Merge pull request kubernetes#2461 from MSOpenTech/deploy

Bring Azure deploy scripts up to date

README.md

@@ -28,8 +28,6 @@ While the concepts and architecture in Kubernetes represent years of experience
   * [CloudStack](docs/getting-started-guides/cloudstack.md)
   * [Rackspace](docs/getting-started-guides/rackspace.md)
   * [vSphere](docs/getting-started-guides/vsphere.md)
-
-* The following clouds are currently broken at Kubernetes head.  Please sync your client to `v0.3` (`git checkout v0.3`) to use these:
   * [Microsoft Azure](docs/getting-started-guides/azure.md)
 
 * [Kubernetes 101](examples/walkthrough)

icebox/cluster/azure/config-default.sh → cluster/azure/config-default.sh

@@ -14,15 +14,17 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-SCRIPT_DIR=$(CDPATH="" cd $(dirname $0); pwd)
-source $SCRIPT_DIR/../release/azure/config.sh
+INSTANCE_PREFIX=kubernetes
+AZ_LOCATION='West US'
+TAG=testing
+AZ_CS_PREFIX=kube
+AZ_VNET=MyVnet
+AZ_SUBNET=Subnet-1
+AZ_IMAGE=b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04_1-LTS-amd64-server-20140927-en-us-30GB
+AZ_CS="" # is set in azure/util.sh verify-prereqs
 
 AZ_SSH_KEY=$HOME/.ssh/azure_rsa
 AZ_SSH_CERT=$HOME/.ssh/azure.pem
-AZ_IMAGE=b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04_1-LTS-amd64-server-20140926-en-us-30GB
-AZ_SUBNET=Subnet-1
-AZ_VNET=kube-$AZ_HSH
-AZ_CS=kube-$AZ_HSH
 
 NUM_MINIONS=4
 
@@ -32,3 +34,5 @@ MINION_TAG="${INSTANCE_PREFIX}-minion"
 MINION_NAMES=($(eval echo ${INSTANCE_PREFIX}-minion-{1..${NUM_MINIONS}}))
 MINION_IP_RANGES=($(eval echo "10.244.{1..${NUM_MINIONS}}.0/24"))
 MINION_SCOPES=""
+
+PORTAL_NET="10.250.0.0/16"

cluster/azure/templates/common.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# Copyright 2014 Google Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Retry a download until we get it.
+#
+# $1 is the URL to download
+download-or-bust() {
+  local -r url="$1"
+  local -r file="${url##*/}"
+  rm -f "$file"
+  until [[ -e "${file}" ]]; do
+    curl --ipv4 -Lo "$file" --connect-timeout 20 --retry 6 --retry-delay 10 "$url"
+    md5sum "$file"
+  done
+}
+
+# Install salt from GCS.  See README.md for instructions on how to update these
+# debs.
+#
+# $1 If set to --master, also install the master
+install-salt() {
+  apt-get update
+
+  mkdir -p /var/cache/salt-install
+  cd /var/cache/salt-install
+
+  TARS=(
+    libzmq3_3.2.3+dfsg-1~bpo70~dst+1_amd64.deb
+    python-zmq_13.1.0-1~bpo70~dst+1_amd64.deb
+    salt-common_2014.1.13+ds-1~bpo70+1_all.deb
+    salt-minion_2014.1.13+ds-1~bpo70+1_all.deb
+  )
+  if [[ ${1-} == '--master' ]]; then
+    TARS+=(salt-master_2014.1.13+ds-1~bpo70+1_all.deb)
+  fi
+  URL_BASE="https://storage.googleapis.com/kubernetes-release/salt"
+
+  for tar in "${TARS[@]}"; do
+    download-or-bust "${URL_BASE}/${tar}"
+    dpkg -i "${tar}"
+  done
+
+  # This will install any of the unmet dependencies from above.
+  apt-get install -f -y
+}

cluster/azure/templates/create-dynamic-salt-files.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+# Copyright 2014 Google Inc. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Create the overlay files for the salt tree.  We create these in a separate
+# place so that we can blow away the rest of the salt configs on a kube-push and
+# re-apply these.
+
+mkdir -p /srv/salt-overlay/pillar
+cat <<EOF >/srv/salt-overlay/pillar/cluster-params.sls
+node_instance_prefix: $NODE_INSTANCE_PREFIX
+portal_net: $PORTAL_NET
+EOF
+
+mkdir -p /srv/salt-overlay/salt/nginx
+echo $MASTER_HTPASSWD > /srv/salt-overlay/salt/nginx/htpasswd

icebox/cluster/azure/templates/download-release.sh → cluster/azure/templates/download-release.sh

@@ -20,12 +20,16 @@
 # the release tar to download and unpack.  It is meant to be pushed to the
 # master and run.
 
-echo "Downloading release ($MASTER_RELEASE_TAR)"
-wget $MASTER_RELEASE_TAR
 
-echo "Unpacking release"
-rm -rf master-release || false
-tar xzf master-release.tgz
+echo "Downloading binary release tar ($SERVER_BINARY_TAR_URL)"
+download-or-bust "$SERVER_BINARY_TAR_URL"
+
+echo "Downloading binary release tar ($SALT_TAR_URL)"
+download-or-bust "$SALT_TAR_URL"
+
+echo "Unpacking Salt tree"
+rm -rf kubernetes
+tar xzf "${SALT_TAR_URL##*/}"
 
 echo "Running release install script"
-sudo master-release/src/scripts/master-release-install.sh
+sudo kubernetes/saltbase/install.sh "${SERVER_BINARY_TAR_URL##*/}"

icebox/cluster/azure/templates/salt-master.sh → cluster/azure/templates/salt-master.sh

@@ -35,7 +35,7 @@ cat <<EOF >/etc/salt/master.d/reactor.conf
 # React to new minions starting by running highstate on them.
 reactor:
   - 'salt/minion/*/start':
-    - /srv/reactor/start.sls
+    - /srv/reactor/highstate-new.sls
 EOF
 
 mkdir -p /srv/salt/nginx
@@ -49,12 +49,20 @@ echo "$SERVER_CRT" > /etc/openvpn/server.crt
 echo "$SERVER_KEY" > /etc/openvpn/server.key
 umask $umask
 
-# Install Salt
-#
-# We specify -X to avoid a race condition that can cause minion failure to
-# install.  See https://github.com/saltstack/salt-bootstrap/issues/270
-#
-# -M installs the master
-curl -L http://bootstrap.saltstack.com | sh -s -- -M -X
+cat <<EOF >/etc/salt/minion.d/log-level-debug.conf
+log_level: debug
+log_level_logfile: debug
+EOF
 
-echo $MASTER_HTPASSWD > /srv/salt/nginx/htpasswd
+cat <<EOF >/etc/salt/master.d/log-level-debug.d
+log_level: debug
+log_level_logfile: debug
+EOF
+
+install-salt --master
+
+# Wait a few minutes and trigger another Salt run to better recover from
+# any transient errors.
+echo "Sleeping 180"
+sleep 180
+salt-call state.highstate || true

icebox/cluster/azure/templates/salt-minion.sh → cluster/azure/templates/salt-minion.sh

@@ -26,11 +26,13 @@ umask $umask
 mkdir -p /etc/salt/minion.d
 echo "master: $MASTER_NAME" > /etc/salt/minion.d/master.conf
 
-# Turn on debugging for salt-minion
-# echo "DAEMON_ARGS=\"\$DAEMON_ARGS --log-file-level=debug\"" > /etc/default/salt-minion
+cat <<EOF >/etc/salt/minion.d/log-level-debug.conf
+log_level: debug
+log_level_logfile: debug
+EOF
 
 hostnamef=$(hostname -f)
-sudo apt-get install ipcalc
+apt-get install -y ipcalc
 netmask=$(ipcalc $MINION_IP_RANGE | grep Netmask | awk '{ print $2 }')
 network=$(ipcalc $MINION_IP_RANGE | grep Address | awk '{ print $2 }')
 cbrstring="$network $netmask"
@@ -46,8 +48,10 @@ grains:
   cbr-string: $cbrstring
 EOF
 
-# Install Salt
-#
-# We specify -X to avoid a race condition that can cause minion failure to
-# install.  See https://github.com/saltstack/salt-bootstrap/issues/270
-curl -L http://bootstrap.saltstack.com | sh -s -- -X
+install-salt
+
+# Wait a few minutes and trigger another Salt run to better recover from
+# any transient errors.
+echo "Sleeping 180"
+sleep 180
+salt-call state.highstate || true