Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / kubernetes / 7a472de71ee6958660bf58539fac214cf3328629 / . / kubernetes / _common.sls
blob: 3d59fbf1c3369ce2e646a40efabb11a125b82dac [file] [log] [blame]
{%- from "kubernetes/map.jinja" import common with context %}
kubernetes_pkgs:
pkg.installed:
- names: {{ common.pkgs }}
{%- if common.hyperkube is defined %}
/usr/bin/hyperkube:
file.managed:
- source: {{ common.hyperkube.source }}
- mode: 751
- makedirs: true
- user: root
- group: root
- source_hash: {{ common.hyperkube.source_hash }}
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
/usr/bin/kubectl:
file.symlink:
- target: /usr/bin/hyperkube
- require:
- file: /usr/bin/hyperkube
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
{%- if common.get('containerd', {}).get('enabled') %}
containerd_pkg:
pkg.installed:
- name: {{ common.get('containerd', {}).get('package', 'containerd.io') }}
/etc/containerd/config.toml:
file.managed:
- source: salt://kubernetes/files/containerd/config.toml
- makedirs: True
- template: jinja
- user: root
- group: root
- mode: 644
containerd_service:
service.running:
- name: containerd
- enable: True
- watch:
- file: /etc/containerd/config.toml
- require:
- containerd_pkg
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
extract_crictl:
archive.extracted:
- name: /tmp/crictl
- source: {{ common.containerd.crictl.source }}
- source_hash: {{ common.containerd.crictl.hash }}
- enforce_toplevel: false
- options: xzf
- archive_format: tar
- keep: true
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
/usr/local/bin/crictl:
file.managed:
- source: /tmp/crictl/crictl
- mode: 755
- owner: root
- group: root
- require:
- archive: extract_crictl
/etc/crictl.yaml:
file.managed:
- user: root
- group: root
- mode: 644
- contents: 'runtime-endpoint: unix:///run/containerd/containerd.sock'
{%- endif %}
{%- if common.addons.get('virtlet', {}).get('enabled') and not pillar.kubernetes.master is defined %}
{%- if not common.get('containerd', {}).get('enabled') %}
/etc/default/dockershim:
file.managed:
- source: salt://kubernetes/files/dockershim/default.pool
- template: jinja
- user: root
- group: root
- mode: 644
/etc/systemd/system/dockershim.service:
file.managed:
- source: salt://kubernetes/files/systemd/dockershim.service
- template: jinja
- user: root
- group: root
- mode: 755
dockershim_service:
service.running:
- name: dockershim
- enable: True
- watch:
- file: /etc/default/dockershim
- file: /usr/bin/hyperkube
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
{%- endif %}
/usr/bin/criproxy:
file.managed:
- source: https://github.com/mirantis/criproxy/releases/download/{{ common.addons.virtlet.get('criproxy_version', 'v0.10.0') }}/criproxy
- mode: 750
- makedirs: true
- user: root
- group: root
- source_hash: {{ common.addons.virtlet.get('criproxy_source', 'md5=52717b1f70f15558ef4bdb0e4d4948da') }}
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
/etc/criproxy:
file.directory:
- user: root
- group: root
- mode: 0750
/var/log/criproxy:
file.directory:
- user: root
- group: root
- mode: 0750
/etc/criproxy/node.conf:
file.managed:
- user: root
- group: root
- mode: 0640
- contents: ''
/etc/systemd/system/criproxy.service:
file.managed:
- source: salt://kubernetes/files/systemd/criproxy.service
- template: jinja
- user: root
- group: root
- mode: 755
criproxy_service:
service.running:
- name: criproxy
- enable: True
- watch:
- file: /etc/systemd/system/criproxy.service
- file: /etc/criproxy/node.conf
- file: /usr/bin/criproxy
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
{%- else %}
/etc/criproxy:
file.absent
{%- if not common.get('containerd', {}).get('enabled') %}
dockershim_service:
service.dead:
- name: dockershim
- enable: False
{%- endif %}
criproxy_service:
service.dead:
- name: criproxy
- enable: False
{%- endif %}
/etc/systemd/system/kubelet.service:
file.managed:
- source: salt://kubernetes/files/systemd/kubelet.service
- template: jinja
- user: root
- group: root
- mode: 644
/etc/kubernetes/config:
file.absent
{%- if common.get('cloudprovider', {}).get('enabled') and common.get('cloudprovider', {}).get('provider') == 'openstack' %}
{%- set cloudconfig_type = 'external' %}
/etc/kubernetes/cloud-config:
file.managed:
- source: salt://kubernetes/files/cloudprovider/cloud-config-openstack.conf
- template: jinja
- user: root
- group: root
- mode: 600
- defaults:
cloudconfig_type: {{ cloudconfig_type }}
{%- if pillar.kubernetes.master is defined %}
{%- set cloudconfig_type = 'intree' %}
/etc/kubernetes/cloud-config.intree:
file.managed:
- source: salt://kubernetes/files/cloudprovider/cloud-config-openstack.conf
- template: jinja
- user: root
- group: root
- mode: 600
- defaults:
cloudconfig_type: {{ cloudconfig_type }}
{% endif %}
{% endif %}
{%- if pillar.kubernetes.master is defined %}
/etc/default/kubelet:
file.managed:
- source: salt://kubernetes/files/kubelet/default.master
- template: jinja
- user: root
- group: root
- mode: 644
/etc/kubernetes/kubelet.kubeconfig:
file.managed:
- source: salt://kubernetes/files/kubelet/kubelet.kubeconfig.master
- template: jinja
- user: root
- group: root
- mode: 644
- makedirs: true
{%- else %}
/etc/default/kubelet:
file.managed:
- source: salt://kubernetes/files/kubelet/default.pool
- template: jinja
- user: root
- group: root
- mode: 644
/etc/kubernetes/kubelet.kubeconfig:
file.managed:
- source: salt://kubernetes/files/kubelet/kubelet.kubeconfig.pool
- template: jinja
- user: root
- group: root
- mode: 644
- makedirs: true
{%- endif %}
manifest_dir_create:
file.directory:
- makedirs: true
- name: /etc/kubernetes/manifests
- user: root
- group: root
- mode: 0751
kubelet_service:
service.running:
- name: kubelet
- enable: True
- watch:
- file: /etc/default/kubelet
- file: /usr/bin/hyperkube
- file: /etc/kubernetes/kubelet.kubeconfig
- file: manifest_dir_create
{%- if common.get('cloudprovider', {}).get('enabled') %}
{%- if common.get('cloudprovider', {}).get('provider') == 'openstack' and not pillar.get('kubernetes', {}).get('master', false) %}
- file: /etc/kubernetes/cloud-config
{%- endif %}
{%- endif %}
{%- if grains.get('noservices') %}
- onlyif: /bin/false
{%- endif %}
{%- if common.logrotate is defined %}
/etc/logrotate.d/kubernetes:
file.managed:
- source: salt://kubernetes/files/logrotate
- template: jinja
- user: root
- group: root
- mode: 644
- makedirs: true
- defaults:
logfile: {{ common.logrotate }}
{% endif %}
{% endif %}
{%- if common.cni is defined %}
/opt/cni/bin:
archive.extracted:
- source: {{ common.cni.plugins.source }}
- source_hash: {{ common.cni.plugins.hash }}
{%- if grains['saltversioninfo'] < [2017, 7] %}
- tar_options: xzf
{%- else %}
- options: xzf
{%- endif %}
- archive_format: tar
- overwrite: true
{%- endif %}
{%- if common.addons.get('helm', {'enabled': False}).enabled %}
extract_helm:
archive.extracted:
- name: /tmp/helm
- source: {{ common.addons.helm.client.source }}
- source_hash: {{ common.addons.helm.client.hash }}
{%- if grains['saltversioninfo'] < [2017, 7] %}
- tar_options: xzf
{%- else %}
- options: xzf
{%- endif %}
- archive_format: tar
- keep: true
/usr/local/bin/helm:
file.managed:
- source: /tmp/helm/linux-amd64/helm
- mode: 755
- owner: root
- group: root
- require:
- archive: extract_helm
{%- endif %}