Blame - README.rst - salt-formulas/kubernetes

blob: 0f553d8745140b8b953548cb65da3423aeecd8f3 [file] [log] [blame]

marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	1
				2	==================
				3	Kubernetes Formula
				4	==================
				5
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	6	Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications.
				7
				8	This formula deploys production ready Kubernetes and generate Kubernetes manifests as well.
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	9
				10	Based on official Kubernetes salt
				11	https://github.com/kubernetes/kubernetes/tree/master/cluster/saltbase
				12
				13	Extended on Contrail contribution https://github.com/Juniper/kubernetes/blob/opencontrail-integration/docs/getting-started-guides/opencontrail.md
				14
				15
				16	Sample pillars
				17	==============
				18
Ales Komarek	688a04c	2016-07-15 15:12:30 +0200	[diff] [blame]	19	Containers on pool definitions in pool.service.local
				20
				21	parameters:
				22	kubernetes:
				23	pool:
				24	service:
				25	local:
				26	enabled: False
				27	service: libvirt
				28	cluster: openstack-compute
				29	namespace: default
				30	role: ${linux:system:name}
				31	type: LoadBalancer
				32	kind: Deployment
				33	apiVersion: extensions/v1beta1
				34	replicas: 1
				35	host_pid: True
				36	nodeSelector:
				37	- key: openstack
				38	value: ${linux:system:name}
				39	hostNetwork: True
				40	container:
				41	libvirt-compute:
				42	privileged: True
				43	image: ${_param:docker_repository}/libvirt-compute
				44	tag: ${_param:openstack_container_tag}
				45
				46	Master definition
				47
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	48	.. code-block:: yaml
				49
				50	kubernetes:
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	51	master:
				52	addons:
				53	dns:
				54	domain: cluster.local
				55	enabled: true
				56	replicas: 1
				57	server: 10.254.0.10
				58	heapster_influxdb:
				59	enabled: true
				60	public_ip: 185.22.97.132
				61	ui:
				62	enabled: true
				63	public_ip: 185.22.97.131
				64	admin:
				65	password: password
				66	username: admin
				67	apiserver:
				68	address: 10.0.175.100
				69	port: 8080
				70	ca: kubernetes
				71	enabled: true
				72	etcd:
				73	host: 127.0.0.1
				74	members:
				75	- host: 10.0.175.100
				76	name: node040
				77	name: node040
				78	token: ca939ec9c2a17b0786f6d411fe019e9b
				79	kubelet:
				80	allow_privileged: true
				81	network:
				82	engine: calico
				83	hash: fb5e30ebe6154911a66ec3fb5f1195b2
				84	private_ip_range: 10.150.0.0/16
				85	version: v0.19.0
				86	service_addresses: 10.254.0.0/16
				87	storage:
				88	engine: glusterfs
				89	members:
				90	- host: 10.0.175.101
				91	port: 24007
				92	- host: 10.0.175.102
				93	port: 24007
				94	- host: 10.0.175.103
				95	port: 24007
				96	port: 24007
				97	token:
				98	admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv
				99	controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx
				100	dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3
				101	kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
				102	kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
				103	logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf
				104	monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
				105	scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk
				106	version: v1.2.4
				107
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	108
				109	kubernetes:
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	110	pool:
				111	address: 0.0.0.0
				112	allow_privileged: true
				113	ca: kubernetes
				114	cluster_dns: 10.254.0.10
				115	cluster_domain: cluster.local
				116	enabled: true
				117	kubelet:
				118	allow_privileged: true
				119	config: /etc/kubernetes/manifests
				120	frequency: 5s
				121	master:
				122	apiserver:
				123	members:
				124	- host: 10.0.175.100
				125	etcd:
				126	members:
				127	- host: 10.0.175.100
				128	host: 10.0.175.100
				129	network:
				130	engine: calico
				131	hash: fb5e30ebe6154911a66ec3fb5f1195b2
				132	version: v0.19.0
				133	token:
				134	kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
				135	kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
				136	version: v1.2.4
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	137
				138
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	139
				140	Kubernetes with OpenContrail network plugin
				141	------------------------------------------------
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	142
				143	On Master:
				144
				145	.. code-block:: yaml
				146
				147	kubernetes:
				148	master:
				149	network:
				150	engine: opencontrail
				151	host: 10.0.170.70
				152	port: 8082
				153	default_domain: default-domain
				154	default_project: default-domain:default-project
				155	public_network: default-domain:default-project:Public
				156	public_ip_range: 185.22.97.128/26
				157	private_ip_range: 10.150.0.0/16
				158	service_cluster_ip_range: 10.254.0.0/16
				159	network_label: name
				160	service_label: uses
				161	cluster_service: kube-system/default
				162	network_manager:
				163	image: pupapaik/opencontrail-kube-network-manager
				164	tag: release-1.1-jpa-final-1
				165
				166	On pools:
				167
				168	.. code-block:: yaml
				169
				170	kubernetes:
				171	pool:
				172	network:
				173	engine: opencontrail
				174
				175	Kubernetes with Flannel
				176	-----------------------
				177
				178	On Master:
				179
				180	.. code-block:: yaml
				181
				182	kubernetes:
				183	master:
				184	network:
				185	engine: flannel
marco	a05621f	2016-07-14 10:35:24 +0200	[diff] [blame]	186	If you don't register master as node:
				187	etcd:
				188	members:
				189	- host: 10.0.175.101
				190	port: 4001
				191	- host: 10.0.175.102
				192	port: 4001
				193	- host: 10.0.175.103
				194	port: 4001
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	195	common:
				196	network:
				197	engine: flannel
				198
				199	On pools:
				200
				201	.. code-block:: yaml
				202
				203	kubernetes:
				204	pool:
				205	network:
				206	engine: flannel
marco	a05621f	2016-07-14 10:35:24 +0200	[diff] [blame]	207	etcd:
				208	members:
				209	- host: 10.0.175.101
				210	port: 4001
				211	- host: 10.0.175.102
				212	port: 4001
				213	- host: 10.0.175.103
				214	port: 4001
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	215	common:
				216	network:
				217	engine: flannel
				218
				219	Kubernetes with Calico
				220	-----------------------
				221
				222	On Master:
				223
				224	.. code-block:: yaml
				225
				226	kubernetes:
				227	master:
				228	network:
				229	engine: calico
marco	a05621f	2016-07-14 10:35:24 +0200	[diff] [blame]	230	If you don't register master as node:
				231	etcd:
				232	members:
				233	- host: 10.0.175.101
				234	port: 4001
				235	- host: 10.0.175.102
				236	port: 4001
				237	- host: 10.0.175.103
				238	port: 4001
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	239
				240	On pools:
				241
				242	.. code-block:: yaml
				243
				244	kubernetes:
				245	pool:
				246	network:
				247	engine: calico
marco	a05621f	2016-07-14 10:35:24 +0200	[diff] [blame]	248	etcd:
				249	members:
				250	- host: 10.0.175.101
				251	port: 4001
				252	- host: 10.0.175.102
				253	port: 4001
				254	- host: 10.0.175.103
				255	port: 4001
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	256
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	257	Kubernetes with GlusterFS for storage
				258	---------------------------------------------
				259
				260	.. code-block:: yaml
				261
				262	kubernetes:
				263	master
				264	...
				265	storage:
				266	engine: glusterfs
				267	port: 24007
				268	members:
				269	- host: 10.0.175.101
				270	port: 24007
				271	- host: 10.0.175.102
				272	port: 24007
				273	- host: 10.0.175.103
				274	port: 24007
				275	...
				276
marco	45fc1b7	2016-07-02 16:11:18 +0200	[diff] [blame]	277	Kubernetes namespaces
				278	---------------------
				279
				280	Create namespace:
				281
				282	.. code-block:: yaml
				283
				284	kubernetes:
				285	master
				286	...
				287	namespace:
				288	kube-system:
				289	enabled: True
				290	namespace2:
				291	enabled: True
				292	namespace3:
				293	enabled: False
				294	...
				295
				296	Kubernetes labels
				297	-----------------
				298
				299	Create namespace:
				300
				301	.. code-block:: yaml
				302
				303	kubernetes:
				304	pool
				305	...
				306	host:
				307	label:
				308	key01:
				309	value: value01
				310	enable: True
				311	key02:
				312	value: value02
				313	enable: False
				314	name: ${linux:system:name}
				315	...
				316
marco	f7efecb	2016-07-16 16:13:37 +0200	[diff] [blame]	317	Pull images from private registries
				318	-----------------------------------
				319
				320	.. code-block:: yaml
				321
				322	kubernetes:
				323	master
				324	...
				325	registry:
				326	secret:
				327	registry01:
				328	enabled: True
				329	key: (get from `cat /root/.docker/config.json \| base64`)
				330	namespace: default
				331	...
				332	control:
				333	...
				334	service:
				335	service01:
				336	...
				337	image_pull_secretes: registry01
				338	...
				339
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	340	Kubernetes Service Definitions in pillars
				341	==========================================
				342
				343	Following samples show how to generate kubernetes manifest as well and provide single tool for complete infrastructure management.
				344
				345	Deployment manifest
				346	---------------------
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	347
				348	.. code-block:: yaml
				349
				350	salt:
				351	control:
				352	enabled: True
				353	hostNetwork: True
				354	service:
				355	memcached:
				356	privileged: True
				357	service: memcached
				358	role: server
				359	type: LoadBalancer
				360	replicas: 3
				361	kind: Deployment
				362	apiVersion: extensions/v1beta1
				363	ports:
				364	- port: 8774
				365	name: nova-api
				366	- port: 8775
				367	name: nova-metadata
				368	volume:
				369	volume_name:
				370	type: hostPath
				371	mount: /certs
				372	path: /etc/certs
				373	container:
				374	memcached:
				375	image: memcached
				376	tag:2
				377	ports:
				378	- port: 8774
				379	name: nova-api
				380	- port: 8775
				381	name: nova-metadata
				382	variables:
				383	- name: HTTP_TLS_CERTIFICATE:
				384	value: /certs/domain.crt
				385	- name: HTTP_TLS_KEY
				386	value: /certs/domain.key
				387	volumes:
				388	- name: /etc/certs
				389	type: hostPath
				390	mount: /certs
				391	path: /etc/certs
				392
				393	Volumes
				394	-------
				395
				396	hostPath
Jakub Pavlik	495d06f	2016-06-17 11:33:05 +0200	[diff] [blame]	397	==========
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	398
				399	.. code-block:: yaml
				400
				401	container:
				402	memcached:
				403	...
				404	volumes:
				405	- name: /etc/certs
				406	mount: /certs
				407	type: hostPath
				408	path: /etc/certs
				409
				410	emptyDir
Ales Komarek	688a04c	2016-07-15 15:12:30 +0200	[diff] [blame]	411	========
marco	acdae7e	2015-12-02 15:35:37 +0100	[diff] [blame]	412
				413	.. code-block:: yaml
				414
				415	container:
				416	memcached:
				417	...
				418	volumes:
				419	- name: /etc/certs
				420	mount: /certs
				421	type: emptyDir