diff --git a/docs/getting-started-guides/README.md b/docs/getting-started-guides/README.md index 5eaa5bed77b0e..f7338f6492fef 100644 --- a/docs/getting-started-guides/README.md +++ b/docs/getting-started-guides/README.md @@ -20,9 +20,9 @@ Bare-metal | custom | Fedora | flannel | [docs](../../docs/g libvirt | custom | Fedora | flannel | [docs](../../docs/getting-started-guides/fedora/flannel_multi_node_cluster.md) | | Community ([@aveshagarwal](https://github.com/aveshagarwal))| Tested with 0.15.0 KVM | custom | Fedora | flannel | [docs](../../docs/getting-started-guides/fedora/flannel_multi_node_cluster.md) | | Community ([@aveshagarwal](https://github.com/aveshagarwal))| Tested with 0.15.0 Mesos/GCE | | | | [docs](../../docs/getting-started-guides/mesos.md) | | [Community](https://github.com/mesosphere/kubernetes-mesos) ([@jdef](https://github.com/jdef)) | Uses K8s v0.11.2 -AWS | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos.md) | | Community | Uses K8s version 0.17.0 -GCE | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos.md) | | Community (@kelseyhightower) | Uses K8s version 0.15.0 -Vagrant | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos.md) | | Community ( [@pires](https://github.com/pires), [@AntonioMeireles](https://github.com/AntonioMeireles) ) | Uses K8s version 0.15.0 +AWS | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos.md) | | Community | Uses K8s version 0.19.3 +GCE | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos.md) | | Community [@pires](https://github.com/pires) | Uses K8s version 0.19.3 +Vagrant | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos.md) | | Community ( [@pires](https://github.com/pires), [@AntonioMeireles](https://github.com/AntonioMeireles) ) | Uses K8s version 0.19.3 Bare-metal (Offline) | CoreOS | CoreOS | flannel | [docs](../../docs/getting-started-guides/coreos/bare_metal_offline.md) | | Community([@jeffbean](https://github.com/jeffbean)) | Uses K8s version 0.15.0 CloudStack | Ansible | CoreOS | flannel | [docs](../../docs/getting-started-guides/cloudstack.md) | | Community (@runseb) | Uses K8s version 0.9.1 Vmware | | Debian | OVS | [docs](../../docs/getting-started-guides/vsphere.md) | | Community (@pietern) | Uses K8s version 0.9.1 diff --git a/docs/getting-started-guides/coreos/cloud-configs/master.yaml b/docs/getting-started-guides/coreos/cloud-configs/master.yaml index 7310c22582c68..bdc963fb8e81d 100644 --- a/docs/getting-started-guides/coreos/cloud-configs/master.yaml +++ b/docs/getting-started-guides/coreos/cloud-configs/master.yaml @@ -1,6 +1,22 @@ #cloud-config --- +write-files: + - path: /etc/conf.d/nfs + permissions: '0644' + content: | + OPTS_RPC_MOUNTD="" + - path: /opt/bin/wupiao + permissions: '0755' + content: | + #!/bin/bash + # [w]ait [u]ntil [p]ort [i]s [a]ctually [o]pen + [ -n "$1" ] && \ + until curl -o /dev/null -sIf http://${1}; do \ + sleep 1 && echo .; + done; + exit $? + hostname: master coreos: etcd2: @@ -15,6 +31,17 @@ coreos: fleet: metadata: "role=master" units: + - name: generate-serviceaccount-key.service + command: start + content: | + [Unit] + Description=Generate service-account key file + + [Service] + ExecStartPre=-/usr/bin/mkdir -p /opt/bin + ExecStart=/bin/openssl genrsa -out /opt/bin/kube-serviceaccount.key 2048 2>/dev/null + RemainAfterExit=yes + Type=oneshot - name: setup-network-environment.service command: start content: | @@ -42,82 +69,35 @@ coreos: Requires=etcd2.service [Service] ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}' - - name: docker-cache.service - command: start - content: | - [Unit] - Description=Docker cache proxy - Requires=early-docker.service - After=early-docker.service - Before=early-docker.target - - [Service] - Restart=always - TimeoutStartSec=0 - RestartSec=5 - Environment="TMPDIR=/var/tmp/" - Environment="DOCKER_HOST=unix:///var/run/early-docker.sock" - ExecStartPre=-/usr/bin/docker kill docker-registry - ExecStartPre=-/usr/bin/docker rm docker-registry - ExecStartPre=/usr/bin/docker pull quay.io/devops/docker-registry:latest - # GUNICORN_OPTS is an workaround for - # https://github.com/docker/docker-registry/issues/892 - ExecStart=/usr/bin/docker run --rm --net host --name docker-registry \ - -e STANDALONE=false \ - -e GUNICORN_OPTS=[--preload] \ - -e MIRROR_SOURCE=https://registry-1.docker.io \ - -e MIRROR_SOURCE_INDEX=https://index.docker.io \ - -e MIRROR_TAGS_CACHE_TTL=1800 \ - quay.io/devops/docker-registry:latest - name: docker.service - content: | - [Unit] - Description=Docker Application Container Engine - Documentation=http://docs.docker.com - After=docker.socket early-docker.target network.target - Requires=docker.socket early-docker.target - - [Service] - Environment=TMPDIR=/var/tmp - EnvironmentFile=-/run/flannel_docker_opts.env - EnvironmentFile=/etc/network-environment - MountFlags=slave - LimitNOFILE=1048576 - LimitNPROC=1048576 - ExecStart=/usr/lib/coreos/dockerd --daemon --host=fd:// --registry-mirror=http://${DEFAULT_IPV4}:5000 $DOCKER_OPT_BIP $DOCKER_OPT_MTU $DOCKER_OPT_IPMASQ - - [Install] - WantedBy=multi-user.target - drop-ins: - - name: 51-docker-mirror.conf - content: | - [Unit] - # making sure that docker-cache is up and that flanneld finished - # startup, otherwise containers won't land in flannel's network... - Requires=docker-cache.service flanneld.service - After=docker-cache.service flanneld.service + command: start - name: kube-apiserver.service command: start content: | [Unit] Description=Kubernetes API Server Documentation=https://github.com/GoogleCloudPlatform/kubernetes - Requires=etcd2.service setup-network-environment.service - After=etcd2.service setup-network-environment.service + Requires=setup-network-environment.service etcd2.service generate-serviceaccount-key.service + After=setup-network-environment.service etcd2.service generate-serviceaccount-key.service [Service] EnvironmentFile=/etc/network-environment ExecStartPre=-/usr/bin/mkdir -p /opt/bin - ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-apiserver -z /opt/bin/kube-apiserver https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-apiserver + ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-apiserver -z /opt/bin/kube-apiserver https://storage.googleapis.com/kubernetes-release/release/v0.19.3/bin/linux/amd64/kube-apiserver ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-apiserver + ExecStartPre=/opt/bin/wupiao 127.0.0.1:2379/v2/machines ExecStart=/opt/bin/kube-apiserver \ + --service_account_key_file=/opt/bin/kube-serviceaccount.key \ + --service_account_lookup=false \ + --admission_control=NamespaceLifecycle,NamespaceAutoProvision,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota \ + --runtime_config=api/v1 \ --allow_privileged=true \ --insecure_bind_address=0.0.0.0 \ --insecure_port=8080 \ --kubelet_https=true \ --secure_port=6443 \ --service-cluster-ip-range=10.100.0.0/16 \ - --etcd_servers=http://127.0.0.1:4001 \ + --etcd_servers=http://127.0.0.1:2379 \ --public_address_override=${DEFAULT_IPV4} \ --logtostderr=true Restart=always @@ -132,9 +112,10 @@ coreos: After=kube-apiserver.service [Service] - ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-controller-manager -z /opt/bin/kube-controller-manager https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-controller-manager + ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-controller-manager -z /opt/bin/kube-controller-manager https://storage.googleapis.com/kubernetes-release/release/v0.19.3/bin/linux/amd64/kube-controller-manager ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-controller-manager ExecStart=/opt/bin/kube-controller-manager \ + --service_account_private_key_file=/opt/bin/kube-serviceaccount.key \ --master=127.0.0.1:8080 \ --logtostderr=true Restart=always @@ -149,32 +130,11 @@ coreos: After=kube-apiserver.service [Service] - ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-scheduler -z /opt/bin/kube-scheduler https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-scheduler + ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-scheduler -z /opt/bin/kube-scheduler https://storage.googleapis.com/kubernetes-release/release/v0.19.3/bin/linux/amd64/kube-scheduler ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-scheduler ExecStart=/opt/bin/kube-scheduler --master=127.0.0.1:8080 Restart=always RestartSec=10 - - name: kube-register.service - command: start - content: | - [Unit] - Description=Kubernetes Registration Service - Documentation=https://github.com/kelseyhightower/kube-register - Requires=kube-apiserver.service - After=kube-apiserver.service - Requires=fleet.service - After=fleet.service - - [Service] - ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-register -z /opt/bin/kube-register https://github.com/kelseyhightower/kube-register/releases/download/v0.0.3/kube-register-0.0.3-linux-amd64 - ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-register - ExecStart=/opt/bin/kube-register \ - --metadata=role=node \ - --fleet-endpoint=unix:///var/run/fleet.sock \ - --api-endpoint=http://127.0.0.1:8080 \ - --healthz-port=10248 - Restart=always - RestartSec=10 update: group: alpha reboot-strategy: off diff --git a/docs/getting-started-guides/coreos/cloud-configs/node.yaml b/docs/getting-started-guides/coreos/cloud-configs/node.yaml index c13c7a97fc10a..314f54fce02df 100644 --- a/docs/getting-started-guides/coreos/cloud-configs/node.yaml +++ b/docs/getting-started-guides/coreos/cloud-configs/node.yaml @@ -31,14 +31,6 @@ coreos: ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}' - name: docker.service command: start - drop-ins: - - name: 51-docker-mirror.conf - content: | - [Unit] - Requires=flanneld.service - After=flanneld.service - [Service] - Environment=DOCKER_OPTS='--registry-mirror=http://:5000' - name: setup-network-environment.service command: start content: | @@ -65,7 +57,7 @@ coreos: After=setup-network-environment.service [Service] - ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-proxy -z /opt/bin/kube-proxy https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-proxy + ExecStartPre=/usr/bin/curl -L -o /opt/bin/kube-proxy -z /opt/bin/kube-proxy https://storage.googleapis.com/kubernetes-release/release/v0.19.3/bin/linux/amd64/kube-proxy ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-proxy # wait for kubernetes master to be up and ready ExecStartPre=/opt/bin/wupiao 8080 @@ -85,7 +77,7 @@ coreos: [Service] EnvironmentFile=/etc/network-environment - ExecStartPre=/usr/bin/curl -L -o /opt/bin/kubelet -z /opt/bin/kubelet https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kubelet + ExecStartPre=/usr/bin/curl -L -o /opt/bin/kubelet -z /opt/bin/kubelet https://storage.googleapis.com/kubernetes-release/release/v0.19.3/bin/linux/amd64/kubelet ExecStartPre=/usr/bin/chmod +x /opt/bin/kubelet # wait for kubernetes master to be up and ready ExecStartPre=/opt/bin/wupiao 8080 @@ -96,6 +88,7 @@ coreos: --api_servers=:8080 \ --allow_privileged=true \ --logtostderr=true \ + --cadvisor_port=4194 \ --healthz_bind_address=0.0.0.0 \ --healthz_port=10248 Restart=always diff --git a/docs/getting-started-guides/coreos/cloud-configs/standalone.yaml b/docs/getting-started-guides/coreos/cloud-configs/standalone.yaml deleted file mode 100644 index 96daa91872808..0000000000000 --- a/docs/getting-started-guides/coreos/cloud-configs/standalone.yaml +++ /dev/null @@ -1,167 +0,0 @@ -#cloud-config - ---- -hostname: master -coreos: - etcd2: - name: master - listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 - advertise-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001 - initial-cluster-token: k8s_etcd - listen-peer-urls: http://0.0.0.0:2380,http://0.0.0.0:7001 - initial-advertise-peer-urls: http://0.0.0.0:2380 - initial-cluster: master=http://0.0.0.0:2380 - initial-cluster-state: new - units: - - name: etcd2.service - command: start - - name: fleet.service - command: start - - name: flanneld.service - command: start - drop-ins: - - name: 50-network-config.conf - content: | - [Unit] - Requires=etcd2.service - [Service] - ExecStartPre=/usr/bin/etcdctl set /coreos.com/network/config '{"Network":"10.244.0.0/16", "Backend": {"Type": "vxlan"}}' - - name: docker-cache.service - command: start - content: | - [Unit] - Description=Docker cache proxy - Requires=early-docker.service - After=early-docker.service - Before=early-docker.target - - [Service] - Restart=always - TimeoutStartSec=0 - RestartSec=5 - Environment="TMPDIR=/var/tmp/" - Environment="DOCKER_HOST=unix:///var/run/early-docker.sock" - ExecStartPre=-/usr/bin/docker kill docker-registry - ExecStartPre=-/usr/bin/docker rm docker-registry - ExecStartPre=/usr/bin/docker pull quay.io/devops/docker-registry:latest - # GUNICORN_OPTS is an workaround for - # https://github.com/docker/docker-registry/issues/892 - ExecStart=/usr/bin/docker run --rm --net host --name docker-registry \ - -e STANDALONE=false \ - -e GUNICORN_OPTS=[--preload] \ - -e MIRROR_SOURCE=https://registry-1.docker.io \ - -e MIRROR_SOURCE_INDEX=https://index.docker.io \ - -e MIRROR_TAGS_CACHE_TTL=1800 \ - quay.io/devops/docker-registry:latest - - name: docker.service - command: start - drop-ins: - - name: 51-docker-mirror.conf - content: | - [Unit] - # making sure that docker-cache is up and that flanneld finished - # startup, otherwise containers won't land in flannel's network... - Requires=docker-cache.service flanneld.service - After=docker-cache.service flanneld.service - [Service] - Environment=DOCKER_OPTS='--registry-mirror=http://$private_ipv4:5000' - - name: kube-apiserver.service - command: start - content: | - [Unit] - Description=Kubernetes API Server - Documentation=https://github.com/GoogleCloudPlatform/kubernetes - Requires=etcd2.service - After=etcd2.service - - [Service] - ExecStartPre=-/usr/bin/mkdir -p /opt/bin - ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-apiserver - ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-apiserver - ExecStart=/opt/bin/kube-apiserver \ - --allow_privileged=true \ - --insecure_bind_address=0.0.0.0 \ - --insecure_port=8080 \ - --kubelet_https=true \ - --secure_port=6443 \ - --service-cluster-ip-range=10.100.0.0/16 \ - --etcd_servers=http://127.0.0.1:4001 \ - --public_address_override=127.0.0.1 \ - --logtostderr=true - Restart=always - RestartSec=10 - - name: kube-controller-manager.service - command: start - content: | - [Unit] - Description=Kubernetes Controller Manager - Documentation=https://github.com/GoogleCloudPlatform/kubernetes - Requires=kube-apiserver.service - After=kube-apiserver.service - - [Service] - ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-controller-manager - ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-controller-manager - ExecStart=/opt/bin/kube-controller-manager \ - --master=127.0.0.1:8080 \ - --logtostderr=true - Restart=always - RestartSec=10 - - name: kube-scheduler.service - command: start - content: | - [Unit] - Description=Kubernetes Scheduler - Documentation=https://github.com/GoogleCloudPlatform/kubernetes - Requires=kube-apiserver.service - After=kube-apiserver.service - - [Service] - ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-scheduler - ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-scheduler - ExecStart=/opt/bin/kube-scheduler --master=127.0.0.1:8080 - Restart=always - RestartSec=10 - - name: kube-proxy.service - command: start - content: | - [Unit] - Description=Kubernetes Proxy - Documentation=https://github.com/GoogleCloudPlatform/kubernetes - Requires=etcd2.service - After=etcd2.service - - [Service] - ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kube-proxy - ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-proxy - ExecStart=/opt/bin/kube-proxy \ - --master=127.0.0.1:8080 \ - --logtostderr=true - Restart=always - RestartSec=10 - - name: kube-kubelet.service - command: start - content: | - [Unit] - Description=Kubernetes Kubelet - Documentation=https://github.com/GoogleCloudPlatform/kubernetes - Requires=etcd2.service - After=etcd2.service - - [Service] - ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v0.18.2/bin/linux/amd64/kubelet - ExecStartPre=/usr/bin/chmod +x /opt/bin/kubelet - ExecStart=/opt/bin/kubelet \ - --address=0.0.0.0 \ - --port=10250 \ - --hostname_override=127.0.0.1 \ - --api_servers=127.0.0.1:8080 \ - --allow_privileged=true \ - --logtostderr=true \ - --healthz_bind_address=0.0.0.0 \ - --healthz_port=10248 - Restart=always - RestartSec=10 - update: - group: alpha - reboot-strategy: off diff --git a/docs/getting-started-guides/coreos/coreos_multinode_cluster.md b/docs/getting-started-guides/coreos/coreos_multinode_cluster.md index c4a1f3dc237a4..fb3d03da55c41 100644 --- a/docs/getting-started-guides/coreos/coreos_multinode_cluster.md +++ b/docs/getting-started-guides/coreos/coreos_multinode_cluster.md @@ -2,9 +2,9 @@ Use the [master.yaml](cloud-configs/master.yaml) and [node.yaml](cloud-configs/node.yaml) cloud-configs to provision a multi-node Kubernetes cluster. -> **Attention**: This requires at least CoreOS version **[653.0.0][coreos653]**, as this was the first release to include etcd2. +> **Attention**: This requires at least CoreOS version **[695.0.0][coreos695]**, which includes `etcd2`. -[coreos653]: https://coreos.com/releases/#653.0.0 +[coreos695]: https://coreos.com/releases/#695.0.0 ## Overview diff --git a/docs/getting-started-guides/coreos/coreos_single_node_cluster.md b/docs/getting-started-guides/coreos/coreos_single_node_cluster.md deleted file mode 100644 index f65a08b59d481..0000000000000 --- a/docs/getting-started-guides/coreos/coreos_single_node_cluster.md +++ /dev/null @@ -1,63 +0,0 @@ -# CoreOS - Single Node Kubernetes Cluster - -Use the [standalone.yaml](cloud-configs/standalone.yaml) cloud-config to provision a single node Kubernetes cluster. - -> **Attention**: This requires at least CoreOS version **[653.0.0][coreos653]**, as this was the first release to include etcd2. - -[coreos653]: https://coreos.com/releases/#653.0.0 - -### CoreOS image versions - -### AWS - -``` -aws ec2 create-security-group --group-name kubernetes --description "Kubernetes Security Group" -aws ec2 authorize-security-group-ingress --group-name kubernetes --protocol tcp --port 22 --cidr 0.0.0.0/0 -aws ec2 authorize-security-group-ingress --group-name kubernetes --source-security-group-name kubernetes -``` - -*Attention:* Replace `````` bellow for a [suitable version of CoreOS image for AWS](https://coreos.com/docs/running-coreos/cloud-providers/ec2/). - -``` -aws ec2 run-instances \ ---image-id \ ---key-name \ ---region us-west-2 \ ---security-groups kubernetes \ ---instance-type m3.medium \ ---user-data file://standalone.yaml -``` - -### Google Compute Engine (GCE) - -*Attention:* Replace `````` bellow for a [suitable version of CoreOS image for Google Compute Engine](https://coreos.com/docs/running-coreos/cloud-providers/google-compute-engine/). - -``` -gcloud compute instances create standalone \ ---image-project coreos-cloud \ ---image \ ---boot-disk-size 200GB \ ---machine-type n1-standard-1 \ ---zone us-central1-a \ ---metadata-from-file user-data=standalone.yaml -``` - -Next, setup an ssh tunnel to the instance so you can run kubectl from your local host. -In one terminal, run `gcloud compute ssh standalone --ssh-flag="-L 8080:127.0.0.1:8080"` and in a second -run `gcloud compute ssh standalone --ssh-flag="-R 8080:127.0.0.1:8080"`. - - -### VMware Fusion - -Create a [config-drive](https://coreos.com/docs/cluster-management/setup/cloudinit-config-drive) ISO. - -``` -mkdir -p /tmp/new-drive/openstack/latest/ -cp standalone.yaml /tmp/new-drive/openstack/latest/user_data -hdiutil makehybrid -iso -joliet -joliet-volume-name "config-2" -joliet -o standalone.iso /tmp/new-drive -``` - -Boot the [vmware image](https://coreos.com/docs/running-coreos/platforms/vmware) using the `standalone.iso` as a config drive. - - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/getting-started-guides/coreos/coreos_single_node_cluster.md?pixel)]()