blob: 7c2b224f15f59d3f35c41f64d1919fae0bc37411 [file] [log] [blame]
marcoacdae7e2015-12-02 15:35:37 +01001
2==================
3Kubernetes Formula
4==================
5
Ales Komarek9db8af42017-06-08 11:08:05 +02006Kubernetes is an open-source system for automating deployment, scaling, and
7management of containerized applications. This formula deploys production
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +02008ready Kubernetes and generate Kubernetes manifests as well.
marcoacdae7e2015-12-02 15:35:37 +01009
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +020010You can download `kubectl` configuration and connect to your cluster. However,
11keep in mind `kubernetes_control_address` needs to be accessible from your computer:
12
13.. code-block:: yaml
14
15 mkdir -p ~/.kube
16 [ -f ~/.kube/config ] && cp -v ~/.kube/config ~/.kube/config-backup
17 ssh cfg01 "sudo ssh ctl01 /etc/kubenetes/kubeconfig.sh" > ~/.kube/config
18 kubectl get no
19
20
21`cfg01` is Salt master node and `ctl01` is one of Kubernetes masters
marcoacdae7e2015-12-02 15:35:37 +010022
Ales Komarek9db8af42017-06-08 11:08:05 +020023Sample Pillars
marcoacdae7e2015-12-02 15:35:37 +010024==============
25
Tomáš Kukrál189da4b2017-01-18 14:30:09 +010026**REQUIRED:** Define image to use for hyperkube, CNIs and calicoctl image
27
28.. code-block:: yaml
29
30 parameters:
31 kubernetes:
32 common:
33 hyperkube:
Tomáš Kukrála636f0e2017-03-21 11:09:55 +010034 image: gcr.io/google_containers/hyperkube:v1.5.2
Tomáš Kukrál189da4b2017-01-18 14:30:09 +010035 pool:
36 network:
37 calicoctl:
38 image: calico/ctl
39 cni:
40 image: calico/cni
41
Tomáš Kukrál25a64d72017-03-23 14:14:07 +010042Enable helm-tiller addon
Tomáš Kukrál1b50f772017-03-23 12:51:32 +010043
44.. code-block:: yaml
45
46 parameters:
47 kubernetes:
48 master:
49 addons:
50 helm:
51 enabled: true
52
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +030053Enable calico-policy addon
54
55.. code-block:: yaml
56
57 parameters:
58 kubernetes:
59 master:
60 addons:
61 calico_policy:
62 enabled: true
63
Jakub Pavlikc1d11e52017-06-23 11:09:20 +020064Enable virtlet addon
65
66.. code-block:: yaml
67
68 parameters:
69 kubernetes:
70 master:
71 addons:
72 virtlet:
73 enabled: true
74 namespace: kube-system
75 hosts:
76 - cmp01
77 - cmp02
78 image: mirantis/virtlet:latest
79
Tomáš Kukrál25a64d72017-03-23 14:14:07 +010080Enable netchecker addon
81
82.. code-block:: yaml
83
84 parameters:
85 kubernetes:
86 master:
87 namespace:
88 netchecker:
89 enabled: true
90 addons:
91 netchecker:
92 enabled: true
Tomáš Kukrál1b50f772017-03-23 12:51:32 +010093
Tomáš Kukrálf78baa62017-04-20 16:18:16 +020094Configure service verbosity
95
96.. code-block:: yaml
97
98 parameters:
99 kubernetes:
100 master:
101 verbosity: 2
102 pool:
103 verbosity: 2
104
Tomáš Kukrálaff35262017-04-18 12:37:45 +0200105Enable autoscaler for dns addon. Poll period can be skipped.
106
107.. code-block:: yaml
108
109 kubernetes:
110 master:
111 addons:
112 dns:
113 domain: cluster.local
114 enabled: true
115 replicas: 1
116 server: 10.254.0.10
117 autoscaler:
118 enabled: true
119 poll-period-seconds: 60
120
121
Tomáš Kukrál6ef3f892017-02-15 12:02:22 +0100122Pass aditional parameters to daemons:
123
124.. code-block:: yaml
125
126 parameters:
127 kubernetes:
128 master:
129 apiserver:
130 daemon_opts:
131 storage-backend: pigeon
132 controller_manager:
133 daemon_opts:
134 log-dir: /dev/nulL
135 pool:
136 kubelet:
137 daemon_opts:
138 max-pods: "6"
139
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100140
Ales Komarek688a04c2016-07-15 15:12:30 +0200141Containers on pool definitions in pool.service.local
142
Jakub Pavlik7e985322016-07-17 13:16:15 +0200143.. code-block:: yaml
144
145 parameters:
146 kubernetes:
147 pool:
148 service:
149 local:
150 enabled: False
151 service: libvirt
152 cluster: openstack-compute
153 namespace: default
154 role: ${linux:system:name}
155 type: LoadBalancer
156 kind: Deployment
157 apiVersion: extensions/v1beta1
158 replicas: 1
159 host_pid: True
160 nodeSelector:
161 - key: openstack
162 value: ${linux:system:name}
163 hostNetwork: True
164 container:
165 libvirt-compute:
166 privileged: True
167 image: ${_param:docker_repository}/libvirt-compute
168 tag: ${_param:openstack_container_tag}
Ales Komarek688a04c2016-07-15 15:12:30 +0200169
170Master definition
171
marcoacdae7e2015-12-02 15:35:37 +0100172.. code-block:: yaml
173
174 kubernetes:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200175 master:
176 addons:
177 dns:
178 domain: cluster.local
179 enabled: true
180 replicas: 1
181 server: 10.254.0.10
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200182 admin:
183 password: password
184 username: admin
185 apiserver:
186 address: 10.0.175.100
Swann Croisetff97efc2017-02-23 13:32:33 +0100187 secure_port: 443
188 insecure_address: 127.0.0.1
189 insecure_port: 8080
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200190 ca: kubernetes
191 enabled: true
192 etcd:
193 host: 127.0.0.1
194 members:
195 - host: 10.0.175.100
196 name: node040
197 name: node040
198 token: ca939ec9c2a17b0786f6d411fe019e9b
199 kubelet:
200 allow_privileged: true
201 network:
202 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300203 mtu: 1500
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200204 hash: fb5e30ebe6154911a66ec3fb5f1195b2
205 private_ip_range: 10.150.0.0/16
206 version: v0.19.0
207 service_addresses: 10.254.0.0/16
208 storage:
209 engine: glusterfs
210 members:
211 - host: 10.0.175.101
212 port: 24007
213 - host: 10.0.175.102
214 port: 24007
215 - host: 10.0.175.103
216 port: 24007
217 port: 24007
218 token:
219 admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv
220 controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx
221 dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3
222 kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
223 kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
224 logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf
225 monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
226 scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk
227 version: v1.2.4
228
marcoacdae7e2015-12-02 15:35:37 +0100229
230 kubernetes:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200231 pool:
232 address: 0.0.0.0
233 allow_privileged: true
234 ca: kubernetes
235 cluster_dns: 10.254.0.10
236 cluster_domain: cluster.local
237 enabled: true
238 kubelet:
239 allow_privileged: true
240 config: /etc/kubernetes/manifests
241 frequency: 5s
242 master:
243 apiserver:
244 members:
245 - host: 10.0.175.100
246 etcd:
247 members:
248 - host: 10.0.175.100
249 host: 10.0.175.100
250 network:
251 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300252 mtu: 1500
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200253 hash: fb5e30ebe6154911a66ec3fb5f1195b2
254 version: v0.19.0
255 token:
256 kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
257 kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
258 version: v1.2.4
marcoacdae7e2015-12-02 15:35:37 +0100259
Tomáš Kukrálbc3623e2017-03-23 18:24:06 +0100260
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200261Kubernetes with OpenContrail network plugin
262------------------------------------------------
marcoacdae7e2015-12-02 15:35:37 +0100263
264On Master:
265
266.. code-block:: yaml
267
268 kubernetes:
269 master:
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200270 addons:
Matthew Mosesohn6f4f6c02017-07-03 16:58:50 +0300271 contrail_network_controller:
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200272 enabled: true
273 namespace: kube-system
Matthew Mosesohn6f4f6c02017-07-03 16:58:50 +0300274 image: yashulyak/contrail-controller:latest
marcoacdae7e2015-12-02 15:35:37 +0100275 network:
276 engine: opencontrail
277 host: 10.0.170.70
278 port: 8082
279 default_domain: default-domain
280 default_project: default-domain:default-project
281 public_network: default-domain:default-project:Public
282 public_ip_range: 185.22.97.128/26
283 private_ip_range: 10.150.0.0/16
284 service_cluster_ip_range: 10.254.0.0/16
285 network_label: name
286 service_label: uses
287 cluster_service: kube-system/default
marcoacdae7e2015-12-02 15:35:37 +0100288On pools:
289
290.. code-block:: yaml
291
292 kubernetes:
293 pool:
294 network:
295 engine: opencontrail
296
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200297
298Dashboard public IP must be configured when Contrail network is used:
299
300.. code-block:: yaml
301
302 kubernetes:
303 master:
304 addons:
305 public_ip: 1.1.1.1
306
Jakub Pavlik1cfc1fe2016-07-25 11:01:52 +0200307Kubernetes control plane running in systemd
308-------------------------------------------
309
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300310By default kube-apiserver, kube-scheduler, kube-controllermanager, kube-proxy, etcd running in docker containers through manifests. For stable production environment this should be run in systemd.
Jakub Pavlik1cfc1fe2016-07-25 11:01:52 +0200311
312.. code-block:: yaml
313
314 kubernetes:
315 master:
316 container: false
317
318 kubernetes:
319 pool:
320 container: false
321
marco055ff852016-07-27 15:22:33 +0200322Because k8s services run under kube user without root privileges, there is need to change secure port for apiserver.
323
324.. code-block:: yaml
325
326 kubernetes:
327 master:
328 apiserver:
329 secure_port: 8081
330
marcoacdae7e2015-12-02 15:35:37 +0100331Kubernetes with Flannel
332-----------------------
333
334On Master:
335
336.. code-block:: yaml
337
338 kubernetes:
339 master:
340 network:
341 engine: flannel
Jakub Pavlik7e985322016-07-17 13:16:15 +0200342 # If you don't register master as node:
marcoa05621f2016-07-14 10:35:24 +0200343 etcd:
344 members:
345 - host: 10.0.175.101
346 port: 4001
347 - host: 10.0.175.102
348 port: 4001
349 - host: 10.0.175.103
350 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100351 common:
352 network:
353 engine: flannel
354
355On pools:
356
357.. code-block:: yaml
358
359 kubernetes:
360 pool:
361 network:
362 engine: flannel
marcoa05621f2016-07-14 10:35:24 +0200363 etcd:
364 members:
365 - host: 10.0.175.101
366 port: 4001
367 - host: 10.0.175.102
368 port: 4001
369 - host: 10.0.175.103
370 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100371 common:
372 network:
373 engine: flannel
374
375Kubernetes with Calico
376-----------------------
377
378On Master:
379
380.. code-block:: yaml
381
382 kubernetes:
383 master:
384 network:
385 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300386 mtu: 1500
Jakub Pavlik7e985322016-07-17 13:16:15 +0200387 # If you don't register master as node:
marcoa05621f2016-07-14 10:35:24 +0200388 etcd:
389 members:
390 - host: 10.0.175.101
391 port: 4001
392 - host: 10.0.175.102
393 port: 4001
394 - host: 10.0.175.103
395 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100396
397On pools:
398
399.. code-block:: yaml
400
401 kubernetes:
402 pool:
403 network:
404 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300405 mtu: 1500
marcoa05621f2016-07-14 10:35:24 +0200406 etcd:
407 members:
408 - host: 10.0.175.101
409 port: 4001
410 - host: 10.0.175.102
411 port: 4001
412 - host: 10.0.175.103
413 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100414
Tomáš Kukrál34c59362017-03-01 14:00:37 +0100415Running with secured etcd:
416
417.. code-block:: yaml
418
419 kubernetes:
420 pool:
421 network:
422 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300423 mtu: 1500
Tomáš Kukrál34c59362017-03-01 14:00:37 +0100424 etcd:
425 ssl:
426 enabled: true
427 master:
428 network:
429 engine: calico
430 etcd:
431 ssl:
432 enabled: true
433
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300434Running with calico-policy controller:
435
436.. code-block:: yaml
437
438 kubernetes:
439 pool:
440 network:
441 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300442 mtu: 1500
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300443 addons:
444 calico_policy:
445 enabled: true
446
447 master:
448 network:
449 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300450 mtu: 1500
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300451 addons:
452 calico_policy:
453 enabled: true
454
455
456
Tomáš Kukrál7e91a942017-03-23 16:02:52 +0100457Enable Prometheus metrics in Felix
458
459.. code-block:: yaml
460
461 kubernetes:
462 pool:
463 network:
464 prometheus:
465 enabled: true
466 master:
467 network:
468 prometheus:
469 enabled: true
470
Jakub Pavlik7e985322016-07-17 13:16:15 +0200471Post deployment configuration
472
473.. code-block:: bash
Jakub Pavlik232833c2016-07-17 13:21:00 +0200474
Jakub Pavlik7e985322016-07-17 13:16:15 +0200475 # set ETCD
476 export ETCD_AUTHORITY=10.0.111.201:4001
477
478 # Set NAT for pods subnet
479 calicoctl pool add 192.168.0.0/16 --nat-outgoing
480
481 # Status commands
482 calicoctl status
483 calicoctl node show
484
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200485Kubernetes with GlusterFS for storage
486---------------------------------------------
487
488.. code-block:: yaml
489
490 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100491 master:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200492 ...
493 storage:
494 engine: glusterfs
495 port: 24007
496 members:
497 - host: 10.0.175.101
498 port: 24007
499 - host: 10.0.175.102
500 port: 24007
501 - host: 10.0.175.103
502 port: 24007
503 ...
504
marco45fc1b72016-07-02 16:11:18 +0200505Kubernetes namespaces
506---------------------
507
508Create namespace:
509
510.. code-block:: yaml
511
512 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100513 master:
marco45fc1b72016-07-02 16:11:18 +0200514 ...
515 namespace:
516 kube-system:
517 enabled: True
518 namespace2:
519 enabled: True
520 namespace3:
521 enabled: False
522 ...
523
524Kubernetes labels
525-----------------
526
Marek Celoud901020b2017-01-27 14:51:41 +0100527Label node:
marco45fc1b72016-07-02 16:11:18 +0200528
529.. code-block:: yaml
530
Marek Celoud901020b2017-01-27 14:51:41 +0100531 kubernetes:
532 master:
533 label:
534 label01:
535 value: value01
536 node: node01
537 enabled: true
538 key: key01
marco45fc1b72016-07-02 16:11:18 +0200539 ...
marco45fc1b72016-07-02 16:11:18 +0200540
marcof7efecb2016-07-16 16:13:37 +0200541Pull images from private registries
542-----------------------------------
543
544.. code-block:: yaml
545
546 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100547 master:
marcof7efecb2016-07-16 16:13:37 +0200548 ...
549 registry:
550 secret:
551 registry01:
552 enabled: True
553 key: (get from `cat /root/.docker/config.json | base64`)
554 namespace: default
555 ...
556 control:
557 ...
558 service:
559 service01:
560 ...
561 image_pull_secretes: registry01
562 ...
563
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200564Kubernetes Service Definitions in pillars
565==========================================
566
567Following samples show how to generate kubernetes manifest as well and provide single tool for complete infrastructure management.
568
569Deployment manifest
570---------------------
marcoacdae7e2015-12-02 15:35:37 +0100571
572.. code-block:: yaml
573
574 salt:
575 control:
576 enabled: True
577 hostNetwork: True
578 service:
579 memcached:
580 privileged: True
581 service: memcached
582 role: server
583 type: LoadBalancer
584 replicas: 3
585 kind: Deployment
586 apiVersion: extensions/v1beta1
587 ports:
588 - port: 8774
589 name: nova-api
590 - port: 8775
591 name: nova-metadata
592 volume:
593 volume_name:
594 type: hostPath
595 mount: /certs
596 path: /etc/certs
597 container:
598 memcached:
599 image: memcached
600 tag:2
601 ports:
602 - port: 8774
603 name: nova-api
604 - port: 8775
605 name: nova-metadata
606 variables:
607 - name: HTTP_TLS_CERTIFICATE:
608 value: /certs/domain.crt
609 - name: HTTP_TLS_KEY
610 value: /certs/domain.key
611 volumes:
612 - name: /etc/certs
613 type: hostPath
614 mount: /certs
615 path: /etc/certs
616
marcobe30c8d2016-10-11 19:16:35 +0200617PetSet manifest
618---------------------
619
620.. code-block:: yaml
621
622 service:
623 memcached:
624 apiVersion: apps/v1alpha1
625 kind: PetSet
626 service_name: 'memcached'
627 container:
628 memcached:
629 ...
630
631
Filip Pytloun9a4a40f2016-09-22 16:28:19 +0200632Configmap
633---------
634
635You are able to create configmaps using support layer between formulas.
636It works simple, eg. in nova formula there's file ``meta/config.yml`` which
637defines config files used by that service and roles.
638
639Kubernetes formula is able to generate these files using custom pillar and
640grains structure. This way you are able to run docker images built by any way
641while still re-using your configuration management.
642
643Example pillar:
644
645.. code-block:: bash
646
647 kubernetes:
648 control:
Jakub Pavlika2779722016-11-25 15:35:26 +0100649 config_type: default|kubernetes # Output is yaml k8s or default single files
Filip Pytloun9a4a40f2016-09-22 16:28:19 +0200650 configmap:
651 nova-control:
652 grains:
653 # Alternate grains as OS running in container may differ from
654 # salt minion OS. Needed only if grains matters for config
655 # generation.
656 os_family: Debian
657 pillar:
658 # Generic pillar for nova controller
659 nova:
660 controller:
661 enabled: true
662 versionn: liberty
663 ...
664
665To tell which services supports config generation, you need to ensure pillar
666structure like this to determine support:
667
668.. code-block:: yaml
669
670 nova:
671 _support:
672 config:
673 enabled: true
674
marcod4d3dbd2016-09-27 11:36:40 +0200675initContainers
676--------------
677
678Example pillar:
679
680.. code-block:: bash
681
682 kubernetes:
683 control:
684 service:
685 memcached:
686 init_containers:
687 - name: test-mysql
688 image: busybox
689 command:
690 - sleep
691 - 3600
692 volumes:
693 - name: config
694 mount: /test
695 - name: test-memcached
696 image: busybox
697 command:
698 - sleep
699 - 3600
700 volumes:
701 - name: config
702 mount: /test
703
marcoee859d32016-11-07 11:04:57 +0100704Affinity
705--------
706
707podAffinity
708===========
709
710Example pillar:
711
712.. code-block:: bash
713
714 kubernetes:
715 control:
716 service:
717 memcached:
718 affinity:
719 pod_affinity:
720 name: podAffinity
721 expression:
722 label_selector:
723 name: labelSelector
724 selectors:
725 - key: app
726 value: memcached
727 topology_key: kubernetes.io/hostname
728
729podAntiAffinity
730===============
731
732Example pillar:
733
734.. code-block:: bash
735
736 kubernetes:
737 control:
738 service:
739 memcached:
740 affinity:
741 anti_affinity:
742 name: podAntiAffinity
743 expression:
744 label_selector:
745 name: labelSelector
746 selectors:
747 - key: app
748 value: opencontrail-control
749 topology_key: kubernetes.io/hostname
750
751nodeAffinity
752===============
753
754Example pillar:
755
756.. code-block:: bash
757
758 kubernetes:
759 control:
760 service:
761 memcached:
762 affinity:
763 node_affinity:
764 name: nodeAffinity
765 expression:
766 match_expressions:
767 name: matchExpressions
768 selectors:
769 - key: key
770 operator: In
771 values:
772 - value1
773 - value2
774
marcoacdae7e2015-12-02 15:35:37 +0100775Volumes
776-------
777
778hostPath
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200779==========
marcoacdae7e2015-12-02 15:35:37 +0100780
781.. code-block:: yaml
782
marcob469f882016-09-27 09:56:13 +0200783 service:
marcoacdae7e2015-12-02 15:35:37 +0100784 memcached:
marcob469f882016-09-27 09:56:13 +0200785 container:
786 memcached:
787 volumes:
788 - name: volume1
789 mountPath: /volume
790 readOnly: True
marcoacdae7e2015-12-02 15:35:37 +0100791 ...
marcob469f882016-09-27 09:56:13 +0200792 volume:
793 volume1:
794 name: /etc/certs
795 type: hostPath
796 path: /etc/certs
marcoacdae7e2015-12-02 15:35:37 +0100797
798emptyDir
Ales Komarek688a04c2016-07-15 15:12:30 +0200799========
marcoacdae7e2015-12-02 15:35:37 +0100800
801.. code-block:: yaml
802
marcob469f882016-09-27 09:56:13 +0200803 service:
marcoacdae7e2015-12-02 15:35:37 +0100804 memcached:
marcob469f882016-09-27 09:56:13 +0200805 container:
806 memcached:
807 volumes:
808 - name: volume1
809 mountPath: /volume
810 readOnly: True
marcoacdae7e2015-12-02 15:35:37 +0100811 ...
marcob469f882016-09-27 09:56:13 +0200812 volume:
813 volume1:
814 name: /etc/certs
815 type: emptyDir
816
817configMap
818=========
819
820.. code-block:: yaml
821
822 service:
823 memcached:
824 container:
825 memcached:
826 volumes:
827 - name: volume1
828 mountPath: /volume
829 readOnly: True
830 ...
831 volume:
832 volume1:
833 type: config_map
834 item:
835 configMap1:
836 key: config.conf
837 path: config.conf
838 configMap2:
839 key: policy.json
840 path: policy.json
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200841
marco0eda4fb2016-10-10 19:08:27 +0200842To mount single configuration file instead of whole directory:
843
844.. code-block:: yaml
845
846 service:
847 memcached:
848 container:
849 memcached:
850 volumes:
851 - name: volume1
852 mountPath: /volume/config.conf
853 sub_path: config.conf
854
marcofcc20d02016-10-10 09:56:12 +0200855Generating Jobs
856===============
857
858Example pillar:
859
860.. code-block:: yaml
861
862 kubernetes:
863 control:
864 job:
865 sleep:
866 job: sleep
867 restart_policy: Never
868 container:
869 sleep:
870 image: busybox
871 tag: latest
872 command:
873 - sleep
874 - "3600"
875
876Volumes and Variables can be used as the same way as during Deployment generation.
877
878Custom params:
879
880.. code-block:: yaml
881
882 kubernetes:
883 control:
884 job:
885 host_network: True
886 host_pid: True
887 container:
888 sleep:
889 privileged: True
890 node_selector:
891 key: node
892 value: one
893 image_pull_secretes: password
894
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200895
Ales Komarek9db8af42017-06-08 11:08:05 +0200896More Information
897================
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200898
Ales Komarek9db8af42017-06-08 11:08:05 +0200899* https://github.com/Juniper/kubernetes/blob
900/opencontrail-integration/docs /getting-started-guides/opencontrail.md
901* https://github.com/kubernetes/kubernetes/tree/master/cluster/saltbase
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200902
Filip Pytlound06f6272017-02-02 13:02:03 +0100903
904Documentation and Bugs
905======================
906
907To learn how to install and update salt-formulas, consult the documentation
908available online at:
909
910 http://salt-formulas.readthedocs.io/
911
912In the unfortunate event that bugs are discovered, they should be reported to
913the appropriate issue tracker. Use Github issue tracker for specific salt
914formula:
915
916 https://github.com/salt-formulas/salt-formula-kubernetes/issues
917
918For feature requests, bug reports or blueprints affecting entire ecosystem,
919use Launchpad salt-formulas project:
920
921 https://launchpad.net/salt-formulas
922
923You can also join salt-formulas-users team and subscribe to mailing list:
924
925 https://launchpad.net/~salt-formulas-users
926
927Developers wishing to work on the salt-formulas projects should always base
928their work on master branch and submit pull request against specific formula.
929
930 https://github.com/salt-formulas/salt-formula-kubernetes
931
932Any questions or feedback is always welcome so feel free to join our IRC
933channel:
934
935 #salt-formulas @ irc.freenode.net