Merge "Add build-arg for --allow-privileged"
This commit is contained in:
commit
764cfe041d
|
@ -1,4 +1,5 @@
|
|||
ARG KUBE_VERSION=v1.13.0
|
||||
ARG ADD_KUBE_ALLOW_PRIV=false
|
||||
|
||||
FROM fedora:rawhide
|
||||
ARG KUBE_VERSION
|
||||
|
@ -30,6 +31,7 @@ COPY service.template config.json.template /exports/
|
|||
# however, this would require hard-coding the container name
|
||||
|
||||
COPY apiserver config /etc/kubernetes/
|
||||
RUN [ $ADD_KUBE_ALLOW_PRIV = "true" ] && echo "KUBE_ALLOW_PRIV=\"--allow-privileged=false\"" >> /etc/kubernetes/config || true
|
||||
RUN mkdir -p /exports/hostfs/usr/local/bin/
|
||||
COPY --from=0 /root/kubectl /exports/hostfs/usr/local/bin/
|
||||
RUN chmod +x /exports/hostfs/usr/local/bin/kubectl && \
|
||||
|
|
|
@ -15,8 +15,5 @@ KUBE_LOGTOSTDERR="--logtostderr=true"
|
|||
# journal message level, 0 is debug
|
||||
KUBE_LOG_LEVEL="--v=0"
|
||||
|
||||
# Should this cluster be allowed to run privileged docker containers
|
||||
KUBE_ALLOW_PRIV="--allow-privileged=false"
|
||||
|
||||
# How the controller-manager, scheduler, and proxy find the apiserver
|
||||
KUBE_MASTER="--master=http://127.0.0.1:8080"
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
ARG KUBE_VERSION=v1.13.0
|
||||
ARG ADD_KUBE_ALLOW_PRIV=false
|
||||
FROM gcr.io/google-containers/kube-controller-manager-amd64:${KUBE_VERSION}
|
||||
|
||||
ENV container=docker
|
||||
|
@ -17,6 +18,7 @@ COPY launch.sh /usr/bin/kube-controller-manager-docker.sh
|
|||
COPY service.template config.json.template /exports/
|
||||
|
||||
COPY controller-manager config /etc/kubernetes/
|
||||
RUN [ $ADD_KUBE_ALLOW_PRIV = "true" ] && echo "KUBE_ALLOW_PRIV=\"--allow-privileged=false\"" >> /etc/kubernetes/config || true
|
||||
RUN mkdir -p /exports/hostfs/etc/kubernetes && \
|
||||
cp /etc/kubernetes/config /exports/hostfs/etc/kubernetes/ && \
|
||||
cp /etc/kubernetes/controller-manager /exports/hostfs/etc/kubernetes/
|
||||
|
|
|
@ -15,8 +15,5 @@ KUBE_LOGTOSTDERR="--logtostderr=true"
|
|||
# journal message level, 0 is debug
|
||||
KUBE_LOG_LEVEL="--v=0"
|
||||
|
||||
# Should this cluster be allowed to run privileged docker containers
|
||||
KUBE_ALLOW_PRIV="--allow-privileged=false"
|
||||
|
||||
# How the controller-manager, scheduler, and proxy find the apiserver
|
||||
KUBE_MASTER="--master=http://127.0.0.1:8080"
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
ARG KUBE_VERSION=v1.13.0
|
||||
ARG ADD_KUBE_ALLOW_PRIV=false
|
||||
FROM gcr.io/google-containers/hyperkube-amd64:${KUBE_VERSION}
|
||||
|
||||
ENV container=docker
|
||||
|
@ -14,6 +15,7 @@ LABEL bzcomponent="$NAME" \
|
|||
|
||||
COPY launch.sh /usr/bin/kubelet-docker.sh
|
||||
COPY kubelet config /etc/kubernetes/
|
||||
RUN [ $ADD_KUBE_ALLOW_PRIV = "true" ] && echo "KUBE_ALLOW_PRIV=\"--allow-privileged=false\"" >> /etc/kubernetes/config || true
|
||||
|
||||
COPY manifest.json tmpfiles.template service.template config.json.template /exports/
|
||||
|
||||
|
|
|
@ -15,8 +15,5 @@ KUBE_LOGTOSTDERR="--logtostderr=true"
|
|||
# journal message level, 0 is debug
|
||||
KUBE_LOG_LEVEL="--v=0"
|
||||
|
||||
# Should this cluster be allowed to run privileged docker containers
|
||||
KUBE_ALLOW_PRIV="--allow-privileged=false"
|
||||
|
||||
# How the controller-manager, scheduler, and proxy find the apiserver
|
||||
KUBE_MASTER="--master=http://127.0.0.1:8080"
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
ARG KUBE_VERSION=v1.13.0
|
||||
ARG ADD_KUBE_ALLOW_PRIV=false
|
||||
FROM gcr.io/google-containers/kube-proxy-amd64:${KUBE_VERSION}
|
||||
ENV container=docker
|
||||
|
||||
|
@ -16,6 +17,8 @@ COPY launch.sh /usr/bin/kube-proxy-docker.sh
|
|||
COPY service.template config.json.template /exports/
|
||||
|
||||
COPY proxy config /etc/kubernetes/
|
||||
RUN [ $ADD_KUBE_ALLOW_PRIV = "true" ] && echo "KUBE_ALLOW_PRIV=\"--allow-privileged=false\"" >> /etc/kubernetes/config || true
|
||||
|
||||
RUN mkdir -p /exports/hostfs/etc/kubernetes && \
|
||||
cp /etc/kubernetes/config /exports/hostfs/etc/kubernetes/ && \
|
||||
cp /etc/kubernetes/proxy /exports/hostfs/etc/kubernetes/
|
||||
|
|
|
@ -15,8 +15,5 @@ KUBE_LOGTOSTDERR="--logtostderr=true"
|
|||
# journal message level, 0 is debug
|
||||
KUBE_LOG_LEVEL="--v=0"
|
||||
|
||||
# Should this cluster be allowed to run privileged docker containers
|
||||
KUBE_ALLOW_PRIV="--allow-privileged=false"
|
||||
|
||||
# How the controller-manager, scheduler, and proxy find the apiserver
|
||||
KUBE_MASTER="--master=http://127.0.0.1:8080"
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
ARG KUBE_VERSION=v1.13.0
|
||||
ARG ADD_KUBE_ALLOW_PRIV=false
|
||||
FROM gcr.io/google-containers/kube-scheduler-amd64:${KUBE_VERSION}
|
||||
ENV container=docker
|
||||
|
||||
|
@ -16,6 +17,7 @@ COPY launch.sh /usr/bin/kube-scheduler-docker.sh
|
|||
COPY service.template config.json.template /exports/
|
||||
|
||||
COPY scheduler config /etc/kubernetes/
|
||||
RUN [ $ADD_KUBE_ALLOW_PRIV = "true" ] && echo "KUBE_ALLOW_PRIV=\"--allow-privileged=false\"" >> /etc/kubernetes/config || true
|
||||
RUN mkdir -p /exports/hostfs/etc/kubernetes && \
|
||||
cp /etc/kubernetes/config /exports/hostfs/etc/kubernetes/ && \
|
||||
cp /etc/kubernetes/scheduler /exports/hostfs/etc/kubernetes/
|
||||
|
|
|
@ -15,8 +15,5 @@ KUBE_LOGTOSTDERR="--logtostderr=true"
|
|||
# journal message level, 0 is debug
|
||||
KUBE_LOG_LEVEL="--v=0"
|
||||
|
||||
# Should this cluster be allowed to run privileged docker containers
|
||||
KUBE_ALLOW_PRIV="--allow-privileged=false"
|
||||
|
||||
# How the controller-manager, scheduler, and proxy find the apiserver
|
||||
KUBE_MASTER="--master=http://127.0.0.1:8080"
|
||||
|
|
|
@ -22,6 +22,7 @@
|
|||
tag: "{{kubernetes_version_v1_11}}"
|
||||
buildargs:
|
||||
KUBE_VERSION: "{{kubernetes_version_v1_11}}"
|
||||
ADD_KUBE_ALLOW_PRIV: "true"
|
||||
push: no
|
||||
with_items: "{{ kubernetes_images }}"
|
||||
retries: 10
|
||||
|
@ -35,6 +36,7 @@
|
|||
tag: "{{kubernetes_version_v1_12}}"
|
||||
buildargs:
|
||||
KUBE_VERSION: "{{kubernetes_version_v1_12}}"
|
||||
ADD_KUBE_ALLOW_PRIV: "true"
|
||||
push: no
|
||||
with_items: "{{ kubernetes_images }}"
|
||||
retries: 10
|
||||
|
@ -48,6 +50,7 @@
|
|||
tag: "{{kubernetes_version_v1_13}}"
|
||||
buildargs:
|
||||
KUBE_VERSION: "{{kubernetes_version_v1_13}}"
|
||||
ADD_KUBE_ALLOW_PRIV: "true"
|
||||
push: no
|
||||
with_items: "{{ kubernetes_images }}"
|
||||
retries: 10
|
||||
|
@ -61,6 +64,7 @@
|
|||
tag: "{{kubernetes_version_v1_14}}"
|
||||
buildargs:
|
||||
KUBE_VERSION: "{{kubernetes_version_v1_14}}"
|
||||
ADD_KUBE_ALLOW_PRIV: "true"
|
||||
push: no
|
||||
with_items: "{{ kubernetes_images }}"
|
||||
retries: 10
|
||||
|
|
Loading…
Reference in New Issue