_NAME=${etcd_name} ETCD_NAME=${etcd_name}
@ -57,6 +31,8 @@ write_files:
--retry 10)\nDIGITALOCEAN_IPV4_PRIVATE_0=$(curl\ --retry 10)\nDIGITALOCEAN_IPV4_PRIVATE_0=$(curl\
--url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\ --url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\
--retry 10)" > $${OUTPUT}' --retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service - path: /etc/systemd/system/kubelet.service
content: | content: |
[Unit] [Unit]
@ -147,8 +123,8 @@ bootcmd:
- [setenforce, Permissive] - [setenforce, Permissive]
runcmd: runcmd:
- [systemctl, daemon-reload] - [systemctl, daemon-reload]
- [systemctl, enable, etcd-member.service] - "atomic install --system --name=etcd quay.io/dghubble/etcd:99f87f9245ef2b2104fe2fc3550c21327b5a980f"
- [systemctl, start, --no-block, etcd-member.service] - [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service] - [systemctl, enable, cloud-metadata.service]
- [systemctl, enable, kubelet.path] - [systemctl, enable, kubelet.path]
- [systemctl, start, --no-block, kubelet.path] - [systemctl, start, --no-block, kubelet.path]

View File

@ -13,6 +13,8 @@ write_files:
--retry 10)\nDIGITALOCEAN_IPV4_PRIVATE_0=$(curl\ --retry 10)\nDIGITALOCEAN_IPV4_PRIVATE_0=$(curl\
--url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\ --url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\
--retry 10)" > $${OUTPUT}' --retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service - path: /etc/systemd/system/kubelet.service
content: | content: |
[Unit] [Unit]