kubernetes-retired · colemickens · May 24, 2016 · May 24, 2016 · Jun 14, 2016 · Jun 16, 2016
diff --git a/min-turnup/Dockerfile b/min-turnup/Dockerfile
@@ -0,0 +1,53 @@
+FROM docker.io/buildpack-deps:xenial
+
+RUN bash -c "\
+	apt-get update && apt-get -y upgrade && \
+	apt-get install -y make unzip jq && \
+	rm -rf /var/lib/apt/lists/*"
+
+ENV TERRAFORM_VERSION 0.7.0-rc1
+RUN bash -c "\
+	wget -q -O /tmp/terraform.zip \"https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip\" && \
+	unzip /tmp/terraform.zip -d /usr/local/bin/ && \
+	rm /tmp/terraform.zip"
+
+################################################################################################
+# TEMP: For now get terraform from source so we get ipv4 forwarding for Azure
+################################################################################################
+#RUN bash -c "\
+#	apt-get update && apt-get -y upgrade && \
+#	apt-get install -y nodejs npm golang-go && \
+#	rm -rf /var/lib/apt/lists/*"
+#ENV GOPATH "/root/gopkgs"
+#ENV PATH "$GOPATH/bin:$PATH"
+#RUN bash -c "mkdir -p $GOPATH/src/github.com/hashicorp/ && \
+#	git clone https://github.com/hashicorp/terraform $GOPATH/src/github.com/hashicorp/terraform && \
+#	cd $GOPATH/src/github.com/hashicorp/terraform; make dev"
+
+################################################################################################
+# Azure - Required dependencies
+################################################################################################
+RUN bash -c "\
+	apt-get update && apt-get -y upgrade && \
+	apt-get install -y nodejs npm && \
+	rm -rf /var/lib/apt/lists/*"
+RUN bash -c "npm install -g azure-cli"
+
+################################################################################################
+
+################################################################################################
+# Jsonnet
+################################################################################################
+
+RUN bash -c "\
+	cd /tmp; \
+	git clone https://github.com/google/jsonnet; \
+	cd jsonnet; \
+	make; \
+	cp jsonnet /usr/bin/jsonnet;"
+
+WORKDIR /opt/kube-deploy
+
+ADD . /opt/kube-deploy/
+
+CMD make
diff --git a/min-turnup/Makefile b/min-turnup/Makefile
@@ -1,6 +1,8 @@
 
 SHELL=/bin/bash
-.SHELLFLAGS="-O extglob -o errexit -o pipefail -o nounset -c"
+
+# TODO: things break with this uncommented
+#.SHELLFLAGS="-O extglob -o errexit -o pipefail -o nounset -c"
 
 .PHONY: config echo-config
 
@@ -17,6 +19,13 @@ endif
 CONF_TOOL_VERSION = 4.6
 KCONFIG_FILES = $(shell find . -name 'Kconfig')
 
+
+docker-build:
+	docker build -t kube-min-turnup .
+
+docker-run: docker-build
+	docker run -it --net=host -v `pwd`:/opt/kube-min-turnup kube-min-turnup /bin/bash
+
 default:
 	$(MAKE) config
 
@@ -40,11 +49,15 @@ menuconfig: .tmp/mconf
 	$(MAKE) config
 
 .config.json: .config
-	util/conig_to_json $< > $@
+	util/config_to_json $< > $@
 
 echo-config: .config.json
 	cat $<
 
+set-kubeconfig:
+	kubectl config  set-cluster $(CLUSTER_NAME) --server https://$(MASTER_IP):443 --certificate-authority=phase1b/crypto/ca.pem --embed-certs=true
+	kubectl config set-credentials $(CLUSTER_NAME) --server https://$(MASTER_IP):443 --client-certificate=./phase1b/crypto/kubelet.pem --client-key=./phase1b/crypto/kubelet-key.pem --embed-certs=true
+	kubectl config set-context $(CLUSTER_NAME) --cluster $(CLUSTER_NAME) --user $(CLUSTER_NAME)
 
 clean:
 	rm -rf .tmp

diff --git a/min-turnup/README-azure b/min-turnup/README-azure
@@ -0,0 +1,13 @@
+Things:
+
+1. Hardcodes assumptions about ubuntu+systemd
+2. terraform is flaky around the subnet
+3. terraform is flaky around kubelet.tar sometimes
+4. kubelet.service is very flaky and hang irrepairably hang nodes
+5. phases are fairly tightly coupled
+
+Other things:
+
+1. This copies root ca private key to the nodes which is not needed
+
+2. I don't see `config.phase2.extra-api-sans` being used anywhere...
diff --git a/min-turnup/default.config b/min-turnup/default.config
diff --git a/min-turnup/phase1/Kconfig b/min-turnup/phase1/Kconfig
@@ -10,20 +10,24 @@ config phase1.num_nodes
 
 config phase1.instance_prefix
 	string "instance prefix"
-	default "kuberentes"
+	default "k0"
 	help
 	  A prefix to append to all instance names.
 
 menuconfig phase1.cloud_provider
-	string "cloud proivder"
+	string "cloud provider"
 	default "gce"
 	help
 	  The cloud provider you would like to deploy to.
 
-	  Valid options are (gce).
+	  Valid options are (gce, azure).
 
 if phase1.cloud_provider = "gce"
 	source "phase1/gce/Kconfig"
 endif
 
+if phase1.cloud_provider = "azure"
+	source "phase1/azure/Kconfig"
+endif
+
 endmenu
diff --git a/min-turnup/phase1/azure/.gitignore b/min-turnup/phase1/azure/.gitignore
@@ -0,0 +1,3 @@
+terraform.tfstate
+account.json
+terraform.tfstate.backup
diff --git a/min-turnup/phase1/azure/Kconfig b/min-turnup/phase1/azure/Kconfig
@@ -0,0 +1,76 @@
+menu "Azure configuration"
+
+config phase1.azure.image_publisher
+	string "Base Virtual Machine OS Image"
+	default "canonical"
+	help
+	  The publisher of the base image used for the VirtualMachines.
+config phase1.azure.image_offer
+	string "Base Virtual Machine OS Image"
+	default "ubuntuserver"
+	help
+	  The offer of the base image used for the VirtualMachines.
+config phase1.azure.image_sku
+	string "Base Virtual Machine OS Image"
+	default "16.04.0-LTS"
+	help
+	  The sku of the base image used for the VirtualMachines.
+config phase1.azure.image_version
+	string "Base Virtual Machine OS Image"
+	default "latest"
+	help
+	  The version of the base image used for the VirtualMachines.
+
+config phase1.azure.master_vm_size
+	string "Virtual Machine Size (Master)"
+	default "Standard_D1_v2"
+	help
+	  The size of VirtualMachine to deploy.
+
+config phase1.azure.node_vm_size
+	string "Virtual Machine Size (Node)"
+	default "Standard_D1_v2"
+	help
+	  The size of VirtualMachine to deploy.
+
+config phase1.azure.master_private_ip
+	string "Private IP address of Master"
+	default "10.0.1.4"
+	help
+	  The private ip address of master
+
+config phase1.azure.location
+	string "Resource Location"
+	default "westus"
+	help
+	  The Azure location to use.
+
+config phase1.azure.admin_username
+	string "Virtual Machine Admin Username"
+	default "kube"
+
+config phase1.azure.admin_password
+	string "Virtual Machine Admin Password"
+	default "AzureKubernet3s!"
+
+config phase1.azure.tenant_id
+	string "ActiveDirectory ServicePrincipal ClientSecret"
+	help
+		The ClientSecret of the Service Account to be used by the cluster components.
+
+config phase1.azure.subscription_id
+	string "ActiveDirectory ServicePrincipal ClientSecret"
+	help
+		The ClientSecret of the Service Account to be used by the cluster components.
+
+config phase1.azure.client_id
+	string "ActiveDirectory ServicePrincipal ClientID"
+	help
+		The ClientID of the Service Account to be used by the cluster components.
+
+config phase1.azure.client_secret
+	string "ActiveDirectory ServicePrincipal ClientSecret"
+	help
+		The ClientSecret of the Service Account to be used by the cluster components.
+
+endmenu
diff --git a/min-turnup/phase1/azure/all.jsonnet b/min-turnup/phase1/azure/all.jsonnet
@@ -0,0 +1,4 @@
+local cfg = import "../../.config.json";
+{
+  "azure.tf": (import "lib/azure.jsonnet")(cfg),
+}
diff --git a/min-turnup/phase1/azure/azure.json b/min-turnup/phase1/azure/azure.json
@@ -0,0 +1,11 @@
+{
+  "tenantId": "${tenantId}",
+  "subscriptionId": "${subscriptionId}",
+  "adClientId": "${adClientId}",
+  "adClientSecret": "${adClientSecret}",
+  "resourceGroup": "${resourceGroup}",
+  "location": "${location}",
+  "subnetName": "${subnetName}",
+  "securityGroupName": "${securityGroupName}",
+  "vnetName": "${vnetName}"
+}
diff --git a/min-turnup/phase1/azure/configure-vm.sh b/min-turnup/phase1/azure/configure-vm.sh
@@ -0,0 +1,69 @@
+#! /bin/bash
+
+set -x
+set -o errexit
+set -o pipefail
+set -o nounset
+
+mkdir -p /etc/systemd/system/docker.service.d/
+cat <<EOF > /etc/systemd/system/docker.service.d/clear_mount_propagtion_flags.conf
+[Service]
+MountFlags=shared
+EOF
+cat <<EOF > /etc/systemd/system/docker.service.d/overlay.conf
+[Service]
+ExecStart=
+ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay
+EOF
+
+curl -sSL https://get.docker.com/ | sh
+
+apt-get update
+#apt-get dist-upgrade -y
+apt-get install -y jq
+
+systemctl start docker || true
+
+ROLE="node"
+if [[ $(hostname) = *master* ]]; then
+	ROLE="master"
+fi
+
+azure_file="/etc/kubernetes/azure.json"
+config_file="/etc/kubernetes/k8s_config.json"
+
+mkdir /etc/kubernetes
+# these get filled in from terraform
+echo -n "${azure_json}" | base64 -d > "$azure_file"
+echo -n "${k8s_config}" | base64 -d > "$config_file"
+echo -n "${kubelet_tar}" | base64 -d > "/etc/kubernetes/kubelet.tar"
+echo -n "${root_tar}" | base64 -d > "/etc/kubernetes/root.tar"
+echo -n "${apiserver_tar}" | base64 -d > "/etc/kubernetes/apiserver.tar"
+
+MASTER_IP="$(cat "$config_file" | jq -r '.phase1.azure.master_private_ip')"
+
+jq ". + {\"role\": \"$ROLE\", \"master_ip\": \"$MASTER_IP\"}" "$config_file" > /etc/kubernetes/k8s_config.new; cp /etc/kubernetes/k8s_config.new "$config_file"
+
+mkdir -p /srv/kubernetes
+for bundle in root kubelet apiserver; do
+  cat "/etc/kubernetes/$bundle.tar" | sudo tar xv -C /srv/kubernetes
+done;
+
+installer_container_spec="$(cat "$config_file" | jq -r '.phase2.installer_container_spec')"
+
+cat << EOF > /etc/kubernetes/install.sh
+systemctl stop docker
+systemctl start docker
+docker pull "$installer_container_spec"
+docker run \
+  --net=host \
+  -v /:/host_root \
+  -v /etc/kubernetes/k8s_config.json:/opt/playbooks/config.json:ro \
+  "$installer_container_spec" \
+  /opt/do_role.sh "$ROLE"
+EOF
+
+chmod +x /etc/kubernetes/install.sh
+/etc/kubernetes/install.sh
+
+#sudo reboot
diff --git a/min-turnup/phase1/azure/gen b/min-turnup/phase1/azure/gen
@@ -0,0 +1,8 @@
+#! /bin/bash
+
+set -x
+set -o errexit
+set -o pipefail
+set -o nounset
+
+jsonnet --multi out/ all.jsonnet