mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 04:06:03 +00:00
Merge pull request #27676 from justinsb/aws_debian_1_11
Automatic merge from submit-queue AWS kube-up: move to Docker 1.11.2 This is to mirror GCE Also we remove support for vivid as Docker no longer packages for it, and remove some of the unreachable distro code in aws kube-up. Also bump the AMI to a 1.3 version (with preinstalled Docker 1.11.2) Fixes https://github.com/kubernetes/kubernetes/issues/27654
This commit is contained in:
k8s-merge-robot
GitHub
commit
ee87a39f04
@ -1,182 +0,0 @@
|
||||
#cloud-config
|
||||
|
||||
coreos:
|
||||
units:
|
||||
- name: kubernetes-install-rkt.service
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Fetch rkt
|
||||
Documentation=http://github.com/coreos/rkt
|
||||
Requires=network-online.target
|
||||
After=network-online.target
|
||||
[Service]
|
||||
Type=oneshot
|
||||
EnvironmentFile=/etc/kube-env
|
||||
ExecStartPre=/usr/bin/mkdir -p /opt/rkt
|
||||
ExecStartPre=/usr/bin/wget \
|
||||
-O /opt/rkt/rkt-v${RKT_VERSION}.tar.gz \
|
||||
https://github.com/coreos/rkt/releases/download/v${RKT_VERSION}/rkt-v${RKT_VERSION}.tar.gz
|
||||
ExecStart=/usr/bin/tar xzvf /opt/rkt/rkt-v${RKT_VERSION}.tar.gz -C /opt --overwrite
|
||||
|
||||
- name: hostname-override.service
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Kubelet Hostname Override
|
||||
Requires=network-online.target
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
EnvironmentFile=/etc/kube-env
|
||||
ExecStart=/run/setup-hostname-override.sh
|
||||
|
||||
- name: kubernetes-install-minion.service
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Install Kubernetes Server
|
||||
Requires=network-online.target
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
EnvironmentFile=/etc/kube-env
|
||||
ExecStartPre=/usr/bin/mkdir -p /opt/kubernetes/pkg
|
||||
ExecStartPre=/usr/bin/curl --location --create-dirs --output /opt/kubernetes/pkg/kubernetes-server-linux-amd64.tar.gz ${SERVER_BINARY_TAR_URL}
|
||||
ExecStart=/usr/bin/tar xf /opt/kubernetes/pkg/kubernetes-server-linux-amd64.tar.gz -C /opt --overwrite
|
||||
|
||||
- name: kubelet.service
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Run Kubelet service
|
||||
Requires=kubernetes-install-minion.service
|
||||
After=kubernetes-install-minion.service
|
||||
Requires=hostname-override.service
|
||||
After=hostname-override.service
|
||||
|
||||
[Service]
|
||||
EnvironmentFile=/etc/kube-env
|
||||
EnvironmentFile=/etc/hostname-override
|
||||
ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/manifests
|
||||
ExecStartPre=/run/setup-auth.sh
|
||||
ExecStart=/opt/kubernetes/server/bin/kubelet \
|
||||
--api-servers=https://${MASTER_IP} \
|
||||
--config=/etc/kubernetes/manifests \
|
||||
--allow-privileged=False \
|
||||
--v=2 \
|
||||
--cluster-dns=10.0.0.10 \
|
||||
--cluster-domain=${DNS_DOMAIN} \
|
||||
--logtostderr=true \
|
||||
--hostname-override=${HOSTNAME_OVERRIDE} \
|
||||
--container-runtime=${KUBERNETES_CONTAINER_RUNTIME}
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
KillMode=process
|
||||
|
||||
- name: kube-proxy.service
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Start Kube-proxy service as Daemon
|
||||
Requires=kubernetes-install-minion.service
|
||||
After=kubernetes-install-minion.service
|
||||
Requires=kubernetes-install-rkt.service
|
||||
After=kubernetes-install-rkt.service
|
||||
[Service]
|
||||
EnvironmentFile=/etc/kube-env
|
||||
ExecStartPre=/run/config-kube-proxy.sh
|
||||
ExecStart=/opt/kubernetes/server/bin/kube-proxy \
|
||||
--master=https://${MASTER_IP} \
|
||||
--kubeconfig=/var/lib/kube-proxy/kubeconfig \
|
||||
--v=2 \
|
||||
--logtostderr=true \
|
||||
--hostname-override=${HOSTNAME_OVERRIDE}
|
||||
Restart=always
|
||||
RestartSec=10
|
||||
|
||||
- name: rkt-metadata.socket
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=rkt metadata service socket
|
||||
PartOf=rkt-metadata.service
|
||||
Requires=kubernetes-install-rkt.service
|
||||
After=kubernetes-install-rkt.service
|
||||
[Socket]
|
||||
ListenStream=/run/rkt/metadata-svc.sock
|
||||
SocketMode=0660
|
||||
SocketUser=root
|
||||
SocketGroup=root
|
||||
RemoveOnStop=true
|
||||
|
||||
- name: rkt-metadata.service
|
||||
command: start
|
||||
content: |
|
||||
[Unit]
|
||||
Description=rkt metadata service
|
||||
Documentation=http://github.com/coreos/rkt
|
||||
Requires=rkt-metadata.socket
|
||||
After=network.target rkt-metadata.socket
|
||||
Requires=kubernetes-install-rkt.service
|
||||
After=kubernetes-install-rkt.service
|
||||
[Service]
|
||||
EnvironmentFile=/etc/kube-env
|
||||
ExecStart=/opt/rkt-${RKT_VERSION}/rkt metadata-service
|
||||
write_files:
|
||||
- path: /run/setup-hostname-override.sh
|
||||
permissions: "0755"
|
||||
content: |
|
||||
#!/bin/bash
|
||||
set -x
|
||||
source /etc/kube-env
|
||||
if [[ -z "${HOSTNAME_OVERRIDE}" ]]; then
|
||||
HOSTNAME_OVERRIDE=`curl --silent http://169.254.169.254/2007-01-19/meta-data/local-hostname`
|
||||
fi
|
||||
if [[ -z "${HOSTNAME_OVERRIDE}" ]]; then
|
||||
HOSTNAME_OVERRIDE=`hostname -f`
|
||||
fi
|
||||
echo "HOSTNAME_OVERRIDE=${HOSTNAME_OVERRIDE}" > /etc/hostname-override
|
||||
- path: /run/setup-auth.sh
|
||||
permissions: "0755"
|
||||
content: |
|
||||
#!/bin/bash -e
|
||||
set -x
|
||||
source /etc/kube-env
|
||||
|
||||
/usr/bin/mkdir -p /var/lib/kubelet
|
||||
printf '{"BearerToken": "%s", "Insecure": true }' ${KUBE_BEARER_TOKEN} > /var/lib/kubelet/kubernetes_auth
|
||||
- path: /run/config-kube-proxy.sh
|
||||
permissions: "0755"
|
||||
content: |
|
||||
#!/bin/bash -e
|
||||
set -x
|
||||
source /etc/kube-env
|
||||
|
||||
/usr/bin/mkdir -p /var/lib/kube-proxy
|
||||
cat > /var/lib/kube-proxy/kubeconfig << EOF
|
||||
apiVersion: v1
|
||||
kind: Config
|
||||
users:
|
||||
- name: kube-proxy
|
||||
user:
|
||||
token: $KUBE_PROXY_TOKEN
|
||||
clusters:
|
||||
- name: local
|
||||
cluster:
|
||||
insecure-skip-tls-verify: true
|
||||
contexts:
|
||||
- context:
|
||||
cluster: local
|
||||
user: kube-proxy
|
||||
name: service-account-context
|
||||
current-context: service-account-context
|
||||
EOF
|
||||
- path: /etc/kube-env
|
||||
permissions: 0644
|
||||
owner: root
|
||||
content: |
|
||||
@ -1,55 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2015 The Kubernetes Authors All rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# A library of helper functions for CoreOS.
|
||||
|
||||
SSH_USER=core
|
||||
|
||||
function detect-minion-image (){
|
||||
if [[ -z "${KUBE_NODE_IMAGE-}" ]]; then
|
||||
KUBE_NODE_IMAGE=$(curl -s -L http://${COREOS_CHANNEL}.release.core-os.net/amd64-usr/current/coreos_production_ami_all.json | python -c "import json,sys;obj=json.load(sys.stdin);print filter(lambda t: t['name']=='${AWS_REGION}', obj['amis'])[0]['hvm']")
|
||||
fi
|
||||
if [[ -z "${KUBE_NODE_IMAGE-}" ]]; then
|
||||
echo "unable to determine KUBE_NODE_IMAGE"
|
||||
exit 2
|
||||
fi
|
||||
}
|
||||
|
||||
function generate-minion-user-data() {
|
||||
|
||||
# this is a bit of a hack. We make all of our "variables" in
|
||||
# our cloud config controlled by env vars from this script
|
||||
cat ${KUBE_ROOT}/cluster/aws/coreos/node.yaml
|
||||
cat <<EOF
|
||||
ENV_TIMESTAMP=$(yaml-quote $(date -u +%Y-%m-%dT%T%z))
|
||||
INSTANCE_PREFIX=$(yaml-quote ${INSTANCE_PREFIX})
|
||||
SERVER_BINARY_TAR_URL=$(yaml-quote ${SERVER_BINARY_TAR_URL})
|
||||
ENABLE_CLUSTER_DNS=$(yaml-quote ${ENABLE_CLUSTER_DNS:-false})
|
||||
DNS_SERVER_IP=$(yaml-quote ${DNS_SERVER_IP:-})
|
||||
DNS_DOMAIN=$(yaml-quote ${DNS_DOMAIN:-})
|
||||
MASTER_IP=$(yaml-quote ${MASTER_INTERNAL_IP})
|
||||
KUBELET_TOKEN=$(yaml-quote ${KUBELET_TOKEN:-})
|
||||
KUBE_PROXY_TOKEN=$(yaml-quote ${KUBE_PROXY_TOKEN:-})
|
||||
KUBE_BEARER_TOKEN=$(yaml-quote ${KUBELET_TOKEN:-})
|
||||
KUBERNETES_CONTAINER_RUNTIME=$(yaml-quote ${CONTAINER_RUNTIME})
|
||||
RKT_VERSION=$(yaml-quote ${RKT_VERSION})
|
||||
EOF
|
||||
}
|
||||
|
||||
function check-minion() {
|
||||
echo "working"
|
||||
}
|
||||
|
||||
@ -17,7 +17,7 @@
|
||||
|
||||
# A library of helper functions for Jessie.
|
||||
|
||||
source "${KUBE_ROOT}/cluster/aws/trusty/common.sh"
|
||||
source "${KUBE_ROOT}/cluster/aws/common/common.sh"
|
||||
|
||||
SSH_USER=admin
|
||||
|
||||
@ -27,12 +27,15 @@ SSH_USER=admin
|
||||
# AWS_IMAGE
|
||||
function detect-jessie-image () {
|
||||
if [[ -z "${AWS_IMAGE-}" ]]; then
|
||||
# TODO: publish on a k8s AWS account
|
||||
# These images are built using the imagebuilder tool, in the kube-deploy github repo
|
||||
# https://github.com/kubernetes/kube-deploy/tree/master/imagebuilder
|
||||
|
||||
# 282335181503: images published by kope.io
|
||||
aws_account="282335181503"
|
||||
# TODO: we could use a tag for the latest image, instead of bumping it every time
|
||||
# e.g. family = k8s-1.2-debian-jessie-amd64-hvm-ebs latest/1.2=true
|
||||
# e.g. family = k8s-1.3-debian-jessie-amd64-hvm-ebs latest/1.3=true
|
||||
if [[ -z "${AWS_IMAGE_NAME:-}" ]]; then
|
||||
AWS_IMAGE_NAME="k8s-1.2-debian-jessie-amd64-hvm-2016-03-16-ebs"
|
||||
AWS_IMAGE_NAME="k8s-1.3-debian-jessie-amd64-hvm-ebs-2016-06-18"
|
||||
fi
|
||||
AWS_IMAGE=`aws ec2 describe-images --owner ${aws_account} --filters Name=name,Values=${AWS_IMAGE_NAME} --query Images[].ImageId --output text`
|
||||
if [[ -z "${AWS_IMAGE-}" ]]; then
|
||||
|
||||
@ -88,7 +88,11 @@ Supported options:
|
||||
debian-LTS team.
|
||||
* `wily`: Ubuntu Wily. Wily is not an LTS release, and OS support is due to
|
||||
end in July 2016.
|
||||
|
||||
No longer supported as of 1.3:
|
||||
|
||||
* `vivid`: Ubuntu Vivid. Vivid OS support ended in early February 2016.
|
||||
Docker no longer provides packages for vivid.
|
||||
|
||||
Given the support situation, we recommend using Debian Jessie. In Kubernetes
|
||||
1.3 Ubuntu should have their next LTS release out, so we should be able to
|
||||
|
||||
@ -1,22 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2015 The Kubernetes Authors All rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
source "${KUBE_ROOT}/cluster/aws/trusty/common.sh"
|
||||
|
||||
# TODO: Move image detection in here once it is no longer shared with CoreOS
|
||||
|
||||
SSH_USER=ubuntu
|
||||
@ -65,10 +65,8 @@ case "${OS_DISTRIBUTION}" in
|
||||
wily)
|
||||
;;
|
||||
vivid)
|
||||
echo "vivid is currently end-of-life and does not get updates." >&2
|
||||
echo "Please consider using wily or jessie instead" >&2
|
||||
echo "(will continue in 10 seconds)" >&2
|
||||
sleep 10
|
||||
echo "vivid is no longer supported by kube-up; please use jessie instead" >&2
|
||||
exit 2
|
||||
;;
|
||||
coreos)
|
||||
echo "coreos is no longer supported by kube-up; please use jessie instead" >&2
|
||||
@ -328,18 +326,9 @@ function detect-security-groups {
|
||||
# AWS_IMAGE
|
||||
function detect-image () {
|
||||
case "${OS_DISTRIBUTION}" in
|
||||
trusty|coreos)
|
||||
detect-trusty-image
|
||||
;;
|
||||
vivid)
|
||||
detect-vivid-image
|
||||
;;
|
||||
wily)
|
||||
detect-wily-image
|
||||
;;
|
||||
wheezy)
|
||||
detect-wheezy-image
|
||||
;;
|
||||
jessie)
|
||||
detect-jessie-image
|
||||
;;
|
||||
@ -350,72 +339,6 @@ case "${OS_DISTRIBUTION}" in
|
||||
esac
|
||||
}
|
||||
|
||||
# Detects the AMI to use for trusty (considering the region)
|
||||
# Used by CoreOS & Ubuntu
|
||||
#
|
||||
# Vars set:
|
||||
# AWS_IMAGE
|
||||
function detect-trusty-image () {
|
||||
# This is the ubuntu 14.04 image for <region>, amd64, hvm:ebs-ssd
|
||||
# See here: http://cloud-images.ubuntu.com/locator/ec2/ for other images
|
||||
# This will need to be updated from time to time as amis are deprecated
|
||||
if [[ -z "${AWS_IMAGE-}" ]]; then
|
||||
case "${AWS_REGION}" in
|
||||
ap-northeast-1)
|
||||
AWS_IMAGE=ami-93876e93
|
||||
;;
|
||||
|
||||
ap-northeast-2)
|
||||
AWS_IMAGE=ami-62ac620c
|
||||
;;
|
||||
|
||||
ap-southeast-1)
|
||||
AWS_IMAGE=ami-66546234
|
||||
;;
|
||||
|
||||
eu-central-1)
|
||||
AWS_IMAGE=ami-e2a694ff
|
||||
;;
|
||||
|
||||
eu-west-1)
|
||||
AWS_IMAGE=ami-d7fd6ea0
|
||||
;;
|
||||
|
||||
sa-east-1)
|
||||
AWS_IMAGE=ami-a357eebe
|
||||
;;
|
||||
|
||||
us-east-1)
|
||||
AWS_IMAGE=ami-6089d208
|
||||
;;
|
||||
|
||||
us-west-1)
|
||||
AWS_IMAGE=ami-cf7d998b
|
||||
;;
|
||||
|
||||
cn-north-1)
|
||||
AWS_IMAGE=ami-d436a4ed
|
||||
;;
|
||||
|
||||
us-gov-west-1)
|
||||
AWS_IMAGE=ami-01523322
|
||||
;;
|
||||
|
||||
ap-southeast-2)
|
||||
AWS_IMAGE=ami-cd4e3ff7
|
||||
;;
|
||||
|
||||
us-west-2)
|
||||
AWS_IMAGE=ami-3b14370b
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Please specify AWS_IMAGE directly (region ${AWS_REGION} not recognized)"
|
||||
exit 1
|
||||
esac
|
||||
fi
|
||||
}
|
||||
|
||||
# Detects the RootDevice to use in the Block Device Mapping (considering the AMI)
|
||||
#
|
||||
# Vars set:
|
||||
|
||||
@ -1,87 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2015 The Kubernetes Authors All rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
source "${KUBE_ROOT}/cluster/aws/trusty/common.sh"
|
||||
|
||||
SSH_USER=ubuntu
|
||||
|
||||
|
||||
# Detects the AMI to use for ubuntu (considering the region)
|
||||
#
|
||||
# Vars set:
|
||||
# AWS_IMAGE
|
||||
function detect-vivid-image () {
|
||||
# This is the ubuntu 15.04 image for <region>, amd64, hvm:ebs-ssd
|
||||
# See here: http://cloud-images.ubuntu.com/locator/ec2/ for other images
|
||||
# This will need to be updated from time to time as amis are deprecated
|
||||
if [[ -z "${AWS_IMAGE-}" ]]; then
|
||||
case "${AWS_REGION}" in
|
||||
ap-northeast-1)
|
||||
AWS_IMAGE=ami-ee023e80
|
||||
;;
|
||||
|
||||
ap-northeast-2)
|
||||
AWS_IMAGE=ami-c2df11ac
|
||||
;;
|
||||
|
||||
ap-southeast-1)
|
||||
AWS_IMAGE=ami-7ad91519
|
||||
;;
|
||||
|
||||
eu-central-1)
|
||||
AWS_IMAGE=ami-9c7960f0
|
||||
;;
|
||||
|
||||
eu-west-1)
|
||||
AWS_IMAGE=ami-6a379c19
|
||||
;;
|
||||
|
||||
sa-east-1)
|
||||
AWS_IMAGE=ami-7d49c811
|
||||
;;
|
||||
|
||||
us-east-1)
|
||||
AWS_IMAGE=ami-b5bd98df
|
||||
;;
|
||||
|
||||
us-west-1)
|
||||
AWS_IMAGE=ami-b30571d3
|
||||
;;
|
||||
|
||||
cn-north-1)
|
||||
AWS_IMAGE=ami-4c7ab321
|
||||
;;
|
||||
|
||||
#us-gov-west-1)
|
||||
# AWS_IMAGE=?Not available?
|
||||
# ;;
|
||||
|
||||
ap-southeast-2)
|
||||
AWS_IMAGE=ami-d11431b2
|
||||
;;
|
||||
|
||||
us-west-2)
|
||||
AWS_IMAGE=ami-58a2b839
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Please specify AWS_IMAGE directly (region ${AWS_REGION} not recognized)"
|
||||
exit 1
|
||||
esac
|
||||
fi
|
||||
}
|
||||
|
||||
@ -1,81 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2015 The Kubernetes Authors All rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
# A library of helper functions for Wheezy.
|
||||
|
||||
source "${KUBE_ROOT}/cluster/aws/trusty/common.sh"
|
||||
|
||||
SSH_USER=admin
|
||||
|
||||
# Detects the AMI to use for wheezy (considering the region)
|
||||
# Source: https://wiki.debian.org/Cloud/AmazonEC2Image/Wheezy
|
||||
#
|
||||
# Vars set:
|
||||
# AWS_IMAGE
|
||||
function detect-wheezy-image () {
|
||||
if [[ -z "${AWS_IMAGE-}" ]]; then
|
||||
case "${AWS_REGION}" in
|
||||
ap-northeast-1)
|
||||
AWS_IMAGE=ami-b25d44b3
|
||||
;;
|
||||
|
||||
ap-southeast-1)
|
||||
AWS_IMAGE=ami-aeb49ffc
|
||||
;;
|
||||
|
||||
ap-southeast-2)
|
||||
AWS_IMAGE=ami-6b770351
|
||||
;;
|
||||
|
||||
eu-central-1)
|
||||
AWS_IMAGE=ami-98043785
|
||||
;;
|
||||
|
||||
eu-west-1)
|
||||
AWS_IMAGE=ami-61e56916
|
||||
;;
|
||||
|
||||
sa-east-1)
|
||||
AWS_IMAGE=ami-3d8b3720
|
||||
;;
|
||||
|
||||
us-east-1)
|
||||
AWS_IMAGE=ami-e0efab88
|
||||
;;
|
||||
|
||||
us-west-1)
|
||||
AWS_IMAGE=ami-b4869ff1
|
||||
;;
|
||||
|
||||
us-west-2)
|
||||
AWS_IMAGE=ami-431a4273
|
||||
;;
|
||||
|
||||
us-gov-west-1)
|
||||
AWS_IMAGE=ami-d13455f2
|
||||
;;
|
||||
|
||||
cn-north-1)
|
||||
AWS_IMAGE=ami-48029071
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "Please specify AWS_IMAGE directly (region ${AWS_REGION} not recognized)"
|
||||
exit 1
|
||||
esac
|
||||
fi
|
||||
}
|
||||
@ -15,7 +15,7 @@
|
||||
# limitations under the License.
|
||||
|
||||
|
||||
source "${KUBE_ROOT}/cluster/aws/trusty/common.sh"
|
||||
source "${KUBE_ROOT}/cluster/aws/common/common.sh"
|
||||
|
||||
SSH_USER=ubuntu
|
||||
|
||||
|
||||
@ -1,40 +0,0 @@
|
||||
## Kubernetes-optimized images
|
||||
|
||||
This directory contains manifests for building Kubernetes-optimized images for
|
||||
various clouds (currently just AWS). It is currently highly experimental, and
|
||||
these images are not used by default (though you can pass `AWS_IMAGE` to the
|
||||
AWS kube-up script if you're feeling brave).
|
||||
|
||||
Advantages of an optimized image:
|
||||
|
||||
* We can preinstall packages that would otherwise require a download. Great
|
||||
for speed, and also for reliability (in case the source repository is down)
|
||||
* We can make kernel configuration changes that might otherwise require a
|
||||
reboot, or even apply kernel patches if we really want to. For example,
|
||||
Debian requires a kernel boot parameter to enable the cgroup memory
|
||||
controller, which we require.
|
||||
* The more configuration we can do in advance, the easier it is for people that
|
||||
don't want to use kube-up to get a cluster up and running.
|
||||
|
||||
Advantages of a harmonized image:
|
||||
|
||||
* All the platforms can test with the same versions of software, rather than
|
||||
relying on whatever image happens to be optimal on that cloud.
|
||||
|
||||
## bootstrap-vz
|
||||
|
||||
Currently images are built using
|
||||
[bootstrap-vz](https://github.com/andsens/bootstrap-vz), because this is
|
||||
default builder for the official Debian images, and because it supports
|
||||
multiple clouds including AWS, Azure & GCE. It also supports KVM, which should
|
||||
support OpenStack.
|
||||
|
||||
## Building an image
|
||||
|
||||
A go program/script to build images in
|
||||
[in progress](https://github.com/kubernetes/contrib/pull/486), in the contrib
|
||||
project.
|
||||
|
||||
|
||||
|
||||
[]()
|
||||
@ -1,101 +0,0 @@
|
||||
---
|
||||
name: k8s-1.2-debian-{system.release}-{system.architecture}-{provider.virtualization}-{%Y}-{%m}-{%d}-ebs
|
||||
provider:
|
||||
name: ec2
|
||||
virtualization: hvm
|
||||
enhanced_networking: simple
|
||||
description: Kubernetes 1.2 Base Image - Debian {system.release} {system.architecture}
|
||||
bootstrapper:
|
||||
workspace: /target
|
||||
# tarball speeds up development, but for prod builds we want to be 100% sure...
|
||||
# tarball: true
|
||||
system:
|
||||
release: jessie
|
||||
architecture: amd64
|
||||
# We use grub, not extlinux.
|
||||
# See https://github.com/andsens/bootstrap-vz/issues/182
|
||||
# extlinux makes it harder to modify boot args, and may have reboot problems
|
||||
# bootloader: extlinux
|
||||
bootloader: grub
|
||||
charmap: UTF-8
|
||||
locale: en_US
|
||||
timezone: UTC
|
||||
volume:
|
||||
backing: ebs
|
||||
partitions:
|
||||
type: msdos
|
||||
root:
|
||||
filesystem: ext4
|
||||
size: 8GiB
|
||||
packages:
|
||||
mirror: http://cloudfront.debian.net/debian
|
||||
install:
|
||||
# these packages are included in the official image
|
||||
- python-boto
|
||||
- python3-boto
|
||||
- apt-transport-https
|
||||
- lvm2
|
||||
- ncurses-term
|
||||
- parted
|
||||
- bootlogd
|
||||
- cloud-init
|
||||
- cloud-utils
|
||||
- gdisk
|
||||
- sysvinit
|
||||
- systemd
|
||||
- systemd-sysv
|
||||
|
||||
# these packages are included in the official image, but we remove them
|
||||
# awscli : we install from pip instead
|
||||
|
||||
# cloud-initramfs-growroot will resize the master partition on boot
|
||||
- cloud-initramfs-growroot
|
||||
# These packages would otherwise be installed during first boot
|
||||
- aufs-tools
|
||||
- curl
|
||||
- python-yaml
|
||||
- git
|
||||
- nfs-common
|
||||
- bridge-utils
|
||||
- logrotate
|
||||
- socat
|
||||
- python-apt
|
||||
- apt-transport-https
|
||||
- unattended-upgrades
|
||||
- lvm2
|
||||
- btrfs-tools
|
||||
|
||||
# So we can install the latest awscli
|
||||
- python-pip
|
||||
plugins:
|
||||
cloud_init:
|
||||
metadata_sources: Ec2
|
||||
username: admin
|
||||
ntp: {}
|
||||
commands:
|
||||
commands:
|
||||
# Install python-pip
|
||||
- [ 'chroot', '{root}', 'pip', 'install', 'awscli' ]
|
||||
|
||||
# Install docker 1.9.1
|
||||
- [ 'wget', 'http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~jessie_amd64.deb', '-O', '{root}/tmp/docker.deb' ]
|
||||
- [ '/bin/sh', '-c', 'cd {root}/tmp; echo "c58c39008fd6399177f6b2491222e4438f518d78 docker.deb" | shasum -c -' ]
|
||||
- [ 'chroot', '{root}', '/bin/sh', '-c', 'DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends --assume-yes libapparmor1' ]
|
||||
- [ 'chroot', '{root}', '/bin/sh', '-c', 'DEBIAN_FRONTEND=noninteractive dpkg --install /tmp/docker.deb' ]
|
||||
- [ 'rm', '{root}/tmp/docker.deb' ]
|
||||
|
||||
# Fix a cloud-init bug where it uses nobootwait
|
||||
# see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789884
|
||||
- [ 'chroot', '{root}', '/bin/sh', '-c', 'echo "mount_default_fields: [~, ~, ''auto'', ''defaults,nofail'', ''0'', ''2'']" > /etc/cloud/cloud.cfg.d/99_kubernetes.cfg' ]
|
||||
|
||||
# We perform a full replacement of some grub conf variables:
|
||||
# GRUB_CMDLINE_LINUX_DEFAULT (add memory cgroup)
|
||||
# GRUB_TIMEOUT (remove boot delay)
|
||||
# (but leave the old versions commented out for people to see)
|
||||
- [ 'chroot', '{root}', 'touch', '/etc/default/grub' ]
|
||||
- [ 'chroot', '{root}', 'sed', '-i', 's/^GRUB_CMDLINE_LINUX_DEFAULT=/#GRUB_CMDLINE_LINUX_DEFAULT=/g', '/etc/default/grub' ]
|
||||
- [ 'chroot', '{root}', 'sed', '-i', 's/^GRUB_TIMEOUT=/#GRUB_TIMEOUT=/g', '/etc/default/grub' ]
|
||||
- [ 'chroot', '{root}', '/bin/sh', '-c', 'echo "# kubernetes image changes" >> /etc/default/grub' ]
|
||||
- [ 'chroot', '{root}', '/bin/sh', '-c', 'echo "GRUB_CMDLINE_LINUX_DEFAULT=\"cgroup_enable=memory oops=panic panic=10 console=ttyS0\"" >> /etc/default/grub' ]
|
||||
- [ 'chroot', '{root}', '/bin/sh', '-c', 'echo "GRUB_TIMEOUT=0" >> /etc/default/grub' ]
|
||||
- [ 'chroot', '{root}', 'update-grub2' ]
|
||||
@ -227,10 +227,10 @@ net.ipv4.ip_forward:
|
||||
and grains.get('oscodename', '') == 'jessie' -%}
|
||||
# TODO: Get from google storage?
|
||||
{% set docker_pkg_name='docker-engine' %}
|
||||
{% set override_docker_ver='1.9.1-0~jessie' %}
|
||||
{% set override_deb='docker-engine_1.9.1-0~jessie_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~jessie_amd64.deb' %}
|
||||
{% set override_deb_sha1='c58c39008fd6399177f6b2491222e4438f518d78' %}
|
||||
{% set override_docker_ver='1.11.2-0~jessie' %}
|
||||
{% set override_deb='docker-engine_1.11.2-0~jessie_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.11.2-0~jessie_amd64.deb' %}
|
||||
{% set override_deb_sha1='c312f1f6fa0b34df4589bb812e4f7af8e28fd51d' %}
|
||||
|
||||
# Ubuntu presents as os_family=Debian, osfullname=Ubuntu
|
||||
{% elif grains.get('cloud', '') == 'aws'
|
||||
@ -238,30 +238,20 @@ net.ipv4.ip_forward:
|
||||
and grains.get('oscodename', '') == 'trusty' -%}
|
||||
# TODO: Get from google storage?
|
||||
{% set docker_pkg_name='docker-engine' %}
|
||||
{% set override_docker_ver='1.9.1-0~trusty' %}
|
||||
{% set override_deb='docker-engine_1.9.1-0~trusty_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~trusty_amd64.deb' %}
|
||||
{% set override_deb_sha1='ce728172ab29f9fdacfffffe2e2f88a144f23875' %}
|
||||
|
||||
{% elif grains.get('cloud', '') == 'aws'
|
||||
and grains.get('os_family', '') == 'Debian'
|
||||
and grains.get('oscodename', '') == 'vivid' -%}
|
||||
# TODO: Get from google storage?
|
||||
{% set docker_pkg_name='docker-engine' %}
|
||||
{% set override_docker_ver='1.9.1-0~vivid' %}
|
||||
{% set override_deb='docker-engine_1.9.1-0~vivid_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~vivid_amd64.deb' %}
|
||||
{% set override_deb_sha1='81741f6f16630632de53762c5554238d57b3b9cb' %}
|
||||
{% set override_docker_ver='1.11.2-0~trusty' %}
|
||||
{% set override_deb='docker-engine_1.11.2-0~trusty_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.11.2-0~trusty_amd64.deb' %}
|
||||
{% set override_deb_sha1='022dee31e68c6d572eaac750915786e4a6729d2a' %}
|
||||
|
||||
{% elif grains.get('cloud', '') == 'aws'
|
||||
and grains.get('os_family', '') == 'Debian'
|
||||
and grains.get('oscodename', '') == 'wily' -%}
|
||||
# TODO: Get from google storage?
|
||||
{% set docker_pkg_name='docker-engine' %}
|
||||
{% set override_docker_ver='1.9.1-0~wily' %}
|
||||
{% set override_deb='docker-engine_1.9.1-0~wily_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.9.1-0~wily_amd64.deb' %}
|
||||
{% set override_deb_sha1='a505fd49372cf836f5b9ed953053c50b3381dbfd' %}
|
||||
{% set override_docker_ver='1.11.2-0~wily' %}
|
||||
{% set override_deb='docker-engine_1.11.2-0~wily_amd64.deb' %}
|
||||
{% set override_deb_url='http://apt.dockerproject.org/repo/pool/main/d/docker-engine/docker-engine_1.11.2-0~wily_amd64.deb' %}
|
||||
{% set override_deb_sha1='3e02f51fe18aa777eeb1676c3d9a75e5ea6d96c9' %}
|
||||
|
||||
{% else %}
|
||||
{% set docker_pkg_name='lxc-docker-1.7.1' %}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user