From f66ca094f7dc98a70a789f6dd1bf2285f4672e0c Mon Sep 17 00:00:00 2001
From: Muhammed Uluyol <uluyol@google.com>
Date: Mon, 27 Jul 2015 11:50:31 -0700
Subject: [PATCH] Launch a cluster-local registry.

This registry can be accessed through proxies that run on each node
listening on port 5000. We send the proxy images to the nodes directly
to avoid requests that hit the network during cluster launch. For now,
we continue to pull the registry itself over the network, especially
given its large size (we should be able to dramatically shrink the
image). On GCE we create a PD and use that for storage, otherwise we
use an emptyDir. The registry is not enabled outside of GCE. All
communication is currently plain HTTP. In order to use SSL, we will
need to be able to request a certificate/key from the apiserver signed
by the apiserver's CA cert.
---
 init.sls       | 19 +++++++++++++++++++
 kube-addons.sh | 25 +++++++++++++++++++++++++
 2 files changed, 44 insertions(+)

diff --git a/init.sls b/init.sls
index 2344f37952..5d744fb386 100644
--- a/init.sls
+++ b/init.sls
@@ -104,6 +104,25 @@ addon-dir-create:
     - makedirs: True
 {% endif %}
 
+{% if pillar.get('enable_cluster_registry', '').lower() == 'true' %}
+/etc/kubernetes/addons/registry/registry-svc.yaml:
+  file.managed:
+    - source: salt://kube-addons/registry/registry-svc.yaml
+    - user: root
+    - group: root
+    - file_mode: 644
+    - makedirs: True
+
+/etc/kubernetes/addons/registry/registry-rc.yaml:
+  file.managed:
+    - source: salt://kube-addons/registry/registry-rc.yaml.in
+    - template: jinja
+    - user: root
+    - group: root
+    - file_mode: 644
+    - makedirs: True
+{% endif %}
+
 {% if pillar.get('enable_node_logging', '').lower() == 'true'
    and pillar.get('logging_destination').lower() == 'elasticsearch'
    and pillar.get('enable_cluster_logging', '').lower() == 'true' %}
diff --git a/kube-addons.sh b/kube-addons.sh
index 0bd24401fa..0655237362 100644
--- a/kube-addons.sh
+++ b/kube-addons.sh
@@ -125,6 +125,28 @@ function create-resource-from-string() {
   return 1;
 }
 
+# $1 is the directory containing all of the docker images
+function load-docker-images() {
+  local success
+  local restart_docker
+  while true; do
+    success=true
+    restart_docker=false
+    for image in "$1/"*; do
+      timeout 30 docker load -i "${image}" &>/dev/null
+      rc=$?
+      if [[ $rc == 124 ]]; then
+        restart_docker=true
+      elif [[ $rc != 0 ]]; then
+        success=false
+      fi
+    done
+    if [[ $success == true ]]; then break; fi
+    if [[ $restart_docker == true ]]; then service docker restart; fi
+    sleep 15
+  done
+}
+
 # The business logic for whether a given object should be created
 # was already enforced by salt, and /etc/kubernetes/addons is the
 # managed result is of that. Start everything below that directory.
@@ -142,6 +164,9 @@ for k,v in yaml.load(sys.stdin).iteritems():
 ''' < "${kube_env_yaml}")
 fi
 
+# Load any images that we may need
+load-docker-images /srv/salt/kube-addons-images
+
 # Create the namespace that will be used to host the cluster-level add-ons.
 start_addon /etc/kubernetes/addons/namespace.yaml 100 10 "" &