add contrail 4.0 support
Change-Id: Ic24786d8c28db00912f7dbbac74af80dcdd84755
diff --git a/.kitchen.yml b/.kitchen.yml
index 700fbdc..8d54651 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -18,6 +18,7 @@
- name: linux
repo: git
source: https://github.com/salt-formulas/salt-formula-linux
+
state_top:
base:
"*":
@@ -28,6 +29,7 @@
base:
"*":
- linux_repo_docker
+ - linux_repo_opencontrail
- linux
- kubernetes
linux.sls:
@@ -37,6 +39,7 @@
name: kubernetes
pillars-from-files:
linux_repo_docker.sls: tests/pillar/repo_docker.sls
+ linux_repo_opencontrail.sls: tests/pillar/repo_contrail.sls
verifier:
name: inspec
@@ -64,5 +67,14 @@
pillars-from-files:
kubernetes.sls: tests/pillar/master_contrail.sls
+ - name: master_contrail4_0
+ provisioner:
+ pillars-from-files:
+ kubernetes.sls: tests/pillar/master_contrail4_0.sls
+
+ - name: pool_contrail4_0
+ provisioner:
+ pillars-from-files:
+ kubernetes.sls: tests/pillar/pool_contrail4_0.sls
# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/kubernetes/files/opencontrail/4.0/contrail-kubernetes.conf b/kubernetes/files/opencontrail/4.0/contrail-kubernetes.conf
new file mode 100644
index 0000000..16a68d5
--- /dev/null
+++ b/kubernetes/files/opencontrail/4.0/contrail-kubernetes.conf
@@ -0,0 +1,59 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+[KUBERNETES]
+kubernetes_api_server={{ master.apiserver.insecure_address }}
+kubernetes_api_port={{ master.apiserver.insecure_port }}
+kubernetes_api_secure_port=443
+service_subnets={{ master.network.get('service_subnets', '10.96.0.0/12') }}
+pod_subnets={{ master.network.get('pod_subnets', '10.32.0.0/12') }}
+cluster_name={{ master.network.get('cluster_name', 'default') }}
+cluster_project={{ master.network.get('cluster_project', '{}') }}
+cluster_network={{ master.network.get('cluster_network', '') }}
+kubernetes_cluster_domain={{ master.network.get('cluster_domain', 'default-domain') }}
+kubernetes_cluster_name={{ master.network.get('cluster_name', 'kubernetes') }}
+kubernetes_cluster_owner={{ master.network.get('cluster_owner', 'k8s') }}
+kubernetes_service_name={{ master.network.get('service_name', 'kubernetes') }}
+
+[VNC]
+vnc_endpoint_ip = {{ master.network.config.api.host }}
+vnc_endpoint_port = {{ master.network.config.api.get('port', 8082) }}
+admin_user = {{ master.network.identity.get('auth_user', 'admin') }}
+admin_password = {{ master.network.identity.get('auth_password', 'admin') }}
+admin_tenant = {{ master.network.identity.get('auth_tenant', 'admin') }}
+rabbit_server={{ master.network.message_queue.host }}
+rabbit_port={{ master.network.message_queue.get('port', 5672) }}
+rabbit_user={{ master.network.message_queue.get('user', 'guest') }}
+rabbit_password={{ master.network.message_queue.get('password', 'guest') }}
+rabbit_vhost={{ master.network.message_queue.get('vhost', '/') }}
+rabbit_ha_mode={{ master.network.message_queue.get('ha_mode', False) }}
+rabbit_use_ssl={{ master.network.message_queue.get('use_ssl', False) }}
+{%- if master.network.message_queue.get('use_ssl', False) == True %}
+kombu_ssl_version={{ master.network.message_queue.ssl_version }}
+kombu_ssl_keyfile={{ master.network.message_queue.ssl_keyfile }}
+kombu_ssl_certfile={{ master.network.message_queue.ssl_certfile }}
+kombu_ssl_ca_certs={{ master.network.message_queue.ssl_ca_certs }}
+{%- endif %}
+cassandra_server_list={% for member in master.network.database.members %}{{ member.host }}:9160 {% endfor %}
+cassandra_user={{ master.network.database.get('user', None) }}
+cassandra_password={{ master.network.database.get('password', None) }}
+cluster_id=
+public_fip_pool={{ master.network.get('public_pool', '{}') }}
+
+[DEFAULTS]
+log_local=1
+log_level=SYS_DEBUG
+log_file=/var/log/contrail/contrail-kube-manager.log
+collectors={% for member in master.network.collector.members %}{{ member.host }}:8086 {% endfor %}
+nested_mode={{ master.network.get('nested_mode', 0) }}
+
+[SANDESH]
+#sandesh_ssl_enable=False
+#introspect_ssl_enable=False
+#sandesh_keyfile=/etc/contrail/ssl/private/server-privkey.pem
+#sandesh_certfile=/etc/contrail/ssl/certs/server.pem
+#sandesh_ca_cert=/etc/contrail/ssl/certs/ca-cert.pem
+
+[AUTH]
+auth_token_url={{ master.network.identity.get('auth_token_url', None) }}
+auth_user={{ master.network.identity.get('auth_user', 'admin') }}
+auth_password={{ master.network.identity.get('auth_token_url', 'admin') }}
+auth_tenant={{ master.network.identity.get('auth_token_url', 'admin') }}
\ No newline at end of file
diff --git a/kubernetes/files/opencontrail/opencontrail.conf b/kubernetes/files/opencontrail/opencontrail.conf
index a1ba7f4..128c0a7 100644
--- a/kubernetes/files/opencontrail/opencontrail.conf
+++ b/kubernetes/files/opencontrail/opencontrail.conf
@@ -2,7 +2,7 @@
{
"cniVersion": "0.2.0",
"contrail" : {
- "apiserver": {"address": "{{ pool.network.opencontrail.address }}", "port": {{ pool.network.opencontrail.get('port', 8082) }}, "default-domain": "default-domain"},
+ "apiserver": {"address": "{{ pool.network.config.api.address }}", "port": {{ pool.network.config.api.get('port', 8082) }}, "default-domain": "default-domain"},
"vrouter" : {
"ip" : "127.0.0.1",
"port" : 9091
diff --git a/kubernetes/master/init.sls b/kubernetes/master/init.sls
index a040326..7d00fd6 100644
--- a/kubernetes/master/init.sls
+++ b/kubernetes/master/init.sls
@@ -5,6 +5,9 @@
{%- if master.network.engine == "flannel" %}
- kubernetes.master.flannel
{%- endif %}
+{%- if master.network.engine == "opencontrail" %}
+- kubernetes.master.opencontrail
+{%- endif %}
{%- if master.network.engine == "calico" %}
{%- if not pillar.kubernetes.pool is defined %}
- kubernetes.master.calico
diff --git a/kubernetes/master/opencontrail.sls b/kubernetes/master/opencontrail.sls
new file mode 100644
index 0000000..246b216
--- /dev/null
+++ b/kubernetes/master/opencontrail.sls
@@ -0,0 +1,33 @@
+{%- from "kubernetes/map.jinja" import master with context %}
+{%- if master.enabled %}
+{%- if master.network.get('version', '3.0') != '3.0' %}
+
+opencontrail_kube_manager_package:
+ pkg.installed:
+ - name: contrail-kube-manager
+ - force_yes: True
+
+/etc/contrail/contrail-kubernetes.conf:
+ file.managed:
+ - source: salt://kubernetes/files/opencontrail/{{ master.network.version }}/contrail-kubernetes.conf
+ - template: jinja
+ - require:
+ - pkg: opencontrail_kube_manager_package
+
+{%- if master.network.get('systemd', true) %}
+
+contrail_kube_manager:
+ service.running:
+ - name: contrail-kube-manager
+ - enable: True
+ - watch:
+ - file: /etc/contrail/contrail-kubernetes.conf
+ {%- if grains.get('noservices') %}
+ - onlyif: /bin/false
+ {%- endif %}
+
+{%- endif %}
+
+{%- endif %}
+
+{%- endif %}
diff --git a/kubernetes/pool/opencontrail.sls b/kubernetes/pool/opencontrail.sls
index 1d9c907..e552839 100644
--- a/kubernetes/pool/opencontrail.sls
+++ b/kubernetes/pool/opencontrail.sls
@@ -11,6 +11,8 @@
- dir_mode: 755
- template: jinja
+{%- if pool.network.get('version', '3.0') == '3.0' %}
+
/opt/cni/bin/opencontrail:
file.managed:
- source: http://apt.tcpcloud.eu/kubernetes/bin/opencontrail
@@ -21,4 +23,25 @@
- dir_mode: 755
- template: jinja
- source_hash: md5={{ pool.network.hash }}
+
+{%- else %}
+
+opencontrail_cni_package:
+ pkg.installed:
+ - name: contrail-k8s-cni
+ - force_yes: True
+
+opencontrail_cni_symlink:
+ file.symlink:
+ - name: /opt/cni/bin/opencontrail
+ - target: /usr/bin/contrail-k8s-cni
+ - force: true
+ - makedirs: true
+ - watch_in:
+ - service: kubelet_service
+ - require:
+ - pkg: opencontrail_cni_package
+
+{%- endif %}
+
{%- endif %}
diff --git a/tests/pillar/master_contrail4_0.sls b/tests/pillar/master_contrail4_0.sls
new file mode 100644
index 0000000..f900fe5
--- /dev/null
+++ b/tests/pillar/master_contrail4_0.sls
@@ -0,0 +1,99 @@
+kubernetes:
+ common:
+ network:
+ engine: opencontrail
+ hyperkube:
+ image: hyperkube-amd64:v1.5.0-beta.3-1
+ master:
+ service_addresses: 127.0.0.1/24
+ addons:
+ dns:
+ domain: cluster.local
+ enabled: false
+ replicas: 1
+ server: 10.254.0.10
+ autoscaler:
+ enabled: true
+ heapster_influxdb:
+ enabled: true
+ public_ip: 185.22.97.132
+ dashboard:
+ enabled: true
+ public_ip: 185.22.97.131
+ helm:
+ enabled: true
+ tiller_image: gcr.io/kubernetes-helm/tiller:v2.2.3
+ netchecker:
+ enabled: true
+ namespace: netchecker
+ port: 80
+ interval: 60
+ server_image: image
+ agent_image: image
+ admin:
+ password: password
+ username: admin
+ registry:
+ host: tcpcloud
+ host:
+ name: node040
+ apiserver:
+ address: 10.0.175.100
+ insecure_address: 127.0.0.1
+ insecure_port: 8080
+ ca: kubernetes
+ enabled: true
+ unschedulable: true
+ etcd:
+ members:
+ - host: 127.0.0.1
+ name: node040
+ kubelet:
+ allow_privileged: true
+ network:
+ version: 4.0
+ engine: opencontrail
+ config:
+ api:
+ host: 127.0.0.1
+ message_queue:
+ host: 127.0.0.1
+ identity:
+ password: password
+ database:
+ members:
+ - host: 127.0.0.1
+ - host: 127.0.0.1
+ - host: 127.0.0.1
+ collector:
+ members:
+ - host: 127.0.0.1
+ - host: 127.0.0.1
+ - host: 127.0.0.1
+ storage:
+ engine: glusterfs
+ members:
+ - host: 10.0.175.101
+ port: 24007
+ - host: 10.0.175.102
+ port: 24007
+ - host: 10.0.175.103
+ port: 24007
+ port: 24007
+ token:
+ admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv
+ controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx
+ dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3
+ kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
+ kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
+ logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf
+ monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
+ scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk
+ version: v1.2.4
+ namespace:
+ kube-system:
+ enabled: true
+ netchecker:
+ enabled: true
+ hyperkube:
+ hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
diff --git a/tests/pillar/pool_contrail4_0.sls b/tests/pillar/pool_contrail4_0.sls
new file mode 100644
index 0000000..cc3296c
--- /dev/null
+++ b/tests/pillar/pool_contrail4_0.sls
@@ -0,0 +1,38 @@
+kubernetes:
+ common:
+ network:
+ engine: none
+ hyperkube:
+ image: hyperkube-amd64:v1.5.0-beta.3-1
+ pool:
+ enabled: true
+ version: v1.2.0
+ host:
+ name: ${linux:system:name}
+ apiserver:
+ host: 127.0.0.1
+ insecure:
+ enabled: True
+ members:
+ - host: 127.0.0.1
+ - host: 127.0.0.1
+ - host: 127.0.0.1
+ address: 0.0.0.0
+ cluster_dns: 10.254.0.10
+ cluster_domain: cluster.local
+ kubelet:
+ config: /etc/kubernetes/manifests
+ allow_privileged: True
+ frequency: 5s
+ token:
+ kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
+ kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
+ ca: kubernetes
+ network:
+ engine: opencontrail
+ version: 4.0
+ config:
+ api:
+ address: 127.0.0.1
+ hyperkube:
+ hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
diff --git a/tests/pillar/repo_contrail.sls b/tests/pillar/repo_contrail.sls
new file mode 100644
index 0000000..1b66516
--- /dev/null
+++ b/tests/pillar/repo_contrail.sls
@@ -0,0 +1,13 @@
+linux:
+ system:
+ enabled: true
+ repo:
+ mcp_opencontrail_repo:
+ source: "deb [arch=amd64] http://apt-mk.mirantis.com/{{ grains.get('oscodename') }}/ nightly oc40 extra"
+ architectures: amd64
+ key_url: "http://apt-mk.mirantis.com/public.gpg"
+ pin:
+ - pin: 'release a=nightly'
+ priority: 1100
+ package: '*'
+