Skip to content

Instantly share code, notes, and snippets.

@eegilbert

eegilbert/cloud-service.yaml

Forked from voobscout/cloud-service.yaml
Created August 9, 2017 20:22
Show Gist options
  • Save eegilbert/5ad67273d4d6a1215a29b8075074fd14 to your computer and use it in GitHub Desktop.
Save eegilbert/5ad67273d4d6a1215a29b8075074fd14 to your computer and use it in GitHub Desktop.
Download ZIP
CoreOS Baremetal cluster cloud configs, worker and service nodes
Raw
cloud-service.yaml
#cloud-config
hostname: <%= shortname %>
ssh_authorized_keys:
- ssh-rsa xxxx rsa-key-20120604
coreos:
units:
- name: settimezone.service
command: start
content: |
[Unit]
Description=Set the timezone
[Service]
ExecStart=/usr/bin/timedatectl set-timezone UTC
RemainAfterExit=yes
Type=oneshot
- name: mnt-data.mount
command: start
content: |
[Unit]
Description=Data mount
Before=etcd2.service
[Mount]
What=/dev/xvdb1
Where=/mnt/data
Type=ext3
- name: etcd2.service
command: start
content: |
[Unit]
Description=etcd v2.0
After=docker.service mnt-data.mount
Requires=docker.service mnt-data.mount
Conflicts=etcd.service
[Service]
ExecStartPre=/usr/bin/docker pull quay.io/coreos/etcd:v2.0.4
ExecStartPre=/bin/mkdir -pm 700 /mnt/data/<%= shortname %>
ExecStartPre=/bin/chown core /mnt/data/<%= shortname %>
ExecStart=/usr/bin/docker run \
--net=host \
--name=<%= shortname %> \
-e "ETCD_NAME=<%= shortname %>" \
-e "ETCD_DISCOVERY_SRV=<%= domainname %>" \
-e "ETCD_INITIAL_ADVERTISE_PEER_URLS=http://<%= shortname %>.<%= domainname %>:2380" \
-e "ETCD_ADVERTISE_CLIENT_URLS=http://$private_ipv4:2379,http://<%= shortname %>.<%= domainname %>:2379" \
-e "ETCD_LISTEN_CLIENT_URLS=http://$private_ipv4:2379,http://127.0.0.1:2379" \
-e "ETCD_LISTEN_PEER_URLS=http://<%= shortname %>.<%= domainname %>:2380" \
-e "ETCD_DATA_DIR=/data" \
-v /usr/share/ca-certificates/:/etc/ssl/certs \
-v /mnt/data/<%= shortname %>:/data \
quay.io/coreos/etcd:v2.0.0
ExecStop=/usr/bin/docker kill <%= shortname %>
ExecStop=/usr/bin/docker rm <%= shortname %>
Restart=always
fleet:
metadata: "role=services"
users:
- name: sal
coreos-ssh-import-github: popsikle
groups:
- sudo
- docker
write_files:
- path: /home/core/.dockercfg
owner: core:core
permissions: 420
content: |-
{
"quay.io": {
"auth": "xxxxx",
"email": "[email protected]"
}
}
- path: /etc/ntp.conf
content: |
# Common pool
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
# - Allow only time queries, at a limited rate.
# - Allow all local queries (IPv4, IPv6)
restrict default nomodify nopeer noquery limited kod
restrict 127.0.0.1
restrict [::1]
Raw
cloud-worker.yaml
#cloud-config
hostname: <%= shortname %>
ssh_authorized_keys:
- ssh-rsa xxxx rsa-key-20120604
coreos:
locksmith:
endpoint: "http://172.21.10.241:2379,http://172.21.10.242:2379,http://172.21.10.243:2379,http://172.21.10.244:2379,http://172.21.10.245:2379"
fleet:
metadata: "role=worker"
etcd_servers: "http://172.21.10.241:2379,http://172.21.10.242:2379,http://172.21.10.243:2379,http://172.21.10.244:2379,http://172.21.10.245:2379"
public-ip: $private_ipv4
units:
- name: etcd.service
command: stop
mask: yes
- name: settimezone.service
command: start
content: |
[Unit]
Description=Set the timezone
[Service]
ExecStart=/usr/bin/timedatectl set-timezone UTC
RemainAfterExit=yes
Type=oneshot
- name: 05-eno1.network
content: |
[Match]
Name=eno1
[Network]
DHCP=v4
- name: 10-application.netdev
content: |
[NetDev]
Name=application
Kind=vlan
[VLAN]
Id=201
- name: 20-br0.netdev
content: |
[NetDev]
Name=br0
Kind=bridge
- name: 30-bond0.netdev
content: |
[NetDev]
Name=bond0
Kind=bond
[Bond]
Mode=802.3ad
LACPTransmitRate=fast
MIIMonitorSec=1s
UpDelaySec=3s
DownDelaySec=9s
- name: 31-eno3.network
content: |
[Match]
Name=eno3
[Network]
Bond=bond0
DHCP=none
- name: 32-eno4.network
content: |
[Match]
Name=eno4
[Network]
Bond=bond0
DHCP=none
- name: 40-bond0-bridge.network
content: |
[Match]
Name=bond0
[Network]
Bridge=br0
- name: 50-br0-ip.network
content: |
[Match]
Name=br0
[Network]
DHCP=v4
- name: var-lib-docker.mount
command: start
content: |
[Unit]
Description=Mounts the docker drive
Before=docker.service
[Mount]
What=/dev/sdb1
Where=/var/lib/docker
Type=ext4
- name: docker-tcp.socket
command: start
enable: true
content: |
[Unit]
Description=Docker Socket for the API
[Socket]
ListenStream=2375
Service=docker.service
BindIPv6Only=both
[Install]
WantedBy=sockets.target
- name: fleet.service
command: start
users:
- name: sal
coreos-ssh-import-github: popsikle
groups:
- sudo
- docker
write_files:
- path: /etc/modprobe.d/bonding.conf
permissions: 0644
owner: root
content: |
options bonding miimon=100 mode=4 lacp_rate=1
- path: /etc/modules-load.d/bonding.conf
permissions: 0644
owner: root
content: |
bonding
- path: /etc/profile.d/etcdctl.sh
permissions: 0644
owner: core
content: |
# configure etcdctl to work with our etcd servers set above
export ETCDCTL_PEERS="http://172.21.10.241:2379,http://172.21.10.242:2379,http://172.21.10.243:2379,http://172.21.10.244:2379,http://172.21.10.245:2379"
- path: /etc/profile.d/fleetctl.sh
permissions: 0644
owner: core
content: |
# configure fleetctl to work with our etcd servers set above
export FLEETCTL_ENDPOINT=unix:///var/run/fleet.sock
export FLEETCTL_EXPERIMENTAL_API=true
- path: /home/core/.dockercfg
owner: core:core
permissions: 420
content: |-
{
"quay.io": {
"auth": "cccccccxxxxx",
"email": "[email protected]"
}
}
- path: /etc/ntp.conf
content: |
# Common pool
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
# - Allow only time queries, at a limited rate.
# - Allow all local queries (IPv4, IPv6)
restrict default nomodify nopeer noquery limited kod
restrict 127.0.0.1
restrict [::1]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment