allow to pass options to daemons
Requested for labs deployment.
Change-Id: I67e5d8c6dbf7d415ec3ca0cea0ae8a79c3ca9c6e
diff --git a/README.rst b/README.rst
index d9dd06c..be3af09 100644
--- a/README.rst
+++ b/README.rst
@@ -32,6 +32,24 @@
cni:
image: calico/cni
+Pass aditional parameters to daemons:
+
+.. code-block:: yaml
+
+ parameters:
+ kubernetes:
+ master:
+ apiserver:
+ daemon_opts:
+ storage-backend: pigeon
+ controller_manager:
+ daemon_opts:
+ log-dir: /dev/nulL
+ pool:
+ kubelet:
+ daemon_opts:
+ max-pods: "6"
+
Containers on pool definitions in pool.service.local
diff --git a/kubernetes/files/kubelet/default.master b/kubernetes/files/kubelet/default.master
index 9fb3840..183363e 100644
--- a/kubernetes/files/kubelet/default.master
+++ b/kubernetes/files/kubelet/default.master
@@ -1,4 +1,4 @@
{%- from "kubernetes/map.jinja" import master with context %}
# test_args has to be kept at the end, so they'll overwrite any prior configuration
-DAEMON_ARGS="--config=/etc/kubernetes/manifests --allow-privileged={{ master.kubelet.allow_privileged }} --cluster_dns={{ master.addons.dns.server }} --register-node=false --cluster_domain={{ master.addons.dns.domain }} --v=2"
+DAEMON_ARGS="--config=/etc/kubernetes/manifests --allow-privileged={{ master.kubelet.allow_privileged }} --cluster_dns={{ master.addons.dns.server }} --register-node=false --cluster_domain={{ master.addons.dns.domain }} --v=2{% for key, value in master.get('kubelet', {}).get('daemon_opts', {}).iteritems() %} --{{ key }}="{{ value }}"{% endfor %}"
diff --git a/kubernetes/files/kubelet/default.pool b/kubernetes/files/kubelet/default.pool
index a67b73c..a145901 100644
--- a/kubernetes/files/kubelet/default.pool
+++ b/kubernetes/files/kubelet/default.pool
@@ -1,4 +1,4 @@
{%- from "kubernetes/map.jinja" import pool with context %}
# test_args has to be kept at the end, so they'll overwrite any prior configuration
-DAEMON_ARGS="--require-kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --config=/etc/kubernetes/manifests --allow-privileged={{ pool.kubelet.allow_privileged }} --cluster_dns={{ pool.cluster_dns }} --cluster_domain={{ pool.cluster_domain }} --v=2 {% if pool.network.engine == 'opencontrail' %}--network-plugin={{ pool.network.engine }}{% endif %} {% if pool.network.engine == 'calico' %}--network-plugin=cni --network-plugin-dir=/etc/cni/net.d{% endif %} --file-check-frequency={{ pool.kubelet.frequency }}"
+DAEMON_ARGS="--require-kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --config=/etc/kubernetes/manifests --allow-privileged={{ pool.kubelet.allow_privileged }} --cluster_dns={{ pool.cluster_dns }} --cluster_domain={{ pool.cluster_domain }} --v=2 {% if pool.network.engine == 'opencontrail' %}--network-plugin={{ pool.network.engine }}{% endif %} {% if pool.network.engine == 'calico' %}--network-plugin=cni --network-plugin-dir=/etc/cni/net.d{% endif %} --file-check-frequency={{ pool.kubelet.frequency }}{% for key, value in pool.get('kubelet', {}).get('daemon_opts', {}).iteritems() %} --{{ key }}="{{ value }}"{% endfor %}"
diff --git a/kubernetes/master/controller.sls b/kubernetes/master/controller.sls
index f69e476..009eed1 100644
--- a/kubernetes/master/controller.sls
+++ b/kubernetes/master/controller.sls
@@ -76,7 +76,7 @@
- user: root
- group: root
- mode: 644
- - contents: DAEMON_ARGS=" --insecure-bind-address={{ master.apiserver.insecure_address }} --etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --service-cluster-ip-range={{ master.service_addresses }} --client-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --basic-auth-file=/srv/kubernetes/basic_auth.csv --tls-cert-file=/etc/kubernetes/ssl/kubernetes-server.crt --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --secure-port={{ master.apiserver.get('secure_port', '443') }} --bind-address={{ master.apiserver.address }} --token-auth-file=/srv/kubernetes/known_tokens.csv --v=2 --allow-privileged=True --etcd-quorum-read=true {%- if master.apiserver.node_port_range is defined %} --service-node-port-range {{ master.apiserver.node_port_range }} {%- endif %}"
+ - contents: DAEMON_ARGS=" --insecure-bind-address={{ master.apiserver.insecure_address }} --etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --service-cluster-ip-range={{ master.service_addresses }} --client-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --basic-auth-file=/srv/kubernetes/basic_auth.csv --tls-cert-file=/etc/kubernetes/ssl/kubernetes-server.crt --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --secure-port={{ master.apiserver.get('secure_port', '443') }} --bind-address={{ master.apiserver.address }} --token-auth-file=/srv/kubernetes/known_tokens.csv --v=2 --allow-privileged=True --etcd-quorum-read=true {%- if master.apiserver.node_port_range is defined %} --service-node-port-range {{ master.apiserver.node_port_range }} {%- endif %}{% for key, value in master.get('apiserver', {}).get('daemon_opts', {}).iteriems() %} --{{ key }}="{{ value }}"{% endfor %}"
{% for component in ['scheduler', 'controller-manager'] %}
@@ -98,14 +98,14 @@
- user: root
- group: root
- mode: 644
- - contents: DAEMON_ARGS=" --kubeconfig /etc/kubernetes/controller-manager.kubeconfig --cluster-name=kubernetes --service-account-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --v=2 --root-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --leader-elect=true"
+ - contents: DAEMON_ARGS=" --kubeconfig /etc/kubernetes/controller-manager.kubeconfig --cluster-name=kubernetes --service-account-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --v=2 --root-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --leader-elect=true{% for key, value in master.get('controller_manager', {}).get('daemon_opts', {}).iteritems() %} --{{ key }}="{{ value }}"{% endfor %}"
/etc/default/kube-scheduler:
file.managed:
- user: root
- group: root
- mode: 644
- - contents: DAEMON_ARGS=" --kubeconfig /etc/kubernetes/scheduler.kubeconfig --v=2 --leader-elect=true"
+ - contents: DAEMON_ARGS=" --kubeconfig /etc/kubernetes/scheduler.kubeconfig --v=2 --leader-elect=true{% for key, value in master.get('scheduler', {}).get('daemon_opts', {}).iteritems() %} --{{ key }}="{{ value }}"{% endfor %}"
/etc/systemd/system/kube-apiserver.service:
file.managed: