github-personal/matchbox
1
0
Fork 0
mirror of https://github.com/outbackdingo/matchbox.git synced 2026-01-27 18:19:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

examples: Update non-terraform Kubernetes to use bootkube v0.5.0

Browse Source
This commit is contained in:
Dalton Hubble
2017-07-12 13:41:33 -07:00
parent 30cf06853d
commit b636fc7a3d
3 changed files with 14 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Documentation/bootkube.md
View File

@@ -11,11 +11,11 @@ Ensure that you've gone through the [matchbox with rkt](getting-started-rkt.md)
* Create the example libvirt client VMs
* `/etc/hosts` entries for `node[1-3].example.com` (or pass custom names to `k8s-certgen`)
Install [bootkube](https://github.com/kubernetes-incubator/bootkube/releases) v0.4.5 and add it on your $PATH.
Install [bootkube](https://github.com/kubernetes-incubator/bootkube/releases) v0.5.0 and add it on your $PATH.
```sh
$ bootkube version
Version: v0.4.5
Version: v0.5.0
```
## Examples
@@ -64,8 +64,8 @@ Secure copy the etcd TLS assets to `/etc/ssl/etcd/*` on **every** node.
```bash
for node in 'node1' 'node2' 'node3'; do
scp -r assets/tls/etcd-* core@$node.example.com:/home/core/
ssh core@$node.example.com 'sudo mkdir -p /etc/ssl/etcd && sudo mv etcd-* /etc/ssl/etcd/ && sudo chown -R etcd:etcd /etc/ssl/etcd && sudo chmod -R 500 /etc/ssl/etcd/'
scp -r assets/tls/etcd-* assets/tls/etcd core@$node.example.com:/home/core/
ssh core@$node.example.com 'sudo mkdir -p /etc/ssl/etcd && sudo mv etcd-* etcd /etc/ssl/etcd/ && sudo chown -R etcd:etcd /etc/ssl/etcd && sudo chmod -R 500 /etc/ssl/etcd/'
done
```

16
examples/ignition/bootkube-controller.yaml
View File

@@ -16,11 +16,13 @@ systemd:
Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}"
Environment="ETCD_STRICT_RECONFIG_CHECK=true"
Environment="ETCD_SSL_DIR=/etc/ssl/etcd"
Environment="ETCD_CERT_FILE=/etc/ssl/certs/etcd-client.crt"
Environment="ETCD_KEY_FILE=/etc/ssl/certs/etcd-client.key"
Environment="ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd-peer.crt"
Environment="ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd-peer.key"
Environment="ETCD_PEER_TRUSTED_CA_FILE=/etc/ssl/certs/etcd-ca.crt"
Environment="ETCD_TRUSTED_CA_FILE=/etc/ssl/certs/etcd/server-ca.crt"
Environment="ETCD_CERT_FILE=/etc/ssl/certs/etcd/server.crt"
Environment="ETCD_KEY_FILE=/etc/ssl/certs/etcd/server.key"
Environment="ETCD_CLIENT_CERT_AUTH=true"
Environment="ETCD_PEER_TRUSTED_CA_FILE=/etc/ssl/certs/etcd/peer-ca.crt"
Environment="ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt"
Environment="ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key"
Environment="ETCD_PEER_CLIENT_CERT_AUTH=true"
- name: docker.service
enable: true
@@ -30,7 +32,7 @@ systemd:
contents: |
[Service]
Environment="REBOOT_STRATEGY=etcd-lock"
Environment="LOCKSMITHD_ETCD_CAFILE=/etc/ssl/etcd/etcd-ca.crt"
Environment="LOCKSMITHD_ETCD_CAFILE=/etc/ssl/etcd/etcd-client-ca.crt"
Environment="LOCKSMITHD_ETCD_CERTFILE=/etc/ssl/etcd/etcd-client.crt"
Environment="LOCKSMITHD_ETCD_KEYFILE=/etc/ssl/etcd/etcd-client.key"
Environment="LOCKSMITHD_ENDPOINT={{.etcd_endpoints}}"
@@ -160,7 +162,7 @@ storage:
# Wrapper for bootkube start
set -e
BOOTKUBE_ACI="${BOOTKUBE_ACI:-quay.io/coreos/bootkube}"
BOOTKUBE_VERSION="${BOOTKUBE_VERSION:-v0.4.5}"
BOOTKUBE_VERSION="${BOOTKUBE_VERSION:-v0.5.0}"
BOOTKUBE_ASSETS="${BOOTKUBE_ASSETS:-/opt/bootkube/assets}"
exec /usr/bin/rkt run \
--trust-keys-from-https \

2
examples/ignition/bootkube-worker.yaml
View File

@@ -9,7 +9,7 @@ systemd:
contents: |
[Service]
Environment="REBOOT_STRATEGY=etcd-lock"
Environment="LOCKSMITHD_ETCD_CAFILE=/etc/ssl/etcd/etcd-ca.crt"
Environment="LOCKSMITHD_ETCD_CAFILE=/etc/ssl/etcd/etcd-client-ca.crt"
Environment="LOCKSMITHD_ETCD_CERTFILE=/etc/ssl/etcd/etcd-client.crt"
Environment="LOCKSMITHD_ETCD_KEYFILE=/etc/ssl/etcd/etcd-client.key"
Environment="LOCKSMITHD_ENDPOINT={{.etcd_endpoints}}"