"Fossies" - the Fresh Open Source Software Archive

Member "magnum-8.2.0/magnum/drivers/k8s_coreos_v1/templates/fragments/enable-kubelet-master.yaml" (6 Dec 2019, 3622 Bytes) of package /linux/misc/openstack/magnum-8.2.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Ansible YAML source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "enable-kubelet-master.yaml": 8.1.0_vs_8.2.0.

    1 #cloud-config
    2 write_files:
    3   - path: /etc/systemd/system/enable-kubelet.service
    4     owner: "root:root"
    5     permissions: "0644"
    6     content: |
    7       [Unit]
    8       Description=Enable Kubelet
    9 
   10       [Service]
   11       Type=oneshot
   12       EnvironmentFile=/etc/sysconfig/heat-params
   13       ExecStart=/etc/sysconfig/enable-kubelet-master.sh
   14 
   15       [Install]
   16       WantedBy=multi-user.target
   17 
   18   - path: /etc/sysconfig/enable-kubelet-master.sh
   19     owner: "root:root"
   20     permissions: "0755"
   21     content: |
   22       #!/bin/sh
   23 
   24       if [ -z "${KUBE_NODE_IP}" ]; then
   25         KUBE_NODE_IP=$(curl -s http://169.254.169.254/latest/meta-data/local-ipv4)
   26       fi
   27 
   28       if [ -n "${INSECURE_REGISTRY_URL}" ]; then
   29           INSECURE_REGISTRY_ARGS="--pod-infra-container-image=${INSECURE_REGISTRY_URL}/google_containers/pause\:3.0"
   30       else
   31           INSECURE_REGISTRY_ARGS=""
   32       fi
   33 
   34       uuid_file="/var/run/kubelet-pod.uuid"
   35       CONF_FILE=/etc/systemd/system/kubelet.service
   36       cat > $CONF_FILE <<EOF
   37       [Service]
   38       EnvironmentFile=/etc/environment
   39       Environment=KUBELET_IMAGE_TAG=${KUBE_VERSION}
   40       Environment=KUBELET_IMAGE_REPO=${HYPERKUBE_IMAGE_REPO}
   41       Environment="RKT_RUN_ARGS=--uuid-file-save=${uuid_file} \
   42         --volume dns,kind=host,source=/etc/resolv.conf \
   43         --mount volume=dns,target=/etc/resolv.conf \
   44         --volume rkt,kind=host,source=/opt/bin/host-rkt \
   45         --mount volume=rkt,target=/usr/bin/rkt \
   46         --volume var-lib-rkt,kind=host,source=/var/lib/rkt \
   47         --mount volume=var-lib-rkt,target=/var/lib/rkt \
   48         --volume stage,kind=host,source=/tmp \
   49         --mount volume=stage,target=/tmp \
   50         --volume var-log,kind=host,source=/var/log \
   51         --mount volume=var-log,target=/var/log"
   52       ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/manifests
   53       ExecStartPre=/usr/bin/mkdir -p /opt/cni/bin
   54       ExecStartPre=/usr/bin/mkdir -p /var/log/containers
   55       ExecStartPre=-/usr/bin/rkt rm --uuid-file=${uuid_file}
   56       ExecStart=/usr/lib/coreos/kubelet-wrapper \
   57         --kubeconfig=/etc/kubernetes/master-kubeconfig.yaml \
   58         --cni-conf-dir=/etc/kubernetes/cni/net.d \
   59         --network-plugin=cni \
   60         --hostname-override=${INSTANCE_NAME} \
   61         --container-runtime=${CONTAINER_RUNTIME} \
   62         --register-with-taints=node.alpha.kubernetes.io/role=master:NoSchedule \
   63         --allow-privileged=true \
   64         --pod-manifest-path=/etc/kubernetes/manifests \
   65         --logtostderr=true \
   66         --v=0 \
   67         --cluster_dns=${DNS_SERVICE_IP} \
   68         --cluster_domain=${DNS_CLUSTER_DOMAIN} \
   69         ${INSECURE_REGISTRY_ARGS}
   70       ExecStop=-/usr/bin/rkt stop --uuid-file=${uuid_file}
   71       Restart=always
   72       RestartSec=10
   73       [Install]
   74       WantedBy=multi-user.target
   75       EOF
   76 
   77       TEMPLATE=/opt/bin/host-rkt
   78       mkdir -p $(dirname $TEMPLATE)
   79       cat << EOF > $TEMPLATE
   80       #!/bin/sh
   81       # This is bind mounted into the kubelet rootfs and all rkt shell-outs go
   82       # through this rkt wrapper. It essentially enters the host mount namespace
   83       # (which it is already in) only for the purpose of breaking out of the chroot
   84       # before calling rkt. It makes things like rkt gc work and avoids bind mounting
   85       # in certain rkt filesystem dependancies into the kubelet rootfs. This can
   86       # eventually be obviated when the write-api stuff gets upstream and rkt gc is
   87       # through the api-server. Related issue:
   88       # https://github.com/coreos/rkt/issues/2878
   89       exec nsenter -m -u -i -n -p -t 1 -- /usr/bin/rkt "\$@"
   90       EOF
   91 
   92       systemctl enable kubelet
   93       systemctl --no-block start kubelet