mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Create etcd user in cloud-init master.yaml rather than in configure-helper.sh
An etcd unix user is currently created in configure-helper.sh if it does not exist on the master. cloud-init is the only supported mechanism to add users on COS VMs. If an attempt is made to add a key using OS Login or the instance metadata mechanism the google_accounts_daemon will race with useradd and potentially attempt to use the same UID. This will lock out any attempt to SSH into the VM. We therefore migrate to using cloud-init to create this user and prevent this issue from occurring.
This commit is contained in:
parent
21d4d13d98
commit
5de3c64ad0
@ -445,9 +445,6 @@ function mount-master-pd {
|
||||
mkdir -p "${mount_point}/srv/sshproxy"
|
||||
ln -s -f "${mount_point}/srv/sshproxy" /etc/srv/sshproxy
|
||||
|
||||
if ! id etcd &>/dev/null; then
|
||||
useradd -s /sbin/nologin -d /var/etcd etcd
|
||||
fi
|
||||
chown -R etcd "${mount_point}/var/etcd"
|
||||
chgrp -R etcd "${mount_point}/var/etcd"
|
||||
}
|
||||
|
@ -1,5 +1,10 @@
|
||||
#cloud-config
|
||||
|
||||
users:
|
||||
- name: etcd
|
||||
homedir: /var/etcd
|
||||
lock_passwd: true
|
||||
|
||||
write_files:
|
||||
- path: /etc/systemd/system/kube-master-installation.service
|
||||
permissions: 0644
|
||||
|
Loading…
Reference in New Issue
Block a user