diff --git a/cluster/centos/.gitignore b/cluster/centos/.gitignore deleted file mode 100644 index 8452b51087..0000000000 --- a/cluster/centos/.gitignore +++ /dev/null @@ -1,14 +0,0 @@ -binaries -ca-cert -etcd-cert - -master/bin/etcd -master/bin/etcdctl -master/bin/kube* - -node/bin/docker -node/bin/etcd -node/bin/etcdctl -node/bin/flanneld -node/bin/kube* -local-test.sh diff --git a/cluster/centos/OWNERS b/cluster/centos/OWNERS deleted file mode 100644 index 3a91eff141..0000000000 --- a/cluster/centos/OWNERS +++ /dev/null @@ -1,4 +0,0 @@ -# See the OWNERS docs at https://go.k8s.io/owners - -reviewers: - - zouyee diff --git a/cluster/centos/build.sh b/cluster/centos/build.sh deleted file mode 100755 index 1f8c0795df..0000000000 --- a/cluster/centos/build.sh +++ /dev/null @@ -1,137 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2015 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Download the flannel, etcd, docker, bridge-utils and K8s binaries automatically -# and store into binaries directory. -# Run as sudoers only - -# author @kevin-wangzefeng - -set -o errexit -set -o nounset -set -o pipefail - -readonly ROOT=$(dirname "${BASH_SOURCE[0]}") -source "${ROOT}/config-build.sh" - -# ensure $RELEASES_DIR is an absolute file path -mkdir -p "${RELEASES_DIR}" -RELEASES_DIR=$(cd "${RELEASES_DIR}"; pwd) - -# get absolute file path of binaries -BINARY_DIR=$(cd "${ROOT}"; pwd)/binaries - -function clean-up() { - rm -rf "${RELEASES_DIR}" - rm -rf "${BINARY_DIR}" -} - -function download-releases() { - rm -rf "${RELEASES_DIR}" - mkdir -p "${RELEASES_DIR}" - - echo "Download flannel release v${FLANNEL_VERSION} ..." - curl -L "${FLANNEL_DOWNLOAD_URL}" -o "${RELEASES_DIR}/flannel.tar.gz" - - echo "Download etcd release v${ETCD_VERSION} ..." - curl -L "${ETCD_DOWNLOAD_URL}" -o "${RELEASES_DIR}/etcd.tar.gz" - - echo "Download kubernetes release v${K8S_VERSION} ..." - curl -L "${K8S_CLIENT_DOWNLOAD_URL}" -o "${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz" - curl -L "${K8S_SERVER_DOWNLOAD_URL}" -o "${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz" - - echo "Download docker release v${DOCKER_VERSION} ..." - curl -L "${DOCKER_DOWNLOAD_URL}" -o "${RELEASES_DIR}/docker.tar.gz" -} - -function unpack-releases() { - rm -rf "${BINARY_DIR}" - mkdir -p "${BINARY_DIR}/master/bin" - mkdir -p "${BINARY_DIR}/node/bin" - - # flannel - if [[ -f "${RELEASES_DIR}/flannel.tar.gz" ]] ; then - tar xzf "${RELEASES_DIR}/flannel.tar.gz" -C "${RELEASES_DIR}" - cp "${RELEASES_DIR}/flanneld" "${BINARY_DIR}/master/bin" - cp "${RELEASES_DIR}/flanneld" "${BINARY_DIR}/node/bin" - fi - - # etcd - if [[ -f "${RELEASES_DIR}/etcd.tar.gz" ]] ; then - tar xzf "${RELEASES_DIR}/etcd.tar.gz" -C "${RELEASES_DIR}" - ETCD="etcd-v${ETCD_VERSION}-linux-amd64" - cp "${RELEASES_DIR}/${ETCD}/etcd" \ - "${RELEASES_DIR}/${ETCD}/etcdctl" "${BINARY_DIR}/master/bin" - cp "${RELEASES_DIR}/${ETCD}/etcd" \ - "${RELEASES_DIR}/${ETCD}/etcdctl" "${BINARY_DIR}/node/bin" - fi - - # k8s - if [[ -f "${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz" ]] ; then - tar xzf "${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz" -C "${RELEASES_DIR}" - cp "${RELEASES_DIR}/kubernetes/client/bin/kubectl" "${BINARY_DIR}" - fi - - if [[ -f "${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz" ]] ; then - tar xzf "${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz" -C "${RELEASES_DIR}" - cp "${RELEASES_DIR}/kubernetes/server/bin/kube-apiserver" \ - "${RELEASES_DIR}/kubernetes/server/bin/kube-controller-manager" \ - "${RELEASES_DIR}/kubernetes/server/bin/kube-scheduler" "${BINARY_DIR}/master/bin" - cp "${RELEASES_DIR}/kubernetes/server/bin/kubelet" \ - "${RELEASES_DIR}/kubernetes/server/bin/kube-proxy" "${BINARY_DIR}/node/bin" - fi - - # docker - if [[ -f "${RELEASES_DIR}/docker.tar.gz" ]]; then - tar xzf "${RELEASES_DIR}/docker.tar.gz" -C "${RELEASES_DIR}" - - cp "${RELEASES_DIR}/docker/docker*" "${BINARY_DIR}/node/bin" - fi - - chmod -R +x "${BINARY_DIR}" - echo "Done! All binaries are stored in ${BINARY_DIR}" -} - -function parse-opt() { - local opt=${1-} - - case $opt in - download) - download-releases - ;; - unpack) - unpack-releases - ;; - clean) - clean-up - ;; - all) - download-releases - unpack-releases - ;; - *) - echo "Usage: " - echo " build.sh " - echo "Commands:" - echo " clean Clean up downloaded releases and unpacked binaries." - echo " download Download releases to \"${RELEASES_DIR}\"." - echo " unpack Unpack releases downloaded in \"${RELEASES_DIR}\", and copy binaries to \"${BINARY_DIR}\"." - echo " all Download releases and unpack them." - ;; - esac -} - -parse-opt "${@}" diff --git a/cluster/centos/config-build.sh b/cluster/centos/config-build.sh deleted file mode 100755 index 9ed75ae797..0000000000 --- a/cluster/centos/config-build.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2015 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## Contains configuration values for the Binaries downloading and unpacking. - -# Directory to store release packages that will be downloaded. -RELEASES_DIR=${RELEASES_DIR:-/tmp/downloads} - -# Define docker version to use. -DOCKER_VERSION=${DOCKER_VERSION:-"1.12.1"} - -# Define flannel version to use. -FLANNEL_VERSION=${FLANNEL_VERSION:-"0.6.1"} - -# Define etcd version to use. -ETCD_VERSION=${ETCD_VERSION:-"3.0.9"} - -# Define k8s version to use. -K8S_VERSION=${K8S_VERSION:-"1.3.7"} - -# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell -DOCKER_DOWNLOAD_URL=\ -"https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}.tgz" - -# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell -FLANNEL_DOWNLOAD_URL=\ -"https://github.com/coreos/flannel/releases/download/v${FLANNEL_VERSION}/flannel-v${FLANNEL_VERSION}-linux-amd64.tar.gz" - -# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell -ETCD_DOWNLOAD_URL=\ -"https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-amd64.tar.gz" - -# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell -K8S_CLIENT_DOWNLOAD_URL=\ -"https://dl.k8s.io/v${K8S_VERSION}/kubernetes-client-linux-amd64.tar.gz" - -# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell -K8S_SERVER_DOWNLOAD_URL=\ -"https://dl.k8s.io/v${K8S_VERSION}/kubernetes-server-linux-amd64.tar.gz" diff --git a/cluster/centos/config-default.sh b/cluster/centos/config-default.sh deleted file mode 100755 index a08ff2fed9..0000000000 --- a/cluster/centos/config-default.sh +++ /dev/null @@ -1,143 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2015 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -readonly root=$(dirname "${BASH_SOURCE[0]}") - -## Contains configuration values for the CentOS cluster -# The user should have sudo privilege -export MASTER=${MASTER:-"centos@172.10.0.11"} -export MASTER_IP=${MASTER#*@} - -# Define all your master nodes, -# And separated with blank space like . -# The user should have sudo privilege -export MASTERS="${MASTERS:-$MASTER}" - -# length-of -# Get the length of specific arg0, could be a space-separate string or array. -function length-of() { - local len=0 - # shellcheck disable=SC2034 # Unused variables left for readability - for part in $1; do - ((++len)) - done - echo $len -} -# Number of nodes in your cluster. -export NUM_MASTERS="${NUM_MASTERS:-$(length-of "$MASTERS")}" - -# Get default master advertise address: first master node. -function default-advertise-address() { - # get the first master node - local masters_array=("${MASTERS}") - local master=${masters_array[0]} - echo "${master#*@}" -} - -# Define advertise address of masters, could be a load balancer address. -# If not provided, the default is ip of first master node. -export MASTER_ADVERTISE_ADDRESS="${MASTER_ADVERTISE_ADDRESS:-$(default-advertise-address)}" -export MASTER_ADVERTISE_IP="${MASTER_ADVERTISE_IP:-$(getent hosts "${MASTER_ADVERTISE_ADDRESS}" | awk '{print $1; exit}')}" - -# Define all your minion nodes, -# And separated with blank space like . -# The user should have sudo privilege -export NODES="${NODES:-"centos@172.10.0.12 centos@172.10.0.13"}" - -# Number of nodes in your cluster. -export NUM_NODES="${NUM_NODES:-$(length-of "$NODES")}" - -# Should be removed when NUM_NODES is deprecated in validate-cluster.sh -export NUM_NODES="${NUM_NODES}" - -# By default, the cluster will use the etcd installed on master. -function concat-etcd-servers() { - local etcd_servers="" - for master in ${MASTERS}; do - local master_ip=${master#*@} - local prefix="" - if [ -n "$etcd_servers" ]; then - prefix="${etcd_servers}," - fi - etcd_servers="${prefix}https://${master_ip}:2379" - done - - echo "$etcd_servers" -} -ETCD_SERVERS="$(concat-etcd-servers)" -export ETCD_SERVERS - -# By default, etcd cluster will use runtime configuration -# https://coreos.com/etcd/docs/latest/v2/runtime-configuration.html -# Get etc initial cluster and store in ETCD_INITIAL_CLUSTER -function concat-etcd-initial-cluster() { - local etcd_initial_cluster="" - local num_infra=0 - for master in ${MASTERS}; do - local master_ip="${master#*@}" - if [ -n "$etcd_initial_cluster" ]; then - etcd_initial_cluster+="," - fi - etcd_initial_cluster+="infra${num_infra}=https://${master_ip}:2380" - ((++num_infra)) - done - - echo "$etcd_initial_cluster" -} -ETCD_INITIAL_CLUSTER="$(concat-etcd-initial-cluster)" -export ETCD_INITIAL_CLUSTER - -CERT_DIR="${CERT_DIR:-${root}/ca-cert}" -mkdir -p "${CERT_DIR}" -# CERT_DIR path must be absolute. -CERT_DIR="$(cd "${CERT_DIR}" && pwd)" -export CERT_DIR - -# define the IP range used for service cluster IPs. -# according to rfc 1918 ref: https://tools.ietf.org/html/rfc1918 choose a private ip range here. -export SERVICE_CLUSTER_IP_RANGE=${SERVICE_CLUSTER_IP_RANGE:-"192.168.3.0/24"} - -# Optional: Install cluster DNS. -ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" -export ENABLE_CLUSTER_DNS -# DNS_SERVER_IP must be a IP in SERVICE_CLUSTER_IP_RANGE -DNS_SERVER_IP=${DNS_SERVER_IP:-"192.168.3.100"} -DNS_DOMAIN=${DNS_DOMAIN:-"cluster.local"} - -# Optional: Install Kubernetes UI -ENABLE_CLUSTER_UI="${KUBE_ENABLE_CLUSTER_UI:-true}" -export ENABLE_CLUSTER_UI - -# define the IP range used for flannel overlay network, should not conflict with above SERVICE_CLUSTER_IP_RANGE -export FLANNEL_NET=${FLANNEL_NET:-"172.16.0.0/16"} - -# Admission Controllers to invoke prior to persisting objects in cluster. -# MutatingAdmissionWebhook should be the last controller that modifies the -# request object, otherwise users will be confused if the mutating webhooks' -# modification is overwritten. -# If we included ResourceQuota, we should keep it at the end of the list to -# prevent incrementing quota usage prematurely. -export ADMISSION_CONTROL=${ADMISSION_CONTROL:-"NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeClaimResize,DefaultTolerationSeconds,Priority,StorageObjectInUseProtection,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota"} - -# Extra options to set on the Docker command line. -# This is useful for setting --insecure-registry for local registries. -export DOCKER_OPTS=${DOCKER_OPTS:-""} - - -# Timeouts for process checking on master and minion -export PROCESS_CHECK_TIMEOUT=${PROCESS_CHECK_TIMEOUT:-180} # seconds. - -unset -f default-advertise-address concat-etcd-servers length-of concat-etcd-initial-cluster diff --git a/cluster/centos/config-test.sh b/cluster/centos/config-test.sh deleted file mode 100644 index 45dd75c0da..0000000000 --- a/cluster/centos/config-test.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## for CentOS/Fedora/RHEL cluster in test mode -KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -source "${KUBE_ROOT}/cluster/centos/config-default.sh" diff --git a/cluster/centos/deployAddons.sh b/cluster/centos/deployAddons.sh deleted file mode 100755 index fce75750f1..0000000000 --- a/cluster/centos/deployAddons.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2015 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# deploy the add-on services after the cluster is available - -set -e - -KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -source "${KUBE_ROOT}/cluster/centos/config-default.sh" -KUBECTL="${KUBE_ROOT}/cluster/kubectl.sh" -export KUBECTL_PATH="${KUBE_ROOT}/cluster/centos/binaries/kubectl" -export KUBE_CONFIG_FILE=${KUBE_CONFIG_FILE:-${KUBE_ROOT}/cluster/centos/config-default.sh} - -function deploy_dns { - echo "Deploying DNS on Kubernetes" - cp "${KUBE_ROOT}/cluster/addons/dns/kube-dns/kube-dns.yaml.sed" kube-dns.yaml - sed -i -e "s/\\\$DNS_DOMAIN/${DNS_DOMAIN}/g" kube-dns.yaml - sed -i -e "s/\\\$DNS_SERVER_IP/${DNS_SERVER_IP}/g" kube-dns.yaml - - KUBEDNS=$("${KUBECTL} get services --namespace=kube-system | grep kube-dns | cat") - - if [ ! "$KUBEDNS" ]; then - # use kubectl to create kube-dns addon - ${KUBECTL} --namespace=kube-system create -f kube-dns.yaml - - echo "Kube-dns addon is successfully deployed." - else - echo "Kube-dns addon is already deployed. Skipping." - fi - - echo -} - -function deploy_dashboard { - echo "Deploying Kubernetes Dashboard" - - ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-secret.yaml" - ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-configmap.yaml" - ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-rbac.yaml" - ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-controller.yaml" - ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-service.yaml" - - echo -} - - -if [ "${ENABLE_CLUSTER_DNS}" == true ]; then - deploy_dns -fi - -if [ "${ENABLE_CLUSTER_UI}" == true ]; then - deploy_dashboard -fi diff --git a/cluster/centos/make-ca-cert.sh b/cluster/centos/make-ca-cert.sh deleted file mode 100755 index 8206e45f63..0000000000 --- a/cluster/centos/make-ca-cert.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -o errexit -set -o nounset -set -o pipefail - -DEBUG="${DEBUG:-false}" - -if [ "${DEBUG}" == "true" ]; then - set -x -fi - -cert_ip=$1 -extra_sans=${2:-} -cert_dir=${CERT_DIR:-/srv/kubernetes} -cert_group=${CERT_GROUP:-kube-cert} - -mkdir -p "$cert_dir" - -use_cn=false - -sans="IP:${cert_ip}" -if [[ -n "${extra_sans}" ]]; then - sans="${sans},${extra_sans}" -fi - -tmpdir=$(mktemp -d -t kubernetes_cacert.XXXXXX) -trap 'rm -rf "${tmpdir}"' EXIT -cd "${tmpdir}" - -# TODO: For now, this is a patched tool that makes subject-alt-name work, when -# the fix is upstream move back to the upstream easyrsa. This is cached in GCS -# but is originally taken from: -# https://github.com/brendandburns/easy-rsa/archive/master.tar.gz -# -# To update, do the following: -# curl -o easy-rsa.tar.gz https://github.com/brendandburns/easy-rsa/archive/master.tar.gz -# gsutil cp easy-rsa.tar.gz gs://kubernetes-release/easy-rsa/easy-rsa.tar.gz -# gsutil acl ch -R -g all:R gs://kubernetes-release/easy-rsa/easy-rsa.tar.gz -# -# Due to GCS caching of public objects, it may take time for this to be widely -# distributed. -# -# Use ~/kube/easy-rsa.tar.gz if it exists, so that it can be -# pre-pushed in cases where an outgoing connection is not allowed. -if [ -f ~/kube/easy-rsa.tar.gz ]; then - ln -s ~/kube/easy-rsa.tar.gz . -else - curl -L -O https://storage.googleapis.com/kubernetes-release/easy-rsa/easy-rsa.tar.gz > /dev/null 2>&1 -fi -tar xzf easy-rsa.tar.gz > /dev/null 2>&1 - -cd easy-rsa-master/easyrsa3 -./easyrsa init-pki > /dev/null 2>&1 -./easyrsa --batch "--req-cn=${cert_ip}@$(date +%s)" build-ca nopass > /dev/null 2>&1 -if [ $use_cn = "true" ]; then - ./easyrsa build-server-full "${cert_ip}" nopass > /dev/null 2>&1 - cp -p "pki/issued/${cert_ip}.crt" "${cert_dir}/server.cert" > /dev/null 2>&1 - cp -p "pki/private/${cert_ip}.key" "${cert_dir}/server.key" > /dev/null 2>&1 -else - ./easyrsa --subject-alt-name="${sans}" build-server-full kubernetes-master nopass > /dev/null 2>&1 - cp -p pki/issued/kubernetes-master.crt "${cert_dir}/server.cert" > /dev/null 2>&1 - cp -p pki/private/kubernetes-master.key "${cert_dir}/server.key" > /dev/null 2>&1 -fi -# Make a superuser client cert with subject "O=system:masters, CN=kubecfg" -./easyrsa --dn-mode=org \ - --req-cn=kubecfg --req-org=system:masters \ - --req-c= --req-st= --req-city= --req-email= --req-ou= \ - build-client-full kubecfg nopass > /dev/null 2>&1 -cp -p pki/ca.crt "${cert_dir}/ca.crt" -cp -p pki/issued/kubecfg.crt "${cert_dir}/kubecfg.crt" -cp -p pki/private/kubecfg.key "${cert_dir}/kubecfg.key" -# Make server certs accessible to apiserver. -chgrp "${cert_group}" "${cert_dir}/server.key" "${cert_dir}/server.cert" "${cert_dir}/ca.crt" -chmod 660 "${cert_dir}/server.key" "${cert_dir}/server.cert" "${cert_dir}/ca.crt" diff --git a/cluster/centos/master/scripts/apiserver.sh b/cluster/centos/master/scripts/apiserver.sh deleted file mode 100755 index be62549ce4..0000000000 --- a/cluster/centos/master/scripts/apiserver.sh +++ /dev/null @@ -1,122 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -MASTER_ADDRESS=${1:-"8.8.8.18"} -ETCD_SERVERS=${2:-"https://8.8.8.18:2379"} -SERVICE_CLUSTER_IP_RANGE=${3:-"10.10.10.0/24"} -ADMISSION_CONTROL=${4:-""} - -cat </opt/kubernetes/cfg/kube-apiserver -# --logtostderr=true: log to standard error instead of files -KUBE_LOGTOSTDERR="--logtostderr=true" - -# --v=0: log level for V logs -KUBE_LOG_LEVEL="--v=4" - -# --etcd-servers=[]: List of etcd servers to watch (http://ip:port), -# comma separated. Mutually exclusive with -etcd-config -KUBE_ETCD_SERVERS="--etcd-servers=${ETCD_SERVERS}" - -# --etcd-cafile="": SSL Certificate Authority file used to secure etcd communication. -KUBE_ETCD_CAFILE="--etcd-cafile=/srv/kubernetes/etcd/ca.pem" - -# --etcd-certfile="": SSL certification file used to secure etcd communication. -KUBE_ETCD_CERTFILE="--etcd-certfile=/srv/kubernetes/etcd/client.pem" - -# --etcd-keyfile="": key file used to secure etcd communication. -KUBE_ETCD_KEYFILE="--etcd-keyfile=/srv/kubernetes/etcd/client-key.pem" - -# --insecure-bind-address=127.0.0.1: The IP address on which to serve the --insecure-port. -KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0" - -# --insecure-port=8080: The port on which to serve unsecured, unauthenticated access. -KUBE_API_PORT="--insecure-port=8080" - -# --kubelet-port=10250: Kubelet port -NODE_PORT="--kubelet-port=10250" - -# --advertise-address=: The IP address on which to advertise -# the apiserver to members of the cluster. -KUBE_ADVERTISE_ADDR="--advertise-address=${MASTER_ADDRESS}" - -# --allow-privileged=false: If true, allow privileged containers. -KUBE_ALLOW_PRIV="--allow-privileged=false" - -# --service-cluster-ip-range=: A CIDR notation IP range from which to assign service cluster IPs. -# This must not overlap with any IP ranges assigned to nodes for pods. -KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=${SERVICE_CLUSTER_IP_RANGE}" - -# --admission-control="AlwaysAdmit": Ordered list of plug-ins -# to do admission control of resources into cluster. -# Comma-delimited list of: -# LimitRanger, AlwaysDeny, SecurityContextDeny, NamespaceExists, -# NamespaceLifecycle, NamespaceAutoProvision, AlwaysAdmit, -# ServiceAccount, DefaultStorageClass, DefaultTolerationSeconds, ResourceQuota -# Mark Deprecated. Use --enable-admission-plugins or --disable-admission-plugins instead since v1.10. -# It will be removed in a future version. -KUBE_ADMISSION_CONTROL="--admission-control=${ADMISSION_CONTROL}" - -# --client-ca-file="": If set, any request presenting a client certificate signed -# by one of the authorities in the client-ca-file is authenticated with an identity -# corresponding to the CommonName of the client certificate. -KUBE_API_CLIENT_CA_FILE="--client-ca-file=/srv/kubernetes/ca.crt" - -# --tls-cert-file="": File containing x509 Certificate for HTTPS. (CA cert, if any, -# concatenated after server cert). If HTTPS serving is enabled, and --tls-cert-file -# and --tls-private-key-file are not provided, a self-signed certificate and key are -# generated for the public address and saved to /var/run/kubernetes. -KUBE_API_TLS_CERT_FILE="--tls-cert-file=/srv/kubernetes/server.cert" - -# --tls-private-key-file="": File containing x509 private key matching --tls-cert-file. -KUBE_API_TLS_PRIVATE_KEY_FILE="--tls-private-key-file=/srv/kubernetes/server.key" -EOF - -KUBE_APISERVER_OPTS=" \${KUBE_LOGTOSTDERR} \\ - \${KUBE_LOG_LEVEL} \\ - \${KUBE_ETCD_SERVERS} \\ - \${KUBE_ETCD_CAFILE} \\ - \${KUBE_ETCD_CERTFILE} \\ - \${KUBE_ETCD_KEYFILE} \\ - \${KUBE_API_ADDRESS} \\ - \${KUBE_API_PORT} \\ - \${NODE_PORT} \\ - \${KUBE_ADVERTISE_ADDR} \\ - \${KUBE_ALLOW_PRIV} \\ - \${KUBE_SERVICE_ADDRESSES} \\ - \${KUBE_ADMISSION_CONTROL} \\ - \${KUBE_API_CLIENT_CA_FILE} \\ - \${KUBE_API_TLS_CERT_FILE} \\ - \${KUBE_API_TLS_PRIVATE_KEY_FILE}" - - -cat </usr/lib/systemd/system/kube-apiserver.service -[Unit] -Description=Kubernetes API Server -Documentation=https://github.com/kubernetes/kubernetes - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/kube-apiserver -ExecStart=/opt/kubernetes/bin/kube-apiserver ${KUBE_APISERVER_OPTS} -Restart=on-failure - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable kube-apiserver -systemctl restart kube-apiserver diff --git a/cluster/centos/master/scripts/controller-manager.sh b/cluster/centos/master/scripts/controller-manager.sh deleted file mode 100755 index 684825a3e4..0000000000 --- a/cluster/centos/master/scripts/controller-manager.sh +++ /dev/null @@ -1,61 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -MASTER_ADDRESS=${1:-"8.8.8.18"} - -cat </opt/kubernetes/cfg/kube-controller-manager -KUBE_LOGTOSTDERR="--logtostderr=true" -KUBE_LOG_LEVEL="--v=4" -KUBE_MASTER="--master=${MASTER_ADDRESS}:8080" - -# --root-ca-file="": If set, this root certificate authority will be included in -# service account's token secret. This must be a valid PEM-encoded CA bundle. -KUBE_CONTROLLER_MANAGER_ROOT_CA_FILE="--root-ca-file=/srv/kubernetes/ca.crt" - -# --service-account-private-key-file="": Filename containing a PEM-encoded private -# RSA key used to sign service account tokens. -KUBE_CONTROLLER_MANAGER_SERVICE_ACCOUNT_PRIVATE_KEY_FILE="--service-account-private-key-file=/srv/kubernetes/server.key" - -# --leader-elect: Start a leader election client and gain leadership before -# executing the main loop. Enable this when running replicated components for high availability. -KUBE_LEADER_ELECT="--leader-elect" -EOF - -KUBE_CONTROLLER_MANAGER_OPTS=" \${KUBE_LOGTOSTDERR} \\ - \${KUBE_LOG_LEVEL} \\ - \${KUBE_MASTER} \\ - \${KUBE_CONTROLLER_MANAGER_ROOT_CA_FILE} \\ - \${KUBE_CONTROLLER_MANAGER_SERVICE_ACCOUNT_PRIVATE_KEY_FILE}\\ - \${KUBE_LEADER_ELECT}" - -cat </usr/lib/systemd/system/kube-controller-manager.service -[Unit] -Description=Kubernetes Controller Manager -Documentation=https://github.com/kubernetes/kubernetes - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/kube-controller-manager -ExecStart=/opt/kubernetes/bin/kube-controller-manager ${KUBE_CONTROLLER_MANAGER_OPTS} -Restart=on-failure - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable kube-controller-manager -systemctl restart kube-controller-manager diff --git a/cluster/centos/master/scripts/etcd.sh b/cluster/centos/master/scripts/etcd.sh deleted file mode 100755 index aa73b57b49..0000000000 --- a/cluster/centos/master/scripts/etcd.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## Create etcd.conf, etcd.service, and start etcd service. - - -etcd_data_dir=/var/lib/etcd -mkdir -p ${etcd_data_dir} - -ETCD_NAME=${1:-"default"} -ETCD_LISTEN_IP=${2:-"0.0.0.0"} -ETCD_INITIAL_CLUSTER=${3:-} - -cat </opt/kubernetes/cfg/etcd.conf -# [member] -ETCD_NAME="${ETCD_NAME}" -ETCD_DATA_DIR="${etcd_data_dir}/default.etcd" -#ETCD_SNAPSHOT_COUNTER="10000" -#ETCD_HEARTBEAT_INTERVAL="100" -#ETCD_ELECTION_TIMEOUT="1000" -ETCD_LISTEN_PEER_URLS="https://${ETCD_LISTEN_IP}:2380" -ETCD_LISTEN_CLIENT_URLS="https://${ETCD_LISTEN_IP}:2379,https://127.0.0.1:2379" -#ETCD_MAX_SNAPSHOTS="5" -#ETCD_MAX_WALS="5" -#ETCD_CORS="" -# -#[cluster] -ETCD_INITIAL_ADVERTISE_PEER_URLS="https://${ETCD_LISTEN_IP}:2380" -# if you use different ETCD_NAME (e.g. test), -# set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..." -ETCD_INITIAL_CLUSTER="${ETCD_INITIAL_CLUSTER}" -ETCD_INITIAL_CLUSTER_STATE="new" -ETCD_INITIAL_CLUSTER_TOKEN="k8s-etcd-cluster" -ETCD_ADVERTISE_CLIENT_URLS="https://${ETCD_LISTEN_IP}:2379" -#ETCD_DISCOVERY="" -#ETCD_DISCOVERY_SRV="" -#ETCD_DISCOVERY_FALLBACK="proxy" -#ETCD_DISCOVERY_PROXY="" -# -#[proxy] -#ETCD_PROXY="off" -# -#[security] -CLIENT_CERT_AUTH="true" -ETCD_CA_FILE="/srv/kubernetes/etcd/ca.pem" -ETCD_CERT_FILE="/srv/kubernetes/etcd/server-${ETCD_NAME}.pem" -ETCD_KEY_FILE="/srv/kubernetes/etcd/server-${ETCD_NAME}-key.pem" -PEER_CLIENT_CERT_AUTH="true" -ETCD_PEER_CA_FILE="/srv/kubernetes/etcd/ca.pem" -ETCD_PEER_CERT_FILE="/srv/kubernetes/etcd/peer-${ETCD_NAME}.pem" -ETCD_PEER_KEY_FILE="/srv/kubernetes/etcd/peer-${ETCD_NAME}-key.pem" -EOF - -cat <//usr/lib/systemd/system/etcd.service -[Unit] -Description=Etcd Server -After=network.target - -[Service] -Type=simple -WorkingDirectory=${etcd_data_dir} -EnvironmentFile=-/opt/kubernetes/cfg/etcd.conf -# set GOMAXPROCS to number of processors -ExecStart=/bin/bash -c "GOMAXPROCS=\$(nproc) /opt/kubernetes/bin/etcd" -Type=notify - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable etcd -systemctl restart etcd diff --git a/cluster/centos/master/scripts/flannel.sh b/cluster/centos/master/scripts/flannel.sh deleted file mode 100644 index 83a7de5b58..0000000000 --- a/cluster/centos/master/scripts/flannel.sh +++ /dev/null @@ -1,72 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -ETCD_SERVERS=${1:-"http://8.8.8.18:4001"} -FLANNEL_NET=${2:-"172.16.0.0/16"} - -CA_FILE="/srv/kubernetes/etcd/ca.pem" -CERT_FILE="/srv/kubernetes/etcd/client.pem" -KEY_FILE="/srv/kubernetes/etcd/client-key.pem" - -cat </opt/kubernetes/cfg/flannel -FLANNEL_ETCD="-etcd-endpoints=${ETCD_SERVERS}" -FLANNEL_ETCD_KEY="-etcd-prefix=/coreos.com/network" -FLANNEL_ETCD_CAFILE="--etcd-cafile=${CA_FILE}" -FLANNEL_ETCD_CERTFILE="--etcd-certfile=${CERT_FILE}" -FLANNEL_ETCD_KEYFILE="--etcd-keyfile=${KEY_FILE}" -EOF - -cat </usr/lib/systemd/system/flannel.service -[Unit] -Description=Flanneld overlay address etcd agent -After=network.target - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/flannel -ExecStart=/opt/kubernetes/bin/flanneld --ip-masq \${FLANNEL_ETCD} \${FLANNEL_ETCD_KEY} \${FLANNEL_ETCD_CAFILE} \${FLANNEL_ETCD_CERTFILE} \${FLANNEL_ETCD_KEYFILE} - -Type=notify - -[Install] -WantedBy=multi-user.target -EOF - -# Store FLANNEL_NET to etcd. -attempt=0 -while true; do - if /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C "${ETCD_SERVERS}" \ - get /coreos.com/network/config >/dev/null 2>&1; then - break - else - if (( attempt > 600 )); then - echo "timeout for waiting network config" > ~/kube/err.log - exit 2 - fi - - /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C "${ETCD_SERVERS}" \ - mk /coreos.com/network/config "{\"Network\":\"${FLANNEL_NET}\"}" >/dev/null 2>&1 - attempt=$((attempt+1)) - sleep 3 - fi -done -wait - -systemctl enable flannel -systemctl daemon-reload -systemctl restart flannel diff --git a/cluster/centos/master/scripts/post-etcd.sh b/cluster/centos/master/scripts/post-etcd.sh deleted file mode 100644 index 6bdfd53094..0000000000 --- a/cluster/centos/master/scripts/post-etcd.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -## Set initial-cluster-state to existing, and restart etcd service. - -sed -i 's/ETCD_INITIAL_CLUSTER_STATE="new"/ETCD_INITIAL_CLUSTER_STATE="existing"/' /opt/kubernetes/cfg/etcd.conf - -systemctl daemon-reload -systemctl enable etcd -systemctl restart etcd diff --git a/cluster/centos/master/scripts/scheduler.sh b/cluster/centos/master/scripts/scheduler.sh deleted file mode 100755 index 22d6665019..0000000000 --- a/cluster/centos/master/scripts/scheduler.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -MASTER_ADDRESS=${1:-"8.8.8.18"} - -cat </opt/kubernetes/cfg/kube-scheduler -### -# kubernetes scheduler config - -# --logtostderr=true: log to standard error instead of files -KUBE_LOGTOSTDERR="--logtostderr=true" - -# --v=0: log level for V logs -KUBE_LOG_LEVEL="--v=4" - -# --master: The address of the Kubernetes API server (overrides any value in kubeconfig). -KUBE_MASTER="--master=${MASTER_ADDRESS}:8080" - -# --leader-elect: Start a leader election client and gain leadership before -# executing the main loop. Enable this when running replicated components for high availability. -KUBE_LEADER_ELECT="--leader-elect" - -# Add your own! -KUBE_SCHEDULER_ARGS="" - -EOF - -KUBE_SCHEDULER_OPTS=" \${KUBE_LOGTOSTDERR} \\ - \${KUBE_LOG_LEVEL} \\ - \${KUBE_MASTER} \\ - \${KUBE_LEADER_ELECT} \\ - \$KUBE_SCHEDULER_ARGS" - -cat </usr/lib/systemd/system/kube-scheduler.service -[Unit] -Description=Kubernetes Scheduler -Documentation=https://github.com/kubernetes/kubernetes - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/kube-scheduler -ExecStart=/opt/kubernetes/bin/kube-scheduler ${KUBE_SCHEDULER_OPTS} -Restart=on-failure - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable kube-scheduler -systemctl restart kube-scheduler diff --git a/cluster/centos/node/bin/mk-docker-opts.sh b/cluster/centos/node/bin/mk-docker-opts.sh deleted file mode 100755 index 22a459f513..0000000000 --- a/cluster/centos/node/bin/mk-docker-opts.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generate Docker daemon options based on flannel env file. - -# exit on any error -set -e - -usage() { - echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY] - -Generate Docker daemon options based on flannel env file -OPTIONS: - -f Path to flannel env file. Defaults to /run/flannel/subnet.env - -d Path to Docker env file to write to. Defaults to /run/docker_opts.env - -i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500 - -c Output combined Docker options into DOCKER_OPTS var - -k Set the combined options key to this value (default DOCKER_OPTS=) - -m Do not output --ip-masq (useful for older Docker version) -" >/dev/stderr - exit 1 -} - -flannel_env="/run/flannel/subnet.env" -docker_env="/run/docker_opts.env" -combined_opts_key="DOCKER_OPTS" -indiv_opts=false -combined_opts=false -ipmasq=true -val="" - -while getopts "f:d:icmk:" opt; do - case $opt in - f) - flannel_env=$OPTARG - ;; - d) - docker_env=$OPTARG - ;; - i) - indiv_opts=true - ;; - c) - combined_opts=true - ;; - m) - ipmasq=false - ;; - k) - combined_opts_key=$OPTARG - ;; - \?) - usage - ;; - esac -done - -if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then - indiv_opts=true - combined_opts=true -fi - -if [[ -f "${flannel_env}" ]]; then - source "${flannel_env}" -fi - -if [[ -n "$FLANNEL_SUBNET" ]]; then - # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below - DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET" -fi - -if [[ -n "$FLANNEL_MTU" ]]; then - # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below - DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU" -fi - -if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then - # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below - DOCKER_OPT_IPMASQ="--ip-masq=false" -fi - -eval docker_opts="\$${combined_opts_key}" -docker_opts+=" " - -echo -n "" >"${docker_env}" - -# OPT_LOOP -for opt in $(compgen -v DOCKER_OPT_); do - eval val=\$"${opt}" - - if [[ "$indiv_opts" = true ]]; then - echo "$opt=\"$val\"" >>"${docker_env}" - fi - - docker_opts+="$val " -done - -if [[ "$combined_opts" = true ]]; then - echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}" -fi diff --git a/cluster/centos/node/bin/remove-docker0.sh b/cluster/centos/node/bin/remove-docker0.sh deleted file mode 100755 index 8c862fbce3..0000000000 --- a/cluster/centos/node/bin/remove-docker0.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Delete default docker bridge, so that docker can start with flannel network. - -# exit on any error -set -e - -rc=0 -ip link show docker0 >/dev/null 2>&1 || rc="$?" -if [[ "$rc" -eq "0" ]]; then - ip link set dev docker0 down - ip link delete docker0 -fi diff --git a/cluster/centos/node/scripts/docker.sh b/cluster/centos/node/scripts/docker.sh deleted file mode 100755 index 8b878b24c9..0000000000 --- a/cluster/centos/node/scripts/docker.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -DOCKER_OPTS=${1:-""} - -DOCKER_CONFIG=/opt/kubernetes/cfg/docker - -cat <$DOCKER_CONFIG -DOCKER_OPTS="-H tcp://127.0.0.1:4243 -H unix:///var/run/docker.sock -s overlay --selinux-enabled=false ${DOCKER_OPTS}" -EOF - -cat </usr/lib/systemd/system/docker.service -[Unit] -Description=Docker Application Container Engine -Documentation=http://docs.docker.com -After=network.target flannel.service -Requires=flannel.service - -[Service] -Type=notify -EnvironmentFile=-/run/flannel/docker -EnvironmentFile=-/opt/kubernetes/cfg/docker -WorkingDirectory=/opt/kubernetes/bin -ExecStart=/opt/kubernetes/bin/dockerd \$DOCKER_OPT_BIP \$DOCKER_OPT_MTU \$DOCKER_OPTS -LimitNOFILE=1048576 -LimitNPROC=1048576 - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable docker -systemctl restart docker diff --git a/cluster/centos/node/scripts/flannel.sh b/cluster/centos/node/scripts/flannel.sh deleted file mode 100755 index 41ec84c537..0000000000 --- a/cluster/centos/node/scripts/flannel.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -ETCD_SERVERS=${1:-"https://8.8.8.18:2379"} -FLANNEL_NET=${2:-"172.16.0.0/16"} - -CA_FILE="/srv/kubernetes/etcd/ca.pem" -CERT_FILE="/srv/kubernetes/etcd/client.pem" -KEY_FILE="/srv/kubernetes/etcd/client-key.pem" - -cat </opt/kubernetes/cfg/flannel -FLANNEL_ETCD="-etcd-endpoints=${ETCD_SERVERS}" -FLANNEL_ETCD_KEY="-etcd-prefix=/coreos.com/network" -FLANNEL_ETCD_CAFILE="--etcd-cafile=${CA_FILE}" -FLANNEL_ETCD_CERTFILE="--etcd-certfile=${CERT_FILE}" -FLANNEL_ETCD_KEYFILE="--etcd-keyfile=${KEY_FILE}" -EOF - -cat </usr/lib/systemd/system/flannel.service -[Unit] -Description=Flanneld overlay address etcd agent -After=network.target -Before=docker.service - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/flannel -ExecStartPre=/opt/kubernetes/bin/remove-docker0.sh -ExecStart=/opt/kubernetes/bin/flanneld --ip-masq \${FLANNEL_ETCD} \${FLANNEL_ETCD_KEY} \${FLANNEL_ETCD_CAFILE} \${FLANNEL_ETCD_CERTFILE} \${FLANNEL_ETCD_KEYFILE} -ExecStartPost=/opt/kubernetes/bin/mk-docker-opts.sh -d /run/flannel/docker - -Type=notify - -[Install] -WantedBy=multi-user.target -RequiredBy=docker.service -EOF - -# Store FLANNEL_NET to etcd. -attempt=0 -while true; do - if /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C "${ETCD_SERVERS}" \ - get /coreos.com/network/config >/dev/null 2>&1; then - break - else - if (( attempt > 600 )); then - echo "timeout for waiting network config" > ~/kube/err.log - exit 2 - fi - - /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C "${ETCD_SERVERS}" \ - mk /coreos.com/network/config "{\"Network\":\"${FLANNEL_NET}\"}" >/dev/null 2>&1 - attempt=$((attempt+1)) - sleep 3 - fi -done -wait - -systemctl daemon-reload diff --git a/cluster/centos/node/scripts/kubelet.sh b/cluster/centos/node/scripts/kubelet.sh deleted file mode 100755 index 88d6b149ef..0000000000 --- a/cluster/centos/node/scripts/kubelet.sh +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -MASTER_ADDRESS=${1:-"8.8.8.18"} -NODE_ADDRESS=${2:-"8.8.8.20"} -DNS_SERVER_IP=${3:-"192.168.3.100"} -DNS_DOMAIN=${4:-"cluster.local"} -KUBECONFIG_DIR=${KUBECONFIG_DIR:-/opt/kubernetes/cfg} - -# Generate a kubeconfig file -cat < "${KUBECONFIG_DIR}/kubelet.kubeconfig" -apiVersion: v1 -kind: Config -clusters: - - cluster: - server: http://${MASTER_ADDRESS}:8080/ - name: local -contexts: - - context: - cluster: local - name: local -current-context: local -EOF - -cat </opt/kubernetes/cfg/kubelet -# --logtostderr=true: log to standard error instead of files -KUBE_LOGTOSTDERR="--logtostderr=true" - -# --v=0: log level for V logs -KUBE_LOG_LEVEL="--v=4" - -# --address=0.0.0.0: The IP address for the Kubelet to serve on (set to 0.0.0.0 for all interfaces) -NODE_ADDRESS="--address=${NODE_ADDRESS}" - -# --port=10250: The port for the Kubelet to serve on. Note that "kubectl logs" will not work if you set this flag. -NODE_PORT="--port=10250" - -# --hostname-override="": If non-empty, will use this string as identification instead of the actual hostname. -NODE_HOSTNAME="--hostname-override=${NODE_ADDRESS}" - -# Path to a kubeconfig file, specifying how to connect to the API server. -KUBELET_KUBECONFIG="--kubeconfig=${KUBECONFIG_DIR}/kubelet.kubeconfig" - -# --allow-privileged=false: If true, allow containers to request privileged mode. [default=false] -KUBE_ALLOW_PRIV="--allow-privileged=false" - -# DNS info -KUBELET__DNS_IP="--cluster-dns=${DNS_SERVER_IP}" -KUBELET_DNS_DOMAIN="--cluster-domain=${DNS_DOMAIN}" - -# Add your own! -KUBELET_ARGS="" -EOF - -KUBELET_OPTS=" \${KUBE_LOGTOSTDERR} \\ - \${KUBE_LOG_LEVEL} \\ - \${NODE_ADDRESS} \\ - \${NODE_PORT} \\ - \${NODE_HOSTNAME} \\ - \${KUBELET_KUBECONFIG} \\ - \${KUBE_ALLOW_PRIV} \\ - \${KUBELET__DNS_IP} \\ - \${KUBELET_DNS_DOMAIN} \\ - \$KUBELET_ARGS" - -cat </usr/lib/systemd/system/kubelet.service -[Unit] -Description=Kubernetes Kubelet -After=docker.service -Requires=docker.service - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/kubelet -ExecStart=/opt/kubernetes/bin/kubelet ${KUBELET_OPTS} -Restart=on-failure -KillMode=process -RestartSec=15s - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable kubelet -systemctl restart kubelet diff --git a/cluster/centos/node/scripts/proxy.sh b/cluster/centos/node/scripts/proxy.sh deleted file mode 100755 index 455084866a..0000000000 --- a/cluster/centos/node/scripts/proxy.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -MASTER_ADDRESS=${1:-"8.8.8.18"} -NODE_ADDRESS=${2:-"8.8.8.20"} - -cat </opt/kubernetes/cfg/kube-proxy -# --logtostderr=true: log to standard error instead of files -KUBE_LOGTOSTDERR="--logtostderr=true" - -# --v=0: log level for V logs -KUBE_LOG_LEVEL="--v=4" - -# --hostname-override="": If non-empty, will use this string as identification instead of the actual hostname. -NODE_HOSTNAME="--hostname-override=${NODE_ADDRESS}" - -# --master="": The address of the Kubernetes API server (overrides any value in kubeconfig) -KUBE_MASTER="--master=http://${MASTER_ADDRESS}:8080" -EOF - -KUBE_PROXY_OPTS=" \${KUBE_LOGTOSTDERR} \\ - \${KUBE_LOG_LEVEL} \\ - \${NODE_HOSTNAME} \\ - \${KUBE_MASTER}" - -cat </usr/lib/systemd/system/kube-proxy.service -[Unit] -Description=Kubernetes Proxy -After=network.target - -[Service] -EnvironmentFile=-/opt/kubernetes/cfg/kube-proxy -ExecStart=/opt/kubernetes/bin/kube-proxy ${KUBE_PROXY_OPTS} -Restart=on-failure - -[Install] -WantedBy=multi-user.target -EOF - -systemctl daemon-reload -systemctl enable kube-proxy -systemctl restart kube-proxy diff --git a/cluster/centos/util.sh b/cluster/centos/util.sh deleted file mode 100755 index d8cae8cf17..0000000000 --- a/cluster/centos/util.sh +++ /dev/null @@ -1,388 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2015 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# A library of helper functions that each provider hosting Kubernetes must implement to use cluster/kube-*.sh scripts. - -# exit on any error -set -e - -SSH_OPTS="-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oLogLevel=ERROR -C" - -# Use the config file specified in $KUBE_CONFIG_FILE, or default to -# config-default.sh. -KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. -readonly ROOT=$(dirname "${BASH_SOURCE[0]}") -source "${ROOT}/${KUBE_CONFIG_FILE:-"config-default.sh"}" -source "$KUBE_ROOT/cluster/common.sh" - -# shellcheck disable=SC2034 # Can't tell if this is still needed or not -KUBECTL_PATH=${KUBE_ROOT}/cluster/centos/binaries/kubectl - -# Directory to be used for master and node provisioning. -KUBE_TEMP="${HOME}/kube_temp" - - -# Get master IP addresses and store in KUBE_MASTER_IP_ADDRESSES[] -# Must ensure that the following ENV vars are set: -# MASTERS -function detect-masters() { - KUBE_MASTER_IP_ADDRESSES=() - for master in ${MASTERS}; do - KUBE_MASTER_IP_ADDRESSES+=("${master#*@}") - done - echo "KUBE_MASTERS: ${MASTERS}" 1>&2 - echo "KUBE_MASTER_IP_ADDRESSES: [${KUBE_MASTER_IP_ADDRESSES[*]}]" 1>&2 -} - -# Get node IP addresses and store in KUBE_NODE_IP_ADDRESSES[] -function detect-nodes() { - KUBE_NODE_IP_ADDRESSES=() - for node in ${NODES}; do - KUBE_NODE_IP_ADDRESSES+=("${node#*@}") - done - echo "KUBE_NODE_IP_ADDRESSES: [${KUBE_NODE_IP_ADDRESSES[*]}]" 1>&2 -} - -# Verify prereqs on host machine -function verify-prereqs() { - local rc - rc=0 - ssh-add -L 1> /dev/null 2> /dev/null || rc="$?" - # "Could not open a connection to your authentication agent." - if [[ "${rc}" -eq 2 ]]; then - eval "$(ssh-agent)" > /dev/null - trap-add "kill ${SSH_AGENT_PID}" EXIT - fi - rc=0 - ssh-add -L 1> /dev/null 2> /dev/null || rc="$?" - # "The agent has no identities." - if [[ "${rc}" -eq 1 ]]; then - # Try adding one of the default identities, with or without passphrase. - ssh-add || true - fi - rc=0 - # Expect at least one identity to be available. - if ! ssh-add -L 1> /dev/null 2> /dev/null; then - echo "Could not find or add an SSH identity." - echo "Please start ssh-agent, add your identity, and retry." - exit 1 - fi -} - -# Install handler for signal trap -function trap-add { - local handler="$1" - local signal="${2-EXIT}" - local cur - - cur="$(eval "sh -c 'echo \$3' -- $(trap -p "${signal}")")" - if [[ -n "${cur}" ]]; then - handler="${cur}; ${handler}" - fi - - # shellcheck disable=SC2064 # Early expansion is intentional here. - trap "${handler}" "${signal}" -} - -# Validate a kubernetes cluster -function validate-cluster() { - # by default call the generic validate-cluster.sh script, customizable by - # any cluster provider if this does not fit. - set +e - if ! "${KUBE_ROOT}/cluster/validate-cluster.sh"; then - for master in ${MASTERS}; do - troubleshoot-master "${master}" - done - for node in ${NODES}; do - troubleshoot-node "${node}" - done - exit 1 - fi - set -e -} - -# Instantiate a kubernetes cluster -function kube-up() { - make-ca-cert - - local num_infra=0 - for master in ${MASTERS}; do - provision-master "${master}" "infra${num_infra}" - ((++num_infra)) - done - - for master in ${MASTERS}; do - post-provision-master "${master}" - done - - for node in ${NODES}; do - provision-node "${node}" - done - - detect-masters - - # set CONTEXT and KUBE_SERVER values for create-kubeconfig() and get-password() - export CONTEXT="centos" - export KUBE_SERVER="http://${MASTER_ADVERTISE_ADDRESS}:8080" - source "${KUBE_ROOT}/cluster/common.sh" - - # set kubernetes user and password - get-password - create-kubeconfig -} - -# Delete a kubernetes cluster -function kube-down() { - for master in ${MASTERS}; do - tear-down-master "${master}" - done - - for node in ${NODES}; do - tear-down-node "${node}" - done -} - -function troubleshoot-master() { - # Troubleshooting on master if all required daemons are active. - echo "[INFO] Troubleshooting on master $1" - local -a required_daemon=("kube-apiserver" "kube-controller-manager" "kube-scheduler") - local daemon - local daemon_status - printf "%-24s %-10s \n" "PROCESS" "STATUS" - for daemon in "${required_daemon[@]}"; do - local rc=0 - kube-ssh "${1}" "sudo systemctl is-active ${daemon}" >/dev/null 2>&1 || rc="$?" - if [[ "${rc}" -ne "0" ]]; then - daemon_status="inactive" - else - daemon_status="active" - fi - printf "%-24s %s\n" "${daemon}" ${daemon_status} - done - printf "\n" -} - -function troubleshoot-node() { - # Troubleshooting on node if all required daemons are active. - echo "[INFO] Troubleshooting on node ${1}" - local -a required_daemon=("kube-proxy" "kubelet" "docker" "flannel") - local daemon - local daemon_status - printf "%-24s %-10s \n" "PROCESS" "STATUS" - for daemon in "${required_daemon[@]}"; do - local rc=0 - kube-ssh "${1}" "sudo systemctl is-active ${daemon}" >/dev/null 2>&1 || rc="$?" - if [[ "${rc}" -ne "0" ]]; then - daemon_status="inactive" - else - daemon_status="active" - fi - printf "%-24s %s\n" "${daemon}" ${daemon_status} - done - printf "\n" -} - -# Clean up on master -function tear-down-master() { -echo "[INFO] tear-down-master on $1" - for service_name in etcd kube-apiserver kube-controller-manager kube-scheduler ; do - service_file="/usr/lib/systemd/system/${service_name}.service" - kube-ssh "$1" " \ - if [[ -f $service_file ]]; then \ - sudo systemctl stop $service_name; \ - sudo systemctl disable $service_name; \ - sudo rm -f $service_file; \ - fi" - done - kube-ssh "${1}" "sudo rm -rf /opt/kubernetes" - kube-ssh "${1}" "sudo rm -rf /srv/kubernetes" - kube-ssh "${1}" "sudo rm -rf ${KUBE_TEMP}" - kube-ssh "${1}" "sudo rm -rf /var/lib/etcd" -} - -# Clean up on node -function tear-down-node() { -echo "[INFO] tear-down-node on $1" - for service_name in kube-proxy kubelet docker flannel ; do - service_file="/usr/lib/systemd/system/${service_name}.service" - kube-ssh "$1" " \ - if [[ -f $service_file ]]; then \ - sudo systemctl stop $service_name; \ - sudo systemctl disable $service_name; \ - sudo rm -f $service_file; \ - fi" - done - kube-ssh "$1" "sudo rm -rf /run/flannel" - kube-ssh "$1" "sudo rm -rf /opt/kubernetes" - kube-ssh "$1" "sudo rm -rf /srv/kubernetes" - kube-ssh "$1" "sudo rm -rf ${KUBE_TEMP}" -} - -# Generate the CA certificates for k8s components -function make-ca-cert() { - echo "[INFO] make-ca-cert" - bash "${ROOT}/make-ca-cert.sh" "${MASTER_ADVERTISE_IP}" "IP:${MASTER_ADVERTISE_IP},IP:${SERVICE_CLUSTER_IP_RANGE%.*}.1,DNS:kubernetes,DNS:kubernetes.default,DNS:kubernetes.default.svc,DNS:kubernetes.default.svc.cluster.local" -} - -# Provision master -# -# Assumed vars: -# $1 (master) -# $2 (etcd_name) -# KUBE_TEMP -# ETCD_SERVERS -# ETCD_INITIAL_CLUSTER -# SERVICE_CLUSTER_IP_RANGE -# MASTER_ADVERTISE_ADDRESS -function provision-master() { - echo "[INFO] Provision master on $1" - local master="$1" - local master_ip="${master#*@}" - local etcd_name="$2" - ensure-setup-dir "${master}" - ensure-etcd-cert "${etcd_name}" "${master_ip}" - - kube-scp "${master}" "${ROOT}/ca-cert ${ROOT}/binaries/master ${ROOT}/master ${ROOT}/config-default.sh ${ROOT}/util.sh" "${KUBE_TEMP}" - kube-scp "${master}" "${ROOT}/etcd-cert/ca.pem \ - ${ROOT}/etcd-cert/client.pem \ - ${ROOT}/etcd-cert/client-key.pem \ - ${ROOT}/etcd-cert/server-${etcd_name}.pem \ - ${ROOT}/etcd-cert/server-${etcd_name}-key.pem \ - ${ROOT}/etcd-cert/peer-${etcd_name}.pem \ - ${ROOT}/etcd-cert/peer-${etcd_name}-key.pem" "${KUBE_TEMP}/etcd-cert" - kube-ssh "${master}" " \ - sudo rm -rf /opt/kubernetes/bin; \ - sudo cp -r ${KUBE_TEMP}/master/bin /opt/kubernetes; \ - sudo mkdir -p /srv/kubernetes/; sudo cp -f ${KUBE_TEMP}/ca-cert/* /srv/kubernetes/; \ - sudo mkdir -p /srv/kubernetes/etcd; sudo cp -f ${KUBE_TEMP}/etcd-cert/* /srv/kubernetes/etcd/; \ - sudo chmod -R +x /opt/kubernetes/bin; \ - sudo ln -sf /opt/kubernetes/bin/* /usr/local/bin/; \ - sudo bash ${KUBE_TEMP}/master/scripts/etcd.sh ${etcd_name} ${master_ip} ${ETCD_INITIAL_CLUSTER}; \ - sudo bash ${KUBE_TEMP}/master/scripts/apiserver.sh ${master_ip} ${ETCD_SERVERS} ${SERVICE_CLUSTER_IP_RANGE} ${ADMISSION_CONTROL}; \ - sudo bash ${KUBE_TEMP}/master/scripts/controller-manager.sh ${MASTER_ADVERTISE_ADDRESS}; \ - sudo bash ${KUBE_TEMP}/master/scripts/scheduler.sh ${MASTER_ADVERTISE_ADDRESS}" -} - -# Post-provision master, run after all masters were provisioned -# -# Assumed vars: -# $1 (master) -# KUBE_TEMP -# ETCD_SERVERS -# FLANNEL_NET -function post-provision-master() { - echo "[INFO] Post provision master on $1" - local master=$1 - kube-ssh "${master}" " \ - sudo bash ${KUBE_TEMP}/master/scripts/flannel.sh ${ETCD_SERVERS} ${FLANNEL_NET}; \ - sudo bash ${KUBE_TEMP}/master/scripts/post-etcd.sh" -} - -# Provision node -# -# Assumed vars: -# $1 (node) -# KUBE_TEMP -# ETCD_SERVERS -# FLANNEL_NET -# MASTER_ADVERTISE_ADDRESS -# DOCKER_OPTS -# DNS_SERVER_IP -# DNS_DOMAIN -function provision-node() { - echo "[INFO] Provision node on $1" - local node=$1 - local node_ip=${node#*@} - local dns_ip=${DNS_SERVER_IP#*@} - # shellcheck disable=SC2153 # DNS_DOMAIN sourced from external file - local dns_domain=${DNS_DOMAIN#*@} - ensure-setup-dir "${node}" - - kube-scp "${node}" "${ROOT}/binaries/node ${ROOT}/node ${ROOT}/config-default.sh ${ROOT}/util.sh" "${KUBE_TEMP}" - kube-scp "${node}" "${ROOT}/etcd-cert/ca.pem \ - ${ROOT}/etcd-cert/client.pem \ - ${ROOT}/etcd-cert/client-key.pem" "${KUBE_TEMP}/etcd-cert" - kube-ssh "${node}" " \ - rm -rf /opt/kubernetes/bin; \ - sudo cp -r ${KUBE_TEMP}/node/bin /opt/kubernetes; \ - sudo chmod -R +x /opt/kubernetes/bin; \ - sudo mkdir -p /srv/kubernetes/etcd; sudo cp -f ${KUBE_TEMP}/etcd-cert/* /srv/kubernetes/etcd/; \ - sudo ln -s /opt/kubernetes/bin/* /usr/local/bin/; \ - sudo mkdir -p /srv/kubernetes/etcd; sudo cp -f ${KUBE_TEMP}/etcd-cert/* /srv/kubernetes/etcd/; \ - sudo bash ${KUBE_TEMP}/node/scripts/flannel.sh ${ETCD_SERVERS} ${FLANNEL_NET}; \ - sudo bash ${KUBE_TEMP}/node/scripts/docker.sh \"${DOCKER_OPTS}\"; \ - sudo bash ${KUBE_TEMP}/node/scripts/kubelet.sh ${MASTER_ADVERTISE_ADDRESS} ${node_ip} ${dns_ip} ${dns_domain}; \ - sudo bash ${KUBE_TEMP}/node/scripts/proxy.sh ${MASTER_ADVERTISE_ADDRESS}" -} - -# Create dirs that'll be used during setup on target machine. -# -# Assumed vars: -# KUBE_TEMP -function ensure-setup-dir() { - kube-ssh "${1}" "mkdir -p ${KUBE_TEMP}; \ - mkdir -p ${KUBE_TEMP}/etcd-cert; \ - sudo mkdir -p /opt/kubernetes/bin; \ - sudo mkdir -p /opt/kubernetes/cfg" -} - -# Generate certificates for etcd cluster -# -# Assumed vars: -# $1 (etcd member name) -# $2 (master ip) -function ensure-etcd-cert() { - local etcd_name="$1" - local master_ip="$2" - local cert_dir="${ROOT}/etcd-cert" - - if [[ ! -r "${cert_dir}/client.pem" || ! -r "${cert_dir}/client-key.pem" ]]; then - generate-etcd-cert "${cert_dir}" "${master_ip}" "client" "client" - fi - - generate-etcd-cert "${cert_dir}" "${master_ip}" "server" "server-${etcd_name}" - generate-etcd-cert "${cert_dir}" "${master_ip}" "peer" "peer-${etcd_name}" -} - -# Run command over ssh -function kube-ssh() { - local host="$1" - shift - ssh "${SSH_OPTS}" -t "${host}" "$@" >/dev/null 2>&1 -} - -# Copy file recursively over ssh -function kube-scp() { - local host="$1" - local src=("$2") - local dst="$3" - scp -r "${SSH_OPTS}" "${src[*]}" "${host}:${dst}" -} - -# Ensure that we have a password created for validating to the master. Will -# read from kubeconfig if available. -# -# Vars set: -# KUBE_USER -# KUBE_PASSWORD -function get-password { - load-or-gen-kube-basicauth - if [[ -z "${KUBE_USER}" || -z "${KUBE_PASSWORD}" ]]; then - KUBE_USER="admin" - KUBE_PASSWORD=$(python -c 'import string,random; '\ - 'print("".join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(16)))') - fi -} diff --git a/cluster/kube-up.sh b/cluster/kube-up.sh index 857fe8e447..3daf2063f0 100755 --- a/cluster/kube-up.sh +++ b/cluster/kube-up.sh @@ -32,27 +32,6 @@ fi source "${KUBE_ROOT}/cluster/kube-util.sh" -DEPRECATED_PROVIDERS=( - "centos" - "local" -) - -for provider in "${DEPRECATED_PROVIDERS[@]}"; do - if [[ "${KUBERNETES_PROVIDER}" == "${provider}" ]]; then - cat <&2 - -!!! DEPRECATION NOTICE !!! - -The '${provider}' kube-up provider is deprecated and will be removed in a future -release of kubernetes. Deprecated providers will be removed within 2 releases. - -See https://github.com/kubernetes/kubernetes/issues/49213 for more info. - -EOF - break - fi -done - if [ -z "${ZONE-}" ]; then echo "... Starting cluster using provider: ${KUBERNETES_PROVIDER}" >&2 else diff --git a/cluster/local/util.sh b/cluster/local/util.sh deleted file mode 100755 index da262fdf24..0000000000 --- a/cluster/local/util.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env bash -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Perform preparations required to run e2e tests -function prepare-e2e() { - echo "Local doesn't need special preparations for e2e tests" 1>&2 -} - -# Detect the IP for the master -# -# Vars set: -# KUBE_MASTER -# KUBE_MASTER_IP -# Vars exported: -# KUBE_MASTER_URL -function detect-master { - KUBE_MASTER=localhost - KUBE_MASTER_IP=127.0.0.1 - export KUBE_MASTER_URL="http://${KUBE_MASTER_IP}:8080" - echo "Using master: $KUBE_MASTER (external IP: $KUBE_MASTER_IP)" -}