Enable kubedns

Need to disable all iptables rules for the moment till
we figure out which ones exactly to remove. Unless we
disable the iptables, we cannot run kubedns.

Change-Id: Ia42f5fc353791d3d417574785e5c006b603d050d
This commit is contained in:
Davanum Srinivas 2017-04-26 06:06:50 -04:00 committed by Davanum Srinivas (dims)
parent 182ebd2097
commit 5523adba7d
2 changed files with 27 additions and 5 deletions

View File

@ -36,10 +36,12 @@ TESTS_LIST=(
'Kubectl client [k8s.io] Simple pod [It] should handle in-cluster config'
'Kubectl client [k8s.io] Simple pod [It] should support exec through an HTTP proxy'
'Kubernetes Dashboard [It] should check that the kubernetes-dashboard instance is alive'
'Networking [It] should provide Internet connection for containers [Conformance]'
'PersistentVolumes [Volume] [k8s.io] PersistentVolumes:NFS with Single PV - PVC pairs [It] create a PV and a pre-bound PVC: test write access'
'PersistentVolumes [Volume] [k8s.io] PersistentVolumes:NFS with Single PV - PVC pairs [It] should create a non-pre-bound PV and PVC: test write access'
'PersistentVolumes [Volume] [k8s.io] PersistentVolumes:NFS with multiple PVs and PVCs all in same ns [It] should create 4 PVs and 2 PVCs: test write access'
'PreStop [It] should call prestop when killing a pod [Conformance]'
'Projected [It] should update labels on modification [Conformance] [Volume]'
'Services [It] should create endpoints for unready pods'
'StatefulSet [k8s.io] Basic StatefulSet functionality [StatefulSetBasic] [It] should adopt matching orphans and release non-matching pods'
'StatefulSet [k8s.io] Basic StatefulSet functionality [StatefulSetBasic] [It] should allow template updates'

View File

@ -38,7 +38,13 @@ function install_docker {
sudo apt-get update
sudo apt-cache policy docker-engine
sudo apt-get install -y docker-engine=1.12.6-0~ubuntu-xenial
sudo cat /lib/systemd/system/docker.service
sudo sed -r -i "s|(ExecStart)=(.+)|\1=\2 --iptables=false|" /lib/systemd/system/docker.service
sudo cat /lib/systemd/system/docker.service
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo systemctl status docker
sudo ifconfig -a
fi
docker --version
@ -97,18 +103,32 @@ function install_k8s_cloud_provider {
# Turn on/off a few things in local-up-cluster.sh
export ALLOW_PRIVILEGED=true
export KUBE_ENABLE_CLUSTER_DNS=false
export KUBE_ENABLE_CLUSTER_DNS=true
export KUBE_ENABLE_CLUSTER_DASHBOARD=true
export ALLOW_SECURITY_CONTEXT=true
export ALLOW_ANY_TOKEN=true
export ENABLE_HOSTPATH_PROVISIONER=true
export SERVICE_CLUSTER_IP_RANGE=10.1.0.0/24
export FIRST_SERVICE_CLUSTER_IP=10.1.0.1
export API_HOST_IP=${HOST_IP:-"127.0.0.1"}
# Use the docker0's ip address for kubedns to work
export API_HOST_IP="172.17.0.1"
export KUBELET_HOST="0.0.0.0"
#export HOSTNAME_OVERRIDE=${HOST_IP:-"127.0.0.1"}
export ENABLE_CRI=false
# echo "Stop Docker iptable rules that interfere with kubedns"
# sudo iptables -D FORWARD -j DOCKER-ISOLATION
# sudo iptables -A DOCKER-ISOLATION -j RETURN
# sudo iptables --flush DOCKER-ISOLATION
# sudo iptables -X DOCKER-ISOLATION
echo "Stopping firewall and allowing everything..."
sudo iptables -F
sudo iptables -X
sudo iptables -t nat -F
sudo iptables -t nat -X
sudo iptables -t mangle -F
sudo iptables -t mangle -X
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
run_process kubernetes "sudo -E PATH=$PATH hack/local-up-cluster.sh"
popd >/dev/null
}