mirror of https://github.com/k3s-io/k3s
190 lines
5.9 KiB
YAML
190 lines
5.9 KiB
YAML
#cloud-config
|
|
|
|
write_files:
|
|
- path: /opt/bin/kube-net-update.sh
|
|
permissions: 0755
|
|
content: |
|
|
#!/bin/sh
|
|
set -x -e
|
|
nh=${ETCD_WATCH_KEY##*/}
|
|
net=$ETCD_WATCH_VALUE
|
|
case $ETCD_WATCH_ACTION in
|
|
set) ip route replace $net via $nh dev eth2 metric 900 ;;
|
|
expire) ip route del $net via $nh metric 900 ;;
|
|
esac
|
|
- path: /opt/bin/download-release.sh
|
|
permissions: 0755
|
|
content: |
|
|
#!/bin/bash
|
|
OBJECT_URL="CLOUD_FILES_URL"
|
|
echo "Downloading release ($OBJECT_URL)"
|
|
wget "${OBJECT_URL}" -O /opt/kubernetes.tar.gz
|
|
echo "Unpacking release"
|
|
rm -rf /opt/kubernetes || false
|
|
tar xzf /opt/kubernetes.tar.gz -C /opt/
|
|
|
|
coreos:
|
|
etcd:
|
|
name: kubernetes-minion-INDEX
|
|
discovery: https://discovery.etcd.io/DISCOVERY_ID
|
|
addr: $private_ipv4:4001
|
|
peer-addr: $private_ipv4:7001
|
|
peer-bind-addr: $private_ipv4:7001
|
|
|
|
fleet:
|
|
public-ip: $private_ipv4
|
|
metadata: kubernetes_role=minion
|
|
|
|
update:
|
|
reboot-strategy: etcd-lock
|
|
|
|
units:
|
|
- name: etcd.service
|
|
command: start
|
|
- name: fleet.service
|
|
command: start
|
|
- name: download-release.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Downloads Kubernetes Release
|
|
After=network-online.target
|
|
Requires=network-online.target
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStart=/usr/bin/bash /opt/bin/download-release.sh
|
|
- name: minion-kubelet.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Kubelet
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
After=network-online.target
|
|
Requires=network-online.target
|
|
After=docker.service
|
|
Requires=docker.service
|
|
After=download-release.service
|
|
Requires=download-release.service
|
|
[Service]
|
|
ExecStartPre=/usr/bin/ln -sf /opt/kubernetes/server/bin/kubelet /opt/bin/kubelet
|
|
ExecStart=/opt/bin/kubelet --address=$private_ipv4 --hostname_override=$private_ipv4 --etcd_servers=http://127.0.0.1:4001 --logtostderr=true --config=/opt/kubernetes-manifests --cluster_dns=DNS_SERVER_IP --cluster_domain=DNS_DOMAIN
|
|
Restart=always
|
|
RestartSec=2
|
|
- name: minion-proxy.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Proxy
|
|
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
|
|
After=network-online.target
|
|
Requires=network-online.target
|
|
After=docker.service
|
|
Requires=docker.service
|
|
After=download-release.service
|
|
Requires=download-release.service
|
|
[Service]
|
|
ExecStartPre=/usr/bin/ln -sf /opt/kubernetes/server/bin/kube-proxy /opt/bin/kube-proxy
|
|
ExecStart=/opt/bin/kube-proxy --bind_address=$private_ipv4 --etcd_servers=http://127.0.0.1:4001 --logtostderr=true --v=2
|
|
Restart=always
|
|
RestartSec=2
|
|
- name: minion-advertiser.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Minion Advertiser
|
|
After=etcd.service
|
|
Requires=etcd.service
|
|
After=minion-kubelet.service
|
|
[Service]
|
|
ExecStart=/bin/sh -c 'while :; do etcdctl set /corekube/minions/$private_ipv4 $private_ipv4 --ttl 300; sleep 120; done'
|
|
Restart=always
|
|
RestartSec=120
|
|
- name: net-advertiser.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Network Advertiser
|
|
After=etcd.service
|
|
Requires=etcd.service
|
|
After=minion-kubelet.service
|
|
[Service]
|
|
ExecStart=/bin/sh -c 'eth2_ip=$$(ip -o -f inet a show dev eth2 | sed "s/.* inet \([0-9.]\+\).*/\1/"); while :; do etcdctl set /corekube/net/$$eth2_ip 10.240.INDEX.0/24 --ttl 300; sleep 120; done'
|
|
Restart=always
|
|
RestartSec=120
|
|
- name: net-router.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes Network Router
|
|
After=etcd.service
|
|
Requires=etcd.service
|
|
After=minion-kubelet.service
|
|
[Service]
|
|
ExecStart=/usr/bin/etcdctl exec-watch --recursive /corekube/net -- /opt/bin/kube-net-update.sh
|
|
Restart=always
|
|
RestartSec=120
|
|
- name: cbr0.netdev
|
|
command: start
|
|
content: |
|
|
[NetDev]
|
|
Kind=bridge
|
|
Name=cbr0
|
|
- name: cbr0.network
|
|
command: start
|
|
content: |
|
|
[Match]
|
|
Name=cbr0
|
|
|
|
[Network]
|
|
Address=10.240.INDEX.1/24
|
|
- name: nat.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=NAT container->outside traffic
|
|
|
|
[Service]
|
|
ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 10.240.INDEX.0/24 -j MASQUERADE
|
|
ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth1 -s 10.240.INDEX.0/24 -j MASQUERADE
|
|
RemainAfterExit=yes
|
|
Type=oneshot
|
|
- name: docker.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
After=network.target
|
|
Description=Docker Application Container Engine
|
|
Documentation=http://docs.docker.io
|
|
|
|
[Service]
|
|
ExecStartPre=/bin/mount --make-rprivate /
|
|
ExecStart=/usr/bin/docker -d -H fd:// -b cbr0 --iptables=false
|
|
Restart=always
|
|
RestartSec=30
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
- name: format-data.service
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Formats data drive
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStart=/usr/sbin/wipefs -f /dev/xvde1
|
|
ExecStart=/usr/sbin/mkfs.btrfs -f /dev/xvde1
|
|
- name: var-lib-docker-volumes.mount
|
|
command: start
|
|
content: |
|
|
[Unit]
|
|
Description=Mount data drive to /var/lib/docker/volumes
|
|
Requires=format-data.service
|
|
After=format-data.service
|
|
Before=docker.service
|
|
[Mount]
|
|
What=/dev/xvde1
|
|
Where=/var/lib/docker/volumes
|
|
Type=btrfs
|