github.com/arkadijs/deis@v1.5.1/contrib/coreos/user-data.example (about) 1 #cloud-config 2 --- 3 coreos: 4 etcd: 5 # generate a new token for each unique cluster from https://discovery.etcd.io/new 6 # uncomment the following line and replace it with your discovery URL 7 # discovery: https://discovery.etcd.io/12345693838asdfasfadf13939923 8 addr: $private_ipv4:4001 9 peer-addr: $private_ipv4:7001 10 # give etcd more time if it's under heavy load - prevent leader election thrashing 11 peer-election-timeout: 2000 12 # heartbeat interval should ideally be 1/4 or 1/5 of peer election timeout 13 peer-heartbeat-interval: 500 14 fleet: 15 # We have to set the public_ip here so this works on Vagrant -- otherwise, Vagrant VMs 16 # will all publish the same private IP. This is harmless for cloud providers. 17 public-ip: $private_ipv4 18 # allow etcd to slow down at times 19 etcd_request_timeout: 3.0 20 units: 21 - name: etcd.service 22 command: start 23 content: | 24 [Unit] 25 Description=etcd 26 [Service] 27 User=etcd 28 PermissionsStartOnly=true 29 Environment=ETCD_DATA_DIR=/var/lib/etcd 30 Environment=ETCD_NAME=%m 31 ExecStart=/usr/bin/etcd 32 Restart=always 33 RestartSec=10s 34 LimitNOFILE=40000 35 - name: upgrade-fleet-091.service 36 command: start 37 content: | 38 [Unit] 39 Description=Upgrade fleet if system fleet is v0.9.1, which has a known bug 40 Before=fleet.service 41 ConditionPathIsSymbolicLink=!/etc/systemd/system/fleet.service.d/99-upgrade-fleet-091.conf 42 43 [Service] 44 ExecStart=/usr/bin/bash -c 'if fleetd --version | grep -q 0.9.1; then curl -sSL --retry 5 --retry-delay 2 -o /run/deis/bin/fleetd-0.9.2 https://s3-us-west-2.amazonaws.com/opdemand/fleetd-v0.9.2 && chmod +x /run/deis/bin/fleetd-0.9.2 && mkdir -p /etc/systemd/system/fleet.service.d/ && ln -s /run/deis/conf/fleetd-092-custom-binary.conf /etc/systemd/system/fleet.service.d/99-upgrade-fleet-091.conf; else rm -f /etc/systemd/system/fleet.service.d/99-upgrade-fleet-091.conf; fi' 45 RemainAfterExit=yes 46 Type=oneshot 47 - name: stop-update-engine.service 48 command: start 49 content: | 50 [Unit] 51 Description=stop update-engine 52 53 [Service] 54 Type=oneshot 55 ExecStart=/usr/bin/systemctl stop update-engine.service 56 ExecStartPost=/usr/bin/systemctl mask update-engine.service 57 - name: install-deisctl.service 58 command: start 59 content: | 60 [Unit] 61 Description=Install deisctl utility 62 ConditionPathExists=!/opt/bin/deisctl 63 64 [Service] 65 Type=oneshot 66 ExecStart=/usr/bin/sh -c 'curl -sSL --retry 5 --retry-delay 2 http://deis.io/deisctl/install.sh | sh -s 1.5.1' 67 - name: ntpdate.service 68 command: start 69 - name: timedate-ntp-synchronization.service 70 command: start 71 content: | 72 [Unit] 73 Description=Synchronize system clock 74 After=ntpdate.service 75 76 [Service] 77 ExecStart=/usr/bin/timedatectl set-timezone UTC 78 ExecStart=/usr/bin/timedatectl set-ntp true 79 ExecStart=/sbin/hwclock --systohc --utc 80 RemainAfterExit=yes 81 Type=oneshot 82 - name: debug-etcd.service 83 content: | 84 [Unit] 85 Description=etcd debugging service 86 87 [Service] 88 ExecStartPre=/usr/bin/curl -sSL -o /opt/bin/jq http://stedolan.github.io/jq/download/linux64/jq 89 ExecStartPre=/usr/bin/chmod +x /opt/bin/jq 90 ExecStart=/usr/bin/bash -c "while true; do curl -sL http://127.0.0.1:4001/v2/stats/leader | /opt/bin/jq . ; sleep 1 ; done" 91 - name: increase-nf_conntrack-connections.service 92 command: start 93 content: | 94 [Unit] 95 Description=Increase the number of connections in nf_conntrack. default is 65536 96 97 [Service] 98 Type=oneshot 99 ExecStartPre=/usr/sbin/modprobe nf_conntrack 100 ExecStart=/bin/sh -c "sysctl -w net.netfilter.nf_conntrack_max=262144" 101 - name: load-overlay-module.service 102 command: start 103 content: | 104 [Unit] 105 Description=Load overlay module before docker start 106 Before=docker.service 107 108 [Service] 109 ExecStart=/bin/bash -c "lsmod | grep overlay || modprobe overlay" 110 - name: fleet.service 111 command: start 112 write_files: 113 - path: /etc/deis-release 114 content: | 115 DEIS_RELEASE=v1.5.1 116 - path: /etc/motd 117 content: " \e[31m* * \e[34m* \e[32m***** \e[39mddddd eeeeeee iiiiiii ssss\n\e[31m* * \e[34m* * \e[32m* * \e[39md d e e i s s\n \e[31m* * \e[34m***** \e[32m***** \e[39md d e i s\n\e[32m***** \e[31m* * \e[34m* \e[39md d e i s\n\e[32m* * \e[31m* * \e[34m* * \e[39md d eee i sss\n\e[32m***** \e[31m* * \e[34m***** \e[39md d e i s\n \e[34m* \e[32m***** \e[31m* * \e[39md d e i s\n \e[34m* * \e[32m* * \e[31m* * \e[39md d e e i s s\n\e[34m***** \e[32m***** \e[31m* * \e[39mddddd eeeeeee iiiiiii ssss\n\n\e[39mWelcome to Deis\t\t\tPowered by Core\e[38;5;45mO\e[38;5;206mS\e[39m\n" 118 - path: /etc/profile.d/nse-function.sh 119 permissions: '0755' 120 content: | 121 function nse() { 122 docker exec -it $1 bash 123 } 124 - path: /etc/systemd/system/docker.service.d/50-insecure-registry.conf 125 content: | 126 [Service] 127 EnvironmentFile=/etc/environment_proxy 128 Environment="DOCKER_OPTS=--insecure-registry 10.0.0.0/8 --insecure-registry 172.16.0.0/12 --insecure-registry 192.168.0.0/16 --insecure-registry 100.64.0.0/10" 129 - path: /run/deis/bin/get_image 130 permissions: '0755' 131 content: | 132 #!/bin/bash 133 # usage: get_image <component_path> 134 IMAGE=`etcdctl get $1/image 2>/dev/null` 135 136 # if no image was set in etcd, we use the default plus the release string 137 if [ $? -ne 0 ]; then 138 RELEASE=`etcdctl get /deis/platform/version 2>/dev/null` 139 140 # if no release was set in etcd, use the default provisioned with the server 141 if [ $? -ne 0 ]; then 142 source /etc/deis-release 143 RELEASE=$DEIS_RELEASE 144 fi 145 146 IMAGE=$1:$RELEASE 147 fi 148 149 # remove leading slash 150 echo ${IMAGE#/} 151 - path: /run/deis/bin/preseed 152 permissions: '0755' 153 content: | 154 #!/bin/bash 155 156 COMPONENTS=(builder cache controller database logger logspout publisher registry router store-daemon store-gateway store-metadata store-monitor) 157 for c in "${COMPONENTS[@]}"; do 158 image=`/run/deis/bin/get_image /deis/$c` 159 docker history $image >/dev/null 2>&1 || docker pull $image 160 done 161 - path: /opt/bin/deis-debug-logs 162 permissions: '0755' 163 content: | 164 #!/bin/bash 165 166 echo '--- VERSIONS ---' 167 source /etc/os-release 168 echo $PRETTY_NAME 169 source /etc/deis-release 170 echo "Deis $DEIS_RELEASE" 171 etcd -version 172 fleet -version 173 printf "\n" 174 175 echo '--- SYSTEM STATUS ---' 176 journalctl -n 50 -u etcd --no-pager 177 journalctl -n 50 -u fleet --no-pager 178 printf "\n" 179 180 echo '--- DEIS STATUS ---' 181 deisctl list 182 etcdctl ls --recursive /deis 183 printf "\n" 184 - path: /home/core/.toolboxrc 185 owner: core 186 content: | 187 TOOLBOX_DOCKER_IMAGE=ubuntu-debootstrap 188 TOOLBOX_DOCKER_TAG=14.04 189 TOOLBOX_USER=root 190 - path: /etc/environment_proxy 191 owner: core 192 content: | 193 HTTP_PROXY= 194 HTTPS_PROXY= 195 ALL_PROXY= 196 NO_PROXY= 197 http_proxy= 198 https_proxy= 199 all_proxy= 200 no_proxy= 201 - path: /etc/systemd/coredump.conf 202 content: | 203 [Coredump] 204 Storage=none 205 - path: /etc/systemd/system/ntpd.service.d/debug.conf 206 content: | 207 [Service] 208 ExecStart= 209 ExecStart=/usr/sbin/ntpd -g -n -f /var/lib/ntp/ntp.drift 210 - path: /run/deis/conf/fleetd-092-custom-binary.conf 211 content: | 212 [Service] 213 ExecStart= 214 ExecStart=/run/deis/bin/fleetd-0.9.2