This repository has been archived by the owner on May 22, 2020. It is now read-only.
min-turnup: azure #106
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| FROM docker.io/buildpack-deps:xenial | ||
|
|
||
| RUN bash -c "\ | ||
| apt-get update && apt-get -y upgrade && \ | ||
| apt-get install -y make unzip jq && \ | ||
| rm -rf /var/lib/apt/lists/*" | ||
|
|
||
| ENV TERRAFORM_VERSION 0.7.0-rc2 | ||
| RUN bash -c "\ | ||
| wget -q -O /tmp/terraform.zip \"https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip\" && \ | ||
| unzip /tmp/terraform.zip -d /usr/local/bin/ && \ | ||
| rm /tmp/terraform.zip" | ||
|
|
||
| ################################################################################################ | ||
| # Azure - Required dependencies | ||
| ################################################################################################ | ||
| RUN bash -c "\ | ||
| apt-get update && apt-get -y upgrade && \ | ||
| apt-get install -y nodejs npm && \ | ||
| rm -rf /var/lib/apt/lists/*" | ||
| RUN bash -c "npm install -g azure-cli" | ||
|
|
||
| ################################################################################################ | ||
|
|
||
| ################################################################################################ | ||
| # Jsonnet | ||
| ################################################################################################ | ||
|
|
||
| RUN bash -c "\ | ||
| cd /tmp; \ | ||
| git clone https://github.com/google/jsonnet; \ | ||
| cd jsonnet; \ | ||
| make; \ | ||
| cp jsonnet /usr/bin/jsonnet;" | ||
|
|
||
| WORKDIR /opt/kube-min-turnup | ||
|
|
||
| ADD . /opt/kube-min-turnup/ | ||
|
|
||
| CMD make |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| terraform.tfstate | ||
| account.json | ||
| terraform.tfstate.backup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| menu "Azure configuration" | ||
|
|
||
| config phase1.azure.image_publisher | ||
| string "Base Virtual Machine OS Image" | ||
| default "canonical" | ||
| help | ||
| The publisher of the base image used for the VirtualMachines. | ||
| config phase1.azure.image_offer | ||
| string "Base Virtual Machine OS Image" | ||
| default "ubuntuserver" | ||
| help | ||
| The offer of the base image used for the VirtualMachines. | ||
| config phase1.azure.image_sku | ||
| string "Base Virtual Machine OS Image" | ||
| default "16.04.0-LTS" | ||
| help | ||
| The sku of the base image used for the VirtualMachines. | ||
| config phase1.azure.image_version | ||
| string "Base Virtual Machine OS Image" | ||
| default "latest" | ||
| help | ||
| The version of the base image used for the VirtualMachines. | ||
|
|
||
| config phase1.azure.master_vm_size | ||
| string "Virtual Machine Size (Master)" | ||
| default "Standard_D1_v2" | ||
| help | ||
| The size of VirtualMachine to deploy. | ||
|
|
||
| config phase1.azure.node_vm_size | ||
| string "Virtual Machine Size (Node)" | ||
| default "Standard_D1_v2" | ||
| help | ||
| The size of VirtualMachine to deploy. | ||
|
|
||
| config phase1.azure.master_private_ip | ||
| string "Private IP address of Master" | ||
| default "10.0.1.4" | ||
| help | ||
| The private ip address of master | ||
|
|
||
| config phase1.azure.location | ||
| string "Resource Location" | ||
| default "westus" | ||
| help | ||
| The Azure location to use. | ||
|
|
||
| config phase1.azure.admin_username | ||
| string "Virtual Machine Admin Username" | ||
| default "kube" | ||
|
|
||
| config phase1.azure.admin_password | ||
| string "Virtual Machine Admin Password" | ||
| default "AzureKubernet3s!" | ||
|
|
||
| config phase1.azure.tenant_id | ||
| string "ActiveDirectory ServicePrincipal ClientSecret" | ||
| help | ||
| The ClientSecret of the Service Account to be used by the cluster components. | ||
|
|
||
| config phase1.azure.subscription_id | ||
| string "ActiveDirectory ServicePrincipal ClientSecret" | ||
| help | ||
| The ClientSecret of the Service Account to be used by the cluster components. | ||
|
|
||
| config phase1.azure.client_id | ||
| string "ActiveDirectory ServicePrincipal ClientID" | ||
| help | ||
| The ClientID of the Service Account to be used by the cluster components. | ||
|
|
||
| config phase1.azure.client_secret | ||
| string "ActiveDirectory ServicePrincipal ClientSecret" | ||
| help | ||
| The ClientSecret of the Service Account to be used by the cluster components. | ||
|
|
||
| endmenu |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| local cfg = import "../../.config.json"; | ||
| { | ||
| "azure.tf": (import "lib/azure.jsonnet")(cfg), | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| { | ||
| "tenantId": "${tenantId}", | ||
| "subscriptionId": "${subscriptionId}", | ||
| "adClientId": "${adClientId}", | ||
| "adClientSecret": "${adClientSecret}", | ||
| "resourceGroup": "${resourceGroup}", | ||
| "location": "${location}", | ||
| "subnetName": "${subnetName}", | ||
| "securityGroupName": "${securityGroupName}", | ||
| "vnetName": "${vnetName}" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| #! /bin/bash | ||
|
|
||
| set -x | ||
| set -o errexit | ||
| set -o pipefail | ||
| set -o nounset | ||
|
|
||
| mkdir -p /etc/systemd/system/docker.service.d/ | ||
| cat <<EOF > /etc/systemd/system/docker.service.d/clear_mount_propagtion_flags.conf | ||
| [Service] | ||
| MountFlags=shared | ||
| EOF | ||
| cat <<EOF > /etc/systemd/system/docker.service.d/overlay.conf | ||
| [Service] | ||
| ExecStart= | ||
| ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay | ||
| EOF | ||
|
|
||
| curl -sSL https://get.docker.com/ | sh | ||
|
|
||
| apt-get install -y jq | ||
|
|
||
| systemctl start docker || true | ||
|
|
||
| ROLE="node" | ||
| if [[ $(hostname) = *master* ]]; then | ||
| ROLE="master" | ||
| fi | ||
|
|
||
| azure_file="/etc/kubernetes/azure.json" | ||
| config_file="/etc/kubernetes/k8s_config.json" | ||
|
|
||
| mkdir -p /etc/kubernetes | ||
|
|
||
| # the following values are populated by terraform | ||
| echo -n "${azure_json}" | base64 -d > "$azure_file" | ||
| echo -n "${k8s_config}" | base64 -d > "$config_file" | ||
| echo -n "${kubelet_tar}" | base64 -d > "/etc/kubernetes/kubelet.tar" | ||
| echo -n "${root_tar}" | base64 -d > "/etc/kubernetes/root.tar" | ||
| echo -n "${apiserver_tar}" | base64 -d > "/etc/kubernetes/apiserver.tar" | ||
|
|
||
| MASTER_IP="$(cat "$config_file" | jq -r '.phase1.azure.master_private_ip')" | ||
|
|
||
| jq ". + {\"role\": \"$ROLE\", \"master_ip\": \"$MASTER_IP\"}" "$config_file" > /etc/kubernetes/k8s_config.new; cp /etc/kubernetes/k8s_config.new "$config_file" | ||
|
|
||
| mkdir -p /srv/kubernetes | ||
| for bundle in root kubelet apiserver; do | ||
| cat "/etc/kubernetes/$bundle.tar" | sudo tar xv -C /srv/kubernetes | ||
| done; | ||
|
|
||
| installer_container_spec="$(cat "$config_file" | jq -r '.phase2.installer_container_spec')" | ||
|
|
||
| cat << EOF > /etc/kubernetes/install.sh | ||
| #!/bin/bash | ||
| systemctl stop docker | ||
|
There was a problem hiding this comment. this script could use a #!/bin/bash. why do you need to restart docker? There was a problem hiding this comment. RE: this and the question above... I had done some hacky things in So the The thinking here was that someone would want to upgrade their cluster. They've updated the (and yes, it should have a shebang, if we want to keep this model. I don't know if |
||
| systemctl start docker | ||
| docker pull "$installer_container_spec" | ||
| docker run \ | ||
| --net=host \ | ||
| -v /:/host_root \ | ||
| -v /etc/kubernetes/k8s_config.json:/opt/playbooks/config.json:ro \ | ||
| "$installer_container_spec" \ | ||
| /opt/do_role.sh "$ROLE" | ||
| EOF | ||
|
|
||
| chmod +x /etc/kubernetes/install.sh | ||
| /etc/kubernetes/install.sh | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| #! /bin/bash | ||
|
|
||
| set -x | ||
| set -o errexit | ||
| set -o pipefail | ||
| set -o nounset | ||
|
|
||
| jsonnet --multi out/ all.jsonnet |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am no systemd expert. Why is this line necessary?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well spotted ;) This resets the previous value. Well, it's a bit of a special case for
ExecStartand certain other attributes, but that's what you have to do and it complains otherwise.