cri-o/vendor/k8s.io/kubernetes/cluster/rackspace/cloud-config/node-cloud-config.yaml

#cloud-config

write_files:
  - path: /opt/bin/regen-apiserver-list.sh
    permissions: 0755
    content: |
      #!/bin/sh
      m=$(echo $(etcdctl ls --recursive /corekube/apiservers | cut -d/ -f4 | sort) | tr ' ' ,)
      mkdir -p /run/kubelet
      echo "APISERVER_IPS=$m" > /run/kubelet/apiservers.env
      echo "FIRST_APISERVER_URL=https://${m%%\,*}:6443" >> /run/kubelet/apiservers.env
  - path: /opt/bin/download-release.sh
    permissions: 0755
    content: |
      #!/bin/bash
      # This temp URL is only good for the length of time specified at cluster creation time.
      # Afterward, it will result in a 403.
      OBJECT_URL="CLOUD_FILES_URL"
      if [ ! -s /opt/kubernetes.tar.gz ]
      then
        echo "Downloading release ($OBJECT_URL)"
        wget "${OBJECT_URL}" -O /opt/kubernetes.tar.gz
        echo "Unpacking release"
        rm -rf /opt/kubernetes || false
        tar xzf /opt/kubernetes.tar.gz -C /opt/
      else
        echo "kubernetes release found. Skipping download."
      fi
  - path: /run/config-kubelet.sh
    permissions: 0755
    content: |
      #!/bin/bash -e
      set -x
      /usr/bin/mkdir -p /var/lib/kubelet
      cat > /var/lib/kubelet/kubeconfig << EOF
      apiVersion: v1
      kind: Config
      users:
      - name: kubelet
        user:
          token: KUBELET_TOKEN
      clusters:
      - name: local
        cluster:
          insecure-skip-tls-verify: true
      contexts:
      - context:
          cluster: local
          user: kubelet
        name: service-account-context
      current-context: service-account-context
      EOF
  - path: /run/config-kube-proxy.sh
    permissions: 0755
    content: |
      #!/bin/bash -e
      set -x
      /usr/bin/mkdir -p /var/lib/kube-proxy
      cat > /var/lib/kube-proxy/kubeconfig << EOF
      apiVersion: v1
      kind: Config
      users:
      - name: kube-proxy
        user:
          token: KUBE_PROXY_TOKEN
      clusters:
      - name: local
        cluster:
          insecure-skip-tls-verify: true
      contexts:
      - context:
          cluster: local
          user: kube-proxy
        name: service-account-context
      current-context: service-account-context
      EOF

coreos:
  etcd2:
    discovery: https://discovery.etcd.io/DISCOVERY_ID
    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
    initial-advertise-peer-urls: http://$private_ipv4:2380
    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001

  flannel:
    ip_masq: true
    interface: eth2

  fleet:
    public-ip: $private_ipv4
    metadata: kubernetes_role=minion

  update:
    reboot-strategy: off

  units:
    - name: etcd2.service
      command: start
    - name: fleet.service
      command: start
    - name: flanneld.service
      drop-ins:
        - name: 50-flannel.conf
          content: |
            [Unit]
            Requires=etcd2.service
            After=etcd2.service

            [Service]
            ExecStartPre=-/usr/bin/etcdctl mk /coreos.com/network/config '{"Network":"KUBE_NETWORK", "Backend": {"Type": "host-gw"}}'
      command: start
    - name: docker.service
      command: start
      drop-ins:
        - name: 51-docker-mirror.conf
          content: |
            [Unit]
            # making sure that flanneld finished startup, otherwise containers
            # won't land in flannel's network...
            Requires=flanneld.service
            After=flanneld.service
            Restart=Always
    - name: download-release.service
      command: start
      content: |
        [Unit]
        Description=Downloads Kubernetes Release
        After=network-online.target
        Requires=network-online.target
        [Service]
        Type=oneshot
        RemainAfterExit=yes
        ExecStart=/usr/bin/bash /opt/bin/download-release.sh
    - name: kubelet.service
      command: start
      content: |
        [Unit]
        Description=Kubernetes Kubelet
        Documentation=https://github.com/kubernetes/kubernetes
        After=network-online.target
        Requires=network-online.target
        After=docker.service
        Requires=docker.service
        After=download-release.service
        Requires=download-release.service
        After=apiserver-finder.service
        Requires=apiserver-finder.service
        [Service]
        EnvironmentFile=/run/kubelet/apiservers.env
        ExecStartPre=/run/config-kubelet.sh
        ExecStartPre=/usr/bin/ln -sf /opt/kubernetes/server/bin/kubelet /opt/bin/kubelet
        ExecStart=/opt/bin/kubelet \
        --address=$private_ipv4 \
        --api-servers=${FIRST_APISERVER_URL} \
        --cluster-dns=DNS_SERVER_IP \
        --cluster-domain=DNS_DOMAIN \
        --healthz-bind-address=$private_ipv4 \
        --hostname-override=$private_ipv4 \
        --logtostderr=true \
        --v=2
        Restart=always
        RestartSec=5
        KillMode=process
    - name: kube-proxy.service
      command: start
      content: |
        [Unit]
        Description=Kubernetes Proxy
        Documentation=https://github.com/kubernetes/kubernetes
        After=network-online.target
        Requires=network-online.target
        After=docker.service
        Requires=docker.service
        After=download-release.service
        Requires=download-release.service
        After=apiserver-finder.service
        Requires=apiserver-finder.service
        [Service]
        EnvironmentFile=/run/kubelet/apiservers.env
        ExecStartPre=/run/config-kube-proxy.sh
        ExecStartPre=/usr/bin/ln -sf /opt/kubernetes/server/bin/kube-proxy /opt/bin/kube-proxy
        ExecStart=/opt/bin/kube-proxy \
        --bind-address=$private_ipv4 \
        --kubeconfig=/var/lib/kube-proxy/kubeconfig \
        --logtostderr=true \
        --hostname-override=$private_ipv4 \
        --master=${FIRST_APISERVER_URL}
        Restart=always
        RestartSec=5
    - name: apiserver-finder.service
      command: start
      content: |
        [Unit]
        Description=Kubernetes Apiserver finder
        After=network-online.target
        Requires=network-online.target
        After=etcd2.service
        Requires=etcd2.service
        [Service]
        ExecStartPre=/opt/bin/regen-apiserver-list.sh
        ExecStart=/usr/bin/etcdctl exec-watch --recursive /corekube/apiservers -- /opt/bin/regen-apiserver-list.sh
        Restart=always
        RestartSec=30
    - name: cbr0.netdev
      command: start
      content: |
        [NetDev]
        Kind=bridge
        Name=cbr0
    - name: cbr0.network
      command: start
      content: |
        [Match]
        Name=cbr0

        [Network]
        Address=10.240.INDEX.1/24
    - name: nat.service
      command: start
      content: |
        [Unit]
        Description=NAT container->outside traffic

        [Service]
        ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 10.240.INDEX.0/24 -j MASQUERADE
        ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth1 -s 10.240.INDEX.0/24 -j MASQUERADE
        RemainAfterExit=yes
        Type=oneshot
Switch to github.com/golang/dep for vendoring Signed-off-by: Mrunal Patel <mrunalp@gmail.com> 2017-02-01 00:45:59 +00:00			`#cloud-config`

			`write_files:`
			`- path: /opt/bin/regen-apiserver-list.sh`
			`permissions: 0755`
			`content: \|`
			`#!/bin/sh`
			`m=$(echo $(etcdctl ls --recursive /corekube/apiservers \| cut -d/ -f4 \| sort) \| tr ' ' ,)`
			`mkdir -p /run/kubelet`
			`echo "APISERVER_IPS=$m" > /run/kubelet/apiservers.env`
			`echo "FIRST_APISERVER_URL=https://${m%%\,*}:6443" >> /run/kubelet/apiservers.env`
			`- path: /opt/bin/download-release.sh`
			`permissions: 0755`
			`content: \|`
			`#!/bin/bash`
			`# This temp URL is only good for the length of time specified at cluster creation time.`
			`# Afterward, it will result in a 403.`
			`OBJECT_URL="CLOUD_FILES_URL"`
			`if [ ! -s /opt/kubernetes.tar.gz ]`
			`then`
			`echo "Downloading release ($OBJECT_URL)"`
			`wget "${OBJECT_URL}" -O /opt/kubernetes.tar.gz`
			`echo "Unpacking release"`
			`rm -rf /opt/kubernetes \|\| false`
			`tar xzf /opt/kubernetes.tar.gz -C /opt/`
			`else`
			`echo "kubernetes release found. Skipping download."`
			`fi`
			`- path: /run/config-kubelet.sh`
			`permissions: 0755`
			`content: \|`
			`#!/bin/bash -e`
			`set -x`
			`/usr/bin/mkdir -p /var/lib/kubelet`
			`cat > /var/lib/kubelet/kubeconfig << EOF`
			`apiVersion: v1`
			`kind: Config`
			`users:`
			`- name: kubelet`
			`user:`
			`token: KUBELET_TOKEN`
			`clusters:`
			`- name: local`
			`cluster:`
			`insecure-skip-tls-verify: true`
			`contexts:`
			`- context:`
			`cluster: local`
			`user: kubelet`
			`name: service-account-context`
			`current-context: service-account-context`
			`EOF`
			`- path: /run/config-kube-proxy.sh`
			`permissions: 0755`
			`content: \|`
			`#!/bin/bash -e`
			`set -x`
			`/usr/bin/mkdir -p /var/lib/kube-proxy`
			`cat > /var/lib/kube-proxy/kubeconfig << EOF`
			`apiVersion: v1`
			`kind: Config`
			`users:`
			`- name: kube-proxy`
			`user:`
			`token: KUBE_PROXY_TOKEN`
			`clusters:`
			`- name: local`
			`cluster:`
			`insecure-skip-tls-verify: true`
			`contexts:`
			`- context:`
			`cluster: local`
			`user: kube-proxy`
			`name: service-account-context`
			`current-context: service-account-context`
			`EOF`

			`coreos:`
			`etcd2:`
			`discovery: https://discovery.etcd.io/DISCOVERY_ID`
			`advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001`
			`initial-advertise-peer-urls: http://$private_ipv4:2380`
			`listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001`
			`listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001`

			`flannel:`
			`ip_masq: true`
			`interface: eth2`

			`fleet:`
			`public-ip: $private_ipv4`
			`metadata: kubernetes_role=minion`

			`update:`
			`reboot-strategy: off`

			`units:`
			`- name: etcd2.service`
			`command: start`
			`- name: fleet.service`
			`command: start`
			`- name: flanneld.service`
			`drop-ins:`
			`- name: 50-flannel.conf`
			`content: \|`
			`[Unit]`
			`Requires=etcd2.service`
			`After=etcd2.service`

			`[Service]`
			`ExecStartPre=-/usr/bin/etcdctl mk /coreos.com/network/config '{"Network":"KUBE_NETWORK", "Backend": {"Type": "host-gw"}}'`
			`command: start`
			`- name: docker.service`
			`command: start`
			`drop-ins:`
			`- name: 51-docker-mirror.conf`
			`content: \|`
			`[Unit]`
			`# making sure that flanneld finished startup, otherwise containers`
			`# won't land in flannel's network...`
			`Requires=flanneld.service`
			`After=flanneld.service`
			`Restart=Always`
			`- name: download-release.service`
			`command: start`
			`content: \|`
			`[Unit]`
			`Description=Downloads Kubernetes Release`
			`After=network-online.target`
			`Requires=network-online.target`
			`[Service]`
			`Type=oneshot`
			`RemainAfterExit=yes`
			`ExecStart=/usr/bin/bash /opt/bin/download-release.sh`
			`- name: kubelet.service`
			`command: start`
			`content: \|`
			`[Unit]`
			`Description=Kubernetes Kubelet`
			`Documentation=https://github.com/kubernetes/kubernetes`
			`After=network-online.target`
			`Requires=network-online.target`
			`After=docker.service`
			`Requires=docker.service`
			`After=download-release.service`
			`Requires=download-release.service`
			`After=apiserver-finder.service`
			`Requires=apiserver-finder.service`
			`[Service]`
			`EnvironmentFile=/run/kubelet/apiservers.env`
			`ExecStartPre=/run/config-kubelet.sh`
			`ExecStartPre=/usr/bin/ln -sf /opt/kubernetes/server/bin/kubelet /opt/bin/kubelet`
			`ExecStart=/opt/bin/kubelet \`
			`--address=$private_ipv4 \`
			`--api-servers=${FIRST_APISERVER_URL} \`
			`--cluster-dns=DNS_SERVER_IP \`
			`--cluster-domain=DNS_DOMAIN \`
			`--healthz-bind-address=$private_ipv4 \`
			`--hostname-override=$private_ipv4 \`
			`--logtostderr=true \`
			`--v=2`
			`Restart=always`
			`RestartSec=5`
			`KillMode=process`
			`- name: kube-proxy.service`
			`command: start`
			`content: \|`
			`[Unit]`
			`Description=Kubernetes Proxy`
			`Documentation=https://github.com/kubernetes/kubernetes`
			`After=network-online.target`
			`Requires=network-online.target`
			`After=docker.service`
			`Requires=docker.service`
			`After=download-release.service`
			`Requires=download-release.service`
			`After=apiserver-finder.service`
			`Requires=apiserver-finder.service`
			`[Service]`
			`EnvironmentFile=/run/kubelet/apiservers.env`
			`ExecStartPre=/run/config-kube-proxy.sh`
			`ExecStartPre=/usr/bin/ln -sf /opt/kubernetes/server/bin/kube-proxy /opt/bin/kube-proxy`
			`ExecStart=/opt/bin/kube-proxy \`
			`--bind-address=$private_ipv4 \`
			`--kubeconfig=/var/lib/kube-proxy/kubeconfig \`
			`--logtostderr=true \`
			`--hostname-override=$private_ipv4 \`
			`--master=${FIRST_APISERVER_URL}`
			`Restart=always`
			`RestartSec=5`
			`- name: apiserver-finder.service`
			`command: start`
			`content: \|`
			`[Unit]`
			`Description=Kubernetes Apiserver finder`
			`After=network-online.target`
			`Requires=network-online.target`
			`After=etcd2.service`
			`Requires=etcd2.service`
			`[Service]`
			`ExecStartPre=/opt/bin/regen-apiserver-list.sh`
			`ExecStart=/usr/bin/etcdctl exec-watch --recursive /corekube/apiservers -- /opt/bin/regen-apiserver-list.sh`
			`Restart=always`
			`RestartSec=30`
			`- name: cbr0.netdev`
			`command: start`
			`content: \|`
			`[NetDev]`
			`Kind=bridge`
			`Name=cbr0`
			`- name: cbr0.network`
			`command: start`
			`content: \|`
			`[Match]`
			`Name=cbr0`

			`[Network]`
			`Address=10.240.INDEX.1/24`
			`- name: nat.service`
			`command: start`
			`content: \|`
			`[Unit]`
			`Description=NAT container->outside traffic`

			`[Service]`
			`ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 10.240.INDEX.0/24 -j MASQUERADE`
			`ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth1 -s 10.240.INDEX.0/24 -j MASQUERADE`
			`RemainAfterExit=yes`
			`Type=oneshot`