-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
171 lines (131 loc) · 6.21 KB
/
Dockerfile
File metadata and controls
171 lines (131 loc) · 6.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
FROM ubuntu:24.04 AS opts
ENV KUBE_VERSION 1.34.2
ENV CRIO_VERSION v1.34.2
ENV COREDNS_VERSION 1.13.1
ENV ETCD_VERSION 3.5.12
ENV KERNEL_VERSION 6.11.0-26-generic
ENV IMAGE_VERSION 1.9.3
ENV DEBIAN_FRONTEND noninteractive
ENV TZ UTC
RUN env | egrep -v '^(PATH|HOSTNAME|TERM|HOME)' > /etc/image.env
FROM opts AS core
RUN rm -f /run/systemd/container
RUN apt-get update && apt-get upgrade -y
RUN yes | unminimize
FROM core AS downloads
RUN apt-get install -y wget
RUN wget https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_amd64.tgz
RUN wget https://storage.googleapis.com/cri-o/artifacts/cri-o.amd64.${CRIO_VERSION}.tar.gz
RUN wget https://dl.k8s.io/v${KUBE_VERSION}/kubernetes-node-linux-amd64.tar.gz
FROM core AS base
RUN apt-mark hold grub-pc
RUN apt-get install -y linux-image-${KERNEL_VERSION} linux-headers-${KERNEL_VERSION} live-boot systemd wget netplan.io ntp gnupg2 make squashfs-tools openssh-server iputils-ping htop vim pciutils lshw less iptables ntpdate ipmitool lvm2 curl
COPY --from=downloads coredns_${COREDNS_VERSION}_linux_amd64.tgz .
RUN tar -xpf coredns_${COREDNS_VERSION}_linux_amd64.tgz && \
mv coredns /usr/bin/ && \
chmod +x /usr/bin/coredns && \
rm -rf coredns_${COREDNS_VERSION}_linux_amd64.tgz
COPY os/initramfs.conf /etc/initramfs-tools/initramfs.conf
COPY os/fstab /etc/fstab
COPY os/hosts /etc/hosts
COPY os/ntp.conf /etc/ntp.conf
COPY os/coredns.conf /etc/coredns.conf
COPY os/coredns.service /usr/lib/systemd/system/
COPY os/resolv.conf /etc/resolv.conf
COPY os/netplan.yaml /etc/netplan/config.yaml
COPY os/initialize-disks.sh /usr/local/sbin/initialize-disks.sh
COPY os/initialize-hostname.sh /usr/local/sbin/initialize-hostname.sh
RUN chmod +x /usr/local/sbin/initialize-disks.sh /usr/local/sbin/initialize-hostname.sh
COPY os/initialize-disks.service /usr/lib/systemd/system
COPY os/initialize-hostname.service /usr/lib/systemd/system
COPY os/systemd.preset /usr/lib/systemd/system-preset/00-tblflp.preset
COPY os/sshd_config /etc/ssh/sshd_config
COPY os/authorized_keys /root/.ssh/authorized_keys
COPY os/ntpd.service /usr/lib/systemd/system
COPY os/ntpdate.service /usr/lib/systemd/system
RUN chmod 400 /root/.ssh/authorized_keys && chown root /root/.ssh/authorized_keys
COPY secrets/shadow /etc/shadow
RUN mkdir -p /var/log/ntpstats && chown 101:101 /var/log/ntpstats
RUN update-initramfs -u
RUN systemctl enable ntpsec ntpdate coredns initialize-disks initialize-hostname ssh dm-event
FROM base AS node
RUN mkdir /mnt/ceph /mnt/slow1 /mnt/slow2 /mnt/fast /mnt/local /mnt/local/crio /mnt/local/containers /mnt/local/log /mnt/local/log/pods
# CRI-O
COPY --from=downloads cri-o.amd64.${CRIO_VERSION}.tar.gz .
RUN tar -xpf cri-o.amd64.${CRIO_VERSION}.tar.gz && \
( cd cri-o && \
bash ./install ) && \
rm -rf cri-o/ cri-o.amd64.${CRIO_VERSION}.tar.gz
COPY worker/99-cri.conf /etc/sysctl.d/99-cri.conf
COPY worker/crio.conf /etc/crio/crio.conf
COPY worker/storage.conf /etc/containers/storage.conf
COPY worker/registries.conf /etc/containers/registries.conf
RUN rm -f /usr/local/lib/systemd/system/crio.service /etc/cni/net.d/11-crio-ipv4-bridge.conflist
COPY worker/crio.service /usr/lib/systemd/system/crio.service
RUN systemctl enable crio
# KUBERNETES
COPY --from=downloads kubernetes-node-linux-amd64.tar.gz .
RUN tar -xpf kubernetes-node-linux-amd64.tar.gz && \
mv kubernetes/node/bin/kubelet /usr/bin/ && \
rm -rf kubernetes kubernetes-node-linux-amd64.tar.gz
COPY worker/kubelet.yaml /etc/kubelet.yaml
COPY worker/kubelet.service /usr/lib/systemd/system/
RUN mkdir /etc/kubelet /etc/kubelet/pki /etc/kubelet/static
COPY secrets/bootstrap.yaml /etc/kubelet/bootstrap.yaml
COPY secrets/pki/ca.crt /etc/pki/k8sca.crt
RUN systemctl enable kubelet
FROM node AS leader
COPY secrets/tokens /etc/kubernetes/tokens
COPY secrets/pki /etc/kubernetes/pki
COPY secrets/controller.yaml /etc/kubernetes/controller.kubeconfig
COPY secrets/scheduler.yaml /etc/kubernetes/scheduler.kubeconfig
COPY leaders/* /tmp/
RUN chmod +x /tmp/create_static_pods.sh
FROM leader AS k8s-01
ENV NODE_NAME k8s-01
ENV PRIVATE_IP 10.199.14.1
ENV LB_IP 10.199.15.1
RUN /tmp/create_static_pods.sh
FROM leader AS k8s-02
ENV NODE_NAME k8s-02
ENV PRIVATE_IP 10.199.14.2
ENV LB_IP 10.199.15.2
RUN /tmp/create_static_pods.sh
FROM leader AS k8s-03
ENV NODE_NAME k8s-03
ENV PRIVATE_IP 10.199.14.3
ENV LB_IP 10.199.15.3
RUN /tmp/create_static_pods.sh
FROM core AS ipxe
RUN apt-get install -y git gcc binutils make perl mtools liblzma-dev mkisofs syslinux
RUN git clone https://github.com/ipxe/ipxe
COPY pxe/boot.ipxe ipxe/src/boot.ipxe
RUN sed -ri "s/IMAGE_VERSION/${KUBE_VERSION}-${IMAGE_VERSION}/g" ipxe/src/boot.ipxe
RUN cd ipxe/src && make -j16 bin/undionly.kpxe EMBED=boot.ipxe
FROM core AS builder-core
RUN apt-get install -y squashfs-tools
RUN mkdir /tftp /roots /images
FROM builder-core AS builder-node
COPY --from=node / /roots/node
RUN mksquashfs /roots/node /images/node-${KUBE_VERSION}-${IMAGE_VERSION}.squashfs -comp lzo
RUN cp /roots/node/boot/initrd.img-${KERNEL_VERSION} /tftp/initrd.img-${KUBE_VERSION}-${IMAGE_VERSION}
RUN cp /roots/node/boot/vmlinuz-${KERNEL_VERSION} /tftp/vmlinuz-${KUBE_VERSION}-${IMAGE_VERSION}
RUN cp /roots/node/boot/config-${KERNEL_VERSION} /tftp/config-${KUBE_VERSION}-${IMAGE_VERSION}
RUN cp /roots/node/boot/System.map-${KERNEL_VERSION} /tftp/System.map-${KUBE_VERSION}-${IMAGE_VERSION}
COPY --from=ipxe ipxe/src/bin/undionly.kpxe /tftp/boot-${KUBE_VERSION}-${IMAGE_VERSION}.kpxe
RUN tar -zcpf /images/tftp-${KUBE_VERSION}-${IMAGE_VERSION}.tgz -C /tftp .
FROM builder-core AS builder-k8s-01
COPY --from=k8s-01 / /roots/k8s-01
RUN mksquashfs /roots/k8s-01 /images/k8s-01-${KUBE_VERSION}-${IMAGE_VERSION}.squashfs -comp lzo
FROM builder-core AS builder-k8s-02
COPY --from=k8s-02 / /roots/k8s-02
RUN mksquashfs /roots/k8s-02 /images/k8s-02-${KUBE_VERSION}-${IMAGE_VERSION}.squashfs -comp lzo
FROM builder-core AS builder-k8s-03
COPY --from=k8s-03 / /roots/k8s-03
RUN mksquashfs /roots/k8s-03 /images/k8s-03-${KUBE_VERSION}-${IMAGE_VERSION}.squashfs -comp lzo
FROM opts AS built
COPY --from=builder-node /images /images
COPY --from=builder-k8s-01 /images/k8s-01-* /images/
COPY --from=builder-k8s-02 /images/k8s-02-* /images/
COPY --from=builder-k8s-03 /images/k8s-03-* /images/
CMD cp -v /images/* /volume/