Update virtlet deployment procedure.
Added dockershim service.
Removed kubelet.conf as not required.
Bump version to v0.8.0.
Change-Id: I6527213b3db3c8e9f2a5f1e8349624f9353fccaa
diff --git a/README.rst b/README.rst
index c3df5f7..60ef3b4 100644
--- a/README.rst
+++ b/README.rst
@@ -71,7 +71,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
hosts:
- cmp01
- cmp02
diff --git a/kubernetes/_common.sls b/kubernetes/_common.sls
index 1610d64..b489517 100644
--- a/kubernetes/_common.sls
+++ b/kubernetes/_common.sls
@@ -83,19 +83,32 @@
- onlyif: /bin/false
{%- endif %}
+/usr/bin/dockershim:
+ file.symlink:
+ - target: /usr/bin/criproxy
+ - require:
+ - file: /usr/bin/criproxy
+
/etc/criproxy:
file.directory:
- user: root
- group: root
- mode: 0750
-/etc/criproxy/kubelet.conf:
+/etc/criproxy/node.conf:
file.managed:
- - source: salt://kubernetes/files/virtlet/kubelet.conf
+ - user: root
+ - group: root
+ - mode: 0640
+ - contents: ''
+
+/etc/systemd/system/dockershim.service:
+ file.managed:
+ - source: salt://kubernetes/files/systemd/dockershim.service
- template: jinja
- user: root
- group: root
- - mode: 640
+ - mode: 755
/etc/systemd/system/criproxy.service:
file.managed:
@@ -105,14 +118,24 @@
- group: root
- mode: 755
+dockershim_service:
+ service.running:
+ - name: dockershim
+ - enable: True
+ - watch:
+ - file: /etc/systemd/system/dockershim.service
+ - file: /usr/bin/dockershim
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
criproxy_service:
service.running:
- name: criproxy
- enable: True
- watch:
- file: /etc/systemd/system/criproxy.service
- - file: /etc/criproxy/kubelet.conf
- - file: /etc/criproxy
+ - file: /etc/criproxy/node.conf
- file: /usr/bin/criproxy
{%- if grains.get('noservices') %}
- onlyif: /bin/false
@@ -123,6 +146,11 @@
/etc/criproxy:
file.absent
+dockershim_service:
+ service.dead:
+ - name: dockershim
+ - enable: False
+
criproxy_service:
service.dead:
- name: criproxy
diff --git a/kubernetes/files/systemd/criproxy.service b/kubernetes/files/systemd/criproxy.service
index 6d91cb2..fb6dcf5 100644
--- a/kubernetes/files/systemd/criproxy.service
+++ b/kubernetes/files/systemd/criproxy.service
@@ -3,8 +3,7 @@
[Service]
ExecStart=/usr/bin/criproxy -alsologtostderr \
- -connect docker,virtlet:/var/run/virtlet.sock \
- -kubeletcfg /etc/criproxy/kubelet.conf \
+ -connect /var/run/dockershim.sock,virtlet:/var/run/virtlet.sock \
-listen /var/run/criproxy.sock
Restart=always
StartLimitInterval=0
diff --git a/kubernetes/files/systemd/dockershim.service b/kubernetes/files/systemd/dockershim.service
new file mode 100644
index 0000000..ec02645
--- /dev/null
+++ b/kubernetes/files/systemd/dockershim.service
@@ -0,0 +1,24 @@
+[Unit]
+Description=dockershim for criproxy
+
+[Service]
+EnvironmentFile=-/etc/default/kubelet
+ExecStart=/usr/bin/dockershim \
+ $KUBE_LOGTOSTDERR \
+ $KUBE_LOG_LEVEL \
+ $KUBE_ALLOW_PRIV \
+ $KUBELET_ADDRESS \
+ $KUBELET_PORT \
+ $KUBELET_HOSTNAME \
+ $KUBELET_API_SERVER \
+ $DOCKER_ENDPOINT \
+ $CADVISOR_PORT \
+ $DAEMON_ARGS
+
+Restart=always
+StartLimitInterval=0
+RestartSec=10
+
+[Install]
+RequiredBy=criproxy.service
+
diff --git a/kubernetes/files/virtlet/kubelet.conf b/kubernetes/files/virtlet/kubelet.conf
deleted file mode 100644
index 2697cc3..0000000
--- a/kubernetes/files/virtlet/kubelet.conf
+++ /dev/null
@@ -1,150 +0,0 @@
-{%- from "kubernetes/map.jinja" import common with context %}
-{
- "address": "0.0.0.0",
- "allowPrivileged": true,
- "authentication": {
- "anonymous": {
- "enabled": true
- },
- "webhook": {
- "cacheTTL": "2m0s",
- "enabled": false
- },
- "x509": {
- "clientCAFile": ""
- }
- },
- "authorization": {
- "mode": "AlwaysAllow",
- "webhook": {
- "cacheAuthorizedTTL": "5m0s",
- "cacheUnauthorizedTTL": "30s"
- }
- },
- "babysitDaemons": false,
- "cAdvisorPort": 4194,
- "certDirectory": "/var/run/kubernetes",
- "cgroupDriver": "cgroupfs",
- "cgroupRoot": "",
- "cgroupsPerQOS": true,
-{%- if common.get('cloudprovider', {}).get('enabled') %}
- "cloudProvider": "{{ common.cloudprovider.provider }}"
-{%- if common.get('cloudprovider', {}).get('provider') == 'openstack' %}
- "cloudConfigFile": "/etc/kubernetes/cloud-config.conf",
-{%- endif %}
-{%- else %}
- "cloudProvider": "auto-detect",
-{%- endif %}
-
- "clusterDNS": [
- "10.254.0.10"
- ],
- "clusterDomain": "{{ common.cluster_domain|replace('_', '-') }}",
- "cniBinDir": "/opt/cni/bin",
- "cniConfDir": "",
- "containerRuntime": "docker",
- "containerized": false,
- "contentType": "application/vnd.kubernetes.protobuf",
- "cpuCFSQuota": true,
- "dockerEndpoint": "unix:///var/run/docker.sock",
- "dockerExecHandlerName": "native",
- "enableCRI": true,
- "enableContentionProfiling": false,
- "enableControllerAttachDetach": true,
- "enableCustomMetrics": false,
- "enableDebuggingHandlers": true,
- "enableServer": true,
- "enforceNodeAllocatable": [
- "pods"
- ],
- "eventBurst": 10,
- "eventRecordQPS": 5,
- "evictionHard": "memory.available<100Mi",
- "evictionMaxPodGracePeriod": 0,
- "evictionMinimumReclaim": "",
- "evictionPressureTransitionPeriod": "5m0s",
- "evictionSoft": "",
- "evictionSoftGracePeriod": "",
- "exitOnLockContention": false,
- "experimentalKernelMemcgNotification": false,
- "experimentalQOSReserved": {},
- "featureGates": "DynamicKubeletConfig=true",
- "fileCheckFrequency": "5s",
- "hairpinMode": "promiscuous-bridge",
- "healthzBindAddress": "127.0.0.1",
- "healthzPort": 10248,
- "hostIPCSources": [
- "*"
- ],
- "hostNetworkSources": [
- "*"
- ],
- "hostPIDSources": [
- "*"
- ],
- "hostnameOverride": "",
- "httpCheckFrequency": "20s",
- "imageGCHighThresholdPercent": 90,
- "imageGCLowThresholdPercent": 80,
- "imageMinimumGCAge": "2m0s",
- "imagePullProgressDeadline": "1m0s",
- "iptablesDropBit": 15,
- "iptablesMasqueradeBit": 14,
- "kubeAPIBurst": 10,
- "kubeAPIQPS": 5,
- "kubeReserved": {},
- "kubeletCgroups": "",
- "lockFilePath": "",
- "lowDiskSpaceThresholdMB": 256,
- "makeIPTablesUtilChains": true,
- "manifestURL": "",
- "manifestURLHeader": "",
- "masterServiceNamespace": "default",
- "maxContainerCount": -1,
- "maxOpenFiles": 1000000,
- "maxPerPodContainerCount": 1,
- "maxPods": 110,
- "minimumGCAge": "0s",
- "networkPluginDir": "/etc/cni/net.d",
- "networkPluginMTU": 0,
- "networkPluginName": "cni",
- "nodeIP": "",
- "nodeLabels": {
- "node-role.kubernetes.io/node": "true"
- },
- "nodeStatusUpdateFrequency": "10s",
- "nonMasqueradeCIDR": "10.0.0.0/8",
- "oomScoreAdj": -999,
- "outOfDiskTransitionFrequency": "5m0s",
- "podCIDR": "",
- "podInfraContainerImage": "gcr.io/google_containers/pause-amd64:3.0",
- "podManifestPath": "/etc/kubernetes/manifests",
- "podsPerCore": 0,
- "port": 10250,
- "protectKernelDefaults": false,
- "readOnlyPort": 10255,
- "registerNode": true,
- "registerSchedulable": true,
- "registerWithTaints": [],
- "registryBurst": 10,
- "registryPullQPS": 5,
- "remoteImageEndpoint": "",
- "remoteRuntimeEndpoint": "",
- "resolvConf": "/etc/resolv.conf",
- "rktAPIEndpoint": "localhost:15441",
- "rktPath": "",
- "rktStage1Image": "",
- "rootDirectory": "/var/lib/kubelet",
- "runtimeCgroups": "",
- "runtimeRequestTimeout": "2m0s",
- "seccompProfileRoot": "/var/lib/kubelet/seccomp",
- "serializeImagePulls": true,
- "streamingConnectionIdleTimeout": "4h0m0s",
- "syncFrequency": "1m0s",
- "systemCgroups": "",
- "systemReserved": {},
- "tlsCertFile": "",
- "tlsPrivateKeyFile": "",
- "volumePluginDir": "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/",
- "volumeStatsAggPeriod": "1m0s"
-}
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index b7884b4..c29d5ee 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -55,7 +55,7 @@
virtlet:
enabled: False
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
cloudprovider:
enabled: False
provider: openstack
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index 61464f7..fb9cfeb 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -61,7 +61,7 @@
virtlet:
enabled: False
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
token:
admin: ${_param:kubernetes_admin_token}
kubelet: ${_param:kubernetes_kubelet_token}
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index 513d6b1..50af461 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -42,7 +42,7 @@
hosts:
- cmp01
- cmp02
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
master:
admin:
password: password
diff --git a/tests/pillar/master_contrail.sls b/tests/pillar/master_contrail.sls
index 862bb9a..4719e3d 100644
--- a/tests/pillar/master_contrail.sls
+++ b/tests/pillar/master_contrail.sls
@@ -39,7 +39,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/master_contrail4_0.sls b/tests/pillar/master_contrail4_0.sls
index d948e7c..9382438 100644
--- a/tests/pillar/master_contrail4_0.sls
+++ b/tests/pillar/master_contrail4_0.sls
@@ -39,7 +39,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls
index b9e7840..c22b8c1 100644
--- a/tests/pillar/pool_cluster.sls
+++ b/tests/pillar/pool_cluster.sls
@@ -18,7 +18,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/pool_cluster_with_domain.sls b/tests/pillar/pool_cluster_with_domain.sls
index 6201348..877540e 100644
--- a/tests/pillar/pool_cluster_with_domain.sls
+++ b/tests/pillar/pool_cluster_with_domain.sls
@@ -18,7 +18,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/pool_contrail4_0.sls b/tests/pillar/pool_contrail4_0.sls
index ea4426a..32d6ce9 100644
--- a/tests/pillar/pool_contrail4_0.sls
+++ b/tests/pillar/pool_contrail4_0.sls
@@ -18,7 +18,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.7.0
+ image: mirantis/virtlet:v0.8.0
hosts:
- cmp01
- cmp02