Kubeadm-aio container for dev and gates
This PS brings in a container for setting up a Kubeadm based AIO environement for development and Gating purposes. Change-Id: Ice96b03b519a380d4679d701e4bbb97024bb2fb5
This commit is contained in:
parent
e504ee0ec7
commit
00e76c1572
69
tools/kubeadm-aio/Dockerfile
Normal file
69
tools/kubeadm-aio/Dockerfile
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
FROM ubuntu:16.04
|
||||||
|
MAINTAINER pete.birley@att.com
|
||||||
|
|
||||||
|
ARG HELM_VERSION=v2.3.0
|
||||||
|
|
||||||
|
ENV container="docker" \
|
||||||
|
DEBIAN_FRONTEND="noninteractive"
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
&& cd /tmp \
|
||||||
|
&& apt-get update \
|
||||||
|
&& apt-get install -y \
|
||||||
|
apt-transport-https \
|
||||||
|
ca-certificates \
|
||||||
|
curl \
|
||||||
|
# Add Kubernetes repo
|
||||||
|
&& curl -sSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - \
|
||||||
|
&& echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list \
|
||||||
|
&& apt-get update \
|
||||||
|
&& apt-get install -y \
|
||||||
|
docker.io \
|
||||||
|
iptables \
|
||||||
|
kubectl \
|
||||||
|
kubelet \
|
||||||
|
kubernetes-cni \
|
||||||
|
# Install Kubeadm without running postinstall script as it expects systemd to be running.
|
||||||
|
&& apt-get download kubeadm \
|
||||||
|
&& dpkg --unpack kubeadm*.deb \
|
||||||
|
&& mv /var/lib/dpkg/info/kubeadm.postinst /opt/kubeadm.postinst \
|
||||||
|
&& dpkg --configure kubeadm \
|
||||||
|
&& apt-get install -yf kubeadm \
|
||||||
|
&& mkdir -p /etc/kubernetes/manifests \
|
||||||
|
# Move kubelet binary as we will run containerised
|
||||||
|
&& mv /usr/bin/kubelet /usr/bin/kubelet-real \
|
||||||
|
# Install helm binary
|
||||||
|
&& curl -sSL https://storage.googleapis.com/kubernetes-helm/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 \
|
||||||
|
&& mv /tmp/helm /usr/bin/helm \
|
||||||
|
# Install openstack-helm dev utils
|
||||||
|
&& apt-get install -y \
|
||||||
|
make \
|
||||||
|
git \
|
||||||
|
vim \
|
||||||
|
# Install nfs utils for development PVC provisioner
|
||||||
|
nfs-common \
|
||||||
|
# Tweak Systemd units and targets for running in a container
|
||||||
|
&& find /lib/systemd/system/sysinit.target.wants/ ! -name 'systemd-tmpfiles-setup.service' -type l -exec rm -fv {} + \
|
||||||
|
&& rm -fv \
|
||||||
|
/lib/systemd/system/multi-user.target.wants/* \
|
||||||
|
/etc/systemd/system/*.wants/* \
|
||||||
|
/lib/systemd/system/local-fs.target.wants/* \
|
||||||
|
/lib/systemd/system/sockets.target.wants/*udev* \
|
||||||
|
/lib/systemd/system/sockets.target.wants/*initctl* \
|
||||||
|
/lib/systemd/system/basic.target.wants/* \
|
||||||
|
# Clean up apt cache
|
||||||
|
&& rm -rf /var/lib/apt/lists/* \
|
||||||
|
# Clean up tmp dir
|
||||||
|
&& cd / \
|
||||||
|
&& rm -rf /tmp/*
|
||||||
|
|
||||||
|
# Load assets into place, setup startup target & units
|
||||||
|
COPY ./assets/ /
|
||||||
|
RUN set -x \
|
||||||
|
&& ln -s /usr/lib/systemd/system/container-up.target /etc/systemd/system/default.target \
|
||||||
|
&& mkdir -p /etc/systemd/system/container-up.target.wants \
|
||||||
|
&& ln -s /usr/lib/systemd/system/kubeadm-aio.service /etc/systemd/system/container-up.target.wants/kubeadm-aio.service
|
||||||
|
|
||||||
|
VOLUME /sys/fs/cgroup
|
||||||
|
|
||||||
|
CMD /kubeadm-aio
|
63
tools/kubeadm-aio/README.md
Normal file
63
tools/kubeadm-aio/README.md
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
# Kubeadm AIO Container
|
||||||
|
|
||||||
|
This container builds a small AIO Kubeadm based Kubernetes deployment for Development and Gating use.
|
||||||
|
|
||||||
|
## Instructions
|
||||||
|
|
||||||
|
### OS Specific Host setup:
|
||||||
|
|
||||||
|
#### Ubuntu:
|
||||||
|
|
||||||
|
From a freshly provisioned Ubuntu 16.04 LTS host run:
|
||||||
|
``` bash
|
||||||
|
sudo apt-get update -y
|
||||||
|
sudo apt-get install -y \
|
||||||
|
docker.io \
|
||||||
|
nfs-common
|
||||||
|
```
|
||||||
|
|
||||||
|
### Build and deploy the AIO environment
|
||||||
|
|
||||||
|
From the root directory of the OpenStack-Helm repo run:
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
export KUBEADM_IMAGE=openstack-helm/kubeadm-aio:v1.6
|
||||||
|
sudo docker build --pull -t ${KUBEADM_IMAGE} tools/kubeadm-aio
|
||||||
|
```
|
||||||
|
|
||||||
|
To launch the environment then run:
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
export KUBEADM_IMAGE=openstack-helm/kubeadm-aio:v1.6
|
||||||
|
export KUBE_VERSION=v1.6.0
|
||||||
|
./tools/kubeadm-aio/kubeadm-aio-launcher.sh
|
||||||
|
export KUBECONFIG=${HOME}/.kubeadm-aio/admin.conf
|
||||||
|
```
|
||||||
|
|
||||||
|
One this has run, you should hopefully have a Kubernetes single node environment
|
||||||
|
running, with Helm, Calico, a NFS PVC provisioner and appropriate RBAC rules and
|
||||||
|
node labels to get developing.
|
||||||
|
|
||||||
|
If you wish to use this environment at the primary Kubernetes environment on
|
||||||
|
your host you may run the following, but note that this will wipe any previous
|
||||||
|
client configuration you may have.
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
mkdir -p ${HOME}/.kube
|
||||||
|
cat ${HOME}/.kubeadm-aio/admin.conf > ${HOME}/.kube/config
|
||||||
|
```
|
||||||
|
|
||||||
|
If you wish to create dummy network devices for Neutron to manage there is a
|
||||||
|
helper script that can set them up for you:
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
sudo docker exec kubelet /usr/bin/openstack-helm-aio-network-prep
|
||||||
|
```
|
||||||
|
|
||||||
|
### Logs
|
||||||
|
|
||||||
|
You can get the logs from your `kubeadm-aio` container by running:
|
||||||
|
|
||||||
|
``` bash
|
||||||
|
sudo docker logs -f kubeadm-aio
|
||||||
|
```
|
3
tools/kubeadm-aio/assets/etc/kube-version
Normal file
3
tools/kubeadm-aio/assets/etc/kube-version
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# If KUBE_VERSION is set 'default' kubeadm will use the default version of K8s
|
||||||
|
# otherwise the version specified here will be used.
|
||||||
|
KUBE_VERSION=default
|
3
tools/kubeadm-aio/assets/etc/kubeapi-device
Normal file
3
tools/kubeadm-aio/assets/etc/kubeapi-device
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# If KUBE_BIND_DEV is set to 'autodetect' we will use kubeadm's autodetect logic
|
||||||
|
# otherwise use the device specified to find the IP address to bind to.
|
||||||
|
KUBE_BIND_DEV=autodetect
|
3
tools/kubeadm-aio/assets/etc/kubelet-container
Normal file
3
tools/kubeadm-aio/assets/etc/kubelet-container
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
# If KUBELET_CONTAINER is set 'to_this' one we will not attempt to launch a new
|
||||||
|
# container for the kubelet process, otherwise use the image tag specified
|
||||||
|
KUBELET_CONTAINER=this_one
|
37
tools/kubeadm-aio/assets/kubeadm-aio
Executable file
37
tools/kubeadm-aio/assets/kubeadm-aio
Executable file
@ -0,0 +1,37 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
echo "Checking cgroups"
|
||||||
|
if ls -dZ /sys/fs/cgroup | grep -q :svirt_sandbox_file_t: ; then
|
||||||
|
echo "Invocation error: use -v /sys/fs/cgroup:/sys/fs/cgroup:ro parameter to docker run."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Setting up K8s version to deploy"
|
||||||
|
: ${KUBE_VERSION:="default"}
|
||||||
|
sed -i "s|KUBE_VERSION=.*|KUBE_VERSION=${KUBE_VERSION}|g" /etc/kube-version
|
||||||
|
|
||||||
|
echo "Setting up device image to use for kube-api"
|
||||||
|
: ${KUBE_BIND_DEV:="autodetect"}
|
||||||
|
sed -i "s|KUBE_BIND_DEV=.*|KUBE_BIND_DEV=${KUBE_BIND_DEV}|g" /etc/kubeapi-device
|
||||||
|
|
||||||
|
echo "Setting up container image to use for kubelet"
|
||||||
|
: ${KUBELET_CONTAINER:="this_one"}
|
||||||
|
sed -i "s|KUBELET_CONTAINER=.*|KUBELET_CONTAINER=${KUBELET_CONTAINER}|g" /etc/kubelet-container
|
||||||
|
|
||||||
|
echo "Starting Systemd"
|
||||||
|
exec /bin/systemd --system
|
72
tools/kubeadm-aio/assets/opt/nfs-provisioner/deployment.yaml
Normal file
72
tools/kubeadm-aio/assets/opt/nfs-provisioner/deployment.yaml
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
kind: Service
|
||||||
|
apiVersion: v1
|
||||||
|
metadata:
|
||||||
|
name: nfs-provisioner
|
||||||
|
labels:
|
||||||
|
app: nfs-provisioner
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: nfs
|
||||||
|
port: 2049
|
||||||
|
- name: mountd
|
||||||
|
port: 20048
|
||||||
|
- name: rpcbind
|
||||||
|
port: 111
|
||||||
|
- name: rpcbind-udp
|
||||||
|
port: 111
|
||||||
|
protocol: UDP
|
||||||
|
selector:
|
||||||
|
app: nfs-provisioner
|
||||||
|
---
|
||||||
|
kind: Deployment
|
||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
metadata:
|
||||||
|
name: nfs-provisioner
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
strategy:
|
||||||
|
type: Recreate
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: nfs-provisioner
|
||||||
|
spec:
|
||||||
|
containers:
|
||||||
|
- name: nfs-provisioner
|
||||||
|
image: quay.io/kubernetes_incubator/nfs-provisioner:v1.0.3
|
||||||
|
ports:
|
||||||
|
- name: nfs
|
||||||
|
containerPort: 2049
|
||||||
|
- name: mountd
|
||||||
|
containerPort: 20048
|
||||||
|
- name: rpcbind
|
||||||
|
containerPort: 111
|
||||||
|
- name: rpcbind-udp
|
||||||
|
containerPort: 111
|
||||||
|
protocol: UDP
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
add:
|
||||||
|
- DAC_READ_SEARCH
|
||||||
|
args:
|
||||||
|
- "-provisioner=example.com/nfs"
|
||||||
|
- "-grace-period=10"
|
||||||
|
env:
|
||||||
|
- name: POD_IP
|
||||||
|
valueFrom:
|
||||||
|
fieldRef:
|
||||||
|
fieldPath: status.podIP
|
||||||
|
- name: SERVICE_NAME
|
||||||
|
value: nfs-provisioner
|
||||||
|
- name: POD_NAMESPACE
|
||||||
|
valueFrom:
|
||||||
|
fieldRef:
|
||||||
|
fieldPath: metadata.namespace
|
||||||
|
imagePullPolicy: "IfNotPresent"
|
||||||
|
volumeMounts:
|
||||||
|
- name: export-volume
|
||||||
|
mountPath: /export
|
||||||
|
volumes:
|
||||||
|
- name: export-volume
|
||||||
|
hostPath:
|
||||||
|
path: /var/lib/nfs-provisioner
|
@ -0,0 +1,5 @@
|
|||||||
|
kind: StorageClass
|
||||||
|
apiVersion: storage.k8s.io/v1
|
||||||
|
metadata:
|
||||||
|
name: general
|
||||||
|
provisioner: example.com/nfs
|
15
tools/kubeadm-aio/assets/opt/rbac/dev.yaml
Normal file
15
tools/kubeadm-aio/assets/opt/rbac/dev.yaml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
apiVersion: rbac.authorization.k8s.io/v1alpha1
|
||||||
|
kind: ClusterRoleBinding
|
||||||
|
metadata:
|
||||||
|
name: cluster-admin
|
||||||
|
roleRef:
|
||||||
|
apiGroup: rbac.authorization.k8s.io
|
||||||
|
kind: ClusterRole
|
||||||
|
name: cluster-admin
|
||||||
|
subjects:
|
||||||
|
- kind: Group
|
||||||
|
name: system:masters
|
||||||
|
- kind: Group
|
||||||
|
name: system:authenticated
|
||||||
|
- kind: Group
|
||||||
|
name: system:unauthenticated
|
48
tools/kubeadm-aio/assets/usr/bin/kubeadm-aio
Executable file
48
tools/kubeadm-aio/assets/usr/bin/kubeadm-aio
Executable file
@ -0,0 +1,48 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
# Define k8s version
|
||||||
|
source /etc/kube-version
|
||||||
|
if [[ "${KUBE_VERSION}" == "default" ]]; then
|
||||||
|
KUBE_VERSION_FLAG=""
|
||||||
|
else
|
||||||
|
KUBE_VERSION_FLAG="--kubernetes-version=${KUBE_VERSION}"
|
||||||
|
echo "We will use K8s ${KUBE_VERSION}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Setting up K8s"
|
||||||
|
source /etc/kubeapi-device
|
||||||
|
if [[ "$KUBE_BIND_DEV" != "autodetect" ]]; then
|
||||||
|
KUBE_BIND_IP=$(ip addr list ${KUBE_BIND_DEV} |grep "inet " |cut -d' ' -f6|cut -d/ -f1)
|
||||||
|
echo "We are going to bind the K8s API to: ${KUBE_BIND_IP}"
|
||||||
|
kubeadm init --skip-preflight-checks ${KUBE_VERSION_FLAG} --api-advertise-addresses ${KUBE_BIND_IP}
|
||||||
|
else
|
||||||
|
kubeadm init --skip-preflight-checks ${KUBE_VERSION_FLAG}
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Setting up K8s client"
|
||||||
|
cp /etc/kubernetes/admin.conf /root/
|
||||||
|
export KUBECONFIG=/root/admin.conf
|
||||||
|
|
||||||
|
echo "Marking master node as sceduleable"
|
||||||
|
kubectl taint nodes --all node-role.kubernetes.io/master-
|
||||||
|
|
||||||
|
echo "Installing Calico CNI"
|
||||||
|
kubectl create -f http://docs.projectcalico.org/v2.1/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml
|
||||||
|
|
||||||
|
echo "Setting Up Cluser for OpenStack-Helm dev use"
|
||||||
|
/usr/bin/openstack-helm-dev-prep
|
60
tools/kubeadm-aio/assets/usr/bin/kubelet
Executable file
60
tools/kubeadm-aio/assets/usr/bin/kubelet
Executable file
@ -0,0 +1,60 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
# Set the KUBELET_CONTAINER env var
|
||||||
|
source /etc/kubelet-container
|
||||||
|
|
||||||
|
# Detrmine the Cgroup driver in use by Docker
|
||||||
|
CGROUP_DRIVER=$(docker info | awk '/^Cgroup Driver:/ { print $NF }')
|
||||||
|
|
||||||
|
if [[ "${KUBELET_CONTAINER}" == "this_one" ]]; then
|
||||||
|
exec kubelet-real \
|
||||||
|
--containerized=true \
|
||||||
|
--enable-cri=false \
|
||||||
|
--cgroup-driver=${CGROUP_DRIVER} "${@}"
|
||||||
|
else
|
||||||
|
# Lets remove any old containers
|
||||||
|
docker rm -f kubelet || true
|
||||||
|
|
||||||
|
# Launch the container
|
||||||
|
exec docker run \
|
||||||
|
--name kubelet \
|
||||||
|
--restart=always \
|
||||||
|
--volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
|
||||||
|
--volume=/:/rootfs:ro \
|
||||||
|
--volume=/dev/net:/dev/net:rw \
|
||||||
|
--volume=/var/run/netns:/var/run/netns:rw \
|
||||||
|
--volume=/sys:/sys:ro \
|
||||||
|
--volume=/etc/machine-id:/etc/machine-id:ro \
|
||||||
|
--volume=/opt/cni:/opt/cni:rw \
|
||||||
|
--volume=/etc/cni/net.d:/etc/cni/net.d:rw \
|
||||||
|
--volume=/var/lib/docker/:/var/lib/docker:rw \
|
||||||
|
--volume=/var/lib/kubelet/:/var/lib/kubelet:rshared \
|
||||||
|
--volume=/var/run:/var/run:rw \
|
||||||
|
--volume=/etc/kubernetes:/etc/kubernetes:rw \
|
||||||
|
--volume=/etc/hosts:/etc/hosts:rw \
|
||||||
|
--volume=/etc/resolv.conf:/etc/resolv.conf:rw \
|
||||||
|
--net=host \
|
||||||
|
--privileged=true \
|
||||||
|
--pid=host \
|
||||||
|
--ipc=host \
|
||||||
|
${KUBELET_CONTAINER} \
|
||||||
|
kubelet \
|
||||||
|
--containerized=true \
|
||||||
|
--enable-cri=false \
|
||||||
|
--cgroup-driver=${CGROUP_DRIVER} "${@}"
|
||||||
|
fi
|
22
tools/kubeadm-aio/assets/usr/bin/openstack-helm-aio-network-prep
Executable file
22
tools/kubeadm-aio/assets/usr/bin/openstack-helm-aio-network-prep
Executable file
@ -0,0 +1,22 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
echo "Setting up virtual network devices"
|
||||||
|
ip link add neutron-ext type dummy || true
|
||||||
|
ip link set neutron-ext up
|
||||||
|
ip link add neutron-phys type dummy || true
|
||||||
|
ip link set neutron-phys up
|
34
tools/kubeadm-aio/assets/usr/bin/openstack-helm-demo-prep
Executable file
34
tools/kubeadm-aio/assets/usr/bin/openstack-helm-demo-prep
Executable file
@ -0,0 +1,34 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
echo "Setting Kubecfg Location"
|
||||||
|
export KUBECONFIG=/root/admin.conf
|
||||||
|
|
||||||
|
echo "Cloning OpenStack-Helm"
|
||||||
|
git clone --depth 1 https://github.com/openstack/openstack-helm.git /opt/openstack-helm
|
||||||
|
|
||||||
|
echo "Starting helm local repo"
|
||||||
|
helm serve &
|
||||||
|
until curl -sSL --connect-timeout 1 http://localhost:8879 > /dev/null; do
|
||||||
|
echo "Waiting for helm serve to start"
|
||||||
|
sleep 2
|
||||||
|
done
|
||||||
|
helm repo add local http://localhost:8879/charts
|
||||||
|
|
||||||
|
echo "Building OpenStack-Helm"
|
||||||
|
cd /opt/openstack-helm
|
||||||
|
make
|
28
tools/kubeadm-aio/assets/usr/bin/openstack-helm-dev-prep
Executable file
28
tools/kubeadm-aio/assets/usr/bin/openstack-helm-dev-prep
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
echo "Setting Kubecfg Location"
|
||||||
|
export KUBECONFIG=/root/admin.conf
|
||||||
|
|
||||||
|
echo "Labeling the nodes for Openstack-Helm deployment"
|
||||||
|
kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack --overwrite
|
||||||
|
kubectl label nodes openvswitch=enabled --all --namespace=openstack --overwrite
|
||||||
|
kubectl label nodes openstack-compute-node=enabled --all --namespace=openstack --overwrite
|
||||||
|
|
||||||
|
|
||||||
|
echo "RBAC: applying development rules (totally open!)"
|
||||||
|
kubectl update -f /opt/rbac/dev.yaml
|
22
tools/kubeadm-aio/assets/usr/bin/openstack-helm-nfs-prep
Executable file
22
tools/kubeadm-aio/assets/usr/bin/openstack-helm-nfs-prep
Executable file
@ -0,0 +1,22 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
echo "Setting Kubecfg Location"
|
||||||
|
export KUBECONFIG=/root/admin.conf
|
||||||
|
|
||||||
|
echo "Deploying NFS Provisioner"
|
||||||
|
kubectl create -R -f /opt/nfs-provisioner/
|
@ -0,0 +1,20 @@
|
|||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=Minimal target for containerized applications
|
||||||
|
DefaultDependencies=false
|
||||||
|
AllowIsolate=yes
|
||||||
|
Requires=systemd-tmpfiles-setup.service systemd-journald.service dbus.service
|
||||||
|
After=systemd-tmpfiles-setup.service systemd-journald.service dbus.service
|
@ -0,0 +1,26 @@
|
|||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
[Unit]
|
||||||
|
Description=Start Kubeadm AIO Cluster
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/usr/bin/kubeadm-aio
|
||||||
|
FailureAction=poweroff
|
||||||
|
StandardOutput=tty
|
||||||
|
TimeoutStartSec=0
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=container-up.target
|
80
tools/kubeadm-aio/kubeadm-aio-launcher.sh
Executable file
80
tools/kubeadm-aio/kubeadm-aio-launcher.sh
Executable file
@ -0,0 +1,80 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
# Setup shared mounts for kubelet
|
||||||
|
sudo mkdir -p /var/lib/kubelet
|
||||||
|
sudo mount --bind /var/lib/kublet /var/lib/kubelet
|
||||||
|
sudo mount --make-shared /var/lib/kubelet
|
||||||
|
|
||||||
|
# Cleanup any old deployment
|
||||||
|
sudo docker rm -f kubeadm-aio || true
|
||||||
|
sudo docker rm -f kubelet || true
|
||||||
|
sudo docker ps -aq | xargs -l1 sudo docker rm -f || true
|
||||||
|
sudo rm -rfv \
|
||||||
|
/etc/cni/net.d \
|
||||||
|
/etc/kubernetes \
|
||||||
|
/var/lib/etcd \
|
||||||
|
/var/lib/kubelet/* \
|
||||||
|
/run/openvswitch \
|
||||||
|
${HOME}/.kubeadm-aio/admin.conf \
|
||||||
|
/var/lib/nfs-provisioner || true
|
||||||
|
|
||||||
|
# Launch Container
|
||||||
|
sudo docker run \
|
||||||
|
-dt \
|
||||||
|
--name=kubeadm-aio \
|
||||||
|
--net=host \
|
||||||
|
--security-opt=seccomp:unconfined \
|
||||||
|
--cap-add=SYS_ADMIN \
|
||||||
|
--tmpfs=/run \
|
||||||
|
--tmpfs=/run/lock \
|
||||||
|
--volume=/etc/machine-id:/etc/machine-id:ro \
|
||||||
|
--volume=${HOME}:${HOME}:rw \
|
||||||
|
--volume=${HOME}/.kubeadm-aio:/root:rw \
|
||||||
|
--volume=/etc/kubernetes:/etc/kubernetes:rw \
|
||||||
|
--volume=/sys/fs/cgroup:/sys/fs/cgroup:ro \
|
||||||
|
--volume=/var/run/docker.sock:/run/docker.sock \
|
||||||
|
--env KUBELET_CONTAINER=${KUBEADM_IMAGE} \
|
||||||
|
--env KUBE_VERSION=${KUBE_VERSION} \
|
||||||
|
${KUBEADM_IMAGE}
|
||||||
|
|
||||||
|
# Wait for kubeconfig
|
||||||
|
while [[ ! -f ${HOME}/.kubeadm-aio/admin.conf ]]; do
|
||||||
|
echo "Waiting for kubeconfig"
|
||||||
|
sleep 2
|
||||||
|
done
|
||||||
|
|
||||||
|
# Set perms of kubeconfig and set env-var
|
||||||
|
sudo chown $(id -u):$(id -g) ${HOME}/.kubeadm-aio/admin.conf
|
||||||
|
export KUBECONFIG=${HOME}/.kubeadm-aio/admin.conf
|
||||||
|
|
||||||
|
# Wait for node to be ready before continuing
|
||||||
|
NODE_STATUS="Unknown"
|
||||||
|
while [[ $NODE_STATUS != "Ready" ]]; do
|
||||||
|
NODE_STATUS=$(kubectl get nodes --no-headers=true | awk "{ print \$2 }" | head -1)
|
||||||
|
echo "Current node status: ${NODE_STATUS}"
|
||||||
|
sleep 2
|
||||||
|
done
|
||||||
|
|
||||||
|
# Initialize Helm
|
||||||
|
helm init
|
||||||
|
|
||||||
|
# Initialize Environment for Development
|
||||||
|
sudo docker exec kubeadm-aio openstack-helm-dev-prep
|
||||||
|
|
||||||
|
# Deploy NFS provisioner into enviromment
|
||||||
|
sudo docker exec kubeadm-aio openstack-helm-nfs-prep
|
Loading…
Reference in New Issue
Block a user