github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-03 18:27:49 +00:00
Code Issues Projects Releases Wiki Activity

[fix] allow ALLOW_PRIVILEGED to be passed to kubelet and kube-api, needed for running docker in docker

Browse Source
This commit is contained in:
Jarrett Cruger
2016-05-31 19:06:48 -04:00
parent 5288a255f4
commit 372827fd5a
2 changed files with 20 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cluster/ubuntu/config-default.sh
View File

@@ -112,5 +112,8 @@ ENABLE_CLUSTER_UI="${KUBE_ENABLE_CLUSTER_UI:-true}"
# Add environment variable separated with blank space like "http_proxy=http://10.x.x.x:8080 https_proxy=https://10.x.x.x:8443" # Add environment variable separated with blank space like "http_proxy=http://10.x.x.x:8080 https_proxy=https://10.x.x.x:8443"
PROXY_SETTING=${PROXY_SETTING:-""} PROXY_SETTING=${PROXY_SETTING:-""}
# Optional: Allows kublet/kube-api to be run in privileged mode
ALLOW_PRIVILEGED=${ALLOW_PRIVILEGED:-"false"}
DEBUG=${DEBUG:-"false"} DEBUG=${DEBUG:-"false"}

15
cluster/ubuntu/util.sh
View File

@@ -245,6 +245,7 @@ KUBE_APISERVER_OPTS="\
--admission-control=${2}\ --admission-control=${2}\
--service-node-port-range=${3}\ --service-node-port-range=${3}\
--advertise-address=${4}\ --advertise-address=${4}\
--allow-privileged=${5}\
--client-ca-file=/srv/kubernetes/ca.crt\ --client-ca-file=/srv/kubernetes/ca.crt\
--tls-cert-file=/srv/kubernetes/server.cert\ --tls-cert-file=/srv/kubernetes/server.cert\
--tls-private-key-file=/srv/kubernetes/server.key" --tls-private-key-file=/srv/kubernetes/server.key"
@@ -279,9 +280,10 @@ EOF
# $3: If non-empty then the DNS server IP to configure in each pod. # $3: If non-empty then the DNS server IP to configure in each pod.
# $4: If non-empty then added to each pod's domain search list. # $4: If non-empty then added to each pod's domain search list.
# $5: Pathname of the kubelet config file or directory. # $5: Pathname of the kubelet config file or directory.
# $6: If empty then flannel is used otherwise CNI is used. # $6: Whether or not we run kubelet in priviliged mode
# $7: If empty then flannel is used otherwise CNI is used.
function create-kubelet-opts() { function create-kubelet-opts() {
if [ -n "$6" ] ; then if [ -n "$7" ] ; then
cni_opts=" --network-plugin=cni --network-plugin-dir=/etc/cni/net.d" cni_opts=" --network-plugin=cni --network-plugin-dir=/etc/cni/net.d"
else else
cni_opts="" cni_opts=""
@@ -294,6 +296,7 @@ KUBELET_OPTS="\
--cluster-dns=${3} \ --cluster-dns=${3} \
--cluster-domain=${4} \ --cluster-domain=${4} \
--config=${5} \ --config=${5} \
--allow-privileged=${6}
$cni_opts" $cni_opts"
EOF EOF
} }
@@ -472,7 +475,8 @@ function provision-master() {
'${SERVICE_CLUSTER_IP_RANGE}' \ '${SERVICE_CLUSTER_IP_RANGE}' \
'${ADMISSION_CONTROL}' \ '${ADMISSION_CONTROL}' \
'${SERVICE_NODE_PORT_RANGE}' \ '${SERVICE_NODE_PORT_RANGE}' \
'${MASTER_IP}' '${MASTER_IP}' \
'${ALLOW_PRIVILIGED}'
create-kube-controller-manager-opts '${NODE_IPS}' create-kube-controller-manager-opts '${NODE_IPS}'
create-kube-scheduler-opts create-kube-scheduler-opts
create-flanneld-opts '127.0.0.1' '${MASTER_IP}' create-flanneld-opts '127.0.0.1' '${MASTER_IP}'
@@ -553,6 +557,7 @@ function provision-node() {
'${DNS_SERVER_IP}' \ '${DNS_SERVER_IP}' \
'${DNS_DOMAIN}' \ '${DNS_DOMAIN}' \
'${KUBELET_CONFIG}' \ '${KUBELET_CONFIG}' \
'${ALLOW_PRIVILEGED}' \
'${CNI_PLUGIN_CONF}' '${CNI_PLUGIN_CONF}'
create-kube-proxy-opts \ create-kube-proxy-opts \
'${1#*@}' \ '${1#*@}' \
@@ -644,7 +649,8 @@ function provision-masterandnode() {
'${SERVICE_CLUSTER_IP_RANGE}' \ '${SERVICE_CLUSTER_IP_RANGE}' \
'${ADMISSION_CONTROL}' \ '${ADMISSION_CONTROL}' \
'${SERVICE_NODE_PORT_RANGE}' \ '${SERVICE_NODE_PORT_RANGE}' \
'${MASTER_IP}' '${MASTER_IP}' \
'${ALLOW_PRIVILEGED}'
create-kube-controller-manager-opts '${NODE_IPS}' create-kube-controller-manager-opts '${NODE_IPS}'
create-kube-scheduler-opts create-kube-scheduler-opts
create-kubelet-opts \ create-kubelet-opts \
@@ -653,6 +659,7 @@ function provision-masterandnode() {
'${DNS_SERVER_IP}' \ '${DNS_SERVER_IP}' \
'${DNS_DOMAIN}' \ '${DNS_DOMAIN}' \
'${KUBELET_CONFIG}' \ '${KUBELET_CONFIG}' \
'${ALLOW_PRIVILEGED}' \
'${CNI_PLUGIN_CONF}' '${CNI_PLUGIN_CONF}'
create-kube-proxy-opts \ create-kube-proxy-opts \
'${MASTER_IP}' \ '${MASTER_IP}' \