github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-06 19:52:42 +00:00
Code Issues Projects Releases Wiki Activity

Clean up READMEs and broken stuff.

Browse Source 
Move all support for clouds that are broken with this change into an `icebox` directory.  We'll move that stuff back out as we fix it up.
This commit is contained in:
Joe Beda
2014-10-01 16:17:51 -07:00
parent 29e42991c2
commit 38d5906044
49 changed files with 118 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
icebox/README.md Normal file
View File

@@ -0,0 +1,3 @@
This is a temporary directory to store code that is broken and waiting to be fixed.
As we move to binary deploys, there have been major disruptions to the way we build and deploy. Initiually this was fixed up for GCE and Vagrant. The rest of the clouds will need to be updated for this new model.

34
icebox/cluster/azure/config-default.sh Normal file
View File

@@ -0,0 +1,34 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
source $SCRIPT_DIR/../release/azure/config.sh
AZ_SSH_KEY=$HOME/.ssh/azure_rsa
AZ_SSH_CERT=$HOME/.ssh/azure.pem
AZ_IMAGE=b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04_1-LTS-amd64-server-20140926-en-us-30GB
AZ_SUBNET=Subnet-1
AZ_VNET=kube-$AZ_HSH
AZ_CS=kube-$AZ_HSH
NUM_MINIONS=4
MASTER_NAME="${INSTANCE_PREFIX}-master"
MASTER_TAG="${INSTANCE_PREFIX}-master"
MINION_TAG="${INSTANCE_PREFIX}-minion"
MINION_NAMES=($(eval echo ${INSTANCE_PREFIX}-minion-{1..${NUM_MINIONS}}))
MINION_IP_RANGES=($(eval echo "10.244.{1..${NUM_MINIONS}}.0/24"))
MINION_SCOPES=""

31
icebox/cluster/azure/templates/download-release.sh Normal file
View File

@@ -0,0 +1,31 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Download and install release
# This script assumes that the environment variable MASTER_RELEASE_TAR contains
# the release tar to download and unpack. It is meant to be pushed to the
# master and run.
echo "Downloading release ($MASTER_RELEASE_TAR)"
wget $MASTER_RELEASE_TAR
echo "Unpacking release"
rm -rf master-release || false
tar xzf master-release.tgz
echo "Running release install script"
sudo master-release/src/scripts/master-release-install.sh

60
icebox/cluster/azure/templates/salt-master.sh Normal file
View File

@@ -0,0 +1,60 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
roles:
- kubernetes-master
cloud: azure
EOF
# Auto accept all keys from minions that try to join
mkdir -p /etc/salt/master.d
cat <<EOF >/etc/salt/master.d/auto-accept.conf
auto_accept: True
EOF
cat <<EOF >/etc/salt/master.d/reactor.conf
# React to new minions starting by running highstate on them.
reactor:
- 'salt/minion/*/start':
- /srv/reactor/start.sls
EOF
mkdir -p /srv/salt/nginx
echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd
mkdir -p /etc/openvpn
umask=$(umask)
umask 0066
echo "$CA_CRT" > /etc/openvpn/ca.crt
echo "$SERVER_CRT" > /etc/openvpn/server.crt
echo "$SERVER_KEY" > /etc/openvpn/server.key
umask $umask
# Install Salt
#
# We specify -X to avoid a race condition that can cause minion failure to
# install. See https://github.com/saltstack/salt-bootstrap/issues/270
#
# -M installs the master
curl -L http://bootstrap.saltstack.com | sh -s -- -M -X
echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd

53
icebox/cluster/azure/templates/salt-minion.sh Normal file
View File

@@ -0,0 +1,53 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
mkdir -p /etc/openvpn
umask=$(umask)
umask 0066
echo "$CA_CRT" > /etc/openvpn/ca.crt
echo "$CLIENT_CRT" > /etc/openvpn/client.crt
echo "$CLIENT_KEY" > /etc/openvpn/client.key
umask $umask
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
# Turn on debugging for salt-minion
# echo "DAEMON_ARGS=\"\$DAEMON_ARGS --log-file-level=debug\"" > /etc/default/salt-minion
hostnamef=$(hostname -f)
sudo apt-get install ipcalc
netmask=$(ipcalc $MINION_IP_RANGE | grep Netmask | awk '{ print $2 }')
network=$(ipcalc $MINION_IP_RANGE | grep Address | awk '{ print $2 }')
cbrstring="$network $netmask"
# Our minions will have a pool role to distinguish them from the master.
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
roles:
- kubernetes-pool
cbr-cidr: $MINION_IP_RANGE
cloud: azure
hostnamef: $hostnamef
cbr-string: $cbrstring
EOF
# Install Salt
#
# We specify -X to avoid a race condition that can cause minion failure to
# install. See https://github.com/saltstack/salt-bootstrap/issues/270
curl -L http://bootstrap.saltstack.com | sh -s -- -X

294
icebox/cluster/azure/util.sh Normal file
View File

@@ -0,0 +1,294 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
# Use the config file specified in $KUBE_CONFIG_FILE, or default to
# config-default.sh.
source ${SCRIPT_DIR}/azure/${KUBE_CONFIG_FILE-"config-default.sh"}
function detect-minions () {
ssh_ports=($(eval echo "2200{1..$NUM_MINIONS}"))
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
MINION_NAMES[$i]=$(ssh -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net hostname -f)
done
}
function detect-master () {
KUBE_MASTER_IP=${AZ_CS}.cloudapp.net
echo "Using master: $KUBE_MASTER (external IP: $KUBE_MASTER_IP)"
}
function get-password {
file=${HOME}/.kubernetes_auth
if [ -e ${file} ]; then
user=$(cat $file | python -c 'import json,sys;print json.load(sys.stdin)["User"]')
passwd=$(cat $file | python -c 'import json,sys;print json.load(sys.stdin)["Password"]')
return
fi
user=admin
passwd=$(python -c 'import string,random; print "".join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(16))')
# Store password for reuse.
cat << EOF > ~/.kubernetes_auth
{
"User": "$user",
"Password": "$passwd"
}
EOF
chmod 0600 ~/.kubernetes_auth
}
# Verify prereqs
function verify-prereqs {
echo "OK"
# Already done in sourcing config-default, which sources
# release/azure/config.sh
}
# Instantiate a kubernetes cluster
function kube-up {
KUBE_TEMP=$(mktemp -d -t kubernetes.XXXXXX)
trap "rm -rf ${KUBE_TEMP}" EXIT
get-password
python $SCRIPT_DIR/../third_party/htpasswd/htpasswd.py -b -c \
${KUBE_TEMP}/htpasswd $user $passwd
HTPASSWD=$(cat ${KUBE_TEMP}/htpasswd)
# Generate openvpn certs
echo 01 > ${KUBE_TEMP}/ca.srl
openssl genrsa -out ${KUBE_TEMP}/ca.key
openssl req -new -x509 -days 1095 \
-key ${KUBE_TEMP}/ca.key \
-out ${KUBE_TEMP}/ca.crt \
-subj "/CN=openvpn-ca"
openssl genrsa -out ${KUBE_TEMP}/server.key
openssl req -new \
-key ${KUBE_TEMP}/server.key \
-out ${KUBE_TEMP}/server.csr \
-subj "/CN=server"
openssl x509 -req -days 1095 \
-in ${KUBE_TEMP}/server.csr \
-CA ${KUBE_TEMP}/ca.crt \
-CAkey ${KUBE_TEMP}/ca.key \
-CAserial ${KUBE_TEMP}/ca.srl \
-out ${KUBE_TEMP}/server.crt
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
openssl genrsa -out ${KUBE_TEMP}/${MINION_NAMES[$i]}.key
openssl req -new \
-key ${KUBE_TEMP}/${MINION_NAMES[$i]}.key \
-out ${KUBE_TEMP}/${MINION_NAMES[$i]}.csr \
-subj "/CN=${MINION_NAMES[$i]}"
openssl x509 -req -days 1095 \
-in ${KUBE_TEMP}/${MINION_NAMES[$i]}.csr \
-CA ${KUBE_TEMP}/ca.crt \
-CAkey ${KUBE_TEMP}/ca.key \
-CAserial ${KUBE_TEMP}/ca.srl \
-out ${KUBE_TEMP}/${MINION_NAMES[$i]}.crt
done
# Build up start up script for master
(
echo "#!/bin/bash"
echo "MASTER_NAME=${MASTER_NAME}"
echo "MASTER_RELEASE_TAR=${FULL_URL}"
echo "MASTER_HTPASSWD='${HTPASSWD}'"
echo "CA_CRT=\"$(cat ${KUBE_TEMP}/ca.crt)\""
echo "SERVER_CRT=\"$(cat ${KUBE_TEMP}/server.crt)\""
echo "SERVER_KEY=\"$(cat ${KUBE_TEMP}/server.key)\""
grep -v "^#" $SCRIPT_DIR/azure/templates/download-release.sh
grep -v "^#" $SCRIPT_DIR/azure/templates/salt-master.sh
) > ${KUBE_TEMP}/master-start.sh
echo "Starting VMs"
if [ ! -f $AZ_SSH_KEY ]; then
ssh-keygen -f $AZ_SSH_KEY -N ''
fi
if [ ! -f $AZ_SSH_CERT ]; then
openssl req -new -x509 -days 1095 -key $AZ_SSH_KEY -out $AZ_SSH_CERT \
-subj "/CN=azure-ssh-key"
fi
if [ -z "$(azure network vnet show $AZ_VNET 2>/dev/null | grep data)" ]; then
#azure network vnet create with $AZ_SUBNET
#FIXME not working
echo error create vnet $AZ_VNET with subnet $AZ_SUBNET
exit 1
fi
azure vm create \
-w $AZ_VNET \
-n $MASTER_NAME \
-l "$AZ_LOCATION" \
-t $AZ_SSH_CERT \
-e 22000 -P \
-d ${KUBE_TEMP}/master-start.sh \
-b $AZ_SUBNET \
$AZ_CS $AZ_IMAGE $USER
ssh_ports=($(eval echo "2200{1..$NUM_MINIONS}"))
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
(
echo "#!/bin/bash"
echo "MASTER_NAME=${MASTER_NAME}"
echo "MINION_IP_RANGE=${MINION_IP_RANGES[$i]}"
echo "CA_CRT=\"$(cat ${KUBE_TEMP}/ca.crt)\""
echo "CLIENT_CRT=\"$(cat ${KUBE_TEMP}/${MINION_NAMES[$i]}.crt)\""
echo "CLIENT_KEY=\"$(cat ${KUBE_TEMP}/${MINION_NAMES[$i]}.key)\""
grep -v "^#" $SCRIPT_DIR/azure/templates/salt-minion.sh
) > ${KUBE_TEMP}/minion-start-${i}.sh
azure vm create \
-c -w $AZ_VNET \
-n ${MINION_NAMES[$i]} \
-l "$AZ_LOCATION" \
-t $AZ_SSH_CERT \
-e ${ssh_ports[$i]} -P \
-d ${KUBE_TEMP}/minion-start-${i}.sh \
-b $AZ_SUBNET \
$AZ_CS $AZ_IMAGE $USER
done
azure vm endpoint create $MASTER_NAME 443
echo "Waiting for cluster initialization."
echo
echo " This will continually check to see if the API for kubernetes is reachable."
echo " This might loop forever if there was some uncaught error during start"
echo " up."
echo
until $(curl --insecure --user ${user}:${passwd} --max-time 5 \
--fail --output /dev/null --silent https://$AZ_CS.cloudapp.net/api/v1beta1/pods); do
printf "."
sleep 2
done
# Basic sanity checking
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
# Make sure docker is installed
ssh -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net which docker > /dev/null
if [ "$?" != "0" ]; then
echo "Docker failed to install on ${MINION_NAMES[$i]}. Your cluster is unlikely to work correctly."
echo "Please run ./cluster/kube-down.sh and re-create the cluster. (sorry!)"
exit 1
fi
# Make sure the kubelet is running
ssh -i $AZ_SSH_KEY -p ${ssh_ports[$i]} $AZ_CS.cloudapp.net /etc/init.d/kubelet status
if [ "$?" != "0" ]; then
echo "Kubelet failed to install on ${MINION_NAMES[$i]}. Your cluster is unlikely to work correctly."
echo "Please run ./cluster/kube-down.sh and re-create the cluster. (sorry!)"
exit 1
fi
done
echo
echo "Kubernetes cluster is running. The master is running at:"
echo
echo " https://$AZ_CS.cloudapp.net"
echo
echo "The user name and password to use is located in ~/.kubernetes_auth."
echo
echo "Security note: The server above uses a self signed certificate. This is"
echo " subject to \"Man in the middle\" type attacks."
echo
}
# Delete a kubernetes cluster
function kube-down {
echo "Bringing down cluster"
set +e
azure vm delete $MASTER_NAME -b -q
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
azure vm delete ${MINION_NAMES[$i]} -b -q
done
}
# # Update a kubernetes cluster with latest source
# function kube-push {
# # Find the release to use. Generally it will be passed when doing a 'prod'
# # install and will default to the release/config.sh version when doing a
# # developer up.
# find-release $1
# # Detect the project into $PROJECT
# detect-master
# (
# echo MASTER_RELEASE_TAR=$RELEASE_NORMALIZED/master-release.tgz
# grep -v "^#" $(dirname $0)/templates/download-release.sh
# echo "echo Executing configuration"
# echo "sudo salt '*' mine.update"
# echo "sudo salt --force-color '*' state.highstate"
# ) | gcutil ssh --project ${PROJECT} --zone ${ZONE} $KUBE_MASTER bash
# get-password
# echo "Kubernetes cluster is updated. The master is running at:"
# echo
# echo " https://${KUBE_MASTER_IP}"
# echo
# echo "The user name and password to use is located in ~/.kubernetes_auth."
# echo
# echo "Security note: The server above uses a self signed certificate. This is"
# echo " subject to \"Man in the middle\" type attacks."
# echo
# }
# # Execute prior to running tests to build a release if required for env
# function test-build-release {
# # Build source
# ${KUBE_REPO_ROOT}/hack/build-go.sh
# # Make a release
# $(dirname $0)/../release/release.sh
# }
# # Execute prior to running tests to initialize required structure
# function test-setup {
# # Detect the project into $PROJECT if it isn't set
# # gce specific
# detect-project
# if [[ ${ALREADY_UP} -ne 1 ]]; then
# # Open up port 80 & 8080 so common containers on minions can be reached
# gcutil addfirewall \
# --norespect_terminal_width \
# --project ${PROJECT} \
# --target_tags ${MINION_TAG} \
# --allowed tcp:80,tcp:8080 \
# --network ${NETWORK} \
# ${MINION_TAG}-${INSTANCE_PREFIX}-http-alt
# fi
# }
# # Execute after running tests to perform any required clean-up
# function test-teardown {
# echo "Shutting down test cluster in background."
# gcutil deletefirewall \
# --project ${PROJECT} \
# --norespect_terminal_width \
# --force \
# ${MINION_TAG}-${INSTANCE_PREFIX}-http-alt || true > /dev/null
# $(dirname $0)/../cluster/kube-down.sh > /dev/null
# }

29
icebox/cluster/local/config-default.sh Normal file
View File

@@ -0,0 +1,29 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Contains configuration values for interacting with a Local cluster
# NUMBER OF MINIONS IN THE CLUSTER
NUM_MINIONS=1
# IP LOCATIONS FOR INTERACTING WITH THE MASTER
export KUBE_MASTER_IP="127.0.0.1"
export KUBERNETES_MASTER="http://127.0.0.1:8080"
# IP LOCATIONS FOR INTERACTING WITH THE MINIONS
for (( i=0; i <${NUM_MINIONS}; i++)) do
KUBE_MINION_IP_ADDRESSES[$i]="127.0.0.1"
done

69
icebox/cluster/local/util.sh Normal file
View File

@@ -0,0 +1,69 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A library of helper functions that each provider hosting Kubernetes must implement to use cluster/kube-*.sh scripts.
source $(dirname ${BASH_SOURCE})/${KUBE_CONFIG_FILE-"config-default.sh"}
function detect-master () {
echo "KUBE_MASTER_IP: $KUBE_MASTER_IP"
echo "KUBE_MASTER: $KUBE_MASTER"
}
# Get minion IP addresses and store in KUBE_MINION_IP_ADDRESSES[]
function detect-minions {
echo "Minions already detected"
}
# Verify prereqs on host machine
function verify-prereqs {
for x in go; do
if [ "$(which $x)" == "" ]; then
echo "Can't find $x in PATH, please fix and retry."
exit 1
fi
done
}
# Instantiate a kubernetes cluster
function kube-up {
echo "Not applicable"
}
# Delete a kubernetes cluster
function kube-down {
echo "Not applicable"
}
# Update a kubernetes cluster with latest source
function kube-push {
echo "Not applicable"
}
# Execute prior to running tests to build a release if required for env
function test-build-release {
echo "Not applicable"
}
# Execute prior to running tests to initialize required structure
function test-setup {
echo "Not applicable"
}
# Execute after running tests to perform any required clean-up
function test-teardown {
echo "Not applicable"
}

29
icebox/cluster/rackspace/cloud-config/master-cloud-config.yaml Normal file
View File

@@ -0,0 +1,29 @@
#cloud-config
write_files:
- content: |
grains:
roles:
- kubernetes-master
cloud: rackspace
etcd_servers: KUBE_MASTER
path: /etc/salt/minion.d/grains.conf
- content: |
auto_accept: True
path: /etc/salt/master.d/auto-accept.conf
- content: |
reactor:
- 'salt/minion/*/start':
- /srv/reactor/start.sls
path: /etc/salt/master.d/reactor.conf
- content: |
master: KUBE_MASTER
path: /etc/salt/minion.d/master.conf
runcmd:
- [mkdir, -p, /etc/salt/minion.d]
- [mkdir, -p, /etc/salt/master.d]
- [mkdir, -p, /srv/salt/nginx]
- echo "MASTER_HTPASSWD" > /srv/salt/nginx/htpasswd
- [bash, /root/masterStart.sh]
- curl -L http://bootstrap.saltstack.com | sh -s -- -M -X

5
icebox/cluster/rackspace/cloud-config/minion-cloud-config.yaml Normal file
View File

@@ -0,0 +1,5 @@
#cloud-config
runcmd:
- [mkdir, -p, /etc/salt/minion.d]
- [bash, /root/minionStart.sh]

38
icebox/cluster/rackspace/config-default.sh Normal file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Sane defaults for dev environments. The following variables can be easily overriden
# by setting each as a ENV variable ahead of time:
# KUBE_IMAGE, KUBE_MASTER_FLAVOR, KUBE_MINION_FLAVOR, NUM_MINIONS, NOVA_NETWORK and SSH_KEY_NAME
# Shared
KUBE_IMAGE="${KUBE_IMAGE-255df5fb-e3d4-45a3-9a07-c976debf7c14}" # Ubuntu 14.04 LTS (Trusty Tahr) (PVHVM)
SSH_KEY_NAME="${SSH_KEY_NAME-id_kubernetes}"
NOVA_NETWORK_LABEL="kubernetes-pool-net"
NOVA_NETWORK_CIDR="${NOVA_NETWORK-192.168.0.0/24}"
INSTANCE_PREFIX="kubernetes"
# Master
KUBE_MASTER_FLAVOR="${KUBE_MASTER_FLAVOR-performance1-1}"
MASTER_NAME="${INSTANCE_PREFIX}-master"
MASTER_TAG="tag=${INSTANCE_PREFIX}-master"
# Minion
KUBE_MINION_FLAVOR="${KUBE_MINION_FLAVOR-performance1-1}"
RAX_NUM_MINIONS="${RAX_NUM_MINIONS-4}"
MINION_TAG="tag=${INSTANCE_PREFIX}-minion"
MINION_NAMES=($(eval echo ${INSTANCE_PREFIX}-minion-{1..${RAX_NUM_MINIONS}}))
KUBE_NETWORK=($(eval echo "10.240.{1..${RAX_NUM_MINIONS}}.0/24"))

37
icebox/cluster/rackspace/kube-up.sh Executable file
View File

@@ -0,0 +1,37 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Bring up a Kubernetes cluster.
#
# If the full release name (gs://<bucket>/<release>) is passed in then we take
# that directly. If not then we assume we are doing development stuff and take
# the defaults in the release config.
# exit on any error
set -e
source $(dirname $0)/../kube-env.sh
source $(dirname $0)/../$KUBERNETES_PROVIDER/util.sh
echo "Starting cluster using provider: $KUBERNETES_PROVIDER"
verify-prereqs
kube-up
# skipping validation for now until since machines show up as private IPs
# source $(dirname $0)/validate-cluster.sh
echo "Done"

31
icebox/cluster/rackspace/templates/download-release.sh Normal file
View File

@@ -0,0 +1,31 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Download and install release
# This script assumes that the environment variable MASTER_RELEASE_TAR contains
# the release tar to download and unpack. It is meant to be pushed to the
# master and run.
echo "Downloading release ($OBJECT_URL)"
wget $OBJECT_URL -O master-release.tgz
echo "Unpacking release"
rm -rf master-release || false
tar xzf master-release.tgz
echo "Running release install script"
sudo master-release/src/scripts/master-release-install.sh

48
icebox/cluster/rackspace/templates/salt-minion.sh Normal file
View File

@@ -0,0 +1,48 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo master: $MASTER_NAME > /etc/salt/minion.d/master.conf
# Turn on debugging for salt-minion
# echo "DAEMON_ARGS=\"\$DAEMON_ARGS --log-file-level=debug\"" > /etc/default/salt-minion
MINION_IP=$(ip -f inet a sh dev eth2 | awk -F '[ \t/]+' '/inet/ { print $3 }' )
# Our minions will have a pool role to distinguish them from the master.
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
roles:
- kubernetes-pool
cbr-cidr: $MINION_IP_RANGE
minion_ip: $MINION_IP
etcd_servers: $MASTER_NAME
EOF
#Move all of this to salt
apt-get update
apt-get install bridge-utils -y
brctl addbr cbr0
ip l set dev cbr0 up
#for loop to add routes of other minions
for i in `seq 1 $NUM_MINIONS`
do ip r a 10.240.$i.0/24 dev cbr0
done
ip l a vxlan42 type vxlan id 42 group 239.0.0.42 dev eth2
brctl addif cbr0 vxlan42
# Install Salt
#
# We specify -X to avoid a race condition that can cause minion failure to
# install. See https://github.com/saltstack/salt-bootstrap/issues/270
curl -L http://bootstrap.saltstack.com | sh -s -- -X
ip l set vxlan42 up

253
icebox/cluster/rackspace/util.sh Normal file
View File

@@ -0,0 +1,253 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A library of helper functions for deploying on Rackspace
# Use the config file specified in $KUBE_CONFIG_FILE, or default to
# config-default.sh.
source $(dirname ${BASH_SOURCE})/${KUBE_CONFIG_FILE-"config-default.sh"}
verify-prereqs() {
# Make sure that prerequisites are installed.
for x in nova; do
if [ "$(which $x)" == "" ]; then
echo "cluster/rackspace/util.sh: Can't find $x in PATH, please fix and retry."
exit 1
fi
done
}
rax-ssh-key() {
if [ ! -f $HOME/.ssh/${SSH_KEY_NAME} ]; then
echo "cluster/rackspace/util.sh: Generating SSH KEY ${HOME}/.ssh/${SSH_KEY_NAME}"
ssh-keygen -f ${HOME}/.ssh/${SSH_KEY_NAME} -N '' > /dev/null
fi
if ! $(nova keypair-list | grep $SSH_KEY_NAME > /dev/null 2>&1); then
echo "cluster/rackspace/util.sh: Uploading key to Rackspace:"
echo -e "\tnova keypair-add ${SSH_KEY_NAME} --pub-key ${HOME}/.ssh/${SSH_KEY_NAME}.pub"
nova keypair-add ${SSH_KEY_NAME} --pub-key ${HOME}/.ssh/${SSH_KEY_NAME}.pub > /dev/null 2>&1
else
echo "cluster/rackspace/util.sh: SSH key ${SSH_KEY_NAME}.pub already uploaded"
fi
}
find-object-url() {
if [ -n "$1" ]; then
CONTAINER=$1
else
local RELEASE_CONFIG_SCRIPT=$(dirname $0)/../release/rackspace/config.sh
if [ -f $(dirname $0)/../release/rackspace/config.sh ]; then
. $RELEASE_CONFIG_SCRIPT
fi
fi
TEMP_URL=$(swiftly -A ${OS_AUTH_URL} -U ${OS_USERNAME} -K ${OS_PASSWORD} tempurl GET $1/$2)
echo "cluster/rackspace/util.sh: Object temp URL:"
echo -e "\t${TEMP_URL}"
}
rax-boot-master() {
(
echo "#! /bin/bash"
echo "OBJECT_URL=\"${TEMP_URL}\""
echo "MASTER_HTPASSWD=${HTPASSWD}"
grep -v "^#" $(dirname $0)/templates/download-release.sh
) > ${KUBE_TEMP}/masterStart.sh
# Copy cloud-config to KUBE_TEMP and work some sed magic
sed -e "s/KUBE_MASTER/$MASTER_NAME/g" \
-e "s/MASTER_HTPASSWD/$HTPASSWD/" \
$(dirname $0)/cloud-config/master-cloud-config.yaml > $KUBE_TEMP/master-cloud-config.yaml
MASTER_BOOT_CMD="nova boot \
--key-name ${SSH_KEY_NAME} \
--flavor ${KUBE_MASTER_FLAVOR} \
--image ${KUBE_IMAGE} \
--meta ${MASTER_TAG} \
--user-data ${KUBE_TEMP}/master-cloud-config.yaml \
--config-drive true \
--file /root/masterStart.sh=${KUBE_TEMP}/masterStart.sh \
--nic net-id=${NETWORK_UUID} \
${MASTER_NAME}"
echo "cluster/rackspace/util.sh: Booting ${MASTER_NAME} with following command:"
echo -e "\t$MASTER_BOOT_CMD"
$MASTER_BOOT_CMD
}
rax-boot-minions() {
cp $(dirname $0)/cloud-config/minion-cloud-config.yaml \
${KUBE_TEMP}/minion-cloud-config.yaml
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
(
echo "#! /bin/bash"
echo "MASTER_NAME=${MASTER_IP}"
echo "MINION_IP_RANGE=${KUBE_NETWORK[$i]}"
echo "NUM_MINIONS=${RAX_NUM_MINIONS}"
grep -v "^#" $(dirname $0)/templates/salt-minion.sh
) > ${KUBE_TEMP}/minionStart${i}.sh
MINION_BOOT_CMD="nova boot \
--key-name ${SSH_KEY_NAME} \
--flavor ${KUBE_MINION_FLAVOR} \
--image ${KUBE_IMAGE} \
--meta ${MINION_TAG} \
--user-data ${KUBE_TEMP}/minion-cloud-config.yaml \
--config-drive true \
--nic net-id=${NETWORK_UUID} \
--file=/root/minionStart.sh=${KUBE_TEMP}/minionStart${i}.sh \
${MINION_NAMES[$i]}"
echo "cluster/rackspace/util.sh: Booting ${MINION_NAMES[$i]} with following command:"
echo -e "\t$MINION_BOOT_CMD"
$MINION_BOOT_CMD
done
}
rax-nova-network() {
if ! $(nova network-list | grep $NOVA_NETWORK_LABEL > /dev/null 2>&1); then
SAFE_CIDR=$(echo $NOVA_NETWORK_CIDR | tr -d '\\')
NETWORK_CREATE_CMD="nova network-create $NOVA_NETWORK_LABEL $SAFE_CIDR"
echo "cluster/rackspace/util.sh: Creating cloud network with following command:"
echo -e "\t${NETWORK_CREATE_CMD}"
$NETWORK_CREATE_CMD
else
echo "cluster/rackspace/util.sh: Using existing cloud network $NOVA_NETWORK_LABEL"
fi
}
detect-minions() {
KUBE_MINION_IP_ADDRESSES=()
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
local minion_ip=$(nova show --minimal ${MINION_NAMES[$i]} \
| grep accessIPv4 | awk '{print $4}')
echo "cluster/rackspace/util.sh: Found ${MINION_NAMES[$i]} at ${minion_ip}"
KUBE_MINION_IP_ADDRESSES+=("${minion_ip}")
done
if [ -z "$KUBE_MINION_IP_ADDRESSES" ]; then
echo "cluster/rackspace/util.sh: Could not detect Kubernetes minion nodes. Make sure you've launched a cluster with 'kube-up.sh'"
exit 1
fi
}
detect-master() {
KUBE_MASTER=${MASTER_NAME}
KUBE_MASTER_IP=$(nova show $KUBE_MASTER --minimal | grep accessIPv4 | awk '{print $4}')
}
# $1 should be the network you would like to get an IP address for
detect-master-nova-net() {
KUBE_MASTER=${MASTER_NAME}
MASTER_IP=$(nova show $KUBE_MASTER --minimal | grep $1 | awk '{print $5}')
}
kube-up() {
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
source $(dirname $0)/../gce/util.sh
source $(dirname $0)/util.sh
source $(dirname $0)/../../release/rackspace/config.sh
# Find the release to use. Generally it will be passed when doing a 'prod'
# install and will default to the release/config.sh version when doing a
# developer up.
find-object-url $CONTAINER output/release/$TAR_FILE
# Create a temp directory to hold scripts that will be uploaded to master/minions
KUBE_TEMP=$(mktemp -d -t kubernetes.XXXXXX)
trap "rm -rf ${KUBE_TEMP}" EXIT
get-password
python $(dirname $0)/../../third_party/htpasswd/htpasswd.py -b -c ${KUBE_TEMP}/htpasswd $user $passwd
HTPASSWD=$(cat ${KUBE_TEMP}/htpasswd)
rax-nova-network
NETWORK_UUID=$(nova network-list | grep -i ${NOVA_NETWORK_LABEL} | awk '{print $2}')
# create and upload ssh key if necessary
rax-ssh-key
echo "cluster/rackspace/util.sh: Starting Cloud Servers"
rax-boot-master
# a bit of a hack to wait until master is has an IP from the extra network
echo "cluster/rackspace/util.sh: sleeping 35 seconds"
sleep 35
detect-master-nova-net $NOVA_NETWORK_LABEL
rax-boot-minions
FAIL=0
for job in `jobs -p`
do
wait $job || let "FAIL+=1"
done
if (( $FAIL != 0 )); then
echo "${FAIL} commands failed. Exiting."
exit 2
fi
detect-master
echo "Waiting for cluster initialization."
echo
echo " This will continually check to see if the API for kubernetes is reachable."
echo " This might loop forever if there was some uncaught error during start"
echo " up."
echo
#This will fail until apiserver salt is updated
until $(curl --insecure --user ${user}:${passwd} --max-time 5 \
--fail --output /dev/null --silent https://${KUBE_MASTER_IP}/api/v1beta1/pods); do
printf "."
sleep 2
done
echo "Kubernetes cluster created."
echo "Sanity checking cluster..."
sleep 5
# Don't bail on errors, we want to be able to print some info.
set +e
sleep 45
detect-minions
echo "All minions may not be online yet, this is okay."
echo
echo "Kubernetes cluster is running. The master is running at:"
echo
echo " https://${KUBE_MASTER_IP}"
echo
echo "The user name and password to use is located in ~/.kubernetes_auth."
echo
echo "Security note: The server above uses a self signed certificate. This is"
echo " subject to \"Man in the middle\" type attacks."
echo
}

46
icebox/cluster/vsphere/config-common.sh Normal file
View File

@@ -0,0 +1,46 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
function public-key {
local dir=${HOME}/.ssh
for f in $HOME/.ssh/{id_{rsa,dsa},*}.pub; do
if [ -r $f ]; then
echo $f
return
fi
done
echo "Can't find public key file..." 1>&2
exit 1
}
DISK=./kube/kube.vmdk
GUEST_ID=debian7_64Guest
PUBLIC_KEY_FILE=${PUBLIC_KEY_FILE-$(public-key)}
SSH_OPTS="-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null"
# These need to be set
#export GOVC_URL=
#export GOVC_DATACENTER=
#export GOVC_DATASTORE=
#export GOVC_RESOURCE_POOL=
#export GOVC_NETWORK=
#export GOVC_GUEST_LOGIN='kube:kube'
# Set GOVC_INSECURE if the host in GOVC_URL is using a certificate that cannot
# be verified (i.e. a self-signed certificate), but IS trusted.
#export GOVC_INSECURE=1

29
icebox/cluster/vsphere/config-default.sh Executable file
View File

@@ -0,0 +1,29 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
source $(dirname ${BASH_SOURCE})/config-common.sh
NUM_MINIONS=4
INSTANCE_PREFIX=kubernetes
MASTER_NAME="${INSTANCE_PREFIX}-master"
MASTER_MEMORY_MB=1024
MASTER_CPU=1
MINION_NAMES=($(eval echo ${INSTANCE_PREFIX}-minion-{1..${NUM_MINIONS}}))
MINION_IP_RANGES=($(eval echo "10.244.{1..${NUM_MINIONS}}.0/24"))
MINION_MEMORY_MB=2048
MINION_CPU=1

29
icebox/cluster/vsphere/config-test.sh Executable file
View File

@@ -0,0 +1,29 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
source $(dirname ${BASH_SOURCE})/config-common.sh
NUM_MINIONS=2
INSTANCE_PREFIX="e2e-test-${USER}"
MASTER_NAME="${INSTANCE_PREFIX}-master"
MASTER_MEMORY_MB=1024
MASTER_CPU=1
MINION_NAMES=($(eval echo ${INSTANCE_PREFIX}-minion-{1..${NUM_MINIONS}}))
MINION_IP_RANGES=($(eval echo "10.244.{1..${NUM_MINIONS}}.0/24"))
MINION_MEMORY_MB=1024
MINION_CPU=1

22
icebox/cluster/vsphere/templates/hostname.sh Executable file
View File

@@ -0,0 +1,22 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Remove kube.vm from /etc/hosts
sed -i -e 's/\b\w\+.vm\b//' /etc/hosts
# Update hostname in /etc/hosts and /etc/hostname
sed -i -e "s/\\bkube\\b/${MY_NAME}/g" /etc/host{s,name}
hostname ${MY_NAME}

24
icebox/cluster/vsphere/templates/install-release.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Install release
echo "Unpacking release"
rm -rf master-release || false
tar xzf master-release.tgz
echo "Running release install script"
sudo master-release/src/scripts/master-release-install.sh

60
icebox/cluster/vsphere/templates/salt-master.sh Executable file
View File

@@ -0,0 +1,60 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Use other Debian mirror
sed -i -e "s/http.us.debian.org/mirrors.kernel.org/" /etc/apt/sources.list
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
roles:
- kubernetes-master
cloud: vsphere
EOF
# Auto accept all keys from minions that try to join
mkdir -p /etc/salt/master.d
cat <<EOF >/etc/salt/master.d/auto-accept.conf
auto_accept: True
EOF
cat <<EOF >/etc/salt/master.d/reactor.conf
# React to new minions starting by running highstate on them.
reactor:
- 'salt/minion/*/start':
- /srv/reactor/start.sls
EOF
mkdir -p /srv/salt/nginx
echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd
# Install Salt
#
# We specify -X to avoid a race condition that can cause minion failure to
# install. See https://github.com/saltstack/salt-bootstrap/issues/270
#
# -M installs the master
if [ ! -x /etc/init.d/salt-master ]; then
wget -q -O - https://bootstrap.saltstack.com | sh -s -- -M -X
else
/etc/init.d/salt-master restart
/etc/init.d/salt-minion restart
fi
echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd

55
icebox/cluster/vsphere/templates/salt-minion.sh Executable file
View File

@@ -0,0 +1,55 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Use other Debian mirror
sed -i -e "s/http.us.debian.org/mirrors.kernel.org/" /etc/apt/sources.list
# Resolve hostname of master
if ! grep -q $MASTER_NAME /etc/hosts; then
echo "Adding host entry for $MASTER_NAME"
echo "$MASTER_IP $MASTER_NAME" >> /etc/hosts
fi
# Prepopulate the name of the Master
mkdir -p /etc/salt/minion.d
echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
# Turn on debugging for salt-minion
# echo "DAEMON_ARGS=\"\$DAEMON_ARGS --log-file-level=debug\"" > /etc/default/salt-minion
# Our minions will have a pool role to distinguish them from the master.
#
# Setting the "minion_ip" here causes the kubelet to use its IP for
# identification instead of its hostname.
#
cat <<EOF >/etc/salt/minion.d/grains.conf
grains:
minion_ip: $(ip route get 1.1.1.1 | awk '{print $7}')
roles:
- kubernetes-pool
- kubernetes-pool-vsphere
cbr-cidr: $MINION_IP_RANGE
EOF
# Install Salt
#
# We specify -X to avoid a race condition that can cause minion failure to
# install. See https://github.com/saltstack/salt-bootstrap/issues/270
if [ ! -x /etc/init.d/salt-minion ]; then
wget -q -O - https://bootstrap.saltstack.com | sh -s -- -X
else
/etc/init.d/salt-minion restart
fi

306
icebox/cluster/vsphere/util.sh Normal file
View File

@@ -0,0 +1,306 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A library of helper functions and constants for the local config.
# Use the config file specified in $KUBE_CONFIG_FILE, or default to
# config-default.sh.
source $(dirname ${BASH_SOURCE})/${KUBE_CONFIG_FILE-"config-default.sh"}
function detect-master {
KUBE_MASTER=${MASTER_NAME}
if [ -z "$KUBE_MASTER_IP" ]; then
KUBE_MASTER_IP=$(govc vm.ip ${MASTER_NAME})
fi
if [ -z "$KUBE_MASTER_IP" ]; then
echo "Could not detect Kubernetes master node. Make sure you've launched a cluster with 'kube-up.sh'"
exit 1
fi
echo "Found ${KUBE_MASTER} at ${KUBE_MASTER_IP}"
}
function detect-minions {
KUBE_MINION_IP_ADDRESSES=()
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
local minion_ip=$(govc vm.ip ${MINION_NAMES[$i]})
echo "Found ${MINION_NAMES[$i]} at ${minion_ip}"
KUBE_MINION_IP_ADDRESSES+=("${minion_ip}")
done
if [ -z "$KUBE_MINION_IP_ADDRESSES" ]; then
echo "Could not detect Kubernetes minion nodes. Make sure you've launched a cluster with 'kube-up.sh'"
exit 1
fi
}
# Verify prereqs on host machine
function verify-prereqs {
if [ "$(which govc)" == "" ]; then
echo "Can't find govc in PATH, please install and retry."
echo ""
echo " go install github.com/vmware/govmomi/govc"
echo ""
exit 1
fi
}
# Run command over ssh
function kube-ssh {
local host=$1
shift
ssh ${SSH_OPTS} kube@${host} "$*" 2> /dev/null
}
# Instantiate a generic kubernetes virtual machine (master or minion)
function kube-up-vm {
local vm_name=$1
local vm_memory=$2
local vm_cpu=$3
local vm_ip=
govc vm.create \
-debug \
-m ${vm_memory} \
-c ${vm_cpu} \
-disk ${DISK} \
-g ${GUEST_ID} \
-link=true \
${vm_name}
# Retrieve IP first, to confirm the guest operations agent is running.
vm_ip=$(govc vm.ip ${vm_name})
govc guest.mkdir \
-vm ${vm_name} \
-p \
/home/kube/.ssh
govc guest.upload \
-vm ${vm_name} \
-f \
${PUBLIC_KEY_FILE} \
/home/kube/.ssh/authorized_keys
}
# Instantiate a kubernetes cluster
function kube-up {
# Build up start up script for master
KUBE_TEMP=$(mktemp -d -t kubernetes.XXXXXX)
trap "rm -rf ${KUBE_TEMP}" EXIT
get-password
python $(dirname $0)/../third_party/htpasswd/htpasswd.py -b -c ${KUBE_TEMP}/htpasswd $user $passwd
HTPASSWD=$(cat ${KUBE_TEMP}/htpasswd)
echo "Starting master VM (this can take a minute)..."
kube-up-vm ${MASTER_NAME} ${MASTER_MEMORY_MB-1024} ${MASTER_CPU-1}
# Prints master IP, so user can log in for debugging.
detect-master
echo
echo "Starting minion VMs (this can take a minute)..."
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
(
echo "#! /bin/bash"
echo "MY_NAME=${MINION_NAMES[$i]}"
grep -v "^#" $(dirname $0)/vsphere/templates/hostname.sh
echo "MASTER_NAME=${MASTER_NAME}"
echo "MASTER_IP=${KUBE_MASTER_IP}"
echo "MINION_IP_RANGE=${MINION_IP_RANGES[$i]}"
grep -v "^#" $(dirname $0)/vsphere/templates/salt-minion.sh
) > ${KUBE_TEMP}/minion-start-${i}.sh
(
kube-up-vm ${MINION_NAMES[$i]} ${MINION_MEMORY_MB-1024} ${MINION_CPU-1}
MINION_IP=$(govc vm.ip ${MINION_NAMES[$i]})
govc guest.upload \
-vm ${MINION_NAMES[$i]} \
-perm 0700 \
-f \
${KUBE_TEMP}/minion-start-${i}.sh \
/home/kube/minion-start.sh
# Kickstart start script
kube-ssh ${MINION_IP} "nohup sudo ~/minion-start.sh < /dev/null 1> minion-start.out 2> minion-start.err &"
) &
done
FAIL=0
for job in `jobs -p`
do
wait $job || let "FAIL+=1"
done
if (( $FAIL != 0 )); then
echo "${FAIL} commands failed. Exiting."
exit 2
fi
# Print minion IPs, so user can log in for debugging.
detect-minions
echo
# Continue provisioning the master.
(
echo "#! /bin/bash"
echo "MY_NAME=${MASTER_NAME}"
grep -v "^#" $(dirname $0)/vsphere/templates/hostname.sh
echo "MASTER_NAME=${MASTER_NAME}"
echo "MASTER_HTPASSWD='${HTPASSWD}'"
grep -v "^#" $(dirname $0)/vsphere/templates/install-release.sh
grep -v "^#" $(dirname $0)/vsphere/templates/salt-master.sh
) > ${KUBE_TEMP}/master-start.sh
govc guest.upload \
-vm ${MASTER_NAME} \
-perm 0700 \
-f \
${KUBE_TEMP}/master-start.sh \
/home/kube/master-start.sh
govc guest.upload \
-vm ${MASTER_NAME} \
-f \
./_output/release/master-release.tgz \
/home/kube/master-release.tgz
# Kickstart start script
kube-ssh ${KUBE_MASTER_IP} "nohup sudo ~/master-start.sh < /dev/null 1> master-start.out 2> master-start.err &"
echo "Waiting for cluster initialization."
echo
echo " This will continually check to see if the API for kubernetes is reachable."
echo " This might loop forever if there was some uncaught error during start up."
echo
until $(curl --insecure --user ${user}:${passwd} --max-time 5 \
--fail --output /dev/null --silent https://${KUBE_MASTER_IP}/api/v1beta1/pods); do
printf "."
sleep 2
done
echo "Kubernetes cluster created."
echo
echo "Sanity checking cluster..."
sleep 5
# Don't bail on errors, we want to be able to print some info.
set +e
# Basic sanity checking
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
# Make sure docker is installed
kube-ssh ${KUBE_MINION_IP_ADDRESSES[$i]} which docker > /dev/null
if [ "$?" != "0" ]; then
echo "Docker failed to install on ${MINION_NAMES[$i]}. Your cluster is unlikely to work correctly."
echo "Please run ./cluster/kube-down.sh and re-create the cluster. (sorry!)"
exit 1
fi
done
echo
echo "Kubernetes cluster is running. The master is running at:"
echo
echo " https://${KUBE_MASTER_IP}"
echo
echo "The user name and password to use is located in ~/.kubernetes_auth."
echo
echo "Security note: The server above uses a self signed certificate."
echo "This is subject to \"Man in the middle\" type attacks."
echo
}
# Delete a kubernetes cluster
function kube-down {
govc vm.destroy ${MASTER_NAME} &
for (( i=0; i<${#MINION_NAMES[@]}; i++)); do
govc vm.destroy ${MINION_NAMES[i]} &
done
wait
}
# Update a kubernetes cluster with latest source
function kube-push {
detect-master
govc guest.upload \
-vm ${MASTER_NAME} \
-f \
./_output/release/master-release.tgz \
/home/kube/master-release.tgz
(
grep -v "^#" $(dirname $0)/vsphere/templates/install-release.sh
echo "echo Executing configuration"
echo "sudo salt '*' mine.update"
echo "sudo salt --force-color '*' state.highstate"
) | kube-ssh ${KUBE_MASTER_IP} bash
get-password
echo
echo "Kubernetes cluster is updated. The master is running at:"
echo
echo " https://${KUBE_MASTER_IP}"
echo
echo "The user name and password to use is located in ~/.kubernetes_auth."
echo
}
# Execute prior to running tests to build a release if required for env
function test-build-release {
echo "TODO"
}
# Execute prior to running tests to initialize required structure
function test-setup {
echo "TODO"
}
# Execute after running tests to perform any required clean-up
function test-teardown {
echo "TODO"
}
# Set the {user} and {password} environment values required to interact with provider
function get-password {
file=${HOME}/.kubernetes_auth
if [ -e ${file} ]; then
user=$(cat $file | python -c 'import json,sys;print(json.load(sys.stdin)["User"])')
passwd=$(cat $file | python -c 'import json,sys;print(json.load(sys.stdin)["Password"])')
return
fi
user=admin
passwd=$(python -c 'import string,random; print("".join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(16)))')
# Store password for reuse.
cat << EOF > ~/.kubernetes_auth
{
"User": "$user",
"Password": "$passwd"
}
EOF
chmod 0600 ~/.kubernetes_auth
}

40
icebox/release/azure/config.sh Normal file
View File

@@ -0,0 +1,40 @@
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
INSTANCE_PREFIX=kubenertes
AZ_LOCATION='West US'
TAG=testing
if [ -z "$(which azure)" ]; then
echo "Couldn't find azure in PATH"
echo " please install with 'npm install azure-cli'"
exit 1
fi
if [ -z "$(azure account list | grep true)" ]; then
echo "Default azure account not set"
echo " please set with 'azure account set'"
exit 1
fi
account=$(azure account list | grep true | awk '{ print $2 }')
if which md5 > /dev/null 2>&1; then
AZ_HSH=$(md5 -q -s $account)
else
AZ_HSH=$(echo -n "$account" | md5sum)
fi
AZ_HSH=${AZ_HSH:0:7}
AZ_STG=kube$AZ_HSH
CONTAINER=kube-$TAG
FULL_URL="https://${AZ_STG}.blob.core.windows.net/$CONTAINER/master-release.tgz"

63
icebox/release/azure/release.sh Executable file
View File

@@ -0,0 +1,63 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script will build and release Kubernetes.
set -eu
set -o pipefail
IFS=$'\n\t'
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
function json_val () {
python -c 'import json,sys;obj=json.load(sys.stdin);print obj'$1'';
}
source $SCRIPT_DIR/config.sh
$SCRIPT_DIR/../build-release.sh $INSTANCE_PREFIX
if [ -z "$(azure storage account show $AZ_STG 2>/dev/null | \
grep data)" ]; then
azure storage account create -l "$AZ_LOCATION" $AZ_STG
fi
stg_key=$(azure storage account keys list $AZ_STG --json | \
json_val '["primaryKey"]')
if [ -z "$(azure storage container show -a $AZ_STG -k "$stg_key" \
$CONTAINER 2>/dev/null | grep data)" ]; then
azure storage container create \
-a $AZ_STG \
-k "$stg_key" \
-p Blob \
$CONTAINER
fi
if [ -n "$(azure storage blob show -a $AZ_STG -k "$stg_key" \
$CONTAINER master-release.tgz 2>/dev/null | grep data)" ]; then
azure storage blob delete \
-a $AZ_STG \
-k "$stg_key" \
$CONTAINER \
master-release.tgz
fi
azure storage blob upload \
-a $AZ_STG \
-k "$stg_key" \
$SCRIPT_DIR/../../_output/release/master-release.tgz \
$CONTAINER \
master-release.tgz

74
icebox/release/build-release.sh Executable file
View File

@@ -0,0 +1,74 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script will build a Kubernetes release tarball
# exit on any error
set -eu
set -o pipefail
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
INSTANCE_PREFIX=$1
KUBE_DIR=$SCRIPT_DIR/..
. "${KUBE_DIR}/hack/config-go.sh"
# Next build the release tar. This gets copied on to the master and installed
# from there. It includes the go source for the necessary servers along with
# the salt configs.
rm -rf $KUBE_DIR/_output/release/*
MASTER_RELEASE_DIR=$KUBE_DIR/_output/release/master-release
mkdir -p $MASTER_RELEASE_DIR/bin
mkdir -p $MASTER_RELEASE_DIR/src/scripts
echo "Building release tree"
cp $KUBE_DIR/release/master-release-install.sh $MASTER_RELEASE_DIR/src/scripts/master-release-install.sh
cp -r $KUBE_DIR/cluster/saltbase $MASTER_RELEASE_DIR/src/saltbase
# Capture the same version we are using to build the client tools and pass that
# on.
version_ldflags=$(kube::version_ldflags)
# Note: go_opt must stay in sync with the flags in hack/build-go.sh.
cat << EOF > $MASTER_RELEASE_DIR/src/saltbase/pillar/common.sls
instance_prefix: $INSTANCE_PREFIX-minion
go_opt: -ldflags '${version_ldflags}'
EOF
function find_go_files() {
find * -not \( \
\( \
-wholename 'release' \
-o -wholename 'output' \
-o -wholename '_output' \
-o -wholename 'examples' \
-o -wholename 'test' \
\) -prune \
\) -name '*.go'
}
# find_go_files is directory dependent
pushd $KUBE_DIR >/dev/null
for f in $(find_go_files); do
mkdir -p $MASTER_RELEASE_DIR/src/go/$(dirname ${f})
cp ${f} ${MASTER_RELEASE_DIR}/src/go/${f}
done
popd >/dev/null
echo "Packaging release"
tar cz -C $KUBE_DIR/_output/release -f $KUBE_DIR/_output/release/master-release.tgz master-release

98
icebox/release/config.sh Executable file
View File

@@ -0,0 +1,98 @@
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A set of defaults for Kubernetes releases
if [ "$(which gcloud)" == "" ]; then
echo "Couldn't find gcloud in PATH"
exit 1
fi
if [ -n "$(gcloud auth list 2>&1 | grep 'No credentialed accounts')" ]; then
gcloud auth login
fi
PROJECT=$(gcloud config list project | tail -n 1 | cut -f 3 -d ' ')
if [ ! -n "$PROJECT" ]; then
echo "Default project is not set."
echo "Please run gcloud config set project <project>"
exit 1
fi
if which md5 > /dev/null 2>&1; then
HASH=$(md5 -q -s $PROJECT)
else
HASH=$(echo -n "$PROJECT" | md5sum)
fi
HASH=${HASH:0:5}
RELEASE_BUCKET=${RELEASE_BUCKET-gs://kubernetes-releases-$HASH/}
RELEASE_PREFIX=${RELEASE_PREFIX-devel/$USER/}
RELEASE_NAME=${RELEASE_NAME-r$(date -u +%Y%m%d-%H%M%S)}
# This is a 'soft link' to the release in question. It is a single line file to
# the full GS path for a release.
RELEASE_TAG=${RELEASE_TAG-testing}
RELEASE_TAR_FILE=master-release.tgz
RELEASE_FULL_PATH=$RELEASE_BUCKET$RELEASE_PREFIX$RELEASE_NAME
RELEASE_FULL_TAG_PATH=$RELEASE_BUCKET$RELEASE_PREFIX$RELEASE_TAG
# Takes a release path ($1 if passed, otherwise $RELEASE_FULL_TAG_PATH) and
# computes the normalized release path. Results are stored in
# $RELEASE_NORMALIZED. Returns 0 if a valid release can be found.
function normalize_release() {
RELEASE_NORMALIZED=${1-$RELEASE_FULL_TAG_PATH}
# First test to see if there is a valid release at this path.
if gsutil -q stat $RELEASE_NORMALIZED/$RELEASE_TAR_FILE; then
return 0
fi
# Check if this is a simple file. If so, read it and use the result as the
# new RELEASE_NORMALIZED.
if gsutil -q stat $RELEASE_NORMALIZED; then
RELEASE_NORMALIZED=$(gsutil -q cat $RELEASE_NORMALIZED)
normalize_release $RELEASE_NORMALIZED
return
fi
return 1
}
# Sets a tag ($1) to a release ($2)
function set_tag() {
echo $2 | gsutil -q cp - $1
gsutil -q setmeta -h "Cache-Control:private, max-age=0, no-transform" $1
make_public_readable $1
}
# Makes a GCS object ($1) publicly readable
function make_public_readable() {
# Ideally we'd run the command below. But this is currently broken in the
# newest version of gsutil. Instead, download the ACL and edit the json
# quickly.
# gsutil -q acl ch -g AllUsers:R $1
TMPFILE=$(mktemp -t release 2>/dev/null || mktemp -t release.XXXX)
gsutil -q acl get $1 \
| python $(dirname $0)/make-public-gcs-acl.py \
> $TMPFILE
gsutil -q acl set $TMPFILE $RELEASE_FULL_PATH/$x
rm $TMPFILE
}

26
icebox/release/make-public-gcs-acl.py Normal file
View File

@@ -0,0 +1,26 @@
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This is a quick script that adds AllUsers as READER to a JSON file
# representing an ACL on a GCS object. This is a quick workaround for a bug in
# gsutil.
import json
import sys
acl = json.load(sys.stdin)
acl.append({
"entity": "allUsers",
"role": "READER"
})
json.dump(acl, sys.stdout)

44
icebox/release/master-release-install.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This file is meant to run on the master. It takes the release in the current
# directory and installs everything that needs to be installed. It will then
# also kick off a saltstack config pass
RELEASE_BASE=$(dirname $0)/../..
echo "Installing release files"
# Put all of the salt stuff under /srv
mkdir -p /srv
cp -R --preserve=mode $RELEASE_BASE/src/saltbase/* /srv
# Copy various go source code into the right places in the salt directory
# hieararchy so it can be downloaded/built on all the nodes.
mkdir -p /srv/salt/apiserver/go
cp -R --preserve=mode $RELEASE_BASE/src/go/* /srv/salt/apiserver/go
mkdir -p /srv/salt/kube-proxy/go
cp -R --preserve=mode $RELEASE_BASE/src/go/* /srv/salt/kube-proxy/go
mkdir -p /srv/salt/controller-manager/go
cp -R --preserve=mode $RELEASE_BASE/src/go/* /srv/salt/controller-manager/go
mkdir -p /srv/salt/scheduler/go
cp -R --preserve=mode $RELEASE_BASE/src/go/* /srv/salt/scheduler/go
mkdir -p /srv/salt/kubelet/go
cp -R --preserve=mode $RELEASE_BASE/src/go/* /srv/salt/kubelet/go

26
icebox/release/rackspace/config.sh Normal file
View File

@@ -0,0 +1,26 @@
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# A set of Cloud Files defaults for which Kubernetes releases will be uploaded to
# Make sure swiftly is installed and available
if [ "$(which swiftly)" == "" ]; then
echo "release/rackspace/config.sh: Couldn't find swiftly in PATH. Please install swiftly:"
echo -e "\tpip install swiftly"
exit 1
fi
CONTAINER="kubernetes-releases-${OS_USERNAME}"
TAR_FILE=master-release.tgz

49
icebox/release/rackspace/release.sh Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script will build and release Kubernetes.
#
# The main parameters to this script come from the config.sh file. This is set
# up by default for development releases. Feel free to edit it or override some
# of the variables there.
# exit on any error
set -e
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
source $SCRIPT_DIR/config.sh
KUBE_REPO_ROOT="$(cd "$(dirname "$0")/../../" && pwd -P)"
source "${KUBE_REPO_ROOT}/cluster/kube-env.sh"
source $SCRIPT_DIR/../../cluster/rackspace/${KUBE_CONFIG_FILE-"config-default.sh"}
source $SCRIPT_DIR/../../cluster/rackspace/util.sh
$SCRIPT_DIR/../build-release.sh $INSTANCE_PREFIX
# Copy everything up to swift object store
echo "release/rackspace/release.sh: Uploading to Cloud Files"
if ! swiftly -A $OS_AUTH_URL -U $OS_USERNAME -K $OS_PASSWORD get $CONTAINER > /dev/null 2>&1 ; then
echo "release/rackspace/release.sh: Container doesn't exist. Creating..."
swiftly -A $OS_AUTH_URL -U $OS_USERNAME -K $OS_PASSWORD put $CONTAINER > /dev/null 2>&1
fi
for x in master-release.tgz; do
swiftly -A $OS_AUTH_URL -U $OS_USERNAME -K $OS_PASSWORD put -i _output/release/$x $CONTAINER/output/release/$x > /dev/null 2>&1
done
echo "Release pushed."

86
icebox/release/release.sh Executable file
View File

@@ -0,0 +1,86 @@
#!/bin/bash
# Copyright 2014 Google Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script will build and release Kubernetes.
#
# The main parameters to this script come from the config.sh file. This is set
# up by default for development releases. Feel free to edit it or override some
# of the variables there.
# exit on any error
set -e
gsutil_version=$(gsutil version | awk '{split($0,a," "); print a[3]}')
# Warning! uses lexical comparison. This really only works for major versions, or minor versions up to x.9
min_gsutil_version="4.0"
if [[ "$gsutil_version" < "$min_gsutil_version" ]]; then
echo "gsutil version $min_gsutil_version or greater is required, please run 'gcloud components upgrade'"
exit 1
fi
SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
source $SCRIPT_DIR/config.sh
KUBE_REPO_ROOT="$(cd "$(dirname "$0")/../" && pwd -P)"
source "${KUBE_REPO_ROOT}/cluster/kube-env.sh"
source $(dirname ${BASH_SOURCE})/../cluster/${KUBERNETES_PROVIDER}/${KUBE_CONFIG_FILE-"config-default.sh"}
cd $SCRIPT_DIR/..
$SCRIPT_DIR/build-release.sh $INSTANCE_PREFIX
echo "Building launch script"
# Create the local install script. These are the tools to install the local
# tools and launch a new cluster.
LOCAL_RELEASE_DIR=_output/release/local-release
mkdir -p $LOCAL_RELEASE_DIR/src/scripts
cp -r cluster/templates $LOCAL_RELEASE_DIR/src/templates
cp -r cluster/*.sh $LOCAL_RELEASE_DIR/src/scripts
tar cz -C $LOCAL_RELEASE_DIR -f _output/release/launch-kubernetes.tgz .
echo "#!/bin/bash" >> _output/release/launch-kubernetes.sh
echo "RELEASE_TAG=$RELEASE_TAG" >> _output/release/launch-kubernetes.sh
echo "RELEASE_PREFIX=$RELEASE_PREFIX" >> _output/release/launch-kubernetes.sh
echo "RELEASE_NAME=$RELEASE_NAME" >> _output/release/launch-kubernetes.sh
echo "RELEASE_FULL_PATH=$RELEASE_FULL_PATH" >> _output/release/launch-kubernetes.sh
cat release/launch-kubernetes-base.sh >> _output/release/launch-kubernetes.sh
chmod a+x _output/release/launch-kubernetes.sh
# Now copy everything up to the release structure on GS
echo "Uploading to Google Storage"
if ! gsutil ls $RELEASE_BUCKET > /dev/null 2>&1 ; then
echo "Creating $RELEASE_BUCKET"
gsutil mb $RELEASE_BUCKET
fi
for x in master-release.tgz launch-kubernetes.tgz launch-kubernetes.sh; do
gsutil -q cp _output/release/$x $RELEASE_FULL_PATH/$x
make_public_readable $RELEASE_FULL_PATH/$x
done
set_tag $RELEASE_FULL_TAG_PATH $RELEASE_FULL_PATH
echo "Release pushed ($RELEASE_PREFIX$RELEASE_NAME)."
# This isn't quite working right now. Need to figure out packaging the kubecfg tool.
# echo " Launch with:"
# echo
# echo " curl -s -L ${RELEASE_FULL_PATH/gs:\/\//http://storage.googleapis.com/}/launch-kubernetes.sh | bash"
# echo