From b6fbc82e418966556f4a49e8aaeb906689c1050f Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Mon, 18 Sep 2017 10:23:33 +0100 Subject: [PATCH] kubernetes: Configuration of kubelet via file This allows cri-containerd and docker based systems to pass the correct options via composition of yml files, while keeping the kubelet service stanza common. Since bind mounts are not conditional on the presence of the source we need to create an empty file in the docker case. Signed-off-by: Ian Campbell --- projects/kubernetes/kube-master.yml | 2 ++ projects/kubernetes/kube-node.yml | 2 ++ projects/kubernetes/kubernetes/Dockerfile | 2 +- projects/kubernetes/kubernetes/kubelet.sh | 5 ++++- 4 files changed, 9 insertions(+), 2 deletions(-) diff --git a/projects/kubernetes/kube-master.yml b/projects/kubernetes/kube-master.yml index 0f574badd..1f944580d 100644 --- a/projects/kubernetes/kube-master.yml +++ b/projects/kubernetes/kube-master.yml @@ -65,6 +65,8 @@ services: files: - path: /etc/kubernetes symlink: "/var/lib/kubeadm" + - path: /etc/kubelet.conf + contents: "" - path: /etc/sysctl.d/01-kubernetes.conf contents: 'net.ipv4.ip_forward = 1' - path: /opt/cni diff --git a/projects/kubernetes/kube-node.yml b/projects/kubernetes/kube-node.yml index 811e97e54..c0410ba54 100644 --- a/projects/kubernetes/kube-node.yml +++ b/projects/kubernetes/kube-node.yml @@ -63,6 +63,8 @@ services: files: - path: /etc/kubernetes symlink: "/var/lib/kubeadm" + - path: /etc/kubelet.conf + contents: "" - path: /etc/sysctl.d/01-kubernetes.conf contents: 'net.ipv4.ip_forward = 1' - path: /opt/cni diff --git a/projects/kubernetes/kubernetes/Dockerfile b/projects/kubernetes/kubernetes/Dockerfile index aaa9e1bd0..a6cafa178 100644 --- a/projects/kubernetes/kubernetes/Dockerfile +++ b/projects/kubernetes/kubernetes/Dockerfile @@ -45,4 +45,4 @@ WORKDIR / ENTRYPOINT ["/usr/bin/kubelet.sh"] COPY --from=build /out / ENV KUBECONFIG "/etc/kubernetes/admin.conf" -LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/etc/resolv.conf:/etc/resolv.conf", "/run:/run:rshared,rbind", "/var:/var:rshared,rbind", "/var/lib/kubeadm:/etc/kubernetes"], "mounts": [{"type": "cgroup", "options": ["rw","nosuid","noexec","nodev","relatime"]}], "capabilities": ["all"], "rootfsPropagation": "shared", "pid": "host", "runtime": {"mkdir": ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"], "mounts": [{"type": "bind", "source": "/var/lib/cni/opt", "destination": "/opt/cni", "options": ["rw", "bind"]}, {"type": "bind", "source": "/var/lib/cni/etc", "destination": "/etc/cni", "options": ["rw", "bind"]}]}}' +LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/etc/resolv.conf:/etc/resolv.conf", "/run:/run:rshared,rbind", "/var:/var:rshared,rbind", "/var/lib/kubeadm:/etc/kubernetes", "/etc/kubelet.conf:/etc/kubelet.conf"], "mounts": [{"type": "cgroup", "options": ["rw","nosuid","noexec","nodev","relatime"]}], "capabilities": ["all"], "rootfsPropagation": "shared", "pid": "host", "runtime": {"mkdir": ["/var/lib/kubeadm", "/var/lib/cni/etc", "/var/lib/cni/opt"], "mounts": [{"type": "bind", "source": "/var/lib/cni/opt", "destination": "/opt/cni", "options": ["rw", "bind"]}, {"type": "bind", "source": "/var/lib/cni/etc", "destination": "/etc/cni", "options": ["rw", "bind"]}]}}' diff --git a/projects/kubernetes/kubernetes/kubelet.sh b/projects/kubernetes/kubernetes/kubelet.sh index d42033968..f58067802 100755 --- a/projects/kubernetes/kubernetes/kubelet.sh +++ b/projects/kubernetes/kubernetes/kubelet.sh @@ -4,6 +4,9 @@ if [ ! -e /var/lib/cni/.opt.defaults-extracted ] ; then tar -xzf /root/cni.tgz -C /var/lib/cni/opt/bin touch /var/lib/cni/.opt.defaults-extracted fi +if [ -e /etc/kubelet.conf ] ; then + . /etc/kubelet.conf +fi until kubelet --kubeconfig=/var/lib/kubeadm/kubelet.conf \ --require-kubeconfig=true \ --pod-manifest-path=/var/lib/kubeadm/manifests \ @@ -15,7 +18,7 @@ until kubelet --kubeconfig=/var/lib/kubeadm/kubelet.conf \ --network-plugin=cni \ --cni-conf-dir=/var/lib/cni/etc/net.d \ --cni-bin-dir=/var/lib/cni/opt/bin \ - $@; do + $KUBELET_ARGS $@; do if [ ! -f /var/config/userdata ] ; then sleep 1 else