apiserver listen on 0.0.0.0 in vagrant

cluster/vagrant/config-default.sh

@@ -21,7 +21,7 @@ NUM_MINIONS=${KUBERNETES_NUM_MINIONS-"3"}
 
 # IP LOCATIONS FOR INTERACTING WITH THE MASTER
 export KUBE_MASTER_IP="10.245.1.2"
-export KUBERNETES_MASTER="http://10.245.1.2:8080"
+export KUBERNETES_MASTER="https://10.245.1.2"
 
 # IP LOCATIONS FOR INTERACTING WITH THE MINIONS
 MINION_IP_BASE="10.245.2."

cluster/vagrant/provision-config.sh

@@ -28,6 +28,8 @@ MINION_IP_RANGES=($(eval echo "10.245.{2..${NUM_MINIONS}}.2/24"))
 MINION_SCOPES=""
 
 # simplified setup for local vagrant 2 node cluster
-MASTER_HTPASSWD=passw0rd
-
+MASTER_USER=vagrant
+MASTER_PASSWD=vagrant
 
+# Location to hold temp files for provision process
+KUBE_TEMP=/var/kube-temp

cluster/vagrant/provision-master.sh

@@ -18,12 +18,11 @@
 set -e
 source $(dirname $0)/provision-config.sh
 
-# we will run provision to update code each time we test, so we do not want to do salt install each time
-if [ ! -f "/var/kube-vagrant-setup" ]; then
-  mkdir -p /etc/salt/minion.d
-  echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
+# Update salt configuration
+mkdir -p /etc/salt/minion.d
+echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
 
-  cat <<EOF >/etc/salt/minion.d/grains.conf
+cat <<EOF >/etc/salt/minion.d/grains.conf
 grains:
   master_ip: $MASTER_IP
   etcd_servers: $MASTER_IP
@@ -32,27 +31,38 @@ grains:
     - kubernetes-master
 EOF
 
-  # Configure the salt-master
-  # Auto accept all keys from minions that try to join
-  mkdir -p /etc/salt/master.d
-  cat <<EOF >/etc/salt/master.d/auto-accept.conf
+# Configure the salt-master
+# Auto accept all keys from minions that try to join
+mkdir -p /etc/salt/master.d
+cat <<EOF >/etc/salt/master.d/auto-accept.conf
 open_mode: True
 auto_accept: True
 EOF
 
-  cat <<EOF >/etc/salt/master.d/reactor.conf
+cat <<EOF >/etc/salt/master.d/reactor.conf
 # React to new minions starting by running highstate on them.
 reactor:
   - 'salt/minion/*/start':
     - /srv/reactor/start.sls
 EOF
 
-  cat <<EOF >/etc/salt/master.d/salt-output.conf
+cat <<EOF >/etc/salt/master.d/salt-output.conf
 # Minimize the amount of output to terminal
 state_verbose: False
 state_output: mixed  
 EOF
 
+# Configure nginx authorization
+mkdir -p $KUBE_TEMP
+mkdir -p /srv/salt/nginx
+echo "Using password: $MASTER_USER:$MASTER_PASSWD"
+python $(dirname $0)/../../third_party/htpasswd/htpasswd.py -b -c ${KUBE_TEMP}/htpasswd $MASTER_USER $MASTER_PASSWD
+MASTER_HTPASSWD=$(cat ${KUBE_TEMP}/htpasswd)
+echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd
+
+# we will run provision to update code each time we test, so we do not want to do salt install each time
+if [ ! $(which salt-master) ]; then
+
   # Install Salt
   #
   # We specify -X to avoid a race condition that can cause minion failure to
@@ -67,11 +77,6 @@ EOF
   # (a new service file needs to be added for salt-api)
   curl -sS -L https://raw.githubusercontent.com/saltstack/salt-bootstrap/v2014.06.30/bootstrap-salt.sh | sh -s -- -M
 
-  mkdir -p /srv/salt/nginx
-  echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd
-
-  # a file we touch to state that base-setup is done
-  echo "Salt configured" > /var/kube-vagrant-setup
 fi
 
 # Build release

cluster/vagrant/provision-minion.sh

@@ -19,20 +19,19 @@ set -e
 source $(dirname $0)/provision-config.sh
 
 MINION_IP=$4
-# we will run provision to update code each time we test, so we do not want to do salt install each time
-if [ ! -f "/var/kube-vagrant-setup" ]; then
 
-  if [ ! "$(cat /etc/hosts | grep $MASTER_NAME)" ]; then
-    echo "Adding host entry for $MASTER_NAME"
-    echo "$MASTER_IP $MASTER_NAME" >> /etc/hosts
-  fi
+# make sure each minion has an entry in hosts file for master
+if [ ! "$(cat /etc/hosts | grep $MASTER_NAME)" ]; then
+  echo "Adding host entry for $MASTER_NAME"
+  echo "$MASTER_IP $MASTER_NAME" >> /etc/hosts
+fi
 
-  # Prepopulate the name of the Master
-  mkdir -p /etc/salt/minion.d
-  echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
+# Let the minion know who its master is
+mkdir -p /etc/salt/minion.d
+echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
 
-  # Our minions will have a pool role to distinguish them from the master.
-  cat <<EOF >/etc/salt/minion.d/grains.conf
+# Our minions will have a pool role to distinguish them from the master.
+cat <<EOF >/etc/salt/minion.d/grains.conf
 grains:
   minion_ip: $MINION_IP
   etcd_servers: $MASTER_IP
@@ -41,6 +40,8 @@ grains:
   cbr-cidr: $MINION_IP_RANGE
 EOF
 
+# we will run provision to update code each time we test, so we do not want to do salt install each time
+if [ ! $(which salt-minion) ]; then
   # Install Salt
   #
   # We specify -X to avoid a race condition that can cause minion failure to
@@ -50,8 +51,4 @@ EOF
   ## TODO this only works on systemd distros, need to find a work-around as removing -X above fails to start the services installed
   systemctl enable salt-minion
   systemctl start salt-minion
-
-  # a file we touch to state that base-setup is done
-  echo "Salt configured" > /var/kube-vagrant-setup
-
 fi