108 lines
3.1 KiB
Bash
Executable file
108 lines
3.1 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
echo ""
|
|
echo "... ] INSTALLING KUBELET WORKER [ ..."
|
|
|
|
HOME=$( cd "$(dirname "$0")" && pwd )
|
|
source $HOME/../config
|
|
|
|
if [ -f $HOME/../config-coreapps ]; then
|
|
echo "config-coreapps file FOUND :)"
|
|
source $HOME/../config-coreapps
|
|
else
|
|
echo "config-coreapps file is missing."
|
|
exit 1
|
|
fi
|
|
|
|
systemctl stop kubelet
|
|
|
|
gzip -v -c -d $HOME/../blobs/kubelet.gz > /usr/local/bin/kubelet
|
|
chmod +x /usr/local/bin/kubelet
|
|
|
|
#generate kubelet's kubeconfig file
|
|
rm ${CONF_DIR}/kubelet/kubeconfig
|
|
TOKEN=`cat ${CA_DIR}/kubelet.token`
|
|
kubectl config set-cluster ${CLUSTER_NAME}.virtual.local --certificate-authority=${CA_DIR}/ca.crt --embed-certs=true --server=https://localhost:16443 --kubeconfig=${CONF_DIR}/kubelet/kubeconfig
|
|
kubectl config set-credentials kubelet --client-certificate=${CA_DIR}/kubelet.crt --client-key=${CA_DIR}/kubelet.key --embed-certs=true --token=$TOKEN --kubeconfig=${CONF_DIR}/kubelet/kubeconfig
|
|
kubectl config set-context ${CLUSTER_NAME}.virtual.local --cluster=${CLUSTER_NAME}.virtual.local --user=kubelet --kubeconfig=${CONF_DIR}/kubelet/kubeconfig
|
|
kubectl config use-context ${CLUSTER_NAME}.virtual.local --kubeconfig=${CONF_DIR}/kubelet/kubeconfig
|
|
|
|
#generate kubelet's config file
|
|
rm ${CONF_DIR}/kubelet/kubelet-config.yaml
|
|
cat <<EOF | tee ${CONF_DIR}/kubelet/kubelet-config.yaml
|
|
kind: KubeletConfiguration
|
|
apiVersion: kubelet.config.k8s.io/v1beta1
|
|
address: ${NODE_IP}
|
|
readOnlyPort: 0
|
|
authentication:
|
|
anonymous:
|
|
enabled: false
|
|
webhook:
|
|
enabled: true
|
|
x509:
|
|
clientCAFile: "${CA_DIR}/ca.crt"
|
|
authorization:
|
|
mode: Webhook
|
|
tlsCertFile: "${CA_DIR}/kubelet.crt"
|
|
tlsPrivateKeyFile: "${CA_DIR}/kubelet.key"
|
|
clusterDomain: "cluster.local"
|
|
clusterDNS:
|
|
- "172.18.0.10"
|
|
eventRecordQPS: 0
|
|
enableDebuggingHandlers: true
|
|
runtimeRequestTimeout: "15m"
|
|
staticPodPath: "${CONF_DIR}/manifests"
|
|
evictionHard:
|
|
memory.available: "200Mi"
|
|
nodefs.available: "10%"
|
|
nodefs.inodesFree: "10%"
|
|
imagefs.available: "15%"
|
|
EOF
|
|
|
|
cat <<EOF | tee /etc/systemd/system/kubelet.service
|
|
[Unit]
|
|
Description=Kubernetes Kubelet
|
|
After=docker.service
|
|
Requires=docker.service
|
|
|
|
[Service]
|
|
ExecStart=/usr/local/bin/kubelet \\
|
|
--config=${CONF_DIR}/kubelet/kubelet-config.yaml \\
|
|
--kubeconfig=${CONF_DIR}/kubelet/kubeconfig \\
|
|
--container-runtime=docker \\
|
|
--container-runtime-endpoint=unix:///var/run/dockershim.sock \\
|
|
--image-pull-progress-deadline=2m \\
|
|
--network-plugin=cni \\
|
|
--register-node=true \\
|
|
--allowed-unsafe-sysctls 'net.*' \\
|
|
--hostname-override=${NODE_NAME_SHORT} \\
|
|
--logtostderr=true \\
|
|
--v=2
|
|
|
|
Restart=on-failure
|
|
RestartSec=5
|
|
KillMode=process
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
#generate config.json inside kubelet dir to access private registries
|
|
mkdir /var/lib/kubelet
|
|
chmod 750 /var/lib/kubelet
|
|
CONF64=`echo -n "$REGISTRY_USER:$REGISTRY_PASS" | base64 -w0 `
|
|
echo '{
|
|
"auths": {
|
|
"k8x_registry": {
|
|
"auth": "k8x_auth64"
|
|
}
|
|
},
|
|
"HttpHeaders": {
|
|
"User-Agent": "Docker-Client/18.09.6-ce (linux)"
|
|
}
|
|
}' | sed -e "s/k8x_registry/${REGISTRY_SERVER}/g" | sed -e "s/k8x_auth64/${CONF64}/g" > /var/lib/kubelet/config.json
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable kubelet
|
|
systemctl start kubelet
|