Skip to content

Instantly share code, notes, and snippets.

@akutz

akutz/yakity.sh-controller.log

Last active September 10, 2018 18:52
Show Gist options
  • Save akutz/00288cd1252f07139be6035c31a7e25a to your computer and use it in GitHub Desktop.
Save akutz/00288cd1252f07139be6035c31a7e25a to your computer and use it in GitHub Desktop.
Download ZIP
Raw
yakity.sh-controller.log
$ curl -sSL https://raw.githubusercontent.com/akutz/yakity/master/yakity.sh | \
> NODE_TYPE=controller \
> ETCD_DISCOVERY="${ETCD_DISCOVERY}" \
> NUM_CONTROLLERS=1 \
> NUM_NODES=2 sh -
pre-processed input
NODE_TYPE = controller
ETCD_DISCOVERY = https://discovery.etcd.io/45c2466cb31dd1b2ecff21f4d2ac0e3c
NUM_CONTROLLERS = 1
NUM_NODES = 2
deploying multi-node cluster
post-processed input
NODE_TYPE = controller
ETCD_DISCOVERY = https://discovery.etcd.io/45c2466cb31dd1b2ecff21f4d2ac0e3c
NUM_CONTROLLERS = 1
NUM_NODES = 2
downloading https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 599 0 599 0 0 2086 0 --:--:-- --:--:-- --:--:-- 2087
100 2956k 100 2956k 0 0 1644k 0 0:00:01 0:00:01 --:--:-- 2984k
downloading https://github.com/etcd-io/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 620 0 620 0 0 2430 0 --:--:-- --:--:-- --:--:-- 2431
1 10.7M 1 117k 0 0 114k 0 0:01:36 0:00:01 0:01:35 114ketcd-v3.3.9-linux-amd64/etcdctl
25 10.7M 25 2838k 0 0 1400k 0 0:00:07 0:00:02 0:00:05 2731ketcd-v3.3.9-linux-amd64/etcd
100 10.7M 100 10.7M 0 0 3654k 0 0:00:03 0:00:03 --:--:-- 5499k
initialized kubernetes artifact prefix=https://storage.googleapis.com/kubernetes-release/release/v1.11.3
downloading https://storage.googleapis.com/kubernetes-release/release/v1.11.3/kubernetes-server-linux-amd64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
2 415M 2 10.0M 0 0 14.8M 0 0:00:27 --:--:-- 0:00:27 14.8Mkubernetes/server/bin/kube-scheduler
9 415M 9 38.0M 0 0 22.6M 0 0:00:18 0:00:01 0:00:17 22.6Mkubernetes/server/bin/kube-apiserver
20 415M 20 85.7M 0 0 23.3M 0 0:00:17 0:00:03 0:00:14 23.3Mkubernetes/server/bin/kube-controller-manager
39 415M 39 162M 0 0 24.3M 0 0:00:17 0:00:06 0:00:11 24.9Mkubernetes/server/bin/kubectl
kubernetes/server/bin/apiextensions-apiserver
45 415M 45 190M 0 0 24.7M 0 0:00:16 0:00:07 0:00:09 25.2Mkubernetes/server/bin/kubelet
52 415M 52 216M 0 0 24.9M 0 0:00:16 0:00:08 0:00:08 26.1Mkubernetes/server/bin/cloud-controller-manager
71 415M 71 296M 0 0 25.3M 0 0:00:16 0:00:11 0:00:05 26.7Mkubernetes/server/bin/kube-proxy
77 415M 77 320M 0 0 25.3M 0 0:00:16 0:00:12 0:00:04 26.1Mkubernetes/server/bin/hyperkube
83 415M 83 345M 0 0 25.2M 0 0:00:16 0:00:13 0:00:03 25.8Mkubernetes/server/bin/kube-aggregator
88 415M 88 368M 0 0 25.1M 0 0:00:16 0:00:14 0:00:02 25.5Mkubernetes/server/bin/kubeadm
kubernetes/server/bin/mounter
100 415M 100 415M 0 0 26.1M 0 0:00:15 0:00:15 --:--:-- 28.3M
downloading http://cnx.vmware.s3.amazonaws.com/cicd/container-linux/nginx/v1.14.0/nginx.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0nginx
100 3872k 100 3872k 0 0 13.8M 0 --:--:-- --:--:-- --:--:-- 13.9M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
downloading https://github.com/coredns/coredns/releases/download/v1.2.2/release.coredns_1.2.2_linux_amd64.tgz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 627 0 627 0 0 2207 0 --:--:-- --:--:-- --:--:-- 2207
coredns
100 11.0M 100 11.0M 0 0 828k 0 0:00:13 0:00:13 --:--:-- 1115k
update perms & owner for files in /opt/bin
installing iptables
WARN: iptables allow all
using existing CA crt at /etc/ssl/ca.crt
using existing CA key at /etc/ssl/ca.key
creating directories for etcd server
generating cert for etcd client and peer endpoints
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/etcd.key
TLS_KEY_UID = etcd
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/etcd.crt
TLS_CRT_UID = etcd
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = VMware
TLS_OU_NAME = CNX
TLS_COMMON_NAME = ip-172-31-41-193.us-west-2.compute.internal
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = true
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal kubernetes.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
...........+++
..........................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=VMware/OU=CNX/CN=ip-172-31-41-193.us-west-2.compute.internal/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:46:48 2018 GMT
Not After : Oct 10 18:46:48 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=ip-172-31-41-193.us-west-2.compute.internal/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d4:87:16:73:f6:31:95:5f:df:07:f2:65:23:7f:
92:71:83:35:6f:f7:c0:a2:e0:d4:7b:d8:41:77:79:
2c:15:9f:3b:84:f3:8f:c2:c0:d8:ed:4c:a9:5e:4e:
2b:c3:22:d2:74:2c:49:d8:33:59:e7:41:a6:90:c3:
e6:50:5f:00:1d:1e:b7:34:0c:70:cf:ed:09:e7:1c:
c8:48:2a:40:73:f1:48:78:86:7b:40:13:59:57:47:
09:59:a4:a5:36:16:12:1d:2c:9d:da:da:1d:61:d0:
28:19:ae:ed:27:5f:e4:da:da:7f:49:5f:e0:14:c0:
c1:8f:8c:b6:d9:c1:a3:b7:db:f9:7f:a1:03:1c:5f:
69:82:01:bc:49:a8:ac:ce:6b:43:fa:34:12:c6:61:
2d:1d:1e:3f:fb:6d:31:b0:55:6d:d3:11:83:75:d1:
dc:2e:6d:27:a9:6d:1d:9b:1b:f4:f9:e5:bb:0c:1c:
6b:ae:6a:6c:38:10:bd:bd:ef:02:08:dd:99:6e:15:
00:66:5a:f5:11:2a:a5:d1:9f:65:93:2c:c3:98:5c:
76:28:93:50:db:85:90:fc:b1:6b:04:da:a0:a1:a6:
0f:fc:2b:45:bf:65:02:0a:15:99:a6:09:7e:17:b1:
b6:17:b5:7a:cd:90:06:06:c0:91:e5:c0:73:a0:4a:
cf:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
5C:68:4A:7F:81:AA:11:CA:EB:59:F3:83:E6:FE:97:EC:1C:BE:AD:34
X509v3 Subject Alternative Name:
DNS:localhost, DNS:ip-172-31-41-193, DNS:ip-172-31-41-193.us-west-2.compute.internal, DNS:kubernetes.us-west-2.compute.internal, IP Address:127.0.0.1, IP Address:172.31.41.193
Signature Algorithm: sha256WithRSAEncryption
af:6b:e0:42:1f:43:4b:08:61:9e:94:cc:5d:a5:f1:3f:6b:9d:
e8:51:b1:07:8a:06:e8:d6:a2:a7:e5:bb:08:b0:2e:63:ef:1d:
00:5e:89:37:41:59:ac:79:42:5b:c8:77:1d:ee:0c:1b:bf:58:
15:f5:57:69:d8:54:e3:40:52:cd:b0:31:6a:35:65:ed:aa:26:
dc:82:d2:06:9a:da:6c:3b:ce:5d:30:da:44:42:ea:e7:a6:39:
15:bc:3a:5b:78:e2:39:ff:ce:e3:af:ab:a3:ba:fa:29:76:2a:
0d:62:9c:d6:a3:da:65:68:3a:57:93:d4:0b:3b:ce:c0:06:0b:
f8:69:82:ec:d3:ed:33:44:2d:9f:34:c3:41:b8:02:59:8b:25:
61:24:17:8b:fe:e0:d3:4f:25:89:aa:4d:ad:5c:82:8e:07:41:
64:d6:3b:b5:ba:2f:8d:91:06:7d:f7:83:f4:26:31:ae:cc:42:
8a:1a:a0:fa:d7:8c:0f:65:66:a5:fc:e7:b4:5b:79:cb:65:2b:
09:5a:c2:f7:95:91:3a:c7:9d:2b:17:e5:2b:10:cb:20:7f:49:
32:ef:f1:8b:f4:55:d5:8a:6e:b4:86:5e:ca:9f:36:8e:1e:74:
86:17:6c:1a:6e:54:40:f1:11:d3:fd:3e:8f:8e:17:34:40:6c:
16:1c:00:3f
writing etcd defaults file=/etc/default/etcd
using etcd discovery url: https://discovery.etcd.io/45c2466cb31dd1b2ecff21f4d2ac0e3c
writing etcd service file=/etc/systemd/system/etcd.service
enabling etcd service
starting etcd service
waiting for etcd members to join cluster: poll attempt 1
discovered 1
discovery complete
discovered etcd cluster members: 172.31.41.193
generating cert for etcdctl
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/etcdctl.key
TLS_KEY_UID = 0
TLS_KEY_GID = k8s-admin
TLS_KEY_PERM = 0440
TLS_CRT_OUT = /etc/ssl/etcdctl.crt
TLS_CRT_UID = 0
TLS_CRT_GID = k8s-admin
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = VMware
TLS_OU_NAME = CNX
TLS_COMMON_NAME = [email protected]
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
.............................+++
...................................................................................................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=VMware/OU=CNX/[email protected]/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:46:50 2018 GMT
Not After : Oct 10 18:46:50 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, [email protected]/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d0:ee:a2:a6:57:6a:b6:67:33:1a:ef:9d:e6:ef:
03:d4:84:2d:c1:d6:71:60:54:b8:d8:b5:3a:6c:86:
a2:ad:d6:c9:65:23:3d:59:27:09:00:45:da:0b:15:
9d:39:a1:54:1b:2d:fd:72:14:24:63:11:3b:75:ba:
4b:9a:f7:c9:0d:59:94:9c:9b:0e:07:5b:d0:b7:60:
71:33:f7:85:38:ec:a3:32:b4:47:ec:69:a7:19:00:
4a:f5:7a:21:8a:88:3d:af:cc:8b:c8:24:bd:a5:cc:
28:68:38:e0:e3:61:4a:07:62:f0:03:46:54:7b:a5:
f0:a2:d8:a7:cf:c2:c7:2a:72:eb:24:71:2a:14:9c:
95:96:bb:00:d5:f8:c9:20:5e:f4:ea:98:98:b1:2b:
f6:1d:af:13:fe:66:21:47:c8:24:d5:84:e9:bf:b5:
05:eb:bb:eb:b9:02:19:8c:26:af:69:54:0f:d9:4b:
88:b5:b0:6a:17:06:02:26:56:6e:90:40:68:35:79:
6b:68:bf:e5:32:36:23:47:9f:b1:87:85:b0:d9:9d:
01:a1:56:7a:1c:98:7f:f8:a3:aa:ef:5b:8f:5d:b0:
4c:2e:23:73:83:da:92:4b:d0:e9:92:72:c4:39:4b:
7a:2f:36:ab:36:ad:da:97:54:46:a4:bc:be:7e:c8:
cb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
F8:21:8E:FC:EC:39:B9:30:E2:2F:E3:07:C2:E6:1A:71:29:78:34:9F
Signature Algorithm: sha256WithRSAEncryption
aa:8c:18:bd:ac:5b:85:c9:cb:76:a7:26:b6:72:d4:95:94:69:
79:5e:b0:a8:69:c5:57:5a:51:2e:e2:61:22:89:60:dd:79:b0:
e7:c4:7e:94:2b:dc:24:57:1f:fd:9b:df:c6:62:ad:82:55:88:
8f:2d:f2:eb:66:67:3f:be:12:ec:20:fb:3c:30:ef:1c:fd:a9:
0e:89:85:98:84:9d:c2:53:eb:00:37:9b:6e:97:c1:cd:f6:39:
d2:01:48:e3:83:14:26:b0:c1:64:88:28:be:62:39:9d:d4:ff:
9c:7f:ac:53:9f:58:33:56:31:a0:ac:5a:df:64:fd:67:66:0a:
83:21:c6:17:cd:84:eb:e2:3e:25:74:32:b8:92:d8:27:3f:e2:
9d:0a:07:8d:11:de:09:46:58:92:13:93:08:75:7f:be:93:64:
3b:97:d5:30:9c:8c:42:ce:43:22:cd:ec:ac:59:c7:d5:ea:3b:
99:91:c6:2c:09:e0:af:bd:03:83:58:a1:56:88:f7:04:3b:10:
81:e4:89:b0:af:19:4a:18:03:52:82:60:7c:58:92:e6:56:d3:
03:10:2b:52:82:f4:3e:31:39:fd:69:e2:a2:1a:d6:de:54:9d:
11:4f:7f:ff:0f:f5:4d:c3:7f:d8:ff:78:55:8c:81:71:4e:d5:
6f:e2:88:95
writing etcdctl defaults file=/etc/default/etcdctl
writing etcdctl profile.d file=/etc/profile.d/etcdctl.sh
obtaining distributed lock to safely execute put_node_info
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=18401
obtained distributed lock: sh.lock/aa965c4cec1da04
node info key=/yakity/nodes/0
OK
put node info at /yakity/nodes/0
released lock sh.lock
released lock used to safeley execute put_node_info
waiting for all node info: poll attempt 0
waiting for all node info: poll attempt 1
waiting for all node info: poll attempt 2
waiting for all node info: poll attempt 3
waiting for all node info: poll attempt 4
waiting for all node info: poll attempt 5
waiting for all node info: poll attempt 6
waiting for all node info: poll attempt 7
waiting for all node info: poll attempt 8
waiting for all node info: poll attempt 9
waiting for all node info: poll attempt 10
waiting for all node info: poll attempt 11
waiting for all node info: poll attempt 12
waiting for all node info: poll attempt 13
waiting for all node info: poll attempt 14
waiting for all node info: poll attempt 15
waiting for all node info: poll attempt 16
waiting for all node info: poll attempt 17
waiting for all node info: poll attempt 18
waiting for all node info: poll attempt 19
/yakity/nodes/0
{
"host_fqdn": "ip-172-31-41-193.us-west-2.compute.internal",
"host_name": "ip-172-31-41-193",
"ipv4_address": "172.31.41.193",
"node_type": "controller",
"node_index": 0,
"pod_cidr": "10.200.0.0/24"
}
/yakity/nodes/1
{
"host_fqdn": "ip-172-31-34-79.us-west-2.compute.internal",
"host_name": "ip-172-31-34-79",
"ipv4_address": "172.31.34.79",
"node_type": "worker",
"node_index": 1,
"pod_cidr": "10.200.1.0/24"
}
creating round-robin DNS A-record for public cluster FQDN
OK
created cluster FQDN DNS A-record
/skydns/internal/compute/us-west-2/kubernetes/0
{"host":"172.31.41.193"}
creating DNS A-record for this host
putting '{"host":"172.31.41.193"}' into etcd key '/skydns/internal/compute/us-west-2/ip-172-31-41-193'
OK
/skydns/internal/compute/us-west-2/ip-172-31-41-193
{"host":"172.31.41.193"}
creating DNS reverse lookup record for this host
putting '{"host":"ip-172-31-41-193.us-west-2.compute.internal"}' into etcd key '/skydns/arpa/in-addr/172/31/41/193'
OK
/skydns/arpa/in-addr/172/31/41/193
{"host":"ip-172-31-41-193.us-west-2.compute.internal"}
creating directories for CoreDNS
generating certs for coredns
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/coredns.key
TLS_KEY_UID = coredns
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/coredns.crt
TLS_CRT_UID = coredns
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = VMware
TLS_OU_NAME = CNX
TLS_COMMON_NAME = [email protected]
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = true
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
..................................+++
....................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=VMware/OU=CNX/[email protected]/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:48 2018 GMT
Not After : Oct 10 18:47:48 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, [email protected]/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b6:83:25:81:17:e1:50:28:c7:1f:86:a8:54:b5:
84:29:85:00:77:cd:a9:fa:51:26:bc:87:41:d6:06:
7f:1f:d9:a7:96:9e:11:30:a1:80:52:fd:a2:bd:91:
ba:8f:e7:bd:34:ae:45:4b:ab:89:2e:0d:ae:c2:c8:
71:31:9d:a5:b0:b1:cb:4c:ec:bc:fc:b4:0a:de:80:
62:6a:04:f2:4e:f6:7b:d1:4e:2c:8b:01:be:46:70:
dd:fc:89:f1:94:be:bf:47:6d:fb:6b:a4:1f:81:41:
e4:20:c3:43:32:38:2f:76:9d:d6:dd:e1:c5:00:62:
55:d5:64:17:70:14:4c:d7:a9:65:3c:75:b1:f7:f5:
79:70:f1:e4:27:00:68:72:68:ec:f2:93:ff:36:e2:
13:2b:cf:cd:42:95:a7:5a:27:0d:06:67:e0:9c:d4:
ff:20:c6:43:cb:61:6e:a6:38:26:fa:9d:90:f5:07:
d1:04:59:f7:a8:87:26:ef:46:fa:0d:90:d8:68:a7:
cd:57:7e:23:22:33:08:1f:a7:35:20:0e:af:60:bf:
50:02:7a:01:11:c6:3e:20:c9:c3:d4:fb:5b:44:0a:
b9:c8:6c:d6:8d:7c:9a:0b:a6:33:64:c0:b1:ca:57:
be:90:ba:b7:9c:5e:8f:ff:41:98:84:7c:d4:05:62:
aa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
88:D7:9C:97:0A:CF:5B:9A:68:A5:F5:E9:4E:40:21:83:03:19:49:B7
X509v3 Subject Alternative Name:
DNS:localhost, DNS:ip-172-31-41-193, DNS:ip-172-31-41-193.us-west-2.compute.internal, IP Address:127.0.0.1, IP Address:172.31.41.193
Signature Algorithm: sha256WithRSAEncryption
ac:ee:c2:93:8b:ac:41:d5:5c:3e:57:8a:c4:ae:5c:67:81:11:
bc:45:f6:22:7c:75:ba:ce:9b:62:87:a3:73:f3:2a:1a:bb:f9:
12:75:92:df:02:67:be:2a:13:d0:c7:3b:b6:b8:84:fe:95:f2:
8c:fe:52:30:15:35:bc:0c:c0:79:ed:c0:88:56:22:a0:1a:5d:
24:46:58:4a:4f:da:c0:cf:c9:38:cf:a7:06:61:b7:b1:5f:8d:
85:8a:f7:e2:94:28:bd:01:95:9d:29:e2:3d:8a:9f:02:e3:f3:
f7:ce:69:62:aa:e7:fd:80:f8:e3:34:2d:75:56:de:3d:77:24:
d4:ff:e1:7d:c0:e5:f0:a1:78:6c:b9:1e:63:9e:fe:c6:35:98:
0c:03:51:0a:52:35:ad:ee:1a:39:0f:62:4c:68:50:93:78:28:
4b:44:99:37:09:77:75:0b:6e:8c:b1:7e:7c:56:77:ae:b0:e7:
60:dc:33:9b:e8:c1:55:9e:07:25:4c:67:ed:e8:b2:67:55:c7:
7c:ba:98:af:e4:2e:f7:25:fc:25:48:46:fb:2e:48:84:c1:c9:
0c:74:67:18:fc:bf:aa:86:3c:c6:7e:e0:16:c3:9b:a3:67:47:
e2:46:9f:e2:95:36:01:47:d1:fd:6f:2f:5f:c0:c2:33:d1:34:
c6:44:d6:ef
writing /etc/coredns/Corefile
writing /etc/systemd/system/coredns.service
enabling coredns.service
starting coredns.service
waiting on reverse lookup w node ipv4 addresses=172.31.41.193
172.31.34.79
waiting for reverse lookup: attempt 1
193.41.31.172.in-addr.arpa domain name pointer ip-172-31-41-193.us-west-2.compute.internal.
79.34.31.172.in-addr.arpa domain name pointer ip-172-31-34-79.us-west-2.compute.internal.
all nodes resolved via reverse lookup
enabling ip forwarding
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s-ip-forward.conf ...
net.ipv4.ip_forward = 1
* Applying /etc/sysctl.conf ...
creating routes to pod nets on other nodes
ip route add 10.200.1.0/24 via 172.31.34.79
created routes for pod network
installing kubernetes
installing the cloud provider
generating or fetching shared kubernetes assets
obtaining distributed lock to safely execute generate_or_fetch_shared_kubernetes_assets
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=18798
obtained distributed lock: sh.lock/aa965c4cec1da43
OK
generating shared kube-apiserver x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/kube-apiserver.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/kube-apiserver.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = VMware
TLS_OU_NAME = CNX
TLS_COMMON_NAME = kubernetes
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = true
TLS_SAN_DNS = localhost kubernetes.us-west-2.compute.internal kubernetes.default.svc.cluster.local kubernetes.default
TLS_SAN_IP = 127.0.0.1 10.32.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
................+++
.......+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=VMware/OU=CNX/CN=kubernetes/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:48 2018 GMT
Not After : Oct 10 18:47:48 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=kubernetes/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bf:47:8f:5d:17:94:9d:0c:17:50:45:a9:88:eb:
f4:f5:0a:db:47:68:12:62:31:20:69:27:93:d2:22:
e4:82:5b:10:c1:60:25:ea:c5:cb:f1:2e:af:0d:e8:
8f:f3:09:92:a3:6f:3c:a7:f5:48:bb:38:7f:e3:0d:
cd:a0:64:32:43:0e:e9:85:b4:a1:0d:7c:1b:fe:a7:
d3:10:bb:e3:f1:f3:4a:4c:68:bf:0d:65:c3:43:23:
18:4b:36:4b:90:47:27:52:23:2e:b4:3b:7a:ba:1e:
9f:5d:ce:3e:c0:4d:df:68:ea:2c:81:02:b0:1b:4a:
18:78:8e:a7:da:d2:b6:07:3d:27:5f:74:2c:e7:46:
37:cb:bb:fa:3a:b9:76:ba:66:1a:5f:bd:24:e1:73:
37:2a:7d:09:7f:11:54:c5:28:ed:e7:e0:ff:07:87:
9d:28:15:65:bb:28:17:67:94:00:cd:55:e8:dc:19:
55:cd:5d:c0:3f:eb:e3:3f:fa:45:d5:5a:4d:e4:2c:
67:5b:1e:bd:b6:5a:7c:55:0e:72:e2:a3:d1:7c:78:
6e:b1:84:9b:0d:a4:71:45:89:15:c4:6f:39:83:8e:
a1:73:d9:bd:f8:70:7b:fa:c3:f6:81:ea:78:b8:92:
f3:12:5a:81:4a:a8:3f:26:4b:2f:f7:4d:08:16:a8:
c9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
1D:7D:29:A7:9D:D8:7F:B9:25:8F:71:87:47:20:13:A6:D2:5D:2E:86
X509v3 Subject Alternative Name:
DNS:localhost, DNS:kubernetes.us-west-2.compute.internal, DNS:kubernetes.default.svc.cluster.local, DNS:kubernetes.default, IP Address:127.0.0.1, IP Address:10.32.0.1, IP Address:172.31.41.193
Signature Algorithm: sha256WithRSAEncryption
04:2c:56:8a:ae:e3:68:b5:08:14:8b:7a:0a:1f:73:5e:f1:9c:
8d:6c:2e:b5:30:50:ac:d5:6d:fb:06:93:1d:f3:f3:ba:46:89:
87:74:51:a3:d0:4c:a3:bb:a0:e5:e1:15:f6:dd:e1:48:85:b7:
85:28:04:c7:37:4e:24:b4:de:15:97:b0:71:5a:e4:2b:f6:ac:
56:3b:0f:3b:ec:a6:61:14:5b:9f:49:ac:a9:cd:9c:a6:b8:d5:
d8:29:fe:b0:fe:31:29:1a:d9:c2:97:0c:0e:2e:7e:22:9e:e2:
dd:8b:75:4e:74:c3:4f:e2:9b:d1:c5:36:19:44:84:97:e2:9d:
d8:09:53:6c:a1:bd:65:c1:92:15:d5:a0:43:1d:d1:02:2a:31:
07:04:24:c7:ca:7b:37:6f:f6:81:e4:52:cc:bb:0a:97:57:da:
60:1a:cb:f6:ea:b8:97:a2:ab:02:64:6c:a0:50:4e:29:8d:9a:
c6:0b:32:13:55:e3:e5:2f:d9:20:da:ae:26:6a:2c:28:fd:e4:
9e:41:2d:79:be:0e:9f:0e:48:ff:b6:14:7d:f8:8c:87:95:5e:
0a:6d:3c:92:a0:a5:ff:a1:d5:46:42:23:e8:9a:e0:d0:05:71:
a2:b4:8f:81:82:0f:81:be:e0:f6:04:34:37:2e:33:cb:19:b8:
5f:99:73:e9
generating shared k8s-admin x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/k8s-admin.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/k8s-admin.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = system:masters
TLS_OU_NAME = CNX
TLS_COMMON_NAME = admin
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
................................................+++
......................................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=system:masters/OU=CNX/CN=admin/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:48 2018 GMT
Not After : Oct 10 18:47:48 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=system:masters, OU=CNX, CN=admin/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c7:8c:d3:5c:f7:f9:ec:4d:0a:b2:14:92:4f:42:
7f:f5:8d:55:ee:3e:0b:1f:1d:cd:94:a1:48:26:ce:
89:a8:ca:57:5c:74:13:e0:0c:92:30:8f:f3:6b:9b:
15:8a:91:57:42:cc:37:6e:72:8e:47:ca:b4:b6:d0:
c7:21:e3:8b:e4:7f:57:86:e8:e4:d7:5d:2f:55:71:
07:a0:9d:4d:b2:df:6f:43:74:76:f2:f1:16:b9:a1:
4d:de:14:1f:eb:ec:81:61:3d:59:ba:1a:4c:a5:2b:
18:69:b7:f1:8f:d7:4a:89:90:41:88:b4:17:fa:a1:
69:e1:ee:b0:ae:e9:95:f3:65:ad:3d:87:c4:83:ab:
85:23:52:3c:8b:40:79:d4:e1:9a:ca:d9:ec:48:2d:
fe:fd:aa:91:67:aa:50:8e:d5:9a:22:35:b1:46:fc:
c5:25:1d:1e:5e:59:2d:0b:a5:40:77:80:c3:e2:44:
0a:7d:1e:dd:28:4c:6d:27:2f:83:1c:22:b0:e8:b9:
20:21:ae:d6:8c:6e:6f:6e:63:0e:29:a9:bb:ec:3b:
b2:5c:9f:40:3e:a1:5b:9a:dd:40:c0:e1:07:b1:7f:
42:0d:f3:2a:33:18:50:6a:9f:88:ff:8a:81:35:dd:
6d:21:4f:53:b1:21:2b:94:e4:d3:1c:44:27:f9:76:
f4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
B7:87:3C:A9:FE:1E:22:0E:FF:C3:C2:3B:8E:34:41:35:92:4A:47:DB
Signature Algorithm: sha256WithRSAEncryption
97:f8:f3:f5:b0:f4:69:94:af:59:44:bd:76:e0:f3:f1:47:a1:
fa:27:cb:4b:b1:f9:49:b1:71:fd:08:4d:d4:b9:7f:af:af:9d:
79:f0:67:d4:17:ae:03:31:44:5e:a3:14:32:06:07:af:92:67:
b3:22:23:68:66:f1:a7:73:c9:23:e6:1b:e5:67:2b:b4:c5:a9:
cb:a6:30:42:60:c6:0c:00:02:d9:97:9e:bd:d0:cb:e4:67:38:
b5:70:91:89:34:6b:bf:8a:d7:5e:62:85:24:4c:6b:25:d2:4d:
ba:10:ad:77:16:ed:9c:62:f3:da:e1:87:e7:1d:6c:83:1d:22:
c7:5e:3d:69:02:a5:d1:9a:d0:e8:4d:8b:6c:86:00:86:3a:aa:
17:9c:25:f6:9f:72:a2:0f:72:ff:49:01:9b:55:48:62:b2:1b:
d2:4c:9d:c5:63:3e:2a:67:10:cd:36:f2:4a:fc:c1:c6:2f:ec:
71:90:86:19:59:76:ea:76:61:e1:52:a0:48:a6:97:55:65:37:
b6:7c:22:df:fa:22:8b:f5:04:b4:2f:97:19:42:1e:d7:13:b5:
cd:3d:df:18:45:c6:87:91:ec:cf:d4:95:f2:25:76:cd:41:fd:
94:18:b5:ce:a4:04:2b:4d:b8:4c:be:ae:70:a3:4a:e0:50:96:
56:c4:52:d3
generating shared kube-controller-manager x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/kube-controller-manager.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/kube-controller-manager.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = system:kube-controller-manager
TLS_OU_NAME = CNX
TLS_COMMON_NAME = system:kube-controller-manager
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
...............................................+++
........................................................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=system:kube-controller-manager/OU=CNX/CN=system:kube-controller-manager/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:48 2018 GMT
Not After : Oct 10 18:47:48 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=system:kube-controller-manager, OU=CNX, CN=system:kube-controller-manager/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d1:a3:3b:c8:b0:a0:e9:2a:09:ec:18:7c:06:ab:
42:b7:01:ae:8e:e4:85:89:31:bc:1c:58:d7:f0:f4:
4c:f2:01:5f:bf:d5:d5:c4:62:96:4e:ef:8f:2d:79:
56:69:03:87:09:8d:23:06:4c:09:55:58:c4:c8:b3:
ac:ce:75:90:64:ab:0e:14:0d:7d:4b:00:c8:7b:8c:
77:2f:79:01:7c:1c:bb:46:b0:ad:97:18:34:82:70:
3e:34:87:ca:e8:28:bb:83:28:3e:c7:72:48:ad:fe:
a9:28:67:90:83:c1:81:94:dc:54:7b:bd:d0:e1:5d:
60:12:85:d0:df:a1:9b:0c:8d:d7:05:25:0b:94:96:
cc:a5:08:b3:4d:2e:b5:07:91:e5:2a:68:8d:7c:cd:
71:e1:64:47:8e:c8:bc:4c:45:4e:a7:a6:40:3a:43:
67:57:9b:f8:b6:1a:ad:d8:a0:f4:86:0e:67:18:50:
f8:94:5c:b7:e6:c7:03:98:70:9b:5d:f0:e2:62:14:
3e:58:b4:00:20:c3:c9:ce:52:f6:cd:f1:f2:ee:7e:
42:19:84:04:38:4d:cc:50:e5:34:3e:52:61:16:13:
d7:64:1f:e5:73:34:20:f7:b5:01:be:7b:03:d5:ce:
79:95:b9:1a:a7:f9:12:90:89:99:03:33:9e:ac:05:
5c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
68:87:3E:AF:AC:6A:28:05:50:0E:A3:2B:79:15:66:5E:C3:A4:1D:D6
Signature Algorithm: sha256WithRSAEncryption
6c:26:a8:07:f7:60:65:9a:68:5e:1f:fe:92:22:da:fb:fe:d4:
ad:7a:a3:18:a7:93:81:17:81:04:6c:79:4b:4f:66:fb:28:a3:
bf:dc:06:ee:c8:ac:d3:67:50:5f:07:68:bd:1f:4c:f2:ac:37:
f0:07:c3:97:c4:76:c0:42:ca:5b:4a:f1:39:88:9d:b9:41:4a:
fb:c2:15:f7:fe:f0:f1:f2:40:84:09:49:e8:b0:8c:5e:f1:0d:
09:0e:1a:eb:34:a7:20:9b:40:e7:86:9d:13:23:f4:d8:37:b3:
3e:81:f7:c5:3a:35:a8:ae:3f:09:45:da:ee:6e:44:ce:e1:1e:
b2:4b:44:84:57:2c:f5:a3:a7:46:e3:7b:14:e0:c9:a7:96:8b:
cf:1a:32:97:68:f0:5d:73:44:2c:95:d8:7c:7c:b9:fa:b2:57:
61:b9:55:fc:8b:48:20:3e:57:43:10:e5:72:2e:82:84:81:73:
97:9a:03:9b:92:ca:0a:2e:5c:4b:85:38:d7:b8:09:4c:c1:7c:
1e:d0:02:6c:3e:43:f4:6e:25:66:cf:30:48:8a:db:94:fd:63:
7a:f2:d5:e8:8a:85:1d:3c:82:13:0b:27:47:72:db:2f:23:ff:
b2:02:ef:f6:d5:e7:c2:95:ba:37:d0:0e:2a:31:30:04:14:9c:
07:27:ee:b9
generating shared kube-scheduler x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/kube-scheduler.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/kube-scheduler.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = system:kube-scheduler
TLS_OU_NAME = CNX
TLS_COMMON_NAME = system:kube-scheduler
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
...........................................................................................................+++
....................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=system:kube-scheduler/OU=CNX/CN=system:kube-scheduler/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:49 2018 GMT
Not After : Oct 10 18:47:49 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=system:kube-scheduler, OU=CNX, CN=system:kube-scheduler/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ca:24:a5:1e:0b:8c:da:e0:e4:40:cb:27:67:98:
7b:c6:62:37:69:04:90:8e:c8:a7:ba:09:ea:0f:89:
c7:10:e8:34:82:a9:0a:5c:ce:f5:de:9b:58:0f:10:
e3:ee:79:9e:65:7e:de:41:e8:ca:b5:f7:a1:18:47:
17:27:64:cc:2b:f9:68:d7:bd:da:39:cc:87:0b:20:
56:29:4f:90:11:6b:39:45:36:87:f4:30:9c:42:7b:
e7:0d:a2:39:03:5a:60:12:53:21:7e:b1:b3:7d:55:
75:a8:7f:a1:a5:4a:cc:87:24:74:81:5e:04:2d:4b:
16:89:b7:7f:64:1c:75:f5:0b:d1:52:e9:b7:91:b8:
1d:16:a3:72:36:f6:40:aa:9e:dc:a1:ec:af:f2:33:
78:c9:32:ab:4f:c9:65:15:86:a6:95:89:a1:ad:d0:
1b:7f:d7:fd:cf:f6:3f:c4:2b:2c:aa:27:8f:1c:d1:
4f:c5:c1:71:8a:4e:8c:28:7a:58:76:0d:50:02:fe:
34:22:94:c9:f6:b6:75:2a:ae:23:34:26:a9:a2:e9:
d7:e4:54:73:61:1a:85:37:28:2f:48:ec:d2:6e:95:
b7:a5:a8:ff:d5:d0:b8:6f:a5:5e:13:39:68:f5:f9:
e7:83:de:0b:75:59:aa:2f:32:f5:18:4b:64:6d:f5:
b0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
2B:99:6B:DA:02:41:5D:27:07:0F:48:02:89:FC:0C:B4:EE:70:68:D5
Signature Algorithm: sha256WithRSAEncryption
3d:95:da:e6:ee:77:2e:00:df:20:7b:26:7a:53:8d:f6:0d:b5:
22:0c:b8:6a:12:b3:6a:39:44:a2:79:50:36:3c:c5:bf:a4:91:
38:05:79:54:4e:1b:a3:d6:03:b9:67:71:0a:73:ef:62:7b:bd:
5a:94:ba:6f:76:d6:e8:7e:38:67:15:63:cb:d7:18:12:bb:03:
74:56:19:02:40:7f:7c:1d:d3:6a:96:7e:ed:5d:52:f7:e4:b3:
35:db:42:a4:6e:2d:11:be:11:2a:65:16:3d:b4:39:2e:e4:e0:
d9:fe:6a:a0:b1:bc:53:01:82:90:ec:22:36:df:c2:6d:7c:30:
e0:68:48:12:e1:e6:01:24:a7:0c:95:58:b5:ba:0a:f5:57:38:
5e:2a:97:0c:ba:dd:df:ec:86:c0:6a:a1:54:db:2a:d7:5d:25:
c3:f9:62:79:59:7a:fe:fe:c3:2b:fa:fd:03:c1:0a:5a:10:e3:
8b:35:5b:1a:b1:6a:6f:f6:84:ea:20:4b:7d:1a:f2:54:e8:84:
6e:51:9a:58:87:df:6a:2d:dc:d5:e3:05:e5:98:36:41:28:1c:
18:0b:c9:36:b4:b7:31:2b:4a:07:16:4b:83:0f:e5:2b:db:d3:
a9:63:c1:25:65:9d:d4:58:7d:d7:37:d7:84:63:5d:57:66:90:
96:31:94:52
generating shared k8s-service-accounts x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/k8s-service-accounts.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/k8s-service-accounts.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = VMware
TLS_OU_NAME = CNX
TLS_COMMON_NAME = service-accounts
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
....+++
......+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=VMware/OU=CNX/CN=service-accounts/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:49 2018 GMT
Not After : Oct 10 18:47:49 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=service-accounts/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c3:6a:1f:fa:0d:13:e4:16:48:d2:53:91:99:29:
c4:e3:db:e9:69:ae:a0:f9:5c:8e:58:4d:ef:d4:0e:
95:6f:c8:0b:31:22:03:13:96:16:5a:c8:07:a4:b6:
be:2e:a3:50:97:fc:78:70:aa:74:71:39:5e:9a:bc:
87:40:de:87:eb:67:8f:e0:2f:20:4c:8f:b0:8a:f7:
6c:ad:97:26:ba:f2:90:cf:6e:94:ff:35:64:77:fc:
be:26:f1:c5:4f:be:38:67:e2:a0:6c:4a:59:f1:6f:
9b:ff:5d:f1:b1:fd:08:9e:24:9b:23:90:43:63:bc:
be:f5:57:96:b0:30:bc:73:c3:d4:0e:db:eb:78:9c:
65:33:bc:57:14:88:0e:53:65:5d:df:4e:0f:a1:ff:
1f:94:a7:45:fe:5e:46:97:99:60:51:18:6e:24:80:
cc:48:75:f9:ae:21:5f:91:ae:62:f2:19:29:be:bd:
96:b8:8e:b9:e2:62:41:48:0a:bd:66:1d:9b:2c:99:
82:42:e1:b5:3e:f8:69:aa:d5:62:84:c7:f0:2e:f4:
96:32:62:72:02:ac:13:e2:1c:5d:5c:f1:62:9e:b2:
e5:ef:e3:63:5e:81:9b:7d:79:d9:f7:65:08:e0:28:
16:fd:e3:39:0b:75:04:c7:30:d0:f1:08:91:9f:5d:
cd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
BD:E1:D5:5C:38:59:7D:5B:9C:FF:E2:BE:C6:B1:3D:05:03:45:42:08
Signature Algorithm: sha256WithRSAEncryption
4a:9e:de:c8:6c:41:8f:98:2f:e3:17:04:78:ee:c7:64:4f:fc:
65:63:52:40:cf:70:52:23:f8:34:38:8a:f8:c1:8d:b3:e8:ef:
47:27:19:fc:4c:f1:29:5e:7a:49:a7:36:b4:83:8e:9b:5f:f9:
f5:f6:90:6c:b7:4b:4e:0c:55:ee:a8:32:3d:71:bf:92:41:7e:
d1:17:cf:82:2a:09:75:98:e9:15:20:7f:92:84:10:69:a4:a2:
9f:04:25:c1:fb:3b:8f:48:40:87:45:d3:2c:8e:e7:b6:f9:fb:
b6:99:42:86:37:02:dc:60:31:60:a7:4e:1a:76:75:ca:f4:60:
56:09:40:f4:2e:81:f4:52:03:40:85:95:df:e6:e9:df:68:96:
7d:f3:8c:f7:83:f5:36:c8:f0:a7:1b:36:18:92:ff:42:17:51:
db:f3:b1:21:8f:08:5c:0a:34:4d:37:ab:a3:a5:80:f4:45:c4:
85:9f:48:89:94:76:f5:9e:4f:f0:eb:9a:86:2e:48:54:46:db:
8e:dd:39:f3:d7:d4:0b:76:f1:c5:92:56:25:ab:d0:b8:6b:30:
75:23:8d:b0:cf:9b:e5:75:16:d2:d5:57:79:f8:3e:f0:e9:c4:
bb:06:8d:5b:f4:88:ef:93:f9:40:28:c1:75:b1:59:24:43:4e:
3d:d5:21:fd
generating shared kube-proxy x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/kube-proxy.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/kube-proxy.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = system:node-proxier
TLS_OU_NAME = CNX
TLS_COMMON_NAME = system:kube-proxy
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-41-193 ip-172-31-41-193.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.41.193
Generating RSA private key, 2048 bit long modulus
...............+++
....................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=system:node-proxier/OU=CNX/CN=system:kube-proxy/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
81:c7:a1:92:b6:61:9b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:49 2018 GMT
Not After : Oct 10 18:47:49 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=system:node-proxier, OU=CNX, CN=system:kube-proxy/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:cf:3d:6e:2d:7a:e8:c3:32:9f:d1:f9:36:32:06:
c3:56:45:28:ac:1d:18:9f:69:d1:20:e1:e8:18:3f:
43:11:8b:e4:66:52:60:5c:fd:95:0c:62:ae:29:b2:
1e:af:20:40:24:d7:43:79:1b:93:5d:d7:97:e1:a3:
c7:d3:c5:e3:1b:0d:af:ce:c5:0c:dd:f0:b8:e6:d1:
94:31:fd:1b:dc:13:47:cb:5f:1c:38:af:d2:a5:b5:
ec:85:87:08:5c:2b:62:fb:ba:e2:1a:8e:2b:b9:58:
4c:3c:08:4b:a2:26:8d:21:7d:bf:54:cb:0a:c0:81:
ad:20:03:f3:25:78:c2:92:4f:29:7c:78:6e:1a:38:
de:af:27:5f:2f:3d:7f:5a:0f:a6:66:9d:8d:8e:e3:
fe:9a:5f:6f:0e:15:5e:a7:51:b7:c9:e8:bb:05:c2:
e9:3b:16:ee:2e:2c:ae:aa:bf:2f:2e:1a:a9:ef:94:
90:1e:1d:a7:5f:41:fe:85:8f:f0:90:59:8c:e9:b9:
97:3b:fb:87:6e:87:68:29:7f:9f:4b:be:56:07:a4:
a5:a2:a4:2f:9f:75:b2:de:3f:79:b6:cc:ae:7f:21:
04:15:36:f8:db:6d:0b:e8:12:b3:21:78:8d:4c:3a:
c4:1d:c3:57:69:78:63:c4:19:e2:b3:ee:5e:a0:d5:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
40:0F:6B:AE:B6:48:2C:78:49:F2:20:FE:48:DD:B4:C3:70:5B:86:D3
Signature Algorithm: sha256WithRSAEncryption
81:52:30:78:c4:b0:6d:dd:78:d6:49:e9:b7:dc:87:e4:b6:20:
72:79:4f:82:aa:bd:48:4c:95:3b:08:9d:2d:8f:d1:88:85:4b:
da:c7:32:21:22:6e:2b:03:9f:3b:43:bf:b4:cd:57:4e:c5:90:
ba:90:ed:e4:ae:9f:20:8f:54:25:c5:2f:6b:10:a6:39:e6:09:
cd:66:4f:74:dc:12:1a:36:9c:ad:f9:39:5f:5b:65:e4:c0:a8:
49:f4:86:ad:a4:1e:6b:43:85:46:f0:fd:5a:24:be:cd:25:38:
a0:0c:23:3f:7c:89:e4:79:6c:03:a4:cc:02:d9:80:3a:7c:d2:
d2:22:29:2d:c3:e3:96:88:7d:f2:5a:57:db:99:f4:cd:4c:e4:
7f:55:4c:53:2d:a4:5d:4e:db:c5:47:0b:5c:c0:f2:41:d9:1d:
66:44:85:54:c2:9d:cf:dc:0f:d6:c1:b2:2e:6b:53:a3:da:98:
a0:a9:27:82:75:5f:15:ab:cc:2d:20:64:00:10:18:ca:92:df:
94:ac:5c:db:cb:ef:d8:90:67:1a:f6:ff:60:69:3b:44:00:6e:
11:c7:7d:e3:52:4a:98:56:84:6a:6e:5e:a2:4e:df:84:92:a5:
54:5b:35:9f:ce:4e:d7:d3:d2:2d:f3:e0:2d:bf:24:10:4b:ea:
8e:fe:57:8f
generating shared k8s-admin kubeconfig
generating kubeconfig
KFG_FILE_PATH = /var/lib/kubernetes/kubeconfig
KFG_TLS_CA_CRT = /etc/ssl/ca.crt
KFG_TLS_CRT = /etc/ssl/k8s-admin.crt
KFG_TLS_KEY = /etc/ssl/k8s-admin.key
KFG_CLUSTER = kubernetes.us-west-2.compute.internal
KFG_SERVER = https://127.0.0.1:443
KFG_CONTEXT = default
KFG_USER = admin
KFG_UID = root
KFG_GID = k8s-admin
KFG_PERM = 0440
Cluster "kubernetes.us-west-2.compute.internal" set.
User "admin" set.
Context "default" created.
Switched to context "default".
generating shared kube-scheduler kubeconfig
generating kubeconfig
KFG_FILE_PATH = /var/lib/kube-scheduler/kubeconfig
KFG_TLS_CA_CRT = /etc/ssl/ca.crt
KFG_TLS_CRT = /etc/ssl/kube-scheduler.crt
KFG_TLS_KEY = /etc/ssl/kube-scheduler.key
KFG_CLUSTER = kubernetes.us-west-2.compute.internal
KFG_SERVER = https://127.0.0.1:443
KFG_CONTEXT = default
KFG_USER = system:kube-scheduler
KFG_UID = root
KFG_GID = root
KFG_PERM = 0400
Cluster "kubernetes.us-west-2.compute.internal" set.
User "system:kube-scheduler" set.
Context "default" created.
Switched to context "default".
generating shared kube-controller-manager kubeconfig
generating kubeconfig
KFG_FILE_PATH = /var/lib/kube-controller-manager/kubeconfig
KFG_TLS_CA_CRT = /etc/ssl/ca.crt
KFG_TLS_CRT = /etc/ssl/kube-controller-manager.crt
KFG_TLS_KEY = /etc/ssl/kube-controller-manager.key
KFG_CLUSTER = kubernetes.us-west-2.compute.internal
KFG_SERVER = https://127.0.0.1:443
KFG_CONTEXT = default
KFG_USER = system:kube-controller-manager
KFG_UID = root
KFG_GID = root
KFG_PERM = 0400
Cluster "kubernetes.us-west-2.compute.internal" set.
User "system:kube-controller-manager" set.
Context "default" created.
Switched to context "default".
generating shared kube-proxy kubeconfig
generating kubeconfig
KFG_FILE_PATH = /var/lib/kube-proxy/kubeconfig
KFG_TLS_CA_CRT = /etc/ssl/ca.crt
KFG_TLS_CRT = /etc/ssl/kube-proxy.crt
KFG_TLS_KEY = /etc/ssl/kube-proxy.key
KFG_CLUSTER = kubernetes.us-west-2.compute.internal
KFG_SERVER = https://kubernetes.us-west-2.compute.internal:443
KFG_CONTEXT = default
KFG_USER = system:kube-proxy
KFG_UID = root
KFG_GID = root
KFG_PERM = 0400
Cluster "kubernetes.us-west-2.compute.internal" set.
User "system:kube-proxy" set.
Context "default" created.
Switched to context "default".
generating shared encryption-config
putting contents of '/etc/ssl/kube-apiserver.crt' to etcd key '/yakity/shared/tls/kube-apiserver.crt'
OK
putting contents of '/etc/ssl/kube-apiserver.key' to etcd key '/yakity/shared/tls/kube-apiserver.key'
OK
putting contents of '/etc/ssl/k8s-service-accounts.crt' to etcd key '/yakity/shared/tls/service-accounts.crt'
OK
putting contents of '/etc/ssl/k8s-service-accounts.key' to etcd key '/yakity/shared/tls/service-accounts.key'
OK
putting contents of '/etc/ssl/kube-proxy.crt' to etcd key '/yakity/shared/tls/kube-proxy.crt'
OK
putting contents of '/etc/ssl/kube-proxy.key' to etcd key '/yakity/shared/tls/kube-proxy.key'
OK
putting contents of '/var/lib/kubernetes/kubeconfig' to etcd key '/yakity/shared/kfg/k8s-admin'
OK
putting contents of '/var/lib/kube-controller-manager/kubeconfig' to etcd key '/yakity/shared/kfg/kube-controller-manager'
OK
putting contents of '/var/lib/kube-scheduler/kubeconfig' to etcd key '/yakity/shared/kfg/kube-scheduler'
OK
putting contents of '/var/lib/kube-proxy/kubeconfig' to etcd key '/yakity/shared/kfg/kube-proxy'
OK
putting contents of '/var/lib/kubernetes/encryption-config.yaml' to etcd key '/yakity/shared/encryption.key'
OK
released lock sh.lock
released lock used to safeley execute generate_or_fetch_shared_kubernetes_assets
installing kubernetes control plane
creating directories for kubernetes control plane
obtaining distributed lock to safely execute install_kube_apiserver_and_wait_until_its_online
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=19126
obtained distributed lock: sh.lock/aa965c4cec1da55
installing kube-apiserver
enabling kube-apiserver.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-apiserver.service to /etc/systemd/system/kube-apiserver.service.
starting kube-apiserver.service
try to connect to cluster with kubectl..✓
ensure that the kube-system namespaces exists...✓
ensure that ClusterRoles are available..✓
ensure that ClusterRoleBindings are available.✓
released lock sh.lock
released lock used to safeley execute install_kube_apiserver_and_wait_until_its_online
obtaining distributed lock to safely execute configure_k8s_rbac
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=19222
obtained distributed lock: sh.lock/aa965c4cec1dbd9
configuring kubernetes RBAC
putting 'ip-172-31-41-193.us-west-2.compute.internal' into etcd key '/yakity/init-rbac'
OK
configure kubernetes RBAC - creating ClusterRole
clusterrole.rbac.authorization.k8s.io/system:kube-apiserver-to-kubelet created
configure kubernetes RBAC - binding ClusterRole
clusterrolebinding.rbac.authorization.k8s.io/system:kube-apiserver created
kubernetes RBAC has been configured
released lock sh.lock
released lock used to safeley execute configure_k8s_rbac
installing kube-controller-manager
enabling kube-controller-manager.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-controller-manager.service to /etc/systemd/system/kube-controller-manager.service.
starting kube-controller-manager.service
installing kube-scheduler
enabling kube-scheduler.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-scheduler.service to /etc/systemd/system/kube-scheduler.service.
starting kube-scheduler.service
obtaining distributed lock to safely execute configure_k8s_dns
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=19312
obtained distributed lock: sh.lock/aa965c4cec1dc14
configuring kubernetes service DNS
putting 'ip-172-31-41-193.us-west-2.compute.internal' into etcd key '/yakity/init-service-dns'
OK
service dns ipv4 inaddr arpa=0.0.32.10.in-addr.arpa
writing service DNS podspec=/var/lib/kubernetes/coredns-podspec.yaml
serviceaccount/coredns created
clusterrole.rbac.authorization.k8s.io/system:coredns created
clusterrolebinding.rbac.authorization.k8s.io/system:coredns created
configmap/coredns created
deployment.extensions/coredns created
service/kube-dns created
configured kubernetes service DNS to use CoreDNS
released lock sh.lock
released lock used to safeley execute configure_k8s_dns
installing the kubernetes e2e conformance test service
creating the e2e directories
enabling kube-conformance.service
creating nginx user
creating directories for nginx
writing nginx config file=/etc/nginx/nginx.conf
writing nginx service=/etc/systemd/system/nginx.service
enabling nginx.service
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /etc/systemd/system/nginx.service.
starting nginx.service
So long, and thanks for all the fish.
Raw
yakity.sh-worker.log
$ curl -sSL https://raw.githubusercontent.com/akutz/yakity/master/yakity.sh | \
> NODE_TYPE=worker \
> ETCD_DISCOVERY="${ETCD_DISCOVERY}" \
> NUM_CONTROLLERS=1 \
> NUM_NODES=2 sh -
pre-processed input
NODE_TYPE = worker
ETCD_DISCOVERY = https://discovery.etcd.io/45c2466cb31dd1b2ecff21f4d2ac0e3c
NUM_CONTROLLERS = 1
NUM_NODES = 2
deploying multi-node cluster
post-processed input
NODE_TYPE = worker
ETCD_DISCOVERY = https://discovery.etcd.io/45c2466cb31dd1b2ecff21f4d2ac0e3c
NUM_CONTROLLERS = 1
NUM_NODES = 2
downloading https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 599 0 599 0 0 1474 0 --:--:-- --:--:-- --:--:-- 1471
100 2956k 100 2956k 0 0 2084k 0 0:00:01 0:00:01 --:--:-- 9743k
downloading https://github.com/etcd-io/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 620 0 620 0 0 988 0 --:--:-- --:--:-- --:--:-- 988
1 10.7M 1 202k 0 0 115k 0 0:01:34 0:00:01 0:01:33 200ketcd-v3.3.9-linux-amd64/etcdctl
25 10.7M 25 2786k 0 0 747k 0 0:00:14 0:00:03 0:00:11 931ketcd-v3.3.9-linux-amd64/etcd
100 10.7M 100 10.7M 0 0 1922k 0 0:00:05 0:00:05 --:--:-- 2208k
initialized kubernetes artifact prefix=https://storage.googleapis.com/kubernetes-release/release/v1.11.3
downloading https://storage.googleapis.com/kubernetes-release/release/v1.11.3/kubernetes-node-linux-amd64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0kubernetes/node/bin/kubectl
kubernetes/node/bin/kubelet
46 94.9M 46 44.4M 0 0 25.3M 0 0:00:03 0:00:01 0:00:02 25.3Mkubernetes/node/bin/kube-proxy
kubernetes/node/bin/kubeadm
100 94.9M 100 94.9M 0 0 32.1M 0 0:00:02 0:00:02 --:--:-- 32.1M
downloading https://github.com/containerd/containerd/releases/download/v1.2.0-beta.2/containerd-1.2.0-beta.2.linux-amd64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 632 0 632 0 0 1180 0 --:--:-- --:--:-- --:--:-- 1181
0 27.3M 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0bin/containerd
35 27.3M 35 9.8M 0 0 852k 0 0:00:32 0:00:11 0:00:21 1329kbin/ctr
47 27.3M 47 12.8M 0 0 1031k 0 0:00:27 0:00:12 0:00:15 1817kbin/containerd-shim-runc-v1
62 27.3M 62 17.1M 0 0 1274k 0 0:00:21 0:00:13 0:00:08 2508kbin/containerd-shim
bin/containerd-release
bin/containerd-stress
100 27.3M 100 27.3M 0 0 1817k 0 0:00:15 0:00:15 --:--:-- 4415k
downloading https://github.com/kubernetes-incubator/cri-tools/releases/download/v1.11.1/crictl-v1.11.1-linux-amd64.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 170 0 170 0 0 344 0 --:--:-- --:--:-- --:--:-- 344
0 0 0 623 0 0 672 0 --:--:-- --:--:-- --:--:-- 672
0 7197k 0 16360 0 0 11459 0 0:10:43 0:00:01 0:10:42 11459crictl
100 7197k 100 7197k 0 0 1419k 0 0:00:05 0:00:05 --:--:-- 1971k
downloading https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 600 0 600 0 0 1665 0 --:--:-- --:--:-- --:--:-- 1662
100 11.7M 100 11.7M 0 0 2280k 0 0:00:05 0:00:05 --:--:-- 3052k
downloading https://storage.googleapis.com/gvisor/releases/nightly/2018-09-01/runsc
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 16.5M 100 16.5M 0 0 14.9M 0 0:00:01 0:00:01 --:--:-- 14.9M
downloading https://github.com/containernetworking/plugins/releases/download/v0.7.1/cni-plugins-amd64-v0.7.1.tgz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 618 0 618 0 0 1310 0 --:--:-- --:--:-- --:--:-- 1312
0 16.3M 0 33320 0 0 33351 0 0:08:32 --:--:-- 0:08:32 33351./
./flannel
2 16.3M 2 491k 0 0 249k 0 0:01:06 0:00:01 0:01:05 473k./ptp
9 16.3M 9 1562k 0 0 531k 0 0:00:31 0:00:02 0:00:29 787k./host-local
./portmap
20 16.3M 20 3500k 0 0 886k 0 0:00:18 0:00:03 0:00:15 1175k./tuning
./vlan
./host-device
44 16.3M 44 7427k 0 0 1498k 0 0:00:11 0:00:04 0:00:07 1868k./sample
./dhcp
./ipvlan
./macvlan
./loopback
./bridge
100 16.3M 100 16.3M 0 0 2517k 0 0:00:06 0:00:06 --:--:-- 3473k
update perms & owner for files in /opt/bin
installing iptables
WARN: iptables allow all
using existing CA crt at /etc/ssl/ca.crt
using existing CA key at /etc/ssl/ca.key
waiting for etcd members to join cluster: poll attempt 1
discovered 1
discovery complete
discovered etcd cluster members: 172.31.41.193
generating cert for etcdctl
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/etcdctl.key
TLS_KEY_UID = 0
TLS_KEY_GID = k8s-admin
TLS_KEY_PERM = 0440
TLS_CRT_OUT = /etc/ssl/etcdctl.crt
TLS_CRT_UID = 0
TLS_CRT_GID = k8s-admin
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = VMware
TLS_OU_NAME = CNX
TLS_COMMON_NAME = [email protected]
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = false
TLS_SAN_DNS = localhost ip-172-31-34-79 ip-172-31-34-79.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.34.79
Generating RSA private key, 2048 bit long modulus
..................................................................................................................................................................+++
............................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=VMware/OU=CNX/[email protected]/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d6:a1:fd:f8:db:0c:ca:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:47:46 2018 GMT
Not After : Oct 10 18:47:46 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, [email protected]/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:af:d9:28:90:7d:9c:c9:8d:75:5a:e4:18:50:63:
96:c3:0b:74:55:52:c2:12:8f:a4:0a:b5:93:4d:6b:
96:7d:da:1e:85:7b:5d:73:a9:5b:4d:67:2e:f5:e9:
c8:df:92:85:9b:e4:05:47:39:0b:69:21:dc:c6:e5:
42:fe:e4:95:19:99:a7:df:e0:a3:d1:c9:b6:e0:94:
61:ef:22:c2:d2:00:8d:71:51:96:7e:61:67:47:18:
a6:54:7b:31:17:0c:52:ea:0c:5c:35:db:c1:56:92:
50:72:9b:1f:9c:eb:ce:f0:0f:a1:8d:31:d3:af:80:
52:56:d0:40:e1:a5:2e:d9:e4:69:4a:f5:89:c6:f3:
e0:63:20:46:fc:e9:24:e9:cf:d8:d3:e7:01:9b:d8:
15:98:f7:03:9b:db:b7:fc:1a:c0:2c:2b:ce:87:f4:
58:28:4d:f1:aa:bb:80:90:6f:ed:1c:1f:e0:ec:61:
3d:d4:9d:d5:8c:e2:9a:2a:c4:f2:f2:52:5d:57:8e:
35:b1:2f:54:2e:7e:ed:0a:ba:f8:0e:3e:6d:ab:72:
db:f7:9b:8d:00:66:ce:dd:52:7e:14:46:ea:d1:36:
4d:3e:db:0d:2a:b0:a2:08:04:2a:0b:8d:7e:f2:9e:
51:df:14:50:7d:f5:37:43:88:34:05:e7:9c:09:d6:
8e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
EE:96:87:F2:89:D0:1C:94:65:3D:FC:3F:7B:AA:36:44:9D:04:7E:EA
Signature Algorithm: sha256WithRSAEncryption
52:b7:ba:c4:37:3c:36:18:67:89:3f:b6:72:f5:0f:96:f3:15:
b3:28:aa:7e:e3:8e:fe:ad:20:ca:fa:90:70:c4:8b:16:ec:25:
2d:4f:3a:a3:2d:8c:52:99:05:b5:17:21:65:c2:8e:45:8b:7e:
41:59:59:20:d6:a6:a2:55:69:c9:10:72:2d:03:60:33:09:41:
a4:96:92:9f:6b:10:08:ee:7f:e3:a8:6a:de:20:24:0f:d3:19:
74:d2:78:2e:9c:b4:fd:da:fe:e5:2a:fc:03:67:35:dc:56:19:
b1:bf:7e:00:85:96:71:7d:dc:4a:03:7d:e9:1c:0e:1c:10:40:
c4:79:9a:68:bf:20:1c:34:7a:23:88:cd:aa:08:f8:ac:08:3c:
0f:e4:39:29:fe:a1:5a:2d:bd:09:d1:8b:cb:b4:5d:58:62:fb:
5f:51:5e:7d:db:34:3e:03:2c:f8:2a:5e:d3:74:86:c5:60:01:
4c:6d:d7:1d:13:2c:87:29:a9:82:86:c5:34:aa:a7:e8:db:5d:
8d:46:2d:78:da:3e:40:f5:6b:cf:99:cf:ff:70:b7:33:47:aa:
da:0e:f5:f2:77:0c:43:3a:97:9a:ac:13:17:5b:06:6d:57:a3:
2e:7e:f7:02:9a:ce:eb:86:af:55:c5:ae:ed:de:47:66:6e:e8:
b3:c1:d6:2e
writing etcdctl defaults file=/etc/default/etcdctl
writing etcdctl profile.d file=/etc/profile.d/etcdctl.sh
obtaining distributed lock to safely execute put_node_info
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=17558
obtained distributed lock: sh.lock/aa965c4cec1da1f
node info key=/yakity/nodes/1
OK
put node info at /yakity/nodes/1
released lock sh.lock
released lock used to safeley execute put_node_info
waiting for all node info: poll attempt 0
/yakity/nodes/0
{
"host_fqdn": "ip-172-31-41-193.us-west-2.compute.internal",
"host_name": "ip-172-31-41-193",
"ipv4_address": "172.31.41.193",
"node_type": "controller",
"node_index": 0,
"pod_cidr": "10.200.0.0/24"
}
/yakity/nodes/1
{
"host_fqdn": "ip-172-31-34-79.us-west-2.compute.internal",
"host_name": "ip-172-31-34-79",
"ipv4_address": "172.31.34.79",
"node_type": "worker",
"node_index": 1,
"pod_cidr": "10.200.1.0/24"
}
creating round-robin DNS A-record for public cluster FQDN
OK
created cluster FQDN DNS A-record
/skydns/internal/compute/us-west-2/kubernetes/0
{"host":"172.31.41.193"}
creating DNS A-record for this host
putting '{"host":"172.31.34.79"}' into etcd key '/skydns/internal/compute/us-west-2/ip-172-31-34-79'
OK
/skydns/internal/compute/us-west-2/ip-172-31-34-79
{"host":"172.31.34.79"}
creating DNS reverse lookup record for this host
putting '{"host":"ip-172-31-34-79.us-west-2.compute.internal"}' into etcd key '/skydns/arpa/in-addr/172/31/34/79'
OK
/skydns/arpa/in-addr/172/31/34/79
{"host":"ip-172-31-34-79.us-west-2.compute.internal"}
waiting on reverse lookup w node ipv4 addresses=172.31.41.193
172.31.34.79
waiting for reverse lookup: attempt 1
193.41.31.172.in-addr.arpa domain name pointer ip-172-31-41-193.us-west-2.compute.internal.
79.34.31.172.in-addr.arpa domain name pointer ip-172-31-34-79.us-west-2.compute.internal.
all nodes resolved via reverse lookup
installing bridge kernel module
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s-bridge.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
* Applying /etc/sysctl.conf ...
enabling ip forwarding
* Applying /usr/lib/sysctl.d/00-system.conf ...
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/k8s-bridge.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
* Applying /etc/sysctl.d/k8s-ip-forward.conf ...
net.ipv4.ip_forward = 1
* Applying /etc/sysctl.conf ...
creating routes to pod nets on other nodes
ip route add 10.200.0.0/24 via 172.31.41.193
created routes for pod network
writing /etc/cni/net.d/10-bridge.conf
writing /etc/cni/net.d/99-loopback.conf
creating directories for containerd
writing /etc/containerd/config.toml
writing /etc/systemd/system/containerd.service
enabling containerd service
Created symlink from /etc/systemd/system/multi-user.target.wants/containerd.service to /etc/systemd/system/containerd.service.
starting containerd service
installing kubernetes
installing the cloud provider
generating or fetching shared kubernetes assets
obtaining distributed lock to safely execute generate_or_fetch_shared_kubernetes_assets
create lock file=sh.lock
obtaining distributed lock=sh.lock
distributed lock process pid=17749
obtained distributed lock: sh.lock/aa965c4cec1da7d
shared assets already generated on ip-172-31-41-193.us-west-2.compute.internal
fetching shared kube-proxy cert/key pair
fetching shared kube-proxy kubeconfig
fetched all shared assets
released lock sh.lock
released lock used to safeley execute generate_or_fetch_shared_kubernetes_assets
installing kubernetes worker components
creating directories for kubernetes worker
generating kubelet x509 cert/key pair
generating x509 cert/key pair
TLS_CA_CRT = /etc/ssl/ca.crt
TLS_CA_KEY = /etc/ssl/ca.key
TLS_KEY_OUT = /etc/ssl/kubelet.key
TLS_KEY_UID = 0
TLS_KEY_GID = 0
TLS_KEY_PERM = 0400
TLS_CRT_OUT = /etc/ssl/kubelet.crt
TLS_CRT_UID = 0
TLS_CRT_GID = 0
TLS_CRT_PERM = 0644
TLS_DEFAULT_BITS = 2048
TLS_DEFAULT_DAYS = 36500
TLS_COUNTRY_NAME = US
TLS_STATE_OR_PROVINCE_NAME = California
TLS_LOCALITY_NAME = Palo Alto
TLS_ORG_NAME = system:nodes
TLS_OU_NAME = CNX
TLS_COMMON_NAME = system:node:ip-172-31-34-79.us-west-2.compute.internal
TLS_EMAIL = [email protected]
TLS_IS_CA = FALSE
TLS_KEY_USAGE = digitalSignature, keyEncipherment
TLS_EXT_KEY_USAGE = clientAuth, serverAuth
TLS_SAN = true
TLS_SAN_DNS = localhost ip-172-31-34-79 ip-172-31-34-79.us-west-2.compute.internal
TLS_SAN_IP = 127.0.0.1 172.31.34.79
Generating RSA private key, 2048 bit long modulus
.................................................................................+++
......................................................+++
e is 65537 (0x10001)
Signature ok
subject=/C=US/ST=California/L=Palo Alto/O=system:nodes/OU=CNX/CN=system:node:ip-172-31-34-79.us-west-2.compute.internal/[email protected]
Getting CA Private Key
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d6:a1:fd:f8:db:0c:ca:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=California, L=Palo Alto, O=VMware, OU=CNX, CN=CNX CICD CA/[email protected]
Validity
Not Before: Sep 10 18:48:09 2018 GMT
Not After : Oct 10 18:48:09 2018 GMT
Subject: C=US, ST=California, L=Palo Alto, O=system:nodes, OU=CNX, CN=system:node:ip-172-31-34-79.us-west-2.compute.internal/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:e3:27:c2:57:58:aa:67:1c:33:ba:18:4c:09:3e:
1b:c2:19:13:63:02:f8:49:2a:74:99:95:bb:93:a0:
dd:74:24:a6:6a:5a:67:9a:f1:a5:21:57:6a:67:77:
55:8e:5f:22:52:d3:72:24:88:fd:4d:f3:9c:ca:52:
7c:a0:aa:55:79:42:f5:79:2f:b1:7c:99:4d:d6:b7:
e6:5e:d9:e4:2c:99:3d:00:77:07:cf:fa:81:5a:50:
04:82:65:3c:20:7a:8e:2c:4a:d9:70:62:0c:2f:60:
6a:6f:a4:38:fa:5f:7f:e7:da:56:9f:e7:9b:3f:3c:
ea:69:21:cb:5d:78:c6:17:c2:6e:75:2c:00:8a:76:
7f:3f:e3:f2:ac:6d:c9:d0:fa:ae:86:f4:e0:56:62:
19:6c:0d:29:83:1f:49:d9:09:b0:20:83:85:06:fd:
2f:b7:7f:96:3a:68:f0:ba:fa:57:3b:5d:bb:02:cc:
72:d4:61:16:38:ab:02:eb:d0:c7:dc:f9:c5:47:5e:
a0:7e:4a:46:c5:06:1e:54:2b:86:fb:2a:d8:44:16:
0c:73:6f:4f:ec:ce:df:91:71:2a:53:2c:c3:e6:43:
14:76:05:d4:98:b9:0f:16:ed:80:d7:3c:72:29:4b:
46:b8:4c:87:9c:5f:07:6f:3f:93:6a:38:15:34:28:
22:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Client Authentication, TLS Web Server Authentication
X509v3 Subject Key Identifier:
58:E7:F6:4B:1D:86:04:4C:78:00:B4:F9:97:E7:88:D0:69:E7:A3:BC
X509v3 Subject Alternative Name:
DNS:localhost, DNS:ip-172-31-34-79, DNS:ip-172-31-34-79.us-west-2.compute.internal, IP Address:127.0.0.1, IP Address:172.31.34.79
Signature Algorithm: sha256WithRSAEncryption
12:1a:3b:67:d6:ec:a0:3d:83:94:6a:ee:d5:62:42:b5:f1:c8:
bb:bb:08:3a:48:dc:96:d0:93:b0:e9:e0:eb:6d:65:fa:15:a9:
c3:b9:fe:e8:17:6a:b0:98:14:ae:f0:60:43:f5:b5:01:e4:32:
fd:15:39:93:bb:e3:7d:30:13:ea:00:19:02:4e:67:29:5a:d8:
5f:b4:ce:ea:3b:81:f2:16:94:8b:5f:6e:cd:c7:70:ad:77:6b:
dc:95:f0:77:53:a1:9a:a5:4c:e9:43:d9:a7:72:d1:d5:0c:d5:
70:71:1a:37:3e:60:38:bc:e4:45:05:d8:82:1a:16:60:05:b5:
ed:a1:00:6a:9e:4e:57:8f:fd:11:e1:3f:23:ab:e1:09:e3:a9:
58:0f:48:ae:e6:fd:a6:6d:a4:8c:cb:8e:88:61:a3:b4:9b:af:
f9:4d:2a:b2:8e:84:85:32:6f:a6:1e:6d:d0:41:4c:5e:63:b2:
79:97:7f:15:0b:9c:02:9b:8d:88:f2:ce:da:1b:57:45:22:a0:
22:b5:ef:ee:6d:a1:55:48:e5:2c:77:64:ae:08:23:a8:33:50:
71:d9:65:35:3e:df:46:ee:fe:34:ab:65:bb:2f:41:28:9f:7e:
a8:68:85:59:6a:27:83:7a:e0:fe:51:b3:72:f1:6a:5b:8a:b8:
a7:63:e9:c8
generating kubelet kubeconfig
generating kubeconfig
KFG_FILE_PATH = /var/lib/kubelet/kubeconfig
KFG_TLS_CA_CRT = /etc/ssl/ca.crt
KFG_TLS_CRT = /etc/ssl/kubelet.crt
KFG_TLS_KEY = /etc/ssl/kubelet.key
KFG_CLUSTER = kubernetes.us-west-2.compute.internal
KFG_SERVER = https://kubernetes.us-west-2.compute.internal:443
KFG_CONTEXT = default
KFG_USER = system:node:ip-172-31-34-79.us-west-2.compute.internal
KFG_UID = root
KFG_GID = root
KFG_PERM = 0400
Cluster "kubernetes.us-west-2.compute.internal" set.
User "system:node:ip-172-31-34-79.us-west-2.compute.internal" set.
Context "default" created.
Switched to context "default".
waiting until the kubernetes control plane is online
control plane health check attempt: 1
curl: (7) Failed connect to kubernetes.us-west-2.compute.internal:80; Connection refused
control plane health check attempt: 2
kubernetes cluster is healthy
installing kubelet
enabling kubelet.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /etc/systemd/system/kubelet.service.
starting kubelet.service
installing kube-proxy
enabling kube-proxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kube-proxy.service to /etc/systemd/system/kube-proxy.service.
starting kube-proxy.service
So long, and thanks for all the fish.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment