add etcd configuration support
diff --git a/README.rst b/README.rst
index 8480aae..303e739 100644
--- a/README.rst
+++ b/README.rst
@@ -211,6 +211,46 @@
port: 24007
...
+Kubernetes namespaces
+---------------------
+
+Create namespace:
+
+.. code-block:: yaml
+
+ kubernetes:
+ master
+ ...
+ namespace:
+ kube-system:
+ enabled: True
+ namespace2:
+ enabled: True
+ namespace3:
+ enabled: False
+ ...
+
+Kubernetes labels
+-----------------
+
+Create namespace:
+
+.. code-block:: yaml
+
+ kubernetes:
+ pool
+ ...
+ host:
+ label:
+ key01:
+ value: value01
+ enable: True
+ key02:
+ value: value02
+ enable: False
+ name: ${linux:system:name}
+ ...
+
Kubernetes Service Definitions in pillars
==========================================
diff --git a/kubernetes/files/kube-addons/namespace.yml b/kubernetes/files/kube-addons/namespace.yml
deleted file mode 100644
index 4f03434..0000000
--- a/kubernetes/files/kube-addons/namespace.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- name: kube-system
\ No newline at end of file
diff --git a/kubernetes/files/manifest/etcd-events.manifest b/kubernetes/files/manifest/etcd-events.manifest
deleted file mode 100644
index 84fa3fb..0000000
--- a/kubernetes/files/manifest/etcd-events.manifest
+++ /dev/null
@@ -1,65 +0,0 @@
-{
-"apiVersion": "v1",
-"kind": "Pod",
-"metadata": {
- "name":"etcd-server-events",
- "namespace": "kube-system"
-},
-"spec":{
-"hostNetwork": true,
-"containers":[
- {
- "name": "etcd-container",
- "image": "gcr.io/google_containers/etcd:2.2.1",
- "resources": {
- "requests": {
- "cpu": "100m"
- }
- },
- "command": [
- "/bin/sh",
- "-c",
- "/usr/local/bin/etcd --listen-peer-urls http://127.0.0.1:2381 --addr 127.0.0.1:4002 --bind-addr 127.0.0.1:4002 --data-dir /var/etcd/data-events 1>>/var/log/etcd-events.log 2>&1"
- ],
- "livenessProbe": {
- "httpGet": {
- "host": "127.0.0.1",
- "port": 4002,
- "path": "/health"
- },
- "initialDelaySeconds": 15,
- "timeoutSeconds": 15
- },
- "ports":[
- { "name": "serverport",
- "containerPort": 2381,
- "hostPort": 2381
- },{
- "name": "clientport",
- "containerPort": 4002,
- "hostPort": 4002
- }
- ],
- "volumeMounts": [
- {"name": "varetcd",
- "mountPath": "/var/etcd",
- "readOnly": false
- },
- {"name": "varlogetcd",
- "mountPath": "/var/log/etcd-events.log",
- "readOnly": false
- }
- ]
- }
-],
-"volumes":[
- { "name": "varetcd",
- "hostPath": {
- "path": "/mnt/master-pd/var/etcd"}
- },
- { "name": "varlogetcd",
- "hostPath": {
- "path": "/var/log/etcd-events.log"}
- }
-]
-}}
diff --git a/kubernetes/files/manifest/etcd.manifest b/kubernetes/files/manifest/etcd.manifest
index 4a5e966..8984806 100644
--- a/kubernetes/files/manifest/etcd.manifest
+++ b/kubernetes/files/manifest/etcd.manifest
@@ -11,7 +11,7 @@
"containers":[
{
"name": "etcd-container",
- "image": "gcr.io/google_containers/etcd:2.2.1",
+ "image": "{{ master.etcd.registry }}/etcd:{{ master.etcd.version }}",
"resources": {
"requests": {
"cpu": "200m" }
diff --git a/kubernetes/files/manifest/kube-apiserver.manifest b/kubernetes/files/manifest/kube-apiserver.manifest
index 782b0b5..b05ebcf 100644
--- a/kubernetes/files/manifest/kube-apiserver.manifest
+++ b/kubernetes/files/manifest/kube-apiserver.manifest
@@ -16,7 +16,7 @@
- /bin/sh
- -c
- /usr/local/bin/kube-apiserver
- --address=127.0.0.1
+ --insecure-bind-address={{ master.apiserver.insecure_address }}
--etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %}
--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota
--service-cluster-ip-range={{ master.service_addresses }}
diff --git a/kubernetes/files/manifest/kube-controller-manager.manifest b/kubernetes/files/manifest/kube-controller-manager.manifest
index 25a71d8..6361712 100644
--- a/kubernetes/files/manifest/kube-controller-manager.manifest
+++ b/kubernetes/files/manifest/kube-controller-manager.manifest
@@ -16,7 +16,7 @@
- /bin/sh
- -c
- /usr/local/bin/kube-controller-manager
- --master=127.0.0.1:8080
+ --master={{ master.apiserver.insecure_address }}:8080
--cluster-name=kubernetes
--service-account-private-key-file=/etc/ssl/private/kubernetes-server.key
--v=2
diff --git a/kubernetes/files/manifest/kube-scheduler.manifest b/kubernetes/files/manifest/kube-scheduler.manifest
index 5c7bc9f..a8f4e5a 100644
--- a/kubernetes/files/manifest/kube-scheduler.manifest
+++ b/kubernetes/files/manifest/kube-scheduler.manifest
@@ -18,7 +18,7 @@
- /bin/sh
- -c
- /usr/local/bin/kube-scheduler
- --master=127.0.0.1:8080
+ --master={{ master.apiserver.insecure_address }}:8080
--v=2
--leader-elect=true
1>>/var/log/kube-scheduler.log 2>&1
diff --git a/kubernetes/files/opencontrail/namespace-opencontrail.yml b/kubernetes/files/opencontrail/namespace-opencontrail.yml
deleted file mode 100644
index 4e28c1f..0000000
--- a/kubernetes/files/opencontrail/namespace-opencontrail.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- name: opencontrail
\ No newline at end of file
diff --git a/kubernetes/map.jinja b/kubernetes/map.jinja
index ac2c76e..1f4afcb 100644
--- a/kubernetes/map.jinja
+++ b/kubernetes/map.jinja
@@ -1,6 +1,6 @@
{% set common = salt['grains.filter_by']({
'Debian': {
- 'pkgs': ['curl', 'git', 'apt-transport-https', 'python-apt', 'nfs-common', 'socat', 'netcat-traditional', 'openssl', 'kubernetes-client', 'kubernetes-node'],
+ 'pkgs': ['curl', 'git', 'apt-transport-https', 'python-apt', 'nfs-common', 'socat', 'netcat-traditional', 'openssl', 'kubernetes-client', 'kubernetes-node', 'python-etcd'],
'services': [],
},
'RedHat': {
diff --git a/kubernetes/master/etcd.sls b/kubernetes/master/etcd.sls
index 886483c..6a68ecc 100644
--- a/kubernetes/master/etcd.sls
+++ b/kubernetes/master/etcd.sls
@@ -33,14 +33,4 @@
- makedirs: true
- dir_mode: 755
-/etc/kubernetes/manifests/etcd-events.manifest:
- file.managed:
- - source: salt://kubernetes/files/manifest/etcd-events.manifest
- - template: jinja
- - user: root
- - group: root
- - mode: 644
- - makedirs: true
- - dir_mode: 755
-
{%- endif %}
\ No newline at end of file
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index f4c31d0..c251861 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -8,13 +8,6 @@
- group: root
- mode: 0755
-/etc/kubernetes/addons/namespace.yml:
- file.managed:
- - source: salt://kubernetes/files/kube-addons/namespace.yml
- - user: root
- - group: root
- - file_mode: 644
-
{%- if master.addons.dns.enabled %}
/etc/kubernetes/addons/dns/skydns-svc.yaml:
diff --git a/kubernetes/master/kubelet.sls b/kubernetes/master/kubelet.sls
index 725552f..78d60da 100644
--- a/kubernetes/master/kubelet.sls
+++ b/kubernetes/master/kubelet.sls
@@ -12,6 +12,23 @@
/etc/kubernetes/config:
file.absent
+{%- for name,namespace in master.namespace.iteritems() %}
+
+{%- if namespace.enabled %}
+
+/registry/namespaces/{{ name }}:
+ etcd.set:
+ - value: '{"kind":"Namespace","apiVersion":"v1","metadata":{"name":"{{ name }}"},"spec":{"finalizers":["kubernetes"]},"status":{"phase":"Active"}}'
+
+{%- else %}
+
+/registry/namespaces/{{ name }}:
+ etcd.rm
+
+{%- endif %}
+
+{%- endfor %}
+
master_services:
service.running:
- names: {{ master.services }}
diff --git a/kubernetes/master/opencontrail-network-manager.sls b/kubernetes/master/opencontrail-network-manager.sls
index 803bd4d..578abda 100644
--- a/kubernetes/master/opencontrail-network-manager.sls
+++ b/kubernetes/master/opencontrail-network-manager.sls
@@ -20,11 +20,4 @@
- mode: 644
- makedirs: true
-/etc/kubernetes/namespace-opencontrail.yml:
- file.managed:
- - source: salt://kubernetes/files/opencontrail/namespace-opencontrail.yml
- - user: root
- - group: root
- - file_mode: 644
-
{%- endif %}
\ No newline at end of file
diff --git a/kubernetes/pool/kubelet.sls b/kubernetes/pool/kubelet.sls
index 0b20cf8..4667e40 100644
--- a/kubernetes/pool/kubelet.sls
+++ b/kubernetes/pool/kubelet.sls
@@ -21,6 +21,33 @@
/etc/kubernetes/config:
file.absent
+{%- if pool.host.labels is defined %}
+
+{%- for name,label in pool.host.label.iteritems() %}
+
+{%- if label.enabled %}
+
+{{ name }}:
+ k8s.label_present:
+ - name: {{ name }}
+ - value: {{ label.value }}
+ - node: {{ pool.host.name }}
+ - apiserver: http://{{ pool.master.host }}:8080
+
+{%- else %}
+
+{{ name }}:
+ k8s.label_absent:
+ - name: {{ name }}
+ - node: {{ pool.host.name }}
+ - apiserver: http://{{ pool.master.host }}:8080
+
+{%- endif %}
+
+{%- endfor %}
+
+{%- endif %}
+
pool_services:
service.running:
- names: {{ pool.services }}
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index 2d118ff..d199929 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -27,9 +27,11 @@
allow_privileged: True
apiserver:
address: ${_param:apiserver_address}
- port: 8080
+ insecure_address: 0.0.0.0
etcd:
host: 10.10.6.187
+ registry: quay.io/coreos
+ version: v3.0.1
token: ca939ec9c2a17b0786f6d411fe019e9b
name: ${linux:system:name}
members:
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index e240ed6..9058c26 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -27,9 +27,11 @@
allow_privileged: True
apiserver:
address: ${_param:apiserver_address}
- port: 8080
+ insecure_address: 0.0.0.0
etcd:
host: 127.0.0.1
+ registry: quay.io/coreos
+ version: v3.0.1
token: ca939ec9c2a17b0786f6d411fe019e9b
name: ${linux:system:name}
members:
diff --git a/metadata/service/pool/cluster.yml b/metadata/service/pool/cluster.yml
index e05d323..2af7759 100644
--- a/metadata/service/pool/cluster.yml
+++ b/metadata/service/pool/cluster.yml
@@ -9,6 +9,8 @@
enabled: true
version: ${_param:kubernetes_version}
registry: tcpcloud
+ host:
+ name: ${linux:system:name}
master:
host: ${_param:cluster_vip_address}
apiserver:
diff --git a/metadata/service/pool/single.yml b/metadata/service/pool/single.yml
index b4bb7df..863c48d 100644
--- a/metadata/service/pool/single.yml
+++ b/metadata/service/pool/single.yml
@@ -9,6 +9,8 @@
enabled: true
version: ${_param:kubernetes_version}
registry: tcpcloud
+ host:
+ name: ${linux:system:name}
master:
host: ${_param:master_address}
apiserver: