enable login to private registries
diff --git a/README.rst b/README.rst
index fbd3555..0f553d8 100644
--- a/README.rst
+++ b/README.rst
@@ -314,6 +314,29 @@
name: ${linux:system:name}
...
+Pull images from private registries
+-----------------------------------
+
+.. code-block:: yaml
+
+ kubernetes:
+ master
+ ...
+ registry:
+ secret:
+ registry01:
+ enabled: True
+ key: (get from `cat /root/.docker/config.json | base64`)
+ namespace: default
+ ...
+ control:
+ ...
+ service:
+ service01:
+ ...
+ image_pull_secretes: registry01
+ ...
+
Kubernetes Service Definitions in pillars
==========================================
diff --git a/kubernetes/files/manifest/kube-apiserver.manifest b/kubernetes/files/manifest/kube-apiserver.manifest
index 6560c79..e7d134e 100644
--- a/kubernetes/files/manifest/kube-apiserver.manifest
+++ b/kubernetes/files/manifest/kube-apiserver.manifest
@@ -11,7 +11,7 @@
terminationGracePeriodSeconds: 30
containers:
- name: kube-apiserver
- image: {{ master.registry }}/kube-master:{{ master.version }}
+ image: {{ master.registry.host }}/kube-master:{{ master.version }}
command:
- /bin/sh
- -c
diff --git a/kubernetes/files/manifest/kube-controller-manager.manifest b/kubernetes/files/manifest/kube-controller-manager.manifest
index 7f2f250..ce74558 100644
--- a/kubernetes/files/manifest/kube-controller-manager.manifest
+++ b/kubernetes/files/manifest/kube-controller-manager.manifest
@@ -11,7 +11,7 @@
terminationGracePeriodSeconds: 30
containers:
- name: kube-controller-manager
- image: {{ master.registry }}/kube-master:{{ master.version }}
+ image: {{ master.registry.host }}/kube-master:{{ master.version }}
command:
- /bin/sh
- -c
diff --git a/kubernetes/files/manifest/kube-proxy.manifest.pool b/kubernetes/files/manifest/kube-proxy.manifest.pool
index 54442f8..48f42d7 100644
--- a/kubernetes/files/manifest/kube-proxy.manifest.pool
+++ b/kubernetes/files/manifest/kube-proxy.manifest.pool
@@ -8,7 +8,7 @@
hostNetwork: true
containers:
- name: kube-proxy
- image: {{ pool.registry }}/kube-pool:{{ pool.version }}
+ image: {{ pool.registry.host }}/kube-pool:{{ pool.version }}
resources:
requests:
cpu: 200m
diff --git a/kubernetes/files/manifest/kube-scheduler.manifest b/kubernetes/files/manifest/kube-scheduler.manifest
index 905c170..a0977a1 100644
--- a/kubernetes/files/manifest/kube-scheduler.manifest
+++ b/kubernetes/files/manifest/kube-scheduler.manifest
@@ -12,7 +12,7 @@
terminationGracePeriodSeconds: 30
containers:
- name: kube-scheduler
- image: {{ master.registry }}/kube-master:{{ master.version }}
+ image: {{ master.registry.host }}/kube-master:{{ master.version }}
imagePullPolicy: IfNotPresent
command:
- /bin/sh
diff --git a/kubernetes/files/rc.yml b/kubernetes/files/rc.yml
index 61c3ee9..830f34e 100644
--- a/kubernetes/files/rc.yml
+++ b/kubernetes/files/rc.yml
@@ -117,4 +117,8 @@
{%- for selector in service.nodeSelector %}
{{ selector.key }}: {{ selector.value }}
{%- endfor %}
+ {%- endif %}
+ {%- if service.image_pull_secretes is defined %}
+ imagePullSecrets:
+ - name: {{ service.image_pull_secretes }}
{%- endif %}
\ No newline at end of file
diff --git a/kubernetes/master/kubelet.sls b/kubernetes/master/kubelet.sls
index e6aca1b..84b1bfe 100644
--- a/kubernetes/master/kubelet.sls
+++ b/kubernetes/master/kubelet.sls
@@ -40,4 +40,25 @@
{%- endfor %}
+{%- if master.registry.secret is defined %}
+
+{%- for name,registry in master.registry.secret.iteritems() %}
+
+{%- if registry.enabled %}
+
+/registry/secrets/{{ registry.namespace }}/{{ name }}:
+ etcd.set:
+ - value: '{"kind":"Secret","apiVersion":"v1","metadata":{"name":"{{ name }}","namespace":"{{ registry.namespace }}"},"data":{".dockerconfigjson":"{{ registry.key }}"},"type":"kubernetes.io/dockerconfigjson"}'
+
+{%- else %}
+
+/registry/secrets/{{ registry.namespace }}/{{ name }}:
+ etcd.rm
+
+{%- endif %}
+
+{%- endfor %}
+
+{%- endif %}
+
{%- endif %}
\ No newline at end of file
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index f68e5ff..fceafb9 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -8,7 +8,8 @@
master:
enabled: true
version: ${_param:kubernetes_version}
- registry: tcpcloud
+ registry:
+ host: tcpcloud
service_addresses: 10.254.0.0/16
admin:
username: ${_param:kubernetes_admin_user}
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index 2f76e7d..2e76deb 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -8,7 +8,8 @@
master:
enabled: true
version: ${_param:kubernetes_version}
- registry: tcpcloud
+ registry:
+ host: tcpcloud
service_addresses: 10.254.0.0/16
admin:
username: ${_param:kubernetes_admin_user}
diff --git a/metadata/service/pool/cluster.yml b/metadata/service/pool/cluster.yml
index e79a104..415cf6e 100644
--- a/metadata/service/pool/cluster.yml
+++ b/metadata/service/pool/cluster.yml
@@ -8,7 +8,8 @@
pool:
enabled: true
version: ${_param:kubernetes_version}
- registry: tcpcloud
+ registry:
+ host: tcpcloud
host:
name: ${linux:system:name}
master:
diff --git a/metadata/service/pool/single.yml b/metadata/service/pool/single.yml
index 68ec845..1e4049b 100644
--- a/metadata/service/pool/single.yml
+++ b/metadata/service/pool/single.yml
@@ -8,7 +8,8 @@
pool:
enabled: true
version: ${_param:kubernetes_version}
- registry: tcpcloud
+ registry:
+ host: tcpcloud
host:
name: ${linux:system:name}
master: