Resources.AWSAutoScalingLaunchConfigurationmasterustest1amastersminimalexamplecom.Properties.UserData: | #!/bin/bash # Copyright 2016 The Kubernetes Authors All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -o errexit set -o nounset set -o pipefail NODEUP_URL=https://kubeupv2.s3.amazonaws.com/kops/1.5.0/linux/amd64/nodeup NODEUP_HASH= function ensure-install-dir() { INSTALL_DIR="/var/cache/kubernetes-install" # On ContainerOS, we install to /var/lib/toolbox install (because of noexec) if [[ -d /var/lib/toolbox ]]; then INSTALL_DIR="/var/lib/toolbox/kubernetes-install" fi mkdir -p ${INSTALL_DIR} cd ${INSTALL_DIR} } # Retry a download until we get it. Takes a hash and a set of URLs. # # $1 is the sha1 of the URL. Can be "" if the sha1 is unknown. # $2+ are the URLs to download. download-or-bust() { local -r hash="$1" shift 1 urls=( $* ) while true; do for url in "${urls[@]}"; do local file="${url##*/}" rm -f "${file}" if ! curl -f --ipv4 -Lo "${file}" --connect-timeout 20 --retry 6 --retry-delay 10 "${url}"; then echo "== Failed to download ${url}. Retrying. ==" elif [[ -n "${hash}" ]] && ! validate-hash "${file}" "${hash}"; then echo "== Hash validation of ${url} failed. Retrying. ==" else if [[ -n "${hash}" ]]; then echo "== Downloaded ${url} (SHA1 = ${hash}) ==" else echo "== Downloaded ${url} ==" fi return fi done echo "All downloads failed; sleeping before retrying" sleep 60 done } validate-hash() { local -r file="$1" local -r expected="$2" local actual actual=$(sha1sum ${file} | awk '{ print $1 }') || true if [[ "${actual}" != "${expected}" ]]; then echo "== ${file} corrupted, sha1 ${actual} doesn't match expected ${expected} ==" return 1 fi } function split-commas() { echo $1 | tr "," "\n" } function try-download-release() { # TODO(zmerlynn): Now we REALLY have no excuse not to do the reboot # optimization. local -r nodeup_urls=( $(split-commas "${NODEUP_URL}") ) local -r nodeup_filename="${nodeup_urls[0]##*/}" if [[ -n "${NODEUP_HASH:-}" ]]; then local -r nodeup_hash="${NODEUP_HASH}" else # TODO: Remove? echo "Downloading sha1 (not found in env)" download-or-bust "" "${nodeup_urls[@]/%/.sha1}" local -r nodeup_hash=$(cat "${nodeup_filename}.sha1") fi echo "Downloading nodeup (${nodeup_urls[@]})" download-or-bust "${nodeup_hash}" "${nodeup_urls[@]}" chmod +x nodeup } function download-release() { # In case of failure checking integrity of release, retry. until try-download-release; do sleep 15 echo "Couldn't download release. Retrying..." done echo "Running nodeup" # We can't run in the foreground because of https://github.com/docker/docker/issues/23793 ( cd ${INSTALL_DIR}; ./nodeup --install-systemd-unit --conf=${INSTALL_DIR}/kube_env.yaml --v=8 ) } #################################################################################### /bin/systemd-machine-id-setup || echo "failed to set up ensure machine-id configured" echo "== nodeup node config starting ==" ensure-install-dir cat > cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null docker: bridge: "" ipMasq: false ipTables: false logLevel: warn storage: overlay,aufs version: 1.11.2 kubeAPIServer: address: 127.0.0.1 admissionControl: - NamespaceLifecycle - LimitRanger - ServiceAccount - PersistentVolumeLabel - DefaultStorageClass - ResourceQuota allowPrivileged: true apiServerCount: 1 authorizationMode: AlwaysAllow cloudProvider: aws etcdServers: - http://127.0.0.1:4001 etcdServersOverrides: - /events#http://127.0.0.1:4002 image: gcr.io/google_containers/kube-apiserver:v1.4.6 insecurePort: 8080 logLevel: 2 securePort: 443 serviceClusterIPRange: 100.64.0.0/13 storageBackend: etcd2 kubeControllerManager: allocateNodeCIDRs: true cloudProvider: aws clusterCIDR: 100.96.0.0/11 clusterName: minimal.example.com configureCloudRoutes: true image: gcr.io/google_containers/kube-controller-manager:v1.4.6 leaderElection: leaderElect: true logLevel: 2 master: 127.0.0.1:8080 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m featureGates: null hostnameOverride: '@aws' image: gcr.io/google_containers/kube-proxy:v1.4.6 logLevel: 2 kubeScheduler: image: gcr.io/google_containers/kube-scheduler:v1.4.6 leaderElection: leaderElect: true logLevel: 2 master: http://127.0.0.1:8080 kubelet: allowPrivileged: true apiServers: https://api.internal.minimal.example.com babysitDaemons: true cgroupRoot: docker cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% hostnameOverride: '@aws' logLevel: 2 networkPluginMTU: 9001 networkPluginName: kubenet nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: gcr.io/google_containers/pause-amd64:3.0 podManifestPath: /etc/kubernetes/manifests reconcileCIDR: true masterKubelet: allowPrivileged: true apiServers: http://127.0.0.1:8080 babysitDaemons: true cgroupRoot: docker cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% hostnameOverride: '@aws' logLevel: 2 networkPluginMTU: 9001 networkPluginName: kubenet nonMasqueradeCIDR: 100.64.0.0/10 podCIDR: 10.123.45.0/28 podInfraContainerImage: gcr.io/google_containers/pause-amd64:3.0 podManifestPath: /etc/kubernetes/manifests reconcileCIDR: true registerSchedulable: false __EOF_CLUSTER_SPEC cat > ig_spec.yaml << '__EOF_IG_SPEC' kubelet: null nodeLabels: null taints: null __EOF_IG_SPEC cat > kube_env.yaml << '__EOF_KUBE_ENV' Assets: - 7d70e090951486cae52d9a82b7aaf5056f84f8ed@https://storage.googleapis.com/kubernetes-release/release/v1.4.6/bin/linux/amd64/kubelet - 9adcd120fdb7ad6e64c061e56a05fefc12e9618b@https://storage.googleapis.com/kubernetes-release/release/v1.4.6/bin/linux/amd64/kubectl - 19d49f7b2b99cd2493d5ae0ace896c64e289ccbb@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-07a8a28637e97b22eb8dfe710eeae1344f69d16e.tar.gz - cbba856746a441c7d1a9e95e141c982a1b8864e6@https://kubeupv2.s3.amazonaws.com/kops/1.5.0/linux/amd64/utils.tar.gz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: master-us-test-1a Tags: - _automatic_upgrades - _aws - _kubernetes_master channels: - memfs://clusters.example.com/minimal.example.com/addons/bootstrap-channel.yaml protokubeImage: hash: 7c3a0ec0723fd350609b2958bc5b8ab02583851c name: protokube:1.5.0 source: https://kubeupv2.s3.amazonaws.com/kops/1.5.0/images/protokube.tar.gz __EOF_KUBE_ENV download-release echo "== nodeup node config done ==" Resources.AWSAutoScalingLaunchConfigurationnodesminimalexamplecom.Properties.UserData: | #!/bin/bash # Copyright 2016 The Kubernetes Authors All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -o errexit set -o nounset set -o pipefail NODEUP_URL=https://kubeupv2.s3.amazonaws.com/kops/1.5.0/linux/amd64/nodeup NODEUP_HASH= function ensure-install-dir() { INSTALL_DIR="/var/cache/kubernetes-install" # On ContainerOS, we install to /var/lib/toolbox install (because of noexec) if [[ -d /var/lib/toolbox ]]; then INSTALL_DIR="/var/lib/toolbox/kubernetes-install" fi mkdir -p ${INSTALL_DIR} cd ${INSTALL_DIR} } # Retry a download until we get it. Takes a hash and a set of URLs. # # $1 is the sha1 of the URL. Can be "" if the sha1 is unknown. # $2+ are the URLs to download. download-or-bust() { local -r hash="$1" shift 1 urls=( $* ) while true; do for url in "${urls[@]}"; do local file="${url##*/}" rm -f "${file}" if ! curl -f --ipv4 -Lo "${file}" --connect-timeout 20 --retry 6 --retry-delay 10 "${url}"; then echo "== Failed to download ${url}. Retrying. ==" elif [[ -n "${hash}" ]] && ! validate-hash "${file}" "${hash}"; then echo "== Hash validation of ${url} failed. Retrying. ==" else if [[ -n "${hash}" ]]; then echo "== Downloaded ${url} (SHA1 = ${hash}) ==" else echo "== Downloaded ${url} ==" fi return fi done echo "All downloads failed; sleeping before retrying" sleep 60 done } validate-hash() { local -r file="$1" local -r expected="$2" local actual actual=$(sha1sum ${file} | awk '{ print $1 }') || true if [[ "${actual}" != "${expected}" ]]; then echo "== ${file} corrupted, sha1 ${actual} doesn't match expected ${expected} ==" return 1 fi } function split-commas() { echo $1 | tr "," "\n" } function try-download-release() { # TODO(zmerlynn): Now we REALLY have no excuse not to do the reboot # optimization. local -r nodeup_urls=( $(split-commas "${NODEUP_URL}") ) local -r nodeup_filename="${nodeup_urls[0]##*/}" if [[ -n "${NODEUP_HASH:-}" ]]; then local -r nodeup_hash="${NODEUP_HASH}" else # TODO: Remove? echo "Downloading sha1 (not found in env)" download-or-bust "" "${nodeup_urls[@]/%/.sha1}" local -r nodeup_hash=$(cat "${nodeup_filename}.sha1") fi echo "Downloading nodeup (${nodeup_urls[@]})" download-or-bust "${nodeup_hash}" "${nodeup_urls[@]}" chmod +x nodeup } function download-release() { # In case of failure checking integrity of release, retry. until try-download-release; do sleep 15 echo "Couldn't download release. Retrying..." done echo "Running nodeup" # We can't run in the foreground because of https://github.com/docker/docker/issues/23793 ( cd ${INSTALL_DIR}; ./nodeup --install-systemd-unit --conf=${INSTALL_DIR}/kube_env.yaml --v=8 ) } #################################################################################### /bin/systemd-machine-id-setup || echo "failed to set up ensure machine-id configured" echo "== nodeup node config starting ==" ensure-install-dir cat > cluster_spec.yaml << '__EOF_CLUSTER_SPEC' cloudConfig: null docker: bridge: "" ipMasq: false ipTables: false logLevel: warn storage: overlay,aufs version: 1.11.2 kubeProxy: clusterCIDR: 100.96.0.0/11 cpuRequest: 100m featureGates: null hostnameOverride: '@aws' image: gcr.io/google_containers/kube-proxy:v1.4.6 logLevel: 2 kubelet: allowPrivileged: true apiServers: https://api.internal.minimal.example.com babysitDaemons: true cgroupRoot: docker cloudProvider: aws clusterDNS: 100.64.0.10 clusterDomain: cluster.local enableDebuggingHandlers: true evictionHard: memory.available<100Mi,nodefs.available<10%,nodefs.inodesFree<5%,imagefs.available<10%,imagefs.inodesFree<5% hostnameOverride: '@aws' logLevel: 2 networkPluginMTU: 9001 networkPluginName: kubenet nonMasqueradeCIDR: 100.64.0.0/10 podInfraContainerImage: gcr.io/google_containers/pause-amd64:3.0 podManifestPath: /etc/kubernetes/manifests reconcileCIDR: true __EOF_CLUSTER_SPEC cat > ig_spec.yaml << '__EOF_IG_SPEC' kubelet: null nodeLabels: null taints: null __EOF_IG_SPEC cat > kube_env.yaml << '__EOF_KUBE_ENV' Assets: - 7d70e090951486cae52d9a82b7aaf5056f84f8ed@https://storage.googleapis.com/kubernetes-release/release/v1.4.6/bin/linux/amd64/kubelet - 9adcd120fdb7ad6e64c061e56a05fefc12e9618b@https://storage.googleapis.com/kubernetes-release/release/v1.4.6/bin/linux/amd64/kubectl - 19d49f7b2b99cd2493d5ae0ace896c64e289ccbb@https://storage.googleapis.com/kubernetes-release/network-plugins/cni-07a8a28637e97b22eb8dfe710eeae1344f69d16e.tar.gz - cbba856746a441c7d1a9e95e141c982a1b8864e6@https://kubeupv2.s3.amazonaws.com/kops/1.5.0/linux/amd64/utils.tar.gz ClusterName: minimal.example.com ConfigBase: memfs://clusters.example.com/minimal.example.com InstanceGroupName: nodes Tags: - _automatic_upgrades - _aws channels: - memfs://clusters.example.com/minimal.example.com/addons/bootstrap-channel.yaml protokubeImage: hash: 7c3a0ec0723fd350609b2958bc5b8ab02583851c name: protokube:1.5.0 source: https://kubeupv2.s3.amazonaws.com/kops/1.5.0/images/protokube.tar.gz __EOF_KUBE_ENV download-release echo "== nodeup node config done =="