From e02f8f7a9e58768da9743fbeb7bb1c0848ca2e94 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Fri, 17 Feb 2017 15:10:37 -0800 Subject: [PATCH] examples: Update etcd3 (etcd-member) and use the etcd3 gateway --- Documentation/getting-started-docker.md | 13 +++--- Documentation/getting-started-rkt.md | 17 +++---- examples/groups/etcd3-install/gateway.json | 11 +++++ examples/groups/etcd3-install/proxy.json | 11 ----- examples/groups/etcd3/gateway.json | 8 ++++ examples/groups/etcd3/proxy.json | 8 ---- examples/ignition/etcd3-gateway.yaml | 31 +++++++++++++ examples/ignition/etcd3-proxy.yaml | 45 ------------------- examples/ignition/etcd3.yaml | 42 ++++++----------- .../{etcd3-proxy.json => etcd3-gateway.json} | 8 ++-- 10 files changed, 83 insertions(+), 111 deletions(-) create mode 100644 examples/groups/etcd3-install/gateway.json delete mode 100644 examples/groups/etcd3-install/proxy.json create mode 100644 examples/groups/etcd3/gateway.json delete mode 100644 examples/groups/etcd3/proxy.json create mode 100644 examples/ignition/etcd3-gateway.yaml delete mode 100644 examples/ignition/etcd3-proxy.yaml rename examples/profiles/{etcd3-proxy.json => etcd3-gateway.json} (80%) diff --git a/Documentation/getting-started-docker.md b/Documentation/getting-started-docker.md index 44a410e2..bba9d17f 100644 --- a/Documentation/getting-started-docker.md +++ b/Documentation/getting-started-docker.md @@ -1,7 +1,7 @@ # Getting Started with Docker -In this tutorial, we'll run `matchbox` on your Linux machine with Docker to network boot and provision a cluster of QEMU/KVM CoreOS machines locally. You'll be able to create Kubernetes clusters, etcd clusters, and test network setups. +In this tutorial, we'll run `matchbox` on your Linux machine with Docker to network boot and provision a cluster of QEMU/KVM CoreOS machines locally. You'll be able to create Kubernetes clusters, etcd3 clusters, and test network setups. *Note*: To provision physical machines, see [network setup](network-setup.md) and [deployment](deployment.md). @@ -39,9 +39,9 @@ For development convenience, add `/etc/hosts` entries for nodes so they may be r Run the latest `matchbox` Docker image from `quay.io/coreos/matchbox` with the `etcd-docker` example. The container should receive the IP address 172.17.0.2 on the `docker0` bridge. sudo docker pull quay.io/coreos/matchbox:latest - sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd:/var/lib/matchbox/groups:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -log-level=debug + sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/matchbox:Z -v $PWD/examples/groups/etcd3:/var/lib/matchbox/groups:Z quay.io/coreos/matchbox:latest -address=0.0.0.0:8080 -log-level=debug -Take a look at the [etcd groups](../examples/groups/etcd) to get an idea of how machines are mapped to Profiles. Explore some endpoints exposed by the service, say for QEMU/KVM node1. +Take a look at the [etcd3 groups](../examples/groups/etcd3) to get an idea of how machines are mapped to Profiles. Explore some endpoints exposed by the service, say for QEMU/KVM node1. * iPXE [http://127.0.0.1:8080/ipxe?mac=52:54:00:a1:9c:ae](http://127.0.0.1:8080/ipxe?mac=52:54:00:a1:9c:ae) * Ignition [http://127.0.0.1:8080/ignition?mac=52:54:00:a1:9c:ae](http://127.0.0.1:8080/ignition?mac=52:54:00:a1:9c:ae) @@ -75,11 +75,12 @@ Use the wrapper script to act on all nodes. ## Verify -The VMs should network boot and provision themselves into a three node etcd cluster, with other nodes behaving as etcd proxies. +The VMs should network boot and provision themselves into a three node etcd3 cluster, with other nodes behaving as etcd3 gateways. -The example profile added autologin so you can verify that etcd works between nodes. +The example profile added autologin so you can verify that etcd3 works between nodes. - systemctl status etcd2 + systemctl status etcd-member + ETCDCTL_API=3 etcdctl set /message hello etcdctl get /message diff --git a/Documentation/getting-started-rkt.md b/Documentation/getting-started-rkt.md index 154da7c7..23e9f0ed 100644 --- a/Documentation/getting-started-rkt.md +++ b/Documentation/getting-started-rkt.md @@ -1,7 +1,7 @@ # Getting Started with rkt -In this tutorial, we'll run `matchbox` on your Linux machine with `rkt` and `CNI` to network boot and provision a cluster of QEMU/KVM CoreOS machines locally. You'll be able to create Kubernetes clustes, etcd clusters, and test network setups. +In this tutorial, we'll run `matchbox` on your Linux machine with `rkt` and `CNI` to network boot and provision a cluster of QEMU/KVM CoreOS machines locally. You'll be able to create Kubernetes clustes, etcd3 clusters, and test network setups. *Note*: To provision physical machines, see [network setup](network-setup.md) and [deployment](deployment.md). @@ -76,7 +76,7 @@ Trust the needed ACIs. The `devnet` wrapper script can quickly rkt run `matchbox` and `dnsmasq` in systemd transient units. Create can take the name of any example cluster in [examples](../examples). - sudo ./scripts/devnet create etcd + sudo ./scripts/devnet create etcd3 Inspect the journal logs or check the status of the systemd services. @@ -86,7 +86,7 @@ Inspect the journal logs or check the status of the systemd services. journalctl -f -u dev-matchbox journalctl -f -u dev-dnsmasq -Take a look at the [etcd groups](../examples/groups/etcd) to get an idea of how machines are mapped to Profiles. Explore some endpoints exposed by the service, say for QEMU/KVM node1. +Take a look at the [etcd3 groups](../examples/groups/etcd3) to get an idea of how machines are mapped to Profiles. Explore some endpoints exposed by the service, say for QEMU/KVM node1. * iPXE [http://172.18.0.2:8080/ipxe?mac=52:54:00:a1:9c:ae](http://172.18.0.2:8080/ipxe?mac=52:54:00:a1:9c:ae) * Ignition [http://172.18.0.2:8080/ignition?mac=52:54:00:a1:9c:ae](http://172.18.0.2:8080/ignition?mac=52:54:00:a1:9c:ae) @@ -96,8 +96,8 @@ Take a look at the [etcd groups](../examples/groups/etcd) to get an idea of how If you prefer to start the containers yourself, instead of using `devnet`: - # matchbox with etcd example - sudo rkt run --net=metal0:IP=172.18.0.2 --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd quay.io/coreos/matchbox:latest -- -address=0.0.0.0:8080 -log-level=debug + # matchbox with etcd3 example + sudo rkt run --net=metal0:IP=172.18.0.2 --mount volume=data,target=/var/lib/matchbox --volume data,kind=host,source=$PWD/examples --mount volume=groups,target=/var/lib/matchbox/groups --volume groups,kind=host,source=$PWD/examples/groups/etcd3 quay.io/coreos/matchbox:latest -- -address=0.0.0.0:8080 -log-level=debug # dnsmasq sudo rkt run coreos.com/dnsmasq:v0.3.0 --net=metal0:IP=172.18.0.3 --mount volume=config,target=/etc/dnsmasq.conf --volume config,kind=host,source=$PWD/contrib/dnsmasq/metal0.conf @@ -125,11 +125,12 @@ Use the wrapper script to act on all nodes. ## Verify -The VMs should network boot and provision themselves into a three node etcd cluster, with other nodes behaving as etcd proxies. +The VMs should network boot and provision themselves into a three node etcd3 cluster, with other nodes behaving as etcd3 gateways. -The example profile added autologin so you can verify that etcd works between nodes. +The example profile added autologin so you can verify that etcd3 works between nodes. - systemctl status etcd2 + systemctl status etcd-member + ETCDCTL_API=3 etcdctl set /message hello etcdctl get /message diff --git a/examples/groups/etcd3-install/gateway.json b/examples/groups/etcd3-install/gateway.json new file mode 100644 index 00000000..96a4c151 --- /dev/null +++ b/examples/groups/etcd3-install/gateway.json @@ -0,0 +1,11 @@ +{ + "id": "default", + "name": "default", + "profile": "etcd3-gateway", + "selector": { + "os": "installed" + }, + "metadata": { + "etcd_endpoints": "node1.example.com:2379,node2.example.com:2379,node3.example.com:2379" + } +} diff --git a/examples/groups/etcd3-install/proxy.json b/examples/groups/etcd3-install/proxy.json deleted file mode 100644 index 7c79d2a1..00000000 --- a/examples/groups/etcd3-install/proxy.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "id": "default", - "name": "default", - "profile": "etcd3-proxy", - "selector": { - "os": "installed" - }, - "metadata": { - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/groups/etcd3/gateway.json b/examples/groups/etcd3/gateway.json new file mode 100644 index 00000000..2b9370be --- /dev/null +++ b/examples/groups/etcd3/gateway.json @@ -0,0 +1,8 @@ +{ + "id": "default", + "name": "default", + "profile": "etcd3-gateway", + "metadata": { + "etcd_endpoints": "node1.example.com:2379,node2.example.com:2379,node3.example.com:2379" + } +} diff --git a/examples/groups/etcd3/proxy.json b/examples/groups/etcd3/proxy.json deleted file mode 100644 index bba738e4..00000000 --- a/examples/groups/etcd3/proxy.json +++ /dev/null @@ -1,8 +0,0 @@ -{ - "id": "default", - "name": "default", - "profile": "etcd3-proxy", - "metadata": { - "etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380" - } -} diff --git a/examples/ignition/etcd3-gateway.yaml b/examples/ignition/etcd3-gateway.yaml new file mode 100644 index 00000000..1ffae369 --- /dev/null +++ b/examples/ignition/etcd3-gateway.yaml @@ -0,0 +1,31 @@ +--- +systemd: + units: + - name: etcd-member.service + enable: true + dropins: + - name: 40-etcd-cluster.conf + contents: | + [Service] + Environment="ETCD_IMAGE_TAG=v3.1.0" + ExecStart= + ExecStart=/usr/lib/coreos/etcd-wrapper gateway start \ + --listen-addr=127.0.0.1:2379 \ + --endpoints={{.etcd_endpoints}} + - name: locksmithd.service + dropins: + - name: 40-etcd-lock.conf + contents: | + [Service] + Environment="REBOOT_STRATEGY=etcd-lock" + +{{ if index . "ssh_authorized_keys" }} +passwd: + users: + - name: core + ssh_authorized_keys: + {{ range $element := .ssh_authorized_keys }} + - {{$element}} + {{end}} +{{end}} + diff --git a/examples/ignition/etcd3-proxy.yaml b/examples/ignition/etcd3-proxy.yaml deleted file mode 100644 index b52fe068..00000000 --- a/examples/ignition/etcd3-proxy.yaml +++ /dev/null @@ -1,45 +0,0 @@ ---- -systemd: - units: - - name: etcd3.service - enable: true - contents: | - [Unit] - Description=etcd3 - Conflicts=etcd2.service - [Service] - Type=notify - Environment="RKT_OPTS=--volume=resolv,kind=host,source=/etc/resolv.conf --mount volume=resolv,target=/etc/resolv.conf" - ExecStartPre=/usr/bin/mkdir -p /var/lib/etcd3 - ExecStartPre=/usr/bin/rkt trust --prefix "coreos.com/etcd" --skip-fingerprint-review - ExecStart=/usr/bin/rkt run \ - --net=host \ - --volume data-dir,kind=host,source=/var/lib/etcd3 \ - --mount volume=data-dir,target=/var/lib/etcd3 \ - $RKT_OPTS \ - coreos.com/etcd:v3.0.6 -- \ - -proxy=on \ - -listen-client-urls=http://0.0.0.0:2379 \ - -initial-cluster={{.etcd_initial_cluster}} - Restart=always - RestartSec=0 - LimitNOFILE=40000 - TimeoutStartSec=0 - [Install] - WantedBy=multi-user.target - - name: locksmithd.service - dropins: - - name: 40-etcd-lock.conf - contents: | - [Service] - Environment="REBOOT_STRATEGY=etcd-lock" - -{{ if index . "ssh_authorized_keys" }} -passwd: - users: - - name: core - ssh_authorized_keys: - {{ range $element := .ssh_authorized_keys }} - - {{$element}} - {{end}} -{{end}} diff --git a/examples/ignition/etcd3.yaml b/examples/ignition/etcd3.yaml index 1e28040f..07112b5a 100644 --- a/examples/ignition/etcd3.yaml +++ b/examples/ignition/etcd3.yaml @@ -1,36 +1,20 @@ --- systemd: units: - - name: etcd3.service + - name: etcd-member.service enable: true - contents: | - [Unit] - Type=notify - Description=etcd3 - Conflicts=etcd2.service - [Service] - Environment="RKT_OPTS=--volume=resolv,kind=host,source=/etc/resolv.conf --mount volume=resolv,target=/etc/resolv.conf" - ExecStartPre=/usr/bin/mkdir -p /var/lib/etcd3 - ExecStartPre=/usr/bin/rkt trust --prefix "coreos.com/etcd" --skip-fingerprint-review - ExecStart=/usr/bin/rkt run \ - --net=host \ - --volume data-dir,kind=host,source=/var/lib/etcd3 \ - --mount volume=data-dir,target=/var/lib/etcd3 \ - $RKT_OPTS \ - coreos.com/etcd:v3.0.6 -- \ - -name={{.etcd_name}} \ - -advertise-client-urls=http://{{.domain_name}}:2379 \ - -initial-advertise-peer-urls=http://{{.domain_name}}:2380 \ - -listen-client-urls=http://0.0.0.0:2379 \ - -listen-peer-urls=http://0.0.0.0:2380 \ - -initial-cluster={{.etcd_initial_cluster}} \ - -data-dir=/var/lib/etcd3 - Restart=always - RestartSec=10 - LimitNOFILE=40000 - TimeoutStartSec=0 - [Install] - WantedBy=multi-user.target + dropins: + - name: 40-etcd-cluster.conf + contents: | + [Service] + Environment="ETCD_IMAGE_TAG=v3.1.0" + Environment="ETCD_NAME={{.etcd_name}}" + Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.domain_name}}:2379" + Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.domain_name}}:2380" + Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379" + Environment="ETCD_LISTEN_PEER_URLS=http://0.0.0.0:2380" + Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}" + Environment="ETCD_STRICT_RECONFIG_CHECK=true" - name: locksmithd.service dropins: - name: 40-etcd-lock.conf diff --git a/examples/profiles/etcd3-proxy.json b/examples/profiles/etcd3-gateway.json similarity index 80% rename from examples/profiles/etcd3-proxy.json rename to examples/profiles/etcd3-gateway.json index 82fba0a6..8ab3f7f1 100644 --- a/examples/profiles/etcd3-proxy.json +++ b/examples/profiles/etcd3-gateway.json @@ -1,6 +1,6 @@ { - "id": "etcd3-proxy", - "name": "etcd3-proxy", + "id": "etcd3-gateway", + "name": "etcd3-gateway", "boot": { "kernel": "/assets/coreos/1235.9.0/coreos_production_pxe.vmlinuz", "initrd": ["/assets/coreos/1235.9.0/coreos_production_pxe_image.cpio.gz"], @@ -12,5 +12,5 @@ "coreos.autologin" ] }, - "ignition_id": "etcd3-proxy.yaml" -} \ No newline at end of file + "ignition_id": "etcd3-gateway.yaml" +}