github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-10 04:27:54 +00:00
Code Issues Projects Releases Wiki Activity

AWS: make it possible to disable minion public ip association

Browse Source
This commit is contained in:
Manfred Geiler 2015-05-08 00:09:47 +02:00
parent e5b9f7421e
commit 205ed2bf6e
2 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cluster/aws/config-default.sh
View File

@ -73,3 +73,7 @@ DNS_REPLICAS=1
# Admission Controllers to invoke prior to persisting objects in cluster # Admission Controllers to invoke prior to persisting objects in cluster
ADMISSION_CONTROL=NamespaceLifecycle,NamespaceAutoProvision,LimitRanger,SecurityContextDeny,ResourceQuota ADMISSION_CONTROL=NamespaceLifecycle,NamespaceAutoProvision,LimitRanger,SecurityContextDeny,ResourceQuota
# Optional: Enable/disable public IP assignment for minions.
# Important Note: disable only if you have setup a NAT instance for internet access and configured appropriate routes!
ENABLE_MINION_PUBLIC_IP=${KUBE_ENABLE_MINION_PUBLIC_IP:-true}

25
cluster/aws/util.sh
View File

@ -82,6 +82,14 @@ function get_instance_public_ip {
--query Reservations[].Instances[].NetworkInterfaces[0].Association.PublicIp --query Reservations[].Instances[].NetworkInterfaces[0].Association.PublicIp
} }
function get_instance_private_ip {
local tagName=$1
$AWS_CMD --output text describe-instances \
--filters Name=tag:Name,Values=${tagName} \
Name=instance-state-name,Values=running \
Name=tag:KubernetesCluster,Values=${CLUSTER_ID} \
--query Reservations[].Instances[].NetworkInterfaces[0].PrivateIpAddress
}
function detect-master () { function detect-master () {
KUBE_MASTER=${MASTER_NAME} KUBE_MASTER=${MASTER_NAME}
@ -98,7 +106,12 @@ function detect-master () {
function detect-minions () { function detect-minions () {
KUBE_MINION_IP_ADDRESSES=() KUBE_MINION_IP_ADDRESSES=()
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
local minion_ip=$(get_instance_public_ip ${MINION_NAMES[$i]}) local minion_ip
if [[ "ENABLE_MINION_PUBLIC_IP" == "true" ]]; then
minion_ip=$(get_instance_public_ip ${MINION_NAMES[$i]})
else
minion_ip=$(get_instance_private_ip ${MINION_NAMES[$i]})
fi
echo "Found ${MINION_NAMES[$i]} at ${minion_ip}" echo "Found ${MINION_NAMES[$i]} at ${minion_ip}"
KUBE_MINION_IP_ADDRESSES+=("${minion_ip}") KUBE_MINION_IP_ADDRESSES+=("${minion_ip}")
done done
@ -542,6 +555,14 @@ function kube-up {
grep -v "^#" "${KUBE_ROOT}/cluster/aws/templates/format-disks.sh" grep -v "^#" "${KUBE_ROOT}/cluster/aws/templates/format-disks.sh"
grep -v "^#" "${KUBE_ROOT}/cluster/aws/templates/salt-minion.sh" grep -v "^#" "${KUBE_ROOT}/cluster/aws/templates/salt-minion.sh"
) > "${KUBE_TEMP}/minion-start-${i}.sh" ) > "${KUBE_TEMP}/minion-start-${i}.sh"
local public_ip_option
if [[ "ENABLE_MINION_PUBLIC_IP" == "true" ]]; then
public_ip_option="--associate-public-ip-address"
else
public_ip_option="--no-associate-public-ip-address"
fi
minion_id=$($AWS_CMD run-instances \ minion_id=$($AWS_CMD run-instances \
--image-id $AWS_IMAGE \ --image-id $AWS_IMAGE \
--iam-instance-profile Name=$IAM_PROFILE_MINION \ --iam-instance-profile Name=$IAM_PROFILE_MINION \
@ -550,7 +571,7 @@ function kube-up {
--private-ip-address $INTERNAL_IP_BASE.1${i} \ --private-ip-address $INTERNAL_IP_BASE.1${i} \
--key-name kubernetes \ --key-name kubernetes \
--security-group-ids $SEC_GROUP_ID \ --security-group-ids $SEC_GROUP_ID \
--associate-public-ip-address \ ${public_ip_option} \
--user-data file://${KUBE_TEMP}/minion-start-${i}.sh | json_val '["Instances"][0]["InstanceId"]') --user-data file://${KUBE_TEMP}/minion-start-${i}.sh | json_val '["Instances"][0]["InstanceId"]')
add-tag $minion_id Name ${MINION_NAMES[$i]} add-tag $minion_id Name ${MINION_NAMES[$i]}