Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / kubernetes / 94c6946e65d9df8197c07d0b40f786e067095b5b / . / README.rst
blob: 393fe1ded6679847ef1da3bcd9b579655ef754ae [file] [log] [blame]
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]1
2==================
3Kubernetes Formula
4==================
5
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]6Kubernetes is an open-source system for automating deployment, scaling, and
7management of containerized applications. This formula deploys production
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +0200[diff] [blame]8ready Kubernetes and generate Kubernetes manifests as well.
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]9
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +0200[diff] [blame]10You can download `kubectl` configuration and connect to your cluster. However,
11keep in mind `kubernetes_control_address` needs to be accessible from your computer:
12
13.. code-block:: yaml
14
15 mkdir -p ~/.kube
16 [ -f ~/.kube/config ] && cp -v ~/.kube/config ~/.kube/config-backup
Tomáš Kukrál8ee2bc52017-07-31 17:51:20 +0200[diff] [blame]17 ssh cfg01 "sudo ssh ctl01 /etc/kubernetes/kubeconfig.sh" > ~/.kube/config
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +0200[diff] [blame]18 kubectl get no
19
20
21`cfg01` is Salt master node and `ctl01` is one of Kubernetes masters
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]22
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]23Sample Pillars
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]24==============
25
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100[diff] [blame]26**REQUIRED:** Define image to use for hyperkube, CNIs and calicoctl image
27
28.. code-block:: yaml
29
30 parameters:
31 kubernetes:
32 common:
33 hyperkube:
Tomáš Kukrála636f0e2017-03-21 11:09:55 +0100[diff] [blame]34 image: gcr.io/google_containers/hyperkube:v1.5.2
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100[diff] [blame]35 pool:
36 network:
37 calicoctl:
38 image: calico/ctl
39 cni:
40 image: calico/cni
41
Tomáš Kukrál25a64d72017-03-23 14:14:07 +0100[diff] [blame]42Enable helm-tiller addon
Tomáš Kukrál1b50f772017-03-23 12:51:32 +0100[diff] [blame]43
44.. code-block:: yaml
45
46 parameters:
47 kubernetes:
48 master:
49 addons:
50 helm:
51 enabled: true
52
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]53Enable calico-policy addon
54
55.. code-block:: yaml
56
57 parameters:
58 kubernetes:
59 master:
60 addons:
61 calico_policy:
62 enabled: true
63
Jakub Pavlikc1d11e52017-06-23 11:09:20 +0200[diff] [blame]64Enable virtlet addon
65
66.. code-block:: yaml
67
68 parameters:
69 kubernetes:
70 master:
71 addons:
72 virtlet:
73 enabled: true
74 namespace: kube-system
75 hosts:
76 - cmp01
77 - cmp02
78 image: mirantis/virtlet:latest
79
Tomáš Kukrál25a64d72017-03-23 14:14:07 +0100[diff] [blame]80Enable netchecker addon
81
82.. code-block:: yaml
83
84 parameters:
85 kubernetes:
86 master:
87 namespace:
88 netchecker:
89 enabled: true
90 addons:
91 netchecker:
92 enabled: true
Tomáš Kukrál1b50f772017-03-23 12:51:32 +0100[diff] [blame]93
Tomáš Kukrálf78baa62017-04-20 16:18:16 +0200[diff] [blame]94Configure service verbosity
95
96.. code-block:: yaml
97
98 parameters:
99 kubernetes:
100 master:
101 verbosity: 2
102 pool:
103 verbosity: 2
104
Matthew Mosesohn0f7bee42017-07-17 13:52:16 +0300[diff] [blame]105Set cluster domain
106
107.. code-block:: yaml
108
109 parameters:
110 kubernetes:
111 common:
112 kubernetes_cluster_domain: mycluster.domain
113
Tomáš Kukrálaff35262017-04-18 12:37:45 +0200[diff] [blame]114Enable autoscaler for dns addon. Poll period can be skipped.
115
116.. code-block:: yaml
117
118 kubernetes:
119 master:
120 addons:
121 dns:
122 domain: cluster.local
123 enabled: true
124 replicas: 1
125 server: 10.254.0.10
126 autoscaler:
127 enabled: true
128 poll-period-seconds: 60
129
130
Tomáš Kukrál6ef3f892017-02-15 12:02:22 +0100[diff] [blame]131Pass aditional parameters to daemons:
132
133.. code-block:: yaml
134
135 parameters:
136 kubernetes:
137 master:
138 apiserver:
139 daemon_opts:
140 storage-backend: pigeon
141 controller_manager:
142 daemon_opts:
143 log-dir: /dev/nulL
144 pool:
145 kubelet:
146 daemon_opts:
147 max-pods: "6"
148
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100[diff] [blame]149
Ales Komarek688a04c2016-07-15 15:12:30 +0200[diff] [blame]150Containers on pool definitions in pool.service.local
151
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]152.. code-block:: yaml
153
154 parameters:
155 kubernetes:
156 pool:
157 service:
158 local:
159 enabled: False
160 service: libvirt
161 cluster: openstack-compute
162 namespace: default
163 role: ${linux:system:name}
164 type: LoadBalancer
165 kind: Deployment
166 apiVersion: extensions/v1beta1
167 replicas: 1
168 host_pid: True
169 nodeSelector:
170 - key: openstack
171 value: ${linux:system:name}
172 hostNetwork: True
173 container:
174 libvirt-compute:
175 privileged: True
176 image: ${_param:docker_repository}/libvirt-compute
177 tag: ${_param:openstack_container_tag}
Ales Komarek688a04c2016-07-15 15:12:30 +0200[diff] [blame]178
179Master definition
180
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]181.. code-block:: yaml
182
183 kubernetes:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]184 master:
185 addons:
186 dns:
187 domain: cluster.local
188 enabled: true
189 replicas: 1
190 server: 10.254.0.10
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]191 admin:
192 password: password
193 username: admin
194 apiserver:
195 address: 10.0.175.100
Swann Croisetff97efc2017-02-23 13:32:33 +0100[diff] [blame]196 secure_port: 443
197 insecure_address: 127.0.0.1
198 insecure_port: 8080
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]199 ca: kubernetes
200 enabled: true
201 etcd:
202 host: 127.0.0.1
203 members:
204 - host: 10.0.175.100
205 name: node040
206 name: node040
207 token: ca939ec9c2a17b0786f6d411fe019e9b
208 kubelet:
209 allow_privileged: true
210 network:
211 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]212 mtu: 1500
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]213 hash: fb5e30ebe6154911a66ec3fb5f1195b2
214 private_ip_range: 10.150.0.0/16
215 version: v0.19.0
216 service_addresses: 10.254.0.0/16
217 storage:
218 engine: glusterfs
219 members:
220 - host: 10.0.175.101
221 port: 24007
222 - host: 10.0.175.102
223 port: 24007
224 - host: 10.0.175.103
225 port: 24007
226 port: 24007
227 token:
228 admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv
229 controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx
230 dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3
231 kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
232 kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
233 logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf
234 monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
235 scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk
236 version: v1.2.4
237
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]238
239 kubernetes:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]240 pool:
241 address: 0.0.0.0
242 allow_privileged: true
243 ca: kubernetes
244 cluster_dns: 10.254.0.10
245 cluster_domain: cluster.local
246 enabled: true
247 kubelet:
248 allow_privileged: true
249 config: /etc/kubernetes/manifests
250 frequency: 5s
251 master:
252 apiserver:
253 members:
254 - host: 10.0.175.100
255 etcd:
256 members:
257 - host: 10.0.175.100
258 host: 10.0.175.100
259 network:
260 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]261 mtu: 1500
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]262 hash: fb5e30ebe6154911a66ec3fb5f1195b2
263 version: v0.19.0
264 token:
265 kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
266 kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
267 version: v1.2.4
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]268
Tomáš Kukrálbc3623e2017-03-23 18:24:06 +0100[diff] [blame]269
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]270Kubernetes with OpenContrail network plugin
271------------------------------------------------
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]272
273On Master:
274
275.. code-block:: yaml
276
277 kubernetes:
278 master:
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200[diff] [blame]279 addons:
Matthew Mosesohn6f4f6c02017-07-03 16:58:50 +0300[diff] [blame]280 contrail_network_controller:
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200[diff] [blame]281 enabled: true
282 namespace: kube-system
Matthew Mosesohn6f4f6c02017-07-03 16:58:50 +0300[diff] [blame]283 image: yashulyak/contrail-controller:latest
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]284 network:
285 engine: opencontrail
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]286 default_domain: default-domain
287 default_project: default-domain:default-project
288 public_network: default-domain:default-project:Public
289 public_ip_range: 185.22.97.128/26
290 private_ip_range: 10.150.0.0/16
291 service_cluster_ip_range: 10.254.0.0/16
292 network_label: name
293 service_label: uses
294 cluster_service: kube-system/default
Tomáš Kukrál0eefee72017-07-18 13:17:27 +0200[diff] [blame]295 config:
296 api:
297 host: 10.0.170.70
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]298On pools:
299
300.. code-block:: yaml
301
302 kubernetes:
303 pool:
304 network:
305 engine: opencontrail
306
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200[diff] [blame]307
308Dashboard public IP must be configured when Contrail network is used:
309
310.. code-block:: yaml
311
312 kubernetes:
313 master:
314 addons:
315 public_ip: 1.1.1.1
316
Jakub Pavlik1cfc1fe2016-07-25 11:01:52 +0200[diff] [blame]317Kubernetes control plane running in systemd
318-------------------------------------------
319
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]320By default kube-apiserver, kube-scheduler, kube-controllermanager, kube-proxy, etcd running in docker containers through manifests. For stable production environment this should be run in systemd.
Jakub Pavlik1cfc1fe2016-07-25 11:01:52 +0200[diff] [blame]321
322.. code-block:: yaml
323
324 kubernetes:
325 master:
326 container: false
327
328 kubernetes:
329 pool:
330 container: false
331
marco055ff852016-07-27 15:22:33 +0200[diff] [blame]332Because k8s services run under kube user without root privileges, there is need to change secure port for apiserver.
333
334.. code-block:: yaml
335
336 kubernetes:
337 master:
338 apiserver:
339 secure_port: 8081
340
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]341Kubernetes with Flannel
342-----------------------
343
344On Master:
345
346.. code-block:: yaml
347
348 kubernetes:
349 master:
350 network:
351 engine: flannel
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]352 # If you don't register master as node:
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]353 etcd:
354 members:
355 - host: 10.0.175.101
356 port: 4001
357 - host: 10.0.175.102
358 port: 4001
359 - host: 10.0.175.103
360 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]361 common:
362 network:
363 engine: flannel
364
365On pools:
366
367.. code-block:: yaml
368
369 kubernetes:
370 pool:
371 network:
372 engine: flannel
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]373 etcd:
374 members:
375 - host: 10.0.175.101
376 port: 4001
377 - host: 10.0.175.102
378 port: 4001
379 - host: 10.0.175.103
380 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]381 common:
382 network:
383 engine: flannel
384
385Kubernetes with Calico
386-----------------------
387
388On Master:
389
390.. code-block:: yaml
391
392 kubernetes:
393 master:
394 network:
395 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]396 mtu: 1500
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]397 # If you don't register master as node:
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]398 etcd:
399 members:
400 - host: 10.0.175.101
401 port: 4001
402 - host: 10.0.175.102
403 port: 4001
404 - host: 10.0.175.103
405 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]406
407On pools:
408
409.. code-block:: yaml
410
411 kubernetes:
412 pool:
413 network:
414 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]415 mtu: 1500
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]416 etcd:
417 members:
418 - host: 10.0.175.101
419 port: 4001
420 - host: 10.0.175.102
421 port: 4001
422 - host: 10.0.175.103
423 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]424
Tomáš Kukrál34c59362017-03-01 14:00:37 +0100[diff] [blame]425Running with secured etcd:
426
427.. code-block:: yaml
428
429 kubernetes:
430 pool:
431 network:
432 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]433 mtu: 1500
Tomáš Kukrál34c59362017-03-01 14:00:37 +0100[diff] [blame]434 etcd:
435 ssl:
436 enabled: true
437 master:
438 network:
439 engine: calico
440 etcd:
441 ssl:
442 enabled: true
443
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]444Running with calico-policy controller:
445
446.. code-block:: yaml
447
448 kubernetes:
449 pool:
450 network:
451 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]452 mtu: 1500
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]453 addons:
454 calico_policy:
455 enabled: true
456
457 master:
458 network:
459 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]460 mtu: 1500
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]461 addons:
462 calico_policy:
463 enabled: true
464
465
466
Tomáš Kukrál7e91a942017-03-23 16:02:52 +0100[diff] [blame]467Enable Prometheus metrics in Felix
468
469.. code-block:: yaml
470
471 kubernetes:
472 pool:
473 network:
474 prometheus:
475 enabled: true
476 master:
477 network:
478 prometheus:
479 enabled: true
480
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]481Post deployment configuration
482
483.. code-block:: bash
Jakub Pavlik232833c2016-07-17 13:21:00 +0200[diff] [blame]484
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]485 # set ETCD
486 export ETCD_AUTHORITY=10.0.111.201:4001
487
488 # Set NAT for pods subnet
489 calicoctl pool add 192.168.0.0/16 --nat-outgoing
490
491 # Status commands
492 calicoctl status
493 calicoctl node show
494
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]495Kubernetes with GlusterFS for storage
496---------------------------------------------
497
498.. code-block:: yaml
499
500 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100[diff] [blame]501 master:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]502 ...
503 storage:
504 engine: glusterfs
505 port: 24007
506 members:
507 - host: 10.0.175.101
508 port: 24007
509 - host: 10.0.175.102
510 port: 24007
511 - host: 10.0.175.103
512 port: 24007
513 ...
514
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]515Kubernetes namespaces
516---------------------
517
518Create namespace:
519
520.. code-block:: yaml
521
522 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100[diff] [blame]523 master:
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]524 ...
525 namespace:
526 kube-system:
527 enabled: True
528 namespace2:
529 enabled: True
530 namespace3:
531 enabled: False
532 ...
533
534Kubernetes labels
535-----------------
536
Marek Celoud901020b2017-01-27 14:51:41 +0100[diff] [blame]537Label node:
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]538
539.. code-block:: yaml
540
Marek Celoud901020b2017-01-27 14:51:41 +0100[diff] [blame]541 kubernetes:
542 master:
543 label:
544 label01:
545 value: value01
546 node: node01
547 enabled: true
548 key: key01
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]549 ...
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]550
marcof7efecb2016-07-16 16:13:37 +0200[diff] [blame]551Pull images from private registries
552-----------------------------------
553
554.. code-block:: yaml
555
556 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100[diff] [blame]557 master:
marcof7efecb2016-07-16 16:13:37 +0200[diff] [blame]558 ...
559 registry:
560 secret:
561 registry01:
562 enabled: True
563 key: (get from `cat /root/.docker/config.json | base64`)
564 namespace: default
565 ...
566 control:
567 ...
568 service:
569 service01:
570 ...
571 image_pull_secretes: registry01
572 ...
573
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]574Kubernetes Service Definitions in pillars
575==========================================
576
577Following samples show how to generate kubernetes manifest as well and provide single tool for complete infrastructure management.
578
579Deployment manifest
580---------------------
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]581
582.. code-block:: yaml
583
584 salt:
585 control:
586 enabled: True
587 hostNetwork: True
588 service:
589 memcached:
590 privileged: True
591 service: memcached
592 role: server
593 type: LoadBalancer
594 replicas: 3
595 kind: Deployment
596 apiVersion: extensions/v1beta1
597 ports:
598 - port: 8774
599 name: nova-api
600 - port: 8775
601 name: nova-metadata
602 volume:
603 volume_name:
604 type: hostPath
605 mount: /certs
606 path: /etc/certs
607 container:
608 memcached:
609 image: memcached
610 tag:2
611 ports:
612 - port: 8774
613 name: nova-api
614 - port: 8775
615 name: nova-metadata
616 variables:
617 - name: HTTP_TLS_CERTIFICATE:
618 value: /certs/domain.crt
619 - name: HTTP_TLS_KEY
620 value: /certs/domain.key
621 volumes:
622 - name: /etc/certs
623 type: hostPath
624 mount: /certs
625 path: /etc/certs
626
marcobe30c8d2016-10-11 19:16:35 +0200[diff] [blame]627PetSet manifest
628---------------------
629
630.. code-block:: yaml
631
632 service:
633 memcached:
634 apiVersion: apps/v1alpha1
635 kind: PetSet
636 service_name: 'memcached'
637 container:
638 memcached:
639 ...
640
641
Filip Pytloun9a4a40f2016-09-22 16:28:19 +0200[diff] [blame]642Configmap
643---------
644
645You are able to create configmaps using support layer between formulas.
646It works simple, eg. in nova formula there's file ``meta/config.yml`` which
647defines config files used by that service and roles.
648
649Kubernetes formula is able to generate these files using custom pillar and
650grains structure. This way you are able to run docker images built by any way
651while still re-using your configuration management.
652
653Example pillar:
654
655.. code-block:: bash
656
657 kubernetes:
658 control:
Jakub Pavlika2779722016-11-25 15:35:26 +0100[diff] [blame]659 config_type: default|kubernetes # Output is yaml k8s or default single files
Filip Pytloun9a4a40f2016-09-22 16:28:19 +0200[diff] [blame]660 configmap:
661 nova-control:
662 grains:
663 # Alternate grains as OS running in container may differ from
664 # salt minion OS. Needed only if grains matters for config
665 # generation.
666 os_family: Debian
667 pillar:
668 # Generic pillar for nova controller
669 nova:
670 controller:
671 enabled: true
672 versionn: liberty
673 ...
674
675To tell which services supports config generation, you need to ensure pillar
676structure like this to determine support:
677
678.. code-block:: yaml
679
680 nova:
681 _support:
682 config:
683 enabled: true
684
marcod4d3dbd2016-09-27 11:36:40 +0200[diff] [blame]685initContainers
686--------------
687
688Example pillar:
689
690.. code-block:: bash
691
692 kubernetes:
693 control:
694 service:
695 memcached:
696 init_containers:
697 - name: test-mysql
698 image: busybox
699 command:
700 - sleep
701 - 3600
702 volumes:
703 - name: config
704 mount: /test
705 - name: test-memcached
706 image: busybox
707 command:
708 - sleep
709 - 3600
710 volumes:
711 - name: config
712 mount: /test
713
marcoee859d32016-11-07 11:04:57 +0100[diff] [blame]714Affinity
715--------
716
717podAffinity
718===========
719
720Example pillar:
721
722.. code-block:: bash
723
724 kubernetes:
725 control:
726 service:
727 memcached:
728 affinity:
729 pod_affinity:
730 name: podAffinity
731 expression:
732 label_selector:
733 name: labelSelector
734 selectors:
735 - key: app
736 value: memcached
737 topology_key: kubernetes.io/hostname
738
739podAntiAffinity
740===============
741
742Example pillar:
743
744.. code-block:: bash
745
746 kubernetes:
747 control:
748 service:
749 memcached:
750 affinity:
751 anti_affinity:
752 name: podAntiAffinity
753 expression:
754 label_selector:
755 name: labelSelector
756 selectors:
757 - key: app
758 value: opencontrail-control
759 topology_key: kubernetes.io/hostname
760
761nodeAffinity
762===============
763
764Example pillar:
765
766.. code-block:: bash
767
768 kubernetes:
769 control:
770 service:
771 memcached:
772 affinity:
773 node_affinity:
774 name: nodeAffinity
775 expression:
776 match_expressions:
777 name: matchExpressions
778 selectors:
779 - key: key
780 operator: In
781 values:
782 - value1
783 - value2
784
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]785Volumes
786-------
787
788hostPath
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]789==========
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]790
791.. code-block:: yaml
792
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]793 service:
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]794 memcached:
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]795 container:
796 memcached:
797 volumes:
798 - name: volume1
799 mountPath: /volume
800 readOnly: True
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]801 ...
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]802 volume:
803 volume1:
804 name: /etc/certs
805 type: hostPath
806 path: /etc/certs
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]807
808emptyDir
Ales Komarek688a04c2016-07-15 15:12:30 +0200[diff] [blame]809========
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]810
811.. code-block:: yaml
812
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]813 service:
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]814 memcached:
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]815 container:
816 memcached:
817 volumes:
818 - name: volume1
819 mountPath: /volume
820 readOnly: True
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]821 ...
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]822 volume:
823 volume1:
824 name: /etc/certs
825 type: emptyDir
826
827configMap
828=========
829
830.. code-block:: yaml
831
832 service:
833 memcached:
834 container:
835 memcached:
836 volumes:
837 - name: volume1
838 mountPath: /volume
839 readOnly: True
840 ...
841 volume:
842 volume1:
843 type: config_map
844 item:
845 configMap1:
846 key: config.conf
847 path: config.conf
848 configMap2:
849 key: policy.json
850 path: policy.json
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]851
marco0eda4fb2016-10-10 19:08:27 +0200[diff] [blame]852To mount single configuration file instead of whole directory:
853
854.. code-block:: yaml
855
856 service:
857 memcached:
858 container:
859 memcached:
860 volumes:
861 - name: volume1
862 mountPath: /volume/config.conf
863 sub_path: config.conf
864
marcofcc20d02016-10-10 09:56:12 +0200[diff] [blame]865Generating Jobs
866===============
867
868Example pillar:
869
870.. code-block:: yaml
871
872 kubernetes:
873 control:
874 job:
875 sleep:
876 job: sleep
877 restart_policy: Never
878 container:
879 sleep:
880 image: busybox
881 tag: latest
882 command:
883 - sleep
884 - "3600"
885
886Volumes and Variables can be used as the same way as during Deployment generation.
887
888Custom params:
889
890.. code-block:: yaml
891
892 kubernetes:
893 control:
894 job:
895 host_network: True
896 host_pid: True
897 container:
898 sleep:
899 privileged: True
900 node_selector:
901 key: node
902 value: one
903 image_pull_secretes: password
904
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]905
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]906More Information
907================
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]908
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]909* https://github.com/Juniper/kubernetes/blob
910/opencontrail-integration/docs /getting-started-guides/opencontrail.md
911* https://github.com/kubernetes/kubernetes/tree/master/cluster/saltbase
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]912
Filip Pytlound06f6272017-02-02 13:02:03 +0100[diff] [blame]913
914Documentation and Bugs
915======================
916
917To learn how to install and update salt-formulas, consult the documentation
918available online at:
919
920 http://salt-formulas.readthedocs.io/
921
922In the unfortunate event that bugs are discovered, they should be reported to
923the appropriate issue tracker. Use Github issue tracker for specific salt
924formula:
925
926 https://github.com/salt-formulas/salt-formula-kubernetes/issues
927
928For feature requests, bug reports or blueprints affecting entire ecosystem,
929use Launchpad salt-formulas project:
930
931 https://launchpad.net/salt-formulas
932
933You can also join salt-formulas-users team and subscribe to mailing list:
934
935 https://launchpad.net/~salt-formulas-users
936
937Developers wishing to work on the salt-formulas projects should always base
938their work on master branch and submit pull request against specific formula.
939
940 https://github.com/salt-formulas/salt-formula-kubernetes
941
942Any questions or feedback is always welcome so feel free to join our IRC
943channel:
944
945 #salt-formulas @ irc.freenode.net