Streamline systemd service file creation

We can remove a few sed and mv commands by using the same invocation as
in [docs/05-kubernetes-worker.md](docs/05-kubernetes-worker.md)
(`sudo sh -c "echo '...' > /etc/systemd/..."`) except here using some
variable interpolation.
pull/38/head
Lisa Seelye 2016-07-16 14:39:36 -04:00
parent cd019aa31a
commit 4b836b9993
2 changed files with 61 additions and 102 deletions

View File

@ -60,36 +60,6 @@ sudo mkdir -p /var/lib/etcd
Create the etcd systemd unit file: Create the etcd systemd unit file:
```
cat > etcd.service <<"EOF"
[Unit]
Description=etcd
Documentation=https://github.com/coreos
[Service]
ExecStart=/usr/bin/etcd --name ETCD_NAME \
--cert-file=/etc/etcd/kubernetes.pem \
--key-file=/etc/etcd/kubernetes-key.pem \
--peer-cert-file=/etc/etcd/kubernetes.pem \
--peer-key-file=/etc/etcd/kubernetes-key.pem \
--trusted-ca-file=/etc/etcd/ca.pem \
--peer-trusted-ca-file=/etc/etcd/ca.pem \
--initial-advertise-peer-urls https://INTERNAL_IP:2380 \
--listen-peer-urls https://INTERNAL_IP:2380 \
--listen-client-urls https://INTERNAL_IP:2379,http://127.0.0.1:2379 \
--advertise-client-urls https://INTERNAL_IP:2379 \
--initial-cluster-token etcd-cluster-0 \
--initial-cluster etcd0=https://10.240.0.10:2380,etcd1=https://10.240.0.11:2380,etcd2=https://10.240.0.12:2380 \
--initial-cluster-state new \
--data-dir=/var/lib/etcd
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
```
``` ```
export INTERNAL_IP=$(curl -s -H "Metadata-Flavor: Google" \ export INTERNAL_IP=$(curl -s -H "Metadata-Flavor: Google" \
http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip) http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ip)
@ -99,16 +69,33 @@ export INTERNAL_IP=$(curl -s -H "Metadata-Flavor: Google" \
export ETCD_NAME=$(hostname -s) export ETCD_NAME=$(hostname -s)
``` ```
```
sed -i s/INTERNAL_IP/$INTERNAL_IP/g etcd.service
```
``` ```
sed -i s/ETCD_NAME/$ETCD_NAME/g etcd.service sudo sh -c "echo '[Unit]
``` Description=etcd
Documentation=https://github.com/coreos
``` [Service]
sudo mv etcd.service /etc/systemd/system/ ExecStart=/usr/bin/etcd --name $ETCD_NAME \\
--cert-file=/etc/etcd/kubernetes.pem \\
--key-file=/etc/etcd/kubernetes-key.pem \\
--peer-cert-file=/etc/etcd/kubernetes.pem \\
--peer-key-file=/etc/etcd/kubernetes-key.pem \\
--trusted-ca-file=/etc/etcd/ca.pem \\
--peer-trusted-ca-file=/etc/etcd/ca.pem \\
--initial-advertise-peer-urls https://$INTERNAL_IP:2380 \\
--listen-peer-urls https://$INTERNAL_IP:2380 \\
--listen-client-urls https://$INTERNAL_IP:2379,http://127.0.0.1:2379 \\
--advertise-client-urls https://$INTERNAL_IP:2379 \\
--initial-cluster-token etcd-cluster-0 \\
--initial-cluster etcd0=https://10.240.0.10:2380,etcd1=https://10.240.0.11:2380,etcd2=https://10.240.0.12:2380 \\
--initial-cluster-state new \\
--data-dir=/var/lib/etcd
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target' > /etc/systemd/system/etcd.service"
``` ```
Start etcd: Start etcd:

View File

@ -113,49 +113,42 @@ export INTERNAL_IP=$(curl -s -H "Metadata-Flavor: Google" \
Create the systemd unit file: Create the systemd unit file:
``` ```
cat > kube-apiserver.service <<"EOF" sudo sh -c "echo '[Unit]
[Unit]
Description=Kubernetes API Server Description=Kubernetes API Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes Documentation=https://github.com/GoogleCloudPlatform/kubernetes
[Service] [Service]
ExecStart=/usr/bin/kube-apiserver \ ExecStart=/usr/bin/kube-apiserver \\
--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota \ --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota \\
--advertise-address=INTERNAL_IP \ --advertise-address=$INTERNAL_IP \\
--allow-privileged=true \ --allow-privileged=true \\
--apiserver-count=3 \ --apiserver-count=3 \\
--authorization-mode=ABAC \ --authorization-mode=ABAC \\
--authorization-policy-file=/var/lib/kubernetes/authorization-policy.jsonl \ --authorization-policy-file=/var/lib/kubernetes/authorization-policy.jsonl \\
--bind-address=0.0.0.0 \ --bind-address=0.0.0.0 \\
--enable-swagger-ui=true \ --enable-swagger-ui=true \\
--etcd-cafile=/var/lib/kubernetes/ca.pem \ --etcd-cafile=/var/lib/kubernetes/ca.pem \\
--insecure-bind-address=0.0.0.0 \ --insecure-bind-address=0.0.0.0 \\
--kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \ --kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \\
--etcd-servers=https://10.240.0.10:2379,https://10.240.0.11:2379,https://10.240.0.12:2379 \ --etcd-servers=https://10.240.0.10:2379,https://10.240.0.11:2379,https://10.240.0.12:2379 \\
--service-account-key-file=/var/lib/kubernetes/kubernetes-key.pem \ --service-account-key-file=/var/lib/kubernetes/kubernetes-key.pem \\
--service-cluster-ip-range=10.32.0.0/24 \ --service-cluster-ip-range=10.32.0.0/24 \\
--service-node-port-range=30000-32767 \ --service-node-port-range=30000-32767 \\
--tls-cert-file=/var/lib/kubernetes/kubernetes.pem \ --tls-cert-file=/var/lib/kubernetes/kubernetes.pem \\
--tls-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \ --tls-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \\
--token-auth-file=/var/lib/kubernetes/token.csv \ --token-auth-file=/var/lib/kubernetes/token.csv \\
--v=2 --v=2
Restart=on-failure Restart=on-failure
RestartSec=5 RestartSec=5
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target' > /etc/systemd/system/kube-apiserver.service"
EOF
```
```
sed -i s/INTERNAL_IP/$INTERNAL_IP/g kube-apiserver.service
``` ```
``` ```
sudo mv kube-apiserver.service /etc/systemd/system/ sudo mv kube-apiserver.service /etc/systemd/system/
``` ```
``` ```
sudo systemctl daemon-reload sudo systemctl daemon-reload
sudo systemctl enable kube-apiserver sudo systemctl enable kube-apiserver
@ -169,39 +162,28 @@ sudo systemctl status kube-apiserver --no-pager
### Kubernetes Controller Manager ### Kubernetes Controller Manager
``` ```
cat > kube-controller-manager.service <<"EOF" sudo su -c "echo '[Unit]
[Unit]
Description=Kubernetes Controller Manager Description=Kubernetes Controller Manager
Documentation=https://github.com/GoogleCloudPlatform/kubernetes Documentation=https://github.com/GoogleCloudPlatform/kubernetes
[Service] [Service]
ExecStart=/usr/bin/kube-controller-manager \ ExecStart=/usr/bin/kube-controller-manager \\
--allocate-node-cidrs=true \ --allocate-node-cidrs=true \\
--cluster-cidr=10.200.0.0/16 \ --cluster-cidr=10.200.0.0/16 \\
--cluster-name=kubernetes \ --cluster-name=kubernetes \\
--leader-elect=true \ --leader-elect=true \\
--master=http://INTERNAL_IP:8080 \ --master=http://$INTERNAL_IP:8080 \\
--root-ca-file=/var/lib/kubernetes/ca.pem \ --root-ca-file=/var/lib/kubernetes/ca.pem \\
--service-account-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \ --service-account-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \\
--service-cluster-ip-range=10.32.0.0/24 \ --service-cluster-ip-range=10.32.0.0/24 \\
--v=2 --v=2
Restart=on-failure Restart=on-failure
RestartSec=5 RestartSec=5
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target' > /etc/systemd/system/kube-controller-manager.service"
EOF
``` ```
```
sed -i s/INTERNAL_IP/$INTERNAL_IP/g kube-controller-manager.service
```
```
sudo mv kube-controller-manager.service /etc/systemd/system/
```
``` ```
sudo systemctl daemon-reload sudo systemctl daemon-reload
sudo systemctl enable kube-controller-manager sudo systemctl enable kube-controller-manager
@ -215,30 +197,20 @@ sudo systemctl status kube-controller-manager --no-pager
### Kubernetes Scheduler ### Kubernetes Scheduler
``` ```
cat > kube-scheduler.service <<"EOF" sudo sh -c "echo '[Unit]
[Unit]
Description=Kubernetes Scheduler Description=Kubernetes Scheduler
Documentation=https://github.com/GoogleCloudPlatform/kubernetes Documentation=https://github.com/GoogleCloudPlatform/kubernetes
[Service] [Service]
ExecStart=/usr/bin/kube-scheduler \ ExecStart=/usr/bin/kube-scheduler \\
--leader-elect=true \ --leader-elect=true \\
--master=http://INTERNAL_IP:8080 \ --master=http://$INTERNAL_IP:8080 \\
--v=2 --v=2
Restart=on-failure Restart=on-failure
RestartSec=5 RestartSec=5
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target' > /etc/systemd/system/kube-scheduler.service"
EOF
```
```
sed -i s/INTERNAL_IP/$INTERNAL_IP/g kube-scheduler.service
```
```
sudo mv kube-scheduler.service /etc/systemd/system/
``` ```
``` ```