From 354d53c4c3f0b83430e1b45bbf5359ac703bf16f Mon Sep 17 00:00:00 2001 From: Drew Walters Date: Mon, 12 Aug 2019 15:48:03 +0000 Subject: [PATCH] AIO multinode: Add root user directive to Kubelet Systemd units run as the root user by default; however, environment variables in spawned processes are not populated for the root user unless "User=root" is specified for a particular unit [0]. This change adds the "User=root" declaration to the Kubelet systemd unit so that Kubelet will look in the root user's home directory for Docker configuration information. Without this change, Docker configuration information, such as authentication keys for private repositories, are ignored by Kubelet even though the Docker daemon honors them. [0] https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Environment%20variables%20in%20spawned%20processes Change-Id: I209de0f4f04c078d39b1e8bf18195e51e965cbf3 Signed-off-by: Drew Walters --- .../playbooks/roles/deploy-kubelet/templates/10-kubeadm.conf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/10-kubeadm.conf.j2 b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/10-kubeadm.conf.j2 index 926040be9..cff1a9516 100644 --- a/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/10-kubeadm.conf.j2 +++ b/tools/images/kubeadm-aio/assets/opt/playbooks/roles/deploy-kubelet/templates/10-kubeadm.conf.j2 @@ -1,4 +1,5 @@ [Service] +User=root Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf" Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true --cgroup-driver={{ kubelet_cgroup_driver }}" Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin --node-ip={% if kubelet.bind_addr is defined %}{{ kubelet.bind_addr }}{% else %}{% if kubelet.bind_device is defined %}{{ hostvars[inventory_hostname]['ansible_'+kubelet.bind_device].ipv4.address }}{% else %}{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}{% endif %}{% endif %} --hostname-override={{ kubelet_node_hostname }}"