mirror of
https://github.com/kubernetes/kubernetes.git
synced 2026-02-03 20:40:26 -05:00
67043dca9f
Mask and stop services that compete with apt operations or are not needed for Kubernetes nodes: - apt-news.service/timer: fetches APT news, holds apt lock - esm-cache.service: Ubuntu Pro cache updates - snapd.service/socket: Snap package manager - lxd-installer.socket: LXD container helper - ubuntu-advantage.service: Ubuntu Pro auto-attach - unattended-upgrades.service: automatic security updates - motd-news.timer: MOTD news fetching - update-notifier-motd.timer: "new Ubuntu version" checks - update-notifier-download.timer: failed package retry This addresses CI timeouts where apt-news.service running concurrently with apt-get update caused the master node to take ~5 minutes for package index downloads (vs ~5-9 seconds on worker nodes). Signed-off-by: Davanum Srinivas <davanum@gmail.com>
142 lines
4.7 KiB
YAML
142 lines
4.7 KiB
YAML
#cloud-config
|
|
|
|
users:
|
|
- name: etcd
|
|
homedir: /var/etcd
|
|
lock_passwd: true
|
|
ssh_redirect_user: true
|
|
|
|
- name: kube-bootstrap-logs-forwarder
|
|
gecos: User the kube-bootstrap-logs-forwarder.service runs as.
|
|
system: true
|
|
|
|
write_files:
|
|
- path: /etc/systemd/system/kube-bootstrap-logs-forwarder.service
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=Forwards Kubernetes bootstrap logs to serial port.
|
|
Before=kube-master-installation.service
|
|
|
|
[Service]
|
|
User=kube-bootstrap-logs-forwarder
|
|
Group=systemd-journal
|
|
SupplementaryGroups=serial
|
|
ExecStart=journalctl --no-tail --no-pager --follow --utc --output short-iso --unit kube-master-installation --unit kube-master-configuration --unit kubelet
|
|
StandardOutput=tty
|
|
TTYPath=/dev/ttyS2
|
|
|
|
[Install]
|
|
WantedBy=kubernetes.target
|
|
|
|
- path: /etc/systemd/system/kube-master-installation.service
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=Download and install k8s binaries and configurations
|
|
Requires=network-online.target
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStartPre=/bin/mkdir -p /home/kubernetes/bin
|
|
ExecStartPre=/bin/mount --bind /home/kubernetes/bin /home/kubernetes/bin
|
|
ExecStartPre=/bin/mount -o remount,exec /home/kubernetes/bin
|
|
ExecStartPre=/usr/bin/curl --fail --retry 600 --retry-delay 3 --retry-connrefused --connect-timeout 10 --silent --show-error -H "X-Google-Metadata-Request: True" -o /home/kubernetes/bin/configure.sh http://metadata.google.internal/computeMetadata/v1/instance/attributes/configure-sh
|
|
ExecStartPre=/bin/chmod 544 /home/kubernetes/bin/configure.sh
|
|
ExecStart=/home/kubernetes/bin/configure.sh
|
|
|
|
[Install]
|
|
WantedBy=kubernetes.target
|
|
|
|
- path: /etc/systemd/system/kube-master-internal-route.service
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=Configure kube internal route
|
|
Requires=kube-master-installation.service
|
|
After=kube-master-installation.service
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStartPre=/usr/bin/curl --fail --retry 5 --retry-delay 3 --retry-connrefused --connect-timeout 10 --silent --show-error -H "X-Google-Metadata-Request: True" -o /home/kubernetes/bin/kube-master-internal-route.sh http://metadata.google.internal/computeMetadata/v1/instance/attributes/kube-master-internal-route
|
|
ExecStartPre=/bin/chmod 544 /home/kubernetes/bin/kube-master-internal-route.sh
|
|
ExecStart=/home/kubernetes/bin/kube-master-internal-route.sh
|
|
|
|
[Install]
|
|
WantedBy=kubernetes.target
|
|
|
|
- path: /etc/systemd/system/kube-master-configuration.service
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=Configure kubernetes master
|
|
Requires=kube-master-installation.service
|
|
After=kube-master-installation.service
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
RemainAfterExit=yes
|
|
ExecStartPre=/bin/chmod 544 /home/kubernetes/bin/configure-helper.sh
|
|
ExecStart=/home/kubernetes/bin/configure-helper.sh
|
|
ExecStartPost=systemctl stop kube-bootstrap-logs-forwarder.service
|
|
|
|
[Install]
|
|
WantedBy=kubernetes.target
|
|
|
|
- path: /etc/systemd/system/kube-logrotate.timer
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=kube-logrotate invocation
|
|
|
|
[Timer]
|
|
OnCalendar=*-*-* *:00/5:00
|
|
|
|
[Install]
|
|
WantedBy=kubernetes.target
|
|
|
|
- path: /etc/systemd/system/kube-logrotate.service
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes log rotation
|
|
After=kube-master-configuration.service
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
ExecStart=-/usr/sbin/logrotate /etc/logrotate.conf
|
|
|
|
[Install]
|
|
WantedBy=kubernetes.target
|
|
|
|
- path: /etc/systemd/system/kubernetes.target
|
|
permissions: 0644
|
|
owner: root
|
|
content: |
|
|
[Unit]
|
|
Description=Kubernetes
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
|
|
runcmd:
|
|
- systemctl mask apt-news.service apt-news.timer esm-cache.service snapd.service snapd.socket lxd-installer.socket ubuntu-advantage.service unattended-upgrades.service motd-news.timer update-notifier-motd.timer update-notifier-download.timer || true
|
|
- systemctl stop unattended-upgrades.service || true
|
|
- systemctl daemon-reload
|
|
- systemctl enable kube-bootstrap-logs-forwarder.service
|
|
- systemctl enable kube-master-installation.service
|
|
- systemctl enable kube-master-internal-route.service
|
|
- systemctl enable kube-master-configuration.service
|
|
- systemctl enable kube-logrotate.timer
|
|
- systemctl enable kube-logrotate.service
|
|
- systemctl enable kubernetes.target
|
|
- systemctl start kubernetes.target
|