mirror/ typhoon
1
0
Fork 0
mirror of https://github.com/poseidon/typhoon synced 2024-05-13 02:56:11 +02:00
Code Issues

Set kube-apiserver kubelet preferred address types 

* Prefer InternalIP and ExternalIP over the node's hostname,
to match upstream behavior and kubeadm
* Previously, hostname-override was used to set node names
to internal IP's to work around some cloud providers not
resolving hostnames for instances (e.g. DO droplets)
This commit is contained in:
Dalton Hubble 2018-11-03 15:04:08 -07:00
parent 78c9fdc18f
commit 721c847943
29 changed files with 68 additions and 161 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES.md
View File

@ -4,6 +4,8 @@ Notable changes between versions.
## Latest
* Change kube-apiserver `--kubelet-preferred-address-types` to InternalIP,ExternalIP,Hostname
## v1.12.2
* Kubernetes [v1.12.2](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.12.md#v1122)

10
README.md
View File

@ -87,10 +87,10 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
```sh
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2
NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
```
List the pods.
@ -102,6 +102,7 @@ kube-system calico-node-1cs8z 2/2 Running 0
kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-h90v8 1/1 Running 1 6m
@ -111,6 +112,7 @@ kube-system kube-proxy-njn47 1/1 Running 0
kube-system kube-scheduler-3895335239-5x87r 1/1 Running 0 6m
kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1 6m
kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m
kube-system pod-checkpointer-l6lrt-controller-0 1/1 Running 0 6m
```
## Non-Goals

2
aws/container-linux/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

2
aws/fedora-atomic/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

16
aws/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
View File

@ -19,24 +19,9 @@ write_files:
ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt
ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key
ETCD_PEER_CLIENT_CERT_AUTH=true
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/latest/meta-data/local-ipv4\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: |
[Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service
[Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -97,7 +82,6 @@ runcmd:
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0"
- [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service]
- [systemctl, start, --no-block, kubelet.service]
users:
- default

16
aws/fedora-atomic/kubernetes/workers/cloudinit/worker.yaml.tmpl
View File

@ -1,23 +1,8 @@
#cloud-config
write_files:
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/latest/meta-data/local-ipv4\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: |
[Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service
[Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -69,7 +54,6 @@ bootcmd:
runcmd:
- [systemctl, daemon-reload]
- [systemctl, restart, NetworkManager]
- [systemctl, enable, cloud-metadata.service]
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- [systemctl, start, --no-block, kubelet.service]
users:

2
azure/container-linux/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

2
bare-metal/container-linux/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${var.k8s_domain_name}"]

2
bare-metal/fedora-atomic/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${var.k8s_domain_name}"]

2
digital-ocean/container-linux/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

4
digital-ocean/container-linux/kubernetes/cl/controller.yaml.tmpl
View File

@ -56,12 +56,9 @@ systemd:
contents: |
[Unit]
Description=Kubelet via Hyperkube
Requires=coreos-metadata.service
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
EnvironmentFile=/etc/kubernetes/kubelet.env
EnvironmentFile=/run/metadata/coreos
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \
--volume=resolv,kind=host,source=/etc/resolv.conf \
--mount volume=resolv,target=/etc/resolv.conf \
@ -93,7 +90,6 @@ systemd:
--cluster_domain=${cluster_domain_suffix} \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--exit-on-lock-contention \
--hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
--kubeconfig=/etc/kubernetes/kubeconfig \
--lock-file=/var/run/lock/kubelet.lock \
--network-plugin=cni \

4
digital-ocean/container-linux/kubernetes/cl/worker.yaml.tmpl
View File

@ -31,12 +31,9 @@ systemd:
contents: |
[Unit]
Description=Kubelet via Hyperkube
Requires=coreos-metadata.service
After=coreos-metadata.service
Wants=rpc-statd.service
[Service]
EnvironmentFile=/etc/kubernetes/kubelet.env
EnvironmentFile=/run/metadata/coreos
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/cache/kubelet-pod.uuid \
--volume=resolv,kind=host,source=/etc/resolv.conf \
--mount volume=resolv,target=/etc/resolv.conf \
@ -66,7 +63,6 @@ systemd:
--cluster_domain=${cluster_domain_suffix} \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--exit-on-lock-contention \
--hostname-override=$${COREOS_DIGITALOCEAN_IPV4_PRIVATE_0} \
--kubeconfig=/etc/kubernetes/kubeconfig \
--lock-file=/var/run/lock/kubelet.lock \
--network-plugin=cni \

2
digital-ocean/fedora-atomic/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

16
digital-ocean/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
View File

@ -19,24 +19,9 @@ write_files:
ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt
ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key
ETCD_PEER_CLIENT_CERT_AUTH=true
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: |
[Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service
[Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -94,7 +79,6 @@ runcmd:
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0"
- [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service]
- [systemctl, enable, kubelet.path]
- [systemctl, start, --no-block, kubelet.path]
users:

16
digital-ocean/fedora-atomic/kubernetes/cloudinit/worker.yaml.tmpl
View File

@ -1,23 +1,8 @@
#cloud-config
write_files:
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
--url http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: |
[Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service
[Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -66,7 +51,6 @@ bootcmd:
- [modprobe, ip_vs]
runcmd:
- [systemctl, daemon-reload]
- [systemctl, enable, cloud-metadata.service]
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- [systemctl, enable, kubelet.path]
- [systemctl, start, --no-block, kubelet.path]

11
docs/atomic/aws.md
View File

@ -155,10 +155,10 @@ In 5-10 minutes, the Kubernetes cluster will be ready.
```
$ export KUBECONFIG=/home/user/.secrets/clusters/tempest/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
ip-10-0-12-221 Ready 34m v1.12.2
ip-10-0-19-112 Ready 34m v1.12.2
ip-10-0-4-22 Ready 34m v1.12.2
NAME STATUS ROLES AGE VERSION
ip-10-0-3-155 Ready controller,master 10m v1.12.2
ip-10-0-26-65 Ready node 10m v1.12.2
ip-10-0-41-21 Ready node 10m v1.12.2
```
List the pods.
@ -170,6 +170,7 @@ kube-system calico-node-1m5bf 2/2 Running 0
kube-system calico-node-7jmr1 2/2 Running 0 34m
kube-system calico-node-bknc8 2/2 Running 0 34m
kube-system coredns-1187388186-wx1lg 1/1 Running 0 34m
kube-system coredns-1187388186-qjnvp 1/1 Running 0 34m
kube-system kube-apiserver-4mjbk 1/1 Running 0 34m
kube-system kube-controller-manager-3597210155-j2jbt 1/1 Running 1 34m
kube-system kube-controller-manager-3597210155-j7g7x 1/1 Running 0 34m
@ -179,7 +180,7 @@ kube-system kube-proxy-sbbsh 1/1 Running 0
kube-system kube-scheduler-3359497473-5plhf 1/1 Running 0 34m
kube-system kube-scheduler-3359497473-r7zg7 1/1 Running 1 34m
kube-system pod-checkpointer-4kxtl 1/1 Running 0 34m
kube-system pod-checkpointer-4kxtl-ip-10-0-12-221 1/1 Running 0 33m
kube-system pod-checkpointer-4kxtl-ip-10-0-3-155 1/1 Running 0 33m
```
## Going Further

9
docs/atomic/bare-metal.md
View File

@ -360,10 +360,10 @@ bootkube[5]: Tearing down temporary bootstrap control plane...
```
$ export KUBECONFIG=/home/user/.secrets/clusters/mercury/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
node1.example.com Ready 11m v1.12.2
node2.example.com Ready 11m v1.12.2
node3.example.com Ready 11m v1.12.2
NAME STATUS ROLES AGE VERSION
node1.example.com Ready controller,master 10m v1.12.2
node2.example.com Ready node 10m v1.12.2
node3.example.com Ready node 10m v1.12.2
```
List the pods.
@ -374,6 +374,7 @@ NAMESPACE NAME READY STATUS RES
kube-system calico-node-6qp7f 2/2 Running 1 11m
kube-system calico-node-gnjrm 2/2 Running 0 11m
kube-system calico-node-llbgt 2/2 Running 0 11m
kube-system coredns-1187388186-dj3pd 1/1 Running 0 11m
kube-system coredns-1187388186-mx9rt 1/1 Running 0 11m
kube-system kube-apiserver-7336w 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m

11
docs/atomic/digital-ocean.md
View File

@ -151,10 +151,10 @@ In 3-6 minutes, the Kubernetes cluster will be ready.
```
$ export KUBECONFIG=/home/user/.secrets/clusters/nemo/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
10.132.110.130 Ready 10m v1.12.2
10.132.115.81 Ready 10m v1.12.2
10.132.124.107 Ready 10m v1.12.2
NAME STATUS ROLES AGE VERSION
nemo-controller-0 Ready controller,master 10m v1.12.2
nemo-worker-0 Ready node 10m v1.12.2
nemo-worker-1 Ready node 10m v1.12.2
```
List the pods.
@ -162,6 +162,7 @@ List the pods.
```
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-1187388186-ld1j7 1/1 Running 0 11m
kube-system coredns-1187388186-rdhf7 1/1 Running 0 11m
kube-system kube-apiserver-n10qr 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-37gtw 1/1 Running 1 11m
kube-system kube-controller-manager-3271970485-p52t5 1/1 Running 0 11m
@ -174,7 +175,7 @@ kube-system kube-proxy-k35rc 1/1 Running 0
kube-system kube-scheduler-3895335239-2bc4c 1/1 Running 0 11m
kube-system kube-scheduler-3895335239-b7q47 1/1 Running 1 11m
kube-system pod-checkpointer-pr1lq 1/1 Running 0 11m
kube-system pod-checkpointer-pr1lq-10.132.115.81 1/1 Running 0 10m
kube-system pod-checkpointer-pr1lq-nemo-controller-0 1/1 Running 0 10m
```
## Going Further

9
docs/atomic/google-cloud.md
View File

@ -196,10 +196,10 @@ In 5-10 minutes, the Kubernetes cluster will be ready.
```
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2
NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
```
List the pods.
@ -210,6 +210,7 @@ NAMESPACE NAME READY STATUS RESTART
kube-system calico-node-1cs8z 2/2 Running 0 6m
kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m

11
docs/cl/aws.md
View File

@ -168,10 +168,10 @@ In 4-8 minutes, the Kubernetes cluster will be ready.
```
$ export KUBECONFIG=/home/user/.secrets/clusters/tempest/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
ip-10-0-12-221 Ready 34m v1.12.2
ip-10-0-19-112 Ready 34m v1.12.2
ip-10-0-4-22 Ready 34m v1.12.2
NAME STATUS ROLES AGE VERSION
ip-10-0-3-155 Ready controller,master 10m v1.12.2
ip-10-0-26-65 Ready node 10m v1.12.2
ip-10-0-41-21 Ready node 10m v1.12.2
```
List the pods.
@ -183,6 +183,7 @@ kube-system calico-node-1m5bf 2/2 Running 0
kube-system calico-node-7jmr1 2/2 Running 0 34m
kube-system calico-node-bknc8 2/2 Running 0 34m
kube-system coredns-1187388186-wx1lg 1/1 Running 0 34m
kube-system coredns-1187388186-qjnvp 1/1 Running 0 34m
kube-system kube-apiserver-4mjbk 1/1 Running 0 34m
kube-system kube-controller-manager-3597210155-j2jbt 1/1 Running 1 34m
kube-system kube-controller-manager-3597210155-j7g7x 1/1 Running 0 34m
@ -192,7 +193,7 @@ kube-system kube-proxy-sbbsh 1/1 Running 0
kube-system kube-scheduler-3359497473-5plhf 1/1 Running 0 34m
kube-system kube-scheduler-3359497473-r7zg7 1/1 Running 1 34m
kube-system pod-checkpointer-4kxtl 1/1 Running 0 34m
kube-system pod-checkpointer-4kxtl-ip-10-0-12-221 1/1 Running 0 33m
kube-system pod-checkpointer-4kxtl-ip-10-0-3-155 1/1 Running 0 33m
```
## Going Further

3
docs/cl/azure.md
View File

@ -112,7 +112,7 @@ module "azure-ramius" {
asset_dir = "/home/user/.secrets/clusters/ramius"
# optional
worker_count = 3
worker_count = 2
host_cidr = "10.0.0.0/20"
}
```
@ -168,7 +168,6 @@ NAME STATUS ROLES AGE VERSION
ramius-controller-0 Ready controller,master 24m v1.12.2
ramius-worker-000001 Ready node 25m v1.12.2
ramius-worker-000002 Ready node 24m v1.12.2
ramius-worker-000005 Ready node 24m v1.12.2
```
List the pods.

9
docs/cl/bare-metal.md
View File

@ -317,10 +317,10 @@ bootkube[5]: Tearing down temporary bootstrap control plane...
```
$ export KUBECONFIG=/home/user/.secrets/clusters/mercury/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
node1.example.com Ready 11m v1.12.2
node2.example.com Ready 11m v1.12.2
node3.example.com Ready 11m v1.12.2
NAME STATUS ROLES AGE VERSION
node1.example.com Ready controller,master 10m v1.12.2
node2.example.com Ready node 10m v1.12.2
node3.example.com Ready node 10m v1.12.2
```
List the pods.
@ -331,6 +331,7 @@ NAMESPACE NAME READY STATUS RES
kube-system calico-node-6qp7f 2/2 Running 1 11m
kube-system calico-node-gnjrm 2/2 Running 0 11m
kube-system calico-node-llbgt 2/2 Running 0 11m
kube-system coredns-1187388186-dj3pd 1/1 Running 0 11m
kube-system coredns-1187388186-mx9rt 1/1 Running 0 11m
kube-system kube-apiserver-7336w 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-b9chx 1/1 Running 0 11m

11
docs/cl/digital-ocean.md
View File

@ -163,10 +163,10 @@ In 3-6 minutes, the Kubernetes cluster will be ready.
```
$ export KUBECONFIG=/home/user/.secrets/clusters/nemo/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
10.132.110.130 Ready 10m v1.12.2
10.132.115.81 Ready 10m v1.12.2
10.132.124.107 Ready 10m v1.12.2
NAME STATUS ROLES AGE VERSION
nemo-controller-0 Ready controller,master 10m v1.12.2
nemo-worker-0 Ready node 10m v1.12.2
nemo-worker-1 Ready node 10m v1.12.2
```
List the pods.
@ -174,6 +174,7 @@ List the pods.
```
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-1187388186-ld1j7 1/1 Running 0 11m
kube-system coredns-1187388186-rdhf7 1/1 Running 0 11m
kube-system kube-apiserver-n10qr 1/1 Running 0 11m
kube-system kube-controller-manager-3271970485-37gtw 1/1 Running 1 11m
kube-system kube-controller-manager-3271970485-p52t5 1/1 Running 0 11m
@ -186,7 +187,7 @@ kube-system kube-proxy-k35rc 1/1 Running 0
kube-system kube-scheduler-3895335239-2bc4c 1/1 Running 0 11m
kube-system kube-scheduler-3895335239-b7q47 1/1 Running 1 11m
kube-system pod-checkpointer-pr1lq 1/1 Running 0 11m
kube-system pod-checkpointer-pr1lq-10.132.115.81 1/1 Running 0 10m
kube-system pod-checkpointer-pr1lq-nemo-controller-0 1/1 Running 0 10m
```
## Going Further

9
docs/cl/google-cloud.md
View File

@ -171,10 +171,10 @@ In 4-8 minutes, the Kubernetes cluster will be ready.
```
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2
NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
```
List the pods.
@ -185,6 +185,7 @@ NAMESPACE NAME READY STATUS RESTART
kube-system calico-node-1cs8z 2/2 Running 0 6m
kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m

10
docs/index.md
View File

@ -86,10 +86,10 @@ In 4-8 minutes (varies by platform), the cluster will be ready. This Google Clou
```
$ export KUBECONFIG=/home/user/.secrets/clusters/yavin/auth/kubeconfig
$ kubectl get nodes
NAME STATUS AGE VERSION
yavin-controller-0.c.example-com.internal Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal Ready 5m v1.12.2
NAME ROLES STATUS AGE VERSION
yavin-controller-0.c.example-com.internal controller,master Ready 6m v1.12.2
yavin-worker-jrbf.c.example-com.internal node Ready 5m v1.12.2
yavin-worker-mzdm.c.example-com.internal node Ready 5m v1.12.2
```
List the pods.
@ -100,6 +100,7 @@ NAMESPACE NAME READY STATUS RESTART
kube-system calico-node-1cs8z 2/2 Running 0 6m
kube-system calico-node-d1l5b 2/2 Running 0 6m
kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system coredns-1187388186-dkh3o 1/1 Running 0 6m
kube-system coredns-1187388186-zj5dl 1/1 Running 0 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m
@ -110,6 +111,7 @@ kube-system kube-proxy-njn47 1/1 Running 0
kube-system kube-scheduler-3895335239-5x87r 1/1 Running 0 6m
kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1 6m
kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m
kube-system pod-checkpointer-l6lrt-controller-0 1/1 Running 0 6m
```
## Help

2
google-cloud/container-linux/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

2
google-cloud/fedora-atomic/kubernetes/bootkube.tf
View File

@ -1,6 +1,6 @@
# Self-hosted Kubernetes assets (kubeconfig, manifests)
module "bootkube" {
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=f39f8294c465397e622c606174e6f412ee3ca0f8"
source = "git::https://github.com/poseidon/terraform-render-bootkube.git?ref=365d089610b1690db3dabbdbf756fcf6bb6a7a37"
cluster_name = "${var.cluster_name}"
api_servers = ["${format("%s.%s", var.cluster_name, var.dns_zone)}"]

17
google-cloud/fedora-atomic/kubernetes/cloudinit/controller.yaml.tmpl
View File

@ -19,25 +19,9 @@ write_files:
ETCD_PEER_CERT_FILE=/etc/ssl/certs/etcd/peer.crt
ETCD_PEER_KEY_FILE=/etc/ssl/certs/etcd/peer.key
ETCD_PEER_CLIENT_CERT_AUTH=true
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
-H "Metadata-Flavor: Google"\
--url http://metadata.google.internal/computeMetadata/v1/instance/hostname\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: |
[Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service
[Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -98,7 +82,6 @@ runcmd:
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- "atomic install --system --name=bootkube quay.io/poseidon/bootkube:v0.13.0"
- [systemctl, start, --no-block, etcd.service]
- [systemctl, enable, cloud-metadata.service]
- [systemctl, start, --no-block, kubelet.service]
users:
- default

17
google-cloud/fedora-atomic/kubernetes/workers/cloudinit/worker.yaml.tmpl
View File

@ -1,24 +1,8 @@
#cloud-config
write_files:
- path: /etc/systemd/system/cloud-metadata.service
content: |
[Unit]
Description=Cloud metadata agent
[Service]
Type=oneshot
Environment=OUTPUT=/run/metadata/cloud
ExecStart=/usr/bin/mkdir -p /run/metadata
ExecStart=/usr/bin/bash -c 'echo "HOSTNAME_OVERRIDE=$(curl\
-H "Metadata-Flavor: Google"\
--url http://metadata.google.internal/computeMetadata/v1/instance/hostname\
--retry 10)" > $${OUTPUT}'
[Install]
WantedBy=multi-user.target
- path: /etc/systemd/system/kubelet.service.d/10-typhoon.conf
content: |
[Unit]
Requires=cloud-metadata.service
After=cloud-metadata.service
Wants=rpc-statd.service
[Service]
ExecStartPre=/bin/mkdir -p /opt/cni/bin
@ -70,7 +54,6 @@ bootcmd:
runcmd:
- [systemctl, daemon-reload]
- [systemctl, restart, NetworkManager]
- [systemctl, enable, cloud-metadata.service]
- "atomic install --system --name=kubelet quay.io/poseidon/kubelet:v1.12.2"
- [systemctl, start, --no-block, kubelet.service]
users: