Refactor k8s network section definitions. Calico part
In this patch all calico related parameters are moved to
'network.calico' subsection.
Also added small fixes for deployment.
Change-Id: I32882487455f47c84a87511e384be32e9ed42622
diff --git a/README.rst b/README.rst
index 37fa482..8750f07 100644
--- a/README.rst
+++ b/README.rst
@@ -33,10 +33,9 @@
image: gcr.io/google_containers/hyperkube:v1.6.5
pool:
network:
- calicoctl:
- image: calico/ctl
- cni:
- image: calico/cni
+ calico:
+ calicoctl_image: calico/ctl
+ cni_image: calico/cni
Enable helm-tiller addon
@@ -320,10 +319,6 @@
allow_privileged: true
network:
engine: calico
- mtu: 1500
- hash: fb5e30ebe6154911a66ec3fb5f1195b2
- private_ip_range: 10.150.0.0/16
- version: v0.19.0
service_addresses: 10.254.0.0/16
storage:
engine: glusterfs
@@ -369,9 +364,6 @@
host: 10.0.175.100
network:
engine: calico
- mtu: 1500
- hash: fb5e30ebe6154911a66ec3fb5f1195b2
- version: v0.19.0
token:
kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
@@ -535,16 +527,17 @@
master:
network:
engine: calico
- mtu: 1500
+ calico:
+ mtu: 1500
# If you don't register master as node:
- etcd:
- members:
- - host: 10.0.175.101
- port: 4001
- - host: 10.0.175.102
- port: 4001
- - host: 10.0.175.103
- port: 4001
+ etcd:
+ members:
+ - host: 10.0.175.101
+ port: 4001
+ - host: 10.0.175.102
+ port: 4001
+ - host: 10.0.175.103
+ port: 4001
On pools:
@@ -554,15 +547,16 @@
pool:
network:
engine: calico
- mtu: 1500
- etcd:
- members:
- - host: 10.0.175.101
- port: 4001
- - host: 10.0.175.102
- port: 4001
- - host: 10.0.175.103
- port: 4001
+ calico:
+ mtu: 1500
+ etcd:
+ members:
+ - host: 10.0.175.101
+ port: 4001
+ - host: 10.0.175.102
+ port: 4001
+ - host: 10.0.175.103
+ port: 4001
Running with secured etcd:
@@ -572,16 +566,17 @@
pool:
network:
engine: calico
- mtu: 1500
- etcd:
- ssl:
- enabled: true
+ calico:
+ etcd:
+ ssl:
+ enabled: true
master:
network:
engine: calico
- etcd:
- ssl:
- enabled: true
+ calico:
+ etcd:
+ ssl:
+ enabled: true
Running with calico-policy controller:
@@ -591,7 +586,6 @@
pool:
network:
engine: calico
- mtu: 1500
addons:
calico_policy:
enabled: true
@@ -599,7 +593,6 @@
master:
network:
engine: calico
- mtu: 1500
addons:
calico_policy:
enabled: true
@@ -613,12 +606,14 @@
kubernetes:
pool:
network:
- prometheus:
- enabled: true
+ calico:
+ prometheus:
+ enabled: true
master:
network:
- prometheus:
- enabled: true
+ calico:
+ prometheus:
+ enabled: true
Post deployment configuration
diff --git a/kubernetes/files/calico/calico-node.service.master b/kubernetes/files/calico/calico-node.service.master
index 995f517..c91dd5c 100644
--- a/kubernetes/files/calico/calico-node.service.master
+++ b/kubernetes/files/calico/calico-node.service.master
@@ -11,22 +11,22 @@
-e NODENAME={{ master.host.name }}{% if master.host.get('domain') %}.{{ master.host.domain }}{%- endif %} \
-e IP={{ master.apiserver.address }} \
-e IP6={{ master.get('ipv6_address', '') }} \
-{%- if master.network.calico_network_backend is defined %}
- -e CALICO_NETWORKING_BACKEND="{{ master.network.calico_network_backend }}"
+{%- if master.network.calico.network_backend is defined %}
+ -e CALICO_NETWORKING_BACKEND="{{ master.network.calico.network_backend }}"
{%- endif %}
- -e AS={{ master.network.get('as', '64512') }} \
- -e NO_DEFAULT_MASTERS={{ master.network.get('no_default_masters') }} \
- -e CALICO_LIBNETWORK_ENABLED={{ master.network.get('libnetwork_enabled', true ) }} \
- -e ETCD_ENDPOINTS={% for member in master.network.etcd.members %}http{% if master.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \
-{%- if master.network.etcd.get('ssl', {}).get('enabled') %}
+ -e AS={{ master.network.calico.get('as', '64512') }} \
+ -e NO_DEFAULT_MASTERS={{ master.network.calico.get('no_default_masters') }} \
+ -e CALICO_LIBNETWORK_ENABLED={{ master.network.calico.get('libnetwork_enabled', true ) }} \
+ -e ETCD_ENDPOINTS={% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \
+{%- if master.network.calico.etcd.get('ssl', {}).get('enabled') %}
-e ETCD_CA_CERT_FILE=/var/lib/etcd/ca.pem \
-e ETCD_CERT_FILE=/var/lib/etcd/etcd-client.crt \
-e ETCD_KEY_FILE=/var/lib/etcd/etcd-client.key \
-v /var/lib/etcd/:/var/lib/etcd/:ro \
{%- endif %}
-{%- if master.network.get('prometheus', {}).get('enabled') %}
+{%- if master.network.calico.get('prometheus', {}).get('enabled') %}
-e FELIX_PROMETHEUSMETRICSENABLED=true \
- -p {{ pool.network.prometheus.get('address', '0.0.0.0') }}:{{ master.network.get('prometheus', {}).get('port', 9091) }}:9091 \
+ -p {{ pool.network.calico.prometheus.get('address', '0.0.0.0') }}:{{ master.network.calico.get('prometheus', {}).get('port', 9091) }}:9091 \
{%- endif %}
-v /var/log/calico:/var/log/calico \
-v /run/docker/plugins:/run/docker/plugins \
@@ -37,7 +37,7 @@
-v {{ volume }} \
{%- endfor %}
{%- endif %}
- {{ master.network.get('image', 'calico/node') }}
+ {{ master.network.calico.get('image', 'calico/node') }}
Restart=always
RestartSec=10s
diff --git a/kubernetes/files/calico/calico-node.service.pool b/kubernetes/files/calico/calico-node.service.pool
index 305518f..034a900 100644
--- a/kubernetes/files/calico/calico-node.service.pool
+++ b/kubernetes/files/calico/calico-node.service.pool
@@ -11,23 +11,23 @@
-e NODENAME={{ pool.host.name }}{% if pool.host.get('domain') %}.{{ pool.host.domain }}{%- endif %} \
-e IP={{ pool.address }} \
-e IP6={{ pool.get('ipv6_address', '') }} \
-{%- if pool.network.calico_network_backend is defined %}
- -e CALICO_NETWORKING_BACKEND="{{ pool.network.calico_network_backend }}"
+{%- if pool.network.calico.network_backend is defined %}
+ -e CALICO_NETWORKING_BACKEND="{{ pool.network.calico.network_backend }}"
{%- endif %}
- -e AS={{ pool.network.get('as', '64512') }} \
- -e NO_DEFAULT_POOLS={{ pool.network.get('no_default_pools') }} \
- -e CALICO_LIBNETWORK_ENABLED={{ pool.network.get('libnetwork_enabled', true ) }} \
- -e ETCD_ENDPOINTS={% for member in pool.network.etcd.members %}http{% if pool.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \
-{%- if pool.network.etcd.get('ssl', {}).get('enabled') %}
+ -e AS={{ pool.network.calico.get('as', '64512') }} \
+ -e NO_DEFAULT_POOLS={{ pool.network.calico.get('no_default_pools') }} \
+ -e CALICO_LIBNETWORK_ENABLED={{ pool.network.calico.get('libnetwork_enabled', true ) }} \
+ -e ETCD_ENDPOINTS={% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \
+{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
-e ETCD_CA_CERT_FILE=/var/lib/etcd/ca.pem \
-e ETCD_CERT_FILE=/var/lib/etcd/etcd-client.crt \
-e ETCD_KEY_FILE=/var/lib/etcd/etcd-client.key \
-v /var/lib/etcd/:/var/lib/etcd/:ro \
{%- endif %}
-{%- if pool.network.get('prometheus', {}).get('enabled') %}
+{%- if pool.network.calico.get('prometheus', {}).get('enabled') %}
-e FELIX_PROMETHEUSMETRICSENABLED=true \
- -e FELIX_PROMETHEUSMETRICSPORT={{ pool.network.prometheus.get('port', 9091) }} \
- -p {{ pool.network.prometheus.get('address', '0.0.0.0') }}:{{ pool.network.prometheus.get('port', 9091) }}:9091 \
+ -e FELIX_PROMETHEUSMETRICSPORT={{ pool.network.calico.prometheus.get('port', 9091) }} \
+ -p {{ pool.network.calico.prometheus.get('address', '0.0.0.0') }}:{{ pool.network.calico.prometheus.get('port', 9091) }}:9091 \
{%- endif %}
-v /var/log/calico:/var/log/calico \
-v /run/docker/plugins:/run/docker/plugins \
@@ -38,7 +38,7 @@
-v {{ volume }} \
{%- endfor %}
{%- endif %}
- {{ pool.network.get('image', 'calico/node') }}
+ {{ pool.network.calico.get('image', 'calico/node') }}
Restart=always
RestartSec=10s
diff --git a/kubernetes/files/calico/calico.conf b/kubernetes/files/calico/calico.conf
index 7952945..4f8c3aa 100644
--- a/kubernetes/files/calico/calico.conf
+++ b/kubernetes/files/calico/calico.conf
@@ -4,8 +4,8 @@
"nodeName": "{{ pool.host.name }}{% if pool.host.get('domain') %}.{{ pool.host.domain }}{%- endif %}",
"name": "calico-k8s-network",
"type": "calico",
- "etcd_endpoints": "{% for member in pool.network.etcd.members %}http{% if pool.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}",
-{%- if pool.network.etcd.get('ssl', {}).get('enabled') %}
+ "etcd_endpoints": "{% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}",
+{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
"etcd_key_file": "/var/lib/etcd/etcd-client.pem",
"etcd_cert_file": "/var/lib/etcd/etcd-client.pem",
"etcd_ca_cert_file": "/var/lib/etcd/ca.pem",
@@ -15,8 +15,8 @@
"type": "k8s"
},
{%- endif %}
-{%- if pool.network.get('mtu') %}
- "mtu": {{ pool.network.mtu }},
+{%- if pool.network.calico.get('mtu') %}
+ "mtu": {{ pool.network.calico.mtu }},
{%- endif %}
"log_level": "info",
"ipam": {
diff --git a/kubernetes/files/calico/calicoctl.cfg.master b/kubernetes/files/calico/calicoctl.cfg.master
index 144c9a8..39e40d2 100644
--- a/kubernetes/files/calico/calicoctl.cfg.master
+++ b/kubernetes/files/calico/calicoctl.cfg.master
@@ -4,8 +4,8 @@
metadata:
spec:
datastoreType: "etcdv3"
- etcdEndpoints: {% for member in master.network.etcd.members %}http{% if master.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
-{%- if master.network.etcd.get('ssl', {}).get('enabled') %}
+ etcdEndpoints: {% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
+{%- if master.network.calico.etcd.get('ssl', {}).get('enabled') %}
etcdKeyFile: /var/lib/etcd/etcd-client.pem
etcdCertFile: /var/lib/etcd/etcd-client.pem
etcdCACertFile: /var/lib/etcd/ca.pem
diff --git a/kubernetes/files/calico/calicoctl.cfg.pool b/kubernetes/files/calico/calicoctl.cfg.pool
index 25e95ad..b31ba68 100644
--- a/kubernetes/files/calico/calicoctl.cfg.pool
+++ b/kubernetes/files/calico/calicoctl.cfg.pool
@@ -4,8 +4,8 @@
metadata:
spec:
datastoreType: "etcdv3"
- etcdEndpoints: {% for member in pool.network.etcd.members %}http{% if pool.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
-{%- if pool.network.etcd.get('ssl', {}).get('enabled') %}
+ etcdEndpoints: {% for member in pool.network.calico.etcd.members %}http{% if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
+{%- if pool.network.calico.etcd.get('ssl', {}).get('enabled') %}
etcdKeyFile: /var/lib/etcd/etcd-client.pem
etcdCertFile: /var/lib/etcd/etcd-client.pem
etcdCACertFile: /var/lib/etcd/ca.pem
diff --git a/kubernetes/files/calico/network-environment.master b/kubernetes/files/calico/network-environment.master
index 71d17c5..101fa5b 100644
--- a/kubernetes/files/calico/network-environment.master
+++ b/kubernetes/files/calico/network-environment.master
@@ -4,4 +4,4 @@
DEFAULT_IPV4={{ master.apiserver.address }}
# IP and port of etcd instance used by Calico
-ETCD_ENDPOINTS={% for member in master.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
\ No newline at end of file
+ETCD_ENDPOINTS={% for member in master.network.calico.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
\ No newline at end of file
diff --git a/kubernetes/files/calico/network-environment.pool b/kubernetes/files/calico/network-environment.pool
index 5607e65..06443bd 100644
--- a/kubernetes/files/calico/network-environment.pool
+++ b/kubernetes/files/calico/network-environment.pool
@@ -7,4 +7,4 @@
KUBERNETES_MASTER={{ pool.apiserver.host }}:{{ pool.apiserver.secure_port }}
# IP and port of etcd instance used by Calico
-ETCD_ENDPOINTS={% for member in pool.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
+ETCD_ENDPOINTS={% for member in pool.network.calico.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}
diff --git a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
index 3234421..98e4715 100644
--- a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
+++ b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
@@ -38,7 +38,7 @@
memory: 64M
env:
- name: ETCD_ENDPOINTS
- value: "{% for member in master.network.etcd.members %}http{% if master.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}"
+ value: "{% for member in master.network.calico.etcd.members %}http{% if master.network.calico.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}"
- name: ETCD_CA_CERT_FILE
value: "/var/lib/etcd/ca.pem"
- name: ETCD_CERT_FILE
diff --git a/kubernetes/master/calico.sls b/kubernetes/master/calico.sls
index 3522fb3..4d0fb48 100644
--- a/kubernetes/master/calico.sls
+++ b/kubernetes/master/calico.sls
@@ -21,27 +21,33 @@
- dir_mode: 755
- template: jinja
-/tmp/calico/master/:
+/tmp/calico/:
file.directory:
- user: root
- group: root
- - makedirs: True
-download_calicoctl:
+copy-calico-ctl:
cmd.run:
- - name: wget -P /tmp/calico/master/ {{ master.network.get('source', 'https://github.com/projectcalico/calico-containers/releases/download/') }}{{ master.network.version }}/calicoctl
- - require:
- - file: /tmp/calico/master/
+ - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ master.network.calico.calicoctl_image }} -v /calicoctl /tmp/calico/
+ - require:
+ - file: /tmp/calico/
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
/usr/bin/calicoctl:
file.managed:
- - source: /tmp/calico/master/calicoctl
- - source_hash: md5={{ master.network.hash }}
- - mode: 751
- - user: root
- - group: root
+ - source: /tmp/calico/calicoctl
+ - mode: 751
+ - user: root
+ - group: root
+ - require:
+ - cmd: copy-calico-ctl
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
-{%- if master.network.get('systemd', true) %}
+{%- if master.network.calico.get('systemd', true) %}
/etc/systemd/system/calico-node.service:
file.managed:
diff --git a/kubernetes/meta/prometheus.yml b/kubernetes/meta/prometheus.yml
index f7a4c67..4977663 100644
--- a/kubernetes/meta/prometheus.yml
+++ b/kubernetes/meta/prometheus.yml
@@ -15,16 +15,16 @@
api_ip: {{ pool.apiserver.host }}
cert_name: prometheus-server.crt
key_name: prometheus-server.key
-{%- if network.get('engine', '') == 'calico' and network.get('prometheus', {}).get('enabled', False) %}
+{%- if network.get('engine', '') == 'calico' and network.calico.get('prometheus', {}).get('enabled', False) %}
static:
calico:
endpoint:
{%- if pool.get('enabled', False) %}
- - address: {{ network.prometheus.get('address', pool.address) }}
+ - address: {{ network.calico.prometheus.get('address', pool.address) }}
{%- else %}
- - address: {{ network.prometheus.get('address', master.address) }}
+ - address: {{ network.calico.prometheus.get('address', master.address) }}
{%- endif %}
- port: {{ network.prometheus.get('port', 9091) }}
+ port: {{ network.calico.prometheus.get('port', 9091) }}
{%- endif %}
recording:
cluster_namespace_controller_pod_container:spec_memory_limit_bytes:
diff --git a/kubernetes/pool/calico.sls b/kubernetes/pool/calico.sls
index 4b1a8d1..ef47e2a 100644
--- a/kubernetes/pool/calico.sls
+++ b/kubernetes/pool/calico.sls
@@ -8,7 +8,7 @@
copy-calico-ctl:
cmd.run:
- - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.calicoctl.image }} -v /calicoctl /tmp/calico/
+ - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.calico.calicoctl_image }} -v /calicoctl /tmp/calico/
- require:
- file: /tmp/calico/
{%- if grains.get('noservices') %}
@@ -29,7 +29,7 @@
copy-calico-node:
cmd.run:
- - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.get('image', 'calico/node') }} -v /bin/birdcl /tmp/calico/
+ - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.calico.get('image', 'calico/node') }} -v /bin/birdcl /tmp/calico/
- require:
- file: /tmp/calico/
{%- if grains.get('noservices') %}
@@ -50,7 +50,7 @@
copy-calico-cni:
cmd.run:
- - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.cni.image }} -vr /opt/cni/bin/ /tmp/calico/
+ - name: docker run --rm -v /tmp/calico/:/tmp/calico/ --entrypoint cp {{ pool.network.calico.cni_image }} -vr /opt/cni/bin/ /tmp/calico/
- require:
- file: /tmp/calico/
{%- if grains.get('noservices') %}
@@ -106,7 +106,7 @@
- dir_mode: 755
- template: jinja
-{%- if pool.network.get('systemd', true) %}
+{%- if pool.network.calico.get('systemd', true) %}
/etc/systemd/system/calico-node.service:
file.managed:
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index bedb3b3..8e51e56 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -71,4 +71,3 @@
cluster_name: ${_param:cluster_name}
network:
engine: none
- mtu: 1500
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index 8088d33..dd70c05 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -53,14 +53,15 @@
kube-system:
enabled: True
network:
- etcd:
- members:
- - host: ${_param:cluster_node01_address}
- port: 4001
- - host: ${_param:cluster_node02_address}
- port: 4001
- - host: ${_param:cluster_node03_address}
- port: 4001
+ calico:
+ etcd:
+ members:
+ - host: ${_param:cluster_node01_address}
+ port: 4001
+ - host: ${_param:cluster_node02_address}
+ port: 4001
+ - host: ${_param:cluster_node03_address}
+ port: 4001
federation:
enabled: False
name: federation
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index 80ad876..89668c6 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -19,6 +19,7 @@
kubelet:
address: ${_param:cluster_local_address}
allow_privileged: True
+ fail_on_swap: True
apiserver:
address: ${_param:single_address}
bind_address: 0.0.0.0
@@ -78,10 +79,11 @@
kube-system:
enabled: True
network:
- etcd:
- members:
- - host: ${_param:single_address}
- port: 4001
+ calico:
+ etcd:
+ members:
+ - host: ${_param:single_address}
+ port: 4001
federation:
enabled: False
name: federation
diff --git a/metadata/service/pool/cluster.yml b/metadata/service/pool/cluster.yml
index 173690c..cc5bec7 100644
--- a/metadata/service/pool/cluster.yml
+++ b/metadata/service/pool/cluster.yml
@@ -37,12 +37,12 @@
kube_proxy: ${_param:kubernetes_kube-proxy_token}
ca: kubernetes
network:
- hash: 77169cdadb80a5e33e9d9fe093ed0d99
- etcd:
- members:
- - host: ${_param:cluster_node01_address}
- port: 4001
- - host: ${_param:cluster_node02_address}
- port: 4001
- - host: ${_param:cluster_node03_address}
- port: 4001
+ calico:
+ etcd:
+ members:
+ - host: ${_param:cluster_node01_address}
+ port: 4001
+ - host: ${_param:cluster_node02_address}
+ port: 4001
+ - host: ${_param:cluster_node03_address}
+ port: 4001
diff --git a/metadata/service/pool/single.yml b/metadata/service/pool/single.yml
index eefb9ce..28c61fb 100644
--- a/metadata/service/pool/single.yml
+++ b/metadata/service/pool/single.yml
@@ -28,13 +28,14 @@
config: /etc/kubernetes/manifests
allow_privileged: True
frequency: 5s
+ fail_on_swap: True
token:
kubelet: ${_param:kubernetes_kubelet_token}
kube_proxy: ${_param:kubernetes_kube-proxy_token}
ca: kubernetes
network:
- hash: 77169cdadb80a5e33e9d9fe093ed0d99
- etcd:
- members:
- - host: ${_param:master_address}
- port: 4001
+ calico:
+ etcd:
+ members:
+ - host: ${_param:master_address}
+ port: 4001
diff --git a/tests/pillar/common_storageclass.sls b/tests/pillar/common_storageclass.sls
index 6050fe9..fbe6562 100644
--- a/tests/pillar/common_storageclass.sls
+++ b/tests/pillar/common_storageclass.sls
@@ -16,17 +16,17 @@
enabled: true
network:
engine: calico
- hash: fb5e30ebe6154911a66ec3fb5f1195b2
- private_ip_range: 10.150.0.0/16
- version: v0.19.0
- etcd:
- members:
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
+ calico:
+ calicoctl_image: calico/ctl
+ cni_image: calico/cni
+ etcd:
+ members:
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
service_addresses: 10.254.0.0/16
storage:
engine: glusterfs
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index a0c2a2c..e734b66 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -71,17 +71,17 @@
allow_privileged: true
network:
engine: calico
- hash: 9D8F997FEE542420B15986FEA0EDF253
- private_ip_range: 10.150.0.0/16
- version: v1.6.3
- etcd:
- members:
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
+ calico:
+ calicoctl_image: calico/ctl
+ cni_image: calico/cni
+ etcd:
+ members:
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
service_addresses: 10.254.0.0/16
storage:
engine: glusterfs
diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls
index 1dc2f0b..677d7b2 100644
--- a/tests/pillar/pool_cluster.sls
+++ b/tests/pillar/pool_cluster.sls
@@ -50,21 +50,15 @@
kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
ca: kubernetes
network:
- calicoctl:
- image: calico/ctl
- cni:
- image: calico/cni
engine: calico
- hash: c15ae251b633109e63bf128c2fbbc34a
- ipam:
- hash: 6e6d7fac0567a8d90a334dcbfd019a99
- version: v1.3.1
- version: v0.20.0
- etcd:
- members:
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
+ calico:
+ calicoctl_image: calico/ctl
+ cni_image: calico/cni
+ etcd:
+ members:
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
diff --git a/tests/pillar/pool_cluster_with_domain.sls b/tests/pillar/pool_cluster_with_domain.sls
index f756dd4..dba2f0b 100644
--- a/tests/pillar/pool_cluster_with_domain.sls
+++ b/tests/pillar/pool_cluster_with_domain.sls
@@ -51,21 +51,15 @@
kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
ca: kubernetes
network:
- calicoctl:
- image: calico/ctl
- cni:
- image: calico/cni
engine: calico
- hash: c15ae251b633109e63bf128c2fbbc34a
- ipam:
- hash: 6e6d7fac0567a8d90a334dcbfd019a99
- version: v1.3.1
- version: v0.20.0
- etcd:
- members:
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
- - host: 127.0.0.1
- port: 4001
+ calico:
+ calicoctl_image: calico/ctl
+ cni_image: calico/cni
+ etcd:
+ members:
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001
+ - host: 127.0.0.1
+ port: 4001