Skip to content

Instantly share code, notes, and snippets.

@euank

euank/kubelet-master-stage-1.sh

Last active May 2, 2017 16:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save euank/485e5ed5984185a5a21db28e6bcd7d1c to your computer and use it in GitHub Desktop.
Save euank/485e5ed5984185a5a21db28e6bcd7d1c to your computer and use it in GitHub Desktop.
Download ZIP
Hacky script to attempt to repro some stuff
Raw
kubelet-master-stage-1.sh
#!/bin/bash
set -x
set -e
source /etc/environment
MY_IP=${COREOS_PRIVATE_IPV4}
openssl genrsa -out ca-key.pem 2048
openssl req -x509 -new -nodes -key ca-key.pem -days 10000 -out ca.pem -subj "/CN=kube-ca"
cat > openssl.cnf <<EOF
[req]
req_extensions = v3_req
distinguished_name = req_distinguished_name
[req_distinguished_name]
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = kubernetes
DNS.2 = kubernetes.default
DNS.3 = kubernetes.default.svc
DNS.4 = kubernetes.default.svc.cluster.local
IP.1 = 10.3.0.1
IP.2 = ${MY_IP}
EOF
openssl genrsa -out apiserver-key.pem 2048
openssl req -new -key apiserver-key.pem -out apiserver.csr -subj "/CN=kube-apiserver" -config openssl.cnf
openssl x509 -req -in apiserver.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out apiserver.pem -days 365 -extensions v3_req -extfile openssl.cnf
mkdir -p /etc/kubernetes/ssl
cp ca.pem apiserver.pem apiserver-key.pem /etc/kubernetes/ssl
chmod 600 /etc/kubernetes/ssl/*
mkdir -p /etc/flannel/
cat > /etc/flannel/options.env <<EOF
FLANNELD_IFACE=${MY_IP}
FLANNELD_ETCD_ENDPOINTS=http://127.0.0.1:2379
EOF
mkdir -p /etc/systemd/system/flanneld.service.d/
cat > /etc/systemd/system/flanneld.service.d/40-ExecStartPre-symlink.conf <<EOF
[Service]
ExecStartPre=/usr/bin/ln -sf /etc/flannel/options.env /run/flannel/options.env
EOF
mkdir -p /etc/systemd/system/docker.service.d/
cat > /etc/systemd/system/docker.service.d/40-flannel.conf <<EOF
[Unit]
Requires=flanneld.service
After=flanneld.service
[Service]
EnvironmentFile=/etc/kubernetes/cni/docker_opts_cni.env
EOF
mkdir -p /etc/kubernetes/cni/
cat > /etc/kubernetes/cni/docker_opts_cni.env <<EOF
DOCKER_OPT_BIP=""
DOCKER_OPT_IPMASQ=""
EOF
mkdir -p /etc/kubernetes/cni/net.d/
cat > /etc/kubernetes/cni/net.d/10-flannel.conf <<EOF
{
"name": "podnet",
"type": "flannel",
"delegate": {
"isDefaultGateway": true
}
}
EOF
cat > /etc/systemd/system/kubelet.service <<EOF
[Service]
Environment=KUBELET_IMAGE_TAG=v1.6.1_coreos.0
Environment="RKT_RUN_ARGS=--uuid-file-save=/var/run/kubelet-pod.uuid \
--volume var-log,kind=host,source=/var/log \
--mount volume=var-log,target=/var/log \
--volume dns,kind=host,source=/etc/resolv.conf \
--mount volume=dns,target=/etc/resolv.conf"
ExecStartPre=/usr/bin/mkdir -p /etc/kubernetes/manifests
ExecStartPre=/usr/bin/mkdir -p /var/log/containers
ExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/run/kubelet-pod.uuid
ExecStart=/usr/lib/coreos/kubelet-wrapper \
--api-servers=http://127.0.0.1:8080 \
--register-schedulable=false \
--cni-conf-dir=/etc/kubernetes/cni/net.d \
--network-plugin=cni \
--container-runtime=docker \
--allow-privileged=true \
--pod-manifest-path=/etc/kubernetes/manifests \
--hostname-override=${MY_IP} \
--cluster_dns=10.3.0.10 \
--cluster_domain=cluster.local
ExecStop=-/usr/bin/rkt stop --uuid-file=/var/run/kubelet-pod.uuid
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl start etcd-member
sleep 5
etcdctl set /coreos.com/network/config '{ "Network": "10.2.0.0/16" }'
systemctl start docker kubelet
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment