diff --git a/calico-secure/v03/1a-env.export.sh b/calico-secure/v03/1a-env.export.sh index a75c1e5..f855543 100644 --- a/calico-secure/v03/1a-env.export.sh +++ b/calico-secure/v03/1a-env.export.sh @@ -24,4 +24,4 @@ export CALICO_NODE_CERTS_DIR=/etc/calico/certs/node export CALICO_CALICOCTL_CERTS_DIR=/etc/calico/certs/calicoctl export CALICO_CNI_CERTS_DIR=/etc/calico/certs/cni -EOF \ No newline at end of file +EOF diff --git a/calico-secure/v03/1b-prereqs-certs.sh b/calico-secure/v03/1b-prereqs-certs.sh index 74582ba..d599dd9 100644 --- a/calico-secure/v03/1b-prereqs-certs.sh +++ b/calico-secure/v03/1b-prereqs-certs.sh @@ -58,4 +58,4 @@ sudo ./bootstrap-certs.py calico ${CALICO_CNI_CERTS_DIR} sudo curl -kL https://master.mesos/ca/dcos-ca.crt -o ${CALICO_CNI_CERTS_DIR}/dcos-ca.crt ## Other misc. directories -sudo mkdir -p ${ETCD_DATA_DIR} \ No newline at end of file +sudo mkdir -p ${ETCD_DATA_DIR} diff --git a/calico-secure/v03/3-enable-masters.sh b/calico-secure/v03/3-enable-masters.sh index 5b1a1d2..504bd02 100644 --- a/calico-secure/v03/3-enable-masters.sh +++ b/calico-secure/v03/3-enable-masters.sh @@ -21,7 +21,9 @@ sudo ETCDCTL_API=2 /opt/etcd/etcdctl \ ####### Docker cluster store # Get docker to pick up the new config # !!! If this fails, you may have to remove the 'overlay' line from /etc/docker/daemon.json - it doesn't like redundant configurations -# sudo sed -i "/storage-driver/d" /etc/docker/daemon.json +if [[ $(systemctl cat docker | grep 'storage-driver=overlay' | wc -l) -eq 1 ]]; then + sudo sed -i "/storage-driver/d" /etc/docker/daemon.json +fi sudo systemctl restart docker # Validate @@ -41,4 +43,4 @@ sudo systemctl restart dcos-calico-node.timer # Check status sleep 5 -sudo calicoctl node status \ No newline at end of file +sudo calicoctl node status diff --git a/calico-secure/v03/4-set-up-pool.sh b/calico-secure/v03/4-set-up-pool.sh index af90ba6..520ad31 100644 --- a/calico-secure/v03/4-set-up-pool.sh +++ b/calico-secure/v03/4-set-up-pool.sh @@ -6,4 +6,7 @@ sudo calicoctl get ipps -o json | sudo tee /etc/calico/ippool-backup.json sudo calicoctl delete ipps 192.168.0.0/16 sudo calicoctl apply -f /etc/calico/ippool.json -sudo calicoctl get ipps -o json \ No newline at end of file +sudo calicoctl get ipps -o json + +### Set up Docker network +docker network create --driver calico --ipam-driver calico-ipam calico diff --git a/calico-secure/v03/5-enable-agents.sh b/calico-secure/v03/5-enable-agents.sh index ff3e74b..ddf7e73 100644 --- a/calico-secure/v03/5-enable-agents.sh +++ b/calico-secure/v03/5-enable-agents.sh @@ -21,14 +21,16 @@ sudo ETCDCTL_API=2 /opt/etcd/etcdctl \ ####### Docker cluster store # Get docker to pick up the new config # !!! If this fails, you may have to remove the 'overlay' line from /etc/docker/daemon.json - it doesn't like redundant configurations -# sudo sed -i "/storage-driver/d" /etc/docker/daemon.json +if [[ $(systemctl cat docker | grep 'storage-driver=overlay' | wc -l) -eq 1 ]]; then + sudo sed -i "/storage-driver/d" /etc/docker/daemon.json +fi sudo systemctl restart docker # Validate sudo docker info | grep -i cluster -####### Calico node (not strictly necessary on masters, but a good idea, I think) +####### Calico node sudo cp /etc/calico/dcos-calico-node.service /etc/systemd/system/dcos-calico-node.service sudo cp /etc/calico/dcos-calico-node.timer /etc/systemd/system/dcos-calico-node.timer @@ -40,7 +42,7 @@ sudo systemctl enable dcos-calico-node.timer sudo systemctl restart dcos-calico-node.timer # Check status -sleep 15 +sleep 5 sudo calicoctl node status