Merge "Rewrite logic for virtlet deployment."
diff --git a/kubernetes/_common.sls b/kubernetes/_common.sls
index 283956e..0e5b5ca 100644
--- a/kubernetes/_common.sls
+++ b/kubernetes/_common.sls
@@ -56,39 +56,19 @@
{%- endif %}
{%- if common.addons.get('virtlet', {}).get('enabled') %}
-/tmp/criproxy:
- file.directory:
- - user: root
- - group: root
-
-copy-criproxy-bin:
- cmd.run:
- - name: docker run --rm -v /tmp/criproxy/:/tmp/criproxy/ --entrypoint cp {{ common.addons.virtlet.image }} -vr /criproxy /tmp/criproxy
- - require:
- - file: /tmp/criproxy
- {%- if grains.get('noservices') %}
- - onlyif: /bin/false
- {%- endif %}
/usr/bin/criproxy:
file.managed:
- - source: /tmp/criproxy/criproxy
+ - source: https://github.com/mirantis/criproxy/releases/download/{{ common.addons.virtlet.get('criproxy_version', 'v0.9.2') }}/criproxy
- mode: 750
- makedirs: true
- user: root
- group: root
- - require:
- - cmd: copy-criproxy-bin
+ - source_hash: {{ common.addons.virtlet.get('criproxy_source', 'md5=c52d3c4e457144c6523570c847a442b2') }}
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
-/usr/bin/dockershim:
- file.symlink:
- - target: /usr/bin/criproxy
- - require:
- - file: /usr/bin/criproxy
-
{%- if not pillar.kubernetes.pool is defined %}
/etc/default/dockershim:
@@ -146,7 +126,7 @@
- enable: True
- watch:
- file: /etc/default/dockershim
- - file: /usr/bin/dockershim
+ - file: /usr/bin/hyperkube
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
diff --git a/kubernetes/files/dockershim/default.master b/kubernetes/files/dockershim/default.master
index 1e30e39..e0af9f5 100644
--- a/kubernetes/files/dockershim/default.master
+++ b/kubernetes/files/dockershim/default.master
@@ -3,6 +3,8 @@
# test_args has to be kept at the end, so they'll overwrite any prior configuration
DAEMON_ARGS="\
+--experimental-dockershim \
+--port 11250 \
--pod-manifest-path=/etc/kubernetes/manifests \
--address={{ master.kubelet.address }} \
--allow-privileged={{ master.kubelet.allow_privileged }} \
diff --git a/kubernetes/files/dockershim/default.pool b/kubernetes/files/dockershim/default.pool
index cd717c4..a9d2839 100644
--- a/kubernetes/files/dockershim/default.pool
+++ b/kubernetes/files/dockershim/default.pool
@@ -3,14 +3,14 @@
# test_args has to be kept at the end, so they'll overwrite any prior configuration
DAEMON_ARGS="\
---require-kubeconfig \
+--experimental-dockershim \
+--port 11250 \
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \
--pod-manifest-path=/etc/kubernetes/manifests \
--address={{ pool.kubelet.address }} \
--allow-privileged={{ pool.kubelet.allow_privileged }} \
--cluster_dns={{ common.addons.dns.server }} \
--cluster_domain={{ common.addons.dns.domain|replace('_', '-') }} \
---cni-bin-dir={{ pool.apiserver.get('cni_bin_dir', '/opt/cni/bin') }} \
--hostname-override={{ pool.host.name }} \
--v={{ pool.get('verbosity', 2) }} \
{%- if pillar.kubernetes.master is defined %}
@@ -23,6 +23,8 @@
{%- endif %}
{%- if pool.network.engine in ['calico', 'opencontrail'] %}
--network-plugin=cni \
+--cni-bin-dir={{ pool.apiserver.get('cni_bin_dir', '/opt/cni/bin') }} \
+{%- else %}
--network-plugin-dir=/etc/cni/net.d \
{%- endif %}
--file-check-frequency={{ pool.kubelet.frequency }} \
@@ -32,10 +34,7 @@
--cloud-config=/etc/kubernetes/cloud-config.conf \
{%- endif %}
{%- endif %}
-{%- if common.addons.get('virtlet', {}).get('enabled') %}
---container-runtime={{ pool.get('container-runtime', 'remote') }} \
--enable-controller-attach-detach={{ pool.get('enable-controller-attach-detach', 'false') }} \
-{%- endif %}
{%- for key, value in pool.get('kubelet', {}).get('daemon_opts', {}).iteritems() %}
--{{ key }}={{ value }} \
{%- endfor %}
diff --git a/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml b/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
index eaced34..13a12f2 100644
--- a/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
+++ b/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
@@ -56,19 +56,19 @@
volumeMounts:
- name: k8s-flexvolume-plugins-dir
mountPath: /kubelet-volume-plugins
- - name: criproxybin
- mountPath: /opt/criproxy/bin
- name: run
mountPath: /run
- name: dockersock
mountPath: /var/run/docker.sock
- - name: criproxyconf
- mountPath: /etc/criproxy
- name: log
mountPath: /hostlog
# for ensuring that /var/lib/libvirt/images exists on node
- name: var-lib
mountPath: /host-var-lib
+ - name: criproxybin
+ mountPath: /opt/criproxy/bin
+ - name: criproxyconf
+ mountPath: /etc/criproxy
securityContext:
privileged: true
@@ -136,7 +136,7 @@
name: kubernetes
- mountPath: /etc/cni
name: cniconf
- - mountPath: /opt/cni/bin
+ - mountPath: /opt/cni/bin.orig
name: cnibin
- mountPath: /var/run/libvirt
name: libvirt-sockets
diff --git a/kubernetes/files/kubelet/default.pool b/kubernetes/files/kubelet/default.pool
index de7a46a..b1e367c 100644
--- a/kubernetes/files/kubelet/default.pool
+++ b/kubernetes/files/kubelet/default.pool
@@ -4,14 +4,12 @@
# test_args has to be kept at the end, so they'll overwrite any prior configuration
DAEMON_ARGS="\
---require-kubeconfig \
--kubeconfig=/etc/kubernetes/kubelet.kubeconfig \
--pod-manifest-path=/etc/kubernetes/manifests \
--address={{ pool.kubelet.address }} \
--allow-privileged={{ pool.kubelet.allow_privileged }} \
--cluster_dns={{ common.addons.dns.server }} \
--cluster_domain={{ common.addons.dns.domain|replace('_', '-') }} \
---cni-bin-dir={{ pool.apiserver.get('cni_bin_dir', '/opt/cni/bin') }} \
--hostname-override={{ pool.host.name }} \
--v={{ pool.get('verbosity', 2) }} \
{%- if pillar.kubernetes.master is defined %}
@@ -27,6 +25,8 @@
{%- endif %}
{%- if pool.network.engine in ['calico', 'opencontrail'] %}
--network-plugin=cni \
+--cni-bin-dir={{ pool.apiserver.get('cni_bin_dir', '/opt/cni/bin') }} \
+{%- else %}
--network-plugin-dir=/etc/cni/net.d \
{%- endif %}
--file-check-frequency={{ pool.kubelet.frequency }} \
diff --git a/kubernetes/files/systemd/criproxy.service b/kubernetes/files/systemd/criproxy.service
index 1c0318c..cc6ac41 100644
--- a/kubernetes/files/systemd/criproxy.service
+++ b/kubernetes/files/systemd/criproxy.service
@@ -1,3 +1,7 @@
+{%- from "kubernetes/map.jinja" import pool with context -%}
+{%- from "kubernetes/map.jinja" import master with context -%}
+{%- from "kubernetes/map.jinja" import version %}
+
[Unit]
Description=CRI Proxy
After=dockershim.service
@@ -7,8 +11,18 @@
SyslogIdentifier=criproxy
User=root
ExecStart=/usr/bin/criproxy -alsologtostderr \
- -connect /var/run/dockershim.sock,virtlet:/var/run/virtlet.sock \
- -listen /var/run/criproxy.sock
+ -connect /var/run/dockershim.sock,virtlet.cloud:/run/virtlet.sock \
+ -listen /var/run/criproxy.sock \
+ -v 3 \
+ -alsologtostderr \
+ -apiVersion {{ version }} \
+{%- if pool.get('enabled', False) %}
+ -streamUrl http://{{ pool.kubelet.address }}:11250
+{%- else %}
+{%- if master.get('enabled', False) %}
+ -streamUrl http://{{ master.kubelet.address }}:11250
+{% endif %}
+{% endif %}
Restart=on-failure
[Install]
diff --git a/kubernetes/files/systemd/dockershim.service b/kubernetes/files/systemd/dockershim.service
index eb2eb99..84b8c0c 100644
--- a/kubernetes/files/systemd/dockershim.service
+++ b/kubernetes/files/systemd/dockershim.service
@@ -10,7 +10,8 @@
EnvironmentFile=-/etc/kubernetes/config
EnvironmentFile=-/etc/default/%p
User=root
-ExecStart=/usr/bin/dockershim \
+ExecStart=/usr/bin/hyperkube \
+ kubelet \
$KUBE_LOGTOSTDERR \
$KUBE_LOG_LEVEL \
$KUBE_ALLOW_PRIV \
@@ -24,4 +25,5 @@
Restart=on-failure
[Install]
-WantedBy=kubelet.service
\ No newline at end of file
+WantedBy=kubelet.service
+RequiredBy=criproxy.service
\ No newline at end of file
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index ad61b89..bedb3b3 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -58,7 +58,9 @@
virtlet:
enabled: False
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v0.9.2
+ criproxy_version: v0.9.2
+ criproxy_source: md5=c52d3c4e457144c6523570c847a442b2
cloudprovider:
enabled: False
provider: openstack