Marcos Lilljedahl
@@ -5,7 +5,7 @@ COPY ./kubernetes.repo /etc/yum.repos.d/
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
RUN yum install -y kubectl-1.12.1-0 kubeadm-1.12.1-0 \
|
RUN yum install -y kubectl-1.11.3-0 kubeadm-1.11.3-0 kubelet-1.11.3-0 \
|
||||||
&& mv -f /etc/systemd/system/kubelet.service.d/10-kubeadm.conf /etc/systemd/system/kubelet.service \
|
&& mv -f /etc/systemd/system/kubelet.service.d/10-kubeadm.conf /etc/systemd/system/kubelet.service \
|
||||||
&& yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo \
|
&& yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo \
|
||||||
&& yum install -y docker-ce git \
|
&& yum install -y docker-ce git \
|
||||||
|
|||||||
@@ -20,7 +20,7 @@
|
|||||||
|
|
||||||
3. (Optional) Create an nginx deployment:
|
3. (Optional) Create an nginx deployment:
|
||||||
|
|
||||||
kubectl apply -f https://raw.githubusercontent.com/kubernetes/website/master/content/cn/docs/user-guide/nginx-app.yaml
|
kubectl apply -f https://raw.githubusercontent.com/kubernetes/website/master/content/en/examples/application/nginx-app.yaml
|
||||||
|
|
||||||
|
|
||||||
The PWK team.
|
The PWK team.
|
||||||
|
|||||||
@@ -22,6 +22,10 @@ apiserver_static_pod="/etc/kubernetes/manifests/kube-apiserver"
|
|||||||
|
|
||||||
# TODO: think about more secure possibilities
|
# TODO: think about more secure possibilities
|
||||||
apiserver_anonymous_auth='.spec.containers[0].command|=map(select(startswith("--token-auth-file")|not))+["--token-auth-file=/etc/pki/tokens.csv"]'
|
apiserver_anonymous_auth='.spec.containers[0].command|=map(select(startswith("--token-auth-file")|not))+["--token-auth-file=/etc/pki/tokens.csv"]'
|
||||||
|
|
||||||
|
# Sets etcd2 as backend
|
||||||
|
apiserver_etcd2_backend='.spec.containers[0].command|=map(select(startswith("--storage-backend")|not))+["--storage-backend=etcd2"]'
|
||||||
|
|
||||||
# Make apiserver accept insecure connections on port 8080
|
# Make apiserver accept insecure connections on port 8080
|
||||||
# TODO: don't use insecure port
|
# TODO: don't use insecure port
|
||||||
#apiserver_insecure_bind_port='.spec.containers[0].command|=map(select(startswith("--insecure-port=")|not))+["--insecure-port=2375"]'
|
#apiserver_insecure_bind_port='.spec.containers[0].command|=map(select(startswith("--insecure-port=")|not))+["--insecure-port=2375"]'
|
||||||
@@ -36,7 +40,7 @@ function dind::proxy-cidr-and-no-conntrack {
|
|||||||
|
|
||||||
# Adds route to defualt eth0 interface so 10.96.x.x can go through
|
# Adds route to defualt eth0 interface so 10.96.x.x can go through
|
||||||
function dind::add-route {
|
function dind::add-route {
|
||||||
route add 10.96.0.0/16 dev eth0
|
ip route add 10.96.0.0/16 dev eth0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@@ -124,7 +128,6 @@ function dind::frob-cluster {
|
|||||||
dind::frob-apiserver
|
dind::frob-apiserver
|
||||||
dind::wait-for-apiserver
|
dind::wait-for-apiserver
|
||||||
dind::frob-proxy
|
dind::frob-proxy
|
||||||
dind::add-route
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Weave depends on /etc/machine-id being unique
|
# Weave depends on /etc/machine-id being unique
|
||||||
@@ -144,5 +147,7 @@ fi
|
|||||||
# Frob cluster
|
# Frob cluster
|
||||||
if [[ "$@" == "init"* && $? -eq 0 && ! "$@" == *"--help"* ]]; then
|
if [[ "$@" == "init"* && $? -eq 0 && ! "$@" == *"--help"* ]]; then
|
||||||
dind::frob-cluster
|
dind::frob-cluster
|
||||||
|
else
|
||||||
|
dind::add-route
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user