Update puppet-manifests for kubernetes 1.12

The kubeadm.yaml format has been updated for the new settings. kubernetes 1.12 uses coredns rather than kube-dns. The service file is simplified and the conf file now specified the kubelet extra args like this: nodeRegistrationOptions: kubeletExtraArgs: cgroup-driver: "cgroupfs" node-status-update-frequency: "4s" fail-swap-on: false Story: 2002843 Task: 26751 Change-Id: I1e25e17ce865960950e98e5033ccf1e43b3a8611 Depends-On: Ib5602a4a57c0e8998430b0774375853cdd2bca01 Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2018-10-16 08:06:14 -05:00 · 2018-10-16 08:06:14 -05:00 · 4ebb2057f4
parent c249d0557a
commit 4ebb2057f4
3 changed files with 22 additions and 37 deletions
--- a/puppet-manifests/src/modules/platform/files/kubelet-service-conf
+++ b/puppet-manifests/src/modules/platform/files/kubelet-service-conf
@ -1,17 +0,0 @@
-# Based on file packaged in kubernetes-kubeadm-1.10.0. Changes:
-# - changed --cgroup-driver to cgroupfs
-# - changed --cni-bin-dir to /opt/cni/bin
-# - added --node-status-update-frequency=4s
-# - added --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf
-[Service]
-Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --fail-swap-on=false"
-Environment="KUBELET_SYSTEM_PODS_ARGS=--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true"
-Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
-Environment="KUBELET_DNS_ARGS=--cluster-dns=10.96.0.10 --cluster-domain=cluster.local"
-Environment="KUBELET_AUTHZ_ARGS=--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"
-Environment="KUBELET_EXTRA_ARGS=--cgroup-driver=cgroupfs --node-status-update-frequency=4s"
-ExecStart=
-ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_SYSTEM_PODS_ARGS $KUBELET_NETWORK_ARGS $KUBELET_DNS_ARGS $KUBELET_AUTHZ_ARGS $KUBELET_EXTRA_ARGS
-Restart=always
-StartLimitInterval=0
-RestartSec=10
--- a/puppet-manifests/src/modules/platform/manifests/kubernetes.pp
+++ b/puppet-manifests/src/modules/platform/manifests/kubernetes.pp
@ -45,15 +45,6 @@ class platform::kubernetes::kubeadm {
    command => "sysctl --system",
  } ->

-  # Replace kubelet configuration file.
-  file {'/etc/systemd/system/kubelet.service.d/kubeadm.conf':
-    ensure  => file,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0644',
-    source  => "puppet:///modules/${module_name}/kubelet-service-conf"
-  } ->
-
  # Start kubelet.
  service { 'kubelet':
    ensure => 'running',
@ -136,9 +127,10 @@ class platform::kubernetes::master::init
      logoutput => true,
    } ->

-    # Restrict the kube-dns pod to master nodes
-    exec { "restrict kube-dns to master nodes":
-      command => 'kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system patch deployment kube-dns -p \'{"spec":{"template":{"spec":{"nodeSelector":{"node-role.kubernetes.io/master":""}}}}}\'',
+    # kubernetes 1.12 uses coredns rather than kube-dns.
+    # Restrict the dns pod to master nodes
+    exec { "restrict coredns to master nodes":
+      command => 'kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system patch deployment coredns -p \'{"spec":{"template":{"spec":{"nodeSelector":{"node-role.kubernetes.io/master":""}}}}}\'',
      logoutput => true,
    } ->

@ -216,10 +208,11 @@ class platform::kubernetes::master::init
        source  => "puppet:///modules/${module_name}/kubeconfig.sh"
      } ->

-      # Restrict the kube-dns pod to master nodes. It seems that each time
+      # kubernetes 1.12 uses coredns rather than kube-dns.
+      # Restrict the dns pod to master nodes. It seems that each time
      # kubeadm init is run, it undoes any changes to the deployment.
-      exec { "restrict kube-dns to master nodes":
-        command => 'kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system patch deployment kube-dns -p \'{"spec":{"template":{"spec":{"nodeSelector":{"node-role.kubernetes.io/master":""}}}}}\'',
+      exec { "restrict coredns to master nodes":
+        command => 'kubectl --kubeconfig=/etc/kubernetes/admin.conf -n kube-system patch deployment coredns -p \'{"spec":{"template":{"spec":{"nodeSelector":{"node-role.kubernetes.io/master":""}}}}}\'',
        logoutput => true,
      } ->

--- a/puppet-manifests/src/modules/platform/templates/kubeadm.yaml.erb
+++ b/puppet-manifests/src/modules/platform/templates/kubeadm.yaml.erb
@ -1,15 +1,24 @@
-apiVersion: kubeadm.k8s.io/v1alpha1
-kind: MasterConfiguration
-api:
+apiVersion: kubeadm.k8s.io/v1alpha3
+kind: InitConfiguration
+apiEndpoint:
  advertiseAddress: <%= @apiserver_advertise_address %>
+---
+apiVersion: kubeadm.k8s.io/v1alpha3
+kind: ClusterConfiguration
 etcd:
-  endpoints:
-  - <%= @etcd_endpoint %>
+  external:
+    endpoints:
+    - <%= @etcd_endpoint %>
 apiServerCertSANs:
 - "<%= @apiserver_advertise_address %>"
 - "127.0.0.1"
 networking:
  podSubnet: <%= @pod_network_cidr %>
+nodeRegistrationOptions:
+  kubeletExtraArgs:
+    cgroup-driver: "cgroupfs"
+    node-status-update-frequency: "4s"
+    fail-swap-on: false
 controllerManagerExtraArgs:
  node-monitor-period: "2s"
  node-monitor-grace-period: "20s"