update sources of k8s and calico installation
move basic k8s setup to common
copy cni from hyperkube
configurable calico node image
use calico/cni image for obtaining cnis
use calico/ctl image for obtaining calicoctl binary
add cross requirement for k8s services and hyperkube
update metadata for new pillar model
update manifests to use hyperkube from common
Change-Id: I6e5e84cf252399120141ad941ac7aa6dae7c16ac
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index dfe6212..3b4282e 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -1,6 +1,18 @@
kubernetes formula
==================
+2016.1.1 (2017-01-18)
+
+- move basic k8s setup to common
+- copy cni from hyperkube
+- configurable calico node image
+- use calico/cni image for obtaining cnis
+- use calico/ctl image for obtaining calicoctl binary
+- add cross requirement for k8s services and hyperkube
+- update metadata for new pillar model
+- update manifests to use hyperkube from common
+
+
2016.8.3 (2016-08-12)
- remove obsolete kube-addons scripts
diff --git a/README.rst b/README.rst
index deff35b..4f7a3e3 100644
--- a/README.rst
+++ b/README.rst
@@ -16,6 +16,23 @@
Sample pillars
==============
+**REQUIRED:** Define image to use for hyperkube, CNIs and calicoctl image
+
+.. code-block:: yaml
+
+ parameters:
+ kubernetes:
+ common:
+ hyperkube:
+ image: gcr.io/google_containers/hyperkube:v1.4.6
+ pool:
+ network:
+ calicoctl:
+ image: calico/ctl
+ cni:
+ image: calico/cni
+
+
Containers on pool definitions in pool.service.local
.. code-block:: yaml
diff --git a/VERSION b/VERSION
index fcb3100..8dd13ce 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2016.8.3
+2017.1.1
diff --git a/kubernetes/_common.sls b/kubernetes/_common.sls
index 41adc6f..d6521bf 100644
--- a/kubernetes/_common.sls
+++ b/kubernetes/_common.sls
@@ -16,4 +16,85 @@
- source_hash: md5=972c717254775bef528f040af804f2cc
- archive_format: tar
- if_missing: /usr/local/src/flannel/flannel-0.5.5/
-{%- endif %}
\ No newline at end of file
+{%- endif %}
+
+{%- if common.hyperkube %}
+/root/.bashrc:
+ file.append:
+ - text: alias kubectl="hyperkube kubectl"
+ - makedirs: True
+
+/tmp/hyperkube:
+ file.directory:
+ - user: root
+ - group: root
+
+hyperkube-copy:
+ dockerng.running:
+ - image: {{ common.hyperkube.image }}
+ - command: cp -v /hyperkube /tmp/hyperkube
+ - binds:
+ - /tmp/hyperkube/:/tmp/hyperkube/
+ - force: True
+ - require:
+ - file: /tmp/hyperkube
+
+/usr/bin/hyperkube:
+ file.managed:
+ - source: /tmp/hyperkube/hyperkube
+ - mode: 751
+ - makedirs: true
+ - user: root
+ - group: root
+ - require:
+ - dockerng: hyperkube-copy
+
+/etc/systemd/system/kubelet.service:
+ file.managed:
+ - source: salt://kubernetes/files/systemd/kubelet.service
+ - template: jinja
+ - user: root
+ - group: root
+ - mode: 644
+
+/etc/kubernetes/config:
+ file.absent
+
+/etc/kubernetes/manifests:
+ file.directory:
+ - user: root
+ - group: root
+ - mode: 0751
+
+{%- if not pillar.kubernetes.pool is defined %}
+
+/etc/default/kubelet:
+ file.managed:
+ - source: salt://kubernetes/files/kubelet/default.master
+ - template: jinja
+ - user: root
+ - group: root
+ - mode: 644
+
+{%- else %}
+
+/etc/default/kubelet:
+ file.managed:
+ - source: salt://kubernetes/files/kubelet/default.pool
+ - template: jinja
+ - user: root
+ - group: root
+ - mode: 644
+
+{%- endif %}
+
+
+kubelet_service:
+ service.running:
+ - name: kubelet
+ - enable: True
+ - watch:
+ - file: /etc/default/kubelet
+ - file: /usr/bin/hyperkube
+
+{% endif %}
diff --git a/kubernetes/files/calico/calico-node.service.pool b/kubernetes/files/calico/calico-node.service.pool
index 07801ec..08424a0 100644
--- a/kubernetes/files/calico/calico-node.service.pool
+++ b/kubernetes/files/calico/calico-node.service.pool
@@ -35,7 +35,7 @@
-v {{ volume }} \
{%- endfor %}
{%- endif %}
- {{ pool.network.get('image', 'calico/node') }}:{{ pool.network.get('image', 'latest') }}
+ {{ pool.network.get('image', 'calico/node') }}
Restart=always
RestartSec=10s
@@ -43,4 +43,4 @@
ExecStop=-/usr/bin/docker stop calico-node
[Install]
-WantedBy=multi-user.target
\ No newline at end of file
+WantedBy=multi-user.target
diff --git a/kubernetes/files/manifest/kube-apiserver.manifest b/kubernetes/files/manifest/kube-apiserver.manifest
index 09835a2..f8b3cb1 100644
--- a/kubernetes/files/manifest/kube-apiserver.manifest
+++ b/kubernetes/files/manifest/kube-apiserver.manifest
@@ -1,4 +1,5 @@
{%- from "kubernetes/map.jinja" import master with context %}
+{%- from "kubernetes/map.jinja" import common with context %}
apiVersion: v1
kind: Pod
metadata:
@@ -11,7 +12,7 @@
terminationGracePeriodSeconds: 30
containers:
- name: kube-apiserver
- image: {{ master.registry.host }}/hyperkube:{{ master.version }}
+ image: {{ common.hyperkube.image }}
command:
- /hyperkube
- apiserver
diff --git a/kubernetes/files/manifest/kube-controller-manager.manifest b/kubernetes/files/manifest/kube-controller-manager.manifest
index 873d73e..de1c3c8 100644
--- a/kubernetes/files/manifest/kube-controller-manager.manifest
+++ b/kubernetes/files/manifest/kube-controller-manager.manifest
@@ -1,4 +1,5 @@
{%- from "kubernetes/map.jinja" import master with context %}
+{%- from "kubernetes/map.jinja" import common with context %}
apiVersion: v1
kind: Pod
metadata:
@@ -11,7 +12,7 @@
terminationGracePeriodSeconds: 30
containers:
- name: kube-controller-manager
- image: {{ master.registry.host }}/hyperkube:{{ master.version }}
+ image: {{ common.hyperkube.image }}
command:
- /hyperkube
- controller-manager
diff --git a/kubernetes/files/manifest/kube-proxy.manifest.pool b/kubernetes/files/manifest/kube-proxy.manifest.pool
index 3cf1c84..93d2353 100644
--- a/kubernetes/files/manifest/kube-proxy.manifest.pool
+++ b/kubernetes/files/manifest/kube-proxy.manifest.pool
@@ -1,4 +1,5 @@
{%- from "kubernetes/map.jinja" import pool with context %}
+{%- from "kubernetes/map.jinja" import common with context %}
apiVersion: v1
kind: Pod
metadata:
@@ -8,7 +9,7 @@
hostNetwork: true
containers:
- name: kube-proxy
- image: {{ pool.registry.host }}/hyperkube:{{ pool.version }}
+ image: {{ common.hyperkube.image }}
resources:
requests:
cpu: 200m
@@ -48,4 +49,4 @@
name: varlog
- hostPath:
path: /var/run/dbus/system_bus_socket
- name: dbus
\ No newline at end of file
+ name: dbus
diff --git a/kubernetes/files/manifest/kube-scheduler.manifest b/kubernetes/files/manifest/kube-scheduler.manifest
index e2d5ba0..b2814e2 100644
--- a/kubernetes/files/manifest/kube-scheduler.manifest
+++ b/kubernetes/files/manifest/kube-scheduler.manifest
@@ -1,4 +1,5 @@
{%- from "kubernetes/map.jinja" import master with context %}
+{%- from "kubernetes/map.jinja" import common with context %}
apiVersion: v1
kind: Pod
metadata:
@@ -12,7 +13,7 @@
terminationGracePeriodSeconds: 30
containers:
- name: kube-scheduler
- image: {{ master.registry.host }}/hyperkube:{{ master.version }}
+ image: {{ common.hyperkube.image }}
imagePullPolicy: IfNotPresent
command:
- hyperkube
@@ -38,4 +39,4 @@
volumes:
- hostPath:
path: /var/log/kube-scheduler.log
- name: logfile
\ No newline at end of file
+ name: logfile
diff --git a/kubernetes/master/controller.sls b/kubernetes/master/controller.sls
index 2d54236..fd8435b 100644
--- a/kubernetes/master/controller.sls
+++ b/kubernetes/master/controller.sls
@@ -124,47 +124,10 @@
- file: /etc/default/kube-apiserver
- file: /etc/default/kube-scheduler
- file: /etc/default/kube-controller-manager
+ - file: /usr/bin/hyperkube
{%- endif %}
-{%- if not pillar.kubernetes.pool is defined %}
-
-/usr/bin/hyperkube:
- file.managed:
- - source: {{ master.hyperkube.get('source', 'http://apt.tcpcloud.eu/kubernetes/bin/') }}{{ master.version }}/hyperkube
- - source_hash: md5={{ master.hyperkube.hash }}
- - mode: 751
- - makedirs: true
- - user: root
- - group: root
-
-/etc/systemd/system/kubelet.service:
- file.managed:
- - source: salt://kubernetes/files/systemd/kubelet.service
- - template: jinja
- - user: root
- - group: root
- - mode: 644
-
-/etc/kubernetes/config:
- file.absent
-
-/etc/default/kubelet:
- file.managed:
- - source: salt://kubernetes/files/kubelet/default.master
- - template: jinja
- - user: root
- - group: root
- - mode: 644
-
-kubelet_service:
- service.running:
- - name: kubelet
- - enable: True
- - watch:
- - file: /etc/default/kubelet
-
-{%- endif %}
{%- for name,namespace in master.namespace.iteritems() %}
@@ -204,4 +167,4 @@
{%- endif %}
-{%- endif %}
\ No newline at end of file
+{%- endif %}
diff --git a/kubernetes/master/setup.sls b/kubernetes/master/setup.sls
index 72b378b..cf3d7a8 100644
--- a/kubernetes/master/setup.sls
+++ b/kubernetes/master/setup.sls
@@ -7,9 +7,9 @@
kubernetes_addons_{{ addon_name }}:
cmd.run:
- name: |
- hyperkube kubectl create -f /etc/kubernetes/addons/{{ addon_name }}
+ hyperkube kubectl apply -f /etc/kubernetes/addons/{{ addon_name }}
- unless: "hyperkube kubectl get rc {{ addon.get('name', addon_name) }} --namespace=kube-system"
{%- endif %}
{%- endfor %}
-{%- endif %}
\ No newline at end of file
+{%- endif %}
diff --git a/kubernetes/pool/calico.sls b/kubernetes/pool/calico.sls
index c0193ac..fbe7bdb 100644
--- a/kubernetes/pool/calico.sls
+++ b/kubernetes/pool/calico.sls
@@ -1,31 +1,52 @@
{%- from "kubernetes/map.jinja" import pool with context %}
{%- if pool.enabled %}
+/tmp/calico/:
+ file.directory:
+ - user: root
+ - group: root
+
+copy-calico-ctl:
+ dockerng.running:
+ - image: {{ pool.network.calicoctl.image }}
+
+copy-calico-ctl-cmd:
+ cmd.run:
+ - name: docker cp copy-calico-ctl:calicoctl /tmp/calico/
+ - require:
+ - dockerng: copy-calico-ctl
+
/usr/bin/calicoctl:
file.managed:
- - source: {{ pool.network.get('source', 'https://github.com/projectcalico/calico-containers/releases/download/') }}{{ pool.network.version }}/calicoctl
- - source_hash: md5={{ pool.network.hash }}
+ - source: /tmp/calico/calicoctl
- mode: 751
- user: root
- group: root
+ - require:
+ - cmd: copy-calico-ctl-cmd
-/opt/cni/bin/calico:
+copy-calico-cni:
+ dockerng.running:
+ - image: {{ pool.network.cni.image }}
+ - command: cp -vr /opt/cni/bin/ /tmp/calico/
+ - binds:
+ - /tmp/calico/:/tmp/calico/
+ - force: True
+
+{%- for filename in ['calico', 'calico-ipam'] %}
+
+/opt/cni/bin/{{ filename }}:
file.managed:
- - source: {{ pool.network.cni.get('source', 'https://github.com/projectcalico/calico-cni/releases/download/') }}{{ pool.network.cni.version }}/calico
- - source_hash: md5={{ pool.network.cni.hash }}
+ - source: /tmp/calico/bin/{{ filename }}
- mode: 751
- makedirs: true
- user: root
- group: root
-
-/opt/cni/bin/calico-ipam:
- file.managed:
- - source: {{ pool.network.ipam.get('source', 'https://github.com/projectcalico/calico-cni/releases/download/') }}{{ pool.network.ipam.version }}/calico-ipam
- - source_hash: md5={{ pool.network.ipam.hash }}
- - mode: 751
- - makedirs: true
- - user: root
- - group: root
+ - require:
+ - dockerng: copy-calico-cni
+ - require_in:
+ - service: calico_node
+{%- endfor %}
/etc/cni/net.d/10-calico.conf:
file.managed:
@@ -64,4 +85,4 @@
- file: /etc/systemd/system/calico-node.service
{%- endif %}
-{%- endif %}
\ No newline at end of file
+{%- endif %}
diff --git a/kubernetes/pool/cni.sls b/kubernetes/pool/cni.sls
index 8c696bc..bf7f2bf 100644
--- a/kubernetes/pool/cni.sls
+++ b/kubernetes/pool/cni.sls
@@ -1,14 +1,39 @@
{%- from "kubernetes/map.jinja" import pool with context %}
+{%- from "kubernetes/map.jinja" import common with context %}
{%- if pool.enabled %}
-cni-tar:
- archive:
- - extracted
- - name: /opt/cni/bin
- - source: https://github.com/containernetworking/cni/releases/download/{{ pool.cni.version }}/cni-{{ pool.cni.version }}.tgz
- - tar_options: v
- - source_hash: md5={{ pool.cni.hash }}
- - archive_format: tar
- - if_missing: /opt/cni/bin/loopback
+{%- if common.hyperkube %}
+
+/tmp/cni/:
+ file.directory:
+ - user: root
+ - group: root
+
+copy-network-cni:
+ dockerng.running:
+ - image: {{ common.hyperkube.image }}
+ - command: cp -vr /opt/cni/bin/ /tmp/cni/
+ - binds:
+ - /tmp/cni/:/tmp/cni/
+ - force: True
+ - require:
+ - file: /tmp/cni/
+
+{%- for filename in ['cnitool', 'flannel', 'tuning', 'bridge', 'ipvlan', 'loopback', 'macvlan', 'ptp', 'dhcp', 'host-local', 'noop'] %}
+/opt/cni/bin/{{ filename }}:
+ file.managed:
+ - source: /tmp/cni/bin/{{ filename }}
+ - user: root
+ - group: root
+ - mode: 755
+ - makedirs: True
+ - watch_in:
+ - service: kubelet_service
+ - require:
+ - dockerng: copy-network-cni
+
+{%- endfor %}
+
+{%- endif %}
{%- endif %}
diff --git a/kubernetes/pool/init.sls b/kubernetes/pool/init.sls
index 6f56c27..e43e53d 100644
--- a/kubernetes/pool/init.sls
+++ b/kubernetes/pool/init.sls
@@ -1,12 +1,12 @@
{%- from "kubernetes/map.jinja" import pool with context %}
include:
+- kubernetes.pool.cni
- kubernetes.pool.service
{%- if pool.network.engine == "calico" %}
- kubernetes.pool.calico
{%- endif %}
-- kubernetes.pool.cni
- kubernetes.pool.kubelet
{%- if pool.network.engine == "flannel" %}
- kubernetes.pool.flannel
{%- endif %}
-- kubernetes.pool.kube-proxy
\ No newline at end of file
+- kubernetes.pool.kube-proxy
diff --git a/kubernetes/pool/kube-proxy.sls b/kubernetes/pool/kube-proxy.sls
index 3e39c37..8aa64be 100644
--- a/kubernetes/pool/kube-proxy.sls
+++ b/kubernetes/pool/kube-proxy.sls
@@ -45,6 +45,7 @@
- enable: True
- watch:
- file: /etc/default/kube-proxy
+ - file: /usr/bin/hyperkube
{%- endif %}
diff --git a/kubernetes/pool/kubelet.sls b/kubernetes/pool/kubelet.sls
index 3fc3c2c..292ef96 100644
--- a/kubernetes/pool/kubelet.sls
+++ b/kubernetes/pool/kubelet.sls
@@ -1,14 +1,6 @@
{%- from "kubernetes/map.jinja" import pool with context %}
{%- if pool.enabled %}
-/etc/default/kubelet:
- file.managed:
- - source: salt://kubernetes/files/kubelet/default.pool
- - template: jinja
- - user: root
- - group: root
- - mode: 644
-
/etc/kubernetes/kubelet.kubeconfig:
file.managed:
- source: salt://kubernetes/files/kubelet/kubelet.kubeconfig
@@ -18,9 +10,6 @@
- mode: 644
- makedirs: true
-/etc/kubernetes/config:
- file.absent
-
manifest-dir-create:
file.directory:
- name: /etc/kubernetes/manifests
@@ -55,28 +44,4 @@
{%- endif %}
-/usr/bin/hyperkube:
- file.managed:
- - source: {{ pool.hyperkube.get('source', {}).get('url', 'http://apt.tcpcloud.eu/kubernetes/bin/') }}{{ pool.version }}/hyperkube
- - source_hash: md5={{ pool.hyperkube.hash }}
- - mode: 751
- - makedirs: true
- - user: root
- - group: root
-
-/etc/systemd/system/kubelet.service:
- file.managed:
- - source: salt://kubernetes/files/systemd/kubelet.service
- - template: jinja
- - user: root
- - group: root
- - mode: 644
-
-kubelet_service:
- service.running:
- - name: kubelet
- - enable: True
- - watch:
- - file: /etc/default/kubelet
-
{%- endif %}
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index f1f8197..b02880d 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -2,4 +2,4 @@
kubernetes:
common:
network:
- engine: none
\ No newline at end of file
+ engine: none
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index 4076dd8..46d391f 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -7,7 +7,6 @@
kubernetes:
master:
enabled: true
- version: ${_param:kubernetes_version}
registry:
host: tcpcloud
service_addresses: 10.254.0.0/16
@@ -33,6 +32,10 @@
replicas: 1
domain: cluster.local
server: 10.254.0.10
+ dashboard:
+ enabled: True
+ heapster_influxdb:
+ enabled: False
token:
admin: ${_param:kubernetes_admin_token}
kubelet: ${_param:kubernetes_kubelet_token}
@@ -54,4 +57,4 @@
- host: ${_param:cluster_node02_address}
port: 4001
- host: ${_param:cluster_node03_address}
- port: 4001
\ No newline at end of file
+ port: 4001
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index 21f2eb7..4c4fcf2 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -7,7 +7,6 @@
kubernetes:
master:
enabled: true
- version: ${_param:kubernetes_version}
registry:
host: tcpcloud
service_addresses: 10.254.0.0/16
@@ -29,6 +28,10 @@
replicas: 1
domain: cluster.local
server: 10.254.0.10
+ dashboard:
+ enabled: True
+ heapster_influxdb:
+ enabled: False
token:
admin: ${_param:kubernetes_admin_token}
kubelet: ${_param:kubernetes_kubelet_token}
@@ -46,4 +49,4 @@
etcd:
members:
- host: ${_param:single_address}
- port: 4001
\ No newline at end of file
+ port: 4001
diff --git a/metadata/service/pool/cluster.yml b/metadata/service/pool/cluster.yml
index ea0bc8a..7c42e12 100644
--- a/metadata/service/pool/cluster.yml
+++ b/metadata/service/pool/cluster.yml
@@ -7,7 +7,6 @@
kubernetes:
pool:
enabled: true
- version: ${_param:kubernetes_version}
registry:
host: tcpcloud
host:
@@ -42,6 +41,3 @@
port: 4001
- host: ${_param:cluster_node03_address}
port: 4001
- cni:
- version: v0.3.0
- hash: 58237532e1b2b1be1fb3d12457da85f5
\ No newline at end of file
diff --git a/metadata/service/pool/single.yml b/metadata/service/pool/single.yml
index f3cb7c0..b01a719 100644
--- a/metadata/service/pool/single.yml
+++ b/metadata/service/pool/single.yml
@@ -7,7 +7,6 @@
kubernetes:
pool:
enabled: true
- version: ${_param:kubernetes_version}
registry:
host: tcpcloud
host:
@@ -35,6 +34,3 @@
members:
- host: ${_param:master_address}
port: 4001
- cni:
- version: v0.3.0
- hash: 58237532e1b2b1be1fb3d12457da85f5
\ No newline at end of file
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index f951eb3..af37946 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -2,6 +2,8 @@
common:
network:
engine: none
+ hyperkube:
+ image: hyperkube-amd64:v1.5.0-beta.3-1
master:
addons:
dns:
diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls
index f639738..71dda18 100644
--- a/tests/pillar/pool_cluster.sls
+++ b/tests/pillar/pool_cluster.sls
@@ -2,6 +2,8 @@
common:
network:
engine: none
+ hyperkube:
+ image: hyperkube-amd64:v1.5.0-beta.3-1
pool:
enabled: true
version: v1.2.0
@@ -27,9 +29,10 @@
kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
ca: kubernetes
network:
+ calicoctl:
+ image: calico/ctl
cni:
- hash: 06550617ec199e89a57c94c88c891422
- version: v1.3.1
+ image: calico/cni
engine: calico
hash: c15ae251b633109e63bf128c2fbbc34a
ipam:
@@ -46,6 +49,3 @@
port: 4001
hyperkube:
hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
- cni:
- version: v0.3.0
- hash: 58237532e1b2b1be1fb3d12457da85f5
\ No newline at end of file