Merge "Align k8s CoreOS with atomic: add proxy config"
This commit is contained in:
commit
555ffb5554
|
@ -0,0 +1,46 @@
|
|||
#cloud-config
|
||||
write_files:
|
||||
- path: /etc/systemd/system/add-proxy.service
|
||||
owner: "root:root"
|
||||
permissions: "0644"
|
||||
content: |
|
||||
[Unit]
|
||||
Description=Configure proxy
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/etc/sysconfig/add-proxy.sh
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
- path: /etc/sysconfig/add-proxy.sh
|
||||
owner: "root:root"
|
||||
permissions: "0755"
|
||||
content: |
|
||||
#!/bin/sh
|
||||
|
||||
. /etc/sysconfig/heat-params
|
||||
|
||||
DOCKER_PROXY_CONF=/etc/systemd/system/docker.service.d/http-proxy.conf
|
||||
ENVIRONMENT=/etc/environment
|
||||
|
||||
mkdir -p /etc/systemd/system/docker.service.d
|
||||
|
||||
if [ -n "$HTTP_PROXY" ]; then
|
||||
cat <<EOF | sed "s/^ *//" > $DOCKER_PROXY_CONF
|
||||
HTTP_PROXY=$HTTP_PROXY
|
||||
EOF
|
||||
echo "http_proxy=$HTTP_PROXY" >> $ENVIRONMENT
|
||||
|
||||
systemctl daemon-reload
|
||||
systemctl --no-block restart docker.service
|
||||
fi
|
||||
|
||||
if [ -n "$HTTPS_PROXY" ]; then
|
||||
echo "https_proxy=$HTTPS_PROXY" >> $ENVIRONMENT
|
||||
fi
|
||||
|
||||
if [ -n "$NO_PROXY" ]; then
|
||||
echo "no_proxy=$NO_PROXY" >> ENVIRONMENT
|
||||
fi
|
|
@ -131,6 +131,21 @@ parameters:
|
|||
type: string
|
||||
description: endpoint to retrieve TLS certs from
|
||||
|
||||
http_proxy:
|
||||
type: string
|
||||
description: http proxy address for docker
|
||||
default: ""
|
||||
|
||||
https_proxy:
|
||||
type: string
|
||||
description: https proxy address for docker
|
||||
default: ""
|
||||
|
||||
no_proxy:
|
||||
type: string
|
||||
description: no proxies for docker
|
||||
default: ""
|
||||
|
||||
trustee_domain_id:
|
||||
type: string
|
||||
description: domain id of the trustee
|
||||
|
@ -320,6 +335,9 @@ resources:
|
|||
network_driver: {get_param: network_driver}
|
||||
kubernetes_port: {get_param: kubernetes_port}
|
||||
tls_disabled: {get_param: tls_disabled}
|
||||
http_proxy: {get_param: http_proxy}
|
||||
https_proxy: {get_param: https_proxy}
|
||||
no_proxy: {get_param: no_proxy}
|
||||
kube_version: {get_param: kube_version}
|
||||
wait_condition_timeout: {get_param: wait_condition_timeout}
|
||||
bay_uuid: {get_param: bay_uuid}
|
||||
|
@ -360,6 +378,9 @@ resources:
|
|||
network_driver: {get_param: network_driver}
|
||||
kubernetes_port: {get_param: kubernetes_port}
|
||||
tls_disabled: {get_param: tls_disabled}
|
||||
http_proxy: {get_param: http_proxy}
|
||||
https_proxy: {get_param: https_proxy}
|
||||
no_proxy: {get_param: no_proxy}
|
||||
kube_version: {get_param: kube_version}
|
||||
etcd_server_ip: {get_attr: [etcd_address_switch, private_ip]}
|
||||
wait_condition_timeout: {get_param: wait_condition_timeout}
|
||||
|
|
|
@ -113,6 +113,18 @@ parameters:
|
|||
description: Private IP address of the Kubernetes master server.
|
||||
default: ""
|
||||
|
||||
http_proxy:
|
||||
type: string
|
||||
description: http proxy address for docker
|
||||
|
||||
https_proxy:
|
||||
type: string
|
||||
description: https proxy address for docker
|
||||
|
||||
no_proxy:
|
||||
type: string
|
||||
description: no proxies for docker
|
||||
|
||||
trustee_user_id:
|
||||
type: string
|
||||
description: user id of the trustee
|
||||
|
@ -227,6 +239,9 @@ resources:
|
|||
"$KUBE_VERSION": {get_param: kube_version}
|
||||
"$BAY_UUID": {get_param: bay_uuid}
|
||||
"$MAGNUM_URL": {get_param: magnum_url}
|
||||
"$HTTP_PROXY": {get_param: http_proxy}
|
||||
"$HTTPS_PROXY": {get_param: https_proxy}
|
||||
"$NO_PROXY": {get_param: no_proxy}
|
||||
"$TRUSTEE_USER_ID": {get_param: trustee_user_id}
|
||||
"$TRUSTEE_PASSWORD": {get_param: trustee_password}
|
||||
"$TRUST_ID": {get_param: trust_id}
|
||||
|
@ -306,6 +321,12 @@ resources:
|
|||
group: ungrouped
|
||||
config: {get_file: fragments/wc-notify.yaml}
|
||||
|
||||
add_proxy:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/add-proxy.yaml}
|
||||
|
||||
kube_master_init:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
|
@ -315,6 +336,7 @@ resources:
|
|||
template: |
|
||||
$write_heat_params
|
||||
$make_cert
|
||||
$add_proxy
|
||||
$configure_etcd
|
||||
$write_network_config
|
||||
$enable_network_service
|
||||
|
@ -330,6 +352,8 @@ resources:
|
|||
units:
|
||||
- name: "make-cert.service"
|
||||
command: "start"
|
||||
- name: "add-proxy.service"
|
||||
command: "start"
|
||||
- name: "configure-etcd.service"
|
||||
command: "start"
|
||||
- name: "write-network-config.service"
|
||||
|
@ -355,6 +379,7 @@ resources:
|
|||
params:
|
||||
"$write_heat_params": {get_attr: [write_heat_params, config]}
|
||||
"$make_cert": {get_attr: [make_cert, config]}
|
||||
"$add_proxy": {get_attr: [add_proxy, config]}
|
||||
"$configure_etcd": {get_attr: [configure_etcd, config]}
|
||||
"$write_network_config": {get_attr: [write_network_config, config]}
|
||||
"$enable_network_service": {get_attr: [enable_network_service, config]}
|
||||
|
|
|
@ -82,6 +82,18 @@ parameters:
|
|||
description: >
|
||||
timeout for the Wait Conditions
|
||||
|
||||
http_proxy:
|
||||
type: string
|
||||
description: http proxy address for docker
|
||||
|
||||
https_proxy:
|
||||
type: string
|
||||
description: https proxy address for docker
|
||||
|
||||
no_proxy:
|
||||
type: string
|
||||
description: no proxies for docker
|
||||
|
||||
trustee_user_id:
|
||||
type: string
|
||||
description: user id of the trustee
|
||||
|
@ -143,22 +155,25 @@ resources:
|
|||
str_replace:
|
||||
template: {get_file: fragments/write-heat-params.yaml}
|
||||
params:
|
||||
$KUBE_ALLOW_PRIV: {get_param: kube_allow_priv}
|
||||
$KUBE_MASTER_IP: {get_param: kube_master_ip}
|
||||
$KUBE_NODE_PUBLIC_IP: {get_attr: [kube_minion_floating, floating_ip_address]}
|
||||
$KUBE_NODE_IP: {get_attr: [kube_minion_eth0, fixed_ips, 0, ip_address]}
|
||||
$WAIT_CURL: {get_attr: [minion_wait_handle, curl_cli]}
|
||||
$KUBE_API_PORT: {get_param: kubernetes_port}
|
||||
$TLS_DISABLED: {get_param: tls_disabled}
|
||||
$NETWORK_DRIVER: {get_param: network_driver}
|
||||
$ETCD_SERVER_IP: {get_param: etcd_server_ip}
|
||||
$KUBE_VERSION: {get_param: kube_version}
|
||||
$BAY_UUID: {get_param: bay_uuid}
|
||||
$MAGNUM_URL: {get_param: magnum_url}
|
||||
$TRUSTEE_USER_ID: {get_param: trustee_user_id}
|
||||
$TRUSTEE_PASSWORD: {get_param: trustee_password}
|
||||
$TRUST_ID: {get_param: trust_id}
|
||||
$AUTH_URL: {get_param: auth_url}
|
||||
"$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
|
||||
"$KUBE_MASTER_IP": {get_param: kube_master_ip}
|
||||
"$KUBE_NODE_PUBLIC_IP": {get_attr: [kube_minion_floating, floating_ip_address]}
|
||||
"$KUBE_NODE_IP": {get_attr: [kube_minion_eth0, fixed_ips, 0, ip_address]}
|
||||
"$WAIT_CURL": {get_attr: [minion_wait_handle, curl_cli]}
|
||||
"$KUBE_API_PORT": {get_param: kubernetes_port}
|
||||
"$TLS_DISABLED": {get_param: tls_disabled}
|
||||
"$NETWORK_DRIVER": {get_param: network_driver}
|
||||
"$ETCD_SERVER_IP": {get_param: etcd_server_ip}
|
||||
"$KUBE_VERSION": {get_param: kube_version}
|
||||
"$BAY_UUID": {get_param: bay_uuid}
|
||||
"$MAGNUM_URL": {get_param: magnum_url}
|
||||
"$HTTP_PROXY": {get_param: http_proxy}
|
||||
"$HTTPS_PROXY": {get_param: https_proxy}
|
||||
"$NO_PROXY": {get_param: no_proxy}
|
||||
"$TRUSTEE_USER_ID": {get_param: trustee_user_id}
|
||||
"$TRUSTEE_PASSWORD": {get_param: trustee_password}
|
||||
"$TRUST_ID": {get_param: trust_id}
|
||||
"$AUTH_URL": {get_param: auth_url}
|
||||
|
||||
write_kubeconfig:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
|
@ -196,6 +211,12 @@ resources:
|
|||
group: ungrouped
|
||||
config: {get_file: fragments/wc-notify.yaml}
|
||||
|
||||
add_proxy:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/add-proxy.yaml}
|
||||
|
||||
kube_minion_init:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
|
@ -206,6 +227,7 @@ resources:
|
|||
$write_heat_params
|
||||
$write_kubeconfig
|
||||
$make_cert
|
||||
$add_proxy
|
||||
$enable_network_service
|
||||
$enable_kubelet
|
||||
$enable_kube_proxy
|
||||
|
@ -214,6 +236,8 @@ resources:
|
|||
units:
|
||||
- name: "make-cert.service"
|
||||
command: "start"
|
||||
- name: "add-proxy.service"
|
||||
command: "start"
|
||||
- name: "enable-network-service.service"
|
||||
command: "start"
|
||||
- name: "enable-kubelet.service"
|
||||
|
@ -226,6 +250,7 @@ resources:
|
|||
"$write_heat_params": {get_attr: [write_heat_params, config]}
|
||||
"$write_kubeconfig": {get_attr: [write_kubeconfig, config]}
|
||||
"$make_cert": {get_attr: [make_cert, config]}
|
||||
"$add_proxy": {get_attr: [add_proxy, config]}
|
||||
"$enable_network_service": {get_attr: [enable_network_service, config]}
|
||||
"$enable_kubelet": {get_attr: [enable_kubelet, config]}
|
||||
"$enable_kube_proxy": {get_attr: [enable_kube_proxy, config]}
|
||||
|
|
Loading…
Reference in New Issue