mirror of
https://github.com/puppetmaster/typhoon.git
synced 2024-12-24 04:19:33 +01:00
Use bootkube system container on fedora-atomic
* Use the upstream bootkube image packaged with the required metadata to be usable as a system container under systemd * Run bootkube with runc so no host level components use Docker any more. Docker is still the runtime * Remove bootkube script and old systemd unit
This commit is contained in:
parent
3dde4ba8ba
commit
9b88d4bbfd
@ -70,33 +70,7 @@ write_files:
|
||||
permissions: '0644'
|
||||
content: |
|
||||
${kubeconfig}
|
||||
- path: /etc/systemd/system/bootkube.service
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Bootstrap a Kubernetes cluster
|
||||
ConditionPathExists=!/var/bootkube/init_bootkube.done
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
WorkingDirectory=/var/bootkube
|
||||
ExecStartPre=/bin/mkdir -p /var/bootkube
|
||||
ExecStart=/usr/local/bin/bootkube-start
|
||||
ExecStartPost=/bin/touch /var/bootkube/init_bootkube.done
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- path: /var/bootkube/.keep
|
||||
- path: /usr/local/bin/bootkube-start
|
||||
permissions: '0755'
|
||||
content: |
|
||||
#!/bin/bash -e
|
||||
# Wrapper for bootkube start
|
||||
[ -n "$(ls /var/bootkube/assets/manifests-*/* 2>/dev/null)" ] && mv /var/bootkube/assets/manifests-*/* /var/bootkube/assets/manifests && rm -rf /var/bootkube/assets/manifests-*
|
||||
/usr/bin/docker run --rm --name bootkube \
|
||||
--net=host \
|
||||
--volume /etc/kubernetes:/etc/kubernetes:Z \
|
||||
--volume /var/bootkube/assets:/assets:Z \
|
||||
--entrypoint=/bootkube \
|
||||
quay.io/coreos/bootkube:v0.12.0 start --asset-dir=/assets
|
||||
- path: /var/lib/bootkube/.keep
|
||||
- path: /etc/selinux/config
|
||||
owner: root:root
|
||||
permissions: '0644'
|
||||
@ -109,9 +83,10 @@ bootcmd:
|
||||
runcmd:
|
||||
- [systemctl, daemon-reload]
|
||||
- "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- "atomic install --system --name=bootkube quay.io/dghubble/bootkube:3cc2345503c60186db5272fa918514259e3c4a9d"
|
||||
- [systemctl, start, --no-block, etcd.service]
|
||||
- [systemctl, enable, cloud-metadata.service]
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- [systemctl, start, --no-block, kubelet.service]
|
||||
users:
|
||||
- default
|
||||
|
@ -82,7 +82,7 @@ resource "null_resource" "bootkube-start" {
|
||||
provisioner "remote-exec" {
|
||||
inline = [
|
||||
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 4; done",
|
||||
"sudo mv $HOME/assets /var/bootkube",
|
||||
"sudo mv $HOME/assets /var/lib/bootkube",
|
||||
"sudo systemctl start bootkube",
|
||||
]
|
||||
}
|
||||
|
@ -60,48 +60,23 @@ write_files:
|
||||
PathExists=/etc/kubernetes/kubeconfig
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- path: /etc/systemd/system/bootkube.service
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Bootstrap a Kubernetes cluster
|
||||
ConditionPathExists=!/var/bootkube/init_bootkube.done
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
WorkingDirectory=/var/bootkube
|
||||
ExecStartPre=/bin/mkdir -p /var/bootkube
|
||||
ExecStart=/usr/local/bin/bootkube-start
|
||||
ExecStartPost=/bin/touch /var/bootkube/init_bootkube.done
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- path: /var/bootkube/.keep
|
||||
- path: /var/lib/bootkube/.keep
|
||||
- path: /etc/selinux/config
|
||||
owner: root:root
|
||||
permissions: '0644'
|
||||
content: |
|
||||
SELINUX=permissive
|
||||
SELINUXTYPE=targeted
|
||||
- path: /usr/local/bin/bootkube-start
|
||||
permissions: '0755'
|
||||
content: |
|
||||
#!/bin/bash -e
|
||||
# Wrapper for bootkube start
|
||||
[ -n "$(ls /var/bootkube/assets/manifests-*/* 2>/dev/null)" ] && mv /var/bootkube/assets/manifests-*/* /var/bootkube/assets/manifests && rm -rf /var/bootkube/assets/manifests-*
|
||||
/usr/bin/docker run --rm --name bootkube \
|
||||
--net=host \
|
||||
--volume /etc/kubernetes:/etc/kubernetes:Z \
|
||||
--volume /var/bootkube/assets:/assets:Z \
|
||||
--entrypoint=/bootkube \
|
||||
quay.io/coreos/bootkube:v0.12.0 start --asset-dir=/assets
|
||||
bootcmd:
|
||||
- [setenforce, Permissive]
|
||||
- [systemctl, disable, firewalld, --now]
|
||||
runcmd:
|
||||
- [systemctl, daemon-reload]
|
||||
- "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
|
||||
- [systemctl, start, --no-block, etcd.service]
|
||||
- [hostnamectl, set-hostname, ${domain_name}]
|
||||
- "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- "atomic install --system --name=bootkube quay.io/dghubble/bootkube:3cc2345503c60186db5272fa918514259e3c4a9d"
|
||||
- [systemctl, start, --no-block, etcd.service]
|
||||
- [systemctl, enable, kubelet.path]
|
||||
- [systemctl, start, --no-block, kubelet.path]
|
||||
users:
|
||||
|
@ -113,7 +113,7 @@ resource "null_resource" "bootkube-start" {
|
||||
provisioner "remote-exec" {
|
||||
inline = [
|
||||
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 4; done",
|
||||
"sudo mv $HOME/assets /var/bootkube",
|
||||
"sudo mv $HOME/assets /var/lib/bootkube",
|
||||
"sudo systemctl start bootkube",
|
||||
]
|
||||
}
|
||||
|
@ -74,48 +74,23 @@ write_files:
|
||||
PathExists=/etc/kubernetes/kubeconfig
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- path: /etc/systemd/system/bootkube.service
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Bootstrap a Kubernetes cluster
|
||||
ConditionPathExists=!/var/bootkube/init_bootkube.done
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
WorkingDirectory=/var/bootkube
|
||||
ExecStartPre=/bin/mkdir -p /var/bootkube
|
||||
ExecStart=/usr/local/bin/bootkube-start
|
||||
ExecStartPost=/bin/touch /var/bootkube/init_bootkube.done
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- path: /var/bootkube/.keep
|
||||
- path: /var/lib/bootkube/.keep
|
||||
- path: /etc/selinux/config
|
||||
owner: root:root
|
||||
permissions: '0644'
|
||||
content: |
|
||||
SELINUX=permissive
|
||||
SELINUXTYPE=targeted
|
||||
- path: /usr/local/bin/bootkube-start
|
||||
permissions: '0755'
|
||||
content: |
|
||||
#!/bin/bash -e
|
||||
# Wrapper for bootkube start
|
||||
[ -n "$(ls /var/bootkube/assets/manifests-*/* 2>/dev/null)" ] && mv /var/bootkube/assets/manifests-*/* /var/bootkube/assets/manifests && rm -rf /var/bootkube/assets/manifests-*
|
||||
/usr/bin/docker run --rm --name bootkube \
|
||||
--net=host \
|
||||
--volume /etc/kubernetes:/etc/kubernetes:Z \
|
||||
--volume /var/bootkube/assets:/assets:Z \
|
||||
--entrypoint=/bootkube \
|
||||
quay.io/coreos/bootkube:v0.12.0 start --asset-dir=/assets
|
||||
bootcmd:
|
||||
- [setenforce, Permissive]
|
||||
- [systemctl, disable, firewalld, --now]
|
||||
runcmd:
|
||||
- [systemctl, daemon-reload]
|
||||
- "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- "atomic install --system --name=bootkube quay.io/dghubble/bootkube:3cc2345503c60186db5272fa918514259e3c4a9d"
|
||||
- [systemctl, start, --no-block, etcd.service]
|
||||
- [systemctl, enable, cloud-metadata.service]
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- [systemctl, enable, kubelet.path]
|
||||
- [systemctl, start, --no-block, kubelet.path]
|
||||
users:
|
||||
|
@ -110,7 +110,7 @@ resource "null_resource" "bootkube-start" {
|
||||
provisioner "remote-exec" {
|
||||
inline = [
|
||||
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 4; done",
|
||||
"sudo mv $HOME/assets /var/bootkube",
|
||||
"sudo mv $HOME/assets /var/lib/bootkube",
|
||||
"sudo systemctl start bootkube",
|
||||
]
|
||||
}
|
||||
|
@ -71,33 +71,7 @@ write_files:
|
||||
permissions: '0644'
|
||||
content: |
|
||||
${kubeconfig}
|
||||
- path: /etc/systemd/system/bootkube.service
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Bootstrap a Kubernetes cluster
|
||||
ConditionPathExists=!/var/bootkube/init_bootkube.done
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=true
|
||||
WorkingDirectory=/var/bootkube
|
||||
ExecStartPre=/bin/mkdir -p /var/bootkube
|
||||
ExecStart=/usr/local/bin/bootkube-start
|
||||
ExecStartPost=/bin/touch /var/bootkube/init_bootkube.done
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
- path: /var/bootkube/.keep
|
||||
- path: /usr/local/bin/bootkube-start
|
||||
permissions: '0755'
|
||||
content: |
|
||||
#!/bin/bash -e
|
||||
# Wrapper for bootkube start
|
||||
[ -n "$(ls /var/bootkube/assets/manifests-*/* 2>/dev/null)" ] && mv /var/bootkube/assets/manifests-*/* /var/bootkube/assets/manifests && rm -rf /var/bootkube/assets/manifests-*
|
||||
/usr/bin/docker run --rm --name bootkube \
|
||||
--net=host \
|
||||
--volume /etc/kubernetes:/etc/kubernetes:Z \
|
||||
--volume /var/bootkube/assets:/assets:Z \
|
||||
--entrypoint=/bootkube \
|
||||
quay.io/coreos/bootkube:v0.12.0 start --asset-dir=/assets
|
||||
- path: /var/lib/bootkube/.keep
|
||||
- path: /etc/selinux/config
|
||||
owner: root:root
|
||||
permissions: '0644'
|
||||
@ -110,9 +84,10 @@ bootcmd:
|
||||
runcmd:
|
||||
- [systemctl, daemon-reload]
|
||||
- "atomic install --system --name=etcd quay.io/dghubble/etcd:0265e6680d2533f3fbf4512af868d29ff07451ca"
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- "atomic install --system --name=bootkube quay.io/dghubble/bootkube:3cc2345503c60186db5272fa918514259e3c4a9d"
|
||||
- [systemctl, start, --no-block, etcd.service]
|
||||
- [systemctl, enable, cloud-metadata.service]
|
||||
- "atomic install --system --name=kubelet quay.io/dghubble/kubelet:8baca5cbaf7b7ee0710380c7d8897e444ebdcb27"
|
||||
- [systemctl, start, --no-block, kubelet.service]
|
||||
users:
|
||||
- default
|
||||
|
@ -82,7 +82,7 @@ resource "null_resource" "bootkube-start" {
|
||||
provisioner "remote-exec" {
|
||||
inline = [
|
||||
"while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 4; done",
|
||||
"sudo mv $HOME/assets /var/bootkube",
|
||||
"sudo mv $HOME/assets /var/lib/bootkube",
|
||||
"sudo systemctl start bootkube",
|
||||
]
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user