diff --git a/cluster/images/nginx/Dockerfile b/cluster/images/nginx/Dockerfile new file mode 100644 index 0000000000..63271bd131 --- /dev/null +++ b/cluster/images/nginx/Dockerfile @@ -0,0 +1,6 @@ +FROM google/debian:wheezy + +COPY backports.list /etc/apt/sources.list.d/backports.list + +RUN apt-get update +RUN apt-get -t wheezy-backports -yy -q install nginx diff --git a/cluster/images/nginx/Makefile b/cluster/images/nginx/Makefile new file mode 100644 index 0000000000..9aca17fc67 --- /dev/null +++ b/cluster/images/nginx/Makefile @@ -0,0 +1,14 @@ +### Nginx image +# This image is used to run nginx on the master. + +# Current 'live' version is v1 +# Please make sure that you update this comment if you build/push new +# versions. +VERSION=v2 + +all: + docker build -t gcr.io/google_containers/nginx:${VERSION} . + gcloud preview docker push gcr.io/google_containers/nginx:${VERSION} + +.PHONY: all + diff --git a/cluster/images/nginx/README.md b/cluster/images/nginx/README.md new file mode 100644 index 0000000000..8dff28767a --- /dev/null +++ b/cluster/images/nginx/README.md @@ -0,0 +1,7 @@ +### Nginx image +This image is used to run nginx on the master. + +#### Instructions +make + + diff --git a/cluster/images/nginx/backports.list b/cluster/images/nginx/backports.list new file mode 100644 index 0000000000..8174be2c91 --- /dev/null +++ b/cluster/images/nginx/backports.list @@ -0,0 +1 @@ +deb http://gce_debian_mirror.storage.googleapis.com wheezy-backports main non-free diff --git a/cluster/saltbase/salt/nginx/init.sls b/cluster/saltbase/salt/nginx/init.sls index 473123c0af..c8e06061ff 100644 --- a/cluster/saltbase/salt/nginx/init.sls +++ b/cluster/saltbase/salt/nginx/init.sls @@ -28,6 +28,30 @@ nginx: - group: root - mode: 644 +{% if grains.cloud in ['gce'] %} +/etc/kubernetes/manifests/nginx.json: + file: + - managed + - source: salt://nginx/nginx.json + - user: root + - group: root + - mode: 644 + - require: + - file: /etc/nginx/nginx.conf + - file: /etc/nginx/sites-enabled/default + - file: /usr/share/nginx/htpasswd + - cmd: kubernetes-cert + + +#stop legacy nginx_service +stop_nginx-service: + service.dead: + - name: nginx + - enable: None + - watch: + - file: /etc/kubernetes/manifests/nginx.json + +{% else %} nginx-service: service: - running @@ -38,3 +62,5 @@ nginx-service: - file: /etc/nginx/sites-enabled/default - file: /usr/share/nginx/htpasswd - cmd: kubernetes-cert +{% endif %} + diff --git a/cluster/saltbase/salt/nginx/nginx.json b/cluster/saltbase/salt/nginx/nginx.json new file mode 100644 index 0000000000..acada758c7 --- /dev/null +++ b/cluster/saltbase/salt/nginx/nginx.json @@ -0,0 +1,55 @@ +{ +"apiVersion": "v1beta3", +"kind": "Pod", +"metadata": {"name":"nginx"}, +"spec":{ +"hostNetwork": true, +"containers":[ + { + "name": "nginx", + "image": "gcr.io/google-containers/nginx:v1", + "command": [ + "nginx", + "-g", + "daemon off;" + ], + "ports":[ + { "name": "https", + "containerPort": 443, + "hostPort": 443} + ], + "volumeMounts": [ + { "name": "nginx", + "mountPath": "/etc/nginx", + "readOnly": true}, + { "name": "k8s", + "mountPath": "/srv/kubernetes", + "readOnly": true}, + { "name": "logs", + "mountPath": "/var/log/nginx", + "readOnly": false}, + { "name": "passwd", + "mountPath": "/usr/share/nginx", + "readOnly": true} + ] + } +], +"volumes":[ + { "name": "nginx", + "hostPath": { + "path": "/etc/nginx"} + }, + { "name": "k8s", + "hostPath": { + "path": "/srv/kubernetes"} + }, + { "name": "passwd", + "hostPath": { + "path": "/usr/share/nginx"} + }, + { "name": "logs", + "hostPath": { + "path": "/var/logs/nginx"} + } +] +}}