Home Explore Help
Register Sign In
shixiong
/
okd
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add a local bootstrap-node-config.yml on all bootstrap nodes

This is the configuration that is baked into AMIs and starts the node
waiting for content. If a subsequent task lays down a node-config.yaml
into /etc/origin/node, the bootstrap config is ignored.
Clayton Coleman 7 years ago
parent
343655d1a8
commit
984e6d177f
3 changed files with 32 additions and 12 deletions
Split View Show Diff Stats
  1. 4 0
      playbooks/openshift-node/private/image_prep.yml
  2. 11 0
      roles/openshift_node_group/tasks/bootstrap.yml
  3. 17 12
      roles/openshift_node_group/templates/node-config.yaml.j2

+ 4 - 0
playbooks/openshift-node/private/image_prep.yml
View File 

@@ -25,6 +25,10 @@
 
     - import_role:
 
         name: openshift_node
 
         tasks_from: bootstrap.yml
 
+    - import_role:
 
+        name: openshift_node_group
 
+        tasks_from: bootstrap.yml
 
+
 
 
 - name: Re-enable excluders
 
   import_playbook: enable_excluders.yml

+ 11 - 0
roles/openshift_node_group/tasks/bootstrap.yml
View File 

@@ -0,0 +1,11 @@
 
+---
 
+- name: create node config template
 
+  template:
 
+    src: node-config.yaml.j2
 
+    dest: "/etc/origin/node/bootstrap-node-config.yaml"
 
+    mode: 0600
 
+
 
+- name: remove existing node config
 
+  file:
 
+    dest: "/etc/origin/node/node-config.yaml"
 
+    state: absent

+ 17 - 12
roles/openshift_node_group/templates/node-config.yaml.j2
View File 

@@ -1,4 +1,4 @@
 
-allowDisabledDocker: false
 
+kind: NodeConfig
 
 apiVersion: v1
 
 authConfig:
 
   authenticationCacheSize: 1000
 
@@ -19,13 +19,25 @@ imageConfig:
 
   format: "{{ openshift_imageconfig_format }}"
 
   latest: false
 
 iptablesSyncPeriod: 30s
 
-kind: NodeConfig
 
 kubeletArguments:
 
+  pod-manifest-path:
 
+  - /etc/origin/node/pods
 
+  bootstrap-kubeconfig:
 
+  - /etc/origin/node/bootstrap.kubeconfig
 
+  feature-gates:
 
+  - RotateKubeletClientCertificate=true,RotateKubeletServerCertificate=true
 
+  rotate-certificates:
 
+  - "true"
 
+  cert-dir:
 
+  - /etc/origin/node/certificates
 
   cloud-config:
 
   - /etc/origin/cloudprovider/{{ openshift_node_group_cloud_provider }}.conf
 
   cloud-provider:
 
   - {{ openshift_node_group_cloud_provider }}
 
-  node-labels: {{ openshift_node_group_labels | to_json }}
 
+  node-labels: 
+  - "{{ openshift_node_group_labels | join(',') }}"
 
+  enable-controller-attach-detach:
 
+  - 'true'
 
 masterClientConnectionOverrides:
 
   acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
 
   burst: 40
 
@@ -35,19 +47,12 @@ masterKubeConfig: node.kubeconfig
 
 networkConfig:
 
   mtu: {{ openshift_node_group_network_mtu }}
 
   networkPluginName: {{ openshift_node_group_network_plugin }}
 
-nodeIP: ""
 
-podManifestConfig: null
 
+networkPluginName: {{ openshift_node_group_network_plugin }}
 
 servingInfo:
 
   bindAddress: 0.0.0.0:10250
 
   bindNetwork: tcp4
 
-  certFile: server.crt
 
-  clientCA: node-client-ca.crt
 
-  keyFile: server.key
 
-  namedCertificates: null
 
+  clientCA: client-ca.crt
 
 volumeConfig:
 
   localQuota:
 
     perFSGroup: null
 
 volumeDirectory: {{ openshift_node_group_node_data_dir }}/openshift.local.volumes
 
-enable-controller-attach-detach:
 
-- 'true'
 
-networkPluginName: {{ openshift_node_group_network_plugin }}