Skip to content

Instantly share code, notes, and snippets.

@binarybana

binarybana/cf-k8s.json

Last active October 13, 2015 21:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save binarybana/7c3b735563e7fc53c246 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save binarybana/7c3b735563e7fc53c246 to your computer and use it in GitHub Desktop.
Download ZIP
Cloudformation script to spin up K8S without many permissions
Raw
cf-k8s.json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Kubernetes 1.0.4 on EC2 powered by CoreOS 766.3.0 (stable)",
"Mappings": {
"RegionMap": {
"eu-central-1" : {
"AMI" : "ami-bececaa3"
},
"ap-northeast-1" : {
"AMI" : "ami-f2338ff2"
},
"us-gov-west-1" : {
"AMI" : "ami-c75033e4"
},
"sa-east-1" : {
"AMI" : "ami-11e9600c"
},
"ap-southeast-2" : {
"AMI" : "ami-8f88c8b5"
},
"ap-southeast-1" : {
"AMI" : "ami-b6d8d4e4"
},
"us-east-1" : {
"AMI" : "ami-3d73d356"
},
"us-west-2" : {
"AMI" : "ami-99bfada9"
},
"us-west-1" : {
"AMI" : "ami-1db04f59"
},
"eu-west-1" : {
"AMI" : "ami-0e104179"
}
}
},
"Parameters": {
"DataVolumeSize": {
"Description": "Size in Gibibytes (GiB) for the data directory of the worker machines.",
"Type": "Number",
"Default": "50",
"MinValue": "1",
"MaxValue": "16000"
},
"WorkerSpotPrice": {
"Description": "Spot price for worker nodes",
"Type": "Number",
"MinValue": "0.0",
"MaxValue": "3.0"
},
"MasterInstanceType": {
"Description": "EC2 HVM instance type (m3.medium, etc).",
"Type": "String",
"Default": "m3.medium",
"AllowedValues": [
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge",
"c3.large",
"c3.xlarge",
"c3.2xlarge",
"c3.4xlarge",
"c3.8xlarge",
"cc2.8xlarge",
"cr1.8xlarge",
"hi1.4xlarge",
"hs1.8xlarge",
"i2.xlarge",
"i2.2xlarge",
"i2.4xlarge",
"i2.8xlarge",
"r3.large",
"r3.xlarge",
"r3.2xlarge",
"r3.4xlarge",
"r3.8xlarge",
"t2.micro",
"t2.small",
"t2.medium"
],
"ConstraintDescription": "Must be a valid EC2 HVM instance type."
},
"WorkerInstanceType": {
"Description": "EC2 HVM instance type (m3.medium, etc).",
"Type": "String",
"Default": "m3.medium",
"AllowedValues": [
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge",
"c3.large",
"c3.xlarge",
"c3.2xlarge",
"c3.4xlarge",
"c3.8xlarge",
"cc2.8xlarge",
"cr1.8xlarge",
"hi1.4xlarge",
"hs1.8xlarge",
"i2.xlarge",
"i2.2xlarge",
"i2.4xlarge",
"i2.8xlarge",
"r3.large",
"r3.xlarge",
"r3.2xlarge",
"r3.4xlarge",
"r3.8xlarge",
"t2.micro",
"t2.small",
"t2.medium"
],
"ConstraintDescription": "Must be a valid EC2 HVM instance type."
},
"ClusterSize": {
"Description": "Number of nodes in cluster (2-12).",
"Default": "2",
"MinValue": "2",
"MaxValue": "12",
"Type": "Number"
},
"AllowSSHFrom": {
"Description": "The net block (CIDR) that SSH is available to.",
"Default": "0.0.0.0/0",
"Type": "String"
},
"KeyPair": {
"Description": "The name of an EC2 Key Pair to allow SSH access to the instance.",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"VpcId": {
"Description": "The ID of the VPC to launch into.",
"Type": "AWS::EC2::VPC::Id"
},
"SubnetId": {
"Description": "The ID of the subnet to launch into (that must be within the supplied VPC)",
"Type": "AWS::EC2::Subnet::Id"
},
"KubernetesSecurityGroup": {
"Description": "The ID of the security group to launch into (that must be within the supplied VPC)",
"Type": "AWS::EC2::SecurityGroup::Id",
"Default": "sg-aoeuaoeu"
},
"SubnetAZ": {
"Description": "The availability zone of the subnet supplied (for example eu-west-1a)",
"Type": "String"
}
},
"Resources": {
"KubernetesMasterInstance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"IamInstanceProfile" : "kubernetes-ec2",
"NetworkInterfaces" : [{
"GroupSet": [{"Ref": "KubernetesSecurityGroup"}],
"AssociatePublicIpAddress" : "true",
"DeviceIndex" : "0",
"DeleteOnTermination" : "true",
"SubnetId" : {"Ref": "SubnetId"}
}],
"ImageId": {"Fn::FindInMap" : ["RegionMap", {"Ref": "AWS::Region" }, "AMI"]},
"InstanceType": {"Ref": "MasterInstanceType"},
"KeyName": {"Ref": "KeyPair"},
"Tags" : [
{"Key" : "Name", "Value" : {"Fn::Join" : [ "-", [ {"Ref" : "AWS::StackName"}, "k8s-master" ] ]}},
{"Key" : "KubernetesRole", "Value" : "node"},
{"Key" : "KubernetesCluster", "Value" : {"Ref" : "AWS::StackName"}}
],
"UserData": { "Fn::Base64": {"Fn::Join" : ["", [
"#cloud-config\n\n",
"write_files:\n",
"- path: /opt/bin/waiter.sh\n",
" owner: root\n",
" content: |\n",
" #! /usr/bin/bash\n",
" until curl http://127.0.0.1:2379/v2/machines; do sleep 2; done\n",
"coreos:\n",
" etcd2:\n",
" name: master\n",
" initial-cluster-token: k8s_etcd\n",
" initial-cluster: master=http://$private_ipv4:2380\n",
" listen-peer-urls: http://$private_ipv4:2380,http://localhost:2380\n",
" initial-advertise-peer-urls: http://$private_ipv4:2380\n",
" listen-client-urls: http://$private_ipv4:2379,http://localhost:2379\n",
" advertise-client-urls: http://$private_ipv4:2379\n",
" fleet:\n",
" etcd_servers: http://localhost:2379\n",
" metadata: k8srole=master\n",
" flannel:\n",
" etcd_endpoints: http://localhost:2379\n",
" locksmithd:\n",
" endpoint: http://localhost:2379\n",
" units:\n",
" - name: etcd2.service\n",
" command: start\n",
" - name: fleet.service\n",
" command: start\n",
" - name: etcd2-waiter.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=etcd waiter\n",
" Wants=network-online.target\n",
" Wants=etcd2.service\n",
" After=etcd2.service\n",
" After=network-online.target\n",
" Before=flanneld.service fleet.service locksmithd.service\n\n",
" [Service]\n",
" ExecStart=/usr/bin/bash /opt/bin/waiter.sh\n",
" RemainAfterExit=true\n",
" Type=oneshot\n",
" - name: docker.service\n",
" command: start\n",
" drop-ins:\n",
" - name: 80-hli-docker.conf\n",
" content: |\n",
" [Service]\n",
" Environment=DOCKER_OPTS='--insecure-registry=172.30.16.108:5000'\n",
" - name: flanneld.service\n",
" command: start\n",
" enable: true\n",
" drop-ins:\n",
" - name: 50-network-config.conf\n",
" content: |\n",
" [Service]\n",
" ExecStartPre=-/usr/bin/etcdctl mk /coreos.com/network/config '{\"Network\": \"10.244.0.0/16\", \"Backend\": {\"Type\": \"vxlan\"}}'\n",
" - name: docker-cache.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Docker cache proxy\n",
" Requires=early-docker.service\n",
" After=early-docker.service\n",
" Before=early-docker.target\n\n",
" [Service]\n",
" Restart=always\n",
" TimeoutStartSec=0\n",
" RestartSec=5\n",
" Environment=TMPDIR=/var/tmp/\n",
" Environment=DOCKER_HOST=unix:///var/run/early-docker.sock\n",
" ExecStartPre=-/usr/bin/docker kill docker-registry\n",
" ExecStartPre=-/usr/bin/docker rm docker-registry\n",
" ExecStartPre=/usr/bin/docker pull quay.io/devops/docker-registry:latest\n",
" # GUNICORN_OPTS is an workaround for\n",
" # https://github.com/docker/docker-registry/issues/892\n",
" ExecStart=/usr/bin/docker run --rm --net host --name docker-registry \\\n",
" -e STANDALONE=false \\\n",
" -e GUNICORN_OPTS=[--preload] \\\n",
" -e MIRROR_SOURCE=https://registry-1.docker.io \\\n",
" -e MIRROR_SOURCE_INDEX=https://index.docker.io \\\n",
" -e MIRROR_TAGS_CACHE_TTL=1800 \\\n",
" quay.io/devops/docker-registry:latest\n",
" - name: get-kubectl.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Get kubectl client tool\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=network-online.target\n",
" After=network-online.target\n\n",
" [Service]\n",
" ExecStart=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kubectl\n",
" ExecStart=/usr/bin/chmod +x /opt/bin/kubectl\n",
" Type=oneshot\n",
" RemainAfterExit=true\n",
" - name: kube-apiserver.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes API Server\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=generate-k8s-certs.service etcd2-waiter.service\n",
" After=generate-k8s-certs.service etcd2-waiter.service\n\n",
" [Service]\n",
" ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kube-apiserver\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-apiserver\n",
" ExecStart=/opt/bin/kube-apiserver \\\n",
" --insecure-bind-address=0.0.0.0 \\\n",
" --client-ca-file=/srv/kubernetes/ca.crt \\\n",
" --tls-cert-file=/srv/kubernetes/server.cert \\\n",
" --tls-private-key-file=/srv/kubernetes/server.key \\\n",
" --service-account-key-file=/srv/kubernetes/server.key \\\n",
" --service-cluster-ip-range=10.100.0.0/16 \\\n",
" --admission_control=NamespaceLifecycle,NamespaceAutoProvision,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota \\\n",
" --etcd-servers=http://localhost:2379 \\\n",
" --allow_privileged=true \\\n",
" --cloud-provider=aws\n",
" Restart=always\n",
" RestartSec=10\n",
" - name: kube-controller-manager.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes Controller Manager\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=generate-k8s-certs.service kube-apiserver.service\n",
" After=generate-k8s-certs.service kube-apiserver.service\n\n",
" [Service]\n",
" ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kube-controller-manager\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-controller-manager\n",
" ExecStart=/opt/bin/kube-controller-manager \\\n",
" --master=127.0.0.1:8080 \\\n",
" --root-ca-file=/srv/kubernetes/ca.crt \\\n",
" --service-account-private-key-file=/srv/kubernetes/server.key \\\n",
" --cloud-provider=aws\n",
" Restart=always\n",
" RestartSec=10\n",
" - name: generate-k8s-certs.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Generate Kubernetes API Server certificates\n",
" ConditionPathExists=!/srv/kubernetes/.certs.lock\n",
" Requires=network-online.target\n",
" After=network-online.target\n\n",
" [Service]\n",
" ExecStartPre=-/usr/sbin/groupadd -r kube-cert\n",
" ExecStartPre=/usr/bin/wget -q -N -P /opt/bin https://raw.githubusercontent.com/GoogleCloudPlatform/kubernetes/v0.21.1/cluster/saltbase/salt/generate-cert/make-ca-cert.sh\n",
" ExecStartPre=/usr/bin/chmod u=rwx,go= /opt/bin/make-ca-cert.sh\n",
" ExecStart=/opt/bin/make-ca-cert.sh _use_aws_external_ip_ IP:10.100.0.1,DNS:kubernetes,DNS:kubernetes.default,DNS:kubernetes.default.svc,DNS:kubernetes.default.svc.cluster.local\n",
" Type=oneshot\n",
" RemainAfterExit=true\n",
" - name: kube-scheduler.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes Scheduler\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=kube-apiserver.service\n",
" After=kube-apiserver.service\n\n",
" [Service]\n",
" ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kube-scheduler\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-scheduler\n",
" ExecStart=/opt/bin/kube-scheduler \\\n",
" --master=127.0.0.1:8080\n",
" Restart=always\n",
" RestartSec=10\n",
" - name: kube-register.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes Registration Service\n",
" Documentation=https://github.com/kelseyhightower/kube-register\n",
" Requires=kube-apiserver.service fleet.service\n",
" After=kube-apiserver.service fleet.service\n\n",
" [Service]\n",
" ExecStartPre=-/usr/bin/wget -nc -O /opt/bin/kube-register https://github.com/kelseyhightower/kube-register/releases/download/v0.0.4/kube-register-0.0.4-linux-amd64\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-register\n",
" ExecStart=/opt/bin/kube-register \\\n",
" --metadata=k8srole=node \\\n",
" --fleet-endpoint=unix:///var/run/fleet.sock \\\n",
" --api-endpoint=http://127.0.0.1:8080\n",
" Restart=always\n",
" RestartSec=10\n",
" - name: kube-proxy.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes Proxy\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=kube-apiserver.service network-online.target\n",
" After=kube-apiserver.service network-online.target\n\n",
" [Service]\n",
" ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kube-proxy\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-proxy\n",
" ExecStart=/opt/bin/kube-proxy \\\n",
" --master=http://localhost:8080\n",
" Restart=always\n",
" RestartSec=10\n",
" update:\n",
" group: stable\n",
" reboot-strategy: off\n"
]]}
}
}
},
"KubernetesNodeLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"IamInstanceProfile" : "kubernetes-ec2",
"ImageId": {"Fn::FindInMap" : ["RegionMap", {"Ref": "AWS::Region" }, "AMI" ]},
"InstanceType": {"Ref": "WorkerInstanceType"},
"KeyName": {"Ref": "KeyPair"},
"AssociatePublicIpAddress" : "true",
"SecurityGroups": [{"Ref": "KubernetesSecurityGroup"}],
"BlockDeviceMappings" : [ {
"DeviceName" : "/dev/xvda",
"Ebs" : {"VolumeSize" : "25"}
}, {
"DeviceName" : "/dev/xvdb",
"NoDevice": "true"
}, {
"DeviceName" : "/dev/xvdc",
"Ebs" : {"VolumeSize" : {"Ref": "DataVolumeSize"}, "VolumeType": "gp2"}
}
],
"SpotPrice": {"Ref": "WorkerSpotPrice"},
"UserData": { "Fn::Base64": {"Fn::Join" : ["", [
"#cloud-config\n\n",
"coreos:\n",
" etcd2:\n",
" listen-client-urls: http://localhost:2379\n",
" initial-cluster: master=http://", {"Fn::GetAtt" :["KubernetesMasterInstance" , "PrivateIp"]}, ":2380\n",
" proxy: on\n",
" fleet:\n",
" etcd_servers: http://localhost:2379\n",
" metadata: k8srole=node\n",
" flannel:\n",
" etcd_endpoints: http://localhost:2379\n",
" locksmithd:\n",
" endpoint: http://localhost:2379\n",
" units:\n",
" - name: mnt.mount\n",
" command: start\n",
" content: |\n",
" [Mount]\n",
" What=/dev/xvdc1\n",
" Where=/mnt\n",
" Type=ext4\n",
" - name: format_drives.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Does early startup tasks\n",
" Before=mnt.mount\n",
" [Service]\n",
" Type=oneshot\n",
" RemainAfterExit=yes\n",
" ExecStart=/usr/sbin/parted -s /dev/xvdc mklabel gpt \n",
" ExecStart=/usr/sbin/parted -s /dev/xvdc -- mkpart primary 4MiB -4MiB\n",
" ExecStart=/usr/sbin/mkfs.ext4 /dev/xvdc1\n",
" - name: etcd2.service\n",
" command: start\n",
" - name: fleet.service\n",
" command: start\n",
" - name: flanneld.service\n",
" command: start\n",
" - name: docker.service\n",
" command: start\n",
" drop-ins:\n",
" - name: 80-hli-docker.conf\n",
" content: |\n",
" [Service]\n",
" Environment=DOCKER_OPTS='--insecure-registry=172.30.16.108:5000'\n",
" - name: 50-docker-mirror.conf\n",
" content: |\n",
" [Service]\n",
" Environment=DOCKER_OPTS='--registry-mirror=http://", {"Fn::GetAtt" :["KubernetesMasterInstance" , "PrivateIp"]}, ":5000'\n",
" - name: hostname-override.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubelet Hostname Override\n",
" Requires=network-online.target\n",
" After=network-online.target\n\n",
" [Service]\n",
" Type=oneshot\n",
" RemainAfterExit=yes\n",
" EnvironmentFile=/etc/kube-env\n",
" ExecStart=/run/setup-hostname-override.sh\n",
" - name: kubelet.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes Kubelet\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=hostname-override.service\n",
" After=hostname-override.service\n\n",
" [Service]\n",
" EnvironmentFile=/etc/hostname-override\n",
" ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kubelet\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kubelet\n",
" ExecStart=/opt/bin/kubelet \\\n",
" --cluster-dns=10.100.0.10 \\\n",
" --cluster-domain=cluster.local \\\n",
" --register-node=true \\\n",
" --cloud-provider=aws \\\n",
" --allow-privileged=true \\\n",
" --config=/etc/kubernetes/manifests \\\n",
" --api-servers=", {"Fn::GetAtt" :["KubernetesMasterInstance" , "PrivateIp"]}, ":8080 \\\n",
" --hostname-override=${HOSTNAME_OVERRIDE}\n",
" Restart=always\n",
" RestartSec=10\n",
" - name: kube-proxy.service\n",
" command: start\n",
" content: |\n",
" [Unit]\n",
" Description=Kubernetes Proxy\n",
" Documentation=https://github.com/GoogleCloudPlatform/kubernetes\n",
" Requires=network-online.target\n",
" After=network-online.target\n\n",
" [Service]\n",
" ExecStartPre=/usr/bin/wget -N -P /opt/bin https://storage.googleapis.com/kubernetes-release/release/v1.0.4/bin/linux/amd64/kube-proxy\n",
" ExecStartPre=/usr/bin/chmod +x /opt/bin/kube-proxy\n",
" ExecStart=/opt/bin/kube-proxy \\\n",
" --master=http://", {"Fn::GetAtt" :["KubernetesMasterInstance" , "PrivateIp"]}, ":8080\n",
" Restart=always\n",
" RestartSec=10\n",
" update:\n",
" group: alpha\n",
" reboot-strategy: off\n",
"write_files:\n",
" - path: /run/setup-hostname-override.sh\n",
" permissions: \"0755\"\n",
" content: |\n",
" #!/bin/bash\n",
" set -x\n",
" source /etc/kube-env\n",
" if [[ -z \"${HOSTNAME_OVERRIDE}\" ]]; then\n",
" HOSTNAME_OVERRIDE=`curl --silent http://169.254.169.254/2007-01-19/meta-data/local-hostname`\n",
" fi\n",
" if [[ -z \"${HOSTNAME_OVERRIDE}\" ]]; then\n",
" HOSTNAME_OVERRIDE=`hostname -f`\n",
" fi\n",
" echo \"HOSTNAME_OVERRIDE=${HOSTNAME_OVERRIDE}\" > /etc/hostname-override\n",
" - path: /etc/kube-env\n",
" permissions: 0644\n",
" owner: root\n",
" content: |\n",
" - path: /etc/kubernetes/manifests/fluentd.yaml\n",
" permissions: 0644\n",
" owner: root\n",
" content: |\n",
" apiVersion: v1\n",
" kind: Pod\n",
" metadata:\n",
" name: fluentd\n",
" namespace: kube-system\n",
" spec:\n",
" containers:\n",
" - image: gcr.io/google_containers/fluentd-elasticsearch:1.11\n",
" imagePullPolicy: IfNotPresent\n",
" name: fluentd\n",
" volumeMounts:\n",
" - mountPath: /var/lib/docker/containers\n",
" name: dockermount\n",
" - mountPath: /var/log\n",
" name: logmount\n",
" volumes:\n",
" - name: logmount\n",
" hostPath:\n",
" path: /var/log\n",
" - name: dockermount\n",
" hostPath:\n",
" path: /var/lib/docker/containers\n",
" restartPolicy: Always\n"
]]}
}
}
},
"KubernetesAutoScalingGroup": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"AvailabilityZones": [{"Ref": "SubnetAZ"}],
"VPCZoneIdentifier": [{"Ref": "SubnetId"}],
"LaunchConfigurationName": {"Ref": "KubernetesNodeLaunchConfig"},
"MinSize": "2",
"MaxSize": "12",
"DesiredCapacity": {"Ref": "ClusterSize"},
"Tags" : [
{"Key" : "Name", "Value" : {"Fn::Join" : [ "-", [ {"Ref" : "AWS::StackName"}, "k8s-node" ] ]}, "PropagateAtLaunch" : true},
{"Key" : "KubernetesRole", "Value" : "node", "PropagateAtLaunch" : true},
{"Key" : "KubernetesCluster", "Value" : {"Ref" : "AWS::StackName"}, "PropagateAtLaunch" : true}
]
}
}
},
"Outputs": {
"KubernetesMasterPrivateIp": {
"Description": "Private IP of the newly created Kubernetes Master instance",
"Value": {"Fn::GetAtt": ["KubernetesMasterInstance" , "PrivateIp"]}
}
}
}
Raw
skydns-rc.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: kube-dns-v9
namespace: kube-system
labels:
k8s-app: kube-dns
version: v9
kubernetes.io/cluster-service: "true"
spec:
replicas: 1
selector:
k8s-app: kube-dns
version: v9
template:
metadata:
labels:
k8s-app: kube-dns
version: v9
kubernetes.io/cluster-service: "true"
spec:
containers:
- name: etcd
image: gcr.io/google_containers/etcd:2.0.9
resources:
limits:
cpu: 100m
memory: 50Mi
command:
- /usr/local/bin/etcd
- -data-dir
- /var/etcd/data
- -listen-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -advertise-client-urls
- http://127.0.0.1:2379,http://127.0.0.1:4001
- -initial-cluster-token
- skydns-etcd
volumeMounts:
- name: etcd-storage
mountPath: /var/etcd/data
- name: kube2sky
image: gcr.io/google_containers/kube2sky:1.11
resources:
limits:
cpu: 100m
memory: 50Mi
args:
- -domain=cluster.local
- name: skydns
image: gcr.io/google_containers/skydns:2015-03-11-001
resources:
limits:
cpu: 100m
memory: 50Mi
args:
# command = "/skydns"
- -machines=http://localhost:4001
- -addr=0.0.0.0:53
- -domain=cluster.local.
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /healthz
port: 8080
scheme: HTTP
initialDelaySeconds: 1
timeoutSeconds: 5
- name: healthz
image: gcr.io/google_containers/exechealthz:1.0
resources:
limits:
cpu: 10m
memory: 20Mi
args:
- -cmd=nslookup kubernetes.default.svc.cluster.local localhost >/dev/null
- -port=8080
ports:
- containerPort: 8080
protocol: TCP
volumes:
- name: etcd-storage
emptyDir: {}
dnsPolicy: Default # Don't use cluster DNS.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment