JustPaste.it
  1. #!/bin/sh
  2.  
  3. # this service is required because docker will start only after cloud init was finished
  4. # due to the service dependencies in Fedora Atomic (docker <- docker-storage-setup <- cloud-final)
  5.  
  6.  
  7. . /etc/sysconfig/heat-params
  8.  
  9. KUBE_DNS_RC=/srv/kubernetes/manifests/kube-skydns-rc.yaml
  10. [ -f ${KUBE_DNS_RC} ] || {
  11.     echo "Writing File: $KUBE_DNS_RC"
  12.     mkdir -p $(dirname ${KUBE_DNS_RC})
  13.     cat << EOF > ${KUBE_DNS_RC}
  14. apiVersion: v1
  15. kind: ReplicationController
  16. metadata:
  17.   name: kube-dns-v11
  18.   namespace: kube-system
  19.   labels:
  20.     k8s-app: kube-dns
  21.     version: v11
  22.     kubernetes.io/cluster-service: "true"
  23. spec:
  24.   replicas: 1
  25.   selector:
  26.     k8s-app: kube-dns
  27.     version: v11
  28.   template:
  29.     metadata:
  30.       labels:
  31.         k8s-app: kube-dns
  32.         version: v11
  33.         kubernetes.io/cluster-service: "true"
  34.     spec:
  35.       containers:
  36.       - name: etcd
  37.         image: gcr.io/google_containers/etcd-amd64:2.2.1
  38.         resources:
  39.           # TODO: Set memory limits when we've profiled the container for large
  40.           # clusters, then set request = limit to keep this container in
  41.           # guaranteed class. Currently, this container falls into the
  42.           # "burstable" category so the kubelet doesn't backoff from restarting it.
  43.           limits:
  44.             cpu: 100m
  45.             memory: 500Mi
  46.           requests:
  47.             cpu: 100m
  48.             memory: 50Mi
  49.         command:
  50.         - /usr/local/bin/etcd
  51.         - -data-dir
  52.         - /var/etcd/data
  53.         - -listen-client-urls
  54.         - http://127.0.0.1:2379,http://127.0.0.1:4001
  55.         - -advertise-client-urls
  56.         - http://127.0.0.1:2379,http://127.0.0.1:4001
  57.         - -initial-cluster-token
  58.         - skydns-etcd
  59.         volumeMounts:
  60.         - name: etcd-storage
  61.           mountPath: /var/etcd/data
  62.       - name: kube2sky
  63.         image: gcr.io/google_containers/kube2sky:1.14
  64.         resources:
  65.           # TODO: Set memory limits when we've profiled the container for large
  66.           # clusters, then set request = limit to keep this container in
  67.           # guaranteed class. Currently, this container falls into the
  68.           # "burstable" category so the kubelet doesn't backoff from restarting it.
  69.           limits:
  70.             cpu: 100m
  71.             # Kube2sky watches all pods.
  72.             memory: 200Mi
  73.           requests:
  74.             cpu: 100m
  75.             memory: 50Mi
  76.         livenessProbe:
  77.           httpGet:
  78.             path: /healthz
  79.             port: 8080
  80.             scheme: HTTP
  81.           initialDelaySeconds: 60
  82.           timeoutSeconds: 5
  83.           successThreshold: 1
  84.           failureThreshold: 5
  85.         readinessProbe:
  86.           httpGet:
  87.             path: /readiness
  88.             port: 8081
  89.             scheme: HTTP
  90.           # we poll on pod startup for the Kubernetes master service and
  91.           # only setup the /readiness HTTP server once that's available.
  92.           initialDelaySeconds: 30
  93.           timeoutSeconds: 5
  94.         args:
  95.         # command = "/kube2sky"
  96.         - --domain=cluster.local
  97.         - --kubecfg-file=/srv/kubernetes/kubeconfig.yaml
  98.         volumeMounts:
  99.         - mountPath: /srv/kubernetes/
  100.           name: config-vol
  101.       - name: skydns
  102.         image: gcr.io/google_containers/skydns:2015-10-13-8c72f8c
  103.         resources:
  104.           # TODO: Set memory limits when we've profiled the container for large
  105.           # clusters, then set request = limit to keep this container in
  106.           # guaranteed class. Currently, this container falls into the
  107.           # "burstable" category so the kubelet doesn't backoff from restarting it.
  108.           limits:
  109.             cpu: 100m
  110.             memory: 200Mi
  111.           requests:
  112.             cpu: 100m
  113.             memory: 50Mi
  114.         args:
  115.         # command = "/skydns"
  116.         - -machines=http://127.0.0.1:4001
  117.         - -addr=0.0.0.0:53
  118.         - -ns-rotate=false
  119.         - -domain=cluster.local.
  120.         ports:
  121.         - containerPort: 53
  122.           name: dns
  123.           protocol: UDP
  124.         - containerPort: 53
  125.           name: dns-tcp
  126.           protocol: TCP
  127.       - name: healthz
  128.         image: gcr.io/google_containers/exechealthz:1.0
  129.         resources:
  130.           # keep request = limit to keep this container in guaranteed class
  131.           limits:
  132.             cpu: 10m
  133.             memory: 20Mi
  134.           requests:
  135.             cpu: 10m
  136.             memory: 20Mi
  137.         args:
  138.         - -cmd=nslookup kubernetes.default.svc.cluster.local 127.0.0.1 >/dev/null
  139.         - -port=8080
  140.         ports:
  141.         - containerPort: 8080
  142.           protocol: TCP
  143.       volumes:
  144.       - name: etcd-storage
  145.         emptyDir: {}
  146.       - name: config-vol
  147.         hostPath:
  148.           path: /srv/kubernetes/
  149.       dnsPolicy: Default  # Don't use cluster DNS.
  150. EOF
  151. }
  152.  
  153. KUBE_DNS_SVC=/srv/kubernetes/manifests/kube-skydns-svc.yaml
  154. [ -f ${KUBE_DNS_SVC} ] || {
  155.     echo "Writing File: $KUBE_DNS_SVC"
  156.     mkdir -p $(dirname ${KUBE_DNS_SVC})
  157.     cat << EOF > ${KUBE_DNS_SVC}
  158. apiVersion: v1
  159. kind: Service
  160. metadata:
  161.   name: kube-dns
  162.   namespace: kube-system
  163.   labels:
  164.     k8s-app: kube-dns
  165.     kubernetes.io/cluster-service: "true"
  166.     kubernetes.io/name: "KubeDNS"
  167. spec:
  168.   selector:
  169.     k8s-app: kube-dns
  170.   clusterIP:  10.254.10.10
  171.   ports:
  172.   - name: dns
  173.     port: 53
  174.     protocol: UDP
  175.   - name: dns-tcp
  176.     port: 53
  177.     protocol: TCP
  178. EOF
  179. }
  180.  
  181. KUBE_DNS_BIN=/usr/local/bin/kube-dns
  182. [ -f ${KUBE_DNS_BIN} ] || {
  183.     echo "Writing File: $KUBE_DNS_BIN"
  184.     mkdir -p $(dirname ${KUBE_DNS_BIN})
  185.     cat << EOF > ${KUBE_DNS_BIN}
  186. #!/bin/sh
  187. until curl -sf "http://127.0.0.1:8080/healthz"
  188. do
  189.     echo "Waiting for Kubernetes API..."
  190.     sleep 5
  191. done
  192.  
  193. /usr/bin/kubectl create -f $KUBE_DNS_RC --namespace=kube-system
  194. /usr/bin/kubectl create -f $KUBE_DNS_SVC --namespace=kube-system
  195. EOF
  196. }
  197.  
  198. KUBE_DNS_SERVICE=/etc/systemd/system/kube-dns.service
  199. [ -f ${KUBE_DNS_SERVICE} ] || {
  200.     echo "Writing File: $KUBE_DNS_SERVICE"
  201.     mkdir -p $(dirname ${KUBE_DNS_SERVICE})
  202.     cat << EOF > ${KUBE_DNS_SERVICE}
  203. [Unit]
  204. After=kube-apiserver.service
  205. Requires=kube-apiserver.service
  206.  
  207. [Service]
  208. Type=oneshot
  209. Environment=HOME=/root
  210. EnvironmentFile=-/etc/kubernetes/config
  211. ExecStart=${KUBE_DNS_BIN}
  212.  
  213. [Install]
  214. WantedBy=multi-user.target
  215. EOF
  216. }
  217.  
  218. chown root:root ${KUBE_DNS_BIN}
  219. chmod 0755 ${KUBE_DNS_BIN}
  220.  
  221. chown root:root ${KUBE_DNS_SERVICE}
  222. chmod 0644 ${KUBE_DNS_SERVICE}
  223.  
  224. systemctl enable kube-dns
  225. systemctl start --no-block kube-dns