docs/getting-started-guides/coreos/: update for 0.15.0+ support.

- allow payloads to run in privileged mode. - update kube-register to latest upstream (v0.0.3). - jump into the etcd2 bandwagon. - etcd master on master node. - etcd proxies in nodes. - update docs to reflect minimum required CoreOS version. - 653.0.0 is the first to ship with etcd2, which we now consume. - propagate changes on coreos/cloud-configs/ also to aws/cloud-configs/. - update tested k8s versions that this addresses in the getting-started-guides table ence making sure we are consistent across it regarding the versions we claim to have tested, add myself there as contact too. - do not assume that cloud-init shortcuts will get everything right. - they won't (as setup-network-environment who populates *_ipv4, etc only runs way later). - use flannel's plain defaults, as they should just be enough for the common case. Signed-off-by: António Meireles <antonio.meireles@reformi.st>
2025-09-06 11:42:14 +00:00 · 2015-04-17 11:32:50 +01:00
parent f74fab4e56
commit adf8704f4c
8 changed files with 145 additions and 190 deletions
--- a/docs/getting-started-guides/aws/cloud-configs/master.yaml
+++ b/docs/getting-started-guides/aws/cloud-configs/master.yaml
@@ -1,18 +1,19 @@
 #cloud-config

 ---
-write_files:
- path: /opt/bin/waiter.sh
-  owner: root
-  content: |
-    #! /usr/bin/bash
-    until curl http://127.0.0.1:4001/v2/machines; do sleep 2; done
+hostname: master
 coreos:
+  etcd2:
+    name: master
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    advertise-client-urls: http://<master-private-ip>:2379,http://<master-private-ip>:4001
+    initial-cluster-token: k8s_etcd
+    listen-peer-urls: http://<master-private-ip>:2380,http://<master-private-ip>:7001
+    initial-advertise-peer-urls: http://<master-private-ip>:2380
+    initial-cluster: master=http://<master-private-ip>:2380"
+    initial-cluster-state: new
  fleet:
-    etcd-servers: http://localhost:4001
    metadata: "role=master"
-  flannel:
-    interface: eth1
  units:
    - name: setup-network-environment.service
      command: start
@@ -25,57 +26,20 @@ coreos:

        [Service]
        ExecStartPre=-/usr/bin/mkdir -p /opt/bin
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/setup-network-environment
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/setup-network-environment 
        ExecStartPre=/usr/bin/chmod +x /opt/bin/setup-network-environment
        ExecStart=/opt/bin/setup-network-environment
        RemainAfterExit=yes
        Type=oneshot
-    - name: etcd.service
+    - name: fleet.service
      command: start
-      content: |
-        [Unit]
-        Description=etcd
-        Requires=setup-network-environment.service
-        After=setup-network-environment.service
-
-        [Service]
-        EnvironmentFile=/etc/network-environment
-        User=etcd
-        PermissionsStartOnly=true
-        ExecStart=/usr/bin/etcd \
-        --name ${DEFAULT_IPV4} \
-        --addr ${DEFAULT_IPV4}:4001 \
-        --bind-addr 0.0.0.0 \
-        --cluster-active-size 1 \
-        --data-dir /var/lib/etcd \
-        --http-read-timeout 86400 \
-        --peer-addr ${DEFAULT_IPV4}:7001 \
-        --snapshot true
-        Restart=always
-        RestartSec=10s
-    - name: etcd-waiter.service
-      command: start
-      content: |
-        [Unit]
-        Description=etcd waiter
-        Wants=network-online.target
-        Wants=etcd.service
-        After=etcd.service
-        After=network-online.target
-        Before=flanneld.service
-
-        [Service]
-        ExecStartPre=/usr/bin/chmod +x /opt/bin/waiter.sh
-        ExecStart=/usr/bin/bash /opt/bin/waiter.sh
-        RemainAfterExit=true
-        Type=oneshot
    - name: flanneld.service
      command: start
      drop-ins:
        - name: 50-network-config.conf
          content: |
            [Unit]
-            Requires=etcd.service
+            Requires=etcd2.service
            [Service]
            ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}'
    - name: docker-cache.service
@@ -122,23 +86,26 @@ coreos:
        [Unit]
        Description=Kubernetes API Server
        Documentation=https://github.com/GoogleCloudPlatform/kubernetes
-        Requires=etcd.service
-        After=etcd.service
+        Requires=etcd2.service
+        After=etcd2.service

        [Service]
        ExecStartPre=-/usr/bin/mkdir -p /opt/bin
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-apiserver
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kube-apiserver
        ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-apiserver
        ExecStart=/opt/bin/kube-apiserver \
-        --address=0.0.0.0 \
-        --port=8080 \
+        --allow_privileged=true \
+        --insecure_bind_address=0.0.0.0 \
+        --insecure_port=8080 \
+        --kubelet_https=true \
+        --secure_port=6443 \
        --portal_net=10.100.0.0/16 \
        --etcd_servers=http://127.0.0.1:4001 \
        --public_address_override=$private_ipv4 \
        --logtostderr=true
        Restart=always
        RestartSec=10
-    - name: kube-controller-manager.service 
+    - name: kube-controller-manager.service
      command: start
      content: |
        [Unit]
@@ -148,7 +115,7 @@ coreos:
        After=kube-apiserver.service

        [Service]
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-controller-manager
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kube-controller-manager
        ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-controller-manager
        ExecStart=/opt/bin/kube-controller-manager \
        --master=127.0.0.1:8080 \
@@ -165,7 +132,7 @@ coreos:
        After=kube-apiserver.service

        [Service]
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-scheduler
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kube-scheduler
        ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-scheduler
        ExecStart=/opt/bin/kube-scheduler --master=127.0.0.1:8080
        Restart=always
@@ -182,12 +149,14 @@ coreos:
        After=fleet.service

        [Service]
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/kube-register
+        # ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/kube-register
+        ExecStartPre=/usr/bin/wget -N -O /opt/bin/kube-register https://github.com/kelseyhightower/kube-register/releases/download/v0.0.3/kube-register-0.0.3-linux-amd64
        ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-register
        ExecStart=/opt/bin/kube-register \
        --metadata=role=node \
        --fleet-endpoint=unix:///var/run/fleet.sock \
-        --api-endpoint=http://127.0.0.1:8080
+        --api-endpoint=http://127.0.0.1:8080 \
+        --healthz-port=10248
        Restart=always
        RestartSec=10
  update:
--- a/docs/getting-started-guides/aws/cloud-configs/node.yaml
+++ b/docs/getting-started-guides/aws/cloud-configs/node.yaml
@@ -1,15 +1,22 @@
 #cloud-config
-
+write-files:
+  - path: /opt/bin/wupiao
+    permissions: '0755'
+    content: |
+      #!/bin/bash
+      # [w]ait [u]ntil [p]ort [i]s [a]ctually [o]pen
+      [ -n "$1" ] && [ -n "$2" ] && while ! curl --output /dev/null \
+        --silent --head --fail \
+        http://${1}:${2}; do sleep 1 && echo -n .; done;
+      exit $?
 coreos:
+  etcd2:
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    initial-cluster: master=http://<master-private-ip>:2380
+    proxy: on
  fleet:
-    etcd-servers: http://<master-private-ip>:4001
    metadata: "role=node"
-  flannel:
-    interface: eth1
-    etcd_endpoints: http://<master-private-ip>:4001
  units:
-    - name: etcd.service
-      mask: true
    - name: fleet.service
      command: start
    - name: flanneld.service
@@ -17,17 +24,16 @@ coreos:
      drop-ins:
        - name: 50-network-config.conf
          content: |
+            [Unit]
+            Requires=etcd2.service
            [Service]
-            ExecStartPre=/bin/bash -c "until curl http://<master-private-ip>:4001/v2/machines; do sleep 2; done"
-            ExecStartPre=/usr/bin/etcdctl -C <master-private-ip>:4001 set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}'
+            ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}'
    - name: docker.service
      command: start
      drop-ins:
        - name: 51-docker-mirror.conf
          content: |
            [Unit]
-            # making sure that flanneld finished startup, otherwise containers
-            # won't land in flannel's network...
            Requires=flanneld.service
            After=flanneld.service
            [Service]
@@ -43,7 +49,7 @@ coreos:

        [Service]
        ExecStartPre=-/usr/bin/mkdir -p /opt/bin
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/setup-network-environment
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/k8s/setup-network-environment 
        ExecStartPre=/usr/bin/chmod +x /opt/bin/setup-network-environment
        ExecStart=/opt/bin/setup-network-environment
        RemainAfterExit=yes
@@ -58,10 +64,12 @@ coreos:
        After=setup-network-environment.service

        [Service]
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kube-proxy
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kube-proxy
        ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-proxy
+        # wait for kubernetes master to be up and ready
+        ExecStartPre=/opt/bin/wupiao <master-private-ip> 8080
        ExecStart=/opt/bin/kube-proxy \
-        --master=http://<master-private-ip>:8080 \
+        --master=<master-private-ip>:8080 \
        --logtostderr=true
        Restart=always
        RestartSec=10
@@ -76,14 +84,19 @@ coreos:

        [Service]
        EnvironmentFile=/etc/network-environment
-        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.11.0/bin/linux/amd64/kubelet
+        ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.15.0/bin/linux/amd64/kubelet
        ExecStartPre=/usr/bin/chmod +x /opt/bin/kubelet
+        # wait for kubernetes master to be up and ready
+        ExecStartPre=/opt/bin/wupiao <master-private-ip> 8080
        ExecStart=/opt/bin/kubelet \
        --address=0.0.0.0 \
        --port=10250 \
        --hostname_override=$private_ipv4 \
        --api_servers=<master-private-ip>:8080 \
-        --logtostderr=true
+        --allow_privileged=true \
+        --logtostderr=true \
+        --healthz_bind_address=0.0.0.0 \
+        --healthz_port=10248
        Restart=always
        RestartSec=10
  update: