Merge "Add grain for current kubernetes_version"
diff --git a/README.rst b/README.rst
index ed82007..315a648 100644
--- a/README.rst
+++ b/README.rst
@@ -43,6 +43,17 @@
helm:
enabled: true
+Enable calico-policy addon
+
+.. code-block:: yaml
+
+ parameters:
+ kubernetes:
+ master:
+ addons:
+ calico_policy:
+ enabled: true
+
Enable netchecker addon
.. code-block:: yaml
@@ -259,7 +270,7 @@
Kubernetes control plane running in systemd
-------------------------------------------
-By default kube-apiserver, kube-scheduler, kube-controllermanager, kube-proxy, etcd running in docker containers through manifests. For stable production environment this should be run in systemd.
+By default kube-apiserver, kube-scheduler, kube-controllermanager, kube-proxy, etcd running in docker containers through manifests. For stable production environment this should be run in systemd.
.. code-block:: yaml
@@ -380,6 +391,27 @@
ssl:
enabled: true
+Running with calico-policy controller:
+
+.. code-block:: yaml
+
+ kubernetes:
+ pool:
+ network:
+ engine: calico
+ addons:
+ calico_policy:
+ enabled: true
+
+ master:
+ network:
+ engine: calico
+ addons:
+ calico_policy:
+ enabled: true
+
+
+
Enable Prometheus metrics in Felix
.. code-block:: yaml
diff --git a/kubernetes/files/calico/calico.conf b/kubernetes/files/calico/calico.conf
index 119f638..0401f37 100644
--- a/kubernetes/files/calico/calico.conf
+++ b/kubernetes/files/calico/calico.conf
@@ -1,4 +1,5 @@
{%- from "kubernetes/map.jinja" import pool with context %}
+{%- from "kubernetes/map.jinja" import master with context %}
{
"name": "calico-k8s-network",
"type": "calico",
@@ -8,6 +9,11 @@
"etcd_cert_file": "/var/lib/etcd/etcd-client.pem",
"etcd_ca_cert_file": "/var/lib/etcd/ca.pem",
{%- endif %}
+{%- if master.get('addons', {}).get('calico_policy', {}).get('enabled', False) %}
+ "policy": {
+ "type": "k8s"
+ },
+{%- endif %}
"log_level": "info",
"ipam": {
"type": "calico-ipam"
diff --git a/kubernetes/files/grafana_dashboards/calico_prometheus.json b/kubernetes/files/grafana_dashboards/calico_prometheus.json
new file mode 100644
index 0000000..7d4483c
--- /dev/null
+++ b/kubernetes/files/grafana_dashboards/calico_prometheus.json
@@ -0,0 +1,1547 @@
+{% raw %}{
+ "description": "Monitors Calico cluster using Prometheus. Shows overall cluster processes and usage>",
+ "editable": true,
+ "gnetId": 315,
+ "graphTooltip": 0,
+ "hideControls": false,
+ "id": null,
+ "links": [],
+ "refresh": "1m",
+ "rows": [
+ {
+ "collapse": false,
+ "height": "250px",
+ "panels": [
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": true,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": "prometheus",
+ "editable": true,
+ "error": false,
+ "format": "percent",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "height": "250px",
+ "id": 13,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 2,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum (procstat_running{process_name=~\"calico-docker\",host=~\"^$Node$\"}) / count(machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100",
+ "format": "time_series",
+ "interval": "10s",
+ "intervalFactor": 1,
+ "legendFormat": "",
+ "refId": "A",
+ "step": 30
+ }
+ ],
+ "thresholds": "30, 80",
+ "title": "Container",
+ "transparent": false,
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": true,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": "prometheus",
+ "editable": true,
+ "error": false,
+ "format": "percent",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "height": "250px",
+ "id": 1,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 2,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum (procstat_running{process_name=~\"bird\",host=~\"^$Node$\"}) / count(machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100",
+ "format": "time_series",
+ "interval": "10s",
+ "intervalFactor": 1,
+ "legendFormat": "",
+ "refId": "A",
+ "step": 30
+ }
+ ],
+ "thresholds": "30, 80",
+ "title": "Bird",
+ "transparent": false,
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": true,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": "prometheus",
+ "editable": true,
+ "error": false,
+ "format": "percent",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "height": "250px",
+ "id": 2,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 2,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum (procstat_running{process_name=~\"bird6\",host=~\"^$Node$\"}) / count(machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100",
+ "format": "time_series",
+ "interval": "10s",
+ "intervalFactor": 1,
+ "legendFormat": "",
+ "refId": "A",
+ "step": 30
+ }
+ ],
+ "thresholds": "30, 80",
+ "title": "Bird6",
+ "transparent": false,
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": true,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": "prometheus",
+ "editable": true,
+ "error": false,
+ "format": "percent",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "height": "250px",
+ "id": 3,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 2,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum (procstat_running{process_name=~\"confd\",host=~\"^$Node$\"}) / count(machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100",
+ "format": "time_series",
+ "interval": "10s",
+ "intervalFactor": 1,
+ "legendFormat": "",
+ "refId": "A",
+ "step": 30
+ }
+ ],
+ "thresholds": "30, 80",
+ "title": "Confd",
+ "transparent": false,
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "cacheTimeout": null,
+ "colorBackground": false,
+ "colorValue": true,
+ "colors": [
+ "rgba(245, 54, 54, 0.9)",
+ "rgba(237, 129, 40, 0.89)",
+ "rgba(50, 172, 45, 0.97)"
+ ],
+ "datasource": "prometheus",
+ "editable": true,
+ "error": false,
+ "format": "percent",
+ "gauge": {
+ "maxValue": 100,
+ "minValue": 0,
+ "show": false,
+ "thresholdLabels": false,
+ "thresholdMarkers": true
+ },
+ "height": "250px",
+ "id": 4,
+ "interval": null,
+ "links": [],
+ "mappingType": 1,
+ "mappingTypes": [
+ {
+ "name": "value to text",
+ "value": 1
+ },
+ {
+ "name": "range to text",
+ "value": 2
+ }
+ ],
+ "maxDataPoints": 100,
+ "nullPointMode": "connected",
+ "nullText": null,
+ "postfix": "",
+ "postfixFontSize": "50%",
+ "prefix": "",
+ "prefixFontSize": "50%",
+ "rangeMaps": [
+ {
+ "from": "null",
+ "text": "N/A",
+ "to": "null"
+ }
+ ],
+ "span": 2,
+ "sparkline": {
+ "fillColor": "rgba(31, 118, 189, 0.18)",
+ "full": false,
+ "lineColor": "rgb(31, 120, 193)",
+ "show": true
+ },
+ "tableColumn": "",
+ "targets": [
+ {
+ "expr": "sum (procstat_running{process_name=~\"calico-felix\",host=~\"^$Node$\"}) / count(machine_cpu_cores{kubernetes_io_hostname=~\"^$Node$\"}) * 100",
+ "format": "time_series",
+ "interval": "10s",
+ "intervalFactor": 1,
+ "legendFormat": "",
+ "refId": "A",
+ "step": 30
+ }
+ ],
+ "thresholds": "30, 80",
+ "title": "Felix",
+ "transparent": false,
+ "type": "singlestat",
+ "valueFontSize": "80%",
+ "valueMaps": [
+ {
+ "op": "=",
+ "text": "N/A",
+ "value": "null"
+ }
+ ],
+ "valueName": "current"
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "decimals": 0,
+ "editable": true,
+ "error": false,
+ "fill": 1,
+ "grid": {},
+ "id": 5,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": true,
+ "show": true,
+ "sideWidth": 200,
+ "sort": "current",
+ "sortDesc": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 2,
+ "links": [],
+ "nullPointMode": "connected",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "span": 12,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum(procstat_running{host=~\"^$Node$\", process_name=~\"calico-docker|bird.*|calico-felix|confd\"}) by (host, process_name)",
+ "interval": "10s",
+ "intervalFactor": 1,
+ "legendFormat": "-> {{ process_name }} {{ host }}",
+ "metric": "",
+ "refId": "A",
+ "step": 10
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Processes by Host",
+ "tooltip": {
+ "msResolution": false,
+ "shared": true,
+ "sort": 2,
+ "value_type": "cumulative"
+ },
+ "type": "graph",
+ "xaxis": {
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": false
+ }
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Processes",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": 250,
+ "panels": [
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 14,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (bird_mem_protocols) by (host)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ host }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "IPv4 Protocols",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 15,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (bird_mem_roa_tables) by (host)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ host }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "IPv4 ROA Tables",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 16,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (bird_mem_route_attributes) by (host)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ host }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "IPv4 Route Attributes",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 17,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (bird_mem_routing_tables) by (host)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ host }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "IPv4 Routing Tables",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 18,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (bird_mem_total) by (host)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ host }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "IPv4 Total",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "bytes",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ }
+ ]
+ },
+ {
+ "content": "",
+ "id": 19,
+ "links": [],
+ "mode": "markdown",
+ "span": 4,
+ "title": "",
+ "type": "text"
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Bird Memory",
+ "titleSize": "h6"
+ },
+ {
+ "collapse": false,
+ "height": 250,
+ "panels": [
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 6,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 3,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_active_local_endpoints) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Active Local Endpoints",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 7,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 3,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_active_local_policies) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Active Local Policies",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 8,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 3,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_active_local_selectors) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Active Local Selectors",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 9,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 3,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_active_local_tags) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Active Local Tags",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 10,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_cluster_num_host_endpoints) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Cluster Host Endpoints",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 11,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_cluster_num_workload_endpoints) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Cluster Workload Endpoints",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ },
+ {
+ "aliasColors": {},
+ "bars": false,
+ "dashLength": 10,
+ "dashes": false,
+ "decimals": 0,
+ "fill": 1,
+ "id": 12,
+ "legend": {
+ "alignAsTable": true,
+ "avg": false,
+ "current": true,
+ "max": true,
+ "min": true,
+ "rightSide": false,
+ "show": true,
+ "total": false,
+ "values": true
+ },
+ "lines": true,
+ "linewidth": 1,
+ "links": [],
+ "nullPointMode": "null",
+ "percentage": false,
+ "pointradius": 5,
+ "points": false,
+ "renderer": "flot",
+ "seriesOverrides": [],
+ "spaceLength": 10,
+ "span": 4,
+ "stack": false,
+ "steppedLine": false,
+ "targets": [
+ {
+ "expr": "sum (felix_cluster_num_hosts) by (instance)",
+ "format": "time_series",
+ "intervalFactor": 2,
+ "legendFormat": "-> {{ instance }}",
+ "refId": "A",
+ "step": 20
+ }
+ ],
+ "thresholds": [],
+ "timeFrom": null,
+ "timeShift": null,
+ "title": "Cluster Hosts",
+ "tooltip": {
+ "shared": true,
+ "sort": 0,
+ "value_type": "individual"
+ },
+ "type": "graph",
+ "xaxis": {
+ "buckets": null,
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
+ },
+ "yaxes": [
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": "0",
+ "show": true
+ },
+ {
+ "format": "short",
+ "label": null,
+ "logBase": 1,
+ "max": null,
+ "min": null,
+ "show": true
+ }
+ ]
+ }
+ ],
+ "repeat": null,
+ "repeatIteration": null,
+ "repeatRowId": null,
+ "showTitle": true,
+ "title": "Felix",
+ "titleSize": "h6"
+ }
+ ],
+ "schemaVersion": 14,
+ "sharedCrosshair": true,
+ "style": "dark",
+ "tags": [
+ "calico"
+ ],
+ "templating": {
+ "list": [
+ {
+ "allValue": ".*",
+ "current": {},
+ "hide": 0,
+ "includeAll": true,
+ "label": null,
+ "multi": true,
+ "name": "Node",
+ "options": [],
+ "query": "label_values(kubernetes_io_hostname)",
+ "refresh": 1,
+ "refresh_on_load": true,
+ "regex": "",
+ "sort": 0,
+ "tagValuesQuery": "",
+ "tags": [],
+ "tagsQuery": "",
+ "type": "query",
+ "useTags": false
+ }
+ ]
+ },
+ "time": {
+ "from": "now-1h",
+ "to": "now"
+ },
+ "timepicker": {
+ "refresh_intervals": [
+ "5s",
+ "10s",
+ "30s",
+ "1m",
+ "5m",
+ "15m",
+ "30m",
+ "1h",
+ "2h",
+ "1d"
+ ],
+ "time_options": [
+ "5m",
+ "15m",
+ "1h",
+ "6h",
+ "12h",
+ "24h",
+ "2d",
+ "7d",
+ "30d"
+ ]
+ },
+ "timezone": "browser",
+ "title": "Calico cluster monitoring (via Prometheus)",
+ "version": 3
+}{% endraw %}
diff --git a/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json b/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json
index 05ef642..ee49457 100644
--- a/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json
+++ b/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json
@@ -937,99 +937,6 @@
"fill": 0,
"grid": {},
"height": "",
- "id": 23,
- "isNew": true,
- "legend": {
- "alignAsTable": true,
- "avg": true,
- "current": true,
- "max": false,
- "min": false,
- "rightSide": true,
- "show": true,
- "sort": "current",
- "sortDesc": true,
- "total": false,
- "values": true
- },
- "lines": true,
- "linewidth": 2,
- "links": [],
- "nullPointMode": "connected",
- "percentage": false,
- "pointradius": 5,
- "points": false,
- "renderer": "flot",
- "seriesOverrides": [],
- "span": 12,
- "stack": false,
- "steppedLine": true,
- "targets": [
- {
- "expr": "sum (rate (container_cpu_usage_seconds_total{systemd_service_name!=\"\",kubernetes_io_hostname=~\"^$Node$\"}[1m])) by (systemd_service_name)",
- "hide": false,
- "interval": "10s",
- "intervalFactor": 1,
- "legendFormat": "{{ systemd_service_name }}",
- "metric": "container_cpu",
- "refId": "A",
- "step": 10
- }
- ],
- "thresholds": [],
- "timeFrom": null,
- "timeShift": null,
- "title": "System services CPU usage (1m avg)",
- "tooltip": {
- "msResolution": true,
- "shared": true,
- "sort": 2,
- "value_type": "cumulative"
- },
- "type": "graph",
- "xaxis": {
- "show": true
- },
- "yaxes": [
- {
- "format": "none",
- "label": "cores",
- "logBase": 1,
- "max": null,
- "min": null,
- "show": true
- },
- {
- "format": "short",
- "label": null,
- "logBase": 1,
- "max": null,
- "min": null,
- "show": false
- }
- ]
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "System services CPU usage",
- "titleSize": "h6"
- },
- {
- "collapse": true,
- "height": "250px",
- "panels": [
- {
- "aliasColors": {},
- "bars": false,
- "decimals": 3,
- "editable": true,
- "error": false,
- "fill": 0,
- "grid": {},
- "height": "",
"id": 24,
"isNew": true,
"legend": {
@@ -1103,7 +1010,10 @@
},
"type": "graph",
"xaxis": {
- "show": true
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
},
"yaxes": [
{
@@ -1195,7 +1105,10 @@
},
"type": "graph",
"xaxis": {
- "show": true
+ "mode": "time",
+ "name": null,
+ "show": true,
+ "values": []
},
"yaxes": [
{
@@ -1330,100 +1243,6 @@
"error": false,
"fill": 0,
"grid": {},
- "id": 26,
- "legend": {
- "alignAsTable": true,
- "avg": true,
- "current": true,
- "max": false,
- "min": false,
- "rightSide": true,
- "show": true,
- "sideWidth": 200,
- "sort": "current",
- "sortDesc": true,
- "total": false,
- "values": true
- },
- "lines": true,
- "linewidth": 2,
- "links": [],
- "nullPointMode": "connected",
- "percentage": false,
- "pointradius": 5,
- "points": false,
- "renderer": "flot",
- "seriesOverrides": [],
- "span": 12,
- "stack": false,
- "steppedLine": true,
- "targets": [
- {
- "expr": "sum (container_memory_working_set_bytes{systemd_service_name!=\"\",kubernetes_io_hostname=~\"^$Node$\"}) by (systemd_service_name)",
- "interval": "10s",
- "intervalFactor": 1,
- "legendFormat": "{{ systemd_service_name }}",
- "metric": "container_memory_usage:sort_desc",
- "refId": "A",
- "step": 10
- }
- ],
- "thresholds": [],
- "timeFrom": null,
- "timeShift": null,
- "title": "System services memory usage",
- "tooltip": {
- "msResolution": false,
- "shared": true,
- "sort": 2,
- "value_type": "cumulative"
- },
- "type": "graph",
- "xaxis": {
- "mode": "time",
- "name": null,
- "show": true,
- "values": []
- },
- "yaxes": [
- {
- "format": "bytes",
- "label": null,
- "logBase": 1,
- "max": null,
- "min": null,
- "show": true
- },
- {
- "format": "short",
- "label": null,
- "logBase": 1,
- "max": null,
- "min": null,
- "show": false
- }
- ]
- }
- ],
- "repeat": null,
- "repeatIteration": null,
- "repeatRowId": null,
- "showTitle": false,
- "title": "System services memory usage",
- "titleSize": "h6"
- },
- {
- "collapse": false,
- "height": "250px",
- "panels": [
- {
- "aliasColors": {},
- "bars": false,
- "decimals": 2,
- "editable": true,
- "error": false,
- "fill": 0,
- "grid": {},
"id": 27,
"legend": {
"alignAsTable": true,
@@ -2028,6 +1847,6 @@
]
},
"timezone": "browser",
- "title": "Kubernetes cluster monitoring (via Prometheus)",
- "version": 3
+ "title": "Kubernetes cluster monitoring",
+ "version": 2
}{% endraw %}
diff --git a/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
new file mode 100644
index 0000000..b5f25e9
--- /dev/null
+++ b/kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
@@ -0,0 +1,68 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+{%- from "kubernetes/map.jinja" import pool with context %}
+apiVersion: extensions/v1beta1
+kind: ReplicaSet
+metadata:
+ name: calico-policy-controller
+ namespace: {{ master.addons.calico_policy.namespace }}
+ labels:
+ k8s-app: calico-policy
+ kubernetes.io/cluster-service: "true"
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ kubernetes.io/cluster-service: "true"
+ k8s-app: calico-policy
+ template:
+ metadata:
+ name: calico-policy-controller
+ namespace: {{ master.addons.calico_policy.namespace }}
+ labels:
+ kubernetes.io/cluster-service: "true"
+ k8s-app: calico-policy
+ spec:
+ hostNetwork: true
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+ containers:
+ - name: calico-policy-controller
+ image: {{ master.addons.calico_policy.image }}
+ imagePullPolicy: IfNotPresent
+ resources:
+ limits:
+ cpu: 100m
+ memory: 256M
+ requests:
+ cpu: 30m
+ memory: 64M
+ env:
+ - name: ETCD_ENDPOINTS
+ value: "{% for member in pool.network.etcd.members %}http{% if pool.network.etcd.get('ssl', {}).get('enabled') %}s{% endif %}://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}"
+ - name: ETCD_CA_CERT_FILE
+ value: "/var/lib/etcd/ca.pem"
+ - name: ETCD_CERT_FILE
+ value: "/var/lib/etcd/etcd-client.pem"
+ - name: ETCD_KEY_FILE
+ value: "/var/lib/etcd/etcd-client.pem"
+ # Location of the Kubernetes API - this shouldn't need to be
+ # changed so long as it is used in conjunction with
+ # CONFIGURE_ETC_HOSTS="true".
+ - name: K8S_API
+ value: "https://kubernetes.default"
+ # Configure /etc/hosts within the container to resolve
+ # the kubernetes.default Service to the correct clusterIP
+ # using the environment provided by the kubelet.
+ # This removes the need for KubeDNS to resolve the Service.
+ - name: CONFIGURE_ETC_HOSTS
+ value: "true"
+ volumeMounts:
+ - mountPath: /var/lib/etcd/
+ name: etcd-certs
+ readOnly: true
+ volumes:
+ - hostPath:
+ path: /var/lib/etcd
+ name: etcd-certs
+
diff --git a/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml b/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml
index be4190b..2260a7b 100644
--- a/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml
+++ b/kubernetes/files/kube-addons/dns/kubedns-autoscaler.yaml
@@ -12,6 +12,9 @@
labels:
k8s-app: kube-dns-autoscaler
spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- name: autoscaler
image: gcr.io/google_containers/cluster-proportional-autoscaler-amd64:1.0.0
diff --git a/kubernetes/files/kube-addons/dns/kubedns-rc.yaml b/kubernetes/files/kube-addons/dns/kubedns-rc.yaml
index bfc4d47..514bc26 100644
--- a/kubernetes/files/kube-addons/dns/kubedns-rc.yaml
+++ b/kubernetes/files/kube-addons/dns/kubedns-rc.yaml
@@ -45,6 +45,9 @@
scheduler.alpha.kubernetes.io/critical-pod: ''
scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- name: kubedns
image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.11.0
diff --git a/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml b/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
index 8c452e0..b1828ce 100644
--- a/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
+++ b/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
@@ -20,6 +20,9 @@
app: helm
name: tiller
spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- image: {{ master.addons.helm.tiller_image }}
imagePullPolicy: IfNotPresent
diff --git a/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml b/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml
index 52d0443..755bf11 100644
--- a/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml
+++ b/kubernetes/files/kube-addons/netchecker/netchecker-agent.yml
@@ -13,6 +13,9 @@
labels:
app: netchecker-agent
spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- name: netchecker-agent
image: {{ master.addons.netchecker.agent_image }}
diff --git a/kubernetes/files/kube-addons/netchecker/netchecker-server.yml b/kubernetes/files/kube-addons/netchecker/netchecker-server.yml
index 88170f1..fdd52ab 100644
--- a/kubernetes/files/kube-addons/netchecker/netchecker-server.yml
+++ b/kubernetes/files/kube-addons/netchecker/netchecker-server.yml
@@ -11,6 +11,9 @@
labels:
app: netchecker-server
spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- name: netchecker-server
image: {{ master.addons.netchecker.server_image }}
diff --git a/kubernetes/files/kube-addons/registry/registry-rc.yaml b/kubernetes/files/kube-addons/registry/registry-rc.yaml
index 9e1a1de..055e596 100644
--- a/kubernetes/files/kube-addons/registry/registry-rc.yaml
+++ b/kubernetes/files/kube-addons/registry/registry-rc.yaml
@@ -20,6 +20,9 @@
version: v0
kubernetes.io/cluster-service: "true"
spec:
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- name: registry
image: registry:2.5.1
diff --git a/kubernetes/files/kubelet/default.master b/kubernetes/files/kubelet/default.master
index 840b707..c7329cd 100644
--- a/kubernetes/files/kubelet/default.master
+++ b/kubernetes/files/kubelet/default.master
@@ -9,6 +9,7 @@
--cluster_domain={{ master.addons.dns.domain }} \
--cni-bin-dir={{ master.apiserver.get('cni_bin_dir', '/opt/cni/bin') }} \
--v={{ master.get('verbosity', 2) }} \
+--node-labels=node-role.kubernetes.io/master=true \
{%- for key, value in master.get('kubelet', {}).get('daemon_opts', {}).iteritems() %}
--{{ key }}="{{ value }}" \
{%- endfor %}
diff --git a/kubernetes/files/kubelet/default.pool b/kubernetes/files/kubelet/default.pool
index 3bf4708..e191738 100644
--- a/kubernetes/files/kubelet/default.pool
+++ b/kubernetes/files/kubelet/default.pool
@@ -10,6 +10,7 @@
--cluster_domain={{ pool.cluster_domain }} \
--cni-bin-dir={{ pool.apiserver.get('cni_bin_dir', '/opt/cni/bin') }} \
--v={{ pool.get('verbosity', 2) }} \
+--node-labels=node-role.kubernetes.io/node=true \
{%- if pool.network.engine in ['calico', 'opencontrail'] %}
--network-plugin=cni \
--network-plugin-dir=/etc/cni/net.d \
diff --git a/kubernetes/master/controller.sls b/kubernetes/master/controller.sls
index 674fec2..3e89830 100644
--- a/kubernetes/master/controller.sls
+++ b/kubernetes/master/controller.sls
@@ -227,6 +227,13 @@
{%- endfor %}
+{%- if master.get('unschedulable', 'false') %}
+kubernetes_taint_master_{{ master.host.name }}:
+ cmd.run:
+ - name: kubectl taint --overwrite nodes {{ master.host.name }} node-role.kubernetes.io/master=:NoSchedule
+
+{%- endif %}
+
{%- if master.registry.secret is defined %}
{%- for name,registry in master.registry.secret.iteritems() %}
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index 610e85f..83a4d0b 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -8,6 +8,18 @@
- group: root
- mode: 0755
+{%- if master.addons.get('calico_policy', {}).get('enabled', False) and master.network.engine == "calico" %}
+/etc/kubernetes/addons/calico_policy/calico-policy-controller.yml:
+ file.managed:
+ - source: salt://kubernetes/files/kube-addons/calico-policy/calico-policy-controller.yml
+ - template: jinja
+ - group: root
+ - dir_mode: 755
+ - makedirs: True
+
+{% endif %}
+
+
{%- if master.addons.helm.enabled %}
/etc/kubernetes/addons/helm/helm-tiller-deploy.yml:
file.managed:
diff --git a/kubernetes/master/setup.sls b/kubernetes/master/setup.sls
index 432cdce..f994d6a 100644
--- a/kubernetes/master/setup.sls
+++ b/kubernetes/master/setup.sls
@@ -8,7 +8,7 @@
cmd.run:
- name: |
hyperkube kubectl apply -f /etc/kubernetes/addons/{{ addon_name }}
- - unless: "hyperkube kubectl get svc kube-{{ addon.get('name', addon_name) }} --namespace=kube-system"
+ - unless: "hyperkube kubectl get svc kube-{{ addon.get('name', addon_name) }} --namespace={{ addon.get('namespace', 'kube-system') }}"
{%- endif %}
{%- endfor %}
diff --git a/kubernetes/meta/grafana.yml b/kubernetes/meta/grafana.yml
index 1404db7..563802d 100644
--- a/kubernetes/meta/grafana.yml
+++ b/kubernetes/meta/grafana.yml
@@ -1,4 +1,9 @@
{%- from "kubernetes/map.jinja" import common with context %}
+{%- from "kubernetes/map.jinja" import master with context %}
+
+{%- if master.get('enabled', False) %}
+{% set network = master.get('network', []) %}
+{% endif %}
dashboard:
{%- if common.monitoring is defined %}
@@ -18,14 +23,21 @@
kubernetes-application-prometheus:
format: json
template: kubernetes/files/grafana_dashboards/kubernetes_app_prometheus.json
+{%- if network is defined and network.get('engine') == 'calico' %}
+ calico-prometheus:
+ format: json
+ template: kubernetes/files/grafana_dashboards/calico_prometheus.json
+{%- endif %}
{%- endif %}
{%- if 'influxdb' in backend %}
kubernetes:
format: json
template: kubernetes/files/grafana_dashboards/kubernetes_influxdb.json
+{%- if network is defined and network.get('engine') == 'calico' %}
calico:
format: json
template: kubernetes/files/grafana_dashboards/calico_influxdb.json
+{%- endif %}
main:
row:
kubernetes-control-plane:
diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml
index 3cb4c03..ddeba5e 100644
--- a/metadata/service/master/cluster.yml
+++ b/metadata/service/master/cluster.yml
@@ -7,8 +7,11 @@
kubernetes:
master:
enabled: true
+ unschedulable: true
registry:
host: tcpcloud
+ host:
+ name: ${linux:system:name}
service_addresses: 10.254.0.0/16
admin:
username: ${_param:kubernetes_admin_user}
@@ -57,6 +60,10 @@
port: 80
agent_image: quay.io/l23network/k8s-netchecker-agent:v1.0
server_image: quay.io/l23network/k8s-netchecker-server:v1.0
+ calico_policy:
+ enabled: False
+ image: calico/kube-policy-controller:v0.5.4
+ namespace: kube-system
token:
admin: ${_param:kubernetes_admin_token}
kubelet: ${_param:kubernetes_kubelet_token}
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index a8bc63a..d9d24a1 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -7,8 +7,11 @@
kubernetes:
master:
enabled: true
+ unschedulable: false
registry:
host: tcpcloud
+ host:
+ name: ${linux:system:name}
service_addresses: 10.254.0.0/16
admin:
username: ${_param:kubernetes_admin_user}
@@ -45,6 +48,10 @@
helm:
enabled: False
tiller_image: gcr.io/kubernetes-helm/tiller:v2.3.0
+ calico_policy:
+ enabled: False
+ image: calico/kube-policy-controller:v0.5.4
+ namespace: kube-system
token:
admin: ${_param:kubernetes_admin_token}
kubelet: ${_param:kubernetes_kubelet_token}
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index c253e9d..05434a1 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -24,17 +24,22 @@
tiller_image: gcr.io/kubernetes-helm/tiller:v2.2.3
netchecker:
enabled: true
+ calico_policy:
+ enabled: true
admin:
password: password
username: admin
registry:
host: tcpcloud
+ host:
+ name: node040
apiserver:
address: 10.0.175.100
insecure_address: 127.0.0.1
insecure_port: 8080
ca: kubernetes
enabled: true
+ unschedulable: true
etcd:
members:
- host: 10.0.175.100