From a35c99b9fe771b567615d465de3973e070301da8 Mon Sep 17 00:00:00 2001 From: Marcos Lilljedahl Date: Wed, 22 May 2019 20:02:50 -0300 Subject: [PATCH] Update k8s to 1.14.2 --- dockerfiles/k8s/Dockerfile | 5 +++-- dockerfiles/k8s/docker.service | 30 ++++++++++++++++++++++++++++++ dockerfiles/k8s/kubelet.env | 2 +- dockerfiles/k8s/wrapkubeadm.sh | 2 +- 4 files changed, 35 insertions(+), 4 deletions(-) create mode 100644 dockerfiles/k8s/docker.service diff --git a/dockerfiles/k8s/Dockerfile b/dockerfiles/k8s/Dockerfile index a5569a6..7e15ad3 100644 --- a/dockerfiles/k8s/Dockerfile +++ b/dockerfiles/k8s/Dockerfile @@ -5,8 +5,8 @@ COPY ./kubernetes.repo /etc/yum.repos.d/ -RUN yum install -y kubectl-1.11.3-0 kubeadm-1.11.3-0 kubelet-1.11.3-0 \ - && mv -f /etc/systemd/system/kubelet.service.d/10-kubeadm.conf /etc/systemd/system/kubelet.service \ +RUN yum install -y kubectl-1.14.2 kubeadm-1.14.2 kubelet-1.14.2 \ + #&& mv -f /etc/systemd/system/kubelet.service.d/10-kubeadm.conf /etc/systemd/system/kubelet.service \ && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo \ && yum install -y docker-ce git \ && sed -i -e '4d;5d;8d' /lib/systemd/system/docker.service \ @@ -24,6 +24,7 @@ COPY ./wrapkubeadm.sh /usr/local/bin/kubeadm COPY ./tokens.csv /etc/pki/tokens.csv COPY ./daemon.json /etc/docker/ COPY ./resolv.conf.override /etc/ +COPY ./docker.service /usr/lib/systemd/system/ COPY motd /etc/motd diff --git a/dockerfiles/k8s/docker.service b/dockerfiles/k8s/docker.service new file mode 100644 index 0000000..2a68fe4 --- /dev/null +++ b/dockerfiles/k8s/docker.service @@ -0,0 +1,30 @@ +[Unit] +Description=Docker Application Container Engine +Documentation=https://docs.docker.com + +[Service] +# the default is not to use systemd for cgroups because the delegate issues still +# exists and systemd currently does not support the cgroup feature set required +# for containers run by docker +ExecStart=/usr/bin/dockerd +ExecReload=/bin/kill -s HUP $MAINPID +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=infinity +LimitNPROC=infinity +LimitCORE=infinity +# Uncomment TasksMax if your systemd version supports it. +# Only systemd 226 and above support this version. +#TasksMax=infinity +TimeoutStartSec=0 +# set delegate yes so that systemd does not reset the cgroups of docker containers +Delegate=yes +# kill only the docker process, not all processes in the cgroup +KillMode=process +# restart the docker process if it exits prematurely +Restart=on-failure +StartLimitBurst=3 +StartLimitInterval=60s + +[Install] +WantedBy=multi-user.target diff --git a/dockerfiles/k8s/kubelet.env b/dockerfiles/k8s/kubelet.env index dacd2f8..514932b 100644 --- a/dockerfiles/k8s/kubelet.env +++ b/dockerfiles/k8s/kubelet.env @@ -4,4 +4,4 @@ KUBELET_NETWORK_ARGS="--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-b KUBELET_DNS_ARGS="--cluster-dns=10.96.0.10 --cluster-domain=cluster.local" KUBELET_AUTHZ_ARGS="--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt" KUBELET_CGROUP_ARGS="--cgroup-driver=cgroupfs" -KUBELET_EXTRA_ARGS="--fail-swap-on=false --resolv-conf=/etc/resolv.conf.override" +KUBELET_EXTRA_ARGS="--fail-swap-on=false --resolv-conf=/etc/resolv.conf.override --feature-gates ExperimentalCriticalPodAnnotation=true" diff --git a/dockerfiles/k8s/wrapkubeadm.sh b/dockerfiles/k8s/wrapkubeadm.sh index bb659ef..5b68329 100755 --- a/dockerfiles/k8s/wrapkubeadm.sh +++ b/dockerfiles/k8s/wrapkubeadm.sh @@ -125,7 +125,7 @@ function dind::wait-for-apiserver { } function dind::frob-cluster { - dind::frob-apiserver + #dind::frob-apiserver dind::wait-for-apiserver dind::frob-proxy }