mirror of https://github.com/k3s-io/k3s
AWS: make it possible to disable minion public ip association
Manfred Geiler
parent
e5b9f7421e
commit
205ed2bf6e
|
|
@ -73,3 +73,7 @@ DNS_REPLICAS=1
|
|||
|
||||
# Admission Controllers to invoke prior to persisting objects in cluster
|
||||
ADMISSION_CONTROL=NamespaceLifecycle,NamespaceAutoProvision,LimitRanger,SecurityContextDeny,ResourceQuota
|
||||
|
||||
# Optional: Enable/disable public IP assignment for minions.
|
||||
# Important Note: disable only if you have setup a NAT instance for internet access and configured appropriate routes!
|
||||
ENABLE_MINION_PUBLIC_IP=${KUBE_ENABLE_MINION_PUBLIC_IP:-true}
|
||||
|
|
|
|||
|
|
@ -82,6 +82,14 @@ function get_instance_public_ip {
|
|||
--query Reservations[].Instances[].NetworkInterfaces[0].Association.PublicIp
|
||||
}
|
||||
|
||||
function get_instance_private_ip {
|
||||
local tagName=$1
|
||||
$AWS_CMD --output text describe-instances \
|
||||
--filters Name=tag:Name,Values=${tagName} \
|
||||
Name=instance-state-name,Values=running \
|
||||
Name=tag:KubernetesCluster,Values=${CLUSTER_ID} \
|
||||
--query Reservations[].Instances[].NetworkInterfaces[0].PrivateIpAddress
|
||||
}
|
||||
|
||||
function detect-master () {
|
||||
KUBE_MASTER=${MASTER_NAME}
|
||||
|
|
@ -98,7 +106,12 @@ function detect-master () {
|
|||
function detect-minions () {
|
||||
KUBE_MINION_IP_ADDRESSES=()
|
||||
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
|
||||
local minion_ip=$(get_instance_public_ip ${MINION_NAMES[$i]})
|
||||
local minion_ip
|
||||
if [[ "ENABLE_MINION_PUBLIC_IP" == "true" ]]; then
|
||||
minion_ip=$(get_instance_public_ip ${MINION_NAMES[$i]})
|
||||
else
|
||||
minion_ip=$(get_instance_private_ip ${MINION_NAMES[$i]})
|
||||
fi
|
||||
echo "Found ${MINION_NAMES[$i]} at ${minion_ip}"
|
||||
KUBE_MINION_IP_ADDRESSES+=("${minion_ip}")
|
||||
done
|
||||
|
|
@ -542,6 +555,14 @@ function kube-up {
|
|||
grep -v "^#" "${KUBE_ROOT}/cluster/aws/templates/format-disks.sh"
|
||||
grep -v "^#" "${KUBE_ROOT}/cluster/aws/templates/salt-minion.sh"
|
||||
) > "${KUBE_TEMP}/minion-start-${i}.sh"
|
||||
|
||||
local public_ip_option
|
||||
if [[ "ENABLE_MINION_PUBLIC_IP" == "true" ]]; then
|
||||
public_ip_option="--associate-public-ip-address"
|
||||
else
|
||||
public_ip_option="--no-associate-public-ip-address"
|
||||
fi
|
||||
|
||||
minion_id=$($AWS_CMD run-instances \
|
||||
--image-id $AWS_IMAGE \
|
||||
--iam-instance-profile Name=$IAM_PROFILE_MINION \
|
||||
|
|
@ -550,7 +571,7 @@ function kube-up {
|
|||
--private-ip-address $INTERNAL_IP_BASE.1${i} \
|
||||
--key-name kubernetes \
|
||||
--security-group-ids $SEC_GROUP_ID \
|
||||
--associate-public-ip-address \
|
||||
${public_ip_option} \
|
||||
--user-data file://${KUBE_TEMP}/minion-start-${i}.sh | json_val '["Instances"][0]["InstanceId"]')
|
||||
|
||||
add-tag $minion_id Name ${MINION_NAMES[$i]}
|
||||
|
|
|
|||
Loading…
Reference in New Issue