magnum/magnum/drivers/k8s_coreos_v1/templates/fragments/enable-kubelet-minion.yaml

#cloud-config
write_files:
  - path: /etc/systemd/system/enable-kubelet.service
    owner: "root:root"
    permissions: "0644"
    content: |
      [Unit]
      Description=Enable Kubelet

      [Service]
      Type=oneshot
      EnvironmentFile=/etc/sysconfig/heat-params
      ExecStart=/etc/sysconfig/enable-kubelet-minion.sh

      [Install]
      WantedBy=multi-user.target      

  - path: /etc/sysconfig/enable-kubelet-minion.sh
    owner: "root:root"
    permissions: "0755"
    content: |
      #!/bin/sh

      if [ -z "${KUBE_NODE_IP}" ]; then
        KUBE_NODE_IP=$(curl -s http://169.254.169.254/latest/meta-data/local-ipv4)
      fi

      TLS_CERT_FILE=${KUBE_CERTS_PATH}/worker.pem
      TLS_PRIVATE_KEY_FILE=${KUBE_CERTS_PATH}/worker-key.pem
      KUBE_PROTOCOL="https"
      KUBE_CONFIG="/etc/kubernetes/config/worker-kubeconfig.yaml"
      if [ "$TLS_DISABLED" == "True" ]; then
        TLS_CERT_FILE=
        TLS_PRIVATE_KEY_FILE=
        KUBE_PROTOCOL="http"
        KUBE_CONFIG=
      fi
      KUBE_MASTER_URI="$KUBE_PROTOCOL://$KUBE_MASTER_IP:$KUBE_API_PORT"

      CONF_FILE=/etc/systemd/system/kubelet.service
      cat > $CONF_FILE <<EOF
      [Service]
      Environment=KUBELET_VERSION=${KUBE_VERSION}
      Environment=KUBELET_ACI=${HYPERKUBE_IMAGE_REPO}
      ExecStart=/usr/lib/coreos/kubelet-wrapper \
        --api-servers=${KUBE_MASTER_URI} \
        --address=0.0.0.0 \
        --register-node=true \
        --allow-privileged=true \
        --config=/etc/kubernetes/manifests \
        --hostname-override=${KUBE_NODE_IP} \
        --logtostderr=true \
        --v=0 \
        --cadvisor-port=4194 \
        --kubeconfig=${KUBE_CONFIG} \
        --tls-cert-file=${TLS_CERT_FILE} \
        --tls-private-key-file=${TLS_PRIVATE_KEY_FILE}
      Restart=always
      RestartSec=10
      [Install]
      WantedBy=multi-user.target
      EOF

      systemctl enable kubelet
      systemctl --no-block start kubelet