heat-agents/heat-config-kubelet/install.d/50-heat-config-kubelet

153 lines
4.4 KiB
Bash
Executable File

#!/bin/bash
set -eux
if [[ "rhel rhel7 centos7 fedora" =~ "$DISTRO_NAME" ]]; then
yum -y install --enablerepo=updates-testing kubernetes bridge-utils
cat > /etc/sysconfig/network-scripts/ifcfg-cbr0 <<EOF
DEVICE=cbr0
TYPE=Bridge
IPADDR=10.240.1.1
NETMASK=255.255.255.0
ONBOOT=yes
STP=yes
MTU=1450
# With the default forwarding delay of 15 seconds,
# many operations in a 'docker build' will simply timeout
# before the bridge starts forwarding.
DELAY=2
EOF
cat > /etc/sysconfig/network-scripts/route-cbr0 <<EOF
10.240.0.0/16 dev cbr0 scope link src 10.240.1.1
EOF
# defer docker starting until cbr0 is up
cat > /etc/systemd/system/docker.service <<EOF
.include /usr/lib/systemd/system/docker.service
[Unit]
After=network-online.target docker.socket
EOF
cat > /etc/systemd/system/heat-config-kubelet-nat-rule.service <<EOF
[Unit]
Description=iptables rule to allow nat masquerading out of 10.240.1.0/24
[Service]
ExecStart=/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 10.240.1.0/24 -j MASQUERADE
Type=oneshot
[Install]
WantedBy=multi-user.target
EOF
if [ -f "/opt/heat-docker/images.tar" ]; then
cat > /etc/systemd/system/heat-config-kubelet-load-images.service <<EOF
[Unit]
Description=Call docker load on /opt/heat-config/images.tar
After=docker.service
Before=os-collect-config.service kubelet.service
[Service]
ExecStart=/bin/docker load -i /opt/heat-docker/images.tar
ExecStart=/bin/rm -f /opt/heat-docker/images.tar
Type=oneshot
[Install]
WantedBy=multi-user.target
EOF
systemctl enable heat-config-kubelet-load-images.service
fi
cat > /etc/sysconfig/docker <<EOF
OPTIONS=--selinux-enabled --bridge cbr0 --mtu 1450 --iptables=false --insecure-registry 192.168.20.112:5001
EOF
sed -e 's|KUBELET_ARGS=""|KUBELET_ARGS="--config=/var/lib/heat-config/heat-config-kubelet/kubelet-manifests"|g' -i /etc/kubernetes/kubelet
sed -e '/KUBE_ETCD_SERVERS/ s/^#*/#/' -i /etc/kubernetes/config
systemctl disable docker.service
systemctl enable docker.service
systemctl enable kubelet.service
systemctl enable heat-config-kubelet-nat-rule.service
systemctl disable firewalld
elif [[ "ubuntu" =~ "$DISTRO_NAME" ]]; then
apt-get update
apt-get install -y apt-transport-https gnupg
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add
cat << EOF > /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-$(lsb_release -cs) main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl kubernetes-cni bridge-utils docker.io
cat << EOF > /etc/network/interfaces.d/cbr0.cfg
auto cbr0
iface cbr0 inet static
bridge_ports none
bridge_stp on
bridge_waitport 2
bridge_fd 2
address 10.240.1.1
netmask 255.255.255.0
mtu 1450
post-up /bin/ip route add 10.240.0.0/16 dev cbr0 scope link src 10.240.1.1
EOF
# defer docker starting until cbr0 is up
cat > /etc/systemd/system/docker.service <<EOF
.include /lib/systemd/system/docker.service
[Unit]
After=network-online.target docker.socket
EOF
cat > /etc/systemd/system/heat-config-kubelet-nat-rule.service <<EOF
[Unit]
Description=iptables rule to allow nat masquerading out of 10.240.1.0/24
[Service]
ExecStart=/sbin/iptables -t nat -A POSTROUTING -o eth0 -s 10.240.1.0/24 -j MASQUERADE
Type=oneshot
[Install]
WantedBy=multi-user.target
EOF
if [ -f "/opt/heat-docker/images.tar" ]; then
cat > /etc/systemd/system/heat-config-kubelet-load-images.service <<EOF
[Unit]
Description=Call docker load on /opt/heat-config/images.tar
After=docker.service
Before=os-collect-config.service kubelet.service
[Service]
ExecStart=/usr/bin/docker load -i /opt/heat-docker/images.tar
ExecStart=/bin/rm -f /opt/heat-docker/images.tar
Type=oneshot
[Install]
WantedBy=multi-user.target
EOF
systemctl enable heat-config-kubelet-load-images.service
fi
cat << EOF > /etc/docker/daemon.json
{ "bridge": "cbr0", "mtu": 1450, "iptables": false, "insecure-registries": ["192.168.20.112:5001"] }
EOF
sed -e 's|KUBELET_EXTRA_ARGS=|KUBELET_EXTRA_ARGS="--config=/var/lib/heat-config/heat-config-kubelet/kubelet-manifests"|g' -i /etc/default/kubelet
systemctl disable docker.service
systemctl enable docker.service
systemctl enable kubelet.service
systemctl enable heat-config-kubelet-nat-rule.service
else
echo "Distribution '$DISTRO_NAME' is not supported"
exit 1
fi
SCRIPTDIR=$(dirname $0)
install -D -g root -o root -m 0755 ${SCRIPTDIR}/hook-kubelet.py /var/lib/heat-config/hooks/kubelet