github-personal/matchbox
1
0
Fork 0
mirror of https://github.com/outbackdingo/matchbox.git synced 2026-01-27 10:19:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

examples/etcd: Use DNS names in etcd clusters, no IPs

Browse Source 
* Use DNS names to refer to nodes in etcd examples to mirror
production
* Add dnsmasq.conf files for metal0 (rkt) and docker0 examples
which include static MAC->IP and Name->IP mappings
* Remove the etcd-docker example cluster, no longer needed
This commit is contained in:
Dalton Hubble
2016-07-22 13:57:32 -07:00
parent 07e8289282
commit ed0f54da27
19 changed files with 68 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Documentation/getting-started-docker.md
View File

@@ -31,11 +31,11 @@ Download CoreOS image assets referenced by the `etcd-docker` [example](../exampl
Run the latest `bootcfg` Docker image from `quay.io/coreos/bootcfg` with the `etcd-docker` example. The container should receive the IP address 172.17.0.2 on the `docker0` bridge.
sudo docker pull quay.io/coreos/bootcfg:latest
sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/bootcfg:Z -v $PWD/examples/groups/etcd-docker:/var/lib/bootcfg/groups:Z quay.io/coreos/bootcfg:latest -address=0.0.0.0:8080 -log-level=debug
sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/bootcfg:Z -v $PWD/examples/groups/etcd:/var/lib/bootcfg/groups:Z quay.io/coreos/bootcfg:latest -address=0.0.0.0:8080 -log-level=debug
or run the latest tagged release.
sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/bootcfg:Z -v $PWD/examples/groups/etcd-docker:/var/lib/bootcfg/groups:Z quay.io/coreos/bootcfg:v0.4.0 -address=0.0.0.0:8080 -log-level=debug
sudo docker run -p 8080:8080 --rm -v $PWD/examples:/var/lib/bootcfg:Z -v $PWD/examples/groups/etcd:/var/lib/bootcfg/groups:Z quay.io/coreos/bootcfg:v0.4.0 -address=0.0.0.0:8080 -log-level=debug
Take a look at the [etcd groups](../examples/groups/etcd-docker) to get an idea of how machines are mapped to Profiles. Explore some endpoints port mapped to localhost:8080.
@@ -47,7 +47,7 @@ Take a look at the [etcd groups](../examples/groups/etcd-docker) to get an idea
Since the virtual network has no network boot services, use the `dnsmasq` image to create an iPXE network boot environment which runs DHCP, DNS, and TFTP.
sudo docker run --rm --cap-add=NET_ADMIN quay.io/coreos/dnsmasq -d -q --dhcp-range=172.17.0.43,172.17.0.99 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe --log-queries --log-dhcp --dhcp-option=3,172.17.0.1 --address=/bootcfg.foo/172.17.0.2
sudo docker run --name dnsmasq --cap-add=NET_ADMIN -v $PWD/contrib/dnsmasq/docker0.conf:/etc/dnsmasq.conf:Z quay.io/coreos/dnsmasq -d
In this case, dnsmasq runs a DHCP server allocating IPs to VMs between 172.17.0.43 and 172.17.0.99, resolves `bootcfg.foo` to 172.17.0.2 (the IP where `bootcfg` runs), and points iPXE clients to `http://bootcfg.foo:8080/boot.ipxe`.
@@ -76,6 +76,7 @@ The example profile added autologin so you can verify that etcd works between no
Clean up the VM machines.
sudo docker rm -f dnsmasq
sudo ./scripts/libvirt poweroff
sudo ./scripts/libvirt destroy

2
Documentation/getting-started-rkt.md
View File

@@ -83,7 +83,7 @@ Trust the [CoreOS App Signing Key](https://coreos.com/security/app-signing-key/)
Run the `coreos.com/dnsmasq` ACI with rkt.
sudo rkt run coreos.com/dnsmasq:v0.3.0 --net=metal0:IP=172.15.0.3 -- -d -q --dhcp-range=172.15.0.50,172.15.0.99 --enable-tftp --tftp-root=/var/lib/tftpboot --dhcp-userclass=set:ipxe,iPXE --dhcp-boot=tag:#ipxe,undionly.kpxe --dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe --log-queries --log-dhcp --dhcp-option=3,172.15.0.1 --address=/bootcfg.foo/172.15.0.2
sudo rkt run coreos.com/dnsmasq:v0.3.0 --net=metal0:IP=172.15.0.3 --mount volume=config,target=/etc/dnsmasq.conf --volume config,kind=host,source=$PWD/contrib/dnsmasq/metal0.conf
In this case, dnsmasq runs a DHCP server allocating IPs to VMs between 172.15.0.50 and 172.15.0.99, resolves `bootcfg.foo` to 172.15.0.2 (the IP where `bootcfg` runs), and points iPXE clients to `http://bootcfg.foo:8080/boot.ipxe`.

22
contrib/dnsmasq/docker0.conf Normal file
View File

@@ -0,0 +1,22 @@
# dnsmasq.conf
dhcp-range=172.17.0.50,172.17.0.99
dhcp-option=3,172.17.0.1
dhcp-host=52:54:00:a1:9c:ae,172.17.0.21,1h
dhcp-host=52:54:00:b2:2f:86,172.17.0.22,1h
dhcp-host=52:54:00:c3:61:77,172.17.0.23,1h
enable-tftp
tftp-root=/var/lib/tftpboot
dhcp-userclass=set:ipxe,iPXE
dhcp-boot=tag:#ipxe,undionly.kpxe
dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe
log-queries
log-dhcp
address=/bootcfg.foo/172.17.0.2
address=/node1.example.com/172.17.0.21
address=/node2.example.com/172.17.0.22
address=/node3.example.com/172.17.0.23

23
contrib/dnsmasq/metal0.conf Normal file
View File

@@ -0,0 +1,23 @@
# dnsmasq.conf
no-daemon
dhcp-range=172.15.0.50,172.15.0.99
dhcp-option=3,172.15.0.1
dhcp-host=52:54:00:a1:9c:ae,172.15.0.21,1h
dhcp-host=52:54:00:b2:2f:86,172.15.0.22,1h
dhcp-host=52:54:00:c3:61:77,172.15.0.23,1h
enable-tftp
tftp-root=/var/lib/tftpboot
dhcp-userclass=set:ipxe,iPXE
dhcp-boot=tag:#ipxe,undionly.kpxe
dhcp-boot=tag:ipxe,http://bootcfg.foo:8080/boot.ipxe
log-queries
log-dhcp
address=/bootcfg.foo/172.15.0.2
address=/node1.example.com/172.15.0.21
address=/node2.example.com/172.15.0.22
address=/node3.example.com/172.15.0.23

2
examples/README.md
View File

@@ -8,7 +8,7 @@ These examples network boot and provision machines into CoreOS clusters using `b
| pxe | CoreOS via iPXE | alpha/1109.1.0 | RAM | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) |
| grub | CoreOS via GRUB2 Netboot | alpha/1109.1.0 | RAM | NA |
| pxe-disk | CoreOS via iPXE, with a root filesystem | alpha/1109.1.0 | Disk | [reference](https://coreos.com/os/docs/latest/booting-with-ipxe.html) |
| etcd, etcd-docker | iPXE boot a 3 node etcd cluster and proxy | alpha/1109.1.0 | RAM | [reference](https://coreos.com/os/docs/latest/cluster-architectures.html) |
| etcd | iPXE boot a 3 node etcd cluster and proxy | alpha/1109.1.0 | RAM | [reference](https://coreos.com/os/docs/latest/cluster-architectures.html) |
| etcd-install | Install a 3-node etcd cluster to disk | alpha/1109.1.0 | Disk | [reference](https://coreos.com/os/docs/latest/installing-to-disk.html) |
| k8s, k8s-docker | Kubernetes cluster with 1 master, 2 workers, and TLS-authentication | alpha/1109.1.0 | Disk | [tutorial](../Documentation/kubernetes.md) |
| k8s-install | Install a Kubernetes cluster to disk | alpha/1109.1.0 | Disk | [tutorial](../Documentation/kubernetes.md) |

9
examples/groups/etcd-docker/default.json
View File

@@ -1,9 +0,0 @@
{
"id": "default",
"name": "default",
"profile": "etcd-proxy",
"metadata": {
"etcd_initial_cluster": "node1=http://172.17.0.21:2380,node2=http://172.17.0.22:2380,node3=http://172.17.0.23:2380",
"fleet_metadata": "role=etcd-proxy"
}
}

17
examples/groups/etcd-docker/node1.json
View File

@@ -1,17 +0,0 @@
{
"id": "node1",
"name": "etcd Node 1",
"profile": "etcd",
"selector": {
"mac": "52:54:00:a1:9c:ae"
},
"metadata": {
"etcd_initial_cluster": "node1=http://172.17.0.21:2380,node2=http://172.17.0.22:2380,node3=http://172.17.0.23:2380",
"etcd_name": "node1",
"fleet_metadata": "role=etcd,name=node1",
"ipv4_address": "172.17.0.21",
"networkd_address": "172.17.0.21/16",
"networkd_dns": "172.17.0.3",
"networkd_gateway": "172.17.0.1"
}
}

17
examples/groups/etcd-docker/node2.json
View File

@@ -1,17 +0,0 @@
{
"id": "node2",
"name": "etcd Node 2",
"profile": "etcd",
"selector": {
"mac": "52:54:00:b2:2f:86"
},
"metadata": {
"etcd_initial_cluster": "node1=http://172.17.0.21:2380,node2=http://172.17.0.22:2380,node3=http://172.17.0.23:2380",
"etcd_name": "node2",
"fleet_metadata": "role=etcd,name=node2",
"ipv4_address": "172.17.0.22",
"networkd_address": "172.17.0.22/16",
"networkd_dns": "172.17.0.3",
"networkd_gateway": "172.17.0.1"
}
}

17
examples/groups/etcd-docker/node3.json
View File

@@ -1,17 +0,0 @@
{
"id": "node3",
"name": "etcd Node 3",
"profile": "etcd",
"selector": {
"mac": "52:54:00:c3:61:77"
},
"metadata": {
"etcd_initial_cluster": "node1=http://172.17.0.21:2380,node2=http://172.17.0.22:2380,node3=http://172.17.0.23:2380",
"etcd_name": "node3",
"fleet_metadata": "role=etcd,name=node3",
"ipv4_address": "172.17.0.23",
"networkd_address": "172.17.0.23/16",
"networkd_dns": "172.17.0.3",
"networkd_gateway": "172.17.0.1"
}
}

8
examples/groups/etcd-install/node1.json
View File

@@ -7,12 +7,8 @@
"os": "installed"
},
"metadata": {
"ipv4_address": "172.15.0.21",
"networkd_gateway": "172.15.0.1",
"networkd_dns": "172.15.0.3",
"networkd_address": "172.15.0.21/16",
"fleet_metadata": "role=etcd,name=node1",
"domain_name": "node1.example.com",
"etcd_name": "node1",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

8
examples/groups/etcd-install/node2.json
View File

@@ -7,12 +7,8 @@
"os": "installed"
},
"metadata": {
"ipv4_address": "172.15.0.22",
"networkd_gateway": "172.15.0.1",
"networkd_dns": "172.15.0.3",
"networkd_address": "172.15.0.22/16",
"fleet_metadata": "role=etcd,name=node2",
"domain_name": "node2.example.com",
"etcd_name": "node2",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

8
examples/groups/etcd-install/node3.json
View File

@@ -7,12 +7,8 @@
"os": "installed"
},
"metadata": {
"ipv4_address": "172.15.0.23",
"networkd_gateway": "172.15.0.1",
"networkd_dns": "172.15.0.3",
"networkd_address": "172.15.0.23/16",
"fleet_metadata": "role=etcd,name=node3",
"domain_name": "node3.example.com",
"etcd_name": "node3",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

3
examples/groups/etcd/default.json
View File

@@ -3,7 +3,6 @@
"name": "default",
"profile": "etcd-proxy",
"metadata": {
"fleet_metadata": "role=etcd-proxy",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

8
examples/groups/etcd/node1.json
View File

@@ -6,12 +6,8 @@
"mac": "52:54:00:a1:9c:ae"
},
"metadata": {
"ipv4_address": "172.15.0.21",
"networkd_gateway": "172.15.0.1",
"networkd_dns": "172.15.0.3",
"networkd_address": "172.15.0.21/16",
"fleet_metadata": "role=etcd,name=node1",
"domain_name": "node1.example.com",
"etcd_name": "node1",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

8
examples/groups/etcd/node2.json
View File

@@ -6,12 +6,8 @@
"mac": "52:54:00:b2:2f:86"
},
"metadata": {
"ipv4_address": "172.15.0.22",
"networkd_gateway": "172.15.0.1",
"networkd_dns": "172.15.0.3",
"networkd_address": "172.15.0.22/16",
"fleet_metadata": "role=etcd,name=node2",
"domain_name": "node2.example.com",
"etcd_name": "node2",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

8
examples/groups/etcd/node3.json
View File

@@ -6,12 +6,8 @@
"mac": "52:54:00:c3:61:77"
},
"metadata": {
"ipv4_address": "172.15.0.23",
"networkd_gateway": "172.15.0.1",
"networkd_dns": "172.15.0.3",
"networkd_address": "172.15.0.23/16",
"fleet_metadata": "role=etcd,name=node3",
"domain_name": "node3.example.com",
"etcd_name": "node3",
"etcd_initial_cluster": "node1=http://172.15.0.21:2380,node2=http://172.15.0.22:2380,node3=http://172.15.0.23:2380"
"etcd_initial_cluster": "node1=http://node1.example.com:2380,node2=http://node2.example.com:2380,node3=http://node3.example.com:2380"
}
}

7
examples/ignition/etcd-proxy.yaml
View File

@@ -10,13 +10,6 @@ systemd:
Environment="ETCD_PROXY=on"
Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379"
Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}"
- name: fleet.service
enable: true
dropins:
- name: fleet-metadata.conf
contents: |
[Service]
Environment="FLEET_METADATA={{.fleet_metadata}}"
{{ if index . "ssh_authorized_keys" }}
passwd:

24
examples/ignition/etcd.yaml
View File

@@ -8,30 +8,12 @@ systemd:
contents: |
[Service]
Environment="ETCD_NAME={{.etcd_name}}"
Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.ipv4_address}}:2379"
Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.ipv4_address}}:2380"
Environment="ETCD_ADVERTISE_CLIENT_URLS=http://{{.domain_name}}:2379"
Environment="ETCD_INITIAL_ADVERTISE_PEER_URLS=http://{{.domain_name}}:2380"
Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379"
Environment="ETCD_LISTEN_PEER_URLS=http://{{.ipv4_address}}:2380"
Environment="ETCD_LISTEN_PEER_URLS=http://{{.domain_name}}:2380"
Environment="ETCD_INITIAL_CLUSTER={{.etcd_initial_cluster}}"
Environment="ETCD_STRICT_RECONFIG_CHECK=true"
- name: fleet.service
enable: true
dropins:
- name: fleet-metadata.conf
contents: |
[Service]
Environment="FLEET_METADATA={{.fleet_metadata}}"
networkd:
units:
- name: 10-static.network
contents: |
[Match]
MACAddress={{.mac}}
[Network]
Gateway={{.networkd_gateway}}
DNS={{.networkd_dns}}
Address={{.networkd_address}}
{{ if index . "ssh_authorized_keys" }}
passwd:

2
examples/ignition/k8s-master.yaml
View File

@@ -711,7 +711,7 @@ storage:
{{ if not (index . "skip_networkd") }}
networkd:
units:
- name: 1-static.network
- name: 10-static.network
contents: |
[Match]
MACAddress={{.mac}}