github.com/abayer/test-infra@v0.0.5/dind/start.sh (about) 1 #!/bin/bash 2 3 # Copyright 2017 The Kubernetes Authors. 4 # 5 # Licensed under the Apache License, Version 2.0 (the "License"); 6 # you may not use this file except in compliance with the License. 7 # You may obtain a copy of the License at 8 # 9 # http://www.apache.org/licenses/LICENSE-2.0 10 # 11 # Unless required by applicable law or agreed to in writing, software 12 # distributed under the License is distributed on an "AS IS" BASIS, 13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 # See the License for the specific language governing permissions and 15 # limitations under the License. 16 17 wait_for_docker () 18 { 19 # Start docker. 20 systemctl enable docker 21 systemctl start docker 22 23 # Wait for docker. 24 until docker version; do sleep 1 ;done 25 } 26 27 start_kubelet () 28 { 29 # Start the kubelet. 30 mkdir -p /etc/kubernetes/manifests 31 mkdir -p /etc/srv/kubernetes 32 33 # Change the kubelet to not fail with swap on. 34 cat > /etc/systemd/system/kubelet.service.d/20-kubeadm.conf << EOM 35 [Service] 36 Environment="KUBELET_EXTRA_ARGS=-v4 --fail-swap-on=false" 37 EOM 38 systemctl enable kubelet 39 systemctl start kubelet 40 } 41 42 start_node () 43 { 44 mount --make-rshared /lib/modules 45 wait_for_docker 46 start_kubelet 47 mount --make-rshared /etc/kubernetes 48 mount --make-shared /run 49 mount --make-shared / 50 mount --make-shared /var/lib/docker 51 mount --make-shared /var/lib/kubelet 52 53 # To support arbitrary host mounts, we would need all mounts shared. 54 #mount --make-rshared / 55 56 # kube-proxy attempts to write some values into sysfs for performance. But these 57 # values cannot be written outside of the original netns, even if the fs is rw. 58 # This causes kube-proxy to panic if run inside dind. 59 # 60 # Historically, --max-conntrack or --conntrack-max-per-core could be set to 0, 61 # and kube-proxy would skip the write (#25543). kube-proxy no longer respects 62 # the CLI arguments if a config file is present. 63 # 64 # Instead, we can make sysfs ro, so that kube-proxy will forego write attempts. 65 mount -o remount,ro /sys 66 } 67 68 start_worker () 69 { 70 start_node 71 72 # Load docker images 73 docker load -i /kube-proxy.tar 74 75 # Kubeadm expects kube-proxy-amd64, but bazel names it kube-proxy 76 docker tag k8s.gcr.io/kube-proxy:$(cat /docker_version) k8s.gcr.io/kube-proxy-amd64:$(cat /docker_version) 77 78 # Start kubeadm. 79 /usr/bin/kubeadm join --token=abcdef.abcdefghijklmnop --discovery-token-unsafe-skip-ca-verification=true --ignore-preflight-errors=all 172.18.0.2:6443 2>&1 80 } 81 82 start_master () 83 { 84 start_node 85 86 # Load the docker images 87 docker load -i /kube-apiserver.tar 88 docker load -i /kube-controller-manager.tar 89 docker load -i /kube-proxy.tar 90 docker load -i /kube-scheduler.tar 91 # kubeadm expects all image names to be tagged as amd64, but bazel doesn't 92 # build with that suffix yet. 93 docker tag k8s.gcr.io/kube-apiserver:$(cat /docker_version) k8s.gcr.io/kube-apiserver-amd64:$(cat /docker_version) 94 docker tag k8s.gcr.io/kube-controller-manager:$(cat /docker_version) k8s.gcr.io/kube-controller-manager-amd64:$(cat /docker_version) 95 docker tag k8s.gcr.io/kube-proxy:$(cat /docker_version) k8s.gcr.io/kube-proxy-amd64:$(cat /docker_version) 96 docker tag k8s.gcr.io/kube-scheduler:$(cat /docker_version) k8s.gcr.io/kube-scheduler-amd64:$(cat /docker_version) 97 98 # Run kubeadm init to config a master. 99 /usr/bin/kubeadm init --token=abcdef.abcdefghijklmnop --ignore-preflight-errors=all --kubernetes-version=$(cat source_version | sed 's/^.//') --pod-network-cidr=192.168.0.0/16 --apiserver-cert-extra-sans $1 2>&1 100 101 # We'll want to read the kube-config from outside the container, so open read 102 # permissions on admin.conf. 103 chmod a+r /etc/kubernetes/admin.conf 104 105 # Apply a pod network. 106 kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f https://docs.projectcalico.org/v3.0/getting-started/kubernetes/installation/hosted/kubeadm/1.7/calico.yaml 107 108 # Install the metrics server, and the HPA. 109 kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f /addons/metrics-server/ 110 } 111 112 start_cluster () 113 { 114 mount --make-rshared / 115 /cluster-up -logtostderr -v=2 2>&1 116 } 117 118 start_host() 119 { 120 mount --make-rshared /lib/modules 121 wait_for_docker 122 123 start_cluster 124 } 125 126 127 # Start a new process to do work. 128 if [[ $1 == "worker" ]] ; then 129 start_worker 130 elif [[ $1 == "master" ]] ; then 131 start_master $2 132 elif [[ $1 == "dind" ]] ; then 133 # Don't run dindind. Just run a cluster from the current docker level. 134 start_cluster 135 else 136 # Run dindind, where the cluster lives under a single container. 137 start_host 138 fi