New variable kubernetes_cluster_domain
Use cluster_domain/domain variable consistently across all templated files.
All kubeconfig fields contain cluster domain for uniqueness.
Using kubernetes_cluster_domain param now to allow physical servers
to have a different domain from kubernetes cluster if necessary, but
the default keeps them the same.
Change-Id: Ic1e571dc92166b8b603214367f10382fb0ff04b7
diff --git a/README.rst b/README.rst
index 7c2b224..6848d4e 100644
--- a/README.rst
+++ b/README.rst
@@ -102,6 +102,15 @@
pool:
verbosity: 2
+Set cluster domain
+
+.. code-block:: yaml
+
+ parameters:
+ kubernetes:
+ common:
+ kubernetes_cluster_domain: mycluster.domain
+
Enable autoscaler for dns addon. Poll period can be skipped.
.. code-block:: yaml
diff --git a/kubernetes/files/kube-controller-manager/controller-manager.kubeconfig b/kubernetes/files/kube-controller-manager/controller-manager.kubeconfig
index 97d2a7a..91206bc 100644
--- a/kubernetes/files/kube-controller-manager/controller-manager.kubeconfig
+++ b/kubernetes/files/kube-controller-manager/controller-manager.kubeconfig
@@ -2,20 +2,20 @@
apiVersion: v1
kind: Config
-current-context: cluster.local
+current-context: {{ pool.cluster_domain }}
preferences: {}
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca-kubernetes.crt
server: https://{{ pool.apiserver.host }}:443
- name: cluster.local
+ name: {{ pool.cluster_domain }}
contexts:
- context:
- cluster: cluster.local
- user: controller_manager
- name: cluster.local
+ cluster: {{ pool.cluster_domain }}
+ user: controller_manager-{{ pool.cluster_domain }}
+ name: {{ pool.cluster_domain }}
users:
-- name: controller_manager
+- name: controller_manager-{{ pool.cluster_domain }}
user:
client-certificate: /etc/kubernetes/ssl/kubelet-client.crt
client-key: /etc/kubernetes/ssl/kubelet-client.key
diff --git a/kubernetes/files/kube-proxy/proxy.kubeconfig b/kubernetes/files/kube-proxy/proxy.kubeconfig
index b50f6b2..868ecb5 100644
--- a/kubernetes/files/kube-proxy/proxy.kubeconfig
+++ b/kubernetes/files/kube-proxy/proxy.kubeconfig
@@ -2,20 +2,20 @@
apiVersion: v1
kind: Config
-current-context: cluster.local
+current-context: {{ pool.cluster_domain }}
preferences: {}
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca-kubernetes.crt
server: https://{{ pool.apiserver.host }}:443
- name: cluster.local
+ name: {{ pool.cluster_domain }}
contexts:
- context:
- cluster: cluster.local
- user: kube_proxy
- name: cluster.local
+ cluster: {{ pool.cluster_domain }}
+ user: kube_proxy-{{ pool.cluster_domain }}
+ name: {{ pool.cluster_domain }}
users:
-- name: kube_proxy
+- name: kube_proxy-{{ pool.cluster_domain }}
user:
client-certificate: /etc/kubernetes/ssl/kubelet-client.crt
client-key: /etc/kubernetes/ssl/kubelet-client.key
diff --git a/kubernetes/files/kube-scheduler/scheduler.kubeconfig b/kubernetes/files/kube-scheduler/scheduler.kubeconfig
index 2500041..8441a2e 100644
--- a/kubernetes/files/kube-scheduler/scheduler.kubeconfig
+++ b/kubernetes/files/kube-scheduler/scheduler.kubeconfig
@@ -1,20 +1,20 @@
{%- from "kubernetes/map.jinja" import pool with context %}
apiVersion: v1
kind: Config
-current-context: cluster.local
+current-context: {{ pool.cluster_domain }}
preferences: {}
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca-kubernetes.crt
server: https://{{ pool.apiserver.host }}:443
- name: cluster.local
+ name: {{ pool.cluster_domain }}
contexts:
- context:
- cluster: cluster.local
- user: scheduler
- name: cluster.local
+ cluster: {{ pool.cluster_domain }}
+ user: scheduler-{{ pool.cluster_domain }}
+ name: {{ pool.cluster_domain }}
users:
-- name: scheduler
+- name: scheduler-{{ pool.cluster_domain }}
user:
client-certificate: /etc/kubernetes/ssl/kubelet-client.crt
client-key: /etc/kubernetes/ssl/kubelet-client.key
diff --git a/kubernetes/files/kubeconfig.sh b/kubernetes/files/kubeconfig.sh
index ff1eda1..861d999 100644
--- a/kubernetes/files/kubeconfig.sh
+++ b/kubernetes/files/kubeconfig.sh
@@ -1,3 +1,4 @@
+{%- from "kubernetes/map.jinja" import master with context %}
#!/bin/bash
# server url
@@ -7,6 +8,7 @@
cert="$(cat /etc/kubernetes/ssl/kubelet-client.crt | base64 | sed 's/^/ /g')"
key="$(cat /etc/kubernetes/ssl/kubelet-client.key | base64 | sed 's/^/ /g')"
ca="$(cat /etc/kubernetes/ssl/ca-kubernetes.crt | base64 | sed 's/^/ /g')"
+cluster="{{ master.addons.dns.domain }}"
echo "apiVersion: v1
clusters:
@@ -14,23 +16,23 @@
certificate-authority-data: |
${ca}
server: ${server}
- name: mycluster
+ name: ${cluster}
- cluster:
server: http://localhost:8080
name: local
contexts:
- context:
- cluster: mycluster
- user: "cluster-admin"
- name: mycluster
+ cluster: ${cluster}
+ user: admin-${cluster}
+ name: ${cluster}
- context:
cluster: local
namespace: default
user: ""
name: local
-current-context: mycluster
+current-context: ${cluster}
users:
-- name: cluster-admin
+- name: ${cluster}
user:
client-certificate-data: |
${cert}
diff --git a/kubernetes/files/kubelet/kubelet.kubeconfig.master b/kubernetes/files/kubelet/kubelet.kubeconfig.master
index dd887f6..7514b6d 100644
--- a/kubernetes/files/kubelet/kubelet.kubeconfig.master
+++ b/kubernetes/files/kubelet/kubelet.kubeconfig.master
@@ -2,20 +2,20 @@
apiVersion: v1
kind: Config
-current-context: cluster.local
+current-context: {{ master.addons.dns.domain }}
preferences: {}
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca-kubernetes.crt
server: https://{{ master.apiserver.address }}:443
- name: cluster.local
+ name: {{ master.addons.dns.domain }}
contexts:
- context:
- cluster: cluster.local
- user: kubelet
- name: cluster.local
+ cluster: {{ master.addons.dns.domain }}
+ user: kubelet-{{ master.addons.dns.domain }}
+ name: {{ master.addons.dns.domain }}
users:
-- name: kubelet
+- name: kubelet-{{ master.addons.dns.domain }}
user:
client-certificate: /etc/kubernetes/ssl/kubelet-client.crt
client-key: /etc/kubernetes/ssl/kubelet-client.key
diff --git a/kubernetes/files/kubelet/kubelet.kubeconfig.pool b/kubernetes/files/kubelet/kubelet.kubeconfig.pool
index 74a5ae9..494c038 100644
--- a/kubernetes/files/kubelet/kubelet.kubeconfig.pool
+++ b/kubernetes/files/kubelet/kubelet.kubeconfig.pool
@@ -2,20 +2,20 @@
apiVersion: v1
kind: Config
-current-context: cluster.local
+current-context: {{ pool.cluster_domain }}
preferences: {}
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca-kubernetes.crt
server: https://{{ pool.apiserver.host }}:443
- name: cluster.local
+ name: {{ pool.cluster_domain }}
contexts:
- context:
- cluster: cluster.local
- user: kubelet
- name: cluster.local
+ cluster: {{ pool.cluster_domain }}
+ user: kubelet-{{ pool.cluster_domain }}
+ name: {{ pool.cluster_domain }}
users:
-- name: kubelet
+- name: kubelet-{{ pool.cluster_domain }}
user:
client-certificate: /etc/kubernetes/ssl/kubelet-client.crt
client-key: /etc/kubernetes/ssl/kubelet-client.key
diff --git a/kubernetes/files/virtlet/kubelet.conf b/kubernetes/files/virtlet/kubelet.conf
index e8ff7d5..db0baa4 100644
--- a/kubernetes/files/virtlet/kubelet.conf
+++ b/kubernetes/files/virtlet/kubelet.conf
@@ -1,3 +1,4 @@
+{%- from "kubernetes/map.jinja" import common with context %}
{
"address": "0.0.0.0",
"allowPrivileged": true,
@@ -31,7 +32,7 @@
"clusterDNS": [
"10.254.0.10"
],
- "clusterDomain": "cluster.local",
+ "clusterDomain": "{{ common.cluster_domain }}",
"cniBinDir": "/opt/cni/bin",
"cniConfDir": "",
"containerRuntime": "docker",
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index 5e72de2..12f782f 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -2,8 +2,11 @@
- service.kubernetes.logging
- service.kubernetes.monitoring
parameters:
+ _param:
+ kubernetes_cluster_domain: ${_param:cluster_domain}
kubernetes:
common:
+ cluster_domain: ${_param:kubernetes_cluster_domain}
network:
engine: none
mtu: 1500
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index e969046..f755401 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -40,7 +40,7 @@
replicas: 1
autoscaler:
enabled: true
- domain: cluster.local
+ domain: ${_param:kubernetes_cluster_domain}
server: 10.254.0.10
dnsmasq:
cache-size: 1000
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index 524737e..00dff34 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -35,7 +35,7 @@
replicas: 1
autoscaler:
enabled: true
- domain: cluster.local
+ domain: ${_param:kubernetes_cluster_domain}
server: 10.254.0.10
dnsmasq:
cache-size: 1000
diff --git a/metadata/service/pool/cluster.yml b/metadata/service/pool/cluster.yml
index 1905d3a..41c8ffb 100644
--- a/metadata/service/pool/cluster.yml
+++ b/metadata/service/pool/cluster.yml
@@ -23,7 +23,7 @@
# - host: ${_param:cluster_node03_address}
address: ${_param:cluster_local_address}
cluster_dns: 10.254.0.10
- cluster_domain: cluster.local
+ cluster_domain: ${_param:kubernetes_cluster_domain}
kubelet:
config: /etc/kubernetes/manifests
allow_privileged: True
diff --git a/metadata/service/pool/single.yml b/metadata/service/pool/single.yml
index 62e5911..e5826c3 100644
--- a/metadata/service/pool/single.yml
+++ b/metadata/service/pool/single.yml
@@ -20,7 +20,7 @@
address: 0.0.0.0
cluster_dns: 10.254.0.10
allow_privileged: True
- cluster_domain: cluster.local
+ cluster_domain: ${param:kubernetes_cluster_domain}
kubelet:
config: /etc/kubernetes/manifests
allow_privileged: True
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index a2c98fd..2d03b69 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -1,5 +1,6 @@
kubernetes:
common:
+ cluster_domain: cluster.local
network:
engine: none
hyperkube:
diff --git a/tests/pillar/master_contrail.sls b/tests/pillar/master_contrail.sls
index c237389..7cf9d68 100644
--- a/tests/pillar/master_contrail.sls
+++ b/tests/pillar/master_contrail.sls
@@ -1,5 +1,6 @@
kubernetes:
common:
+ cluster_domain: cluster.local
network:
engine: opencontrail
hyperkube:
diff --git a/tests/pillar/master_contrail4_0.sls b/tests/pillar/master_contrail4_0.sls
index 8cf9c36..3c6682f 100644
--- a/tests/pillar/master_contrail4_0.sls
+++ b/tests/pillar/master_contrail4_0.sls
@@ -1,5 +1,6 @@
kubernetes:
common:
+ cluster_domain: cluster.local
network:
engine: opencontrail
hyperkube:
diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls
index 71dda18..f9d06f4 100644
--- a/tests/pillar/pool_cluster.sls
+++ b/tests/pillar/pool_cluster.sls
@@ -1,5 +1,6 @@
kubernetes:
common:
+ cluster_domain: cluster.local
network:
engine: none
hyperkube:
diff --git a/tests/pillar/pool_contrail4_0.sls b/tests/pillar/pool_contrail4_0.sls
index 28807e5..6cce55d 100644
--- a/tests/pillar/pool_contrail4_0.sls
+++ b/tests/pillar/pool_contrail4_0.sls
@@ -1,5 +1,6 @@
kubernetes:
common:
+ cluster_domain: cluster.local
network:
engine: none
hyperkube: