Deploy contrail network manager only on controller
This is requried cause contrail network manager connects directly on localhost.
We cant use incluster auth cause kubernetes api is not reachable from underlay network
This change adds 2 things:
- additional label for all controllers: node-role.kubernetes.io: master
- nodeSelector for contrail network manager deployment
Change-Id: I77b46644ae8f4384890c25a2808a45c353554be8
diff --git a/kubernetes/files/kube-addons/contrail_network_controller/contrail-network-controller-deploy.yml b/kubernetes/files/kube-addons/contrail_network_controller/contrail-network-controller-deploy.yml
index b270309..ebe981f 100644
--- a/kubernetes/files/kube-addons/contrail_network_controller/contrail-network-controller-deploy.yml
+++ b/kubernetes/files/kube-addons/contrail_network_controller/contrail-network-controller-deploy.yml
@@ -14,6 +14,8 @@
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
+ nodeSelector:
+ node-role.kubernetes.io: master
containers:
- name: contrail-kube-manager
image: {{ master.addons.contrail_network_controller.get('image', 'docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/contrail-integration/contrail-network-controller:v1.0.0') }}
diff --git a/kubernetes/master/controller.sls b/kubernetes/master/controller.sls
index 72f71fb..d52190d 100644
--- a/kubernetes/master/controller.sls
+++ b/kubernetes/master/controller.sls
@@ -248,6 +248,16 @@
- onlyif: /bin/false
{%- endif %}
+kubernetes_label_master_{{ master.host.name }}:
+ cmd.run:
+ - name: kubectl label --overwrite nodes {{ master.host.name }} node-role.kubernetes.io=master
+ - require:
+ - cmd: kubernetes_node_ready_{{ master.host.name}}
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
+
{%- endif %}
{%- if master.registry.secret is defined %}