switch kube-network-manager to addon

Change-Id: I65910352eae2f769720bca775041cdd1a34521a9
diff --git a/.kitchen.yml b/.kitchen.yml
index c9cc946..700fbdc 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -59,4 +59,10 @@
       pillars-from-files:
         kubernetes.sls: tests/pillar/pool_cluster.sls
 
+  - name: master_contrail
+    provisioner:
+      pillars-from-files:
+        kubernetes.sls: tests/pillar/master_contrail.sls
+
+
 # vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/README.rst b/README.rst
index 011617b..7e236e6 100644
--- a/README.rst
+++ b/README.rst
@@ -239,6 +239,10 @@
 
     kubernetes:
       master:
+        addons:
+          kube_network_manager:
+            enabled: true
+            namespace: kube-system
         network:
           engine: opencontrail
           host: 10.0.170.70
@@ -252,10 +256,7 @@
           network_label: name
           service_label: uses
           cluster_service: kube-system/default
-          network_manager:
-            image: pupapaik/opencontrail-kube-network-manager
-            tag: release-1.1-jpa-final-1
-
+          image: yashulyak/contrail-controller:latest
 On pools:
 
 .. code-block:: yaml
@@ -265,6 +266,16 @@
         network:
           engine: opencontrail
 
+
+Dashboard public IP must be configured when Contrail network is used:
+
+.. code-block:: yaml
+
+    kubernetes:
+      master:
+        addons:
+          public_ip: 1.1.1.1
+
 Kubernetes control plane running in systemd
 -------------------------------------------
 
diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml
index 8ca2a27..92c63a7 100644
--- a/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml
+++ b/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml
@@ -10,8 +10,8 @@
 spec:
   selector:
     k8s-app: kubernetes-dashboard
-  deprecatedPublicIPs: ["{{ master.addons.ui.public_ip }}"]
+  deprecatedPublicIPs: ["{{ master.addons.dashboard.public_ip }}"]
   type: LoadBalancer
   ports:
   - port: 80
-    targetPort: 9090
\ No newline at end of file
+    targetPort: 9090
diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml
index 35ace0f..c35fad0 100644
--- a/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml
+++ b/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml
@@ -9,8 +9,8 @@
     kubernetes.io/cluster-service: "true"
 subsets:
   - addresses:
-    - ip: {{ master.addons.ui.public_ip }}
+    - ip: {{ master.addons.dashboard.public_ip }}
 
     ports:
     - port: 9090
-      protocol: TCP
\ No newline at end of file
+      protocol: TCP
diff --git a/kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-configmap.yml b/kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-configmap.yml
new file mode 100644
index 0000000..e13dc3f
--- /dev/null
+++ b/kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-configmap.yml
@@ -0,0 +1,24 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: kube-network-manager
+  namespace: {{ master.addons.kube_network_manager.get('namespace', 'kube-system') }}
+data:
+  contrail.conf: |
+    [DEFAULT]
+    master = localhost:8080
+    service-cluster-ip-range = {{ master.service_addresses }}
+
+    [opencontrail]
+    default-domain = {{ master.network.get('default_domain', 'default-domain') }}
+    public-ip-range = {{ master.network.get('public_ip_range', '185.22.97.128/26') }}
+    cluster-service = {{ master.network.get('cluster_service', 'kube-system/default') }}
+    api-server = 172.16.10.252
+    api-port = {{ master.network.get('port', 8082) }}
+    default = {{ master.network.get('default_project', 'default-domain:default-project') }}
+    public-network = {{ master.network.get('public_network', 'default-domain:default-project:Public') }}
+    private-ip-range = {{ master.network.private_ip_range }}
+    network-label = {{ master.network.get('network_label', 'opencontrail.org/name') }}
+    service-label = {{ master.network.get('service_label', 'opencontrail.org/uses') }}
+    service-cluster-ip-range = {{ master.get('service_addresses', '10.254.0.0/16') }}
diff --git a/kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-deploy.yml b/kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-deploy.yml
new file mode 100644
index 0000000..571db7e
--- /dev/null
+++ b/kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-deploy.yml
@@ -0,0 +1,29 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+apiVersion: apps/v1beta1
+kind: Deployment
+metadata:
+  name: kube-network-manager
+  namespace: {{ master.addons.kube_network_manager.get('namespace', 'kube-system') }}
+spec:
+  template:
+    metadata:
+      labels:
+        app: kube-network-manager
+    spec:
+      hostNetwork: true
+      tolerations:
+        - key: node-role.kubernetes.io/master
+          effect: NoSchedule
+      containers:
+        - name: contrail-kube-manager
+          image: {{ master.network.get('image', 'yashulyak/contrail-controller:latest') }}
+          imagePullPolicy: Always
+          args: ["--config-file", "/etc/kube-manager/contrail.conf", "--alsologtostderr"]
+          volumeMounts:
+          - name: kube-manager
+            mountPath: /etc/kube-manager/
+      volumes:
+        - name: kube-network-manager
+          configMap:
+            name: kube-network-manager
+      restartPolicy: Always
diff --git a/kubernetes/files/manifest/kube-network-manager.manifest b/kubernetes/files/manifest/kube-network-manager.manifest
deleted file mode 100644
index bd307ed..0000000
--- a/kubernetes/files/manifest/kube-network-manager.manifest
+++ /dev/null
@@ -1,24 +0,0 @@
-{%- from "kubernetes/map.jinja" import master with context %}
-{
-    "apiVersion": "v1",
-    "kind": "Pod",
-    "metadata": {
-        "namespace": "opencontrail",
-        "name": "kube-network-manager"
-    },
-    "spec":{
-        "hostNetwork": true,
-        "containers":[{
-            "name": "kube-network-manager",
-            "image": "{{ master.network.network_manager.image }}:{{ master.network.network_manager.tag }}",
-            "volumeMounts": [{
-                    "name": "config",
-                    "mountPath": "/etc/kubernetes"
-            }]
-        }],
-        "volumes": [{
-            "name": "config",
-            "hostPath": {"path": "/etc/kubernetes"}
-        }]
-    }
-}
diff --git a/kubernetes/files/opencontrail/kube-network-manager.manifest b/kubernetes/files/opencontrail/kube-network-manager.manifest
deleted file mode 100644
index e8df450..0000000
--- a/kubernetes/files/opencontrail/kube-network-manager.manifest
+++ /dev/null
@@ -1,46 +0,0 @@
-{%- from "kubernetes/map.jinja" import master with context %}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: kube-manager
-data:
-  contrail.conf:
-    [DEFAULT]
-    master = localhost:8080
-    service-cluster-ip-range = {{ master.service_addresses }}
-
-    [opencontrail]
-    default-domain = default-domain
-    public-ip-range = {{ master.network.get('public_ip_range', '185.22.97.128/26') }}
-    cluster-service = kube-system/default
-    api-server = 172.16.10.252
-    api-port = 8082
-    default = default-domain:default-project
-    public-network = default-domain:default-project:Public
-    private-ip-range = {{ master.network.private_ip_range }}
-    network-label = opencontrail.org/name
-    service-label = opencontrail.org/uses
-    service-cluster-ip-range = {{ master.service_addresses }}
-
----
-apiVersion: v1
-kind: Pod
-metadata:
-  name: kube-manager
-spec:
-  nodeName: ctl01
-  hostNetwork: true
-  containers:
-    - name: contrail-kube-manager
-      image: {{ master.network.get('image', 'yashulyak/contrail-controller') }}:{{ master.network.get('image', 'test') }}
-      imagePullPolicy: Always
-      args: ["--config-file", "/etc/kube-manager/contrail.conf", "--alsologtostderr"]
-      volumeMounts:
-      - name: kube-manager
-        mountPath: /etc/kube-manager/
-  volumes:
-    - name: kube-manager
-      configMap:
-        name: kube-manager
-  restartPolicy: Always
diff --git a/kubernetes/master/init.sls b/kubernetes/master/init.sls
index e528c1e..a040326 100644
--- a/kubernetes/master/init.sls
+++ b/kubernetes/master/init.sls
@@ -2,9 +2,6 @@
 include:
 - kubernetes.master.service
 - kubernetes.master.kube-addons
-{%- if master.network.engine == "opencontrail" %}
-- kubernetes.master.opencontrail
-{%- endif %}
 {%- if master.network.engine == "flannel" %}
 - kubernetes.master.flannel
 {%- endif %}
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index 83a4d0b..9ac2cde 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -8,6 +8,25 @@
     - group: root
     - mode: 0755
 
+{%- if master.addons.get('kube_network_manager', {}).get('enabled', False) and master.network.engine == "opencontrail" %}
+/etc/kubernetes/addons/kube_network_manager/kube-network-manager-configmap.yml:
+  file.managed:
+    - source: salt://kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-configmap.yml
+    - template: jinja
+    - group: root
+    - dir_mode: 755
+    - makedirs: True
+
+/etc/kubernetes/addons/kube_network_manager/kube-network-manager-deploy.yml:
+  file.managed:
+    - source: salt://kubernetes/files/kube-addons/kube-network-manager/kube-network-manager-deploy.yml
+    - template: jinja
+    - group: root
+    - dir_mode: 755
+    - makedirs: True
+
+{% endif %}
+
 {%- if master.addons.get('calico_policy', {}).get('enabled', False) and master.network.engine == "calico" %}
 /etc/kubernetes/addons/calico_policy/calico-policy-controller.yml:
   file.managed:
diff --git a/kubernetes/master/opencontrail-network-manager.sls b/kubernetes/master/opencontrail-network-manager.sls
deleted file mode 100644
index 578abda..0000000
--- a/kubernetes/master/opencontrail-network-manager.sls
+++ /dev/null
@@ -1,23 +0,0 @@
-{%- from "kubernetes/map.jinja" import master with context %}
-{%- if master.enabled %}
-
-/etc/kubernetes/manifests/kube-network-manager.manifest:
-  file.managed:
-    - source: salt://kubernetes/files/manifest/kube-network-manager.manifest
-    - template: jinja
-    - user: root
-    - group: root
-    - mode: 644
-    - makedirs: true
-    - dir_mode: 755
-
-/etc/kubernetes/network.conf:
-  file.managed:
-    - source: salt://kubernetes/files/opencontrail/network.conf
-    - template: jinja
-    - user: root
-    - group: root
-    - mode: 644
-    - makedirs: true
-
-{%- endif %}
\ No newline at end of file
diff --git a/kubernetes/master/opencontrail.sls b/kubernetes/master/opencontrail.sls
deleted file mode 100644
index c13a6c9..0000000
--- a/kubernetes/master/opencontrail.sls
+++ /dev/null
@@ -1,24 +0,0 @@
-{%- from "kubernetes/map.jinja" import master with context %}
-{%- if master.enabled %}
-
-/etc/kubernetes/manifests/kube-network-manager.manifest:
-  file.managed:
-    - source: salt://kubernetes/files/opencontrail/kube-network-manager.manifest
-    - user: root
-    - group: root
-    - mode: 644
-    - makedirs: true
-    - dir_mode: 755
-    - template: jinja
-
-/etc/kubernetes/network.conf:
-  file.managed:
-    - source: salt://kubernetes/files/opencontrail/network.conf
-    - user: root
-    - group: root
-    - mode: 644
-    - makedirs: true
-    - dir_mode: 755
-    - template: jinja
-
-{%- endif %}
\ No newline at end of file
diff --git a/kubernetes/master/setup.sls b/kubernetes/master/setup.sls
index f27035b..60e9f73 100644
--- a/kubernetes/master/setup.sls
+++ b/kubernetes/master/setup.sls
@@ -6,13 +6,12 @@
 
 kubernetes_addons_{{ addon_name }}:
   cmd.run:
-    - name: |
-        hyperkube kubectl apply -f /etc/kubernetes/addons/{{ addon_name }}
-    - unless: "hyperkube kubectl get svc kube-{{ addon.get('name', addon_name) }} --namespace={{ addon.get('namespace', 'kube-system') }}"
+    - name: "hyperkube kubectl apply -f /etc/kubernetes/addons/{{ addon_name }}"
+    - unless: "hyperkube kubectl get {{ addon.get('creates', 'service') }} kube-{{ addon.get('name', addon_name) }} --namespace={{ addon.get('namespace', 'kube-system') }}"
     {%- if grains.get('noservices') %}
     - onlyif: /bin/false
     {%- endif %}
-    
+
 {%- endif %}
 {%- endfor %}
 
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index ddeba5e..eee68bf 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -64,6 +64,10 @@
           enabled: False
           image: calico/kube-policy-controller:v0.5.4
           namespace: kube-system
+        kube_network_manager:
+          enabled: False
+          name: network-manager
+          creates: deployment
       token:
         admin: ${_param:kubernetes_admin_token}
         kubelet: ${_param:kubernetes_kubelet_token}
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index dd65e6e..9c5dca0 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -94,10 +94,3 @@
         enabled: true
     hyperkube:
       hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
-    services:
-      myservice:
-        enabled: false
-        files:
-          - /srv/kubernetes/myservice-svc.yml
-          - /srv/kubernetes/myservice-pvc.yml
-          - /srv/kubernetes/myservice-deploy.yml
diff --git a/tests/pillar/master_contrail.sls b/tests/pillar/master_contrail.sls
new file mode 100644
index 0000000..b1d5037
--- /dev/null
+++ b/tests/pillar/master_contrail.sls
@@ -0,0 +1,100 @@
+kubernetes:
+  common:
+    network:
+      engine: opencontrail
+    hyperkube:
+      image: hyperkube-amd64:v1.5.0-beta.3-1
+  master:
+    addons:
+      dns:
+        domain: cluster.local
+        enabled: false
+        replicas: 1
+        server: 10.254.0.10
+        autoscaler:
+          enabled: true
+      heapster_influxdb:
+        enabled: true
+        public_ip: 185.22.97.132
+      dashboard:
+        enabled: true
+        public_ip: 185.22.97.131
+      helm:
+        enabled: true
+        tiller_image: gcr.io/kubernetes-helm/tiller:v2.2.3
+      netchecker:
+        enabled: true
+        namespace: netchecker
+        port: 80
+        interval: 60
+        server_image: image
+        agent_image: image
+      calico_policy:
+        enabled: true
+        namespace: kube-system
+        image: image
+      kube_network_manager:
+        enabled: true
+        namespace: kube-system
+    admin:
+      password: password
+      username: admin
+    registry:
+        host: tcpcloud
+    host:
+      name: node040
+    apiserver:
+      address: 10.0.175.100
+      insecure_address: 127.0.0.1
+      insecure_port: 8080
+    ca: kubernetes
+    enabled: true
+    unschedulable: true
+    etcd:
+      members:
+      - host: 10.0.175.100
+        name: node040
+    kubelet:
+      allow_privileged: true
+    network:
+      engine: opencontrail
+      host: 10.0.170.70
+      port: 8082
+      default_domain: default-domain
+      default_project: default-domain:default-project
+      public_network: default-domain:default-project:Public
+      public_ip_range: 185.22.97.128/26
+      private_ip_range: 10.150.0.0/16
+      service_cluster_ip_range: 10.254.0.0/16
+      network_label: name
+      service_label: uses
+      cluster_service: kube-system/default
+      image: tianon/true
+    service_addresses: 10.254.0.0/16
+    storage:
+      engine: glusterfs
+      members:
+      - host: 10.0.175.101
+        port: 24007
+      - host: 10.0.175.102
+        port: 24007
+      - host: 10.0.175.103
+        port: 24007
+      port: 24007
+    token:
+      admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv
+      controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx
+      dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3
+      kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
+      kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
+      logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf
+      monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
+      scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk
+    version: v1.2.4
+    namespace:
+      kube-system:
+        enabled: true
+      netchecker:
+        enabled: true
+    hyperkube:
+      hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd