Support systemd unit management during node join

- Support systemctl enable/start/stop/disable commands during join.sh
  or genesis.sh

Change-Id: I28046afbc55fc1d1af4575778f614f928f0e91c9
This commit is contained in:
Scott Hussey 2018-12-14 12:49:22 -06:00
parent 425d8bdff8
commit c13fc33d85
5 changed files with 103 additions and 1 deletions

View File

@ -8,11 +8,45 @@ metadata:
layer: site
storagePolicy: cleartext
data:
systemd_units:
kube-cgroup:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.10.2/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubelet
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
content: |
[Unit]
Description=Create and tune cgroup for Kubernetes Pods
Requires=network-online.target
Before=kubelet.service
[Service]
Delegate=yes
ExecStart=/usr/local/sbin/kube-cgroup.sh
[Install]
RequiredBy=kubelet.service
mode: 0444
- path: /usr/local/sbin/kube-cgroup.sh
mode: 0744
content: |-
#!/bin/bash
set -x
KUBE_CGROUP=${KUBE_CGROUP:-"kube_whitelist"}
SYSTEMD_ABSPATH="/sys/fs/cgroup/systemd/$KUBE_CGROUP"
CPUSET_ABSPATH="/sys/fs/cgroup/cpuset/$KUBE_CGROUP"
CPU_ABSPATH="/sys/fs/cgroup/cpu/$KUBE_CGROUP"
MEM_ABSPATH="/sys/fs/cgroup/memory/$KUBE_CGROUP"
for cg in $SYSTEMD_ABSPATH $CPUSET_ABSPATH $CPU_ABSPATH $MEM_ABSPATH
do
mkdir -p "$cg"
done
- path: /etc/logrotate.d/json-logrotate
mode: 0444
content: |-

View File

@ -18,6 +18,7 @@ data:
- --anonymous-auth=false
- --feature-gates=PodShareProcessNamespace=true
- --v=3
- --cgroup-root=/kube_whitelist
images:
pause: gcr.io/google_containers/pause-amd64:3.0
...

View File

@ -169,6 +169,51 @@ class Configuration:
if value:
return value
@property
def enable_units(self):
""" Get systemd unit names where enable is ``true``."""
return self.get_units_by_action('enable')
@property
def start_units(self):
""" Get systemd unit names where start is ``true``."""
return self.get_units_by_action('start')
@property
def stop_units(self):
""" Get systemd unit names where stop is ``true``."""
return self.get_units_by_action('stop')
@property
def disable_units(self):
""" Get systemd unit names where disable is ``true``."""
return self.get_units_by_action('disable')
def get_units_by_action(self, action):
""" Select systemd unit names by ``action``
Get all units that are ``true`` for ``action``.
"""
return [
k for k, v in self.systemd_units.items() if v.get(action, False)
]
@property
def systemd_units(self):
""" Return a dictionary of systemd units to be managed during join.
The dictionary key is the systemd unit name, each will have a four
boolean keys: ``enable``, ``disable``, ``start``, ``stop`` on the
actions to be taken at the end of genesis/node join. The steps
are ordered: enable, start, stop, disable.
"""
all_units = {}
for document in self.iterate(kind='HostSystem'):
all_units.update(document['data'].get('systemd_units', {}))
return all_units
@property
def join_ips(self):
maybe_ips = self.get_path('KubernetesNode:join_ips')

View File

@ -11,6 +11,18 @@ data:
abs_path:
type: string
pattern: '^/.+$'
systemd_unit:
type: object
properties:
enable:
type: boolean
disable:
type: boolean
start:
type: boolean
stop:
type: boolean
additionalProperties: false
apt_source_line:
type: string
# XXX add regex
@ -27,7 +39,6 @@ data:
$ref: '#/definitions/url'
tar_path:
$ref: '#/definitions/rel_path'
requried:
- mode
- path
@ -68,6 +79,10 @@ data:
type: object
items:
$ref: '#/definitions/file'
systemd_units:
type: object
additionalProperties:
$ref: '#/definitions/systemd_unit'
images:
type: object
properties:

View File

@ -105,6 +105,13 @@ log
log === Starting Docker and Kubelet ===
set -x
systemctl daemon-reload
{% for a in ['enable','start','stop','disable'] %}
{% for u in config.get_units_by_action(a) %}
systemctl {{ a }} {{ u }}
{% endfor %}
{% endfor %}
systemctl restart docker || true
systemctl enable kubelet
systemctl restart kubelet