WIP Kubernetes

Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>

projects/kubernetes/Boxfile

@@ -0,0 +1,91 @@
+image_name = "errordeveloper/mobykube"
+
+@versions = {
+  kubernetes: "v1.6.1",
+  weave: "v1.9.4",
+  tini: "v0.14.0",
+}
+
+from "gcr.io/google_containers/hyperkube-amd64:#{@versions[:kubernetes]}"
+
+def install_packages pkgs
+  cmds = [
+    %(apt-get update -q),
+    %(apt-get upgrade -qy),
+    %(apt-get install -qy #{pkgs}),
+  ]
+
+  cmds.each { |cmd| run cmd }
+end
+
+def install_dependencies
+
+  prepare = [
+    'curl --silent "https://packages.cloud.google.com/apt/doc/apt-key.gpg" | apt-key add -',
+    'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list',
+  ]
+
+  dependencies = %(curl apt-transport-https)
+
+  official_packages = %(kubernetes-cni)
+
+  kube_release_artefacts = "https://dl.k8s.io/#{@versions[:kubernetes]}/bin/linux/amd64"
+  weave_launcher = "https://cloud.weave.works/k8s/v1.6/net.yaml?v=#{@versions[:weave]}"
+
+  download_files = [
+    "/etc/weave.yaml" => {
+      url: weave_launcher,
+      mode: '0644',
+    },
+    "/usr/bin/kubeadm" => {
+      url: "#{kube_release_artefacts}/kubeadm",
+      mode: '0755',
+    },
+    "/usr/bin/tini" => {
+      url: "https://github.com/krallin/tini/releases/download/#{@versions[:tini]}/tini",
+      mode: '0755',
+    },
+  ]
+
+  install_packages dependencies
+
+  prepare.each { |cmd| run cmd }
+
+  install_packages official_packages
+
+  download_files.each do |file|
+    file.each do |dest,info|
+      run %(curl --output "#{dest}" --fail --silent --location "#{info[:url]}")
+      run %(chmod "#{info[:mode]}" "#{dest}")
+    end
+  end
+
+end
+
+def kubelet_cmd
+  %w(
+    /hyperkube kubelet
+      --kubeconfig=/etc/kubernetes/kubelet.conf --require-kubeconfig=true
+      --pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true
+      --network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin
+      --cluster-dns=10.96.0.10 --cluster-domain=cluster.local
+      --cgroups-per-qos=false --enforce-node-allocatable=""
+      --node-ip="192.168.65.2"
+      --enable-cri=false
+  )
+end
+
+def create_kubelet_wrapper
+  kubelet_wrapper = "#!/bin/sh\nuntil #{kubelet_cmd.join(' ')} ; do sleep 1 ; done"
+  run "echo \"#{kubelet_wrapper}\" > /usr/bin/kubelet.sh && chmod 0755 /usr/bin/kubelet.sh"
+end
+
+install_dependencies
+
+create_kubelet_wrapper
+
+env KUBECONFIG: "/etc/kubernetes/admin.conf"
+
+set_exec entrypoint: %w(tini -s --), cmd: %w(kubelet.sh)
+
+tag "#{image_name}:master"

projects/kubernetes/Makefile

@@ -0,0 +1,14 @@
+all: build-container-images build-vm-images
+
+build-container-images: Boxfile
+	docker run --rm -ti \
+	  -v $(PWD):$(PWD) \
+	  -v /var/run/docker.sock:/var/run/docker.sock \
+	  -w $(PWD) \
+	    boxbuilder/box:master Boxfile
+
+push-container-images: build-container-image
+	docker push errordeveloper/mobykube:master
+
+build-vm-images:
+	../../bin/moby build -name kube-master kube-master.yml

projects/kubernetes/kube-master.yml

@@ -0,0 +1,70 @@
+kernel:
+  image: "mobylinux/kernel:4.9.x"
+  cmdline: "console=ttyS0 console=tty0 page_poison=1"
+init: "mobylinux/init:c0007f0cdf1ef821a981fcc676e3f1c2dd9ab5b1"
+system:
+  - name: sysctl
+    image: "mobylinux/sysctl:2cf2f9d5b4d314ba1bfc22b2fe931924af666d8c"
+    net: host
+    pid: host
+    ipc: host
+    capabilities:
+     - CAP_SYS_ADMIN
+    readonly: true
+  - name: binfmt
+    image: "mobylinux/binfmt:bdb754f25a5d851b4f5f8d185a43dfcbb3c22d01"
+    binds:
+     - /proc/sys/fs/binfmt_misc:/binfmt_misc
+    readonly: true
+  - name: format
+    image: "mobylinux/format:53748000acf515549d398e6ae68545c26c0f3a2e"
+    binds:
+     - /dev:/dev
+    capabilities:
+     - CAP_SYS_ADMIN
+     - CAP_MKNOD
+daemon:
+  - name: rngd
+    image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9@sha256:1c93c1db7196f6f71f8e300bc1d15f0376dd18e8891c8789d77c8ff19f3a9a92"
+    capabilities:
+     - CAP_SYS_ADMIN
+    oomScoreAdj: -800
+    readonly: true
+  - name: dhcpcd
+    image: "mobylinux/dhcpcd:57a8ef29d3a910645b2b24c124f9ce9ef53ce703"
+    binds:
+     - /var:/var
+     - /tmp/etc:/etc
+    capabilities:
+     - CAP_NET_ADMIN
+     - CAP_NET_BIND_SERVICE
+     - CAP_NET_RAW
+    net: host
+    oomScoreAdj: -800
+  - name: docker
+    image: "mobylinux/docker-ce:f6505961df89ca6b5d024f1ac5a6b986359786d1"
+    capabilities:
+     - all
+    net: host
+    pid: host
+    mounts:
+     - type: cgroup
+       options: ["rw","nosuid","noexec","nodev","relatime"]
+    binds:
+     - /dev:/dev
+     - /lib/modules:/lib/modules
+     - /var:/var
+  - name: kubelet
+    image: "errordeveloper/mobykube:master"
+    capabilities:
+     - all
+    net: host
+    pid: host
+    mounts:
+     - type: cgroup
+       options: ["rw","nosuid","noexec","nodev","relatime"]
+    binds:
+     - /etc/resolv.conf:/etc/resolv.conf
+     - /var:/var
+outputs:
+  - format: kernel+initrd