Initial kubernetes config on controller
Support the deployment of kubernetes on controller-0 through a new "--kubernetes" option on the config_controller command. This is just an early version of the code to allow other to build on it. Change-Id: I8514ca35606d5573de3f52b56551395618cca79b
This commit is contained in:
parent
8da327327f
commit
008d0b396f
|
@ -300,7 +300,7 @@ def get_tboot_info():
|
|||
class ConfigAssistant():
|
||||
"""Allow user to do the initial configuration."""
|
||||
|
||||
def __init__(self, labmode=False, **kwargs):
|
||||
def __init__(self, labmode=False, kubernetes=False, **kwargs):
|
||||
"""Constructor
|
||||
|
||||
The values assigned here are used as the defaults if the user does not
|
||||
|
@ -308,6 +308,8 @@ class ConfigAssistant():
|
|||
"""
|
||||
|
||||
self.labmode = labmode
|
||||
# Temporary flag to be removed once kubernetes installs are the default
|
||||
self.kubernetes = kubernetes
|
||||
|
||||
self.config_uuid = "install"
|
||||
|
||||
|
@ -3643,7 +3645,8 @@ class ConfigAssistant():
|
|||
'vswitch_type': str(self.vswitch_type),
|
||||
'shared_services': str(self.shared_services),
|
||||
'sdn_enabled': self.enable_sdn,
|
||||
'https_enabled': self.enable_https}
|
||||
'https_enabled': self.enable_https,
|
||||
'kubernetes_enabled': self.kubernetes}
|
||||
|
||||
system_type = utils.get_system_type()
|
||||
|
||||
|
|
|
@ -414,6 +414,10 @@ def main():
|
|||
do_provision = True
|
||||
elif sys.argv[arg] == "--allow-ssh":
|
||||
allow_ssh = True
|
||||
elif sys.argv[arg] == "--kubernetes":
|
||||
# This is a temporary flag for use during development. Once things
|
||||
# are stable, we will remove it and make kubernetes the default.
|
||||
options['kubernetes'] = True
|
||||
else:
|
||||
print "Invalid option. Use --help for more information."
|
||||
exit(1)
|
||||
|
|
|
@ -30,6 +30,7 @@ include ::platform::amqp::rabbitmq
|
|||
include ::platform::postgresql::server
|
||||
include ::platform::haproxy::server
|
||||
include ::platform::grub
|
||||
include ::platform::kubernetes::master
|
||||
|
||||
include ::platform::patching
|
||||
include ::platform::patching::api
|
||||
|
|
|
@ -0,0 +1,116 @@
|
|||
class platform::kubernetes::params (
|
||||
$enabled = false,
|
||||
$pod_network_cidr = undef,
|
||||
$apiserver_advertise_address = undef,
|
||||
) { }
|
||||
|
||||
class platform::kubernetes::master::init
|
||||
inherits ::platform::kubernetes::params {
|
||||
|
||||
Class['::platform::kubernetes::master'] -> Class[$name]
|
||||
|
||||
# This init only needs to be done once. Only controller-0 is supported for
|
||||
# now...
|
||||
if str2bool($::is_initial_config_primary) {
|
||||
$resolv_conf = '/etc/resolv.conf'
|
||||
|
||||
# Add a DNS server to allow access to kubernetes repo. This will no longer
|
||||
# be required once we are using our own internal repo.
|
||||
file_line { "${resolv_conf} nameserver 8.8.8.8":
|
||||
path => $resolv_conf,
|
||||
line => 'nameserver 8.8.8.8',
|
||||
} ->
|
||||
|
||||
# Configure the master node. May want to use a config file instead of
|
||||
# command line parameters.
|
||||
exec { "configure master node":
|
||||
command => "kubeadm init --pod-network-cidr=$pod_network_cidr --apiserver-advertise-address=$apiserver_advertise_address",
|
||||
logoutput => true,
|
||||
} ->
|
||||
|
||||
# Configure calico networking. This is just for prototyping - see the
|
||||
# following for proper deployment:
|
||||
# https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation
|
||||
exec { "configure calico networking":
|
||||
command =>
|
||||
"kubectl --kubeconfig=/etc/kubernetes/admin.conf apply -f https://docs.projectcalico.org/v3.0/getting-started/kubernetes/installation/hosted/kubeadm/1.7/calico.yaml",
|
||||
logoutput => true,
|
||||
} ->
|
||||
|
||||
# Remove the taint from the master node
|
||||
exec { "remove taint from master node":
|
||||
command =>
|
||||
"kubectl --kubeconfig=/etc/kubernetes/admin.conf taint nodes --all node-role.kubernetes.io/master-",
|
||||
logoutput => true,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
class platform::kubernetes::master
|
||||
inherits ::platform::kubernetes::params {
|
||||
|
||||
if $enabled {
|
||||
include ::platform::kubernetes::master::init
|
||||
|
||||
$repo_file = "[kubernetes]
|
||||
name=Kubernetes
|
||||
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
|
||||
enabled=1
|
||||
gpgcheck=1
|
||||
repo_gpgcheck=1
|
||||
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg"
|
||||
$iptables_file = "net.bridge.bridge-nf-call-ip6tables = 1
|
||||
net.bridge.bridge-nf-call-iptables = 1"
|
||||
$kubeadm_conf = '/etc/systemd/system/kubelet.service.d/kubeadm.conf'
|
||||
|
||||
# Configure the kubernetes repo to allow us to download docker images for
|
||||
# the kubernetes components. This will disappear once we have our own
|
||||
# repo.
|
||||
file { '/etc/yum.repos.d/kubernetes.repo':
|
||||
ensure => file,
|
||||
content => "$repo_file",
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
} ->
|
||||
|
||||
# Update iptables config. This is required based on:
|
||||
# https://kubernetes.io/docs/tasks/tools/install-kubeadm
|
||||
# This probably belongs somewhere else - initscripts package?
|
||||
file { '/etc/sysctl.d/k8s.conf':
|
||||
ensure => file,
|
||||
content => "$iptables_file",
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
} ->
|
||||
exec { "update kernel parameters for iptables":
|
||||
command => "sysctl --system",
|
||||
} ->
|
||||
|
||||
# Start docker - will move to another manifest.
|
||||
service { 'docker':
|
||||
ensure => 'running',
|
||||
enable => true,
|
||||
} ->
|
||||
|
||||
# Update kubelet configuration. Should probably just patch the kubelet
|
||||
# package to fix these things.
|
||||
file_line { "${kubeadm_conf} KUBELET_EXTRA_ARGS":
|
||||
path => $kubeadm_conf,
|
||||
line => 'Environment="KUBELET_EXTRA_ARGS=--cgroup-driver=cgroupfs"',
|
||||
match => '^Environment="KUBELET_EXTRA_ARGS=',
|
||||
} ->
|
||||
file_line { "${kubeadm_conf} KUBELET_NETWORK_ARGS":
|
||||
path => $kubeadm_conf,
|
||||
line => 'Environment="KUBELET_NETWORK_ARGS=--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"',
|
||||
match => '^Environment="KUBELET_NETWORK_ARGS=',
|
||||
} ->
|
||||
|
||||
# Start kubelet.
|
||||
service { 'kubelet':
|
||||
ensure => 'running',
|
||||
enable => true,
|
||||
}
|
||||
}
|
||||
}
|
|
@ -72,6 +72,13 @@ class BasePuppet(object):
|
|||
system = self._get_system()
|
||||
return system.capabilities.get('sdn_enabled', False)
|
||||
|
||||
def _kubernetes_enabled(self):
|
||||
if self.dbapi is None:
|
||||
return False
|
||||
|
||||
system = self._get_system()
|
||||
return system.capabilities.get('kubernetes_enabled', False)
|
||||
|
||||
def _https_enabled(self):
|
||||
if self.dbapi is None:
|
||||
return False
|
||||
|
|
|
@ -0,0 +1,28 @@
|
|||
#
|
||||
# Copyright (c) 2018 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
from sysinv.openstack.common import log as logging
|
||||
|
||||
from . import base
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class KubernetesPuppet(base.BasePuppet):
|
||||
"""Class to encapsulate puppet operations for kubernetes configuration"""
|
||||
|
||||
def get_system_config(self):
|
||||
config = {}
|
||||
if self._kubernetes_enabled():
|
||||
config.update(
|
||||
{'platform::kubernetes::params::enabled': True,
|
||||
'platform::kubernetes::params::pod_network_cidr':
|
||||
'192.168.0.0/16',
|
||||
'platform::kubernetes::params::apiserver_advertise_address':
|
||||
self._get_management_address(),
|
||||
})
|
||||
|
||||
return config
|
|
@ -47,6 +47,7 @@ from . import platform
|
|||
from . import storage
|
||||
from . import device
|
||||
from . import service_parameter
|
||||
from . import kubernetes
|
||||
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
@ -98,6 +99,7 @@ class PuppetOperator(object):
|
|||
self.sysinv = inventory.SystemInventoryPuppet(self)
|
||||
self.device = device.DevicePuppet(self)
|
||||
self.ironic = ironic.IronicPuppet(self)
|
||||
self.kubernetes = kubernetes.KubernetesPuppet(self)
|
||||
self.service_parameter = service_parameter.ServiceParamPuppet(self)
|
||||
|
||||
@property
|
||||
|
@ -217,6 +219,7 @@ class PuppetOperator(object):
|
|||
config.update(self.panko.get_system_config())
|
||||
config.update(self.dcmanager.get_system_config())
|
||||
config.update(self.dcorch.get_system_config())
|
||||
config.update(self.kubernetes.get_system_config())
|
||||
# service_parameter must be last to permit overrides
|
||||
config.update(self.service_parameter.get_system_config())
|
||||
|
||||
|
|
Loading…
Reference in New Issue