forked from kubernetes/test-infra
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstart.sh
executable file
·138 lines (115 loc) · 4.4 KB
/
start.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
#!/bin/bash
# Copyright 2017 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
wait_for_docker ()
{
# Start docker.
systemctl enable docker
systemctl start docker
# Wait for docker.
until docker version; do sleep 1 ;done
}
start_kubelet ()
{
# Start the kubelet.
mkdir -p /etc/kubernetes/manifests
mkdir -p /etc/srv/kubernetes
# Change the kubelet to not fail with swap on.
cat > /etc/systemd/system/kubelet.service.d/20-kubeadm.conf << EOM
[Service]
Environment="KUBELET_EXTRA_ARGS=-v4 --fail-swap-on=false"
EOM
systemctl enable kubelet
systemctl start kubelet
}
start_node ()
{
mount --make-rshared /lib/modules
wait_for_docker
start_kubelet
mount --make-rshared /etc/kubernetes
mount --make-shared /run
mount --make-shared /
mount --make-shared /var/lib/docker
mount --make-shared /var/lib/kubelet
# To support arbitrary host mounts, we would need all mounts shared.
#mount --make-rshared /
# kube-proxy attempts to write some values into sysfs for performance. But these
# values cannot be written outside of the original netns, even if the fs is rw.
# This causes kube-proxy to panic if run inside dind.
#
# Historically, --max-conntrack or --conntrack-max-per-core could be set to 0,
# and kube-proxy would skip the write (#25543). kube-proxy no longer respects
# the CLI arguments if a config file is present.
#
# Instead, we can make sysfs ro, so that kube-proxy will forego write attempts.
mount -o remount,ro /sys
}
start_worker ()
{
start_node
# Load docker images
docker load -i /kube-proxy.tar
# Kubeadm expects kube-proxy-amd64, but bazel names it kube-proxy
docker tag k8s.gcr.io/kube-proxy:$(cat /docker_version) k8s.gcr.io/kube-proxy-amd64:$(cat /docker_version)
# Start kubeadm.
/usr/bin/kubeadm join --token=abcdef.abcdefghijklmnop --discovery-token-unsafe-skip-ca-verification=true --ignore-preflight-errors=all 172.18.0.2:6443 2>&1
}
start_master ()
{
start_node
# Load the docker images
docker load -i /kube-apiserver.tar
docker load -i /kube-controller-manager.tar
docker load -i /kube-proxy.tar
docker load -i /kube-scheduler.tar
# kubeadm expects all image names to be tagged as amd64, but bazel doesn't
# build with that suffix yet.
docker tag k8s.gcr.io/kube-apiserver:$(cat /docker_version) k8s.gcr.io/kube-apiserver-amd64:$(cat /docker_version)
docker tag k8s.gcr.io/kube-controller-manager:$(cat /docker_version) k8s.gcr.io/kube-controller-manager-amd64:$(cat /docker_version)
docker tag k8s.gcr.io/kube-proxy:$(cat /docker_version) k8s.gcr.io/kube-proxy-amd64:$(cat /docker_version)
docker tag k8s.gcr.io/kube-scheduler:$(cat /docker_version) k8s.gcr.io/kube-scheduler-amd64:$(cat /docker_version)
# Run kubeadm init to config a master.
/usr/bin/kubeadm init --token=abcdef.abcdefghijklmnop --ignore-preflight-errors=all --kubernetes-version=$(cat source_version | sed 's/^.//') --pod-network-cidr=192.168.0.0/16 --apiserver-cert-extra-sans $1 2>&1
# We'll want to read the kube-config from outside the container, so open read
# permissions on admin.conf.
chmod a+r /etc/kubernetes/admin.conf
# Apply a pod network.
kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f https://docs.projectcalico.org/v3.0/getting-started/kubernetes/installation/hosted/kubeadm/1.7/calico.yaml
# Install the metrics server, and the HPA.
kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /addons/metrics-server/
}
start_cluster ()
{
mount --make-rshared /
/cluster-up -logtostderr -v=2 2>&1
}
start_host()
{
mount --make-rshared /lib/modules
wait_for_docker
start_cluster
}
# Start a new process to do work.
if [[ $1 == "worker" ]] ; then
start_worker
elif [[ $1 == "master" ]] ; then
start_master $2
elif [[ $1 == "dind" ]] ; then
# Don't run dindind. Just run a cluster from the current docker level.
start_cluster
else
# Run dindind, where the cluster lives under a single container.
start_host
fi