k3s/cluster/saltbase/salt/docker/init.sls

{% if pillar.get('is_systemd') %}
  {% set environment_file = '/etc/sysconfig/docker' %}
{% else %}
  {% set environment_file = '/etc/default/docker' %}
{% endif %}

bridge-utils:
  pkg.installed

{% if grains.os_family == 'RedHat' %}

{{ environment_file }}:
  file.managed:
    - source: salt://docker/default
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - makedirs: true

{% if (grains.os == 'Fedora' and grains.osrelease_info[0] >= 22) or (grains.os == 'CentOS' and grains.osrelease_info[0] >= 7) %}

docker:
  pkg:
    - installed
  service.running:
    - enable: True
    - require:
      - pkg: docker
    - watch:
      - file: {{ environment_file }}
      - pkg: docker

{% else %}

docker-io:
  pkg:
    - installed

docker:
  service.running:
    - enable: True
    - require:
      - pkg: docker-io
    - watch:
      - file: {{ environment_file }}
      - pkg: docker-io

{% endif %}
{% elif grains.cloud is defined and grains.cloud == 'vsphere' and grains.os == 'Debian' and grains.osrelease_info[0] >=8 %}

{% if pillar.get('is_systemd') %}

{{ pillar.get('systemd_system_path') }}/docker.service:
  file.managed:
    - source: salt://docker/docker.service
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - defaults:
        environment_file: {{ environment_file }}

# The docker service.running block below doesn't work reliably
# Instead we run our script which e.g. does a systemd daemon-reload
# But we keep the service block below, so it can be used by dependencies
# TODO: Fix this
fix-service-docker:
  cmd.wait:
    - name: /opt/kubernetes/helpers/services bounce docker
    - watch:
      - file: {{ pillar.get('systemd_system_path') }}/docker.service
      - file: {{ environment_file }}
{% endif %}

{{ environment_file }}:
  file.managed:
    - source: salt://docker/docker-defaults
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - makedirs: true
    - require:
      - pkg: docker-engine

'apt-key':
   cmd.run:
     - name: 'apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D'
     - unless: 'apt-key finger | grep "5811 8E89"'

'apt-update':
  cmd.wait:
    - name: '/usr/bin/apt-get update -y'
    - require:
       - cmd : 'apt-key'

lxc-docker:
  pkg:
    - purged

docker-io:
  pkg:
    - purged

cbr0:
  network.managed:
    - enabled: True
    - type: bridge
    - proto: dhcp
    - ports: none
    - bridge: cbr0
    - delay: 0
    - bypassfirewall: True
    - require_in:
      - service: docker

/etc/apt/sources.list.d/docker.list:
  file.managed:
    - source: salt://docker/docker.list
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - require:
      - cmd: 'apt-update'

docker-engine:
   pkg:
     - installed
     - require:
       - file: /etc/apt/sources.list.d/docker.list
docker:
   service.running:
     - enable: True
     - require:
       - file: {{ environment_file }}
     - watch:
       - file: {{ environment_file }}

{% else %}

{% if grains.cloud is defined
   and grains.cloud == 'gce' %}
# The default GCE images have ip_forwarding explicitly set to 0.
# Here we take care of commenting that out.
/etc/sysctl.d/11-gce-network-security.conf:
  file.replace:
    - pattern: '^net.ipv4.ip_forward=0'
    - repl: '# net.ipv4.ip_forward=0'

/etc/init.d/docker:
  file.managed:
    - source: salt://docker/docker-init
    - template: jinja
    - user: root
    - group: root
    - mode: 755
    - makedirs: true
{% endif %}

# Work around Salt #18089: https://github.com/saltstack/salt/issues/18089
/etc/sysctl.d/99-salt.conf:
  file.touch

# TODO: This should really be based on network strategy instead of os_family
net.ipv4.ip_forward:
  sysctl.present:
    - value: 1

{{ environment_file }}:
  file.managed:
    - source: salt://docker/docker-defaults
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - makedirs: true

# Docker is on the ContainerVM image by default. The following
# variables are provided for other cloud providers, and for testing and dire circumstances, to allow
# overriding the Docker version that's in a ContainerVM image.
#
# To change:
#
# 1. Find new deb name at:
#    http://apt.dockerproject.org/repo/pool/main/d/docker-engine
# 2. Download based on that:
#    curl -O http://apt.dockerproject.org/repo/pool/main/d/docker-engine/<deb>
# 3. Upload to GCS:
#    gsutil cp <deb> gs://kubernetes-release/docker/<deb>
# 4. Make it world readable:
#    gsutil acl ch -R -g all:R gs://kubernetes-release/docker/<deb>
# 5. Get a hash of the deb:
#    shasum <deb>
# 6. Update override_deb, override_deb_sha1, override_docker_ver with new
#    deb name, new hash and new version

{% set storage_base='https://storage.googleapis.com/kubernetes-release/docker/' %}

{% set override_deb_url='' %}

{% if grains.get('cloud', '') == 'gce'
   and grains.get('os_family', '') == 'Debian'
   and grains.get('oscodename', '') == 'wheezy' -%}
{% set docker_pkg_name='' %}
{% set override_deb='' %}
{% set override_deb_sha1='' %}
{% set override_docker_ver='' %}

# Ubuntu presents as os_family=Debian, osfullname=Ubuntu
{% elif grains.get('cloud', '') == 'aws'
   and grains.get('os_family', '') == 'Debian'
   and grains.get('oscodename', '') == 'trusty' -%}
# TODO: Get from google storage?
{% set docker_pkg_name='docker-engine' %}
{% set override_docker_ver='1.9.1-0~trusty' %}
{% set override_deb='docker-engine_1.9.1-0~trusty_amd64.deb' %}
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~trusty_amd64.deb' %}
{% set override_deb_sha1='ce728172ab29f9fdacfffffe2e2f88a144f23875' %}

{% elif grains.get('cloud', '') == 'aws'
   and grains.get('os_family', '') == 'Debian'
   and grains.get('oscodename', '') == 'vivid' -%}
# TODO: Get from google storage?
{% set docker_pkg_name='docker-engine' %}
{% set override_docker_ver='1.9.1-0~vivid' %}
{% set override_deb='docker-engine_1.9.1-0~vivid_amd64.deb' %}
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~vivid_amd64.deb' %}
{% set override_deb_sha1='81741f6f16630632de53762c5554238d57b3b9cb' %}

{% elif grains.get('cloud', '') == 'aws'
   and grains.get('os_family', '') == 'Debian'
   and grains.get('oscodename', '') == 'wily' -%}
# TODO: Get from google storage?
{% set docker_pkg_name='docker-engine' %}
{% set override_docker_ver='1.9.1-0~wily' %}
{% set override_deb='docker-engine_1.9.1-0~wily_amd64.deb' %}
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~wily_amd64.deb' %}
{% set override_deb_sha1='a505fd49372cf836f5b9ed953053c50b3381dbfd' %}

{% else %}
{% set docker_pkg_name='lxc-docker-1.7.1' %}
{% set override_docker_ver='1.7.1' %}
{% set override_deb='lxc-docker-1.7.1_1.7.1_amd64.deb' %}
{% set override_deb_sha1='81abef31dd2c616883a61f85bfb294d743b1c889' %}
{% endif %}

{% if override_deb_url == '' %}
{% set override_deb_url=storage_base + override_deb %}
{% endif %}

{% if override_docker_ver != '' %}
purge-old-docker-package:
  pkg.removed:
    - pkgs:
      - lxc-docker-1.6.2

/var/cache/docker-install/{{ override_deb }}:
  file.managed:
    - source: {{ override_deb_url }}
    - source_hash: sha1={{ override_deb_sha1 }}
    - user: root
    - group: root
    - mode: 644
    - makedirs: true

# Drop the license file into /usr/share so that everything is crystal clear.
/usr/share/doc/docker/apache.txt:
  file.managed:
    - source: {{ storage_base }}apache2.txt
    - source_hash: sha1=2b8b815229aa8a61e483fb4ba0588b8b6c491890
    - user: root
    - group: root
    - mode: 644
    - makedirs: true

docker-upgrade:
  pkg.installed:
    - sources:
      - {{ docker_pkg_name }}: /var/cache/docker-install/{{ override_deb }}
    - require:
      - file: /var/cache/docker-install/{{ override_deb }}
{% endif %} # end override_docker_ver != ''

# Default docker systemd unit file doesn't use an EnvironmentFile; replace it with one that does.
{% if pillar.get('is_systemd') %}

{{ pillar.get('systemd_system_path') }}/docker.service:
  file.managed:
    - source: salt://docker/docker.service
    - template: jinja
    - user: root
    - group: root
    - mode: 644
    - defaults:
        environment_file: {{ environment_file }}

# The docker service.running block below doesn't work reliably
# Instead we run our script which e.g. does a systemd daemon-reload
# But we keep the service block below, so it can be used by dependencies
# TODO: Fix this
fix-service-docker:
  cmd.wait:
    - name: /opt/kubernetes/helpers/services bounce docker
    - watch:
      - file: {{ pillar.get('systemd_system_path') }}/docker.service
      - file: {{ environment_file }}
{% if override_docker_ver != '' %}
    - require:
      - pkg: docker-upgrade
{% endif %}

{% endif %}

docker:
  service.running:
# Starting Docker is racy on aws for some reason.  To be honest, since Monit
# is managing Docker restart we should probably just delete this whole thing
# but the kubernetes components use salt 'require' to set up a dag, and that
# complicated and scary to unwind.
{% if grains.cloud is defined and grains.cloud == 'aws' %}
    - enable: False
{% else %}
    - enable: True
{% endif %}
    - watch:
      - file: {{ environment_file }}
{% if override_docker_ver != '' %}
      - pkg: docker-upgrade
{% endif %}
{% if pillar.get('is_systemd') %}
      - file: {{ pillar.get('systemd_system_path') }}/docker.service
{% endif %}
{% if override_docker_ver != '' %}
    - require:
      - pkg: docker-upgrade
{% endif %}
{% endif %} # end grains.os_family != 'RedHat'
Salt: support systemd (don't assume Redhat <=> systemd) Also work around problems with Salt & systemd services, in particular that Salt doesn't issue a daemon-reload. 2015-06-29 18:17:17 +00:00			`{% if pillar.get('is_systemd') %}`
vsphere support 2016-01-13 21:29:16 +00:00			`{% set environment_file = '/etc/sysconfig/docker' %}`
Initial vagrant setup and e2e testing support 2014-07-14 17:50:04 +00:00			`{% else %}`
vsphere support 2016-01-13 21:29:16 +00:00			`{% set environment_file = '/etc/default/docker' %}`
Initial vagrant setup and e2e testing support 2014-07-14 17:50:04 +00:00			`{% endif %}`

add ip per pod across vagrant minions 2014-08-07 20:02:52 +00:00			`bridge-utils:`
			`pkg.installed`

Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`{% if grains.os_family == 'RedHat' %}`
Upgrade to Fedora 21, Docker 1.6, clean-up SDN 2015-06-02 01:19:38 +00:00
			`{{ environment_file }}:`
			`file.managed:`
			`- source: salt://docker/default`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: true`

Add CentOS support 2016-02-05 10:45:59 +00:00			`{% if (grains.os == 'Fedora' and grains.osrelease_info[0] >= 22) or (grains.os == 'CentOS' and grains.osrelease_info[0] >= 7) %}`
Install 'docker' package for Fedora 22 Fedora < 22 provides docker via the 'docker-io' package, but this package was renamed to 'docker' as of Fedora 22. Though the docker package can be installed manually with 'dnf install docker-io' on F22, Salt requires the explicit package name or deployment will fail. 2015-07-01 04:36:33 +00:00
			`docker:`
			`pkg:`
			`- installed`
			`service.running:`
			`- enable: True`
			`- require:`
			`- pkg: docker`
			`- watch:`
			`- file: {{ environment_file }}`
			`- pkg: docker`

			`{% else %}`

			`docker-io:`
			`pkg:`
			`- installed`

Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`docker:`
			`service.running:`
			`- enable: True`
First commit 2014-06-06 23:40:48 +00:00			`- require:`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`- pkg: docker-io`
Upgrade to Fedora 21, Docker 1.6, clean-up SDN 2015-06-02 01:19:38 +00:00			`- watch:`
			`- file: {{ environment_file }}`
			`- pkg: docker-io`
First commit 2014-06-06 23:40:48 +00:00
Install 'docker' package for Fedora 22 Fedora < 22 provides docker via the 'docker-io' package, but this package was renamed to 'docker' as of Fedora 22. Though the docker package can be installed manually with 'dnf install docker-io' on F22, Salt requires the explicit package name or deployment will fail. 2015-07-01 04:36:33 +00:00			`{% endif %}`
vsphere support 2016-01-13 21:29:16 +00:00			`{% elif grains.cloud is defined and grains.cloud == 'vsphere' and grains.os == 'Debian' and grains.osrelease_info[0] >=8 %}`

			`{% if pillar.get('is_systemd') %}`

			`{{ pillar.get('systemd_system_path') }}/docker.service:`
			`file.managed:`
			`- source: salt://docker/docker.service`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- defaults:`
			`environment_file: {{ environment_file }}`

			`# The docker service.running block below doesn't work reliably`
			`# Instead we run our script which e.g. does a systemd daemon-reload`
			`# But we keep the service block below, so it can be used by dependencies`
			`# TODO: Fix this`
			`fix-service-docker:`
			`cmd.wait:`
			`- name: /opt/kubernetes/helpers/services bounce docker`
			`- watch:`
			`- file: {{ pillar.get('systemd_system_path') }}/docker.service`
			`- file: {{ environment_file }}`
			`{% endif %}`

			`{{ environment_file }}:`
			`file.managed:`
			`- source: salt://docker/docker-defaults`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: true`
			`- require:`
			`- pkg: docker-engine`

			`'apt-key':`
			`cmd.run:`
			`- name: 'apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D'`
			`- unless: 'apt-key finger \| grep "5811 8E89"'`

			`'apt-update':`
			`cmd.wait:`
			`- name: '/usr/bin/apt-get update -y'`
			`- require:`
			`- cmd : 'apt-key'`

			`lxc-docker:`
			`pkg:`
			`- purged`

			`docker-io:`
			`pkg:`
			`- purged`

			`cbr0:`
			`network.managed:`
			`- enabled: True`
			`- type: bridge`
			`- proto: dhcp`
			`- ports: none`
			`- bridge: cbr0`
			`- delay: 0`
			`- bypassfirewall: True`
			`- require_in:`
			`- service: docker`

			`/etc/apt/sources.list.d/docker.list:`
			`file.managed:`
			`- source: salt://docker/docker.list`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- require:`
			`- cmd: 'apt-update'`

			`docker-engine:`
			`pkg:`
			`- installed`
			`- require:`
			`- file: /etc/apt/sources.list.d/docker.list`
			`docker:`
			`service.running:`
			`- enable: True`
			`- require:`
			`- file: {{ environment_file }}`
			`- watch:`
			`- file: {{ environment_file }}`
Install 'docker' package for Fedora 22 Fedora < 22 provides docker via the 'docker-io' package, but this package was renamed to 'docker' as of Fedora 22. Though the docker package can be installed manually with 'dnf install docker-io' on F22, Salt requires the explicit package name or deployment will fail. 2015-07-01 04:36:33 +00:00
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`{% else %}`

			`{% if grains.cloud is defined`
			`and grains.cloud == 'gce' %}`
First commit 2014-06-06 23:40:48 +00:00			`# The default GCE images have ip_forwarding explicitly set to 0.`
			`# Here we take care of commenting that out.`
			`/etc/sysctl.d/11-gce-network-security.conf:`
			`file.replace:`
			`- pattern: '^net.ipv4.ip_forward=0'`
			`- repl: '# net.ipv4.ip_forward=0'`
Deprecated soon: override /etc/init.d/docker file on containervm image, so that we can unblock docker 1.10 validation. 2016-01-29 01:44:23 +00:00
			`/etc/init.d/docker:`
			`file.managed:`
			`- source: salt://docker/docker-init`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 755`
			`- makedirs: true`
Limit GCE specific mods to GCE 2014-10-29 19:39:07 +00:00			`{% endif %}`
First commit 2014-06-06 23:40:48 +00:00
Work around Salt 18089 Directly create /etc/sysctl.d/99-salt.conf 2015-06-26 14:56:36 +00:00			`# Work around Salt #18089: https://github.com/saltstack/salt/issues/18089`
			`/etc/sysctl.d/99-salt.conf:`
			`file.touch`

Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`# TODO: This should really be based on network strategy instead of os_family`
First commit 2014-06-06 23:40:48 +00:00			`net.ipv4.ip_forward:`
			`sysctl.present:`
			`- value: 1`

Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`{{ environment_file }}:`
			`file.managed:`
			`- source: salt://docker/docker-defaults`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: true`
Initial vagrant setup and e2e testing support 2014-07-14 17:50:04 +00:00
Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`# Docker is on the ContainerVM image by default. The following`
			`# variables are provided for other cloud providers, and for testing and dire circumstances, to allow`
			`# overriding the Docker version that's in a ContainerVM image.`
			`#`
			`# To change:`
			`#`
Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`# 1. Find new deb name at:`
			`# http://apt.dockerproject.org/repo/pool/main/d/docker-engine`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`# 2. Download based on that:`
Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`# curl -O http://apt.dockerproject.org/repo/pool/main/d/docker-engine/<deb>`
Load etcd tarball from GCS. Also fix up comment about how to cache docker debs. 2014-11-07 21:43:07 +00:00			`# 3. Upload to GCS:`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`# gsutil cp <deb> gs://kubernetes-release/docker/<deb>`
			`# 4. Make it world readable:`
			`# gsutil acl ch -R -g all:R gs://kubernetes-release/docker/<deb>`
			`# 5. Get a hash of the deb:`
			`# shasum <deb>`
Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`# 6. Update override_deb, override_deb_sha1, override_docker_ver with new`
			`# deb name, new hash and new version`
Initial vagrant setup and e2e testing support 2014-07-14 17:50:04 +00:00
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`{% set storage_base='https://storage.googleapis.com/kubernetes-release/docker/' %}`
Initial vagrant setup and e2e testing support 2014-07-14 17:50:04 +00:00
AWS: Use Docker 1.8.3 on Ubuntu vivid This currently requires downloading from the Docker repository, until we get the packages uploaded to Google Cloud Storage. Issue #19796 2016-01-18 19:12:09 +00:00			`{% set override_deb_url='' %}`

Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`{% if grains.get('cloud', '') == 'gce'`
			`and grains.get('os_family', '') == 'Debian'`
			`and grains.get('oscodename', '') == 'wheezy' -%}`
Revert "Upgrade gce cluster to docker 1.9.1" This reverts commit f07070d129fb2feaf50a011e81348afe5b95a938. 2016-02-18 22:28:13 +00:00			`{% set docker_pkg_name='' %}`
			`{% set override_deb='' %}`
			`{% set override_deb_sha1='' %}`
			`{% set override_docker_ver='' %}`
AWS Salt: Update to trusty, vivid, wily to Docker 1.9.1 This updates all of our recognized Ubuntu images to use Docker 1.9.1 2016-02-20 22:23:22 +00:00
AWS: Use Docker 1.8.3 on Ubuntu vivid This currently requires downloading from the Docker repository, until we get the packages uploaded to Google Cloud Storage. Issue #19796 2016-01-18 19:12:09 +00:00			`# Ubuntu presents as os_family=Debian, osfullname=Ubuntu`
AWS Salt: Update to trusty, vivid, wily to Docker 1.9.1 This updates all of our recognized Ubuntu images to use Docker 1.9.1 2016-02-20 22:23:22 +00:00			`{% elif grains.get('cloud', '') == 'aws'`
			`and grains.get('os_family', '') == 'Debian'`
			`and grains.get('oscodename', '') == 'trusty' -%}`
			`# TODO: Get from google storage?`
			`{% set docker_pkg_name='docker-engine' %}`
			`{% set override_docker_ver='1.9.1-0~trusty' %}`
			`{% set override_deb='docker-engine_1.9.1-0~trusty_amd64.deb' %}`
			`{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~trusty_amd64.deb' %}`
			`{% set override_deb_sha1='ce728172ab29f9fdacfffffe2e2f88a144f23875' %}`

AWS: Use Docker 1.8.3 on Ubuntu vivid This currently requires downloading from the Docker repository, until we get the packages uploaded to Google Cloud Storage. Issue #19796 2016-01-18 19:12:09 +00:00			`{% elif grains.get('cloud', '') == 'aws'`
			`and grains.get('os_family', '') == 'Debian'`
			`and grains.get('oscodename', '') == 'vivid' -%}`
			`# TODO: Get from google storage?`
AWS: Fix the docker-engine package name I got the package name wrong before, which meant that salt was failing on invocations after the first (the name apparently doesn't matter on the first invocation). 2016-01-20 16:09:41 +00:00			`{% set docker_pkg_name='docker-engine' %}`
AWS Salt: Update to trusty, vivid, wily to Docker 1.9.1 This updates all of our recognized Ubuntu images to use Docker 1.9.1 2016-02-20 22:23:22 +00:00			`{% set override_docker_ver='1.9.1-0~vivid' %}`
			`{% set override_deb='docker-engine_1.9.1-0~vivid_amd64.deb' %}`
			`{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~vivid_amd64.deb' %}`
			`{% set override_deb_sha1='81741f6f16630632de53762c5554238d57b3b9cb' %}`

AWS kube-up: Add support for wily vivid is technically no longer supported now, so we should support wily. 2016-02-12 18:25:07 +00:00			`{% elif grains.get('cloud', '') == 'aws'`
			`and grains.get('os_family', '') == 'Debian'`
			`and grains.get('oscodename', '') == 'wily' -%}`
			`# TODO: Get from google storage?`
			`{% set docker_pkg_name='docker-engine' %}`
AWS Salt: Update to trusty, vivid, wily to Docker 1.9.1 This updates all of our recognized Ubuntu images to use Docker 1.9.1 2016-02-20 22:23:22 +00:00			`{% set override_docker_ver='1.9.1-0~wily' %}`
			`{% set override_deb='docker-engine_1.9.1-0~wily_amd64.deb' %}`
			`{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~wily_amd64.deb' %}`
			`{% set override_deb_sha1='a505fd49372cf836f5b9ed953053c50b3381dbfd' %}`

Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`{% else %}`
			`{% set docker_pkg_name='lxc-docker-1.7.1' %}`
			`{% set override_docker_ver='1.7.1' %}`
Docker 1.7.1 2015-07-30 20:50:36 +00:00			`{% set override_deb='lxc-docker-1.7.1_1.7.1_amd64.deb' %}`
			`{% set override_deb_sha1='81abef31dd2c616883a61f85bfb294d743b1c889' %}`
Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`{% endif %}`
Restore the logic of disable docker upgrade through salt for gce. Currently it is commented out. 2015-08-11 00:30:11 +00:00
AWS: Use Docker 1.8.3 on Ubuntu vivid This currently requires downloading from the Docker repository, until we get the packages uploaded to Google Cloud Storage. Issue #19796 2016-01-18 19:12:09 +00:00			`{% if override_deb_url == '' %}`
			`{% set override_deb_url=storage_base + override_deb %}`
			`{% endif %}`

Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`{% if override_docker_ver != '' %}`
Restore the logic of disable docker upgrade through salt for gce. Currently it is commented out. 2015-08-11 00:30:11 +00:00			`purge-old-docker-package:`
			`pkg.removed:`
			`- pkgs:`
			`- lxc-docker-1.6.2`

Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`/var/cache/docker-install/{{ override_deb }}:`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`file.managed:`
AWS: Use Docker 1.8.3 on Ubuntu vivid This currently requires downloading from the Docker repository, until we get the packages uploaded to Google Cloud Storage. Issue #19796 2016-01-18 19:12:09 +00:00			`- source: {{ override_deb_url }}`
Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`- source_hash: sha1={{ override_deb_sha1 }}`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: true`
Initial vagrant setup and e2e testing support 2014-07-14 17:50:04 +00:00
Upgrade docker to 1.3.2. 2014-11-25 22:39:49 +00:00			`# Drop the license file into /usr/share so that everything is crystal clear.`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`/usr/share/doc/docker/apache.txt:`
First commit 2014-06-06 23:40:48 +00:00			`file.managed:`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`- source: {{ storage_base }}apache2.txt`
			`- source_hash: sha1=2b8b815229aa8a61e483fb4ba0588b8b6c491890`
First commit 2014-06-06 23:40:48 +00:00			`- user: root`
			`- group: root`
			`- mode: 644`
			`- makedirs: true`

Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`docker-upgrade:`
Get docker deb from GCS. Also lock to 1.3.0 due to issues in 1.3.1 (docker/docker#8889) 2014-10-31 17:22:24 +00:00			`pkg.installed:`
			`- sources:`
Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`- {{ docker_pkg_name }}: /var/cache/docker-install/{{ override_deb }}`
Add explicit dependency of docker pkg on the deb download Salt ordering continues to surprise me. I saw them execute out of order, though I don't know why. Adding an explicit dependency to prevent out-of-order execution. 2015-06-26 14:57:35 +00:00			`- require:`
			`- file: /var/cache/docker-install/{{ override_deb }}`
Don't start Docker by default on AWS 2015-07-08 03:31:48 +00:00			`{% endif %} # end override_docker_ver != ''`
First commit 2014-06-06 23:40:48 +00:00
Salt: support systemd (don't assume Redhat <=> systemd) Also work around problems with Salt & systemd services, in particular that Salt doesn't issue a daemon-reload. 2015-06-29 18:17:17 +00:00			`# Default docker systemd unit file doesn't use an EnvironmentFile; replace it with one that does.`
			`{% if pillar.get('is_systemd') %}`

			`{{ pillar.get('systemd_system_path') }}/docker.service:`
			`file.managed:`
			`- source: salt://docker/docker.service`
			`- template: jinja`
			`- user: root`
			`- group: root`
			`- mode: 644`
			`- defaults:`
			`environment_file: {{ environment_file }}`

			`# The docker service.running block below doesn't work reliably`
			`# Instead we run our script which e.g. does a systemd daemon-reload`
			`# But we keep the service block below, so it can be used by dependencies`
			`# TODO: Fix this`
			`fix-service-docker:`
			`cmd.wait:`
			`- name: /opt/kubernetes/helpers/services bounce docker`
			`- watch:`
			`- file: {{ pillar.get('systemd_system_path') }}/docker.service`
			`- file: {{ environment_file }}`
			`{% if override_docker_ver != '' %}`
			`- require:`
Fix an incorrect reference to the directive that installs docker 2015-12-03 23:06:33 +00:00			`- pkg: docker-upgrade`
Salt: support systemd (don't assume Redhat <=> systemd) Also work around problems with Salt & systemd services, in particular that Salt doesn't issue a daemon-reload. 2015-06-29 18:17:17 +00:00			`{% endif %}`

			`{% endif %}`

Fix docker start after minion reboot on GCE/debian Uncomment docker service state as it should no longer be affected by race bug in docker init.d start script. Also make sure that the docker service state depends on the cbr state. Fixes #802 2014-09-03 16:45:30 +00:00			`docker:`
			`service.running:`
Don't start Docker by default on AWS 2015-07-08 03:31:48 +00:00			`# Starting Docker is racy on aws for some reason. To be honest, since Monit`
			`# is managing Docker restart we should probably just delete this whole thing`
			`# but the kubernetes components use salt 'require' to set up a dag, and that`
			`# complicated and scary to unwind.`
			`{% if grains.cloud is defined and grains.cloud == 'aws' %}`
			`- enable: False`
			`{% else %}`
Fix docker start after minion reboot on GCE/debian Uncomment docker service state as it should no longer be affected by race bug in docker init.d start script. Also make sure that the docker service state depends on the cbr state. Fixes #802 2014-09-03 16:45:30 +00:00			`- enable: True`
Don't start Docker by default on AWS 2015-07-08 03:31:48 +00:00			`{% endif %}`
Fix docker start after minion reboot on GCE/debian Uncomment docker service state as it should no longer be affected by race bug in docker init.d start script. Also make sure that the docker service state depends on the cbr state. Fixes #802 2014-09-03 16:45:30 +00:00			`- watch:`
			`- file: {{ environment_file }}`
Docker 1.7.1 2015-07-30 20:50:36 +00:00			`{% if override_docker_ver != '' %}`
Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`- pkg: docker-upgrade`
Docker 1.7.1 2015-07-30 20:50:36 +00:00			`{% endif %}`
Salt: Add more dependencies to systemd services This may help Salt reload services correctly, although we still need the script until Salt's bug with reloading services on systemd is resolved. Salt bug: https://github.com/saltstack/salt/issues/16778 2015-07-01 10:47:55 +00:00			`{% if pillar.get('is_systemd') %}`
			`- file: {{ pillar.get('systemd_system_path') }}/docker.service`
			`{% endif %}`
Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`{% if override_docker_ver != '' %}`
			`- require:`
Upgrade to docker 1.8.2 for Debian Wheezy on GCE 2015-09-08 18:32:30 +00:00			`- pkg: docker-upgrade`
Use built-in ContainerVM Docker version rather than installing lxc-docker 2015-05-04 21:28:01 +00:00			`{% endif %}`
Don't start Docker by default on AWS 2015-07-08 03:31:48 +00:00			`{% endif %} # end grains.os_family != 'RedHat'`
vsphere support 2016-01-13 21:29:16 +00:00