From 3a022054966fcae27f6c31a1bb4f292ec84ca379 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Wed, 20 Feb 2019 20:52:36 +0100
Subject: [PATCH] nixos/kubernetes: bootstrap docker without networking

Before flannel is ready there is a brief time where docker will be
running with a default docker0 bridge. If kubernetes happens to spawn
containers before flannel is ready, docker can't be restarted when
flannel is ready because some containers are still running on the
docker0 bridge with potentially different network addresses.

Environment variables in `EnvironmentFile` override those defined via
`Environment` in the systemd service config.

Co-authored-by: Christian Albrecht <christian.albrecht@mayflower.de>
---
 nixos/modules/services/cluster/kubernetes/flannel.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/cluster/kubernetes/flannel.nix b/nixos/modules/services/cluster/kubernetes/flannel.nix
index 55c737a5cf18..6f97febf5ba7 100644
--- a/nixos/modules/services/cluster/kubernetes/flannel.nix
+++ b/nixos/modules/services/cluster/kubernetes/flannel.nix
@@ -66,7 +66,10 @@ in
       };
     };
 
-    systemd.services.docker.serviceConfig.EnvironmentFile = "/run/flannel/docker";
+    systemd.services.docker = {
+      environment.DOCKER_OPTS = "-b none";
+      serviceConfig.EnvironmentFile = "/run/flannel/docker";
+    };
 
     # read environment variables generated by mk-docker-opts
     virtualisation.docker.extraOptions = "$DOCKER_OPTS";