shixiong
/
okd


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135
							kind: DaemonSet
apiVersion: apps/v1
metadata:
  name: sync
  namespace: openshift-node
  annotations:
    kubernetes.io/description: |
      This daemon set provides dynamic configuration of nodes and relabels nodes as appropriate.
    image.openshift.io/triggers: |
      [
        {"from":{"kind":"ImageStreamTag","name":"node:v3.10"},"fieldPath":"spec.template.spec.containers[?(@.name==\"sync\")].image"}
      ]
spec:
  selector:
    matchLabels:
      app: sync
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: sync
        component: network
        type: infra
        openshift.io/component: sync
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ''
    spec:
      serviceAccountName: sync
      terminationGracePeriodSeconds: 1
      # Must be hostPID because it invokes operations on processes in the host space.
      hostPID: true
      # Must be hostNetwork in order to schedule before any network plugins are loaded.
      hostNetwork: true
      containers:

      # The sync container is a temporary config loop until Kubelet dynamic config is implemented. It refreshes
      # the contents of /etc/origin/node/ with the config map ${BOOTSTRAP_CONFIG_NAME} from the openshift-node
      # namespace. It will restart the Kubelet on the host if it detects the node-config.yaml has changed.
      #
      # 1. Dynamic Kubelet config must pull down a full configmap
      # 2. Nodes must relabel themselves https://github.com/kubernetes/kubernetes/issues/59314
      #
      - name: sync
        image: " "
        command:
        - /bin/bash
        - -c
        - |
          #!/bin/bash
          set -euo pipefail

          # loop until BOOTSTRAP_CONFIG_NAME is set
          set -o allexport
          while true; do
            if [[ -f /etc/sysconfig/origin-node ]]; then
              source /etc/sysconfig/origin-node
              if [[ -z "${BOOTSTRAP_CONFIG_NAME-}" ]]; then
                echo "info: Waiting for BOOTSTRAP_CONFIG_NAME to be set" 2>&1
                sleep 15
                continue
              fi
              break
            fi
          done

          # track the current state of the config
          if [[ -f /etc/origin/node/node-config.yaml ]]; then
            md5sum /etc/origin/node/node-config.yaml > /tmp/.old
          else
            touch /tmp/.old
          fi

          # periodically refresh both node-config.yaml and relabel the node
          while true; do
            name=${BOOTSTRAP_CONFIG_NAME}
            if ! oc extract --config=/etc/origin/node/node.kubeconfig "cm/${BOOTSTRAP_CONFIG_NAME}" -n openshift-node --to=/etc/origin/node --confirm; then
              echo "error: Unable to retrieve latest config for node" 2>&1
              sleep 15
              continue
            fi
            # detect whether the node-config.yaml has changed, and if so trigger a restart of the kubelet.
            md5sum /etc/origin/node/node-config.yaml > /tmp/.new
            if [[ "$( cat /tmp/.old )" != "$( cat /tmp/.new )" ]]; then
              echo "info: Configuration changed, restarting kubelet" 2>&1
              # TODO: kubelet doesn't relabel nodes, best effort for now
              # https://github.com/kubernetes/kubernetes/issues/59314
              if args="$(openshift start node --write-flags --config /etc/origin/node/node-config.yaml)"; then
                labels=' --node-labels=([^ ]+) '
                if [[ ${args} =~ ${labels} ]]; then
                  labels="${BASH_REMATCH[1]//,/ }"
                  echo "info: Applying node labels $labels" 2>&1
                  if ! oc label --config=/etc/origin/node/node.kubeconfig "node/${NODE_NAME}" ${labels} --overwrite; then
                    echo "error: Unable to apply labels, will retry in 10" 2>&1
                    sleep 10
                    continue
                  fi
                fi
              fi
              if ! pgrep -U 0 -f 'hyperkube kubelet ' | xargs kill; then
                echo "error: Unable to restart Kubelet" 2>&1
              fi
            fi
            cp -f /tmp/.new /tmp/.old
            sleep 180
          done

        env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              fieldPath: spec.nodeName
        securityContext:
          runAsUser: 0
          privileged: true
        volumeMounts:
        # Directory which contains the host configuration. We read from this directory
        - mountPath: /etc/origin/node/
          name: host-config
        - mountPath: /etc/sysconfig/origin-node
          name: host-sysconfig-node
          readOnly: true

      volumes:
      # In bootstrap mode, the host config contains information not easily available
      # from other locations.
      - name: host-config
        hostPath:
          path: /etc/origin/node
      - name: host-sysconfig-node
        hostPath:
          path: /etc/sysconfig/origin-node
      - name: host-modules
        hostPath:
          path: /lib/modules