xrl/gist:d1d7ba9dd85dd965cd58

## gistfile1.txt
#cloud-config

users:
  - name: "core"
    groups:
      - "sudo"
      - "docker"
      - "wheel"
      - "systemd-journal"
      - "portage"
      - "core"
    ssh_authorized_keys:
      - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5TuOlyfTfOXyJI/Ic0dwvokThLPgAkK2DT/aznO9fTWsKB+y4qn4NP4a9JITxY3AhFO/aivR5bDDxjkxNotWlQ1Mi4xojuvMq3nz0a/C1O2FC8R0OXtxr4jyTHidojrVv9P5lrRpfG4u8f7DpsUqVyM4uEeCtvumW/J6NGkNLflmxmqVCS8yMvsDW1T+gi1ZsQqQYfKfTsBSoWvlCYkoq8w040R9+2+V0wTknx76NFjsNIIm/tFqfXpJVArxbcNre2Zg1U2XiiSfwdaFJog8DwLYSZQK1/9OreAQdS0duqww8BRwJq/Sa/z4kvLp5ulLGtZhIiyvfU55IYs33D4Jl hmarshall@LP-HMARSH-OSX"
      - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDbF3EDm/GVCqGp4oxEs1eS8dQS/15wVwDH2cKLvIx5rn1++zlgEy6/lQH8fKwSDt8kkFD+BJlg/QSmu2sGkqGxu8RxMwZeNxyxVqQ/j3SNNzokvSlLtd1eNNxv11dAHyi/8k6xIY1CtWqkO55CxAcW/2E9+zwHotnyEXlfKQP/if7Ak+Az85wDPipRCbH9DpjPDpUoYTTMD4XZf2mVAubR4l8rlifaYo2gNWZopj26mLGmsNa3y9U1LolbZxksAeUk9Mrl2Yyk3zQ0HN6NagqTQH0PHsbjoZP4z9RACao2uQ3AIPnuFT+QJj72aIcILWBiUlyGYgao4j19dCenwKs/ xavierlange@Xaviers-MacBook-Pro.local"
coreos:
  units:
    - name: "docker.service"
      drop-ins:
        - name: "50-insecure-registry.conf"
          content: |
            [Service]
            Environment=DOCKER_OPTS='--insecure-registry="registry.phx1.viasatcloud.com"'
    - name: populate-ips.service
      command: start
      runtime: true
      content: |
        [Service]
        Type=oneshot
        ExecStart=/tmp/ip.sh
    - name: etcd2.service
      command: start
      runtime: true
      drop-ins:
        - name: 15-custom-cloudinit.conf
          content: |
            [Unit]
            Requires=populate-ips.service
            After=populate-ips.service
            [Service]
            EnvironmentFile=/run/metadata
            Environment="ETCD_ELECTION_TIMEOUT=1200"
            # https://discovery.etcd.io/new?size=3
            Environment="ETCD_DISCOVERY=https://discovery.etcd.io/<TOKEN_GOES_HERE>"
            Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379"
            ExecStart=/usr/bin/etcd2 --listen-peer-urls 'http://${IPV4_PRIVATE}:2380' --initial-advertise-peer-urls 'http://${IPV4_PRIVATE}:2380' --advertise-client-urls 'http://${IPV4_PRIVATE}:2379'
write_files:
  - path: /tmp/ip.sh
    permissions: 0755
    content: |
      #!/bin/sh
      get_ipv4() {
          IFACE="${1}"
          local ip
          while [ -z "${ip}" ]; do
              ip=$(ip -4 -o addr show dev "${IFACE}" scope global | gawk '{split ($4, out, "/"); print out[1]}')
              sleep .1
          done
          echo "${ip}"
      }
      echo "IPV4_PRIVATE=$(get_ipv4 eth0)" > /run/metadata
  - path: /etc/systemd/system/etcd2.service
    permissions: 0644
    content: |
      [Unit]
      Description=etcd2
      Conflicts=etcd.service
      [Service]
      User=etcd
      Environment=ETCD_DATA_DIR=/var/lib/etcd2
      Environment=ETCD_NAME=%m
      Restart=always
      RestartSec=10s
      LimitNOFILE=40000
  - path: /etc/systemd/resolved.conf
    permissions: 0644
    owner: root
    content: |
      [Resolve]
      DNS=10.8.20.40
	#cloud-config

	users:
	- name: "core"
	groups:
	- "sudo"
	- "docker"
	- "wheel"
	- "systemd-journal"
	- "portage"
	- "core"
	ssh_authorized_keys:
	- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5TuOlyfTfOXyJI/Ic0dwvokThLPgAkK2DT/aznO9fTWsKB+y4qn4NP4a9JITxY3AhFO/aivR5bDDxjkxNotWlQ1Mi4xojuvMq3nz0a/C1O2FC8R0OXtxr4jyTHidojrVv9P5lrRpfG4u8f7DpsUqVyM4uEeCtvumW/J6NGkNLflmxmqVCS8yMvsDW1T+gi1ZsQqQYfKfTsBSoWvlCYkoq8w040R9+2+V0wTknx76NFjsNIIm/tFqfXpJVArxbcNre2Zg1U2XiiSfwdaFJog8DwLYSZQK1/9OreAQdS0duqww8BRwJq/Sa/z4kvLp5ulLGtZhIiyvfU55IYs33D4Jl hmarshall@LP-HMARSH-OSX"
	- "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDbF3EDm/GVCqGp4oxEs1eS8dQS/15wVwDH2cKLvIx5rn1++zlgEy6/lQH8fKwSDt8kkFD+BJlg/QSmu2sGkqGxu8RxMwZeNxyxVqQ/j3SNNzokvSlLtd1eNNxv11dAHyi/8k6xIY1CtWqkO55CxAcW/2E9+zwHotnyEXlfKQP/if7Ak+Az85wDPipRCbH9DpjPDpUoYTTMD4XZf2mVAubR4l8rlifaYo2gNWZopj26mLGmsNa3y9U1LolbZxksAeUk9Mrl2Yyk3zQ0HN6NagqTQH0PHsbjoZP4z9RACao2uQ3AIPnuFT+QJj72aIcILWBiUlyGYgao4j19dCenwKs/ xavierlange@Xaviers-MacBook-Pro.local"
	coreos:
	units:
	- name: "docker.service"
	drop-ins:
	- name: "50-insecure-registry.conf"
	content: \|
	[Service]
	Environment=DOCKER_OPTS='--insecure-registry="registry.phx1.viasatcloud.com"'
	- name: populate-ips.service
	command: start
	runtime: true
	content: \|
	[Service]
	Type=oneshot
	ExecStart=/tmp/ip.sh
	- name: etcd2.service
	command: start
	runtime: true
	drop-ins:
	- name: 15-custom-cloudinit.conf
	content: \|
	[Unit]
	Requires=populate-ips.service
	After=populate-ips.service
	[Service]
	EnvironmentFile=/run/metadata
	Environment="ETCD_ELECTION_TIMEOUT=1200"
	# https://discovery.etcd.io/new?size=3
	Environment="ETCD_DISCOVERY=https://discovery.etcd.io/<TOKEN_GOES_HERE>"
	Environment="ETCD_LISTEN_CLIENT_URLS=http://0.0.0.0:2379"
	ExecStart=/usr/bin/etcd2 --listen-peer-urls 'http://${IPV4_PRIVATE}:2380' --initial-advertise-peer-urls 'http://${IPV4_PRIVATE}:2380' --advertise-client-urls 'http://${IPV4_PRIVATE}:2379'
	write_files:
	- path: /tmp/ip.sh
	permissions: 0755
	content: \|
	#!/bin/sh
	get_ipv4() {
	IFACE="${1}"
	local ip
	while [ -z "${ip}" ]; do
	ip=$(ip -4 -o addr show dev "${IFACE}" scope global \| gawk '{split ($4, out, "/"); print out[1]}')
	sleep .1
	done
	echo "${ip}"
	}
	echo "IPV4_PRIVATE=$(get_ipv4 eth0)" > /run/metadata
	- path: /etc/systemd/system/etcd2.service
	permissions: 0644
	content: \|
	[Unit]
	Description=etcd2
	Conflicts=etcd.service
	[Service]
	User=etcd
	Environment=ETCD_DATA_DIR=/var/lib/etcd2
	Environment=ETCD_NAME=%m
	Restart=always
	RestartSec=10s
	LimitNOFILE=40000
	- path: /etc/systemd/resolved.conf
	permissions: 0644
	owner: root
	content: \|
	[Resolve]
	DNS=10.8.20.40