github-personal/matchbox
1
0
Fork 0
mirror of https://github.com/outbackdingo/matchbox.git synced 2026-01-27 18:19:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e1fd5dc699c24d3720e9ae502efcc505223bfd83
matchbox/examples
History
Dalton Hubble e1fd5dc699 examples: Rewrite k8s-master from cloud-config to Ignition
2016-03-22 22:54:44 -07:00
..
cloud
examples: Add k8s install to disk example
2016-03-21 11:50:50 -07:00
ignition
examples: Rewrite k8s-master from cloud-config to Ignition
2016-03-22 22:54:44 -07:00
profiles
examples: Rewrite k8s-master from cloud-config to Ignition
2016-03-22 22:54:44 -07:00
coreos-install.yaml
examples: Fix 2-stage CoreOS install example
2016-03-17 01:48:33 -07:00
default.yaml
contrib/systemd: Add systemd build and deploy example
2016-03-15 17:06:37 -07:00
etcd-docker.yaml
examples: Update etcd examples from beta 899.6.0 to alpha 983.0.0
2016-03-19 17:29:23 -07:00
etcd-rkt.yaml
examples: Update etcd examples from beta 899.6.0 to alpha 983.0.0
2016-03-19 17:29:23 -07:00
grub.yaml
bootcfg/api,config: Rename Spec to Profile
2016-03-15 15:06:22 -07:00
k8s-docker.yaml
examples: Rewrite k8s-master from cloud-config to Ignition
2016-03-22 22:54:44 -07:00
k8s-install.yaml
examples: Add k8s install to disk example
2016-03-21 11:50:50 -07:00
k8s-rkt.yaml
examples: Rewrite k8s-master from cloud-config to Ignition
2016-03-22 22:54:44 -07:00
kubecfg-docker
examples: Add example booting Kubernetes on CNI bridge with rkt
2016-02-02 17:06:21 -08:00
kubecfg-rkt
examples: Add example booting Kubernetes on CNI bridge with rkt
2016-02-02 17:06:21 -08:00
pxe-disk.yaml
bootcfg/api,config: Rename Spec to Profile
2016-03-15 15:06:22 -07:00
pxe.yaml
bootcfg/api,config: Rename Spec to Profile
2016-03-15 15:06:22 -07:00
README.md
examples: Add k8s install to disk example
2016-03-21 11:50:50 -07:00

README.md

Examples

These examples show declarative configurations for network booting libvirt VMs into CoreOS clusters (Kubernetes, etcd) using bootcfg.

Name Description CoreOS Version FS Reference
pxe CoreOS via iPXE alpha/962.0.0 RAM reference
grub CoreOS via GRUB2 Netboot beta/899.6.0 RAM NA
pxe-disk CoreOS via iPXE, with a root filesystem alpha/962.0.0 Disk reference
coreos-install 2-stage Ignition: Install CoreOS, provision etcd cluster alpha/983.0.0 Disk reference
etcd-rkt, etcd-docker Cluster with 3 etcd nodes, 2 proxies alpha/983.0.0 RAM reference
k8s-rkt, k8s-docker Kubernetes cluster with 1 master and 2 workers, TLS-authentication alpha/983.0.0 Disk reference
k8s-install Install Kubernetes cluster with 1 master and 2 workers, TLS alpha/983.0.0+ Disk reference

Experimental

These CoreOS clusters are experimental and have NOT been hardened for production yet. They demonstrate Ignition and cloud-init provisioning of higher order clusters.

Getting Started

Get started running the bootcfg on your Linux machine to boot clusters of libvirt PXE VMs.

SSH Keys

Most example profiles configure machines with a core user and ssh_authorized_keys. Add your own key(s) as machine metadata.

---
api_version: v1alpha1
groups:
  - name: default
    profile: pxe
    metadata:
      ssh_authorized_keys:
        - "ssh-rsa pub-key-goes-here"

Kubernetes

The Kubernetes examples create Kubernetes clusters with CoreOS hosts and TLS authentication.

Assets

Download the CoreOS PXE image assets to assets/coreos. These images are served to network boot machines by bootcfg.

./scripts/get-coreos alpha 991.0.0

Note: TLS assets are served to any machines which request them. This is unsuitable for production where machines and networks are untrusted. Read about our longer term security plans at Distributed Trusted Computing.

Generate a root CA and Kubernetes TLS assets for components (admin, apiserver, worker).

rm -rf assets/tls
# for Kubernetes on CNI metal0, i.e. rkt
./scripts/tls/gen-rkt-k8s-secrets
# for Kubernetes on docker0
./scripts/tls/gen-docker-k8s-secrets

Alternately, you can add your own CA certificate, entity certificates, and entity private keys to assets/tls.

* ca.pem
* apiserver.pem
* apiserver-key.pem
* worker.pem
* worker-key.pem
* admin.pem
* admin-key.pem

See the Cluster TLS OpenSSL Generation document or Kubernetes Step by Step for more details.

Verify

Install the kubectl CLI on your host. Use the provided kubeconfig's to access the Kubernetes cluster created on rkt metal0 or docker0.

cd /path/to/coreos-baremetal
# for kubernetes on CNI metal0, i.e. rkt
kubectl --kubeconfig=examples/kubecfg-rkt get nodes
# for kubernetes on docker0
kubectl --kubeconfig=examples/kubecfg-docker get nodes

Get all pods.

kubectl --kubeconfig=examples/kubecfg-rkt get pods --all-namespaces

On my laptop, VMs download and network boot CoreOS in the first 45 seconds, the Kubernetes API becomes available after about 150 seconds, and add-on pods are scheduled by 180 seconds. On physical hosts and networks, OS and container image download times are a bit longer.

Tectonic

Now sign up for Tectonic Starter and deploy the Tectonic Console with a few kubectl commands!

Reference in New Issue View Git Blame Copy Permalink