From cf8e68ff52516d81667c72b703607158d5a7b399 Mon Sep 17 00:00:00 2001 From: Cole Mickens Date: Wed, 30 Nov 2016 17:54:49 +0000 Subject: [PATCH] kubernetes: dashboard 1.4.2 -> 1.5.0 --- ...ddons-kubernetes-dashboard-deployment.yaml | 4 +- pkg/acsengine/templates.go | 88 +++++++++---------- .../kubernetes_expected.json | 2 +- .../largeclusters/kubernetes_expected.json | 2 +- .../testdata/simple/kubernetes_expected.json | 2 +- .../vnet/kubernetesvnet_expected.json | 2 +- 6 files changed, 50 insertions(+), 50 deletions(-) diff --git a/parts/kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml b/parts/kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml index a07f7094b..4240006c5 100644 --- a/parts/kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml +++ b/parts/kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml @@ -4,7 +4,7 @@ metadata: labels: kubernetes.io/cluster-service: "true" app: kubernetes-dashboard - version: v1.4.2 + version: v1.5.0 name: kubernetes-dashboard namespace: kube-system spec: @@ -19,7 +19,7 @@ spec: spec: containers: - args: - image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.4.2 + image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.0 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/pkg/acsengine/templates.go b/pkg/acsengine/templates.go index cd42e0eb5..19884f13c 100644 --- a/pkg/acsengine/templates.go +++ b/pkg/acsengine/templates.go @@ -125,7 +125,7 @@ func installContainerhostAndJoinSwarmPs1() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "Install-ContainerHost-And-Join-Swarm.ps1", size: 6132, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "Install-ContainerHost-And-Join-Swarm.ps1", size: 6132, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -145,7 +145,7 @@ func agentoutputsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "agentoutputs.t", size: 212, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "agentoutputs.t", size: 212, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -165,7 +165,7 @@ func agentparamsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "agentparams.t", size: 1422, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "agentparams.t", size: 1422, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -185,7 +185,7 @@ func classicparamsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "classicparams.t", size: 5128, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "classicparams.t", size: 5128, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -205,7 +205,7 @@ func configureSwarmClusterSh() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "configure-swarm-cluster.sh", size: 6503, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "configure-swarm-cluster.sh", size: 6503, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -225,7 +225,7 @@ func dcosagentresourcesvmasT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosagentresourcesvmas.t", size: 10249, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "dcosagentresourcesvmas.t", size: 10249, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -245,7 +245,7 @@ func dcosagentresourcesvmssT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosagentresourcesvmss.t", size: 10340, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "dcosagentresourcesvmss.t", size: 10340, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -265,7 +265,7 @@ func dcosagentvarsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosagentvars.t", size: 2228, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "dcosagentvars.t", size: 2228, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -285,7 +285,7 @@ func dcosbaseT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosbase.t", size: 1262, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "dcosbase.t", size: 1262, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -305,7 +305,7 @@ func dcoscustomdata173T() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcoscustomdata173.t", size: 7704, mode: os.FileMode(438), modTime: time.Unix(1480440593, 0)} + info := bindataFileInfo{name: "dcoscustomdata173.t", size: 7704, mode: os.FileMode(420), modTime: time.Unix(1480530460, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -325,7 +325,7 @@ func dcoscustomdata184T() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcoscustomdata184.t", size: 7868, mode: os.FileMode(438), modTime: time.Unix(1480381886, 0)} + info := bindataFileInfo{name: "dcoscustomdata184.t", size: 7868, mode: os.FileMode(420), modTime: time.Unix(1480530460, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -345,7 +345,7 @@ func dcoscustomdata187T() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcoscustomdata187.t", size: 7658, mode: os.FileMode(438), modTime: time.Unix(1480383805, 0)} + info := bindataFileInfo{name: "dcoscustomdata187.t", size: 7658, mode: os.FileMode(420), modTime: time.Unix(1480530460, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -365,7 +365,7 @@ func dcosmasterresourcesT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosmasterresources.t", size: 9716, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "dcosmasterresources.t", size: 9716, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -385,7 +385,7 @@ func dcosmastervarsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosmastervars.t", size: 4244, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "dcosmastervars.t", size: 4244, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -405,7 +405,7 @@ func dcosprovisionSh() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "dcosprovision.sh", size: 932, mode: os.FileMode(438), modTime: time.Unix(1480381886, 0)} + info := bindataFileInfo{name: "dcosprovision.sh", size: 932, mode: os.FileMode(420), modTime: time.Unix(1480530460, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -425,7 +425,7 @@ func kubeconfigJson() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubeconfig.json", size: 983, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubeconfig.json", size: 983, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -445,7 +445,7 @@ func kubernetesagentcustomdataYml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesagentcustomdata.yml", size: 3413, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "kubernetesagentcustomdata.yml", size: 3413, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -465,7 +465,7 @@ func kubernetesagentresourcesvmasT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesagentresourcesvmas.t", size: 8533, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesagentresourcesvmas.t", size: 8533, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -485,7 +485,7 @@ func kubernetesagentvarsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesagentvars.t", size: 1104, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesagentvars.t", size: 1104, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -505,7 +505,7 @@ func kubernetesbaseT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesbase.t", size: 1011, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesbase.t", size: 1011, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -525,7 +525,7 @@ func kubernetesmasteraddonsHeapsterDeploymentYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-heapster-deployment.yaml", size: 1727, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-heapster-deployment.yaml", size: 1727, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -545,7 +545,7 @@ func kubernetesmasteraddonsHeapsterServiceYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-heapster-service.yaml", size: 249, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-heapster-service.yaml", size: 249, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -565,7 +565,7 @@ func kubernetesmasteraddonsKubeDnsDeploymentYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-kube-dns-deployment.yaml", size: 2752, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-kube-dns-deployment.yaml", size: 2752, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -585,7 +585,7 @@ func kubernetesmasteraddonsKubeDnsServiceYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-kube-dns-service.yaml", size: 353, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-kube-dns-service.yaml", size: 353, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -605,12 +605,12 @@ func kubernetesmasteraddonsKubeProxyDaemonsetYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-kube-proxy-daemonset.yaml", size: 1222, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-kube-proxy-daemonset.yaml", size: 1222, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } -var _kubernetesmasteraddonsKubernetesDashboardDeploymentYaml = []byte("\x1f\x8b\x08\x00\x00\x09\x6e\x88\x00\xff\x84\x52\x4d\x6b\xdc\x40\x0c\xbd\xfb\x57\x88\xbd\x7b\x37\xdb\x86\x42\xe6\x56\x1a\xe8\xa5\x07\x43\x4b\xaf\x45\x1e\x3f\xbc\x43\x34\x1f\x8c\x64\xb7\xfe\xf7\xc5\x69\xb2\xeb\xc0\x76\x33\x27\xa1\xf7\x9e\xf4\xf4\x18\x2e\xe1\x27\xaa\x86\x9c\x1c\xe1\x8f\x21\xad\xa5\x1e\xe6\x63\x0f\xe3\x63\xf3\x14\xd2\xe0\xe8\x11\x45\xf2\x12\x91\xac\x89\x30\x1e\xd8\xd8\x35\x44\xc2\x3d\x44\xd7\x8a\xe8\x69\xea\x51\x13\x0c\xba\x0f\xf9\xe0\x65\x52\x43\x6d\x15\x75\x0e\x1e\x8e\x76\x56\x27\xec\x9e\x99\x5c\x8a\xdb\xd0\xdb\x81\xf5\xd4\x67\xae\xc3\x33\x3a\xbf\x9a\x99\x8f\xfb\xfb\xfd\x87\x86\x28\x71\xc4\x7f\x05\x2b\xa8\x85\xfd\x0b\xa3\xd5\x45\x0d\xb1\xd1\x02\xbf\xfa\xaa\x28\x12\x3c\xab\xa3\x63\x43\xa4\x10\x78\xcb\xf5\x9f\xe3\xc8\xe6\x4f\xdf\x36\x27\xdc\xb6\x66\x88\x45\xd8\xf0\x22\xde\xc4\xb0\x3e\x79\x33\xe7\xbd\x23\x5f\xed\xad\xcf\xe7\x64\x1c\x12\xea\x59\xdd\x12\xd7\x51\x1d\x9d\x87\x85\xc8\x23\x1c\x8d\xbe\xae\xd9\x8e\x39\x8f\x82\x5f\x17\xdd\xe1\xda\x9e\x96\xe3\xf0\xe9\xde\x9d\x53\xdc\x4c\xea\x26\x91\x2e\x4b\xf0\x8b\xa3\xcf\xf2\x9b\x17\x3d\xe3\x12\x66\x24\xa8\x76\x35\xf7\xb8\x5c\x43\x74\x32\x2b\x5f\x61\xdb\x16\x51\x61\x3b\x39\xda\x1d\x76\x6f\xbb\xb9\x9a\xa3\x87\xbb\x87\xbb\x4d\x3b\xa4\x60\x81\xe5\x11\xc2\xcb\x77\xf8\x9c\x06\x75\xf4\x71\xcb\xb0\x10\x91\x27\xbb\x06\xde\xfc\x01\x97\xa5\x9b\xf8\xdb\x4b\xac\xdd\x35\x3b\xa5\x66\xcb\x3e\x8b\xa3\x1f\x5f\xba\xe6\x6f\x00\x00\x00\xff\xff\x0e\x03\x54\xdd\x04\x03\x00\x00") +var _kubernetesmasteraddonsKubernetesDashboardDeploymentYaml = []byte("\x1f\x8b\x08\x00\x00\x09\x6e\x88\x00\xff\x84\x52\xcb\x8a\xdc\x40\x0c\xbc\xfb\x2b\xc4\xdc\x3d\x0f\xf2\x80\xed\x5b\xc8\x42\x2e\x39\x18\x12\x72\x0d\x72\xbb\xf0\x34\xab\x7e\xd0\x92\x9d\xf8\xef\x83\x37\xbb\x33\x5e\x98\x4c\xfa\x24\x54\x55\x52\xa9\x68\x2e\xe1\x07\xaa\x86\x9c\x1c\xe1\xb7\x21\xad\xa5\x1e\xe6\x53\x0f\xe3\x53\xf3\x14\xd2\xe0\xe8\x11\x45\xf2\x12\x91\xac\x89\x30\x1e\xd8\xd8\x35\x44\xc2\x3d\x44\xd7\x8a\xe8\x69\xea\x51\x13\x0c\xba\x0f\xf9\xe0\x65\x52\x43\x6d\x15\x75\x0e\x1e\x8e\x76\x56\x27\xec\x9e\x99\x5c\x8a\xdb\xd0\xdb\x81\xf5\xdc\x67\xae\xc3\x33\x3a\xbf\x9a\x99\x4f\xfb\x0f\xfb\x63\x43\x94\x38\xe2\x9f\x82\x15\xd4\xc2\xfe\x85\xd1\xea\xa2\x86\xd8\x68\x81\x5f\x7d\x55\x14\x09\x9e\xd5\xd1\xa9\x21\x52\x08\xbc\xe5\xfa\xd7\x71\x64\xf3\xe7\xaf\x9b\x13\xee\x5b\x33\xc4\x22\x6c\x78\x11\x6f\x62\x58\x9f\xbc\x99\xf3\xbf\x23\x5f\xed\xad\xcf\xe7\x64\x1c\x12\xea\x45\xdd\x12\xd7\x51\x1d\x5d\x86\x85\xc8\x23\x1c\x8d\xbe\xae\xd9\x8e\x39\x8f\x82\x9f\x57\xdd\xe1\xd6\x9e\x96\xe3\xf0\xf1\xbd\xbb\xa4\xb8\x99\xd4\x4d\x22\x5d\x96\xe0\x17\x47\x9f\xe4\x17\x2f\x7a\xc1\x25\xcc\x48\x50\xed\x6a\xee\x71\xbd\x86\xe8\x6c\x56\xbe\xc0\xb6\x2d\xa2\xc2\x76\x76\xb4\x3b\xec\xde\x76\x73\x35\x47\x0f\xc7\x87\xe3\xa6\x1d\x52\xb0\xc0\xf2\x08\xe1\xe5\x1b\x7c\x4e\x83\x3a\x7a\xb7\x65\x58\x88\xc8\x93\xdd\x02\xef\xfe\x80\xeb\xd2\x4d\xfc\xed\x35\xd6\xee\x96\x9d\x52\xb3\x65\x9f\xc5\xd1\xf7\xcf\x5d\xf3\x27\x00\x00\xff\xff\x2b\xe9\x8e\x16\x04\x03\x00\x00") func kubernetesmasteraddonsKubernetesDashboardDeploymentYamlBytes() ([]byte, error) { return bindataRead( @@ -625,7 +625,7 @@ func kubernetesmasteraddonsKubernetesDashboardDeploymentYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml", size: 772, mode: os.FileMode(438), modTime: time.Unix(1478194835, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml", size: 772, mode: os.FileMode(420), modTime: time.Unix(1480530460, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -645,7 +645,7 @@ func kubernetesmasteraddonsKubernetesDashboardServiceYaml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasteraddons-kubernetes-dashboard-service.yaml", size: 283, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasteraddons-kubernetes-dashboard-service.yaml", size: 283, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -665,7 +665,7 @@ func kubernetesmastercustomdataYml() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmastercustomdata.yml", size: 10340, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "kubernetesmastercustomdata.yml", size: 10340, mode: os.FileMode(420), modTime: time.Unix(1480530460, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -685,7 +685,7 @@ func kubernetesmastercustomscriptSh() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmastercustomscript.sh", size: 5313, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "kubernetesmastercustomscript.sh", size: 5313, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -705,7 +705,7 @@ func kubernetesmasterresourcesT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmasterresources.t", size: 12172, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmasterresources.t", size: 12172, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -725,7 +725,7 @@ func kubernetesmastervarsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesmastervars.t", size: 5271, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesmastervars.t", size: 5271, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -745,7 +745,7 @@ func kubernetesparamsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "kubernetesparams.t", size: 2013, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "kubernetesparams.t", size: 2013, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -765,7 +765,7 @@ func masteroutputsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "masteroutputs.t", size: 487, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "masteroutputs.t", size: 487, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -785,7 +785,7 @@ func masterparamsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "masterparams.t", size: 1810, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "masterparams.t", size: 1810, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -805,7 +805,7 @@ func swarmagentresourcesvmasT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmagentresourcesvmas.t", size: 9849, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "swarmagentresourcesvmas.t", size: 9849, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -825,7 +825,7 @@ func swarmagentresourcesvmssT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmagentresourcesvmss.t", size: 9598, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "swarmagentresourcesvmss.t", size: 9598, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -845,7 +845,7 @@ func swarmagentvarsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmagentvars.t", size: 2255, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "swarmagentvars.t", size: 2255, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -865,7 +865,7 @@ func swarmbaseT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmbase.t", size: 1587, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "swarmbase.t", size: 1587, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -885,7 +885,7 @@ func swarmmasterresourcesT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmmasterresources.t", size: 8222, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "swarmmasterresources.t", size: 8222, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -905,7 +905,7 @@ func swarmmastervarsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmmastervars.t", size: 5882, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "swarmmastervars.t", size: 5882, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -925,7 +925,7 @@ func swarmwinagentresourcesvmasT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmwinagentresourcesvmas.t", size: 11204, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "swarmwinagentresourcesvmas.t", size: 11204, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -945,7 +945,7 @@ func swarmwinagentresourcesvmssT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "swarmwinagentresourcesvmss.t", size: 10740, mode: os.FileMode(438), modTime: time.Unix(1480381350, 0)} + info := bindataFileInfo{name: "swarmwinagentresourcesvmss.t", size: 10740, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -965,7 +965,7 @@ func windowsparamsT() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "windowsparams.t", size: 369, mode: os.FileMode(438), modTime: time.Unix(1478125307, 0)} + info := bindataFileInfo{name: "windowsparams.t", size: 369, mode: os.FileMode(420), modTime: time.Unix(1479239541, 0)} a := &asset{bytes: bytes, info: info} return a, nil } diff --git a/pkg/acsengine/testdata/disks-storageaccount/kubernetes_expected.json b/pkg/acsengine/testdata/disks-storageaccount/kubernetes_expected.json index 77b1fec4c..afb67ff45 100644 --- a/pkg/acsengine/testdata/disks-storageaccount/kubernetes_expected.json +++ b/pkg/acsengine/testdata/disks-storageaccount/kubernetes_expected.json @@ -1574,7 +1574,7 @@ "osProfile": { "adminUsername": "[variables('username')]", "computername": "[concat(variables('masterVMNamePrefix'), copyIndex())]", - "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSTWvcQAy9+1eIvXs324ZC5lYa6KUHQ0uvRR4/vEM0H4xkt/73xWmy68B2Myeh95709Bgu4Seqhpwc4Y8hraUe5mMP42PzFNLg6BFF8hKRrIkwHtjYNUTCPUTXiuhp6lETDLoP+eBlUkNtFXUOHo52VifsnplcitvQ24H11GeuwzM6v5qZj/v7/YeGKHHEfwUrqIX9C6PVRQ2x0QK/+qooEjyro2NDpBB4y/Wf48jmT982J9y2ZohF2PAi3sSwPnkz570jX+2tz+dkHBLqWd0S11EdnYeFyCMcjb6u2Y45j4JfF93h2p6W4/Dp3p1T3EzqJpEuS/CLo8/ymxc94xJmJKh2Nfe4XEN0MitfYdsWUWE7Ododdm+7uZqjh7uHu007pGCB5RHCy3f4nAZ19HHLsBCRJ7sG3vwBl6Wb+NtLrN01O6Vmyz6Lox9fuuZvAAAA//8OA1TdBAMAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", + "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSy4rcQAy8+yvE3D0P8oDtW8hCLjkYEnINcrvwNKt+0JKd+O+DN7szXphM+iRUVVKpaC7hB6qGnBzhtyGtpR7mUw/jU/MU0uDoEUXyEpGsiTAe2Ng1RMI9RNeK6GnqURMMug/54GVSQ20VdQ4ejnZWJ+yemVyK29DbgfXcZ67DMzq/mplP+w/7Y0OUOOKfghXUwv6F0eqihthogV99VRQJntXRqSFSCLzl+tdxZPPnr5sT7lszxCJseBFvYlifvJnzvyNf7a3P52QcEupF3RLXUR1dhoXIIxyNvq7ZjjmPgp9X3eHWnpbj8PG9u6S4mdRNIl2W4BdHn+QXL3rBJcxIUO1q7nG9huhsVr7Ati2iwnZ2tDvs3nZzNUcPx4fjph1SsMDyCOHlG3xOgzp6t2VYiMiT3QLv/oDr0k387TXW7padUrNln8XR989d8ycAAP//K+mOFgQDAAA=\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", "linuxConfiguration": { "disablePasswordAuthentication": "true", "ssh": { diff --git a/pkg/acsengine/testdata/largeclusters/kubernetes_expected.json b/pkg/acsengine/testdata/largeclusters/kubernetes_expected.json index 4edba7606..c02c19b65 100644 --- a/pkg/acsengine/testdata/largeclusters/kubernetes_expected.json +++ b/pkg/acsengine/testdata/largeclusters/kubernetes_expected.json @@ -4921,7 +4921,7 @@ "osProfile": { "adminUsername": "[variables('username')]", "computername": "[concat(variables('masterVMNamePrefix'), copyIndex())]", - "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSTWvcQAy9+1eIvXs324ZC5lYa6KUHQ0uvRR4/vEM0H4xkt/73xWmy68B2Myeh95709Bgu4Seqhpwc4Y8hraUe5mMP42PzFNLg6BFF8hKRrIkwHtjYNUTCPUTXiuhp6lETDLoP+eBlUkNtFXUOHo52VifsnplcitvQ24H11GeuwzM6v5qZj/v7/YeGKHHEfwUrqIX9C6PVRQ2x0QK/+qooEjyro2NDpBB4y/Wf48jmT982J9y2ZohF2PAi3sSwPnkz570jX+2tz+dkHBLqWd0S11EdnYeFyCMcjb6u2Y45j4JfF93h2p6W4/Dp3p1T3EzqJpEuS/CLo8/ymxc94xJmJKh2Nfe4XEN0MitfYdsWUWE7Ododdm+7uZqjh7uHu007pGCB5RHCy3f4nAZ19HHLsBCRJ7sG3vwBl6Wb+NtLrN01O6Vmyz6Lox9fuuZvAAAA//8OA1TdBAMAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", + "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSy4rcQAy8+yvE3D0P8oDtW8hCLjkYEnINcrvwNKt+0JKd+O+DN7szXphM+iRUVVKpaC7hB6qGnBzhtyGtpR7mUw/jU/MU0uDoEUXyEpGsiTAe2Ng1RMI9RNeK6GnqURMMug/54GVSQ20VdQ4ejnZWJ+yemVyK29DbgfXcZ67DMzq/mplP+w/7Y0OUOOKfghXUwv6F0eqihthogV99VRQJntXRqSFSCLzl+tdxZPPnr5sT7lszxCJseBFvYlifvJnzvyNf7a3P52QcEupF3RLXUR1dhoXIIxyNvq7ZjjmPgp9X3eHWnpbj8PG9u6S4mdRNIl2W4BdHn+QXL3rBJcxIUO1q7nG9huhsVr7Ati2iwnZ2tDvs3nZzNUcPx4fjph1SsMDyCOHlG3xOgzp6t2VYiMiT3QLv/oDr0k387TXW7padUrNln8XR989d8ycAAP//K+mOFgQDAAA=\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", "linuxConfiguration": { "disablePasswordAuthentication": "true", "ssh": { diff --git a/pkg/acsengine/testdata/simple/kubernetes_expected.json b/pkg/acsengine/testdata/simple/kubernetes_expected.json index 7c959f0fe..7b105268c 100644 --- a/pkg/acsengine/testdata/simple/kubernetes_expected.json +++ b/pkg/acsengine/testdata/simple/kubernetes_expected.json @@ -1461,7 +1461,7 @@ "osProfile": { "adminUsername": "[variables('username')]", "computername": "[concat(variables('masterVMNamePrefix'), copyIndex())]", - "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSTWvcQAy9+1eIvXs324ZC5lYa6KUHQ0uvRR4/vEM0H4xkt/73xWmy68B2Myeh95709Bgu4Seqhpwc4Y8hraUe5mMP42PzFNLg6BFF8hKRrIkwHtjYNUTCPUTXiuhp6lETDLoP+eBlUkNtFXUOHo52VifsnplcitvQ24H11GeuwzM6v5qZj/v7/YeGKHHEfwUrqIX9C6PVRQ2x0QK/+qooEjyro2NDpBB4y/Wf48jmT982J9y2ZohF2PAi3sSwPnkz570jX+2tz+dkHBLqWd0S11EdnYeFyCMcjb6u2Y45j4JfF93h2p6W4/Dp3p1T3EzqJpEuS/CLo8/ymxc94xJmJKh2Nfe4XEN0MitfYdsWUWE7Ododdm+7uZqjh7uHu007pGCB5RHCy3f4nAZ19HHLsBCRJ7sG3vwBl6Wb+NtLrN01O6Vmyz6Lox9fuuZvAAAA//8OA1TdBAMAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", + "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSy4rcQAy8+yvE3D0P8oDtW8hCLjkYEnINcrvwNKt+0JKd+O+DN7szXphM+iRUVVKpaC7hB6qGnBzhtyGtpR7mUw/jU/MU0uDoEUXyEpGsiTAe2Ng1RMI9RNeK6GnqURMMug/54GVSQ20VdQ4ejnZWJ+yemVyK29DbgfXcZ67DMzq/mplP+w/7Y0OUOOKfghXUwv6F0eqihthogV99VRQJntXRqSFSCLzl+tdxZPPnr5sT7lszxCJseBFvYlifvJnzvyNf7a3P52QcEupF3RLXUR1dhoXIIxyNvq7ZjjmPgp9X3eHWnpbj8PG9u6S4mdRNIl2W4BdHn+QXL3rBJcxIUO1q7nG9huhsVr7Ati2iwnZ2tDvs3nZzNUcPx4fjph1SsMDyCOHlG3xOgzp6t2VYiMiT3QLv/oDr0k387TXW7padUrNln8XR989d8ycAAP//K+mOFgQDAAA=\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", "linuxConfiguration": { "disablePasswordAuthentication": "true", "ssh": { diff --git a/pkg/acsengine/testdata/vnet/kubernetesvnet_expected.json b/pkg/acsengine/testdata/vnet/kubernetesvnet_expected.json index d7bd411a0..31891d7dd 100644 --- a/pkg/acsengine/testdata/vnet/kubernetesvnet_expected.json +++ b/pkg/acsengine/testdata/vnet/kubernetesvnet_expected.json @@ -1436,7 +1436,7 @@ "osProfile": { "adminUsername": "[variables('username')]", "computername": "[concat(variables('masterVMNamePrefix'), copyIndex())]", - "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSTWvcQAy9+1eIvXs324ZC5lYa6KUHQ0uvRR4/vEM0H4xkt/73xWmy68B2Myeh95709Bgu4Seqhpwc4Y8hraUe5mMP42PzFNLg6BFF8hKRrIkwHtjYNUTCPUTXiuhp6lETDLoP+eBlUkNtFXUOHo52VifsnplcitvQ24H11GeuwzM6v5qZj/v7/YeGKHHEfwUrqIX9C6PVRQ2x0QK/+qooEjyro2NDpBB4y/Wf48jmT982J9y2ZohF2PAi3sSwPnkz570jX+2tz+dkHBLqWd0S11EdnYeFyCMcjb6u2Y45j4JfF93h2p6W4/Dp3p1T3EzqJpEuS/CLo8/ymxc94xJmJKh2Nfe4XEN0MitfYdsWUWE7Ododdm+7uZqjh7uHu007pGCB5RHCy3f4nAZ19HHLsBCRJ7sG3vwBl6Wb+NtLrN01O6Vmyz6Lox9fuuZvAAAA//8OA1TdBAMAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", + "customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/bash -c \"/bin/echo DAEMON_ARGS=--advertise-client-urls \"\"http://127.0.0.1:2379,http://',variables('masterPrivateIp'),':2379\"\" --listen-client-urls \"\"http://0.0.0.0:2379,http://0.0.0.0:4001\"\" | tee -a /etc/default/etcd\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://get.docker.com/ > /tmp/install-docker\n- /bin/bash -c \"/bin/bash /tmp/install-docker\"\n- /usr/bin/curl -sSL --retry 12 --retry-delay 10 https://storage.googleapis.com/kubernetes-release/release/',variables('kubectlVersion'),'/bin/linux/amd64/kubectl > /usr/local/bin/kubectl\n- chmod +x /usr/local/bin/kubectl\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterPrivateIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-apiserver\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-apiserver\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-apiserver\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"apiserver\"\n - \"--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota\"\n - \"--address=0.0.0.0\"\n - \"--allow-privileged\"\n - \"--insecure-port=8080\"\n - \"--secure-port=443\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--service-cluster-ip-range=',variables('kubeServiceCidr'),'\"\n - \"--etcd-servers=http://127.0.0.1:4001\"\n - \"--tls-cert-file=/etc/kubernetes/certs/apiserver.crt\"\n - \"--tls-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--client-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=4\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-controller-manager\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-controller-manager\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-controller-manager\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command: \n - \"/hyperkube\"\n - \"controller-manager\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--allocate-node-cidrs=true\"\n - \"--cluster-cidr=10.244.0.0/16\"\n - \"--cluster-name=',variables('masterFqdnPrefix'),'\"\n - \"--cloud-provider=azure\"\n - \"--cloud-config=/etc/kubernetes/azure.json\"\n - \"--root-ca-file=/etc/kubernetes/certs/ca.crt\"\n - \"--service-account-private-key-file=/etc/kubernetes/certs/apiserver.key\"\n - \"--v=2\"\n volumeMounts: \n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: \"v1\"\n kind: \"Pod\"\n metadata:\n name: \"kube-scheduler\"\n namespace: \"kube-system\"\n labels:\n tier: control-plane\n component: kube-scheduler\n spec:\n hostNetwork: true\n containers:\n - name: \"kube-scheduler\"\n image: \"',variables('kubernetesHyperkubeSpec'),'\"\n command:\n - \"/hyperkube\"\n - \"scheduler\"\n - \"--master=127.0.0.1:8080\"\n - \"--kubeconfig=/var/lib/kubelet/kubeconfig\"\n - \"--v=2\"\n volumeMounts:\n - name: \"etc-kubernetes\"\n mountPath: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n mountPath: \"/var/lib/kubelet\"\n volumes:\n - name: \"etc-kubernetes\"\n hostPath:\n path: \"/etc/kubernetes\"\n - name: \"var-lib-kubelet\"\n hostPath:\n path: \"/var/lib/kubelet\"\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yml\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Pod\n metadata:\n name: kube-addon-manager\n namespace: kube-system\n version: v1\n spec:\n hostNetwork: true\n containers:\n - name: kube-addon-manager\n # TODO: consider if hardcoding this is the right thing to do...\n image: gcr.io/google_containers/kube-addon-manager-amd64:v5.1\n resources:\n requests:\n cpu: 5m\n memory: 50Mi\n volumeMounts:\n - name: addons\n mountPath: \"/etc/kubernetes/addons\"\n readOnly: true\n volumes:\n - name: addons\n hostPath:\n path: \"/etc/kubernetes/addons\"\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/8xUXW/rRBB9z68YmVfsOC29LSsFCbUIXhARFF4IQtv1NF51vbPdWUc3F/Hf0TqJvfFNLkmF0M1TtPN1fM7MkU7/hp41WQHr2eRF20rAz+iMVjJosvdkgydj0E8aDLKSQYoJgJFPaDj+A3hpn9BbDMiFpqkyLQf0OaNfa4UCsuBbzLaZd5xL50RXkleWu9f1MP/rCYCVDQ4Z+fDITqp9hDccsJmwQxVB+C1gFnA1AWA0qAJ5cf7QgI0zMuC2JP3S+JPWUujo4P0TAKsaq9agL6RxtSxGNHgdtJImd1QJyLIzywIZ9LtJkP3+1zJ7wc0yE8vsftfw26oiyz9Zs1lmXy4zcjGffJfz3XvNgZfZ33/s56U6nSbjMhWP0AewVyL+FNkgtUXfD85B+lUCI4cszytqpLbz3ajCkJKmyEY5lnNHPsxnZXlzPQR1I1coYKV8RLsiWhn8c5g7jV8Ta2VTvftKzIrbvtLoNVpkXnh6wgERwLPUpvX4WHvkmkwl4CaJ1iG47zGkBQBOhlpANq1RmlB/yHdTs8Mk8kHAXXlXHjzHPYiL/sPj4yIJaKuDluYBjdz8gopsxQLepaXcKoXMCc5ZEg26QWpDXzp8w3BXqewR3YEwPYmLDnfHe9J/2yVS2+mVRJynQIqMgF8fFm9pGJT7RNPH+6GpR1npoyJ+Uqa+7IRAszcLdF2eJYFHptYr5BSf0Y0OfIi4wYb8RsDstvxRJxGPry3yOFu5tuO1OdojaXH0DJVUNeasP2A8snJ0gJbyiNqsR+/RGNDPZ1e3RVmUxeyL0YF2SYZW+bNU2uiwmeeXXW88/Ubya3/C16NN3sXP3uTjW3f5Ap/e3n/Z2+PsN9XcsiF6aV3qwRU+y9aEgteqOHBI6CmHb6YVrqe2NWbEe+vNvDelHU/ZfzZXdFKfOf0jS+xSOkuPljh6f201hvP3BN+j2g/ar8nV/+L0H5EKn53T76CefR8j3Kec90IHu7nAwI77V9Khsrwgo9VGwMN2Tyf/BAAA//9SG2qDwAoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/5RSy44TMRC85ytaczfeXEfABQ5ceEgrcXc8tYkVPwZ3OyR/jzxDMs5uNiw+WdXt6uoqm9H9RGaXYk84CmK9sj6sNxCzXu1dHHr6bBBSfISsAsQMRky/IvJmA8/1RrQvG+QIAb9zSVtfWJAVIx+cRU+d5IJu6rQpjCkiSj89UmNOx9NUEYfcU0wDVkTRBDzrqBCPxp5xPrEgrHiErSIEYfRGMAtqhdbTir0v44UUovOI+WEU4yLyhUxVsmDisLAr6vTuNCJX7q6Br8co6pSqLTbFJ7f9oA8ma+82umIeopfaQuKC2VZL3y+efzmPehxhPy6tN0ycTwanki0aQyr4q4DlCiOyY+lp/fAQLijDluzk9ClFwVHa9jG7g/PYYuipRn4pHZIvAV9TiS2/olCRH0Z2PXUaYjWz1xZZuGto5z2YvZpKapdYroSb4Xv0p2czb7Avlr2kh1i11P+b/i3RtYnMtX+NqZt+g/xOeX+Fz342X7A2TlLaNP5KK5w170yGtmZy0D05a65MuOPwfe63rP3K0veJX4vrZlh/AgAA//9bX4Y0xgQAAA==\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4RSy4rcQAy8+yvE3D0P8oDtW8hCLjkYEnINcrvwNKt+0JKd+O+DN7szXphM+iRUVVKpaC7hB6qGnBzhtyGtpR7mUw/jU/MU0uDoEUXyEpGsiTAe2Ng1RMI9RNeK6GnqURMMug/54GVSQ20VdQ4ejnZWJ+yemVyK29DbgfXcZ67DMzq/mplP+w/7Y0OUOOKfghXUwv6F0eqihthogV99VRQJntXRqSFSCLzl+tdxZPPnr5sT7lszxCJseBFvYlifvJnzvyNf7a3P52QcEupF3RLXUR1dhoXIIxyNvq7ZjjmPgp9X3eHWnpbj8PG9u6S4mdRNIl2W4BdHn+QXL3rBJcxIUO1q7nG9huhsVr7Ati2iwnZ2tDvs3nZzNUcPx4fjph1SsMDyCOHlG3xOgzp6t2VYiMiT3QLv/oDr0k387TXW7padUrNln8XR989d8ycAAP//K+mOFgQDAAA=\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/4SOwUpEMQxF9/2KMPvquHPyESII7vPai5bpa0uSNzB/L60uXOnucnOSHBnlHWqlN6bbU7iWlpneoLeSEHa4ZHHhQFRlQ7WZiK7HBm1w2EPpj6ke5tBo31tMJ9cDp0XKGPwLj1nsc+uiORA12fHn0IakHyLa3Rx7sIE0HUZXXzJxRabn8/rnoh/w11VdzpdZGiqSd+V/hfw+wPTSM+aB8BUAAP//d9OtPhsBAAA=\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/6xUT2vbThC961MsOv9Wtn5NSrqgQ0jSU9OEFgqlKmaymliL9193R8Zq6Xcvsi1HVmw3hO5JvJl5M3r7ZjnnyULZSrBr9Nq1Bi0l0aMUCWMBvVYSomB5whih8RoIuwhjfU53pLMEymKIPcKZMjBHweYyZMpN5s7NNc6eEic1go+EQSzz7P9suq3ruIwBW4kdwFm6S06HKOfRNUFisWgeMFgkjFlsjIHQzsArUaZl+lRgwaBgPdEODrghiU8NO/BHg5H2MMakbwS7mJo90KBxoRUsP5veqkFEK6NeTfB39aCqnOUBo/qJQeTZ29P6eVfNLFjbjgSUvikupmaE4ooCrGPT7Hwc3MxbrMc9WLdNOHsWpjpgrJ2uivNRpNpZr+gviG9swR+QIMvHY/dCFEeM4Z3W3GNQrireTLszHjWSMkAuFLjyzqIlBfqYWfhauldb5vzIjb97oWNeVI92ObzyJegG3wdn9vkeFerqEz7uo1v8HqgWzCBBBQRZp8EgbSPJ7dfZ/d317OPl7c2/7xY9yJMtP99fXm369nU9tYYH1APxFheRg/cHFn6JISpnBdt7d8BaR0DK2QFJlDVWjcaQgfY1ZIN3RrmJDIqUBM29qwQbvDSny8hpDNtOLP32q0wX2JapKNOrLeFlt9vxzuq2TP8rU+e7fBfWOTcrFSmW6e/vXb+IGiW5sBnZAMn6w54Qx2QYiwBefekhXBHa7jNOlnm3fnkyVHuo9GH6QwqPpNPNeq8ihqWSKFhKocHuj3Y2EOsSHttIaJJnG7mlTv4EAAD//4sS0Oy/BgAA\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/sed -i \"s||',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterPrivateIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --config=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=false \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 2 kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAJbogA/9RYX3PbuBF/x6fY0Hpop0dJbnO+q3K+G0aicqwVyaUod9JLRgeRkIWKAjgAGFuX03fvAKQoUiQdX9KX6sEjY3/72z9YYBe6eNFbUdZbYblB6OLLP+gC5oHjBzB3h74bwMgJHLDBHf48g5E3d15P3NFX8aMLGFMSRxLWXMCv+LdUkO5/JGe/osCdOtNg6Y2urc6ny4OF5ovXUzeYD33vNvBm01zy14OFfHc+W/hDd/nGny1u9erfDhaazIaOBur/Xxb6+r9vDxaausG/Zv7Ncu4OF74XvDvpXh0sdOf5wcKZLHOUXv5OG5otAncZ6Lj10vcHC9363lvHf7d07hxv4rz2Jpprntn5u7bq+nfe0F3e+t506N06k+Vw4rmnwPpPYbK0G5zOwM3itTtxA427cwJ3eeO+MzKdA3QBb7FURABn8R4kCQVREjm3nmZ3/ZqSTtHQWQ5dP/DG3tAJTEiXOlNvnXng+svxP0cmeZff5raHs+nYe1NTuaqKjwZ0wpzRW2+6mLu+Wfk+89NbQ6NbQCWQXaL234DaEAYPBLAgwLgCzvQS7EyEiK7hl1/gBdi/gdX51Mh1sODDh1eGBwEAkHDDwWo1yzizc9NYynRH2X1uDBiPiIUMSaP68tYJfr62ekSFvW26IoIRRWQvJELJHk6oJOIjEd0t2VuGRPE03LT6bdgOGTLc7HgE/auXL58J5w8MBOdqoP88SydLS3sOf4cVluTqJdh2REIeEfjxs7wkluQ5OT/P9wMX2yLfa4qayv3JZIcxJUxlmS6y3EZysFA1v08Ca5l9An3MaQOkPaNP8CHn3wvfXf5jPpu2hH+6NkuBn2nV4m2S1wuoDsIKfvgB3Nk4L4Ua4pPZfEsRhpnyImugYcVtfrC+yeQyXclQ0ERRzo6o+hVfwDGOhmZ/C2z7xVpXmpvr8DOK2W1bKAsieSpC8kbwNMlUq42mQMY8xDqMDHTsO+VIGVFTvCPlKE9iEqaCqr2xc0I1N6hC62OF8qxfnWLgqSIBXsXkhC01sQKXCLrDYu98xDTGKxpTtZ+X+du63MFCB+TOxl87ZbjTEczG5THj68YKSRTYj7rZPGCqzHChz0uoYlAcBEm4UCDTMCRSrtMYwjg1l/2G4Fht0Dplod5QIEymgtxkqn/6M2S1nVOtecqi60uzpC1QoAw+XXa7V/3+4RVE3Ej0RzcssAn0Uil6ulpiM58dXfpQAIt+dfxUTPUropUgeFusrGnxVcaEJJD5FXGWXcbGhU6ZDmxGoJ8brxg22BeFw9rViIf6cn7C0+zaO4bEuIBcJ6KR6eGUSYXjuJT2OG+JBcUjVbnfpZDWFB3Q+Za4KoyK/ZB7qchOmyVM1zoQFUZnEkGkwkJlojrfyPjazpjF0sJZEmZf53qZPLs2XtTyTNmav2rLsVRYpRI6P1WzZ/SfdM5QHLtzlTO3KzPHq8TVmL6+CCt87VVYcexYRMbBk3ulimksE31yY6La93WbAVo29iitEzvHwa5yKWT9+A/u/hfeDC0a+U1m6wqq4I0lq/OTBddg9a0SdSM9VI50FlhzeTQH369hqqVyVi61sjw/EYmE3+FekASKmfr/KLzn384VM587HCXf//ABeRBUmfMx5GxN74s6Pr3kRp5/3dvwHel1indcr6ttngHH3sS97lQUe6FhNcDdNqIC7ASqkNJrqFPlKj1nTpYHp69NRM+El+j1MPxdv99MpoVXVaFRNeILiKg010fM7+/12wWv9fSQPbqBpypJ8yuFKPjLY+k1hGzbRjihd0RIytkAPl6i/MjKAbKPx3eQuUGEomsaYkVsnKoN12OiHWGFB/De6lRf7++t3KI+GgPYKJXIQa/XKT3mu53jbNoNY55GOEm62dsh5DsEwPCOGOaSznsLhZwp8qgy/7LvuX+5s3UVLU1lXWTjaEeZAbQZS4UgTNlHQ3XElrJoAFnVIm3EONZEV7JmnMmdpoa/lNsio80/cuTx5Ipbsm9UuHHfvbeQBT82ltsFiLzjNJWMLIrFftSHtDyToEonQ1/y48fZUc/KsTzZllbc4+h01ufMi/x/8NtNdgy8fBYM+S6JiSJnQyH6bwAAAP//IXiibMEUAAA=\n'))]", "linuxConfiguration": { "disablePasswordAuthentication": "true", "ssh": {