Bump virtlet version to v1.0.0
Adjusted template for virtlet deployment.
Change-Id: I10f16026b7e37d9df7088bea6d6f33720d6063b4
diff --git a/README.rst b/README.rst
index 6b509c3..3b50609 100644
--- a/README.rst
+++ b/README.rst
@@ -70,7 +70,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
hosts:
- cmp01
- cmp02
diff --git a/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml b/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
index 17a73ba..45d352f 100644
--- a/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
+++ b/kubernetes/files/kube-addons/virtlet/virtlet-ds.yml
@@ -12,21 +12,10 @@
spec:
template:
metadata:
- name: virtlet
labels:
runtime: virtlet
+ name: virtlet
spec:
- hostNetwork: true
- {%- if master.network.get('opencontrail', {}).get('enabled', False) %}
- dnsPolicy: ClusterFirstWithHostNet
- {%- endif %}
- # hostPID is true to (1) enable VMs to survive virtlet container restart
- # (to be checked) and (2) to enable the use of nsenter in init container
- hostPID: true
- # bootstrap procedure needs to create a configmap in kube-system namespace
- serviceAccountName: virtlet
-
- # only run Virtlet pods on the nodes with extraRuntime=virtlet label
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
@@ -36,50 +25,28 @@
operator: In
values:
- virtlet
-
- initContainers:
- # The init container copies virtlet's flexvolume driver
- # to the default kubelet plugin dir and ensures that
- # the directories needed by libvirt & virtlet exist on the host
- - name: prepare-node
- image: {{ common.addons.virtlet.image }}
- imagePullPolicy: IfNotPresent
- command:
- - /prepare-node.sh
- volumeMounts:
- - name: k8s-flexvolume-plugins-dir
- mountPath: /kubelet-volume-plugins
- - name: run
- {%- if version|float >= 1.8 %}
- mountPropagation: Bidirectional
- {%- endif %}
- mountPath: /run
- - name: dockersock
- mountPath: /var/run/docker.sock
- - name: log
- mountPath: /hostlog
- # for ensuring that /var/lib/libvirt/images exists on node
- - name: var-lib
- mountPath: /host-var-lib
- - name: dev
- mountPath: /dev
- securityContext:
- privileged: true
+ containers:
+ - command:
+ - /libvirt.sh
env:
- name: VIRTLET_DISABLE_KVM
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: disable_kvm
+ name: virtlet-config
optional: true
-
- containers:
- - name: libvirt
image: {{ common.addons.virtlet.image }}
- # In case we inject local virtlet image we want to use it not officially available one
imagePullPolicy: IfNotPresent
- command:
- - /libvirt.sh
+ name: libvirt
+ readinessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - socat - UNIX:/var/run/libvirt/libvirt-sock-ro </dev/null
+ resources: {}
+ securityContext:
+ privileged: true
volumeMounts:
- mountPath: /sys/fs/cgroup
name: cgroup
@@ -90,43 +57,89 @@
name: boot
readOnly: true
- mountPath: /run
- name: run
- {%- if version|float >= 1.8 %}
mountPropagation: Bidirectional
- {%- endif %}
+ name: run
- mountPath: /var/lib/virtlet
name: virtlet
- mountPath: /var/lib/libvirt
name: libvirt
- mountPath: /var/run/libvirt
name: libvirt-sockets
- # the log dir is needed here because otherwise libvirt will produce errors
- # like this:
- # Unable to pre-create chardev file '/var/log/vms/afd75bbb-8e97-11e7-9561-02420ac00002/cirros-vm_0.log': No such file or directory
- - name: vms-log
- mountPath: /var/log/vms
- - name: dev
- mountPath: /dev
- securityContext:
- privileged: true
- env:
+ - mountPath: /var/log/vms
+ name: vms-log
+ - mountPath: /var/log/libvirt
+ name: libvirt-log
+ - mountPath: /dev
+ name: dev
+ - env:
- name: VIRTLET_DISABLE_KVM
valueFrom:
configMapKeyRef:
- name: virtlet-config
key: disable_kvm
+ name: virtlet-config
optional: true
- - name: virtlet
+ - name: VIRTLET_DOWNLOAD_PROTOCOL
+ valueFrom:
+ configMapKeyRef:
+ key: download_protocol
+ name: virtlet-config
+ optional: true
+ - name: VIRTLET_LOGLEVEL
+ valueFrom:
+ configMapKeyRef:
+ key: loglevel
+ name: virtlet-config
+ optional: true
+ - name: VIRTLET_CALICO_SUBNET
+ valueFrom:
+ configMapKeyRef:
+ key: calico-subnet
+ name: virtlet-config
+ optional: true
+ - name: IMAGE_REGEXP_TRANSLATION
+ valueFrom:
+ configMapKeyRef:
+ key: image_regexp_translation
+ name: virtlet-config
+ optional: true
+ - name: VIRTLET_DISABLE_LOGGING
+ valueFrom:
+ configMapKeyRef:
+ key: disable_logging
+ name: virtlet-config
+ optional: true
+ - name: VIRTLET_SRIOV_SUPPORT
+ valueFrom:
+ configMapKeyRef:
+ key: sriov_support
+ name: virtlet-config
+ optional: true
+ - name: VIRTLET_RAW_DEVICES
+ valueFrom:
+ configMapKeyRef:
+ key: raw_devices
+ name: virtlet-config
+ optional: true
+ - name: IMAGE_TRANSLATIONS_DIR
+ value: /etc/virtlet/images
+ - name: KUBERNETES_POD_LOGS
+ value: /kubernetes-log
image: {{ common.addons.virtlet.image }}
- # In case we inject local virtlet image we want to use it not officially available one
imagePullPolicy: IfNotPresent
+ name: virtlet
+ readinessProbe:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - socat - UNIX:/run/virtlet.sock </dev/null
+ resources: {}
+ securityContext:
+ privileged: true
volumeMounts:
- mountPath: /run
- name: run
- {%- if version|float >= 1.8 %}
mountPropagation: Bidirectional
- {%- endif %}
- # /boot and /lib/modules are required by supermin
+ name: run
- mountPath: /lib/modules
name: modules
readOnly: true
@@ -142,12 +155,10 @@
- mountPath: /usr/libexec/kubernetes/kubelet-plugins/volume/exec
name: k8s-flexvolume-plugins-dir
- mountPath: /var/lib/kubelet/pods
- name: k8s-pods-dir
- {%- if version|float >= 1.8 %}
mountPropagation: Bidirectional
- {%- endif %}
- - name: vms-log
- mountPath: /var/log/vms
+ name: k8s-pods-dir
+ - mountPath: /var/log/vms
+ name: vms-log
{%- if master.network.get('opencontrail', {}).get('enabled', False) %}
- name: contrail-log
mountPath: /var/log/contrail
@@ -156,73 +167,62 @@
{%- endif %}
- mountPath: /etc/virtlet/images
name: image-name-translations
- - name: pods-log
- mountPath: /kubernetes-log
- securityContext:
- privileged: true
- env:
- - name: VIRTLET_DISABLE_KVM
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: disable_kvm
- optional: true
- - name: VIRTLET_DOWNLOAD_PROTOCOL
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: download_protocol
- optional: true
- - name: VIRTLET_LOGLEVEL
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: loglevel
- optional: true
- - name: VIRTLET_CALICO_SUBNET
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: calico-subnet
- optional: true
- - name: IMAGE_REGEXP_TRANSLATION
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: image_regexp_translation
- optional: true
- - name: VIRTLET_DISABLE_LOGGING
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: disable_logging
- optional: true
- - name: VIRTLET_SRIOV_SUPPORT
- valueFrom:
- configMapKeyRef:
- name: virtlet-config
- key: sriov_support
- optional: true
- - name: IMAGE_TRANSLATIONS_DIR
- value: /etc/virtlet/images
- - name: KUBERNETES_POD_LOGS
- value: "/kubernetes-log"
- - name: vms
+ - mountPath: /kubernetes-log
+ name: pods-log
+ - command:
+ - /vms.sh
image: {{ common.addons.virtlet.image }}
imagePullPolicy: IfNotPresent
- command:
- - /vms.sh
+ name: vms
+ resources: {}
volumeMounts:
- mountPath: /var/lib/virtlet
name: virtlet
- mountPath: /var/lib/libvirt
name: libvirt
- - name: vms-log
- mountPath: /var/log/vms
- - name: dev
- mountPath: /dev
+ - mountPath: /var/log/vms
+ name: vms-log
+ - mountPath: /dev
+ name: dev
+ - mountPath: /lib/modules
+ name: modules
+ {%- if master.network.get('opencontrail', {}).get('enabled', False) %}
+ dnsPolicy: ClusterFirstWithHostNet
+ {%- endif %}
+ hostNetwork: true
+ hostPID: true
+ initContainers:
+ - command:
+ - /prepare-node.sh
+ env:
+ - name: VIRTLET_DISABLE_KVM
+ valueFrom:
+ configMapKeyRef:
+ key: disable_kvm
+ name: virtlet-config
+ optional: true
+ image: {{ common.addons.virtlet.image }}
+ imagePullPolicy: IfNotPresent
+ name: prepare-node
+ resources: {}
+ securityContext:
+ privileged: true
+ volumeMounts:
+ - mountPath: /kubelet-volume-plugins
+ name: k8s-flexvolume-plugins-dir
+ - mountPath: /run
+ mountPropagation: Bidirectional
+ name: run
+ - mountPath: /var/run/docker.sock
+ name: dockersock
+ - mountPath: /hostlog
+ name: log
+ - mountPath: /host-var-lib
+ name: var-lib
+ - mountPath: /dev
+ name: dev
+ serviceAccountName: virtlet
volumes:
- # /dev is needed for host raw device access
- hostPath:
path: /dev
name: dev
@@ -238,9 +238,6 @@
- hostPath:
path: /run
name: run
- # TODO: don't hardcode docker socket location here
- # This will require CRI proxy installation to run
- # in host mount namespace.
- hostPath:
path: /var/run/docker.sock
name: dockersock
@@ -266,6 +263,9 @@
path: /var/log/virtlet/vms
name: vms-log
- hostPath:
+ path: /var/log/libvirt
+ name: libvirt-log
+ - hostPath:
path: /var/run/libvirt
name: libvirt-sockets
- hostPath:
@@ -288,12 +288,50 @@
path: /virtlet
name: virtlet-bin
{%- endif %}
+ updateStrategy: {}
+status:
+ currentNumberScheduled: 0
+ desiredNumberScheduled: 0
+ numberMisscheduled: 0
+ numberReady: 0
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: virtlet
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: virtlet
+subjects:
+- kind: ServiceAccount
+ name: virtlet
+ namespace: {{ common.addons.virtlet.namespace }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: virtlet
+ namespace: {{ common.addons.virtlet.namespace }}
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - create
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: configmap-reader
- namespace: {{ common.addons.virtlet.namespace }}
labels:
addonmanager.kubernetes.io/mode: Reconcile
rules:
@@ -305,6 +343,23 @@
- get
- list
- watch
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: virtlet-userdata-reader
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - secrets
+ verbs:
+ - get
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@@ -320,98 +375,7 @@
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:nodes
- namespace: {{ common.addons.virtlet.namespace }}
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: virtlet-crd
- namespace: {{ common.addons.virtlet.namespace }}
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-rules:
- - apiGroups:
- - "apiextensions.k8s.io"
- resources:
- - customresourcedefinitions
- verbs:
- - create
- - apiGroups:
- - "virtlet.k8s"
- resources:
- - virtletimagemappings
- verbs:
- - list
- - get
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
- name: virtlet-crd
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: virtlet-crd
-subjects:
-- kind: ServiceAccount
- name: virtlet
- namespace: {{ common.addons.virtlet.namespace }}
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- name: virtlet
- namespace: {{ common.addons.virtlet.namespace }}
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
- name: virtlet
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: virtlet
-subjects:
-- kind: ServiceAccount
- name: virtlet
- namespace: {{ common.addons.virtlet.namespace }}
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1beta1
-metadata:
- name: virtlet
- namespace: {{ common.addons.virtlet.namespace }}
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-rules:
- - apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - create
----
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
-metadata:
- name: virtlet-userdata-reader
- namespace: {{ common.addons.virtlet.namespace }}
- labels:
- addonmanager.kubernetes.io/mode: Reconcile
-rules:
-- apiGroups:
- - ""
- resources:
- - configmaps
- - secrets
- verbs:
- - get
+
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@@ -427,6 +391,53 @@
- kind: ServiceAccount
name: virtlet
namespace: {{ common.addons.virtlet.namespace }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: virtlet-crd
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+rules:
+- apiGroups:
+ - apiextensions.k8s.io
+ resources:
+ - customresourcedefinitions
+ verbs:
+ - create
+- apiGroups:
+ - virtlet.k8s
+ resources:
+ - virtletimagemappings
+ verbs:
+ - list
+ - get
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: virtlet-crd
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: virtlet-crd
+subjects:
+- kind: ServiceAccount
+ name: virtlet
+ namespace: {{ common.addons.virtlet.namespace }}
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: virtlet
+ namespace: {{ common.addons.virtlet.namespace }}
+ labels:
+ addonmanager.kubernetes.io/mode: Reconcile
---
apiVersion: v1
data:
diff --git a/metadata/service/common.yml b/metadata/service/common.yml
index 4aa517c..d2fa3bb 100644
--- a/metadata/service/common.yml
+++ b/metadata/service/common.yml
@@ -58,7 +58,7 @@
virtlet:
enabled: False
namespace: kube-system
- image: mirantis/virtlet:v0.9.4
+ image: mirantis/virtlet:v1.0.0
criproxy_version: v0.10.0
criproxy_source: md5=52717b1f70f15558ef4bdb0e4d4948da
cloudprovider:
diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml
index f2d119b..8eb6b63 100644
--- a/metadata/service/master/single.yml
+++ b/metadata/service/master/single.yml
@@ -62,7 +62,7 @@
virtlet:
enabled: False
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
token:
admin: ${_param:kubernetes_admin_token}
kubelet: ${_param:kubernetes_kubelet_token}
diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls
index 68a0e51..9e8afa2 100644
--- a/tests/pillar/master_cluster.sls
+++ b/tests/pillar/master_cluster.sls
@@ -40,7 +40,7 @@
hosts:
- cmp01
- cmp02
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
monitoring:
backend: prometheus
master:
diff --git a/tests/pillar/master_contrail.sls b/tests/pillar/master_contrail.sls
index b2941b1..e86a293 100644
--- a/tests/pillar/master_contrail.sls
+++ b/tests/pillar/master_contrail.sls
@@ -37,7 +37,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/master_contrail4_0.sls b/tests/pillar/master_contrail4_0.sls
index 3f62f67..ec48f54 100644
--- a/tests/pillar/master_contrail4_0.sls
+++ b/tests/pillar/master_contrail4_0.sls
@@ -37,7 +37,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls
index 152cab3..4de3614 100644
--- a/tests/pillar/pool_cluster.sls
+++ b/tests/pillar/pool_cluster.sls
@@ -16,7 +16,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/pool_cluster_with_domain.sls b/tests/pillar/pool_cluster_with_domain.sls
index 194e060..271d762 100644
--- a/tests/pillar/pool_cluster_with_domain.sls
+++ b/tests/pillar/pool_cluster_with_domain.sls
@@ -16,7 +16,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
hosts:
- cmp01
- cmp02
diff --git a/tests/pillar/pool_contrail4_0.sls b/tests/pillar/pool_contrail4_0.sls
index 612187f..f396906 100644
--- a/tests/pillar/pool_contrail4_0.sls
+++ b/tests/pillar/pool_contrail4_0.sls
@@ -16,7 +16,7 @@
virtlet:
enabled: true
namespace: kube-system
- image: mirantis/virtlet:v0.8.0
+ image: mirantis/virtlet:v1.0.0
hosts:
- cmp01
- cmp02