From ce806cb92a9a56bfb80c47b834a4e9fde5c384a0 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Mon, 21 Mar 2016 18:05:13 -0700 Subject: [PATCH] examples: Remove metadata agent from k8s-master and k8s-worker * Clusters nodes are statically declared, no need to load dynamic node metadata --- examples/ignition/k8s-master.yaml | 101 ++++++++---------- examples/ignition/k8s-worker.yaml | 101 ++++++++---------- .../profiles/k8s-master-install/profile.json | 2 +- examples/profiles/k8s-master/profile.json | 2 +- .../profiles/k8s-worker-install/profile.json | 2 +- examples/profiles/k8s-worker/profile.json | 2 +- 6 files changed, 88 insertions(+), 122 deletions(-) diff --git a/examples/ignition/k8s-master.yaml b/examples/ignition/k8s-master.yaml index be3cd099..4aef058f 100644 --- a/examples/ignition/k8s-master.yaml +++ b/examples/ignition/k8s-master.yaml @@ -2,52 +2,52 @@ ignition_version: 1 systemd: units: - - name: metadata.service - enable: true - contents: | - [Unit] - Description=Bare Metal Metadata Agent - [Service] - Type=oneshot - Environment=OUTPUT=/run/metadata/bootcfg - ExecStart=/usr/bin/mkdir --parent /run/metadata - ExecStart=/usr/bin/bash -c 'curl --url "http://bootcfg.foo:8080/metadata?{{.query}}" --retry 10 --output ${OUTPUT}' - [Install] - WantedBy=multi-user.target - - name: fleet.service - enable: true - dropins: - - name: fleet-metadata.conf - contents: | - [Service] - Environment="FLEET_METADATA={{.fleet_metadata}}" - name: etcd2.service enable: true dropins: - - name: etcd-metadata.conf + - name: 40-etcd-cluster.conf + contents: | + [Service] + Environment="ETCD_NAME={{.etcd_name}}" + Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.ipv4_address}}:2379" + Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.ipv4_address}}:2380" + Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" + Environment="ETCD_LISTEN_PEER_URLS=http://{{.ipv4_address}}:2380" + Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}" + - name: fleet.service + enable: true + dropins: + - name: 40-fleet-metadata.conf + contents: | + [Service] + Environment="FLEET_METADATA={{.fleet_metadata}}" + - name: flanneld.service + dropins: + - name: 40-ExecStartPre-symlink.conf + contents: | + [Service] + ExecStartPre=/usr/bin/ln -sf /etc/flannel/options.env /run/flannel/options.env + ExecStartPre=/opt/init-flannel + - name: docker.service + dropins: + - name: 40-flannel.conf contents: | [Unit] - Requires=metadata.service - After=metadata.service - [Service] - # ETCD_NAME, ETCD_INITIAL_CLUSTER - EnvironmentFile=/run/metadata/bootcfg - ExecStart= - ExecStart=/usr/bin/etcd2 \ - --advertise-client-urls=http://${IPV4_ADDRESS}:2379 \ - --initial-advertise-peer-urls=http://${IPV4_ADDRESS}:2380 \ - --listen-client-urls=http://0.0.0.0:2379 \ - --listen-peer-urls=http://${IPV4_ADDRESS}:2380 - - name: k8s-addons.service + Requires=flanneld.service + After=flanneld.service + - name: k8stls.service enable: true contents: | [Unit] - Description=Start Kubernetes DNS Controller and Service - Requires=kubelet.service - After=kubelet.service + Description=Acquire Kubernetes TLS CA and Certificate + Requires=network-online.target + After=network-online.target [Service] Type=oneshot - ExecStart=/opt/k8s-addons + ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/ssl + ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/apiserver.pem -o /etc/kubernetes/ssl/apiserver.pem + ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/apiserver-key.pem -o /etc/kubernetes/ssl/apiserver-key.pem + ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/ca.pem -o /etc/kubernetes/ssl/ca.pem [Install] WantedBy=multi-user.target - name: kubelet.service @@ -74,36 +74,19 @@ systemd: RestartSec=10 [Install] WantedBy=multi-user.target - - name: k8stls.service + - name: k8s-addons.service enable: true contents: | [Unit] - Description=Acquire Kubernetes TLS CA and Certificate - Requires=network-online.target - After=network-online.target + Description=Start Kubernetes DNS Controller and Service + Requires=kubelet.service + After=kubelet.service [Service] Type=oneshot - ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/ssl - ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/apiserver.pem -o /etc/kubernetes/ssl/apiserver.pem - ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/apiserver-key.pem -o /etc/kubernetes/ssl/apiserver-key.pem - ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/ca.pem -o /etc/kubernetes/ssl/ca.pem + ExecStart=/opt/k8s-addons [Install] WantedBy=multi-user.target - - name: flanneld.service - enable: true - dropins: - - name: 40-ExecStartPre-symlink.conf - contents: | - [Service] - ExecStartPre=/usr/bin/ln -sf /etc/flannel/options.env /run/flannel/options.env - ExecStartPre=/opt/init-flannel - - name: docker.service - dropins: - - name: 40-flannel.conf - contents: | - [Unit] - Requires=flanneld.service - After=flanneld.service + storage: disks: - device: /dev/sda diff --git a/examples/ignition/k8s-worker.yaml b/examples/ignition/k8s-worker.yaml index bcdf736f..8bf98026 100644 --- a/examples/ignition/k8s-worker.yaml +++ b/examples/ignition/k8s-worker.yaml @@ -2,42 +2,53 @@ ignition_version: 1 systemd: units: - - name: metadata.service - enable: true - contents: | - [Unit] - Description=Bare Metal Metadata Agent - [Service] - Type=oneshot - Environment=OUTPUT=/run/metadata/bootcfg - ExecStart=/usr/bin/mkdir -p /run/metadata - ExecStart=/usr/bin/bash -c 'curl --url "http://bootcfg.foo:8080/metadata?{{.query}}" --retry 10 --output ${OUTPUT}' - [Install] - WantedBy=multi-user.target - - name: fleet.service - enable: true - dropins: - - name: fleet-metadata.conf - contents: | - [Service] - Environment="FLEET_METADATA={{.fleet_metadata}}" - name: etcd2.service enable: true dropins: - - name: etcd-metadata.conf + - name: 40-etcd-cluster.conf + contents: | + [Service] + Environment="ETCD_NAME={{.etcd_name}}" + Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.ipv4_address}}:2379" + Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.ipv4_address}}:2380" + Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" + Environment="ETCD_LISTEN_PEER_URLS=http://{{.ipv4_address}}:2380" + Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}" + - name: fleet.service + enable: true + dropins: + - name: 40-fleet-metadata.conf + contents: | + [Service] + Environment="FLEET_METADATA={{.fleet_metadata}}" + - name: flanneld.service + dropins: + - name: 40-ExecStartPre-symlink.conf + contents: | + [Service] + ExecStartPre=/usr/bin/ln -sf /etc/flannel/options.env /run/flannel/options.env + - name: docker.service + dropins: + - name: 40-flannel.conf contents: | [Unit] - Requires=metadata.service - After=metadata.service - [Service] - # ETCD_NAME, ETCD_INITIAL_CLUSTER - EnvironmentFile=/run/metadata/bootcfg - ExecStart= - ExecStart=/usr/bin/etcd2 \ - --advertise-client-urls=http://${IPV4_ADDRESS}:2379 \ - --initial-advertise-peer-urls=http://${IPV4_ADDRESS}:2380 \ - --listen-client-urls=http://0.0.0.0:2379 \ - --listen-peer-urls=http://${IPV4_ADDRESS}:2380 + Requires=flanneld.service + After=flanneld.service + - name: k8stls.service + enable: true + contents: | + [Unit] + Description=Acquire Kubernetes TLS CA and Certificate + Requires=network-online.target + After=network-online.target + [Service] + Type=oneshot + ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/ssl + ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/worker.pem -o /etc/kubernetes/ssl/worker.pem + ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/worker-key.pem -o /etc/kubernetes/ssl/worker-key.pem + ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/ca.pem -o /etc/kubernetes/ssl/ca.pem + [Install] + WantedBy=multi-user.target - name: kubelet.service enable: true contents: | @@ -63,34 +74,6 @@ systemd: RestartSec=10 [Install] WantedBy=multi-user.target - - name: k8stls.service - enable: true - contents: | - [Unit] - Description=Acquire Kubernetes TLS CA and Certificate - Requires=network-online.target - After=network-online.target - [Service] - Type=oneshot - ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/ssl - ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/worker.pem -o /etc/kubernetes/ssl/worker.pem - ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/worker-key.pem -o /etc/kubernetes/ssl/worker-key.pem - ExecStart=/usr/bin/curl {{.k8s_cert_endpoint}}/tls/ca.pem -o /etc/kubernetes/ssl/ca.pem - [Install] - WantedBy=multi-user.target - - name: flanneld.service - dropins: - - name: 40-ExecStartPre-symlink.conf - contents: | - [Service] - ExecStartPre=/usr/bin/ln -sf /etc/flannel/options.env /run/flannel/options.env - - name: docker.service - dropins: - - name: 40-flannel.conf - contents: | - [Unit] - Requires=flanneld.service - After=flanneld.service storage: disks: diff --git a/examples/profiles/k8s-master-install/profile.json b/examples/profiles/k8s-master-install/profile.json index 963fa4f8..a5f7e1a4 100644 --- a/examples/profiles/k8s-master-install/profile.json +++ b/examples/profiles/k8s-master-install/profile.json @@ -1,5 +1,5 @@ { - "id": "kubernetes-master", + "id": "k8s-master-install", "boot": { "kernel": "/assets/coreos/983.0.0/coreos_production_pxe.vmlinuz", "initrd": ["/assets/coreos/983.0.0/coreos_production_pxe_image.cpio.gz"], diff --git a/examples/profiles/k8s-master/profile.json b/examples/profiles/k8s-master/profile.json index be525c4f..d3f3624a 100644 --- a/examples/profiles/k8s-master/profile.json +++ b/examples/profiles/k8s-master/profile.json @@ -1,5 +1,5 @@ { - "id": "kubernetes-master", + "id": "k8s-master", "boot": { "kernel": "/assets/coreos/983.0.0/coreos_production_pxe.vmlinuz", "initrd": ["/assets/coreos/983.0.0/coreos_production_pxe_image.cpio.gz"], diff --git a/examples/profiles/k8s-worker-install/profile.json b/examples/profiles/k8s-worker-install/profile.json index cd08e4a4..d131a250 100644 --- a/examples/profiles/k8s-worker-install/profile.json +++ b/examples/profiles/k8s-worker-install/profile.json @@ -1,5 +1,5 @@ { - "id": "kubernetes-worker", + "id": "k8s-worker-install", "boot": { "kernel": "/assets/coreos/983.0.0/coreos_production_pxe.vmlinuz", "initrd": ["/assets/coreos/983.0.0/coreos_production_pxe_image.cpio.gz"], diff --git a/examples/profiles/k8s-worker/profile.json b/examples/profiles/k8s-worker/profile.json index e6c28b23..aa493303 100644 --- a/examples/profiles/k8s-worker/profile.json +++ b/examples/profiles/k8s-worker/profile.json @@ -1,5 +1,5 @@ { - "id": "kubernetes-worker", + "id": "k8s-worker", "boot": { "kernel": "/assets/coreos/983.0.0/coreos_production_pxe.vmlinuz", "initrd": ["/assets/coreos/983.0.0/coreos_production_pxe_image.cpio.gz"],