Merge "Refactor flannel deployment procedure."
diff --git a/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json b/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json
index b34e210..38bbc53 100644
--- a/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json
+++ b/kubernetes/files/grafana_dashboards/kubernetes_cluster_prometheus.json
@@ -331,7 +331,7 @@
},
"targets": [
{
- "expr": "sum (container_fs_usage_bytes{device=~\"^/dev/[sv]da\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) / sum (container_fs_limit_bytes{device=~\"^/dev/[sv]da\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) * 100",
+ "expr": "sum (container_fs_usage_bytes{device=~\"^/dev/([sv]da|mapper/vgroot-lvroot)\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) / sum (container_fs_limit_bytes{device=~\"^/dev/([sv]da|mapper/vgroot-lvroot)\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"}) * 100",
"interval": "10s",
"intervalFactor": 1,
"legendFormat": "",
@@ -723,7 +723,7 @@
},
"targets": [
{
- "expr": "sum (container_fs_usage_bytes{device=~\"^/dev/[sv]da\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})",
+ "expr": "sum (container_fs_usage_bytes{device=~\"^/dev/([sv]da|mapper/vgroot-lvroot)\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})",
"interval": "10s",
"intervalFactor": 1,
"refId": "A",
@@ -801,7 +801,7 @@
},
"targets": [
{
- "expr": "sum (container_fs_limit_bytes{device=~\"^/dev/[sv]da\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})",
+ "expr": "sum (container_fs_limit_bytes{device=~\"^/dev/([sv]da|mapper/vgroot-lvroot)\\\\d*$\",id=\"/\",kubernetes_io_hostname=~\"^$Node$\"})",
"interval": "10s",
"intervalFactor": 1,
"refId": "A",
diff --git a/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml b/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml
index 5fa86f3..d2f7851 100644
--- a/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml
+++ b/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml
@@ -15,5 +15,5 @@
targetPort: 8082
selector:
k8s-app: heapster
- deprecatedPublicIPs: ['{{ common.addons.heapster_influxdb.public_ip }}']
+ externalIPs: ['{{ common.addons.heapster_influxdb.public_ip }}']
type: LoadBalancer
diff --git a/kubernetes/files/kube-addons/helm/helm-role.yml b/kubernetes/files/kube-addons/helm/helm-role.yml
new file mode 100644
index 0000000..455a482
--- /dev/null
+++ b/kubernetes/files/kube-addons/helm/helm-role.yml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+ name: tiller
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+ - kind: ServiceAccount
+ name: tiller
+ namespace: kube-system
diff --git a/kubernetes/files/kube-addons/helm/helm-serviceaccount.yml b/kubernetes/files/kube-addons/helm/helm-serviceaccount.yml
new file mode 100644
index 0000000..caa22ff
--- /dev/null
+++ b/kubernetes/files/kube-addons/helm/helm-serviceaccount.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+ name: tiller
+ namespace: kube-system
diff --git a/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml b/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
index 4c87aa8..cfbb823 100644
--- a/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
+++ b/kubernetes/files/kube-addons/helm/helm-tiller-deploy.yml
@@ -1,4 +1,5 @@
{%- from "kubernetes/map.jinja" import common with context -%}
+{%- from "kubernetes/map.jinja" import master with context -%}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
@@ -21,6 +22,9 @@
app: helm
name: tiller
spec:
+ {%- if 'RBAC' in master.auth.get('mode', "") %}
+ serviceAccountName: tiller
+ {%- endif %}
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule
diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls
index 66d23bd..722cd49 100644
--- a/kubernetes/master/kube-addons.sls
+++ b/kubernetes/master/kube-addons.sls
@@ -70,6 +70,26 @@
- dir_mode: 755
- makedirs: True
+{%- if 'RBAC' in master.auth.get('mode', "") %}
+
+/etc/kubernetes/addons/helm/helm-role.yml:
+ file.managed:
+ - source: salt://kubernetes/files/kube-addons/helm/helm-role.yml
+ - template: jinja
+ - group: root
+ - dir_mode: 755
+ - makedirs: True
+
+/etc/kubernetes/addons/helm/helm-serviceaccount.yml:
+ file.managed:
+ - source: salt://kubernetes/files/kube-addons/helm/helm-serviceaccount.yml
+ - template: jinja
+ - group: root
+ - dir_mode: 755
+ - makedirs: True
+
+{%- endif %}
+
{% endif %}
{%- if common.addons.storageclass is defined %}