Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / kubernetes / b453235d46a9f9b8f4838fd57dbf75907438385d / . / README.rst
blob: c1628519ea6dd7f80906c56140cfacdb78ee6207 [file] [log] [blame]
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]1
2==================
3Kubernetes Formula
4==================
5
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]6Kubernetes is an open-source system for automating deployment, scaling, and
7management of containerized applications. This formula deploys production
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +0200[diff] [blame]8ready Kubernetes and generate Kubernetes manifests as well.
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]9
Tomáš Kukrálf1fcc272017-06-15 10:14:16 +0200[diff] [blame]10You can download `kubectl` configuration and connect to your cluster. However,
11keep in mind `kubernetes_control_address` needs to be accessible from your computer:
12
13.. code-block:: yaml
14
15 mkdir -p ~/.kube
16 [ -f ~/.kube/config ] && cp -v ~/.kube/config ~/.kube/config-backup
17 ssh cfg01 "sudo ssh ctl01 /etc/kubenetes/kubeconfig.sh" > ~/.kube/config
18 kubectl get no
19
20
21`cfg01` is Salt master node and `ctl01` is one of Kubernetes masters
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]22
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]23Sample Pillars
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]24==============
25
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100[diff] [blame]26**REQUIRED:** Define image to use for hyperkube, CNIs and calicoctl image
27
28.. code-block:: yaml
29
30 parameters:
31 kubernetes:
32 common:
33 hyperkube:
Tomáš Kukrála636f0e2017-03-21 11:09:55 +0100[diff] [blame]34 image: gcr.io/google_containers/hyperkube:v1.5.2
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100[diff] [blame]35 pool:
36 network:
37 calicoctl:
38 image: calico/ctl
39 cni:
40 image: calico/cni
41
Tomáš Kukrál25a64d72017-03-23 14:14:07 +0100[diff] [blame]42Enable helm-tiller addon
Tomáš Kukrál1b50f772017-03-23 12:51:32 +0100[diff] [blame]43
44.. code-block:: yaml
45
46 parameters:
47 kubernetes:
48 master:
49 addons:
50 helm:
51 enabled: true
52
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]53Enable calico-policy addon
54
55.. code-block:: yaml
56
57 parameters:
58 kubernetes:
59 master:
60 addons:
61 calico_policy:
62 enabled: true
63
Tomáš Kukrál25a64d72017-03-23 14:14:07 +0100[diff] [blame]64Enable netchecker addon
65
66.. code-block:: yaml
67
68 parameters:
69 kubernetes:
70 master:
71 namespace:
72 netchecker:
73 enabled: true
74 addons:
75 netchecker:
76 enabled: true
Tomáš Kukrál1b50f772017-03-23 12:51:32 +0100[diff] [blame]77
Tomáš Kukrálf78baa62017-04-20 16:18:16 +0200[diff] [blame]78Configure service verbosity
79
80.. code-block:: yaml
81
82 parameters:
83 kubernetes:
84 master:
85 verbosity: 2
86 pool:
87 verbosity: 2
88
Tomáš Kukrálaff35262017-04-18 12:37:45 +0200[diff] [blame]89Enable autoscaler for dns addon. Poll period can be skipped.
90
91.. code-block:: yaml
92
93 kubernetes:
94 master:
95 addons:
96 dns:
97 domain: cluster.local
98 enabled: true
99 replicas: 1
100 server: 10.254.0.10
101 autoscaler:
102 enabled: true
103 poll-period-seconds: 60
104
105
Tomáš Kukrál6ef3f892017-02-15 12:02:22 +0100[diff] [blame]106Pass aditional parameters to daemons:
107
108.. code-block:: yaml
109
110 parameters:
111 kubernetes:
112 master:
113 apiserver:
114 daemon_opts:
115 storage-backend: pigeon
116 controller_manager:
117 daemon_opts:
118 log-dir: /dev/nulL
119 pool:
120 kubelet:
121 daemon_opts:
122 max-pods: "6"
123
Tomáš Kukrál189da4b2017-01-18 14:30:09 +0100[diff] [blame]124
Ales Komarek688a04c2016-07-15 15:12:30 +0200[diff] [blame]125Containers on pool definitions in pool.service.local
126
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]127.. code-block:: yaml
128
129 parameters:
130 kubernetes:
131 pool:
132 service:
133 local:
134 enabled: False
135 service: libvirt
136 cluster: openstack-compute
137 namespace: default
138 role: ${linux:system:name}
139 type: LoadBalancer
140 kind: Deployment
141 apiVersion: extensions/v1beta1
142 replicas: 1
143 host_pid: True
144 nodeSelector:
145 - key: openstack
146 value: ${linux:system:name}
147 hostNetwork: True
148 container:
149 libvirt-compute:
150 privileged: True
151 image: ${_param:docker_repository}/libvirt-compute
152 tag: ${_param:openstack_container_tag}
Ales Komarek688a04c2016-07-15 15:12:30 +0200[diff] [blame]153
154Master definition
155
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]156.. code-block:: yaml
157
158 kubernetes:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]159 master:
160 addons:
161 dns:
162 domain: cluster.local
163 enabled: true
164 replicas: 1
165 server: 10.254.0.10
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]166 admin:
167 password: password
168 username: admin
169 apiserver:
170 address: 10.0.175.100
Swann Croisetff97efc2017-02-23 13:32:33 +0100[diff] [blame]171 secure_port: 443
172 insecure_address: 127.0.0.1
173 insecure_port: 8080
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]174 ca: kubernetes
175 enabled: true
176 etcd:
177 host: 127.0.0.1
178 members:
179 - host: 10.0.175.100
180 name: node040
181 name: node040
182 token: ca939ec9c2a17b0786f6d411fe019e9b
183 kubelet:
184 allow_privileged: true
185 network:
186 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]187 mtu: 1500
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]188 hash: fb5e30ebe6154911a66ec3fb5f1195b2
189 private_ip_range: 10.150.0.0/16
190 version: v0.19.0
191 service_addresses: 10.254.0.0/16
192 storage:
193 engine: glusterfs
194 members:
195 - host: 10.0.175.101
196 port: 24007
197 - host: 10.0.175.102
198 port: 24007
199 - host: 10.0.175.103
200 port: 24007
201 port: 24007
202 token:
203 admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv
204 controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx
205 dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3
206 kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
207 kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
208 logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf
209 monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd
210 scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk
211 version: v1.2.4
212
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]213
214 kubernetes:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]215 pool:
216 address: 0.0.0.0
217 allow_privileged: true
218 ca: kubernetes
219 cluster_dns: 10.254.0.10
220 cluster_domain: cluster.local
221 enabled: true
222 kubelet:
223 allow_privileged: true
224 config: /etc/kubernetes/manifests
225 frequency: 5s
226 master:
227 apiserver:
228 members:
229 - host: 10.0.175.100
230 etcd:
231 members:
232 - host: 10.0.175.100
233 host: 10.0.175.100
234 network:
235 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]236 mtu: 1500
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]237 hash: fb5e30ebe6154911a66ec3fb5f1195b2
238 version: v0.19.0
239 token:
240 kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe
241 kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r
242 version: v1.2.4
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]243
Tomáš Kukrálbc3623e2017-03-23 18:24:06 +0100[diff] [blame]244
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]245Kubernetes with OpenContrail network plugin
246------------------------------------------------
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]247
248On Master:
249
250.. code-block:: yaml
251
252 kubernetes:
253 master:
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200[diff] [blame]254 addons:
255 kube_network_manager:
256 enabled: true
257 namespace: kube-system
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]258 network:
259 engine: opencontrail
260 host: 10.0.170.70
261 port: 8082
262 default_domain: default-domain
263 default_project: default-domain:default-project
264 public_network: default-domain:default-project:Public
265 public_ip_range: 185.22.97.128/26
266 private_ip_range: 10.150.0.0/16
267 service_cluster_ip_range: 10.254.0.0/16
268 network_label: name
269 service_label: uses
270 cluster_service: kube-system/default
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200[diff] [blame]271 image: yashulyak/contrail-controller:latest
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]272On pools:
273
274.. code-block:: yaml
275
276 kubernetes:
277 pool:
278 network:
279 engine: opencontrail
280
Tomáš Kukrál13b1edb2017-06-08 16:47:34 +0200[diff] [blame]281
282Dashboard public IP must be configured when Contrail network is used:
283
284.. code-block:: yaml
285
286 kubernetes:
287 master:
288 addons:
289 public_ip: 1.1.1.1
290
Jakub Pavlik1cfc1fe2016-07-25 11:01:52 +0200[diff] [blame]291Kubernetes control plane running in systemd
292-------------------------------------------
293
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]294By default kube-apiserver, kube-scheduler, kube-controllermanager, kube-proxy, etcd running in docker containers through manifests. For stable production environment this should be run in systemd.
Jakub Pavlik1cfc1fe2016-07-25 11:01:52 +0200[diff] [blame]295
296.. code-block:: yaml
297
298 kubernetes:
299 master:
300 container: false
301
302 kubernetes:
303 pool:
304 container: false
305
marco055ff852016-07-27 15:22:33 +0200[diff] [blame]306Because k8s services run under kube user without root privileges, there is need to change secure port for apiserver.
307
308.. code-block:: yaml
309
310 kubernetes:
311 master:
312 apiserver:
313 secure_port: 8081
314
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]315Kubernetes with Flannel
316-----------------------
317
318On Master:
319
320.. code-block:: yaml
321
322 kubernetes:
323 master:
324 network:
325 engine: flannel
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]326 # If you don't register master as node:
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]327 etcd:
328 members:
329 - host: 10.0.175.101
330 port: 4001
331 - host: 10.0.175.102
332 port: 4001
333 - host: 10.0.175.103
334 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]335 common:
336 network:
337 engine: flannel
338
339On pools:
340
341.. code-block:: yaml
342
343 kubernetes:
344 pool:
345 network:
346 engine: flannel
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]347 etcd:
348 members:
349 - host: 10.0.175.101
350 port: 4001
351 - host: 10.0.175.102
352 port: 4001
353 - host: 10.0.175.103
354 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]355 common:
356 network:
357 engine: flannel
358
359Kubernetes with Calico
360-----------------------
361
362On Master:
363
364.. code-block:: yaml
365
366 kubernetes:
367 master:
368 network:
369 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]370 mtu: 1500
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]371 # If you don't register master as node:
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]372 etcd:
373 members:
374 - host: 10.0.175.101
375 port: 4001
376 - host: 10.0.175.102
377 port: 4001
378 - host: 10.0.175.103
379 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]380
381On pools:
382
383.. code-block:: yaml
384
385 kubernetes:
386 pool:
387 network:
388 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]389 mtu: 1500
marcoa05621f2016-07-14 10:35:24 +0200[diff] [blame]390 etcd:
391 members:
392 - host: 10.0.175.101
393 port: 4001
394 - host: 10.0.175.102
395 port: 4001
396 - host: 10.0.175.103
397 port: 4001
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]398
Tomáš Kukrál34c59362017-03-01 14:00:37 +0100[diff] [blame]399Running with secured etcd:
400
401.. code-block:: yaml
402
403 kubernetes:
404 pool:
405 network:
406 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]407 mtu: 1500
Tomáš Kukrál34c59362017-03-01 14:00:37 +0100[diff] [blame]408 etcd:
409 ssl:
410 enabled: true
411 master:
412 network:
413 engine: calico
414 etcd:
415 ssl:
416 enabled: true
417
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]418Running with calico-policy controller:
419
420.. code-block:: yaml
421
422 kubernetes:
423 pool:
424 network:
425 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]426 mtu: 1500
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]427 addons:
428 calico_policy:
429 enabled: true
430
431 master:
432 network:
433 engine: calico
Matthew Mosesohn3d8c1112017-06-06 16:25:46 +0300[diff] [blame]434 mtu: 1500
Matthew Mosesohnbf9d3fb2017-05-17 16:17:02 +0300[diff] [blame]435 addons:
436 calico_policy:
437 enabled: true
438
439
440
Tomáš Kukrál7e91a942017-03-23 16:02:52 +0100[diff] [blame]441Enable Prometheus metrics in Felix
442
443.. code-block:: yaml
444
445 kubernetes:
446 pool:
447 network:
448 prometheus:
449 enabled: true
450 master:
451 network:
452 prometheus:
453 enabled: true
454
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]455Post deployment configuration
456
457.. code-block:: bash
Jakub Pavlik232833c2016-07-17 13:21:00 +0200[diff] [blame]458
Jakub Pavlik7e985322016-07-17 13:16:15 +0200[diff] [blame]459 # set ETCD
460 export ETCD_AUTHORITY=10.0.111.201:4001
461
462 # Set NAT for pods subnet
463 calicoctl pool add 192.168.0.0/16 --nat-outgoing
464
465 # Status commands
466 calicoctl status
467 calicoctl node show
468
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]469Kubernetes with GlusterFS for storage
470---------------------------------------------
471
472.. code-block:: yaml
473
474 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100[diff] [blame]475 master:
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]476 ...
477 storage:
478 engine: glusterfs
479 port: 24007
480 members:
481 - host: 10.0.175.101
482 port: 24007
483 - host: 10.0.175.102
484 port: 24007
485 - host: 10.0.175.103
486 port: 24007
487 ...
488
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]489Kubernetes namespaces
490---------------------
491
492Create namespace:
493
494.. code-block:: yaml
495
496 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100[diff] [blame]497 master:
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]498 ...
499 namespace:
500 kube-system:
501 enabled: True
502 namespace2:
503 enabled: True
504 namespace3:
505 enabled: False
506 ...
507
508Kubernetes labels
509-----------------
510
Marek Celoud901020b2017-01-27 14:51:41 +0100[diff] [blame]511Label node:
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]512
513.. code-block:: yaml
514
Marek Celoud901020b2017-01-27 14:51:41 +0100[diff] [blame]515 kubernetes:
516 master:
517 label:
518 label01:
519 value: value01
520 node: node01
521 enabled: true
522 key: key01
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]523 ...
marco45fc1b72016-07-02 16:11:18 +0200[diff] [blame]524
marcof7efecb2016-07-16 16:13:37 +0200[diff] [blame]525Pull images from private registries
526-----------------------------------
527
528.. code-block:: yaml
529
530 kubernetes:
Tomáš Kukrál4f0dae32017-03-21 19:04:19 +0100[diff] [blame]531 master:
marcof7efecb2016-07-16 16:13:37 +0200[diff] [blame]532 ...
533 registry:
534 secret:
535 registry01:
536 enabled: True
537 key: (get from `cat /root/.docker/config.json | base64`)
538 namespace: default
539 ...
540 control:
541 ...
542 service:
543 service01:
544 ...
545 image_pull_secretes: registry01
546 ...
547
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]548Kubernetes Service Definitions in pillars
549==========================================
550
551Following samples show how to generate kubernetes manifest as well and provide single tool for complete infrastructure management.
552
553Deployment manifest
554---------------------
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]555
556.. code-block:: yaml
557
558 salt:
559 control:
560 enabled: True
561 hostNetwork: True
562 service:
563 memcached:
564 privileged: True
565 service: memcached
566 role: server
567 type: LoadBalancer
568 replicas: 3
569 kind: Deployment
570 apiVersion: extensions/v1beta1
571 ports:
572 - port: 8774
573 name: nova-api
574 - port: 8775
575 name: nova-metadata
576 volume:
577 volume_name:
578 type: hostPath
579 mount: /certs
580 path: /etc/certs
581 container:
582 memcached:
583 image: memcached
584 tag:2
585 ports:
586 - port: 8774
587 name: nova-api
588 - port: 8775
589 name: nova-metadata
590 variables:
591 - name: HTTP_TLS_CERTIFICATE:
592 value: /certs/domain.crt
593 - name: HTTP_TLS_KEY
594 value: /certs/domain.key
595 volumes:
596 - name: /etc/certs
597 type: hostPath
598 mount: /certs
599 path: /etc/certs
600
marcobe30c8d2016-10-11 19:16:35 +0200[diff] [blame]601PetSet manifest
602---------------------
603
604.. code-block:: yaml
605
606 service:
607 memcached:
608 apiVersion: apps/v1alpha1
609 kind: PetSet
610 service_name: 'memcached'
611 container:
612 memcached:
613 ...
614
615
Filip Pytloun9a4a40f2016-09-22 16:28:19 +0200[diff] [blame]616Configmap
617---------
618
619You are able to create configmaps using support layer between formulas.
620It works simple, eg. in nova formula there's file ``meta/config.yml`` which
621defines config files used by that service and roles.
622
623Kubernetes formula is able to generate these files using custom pillar and
624grains structure. This way you are able to run docker images built by any way
625while still re-using your configuration management.
626
627Example pillar:
628
629.. code-block:: bash
630
631 kubernetes:
632 control:
Jakub Pavlika2779722016-11-25 15:35:26 +0100[diff] [blame]633 config_type: default|kubernetes # Output is yaml k8s or default single files
Filip Pytloun9a4a40f2016-09-22 16:28:19 +0200[diff] [blame]634 configmap:
635 nova-control:
636 grains:
637 # Alternate grains as OS running in container may differ from
638 # salt minion OS. Needed only if grains matters for config
639 # generation.
640 os_family: Debian
641 pillar:
642 # Generic pillar for nova controller
643 nova:
644 controller:
645 enabled: true
646 versionn: liberty
647 ...
648
649To tell which services supports config generation, you need to ensure pillar
650structure like this to determine support:
651
652.. code-block:: yaml
653
654 nova:
655 _support:
656 config:
657 enabled: true
658
marcod4d3dbd2016-09-27 11:36:40 +0200[diff] [blame]659initContainers
660--------------
661
662Example pillar:
663
664.. code-block:: bash
665
666 kubernetes:
667 control:
668 service:
669 memcached:
670 init_containers:
671 - name: test-mysql
672 image: busybox
673 command:
674 - sleep
675 - 3600
676 volumes:
677 - name: config
678 mount: /test
679 - name: test-memcached
680 image: busybox
681 command:
682 - sleep
683 - 3600
684 volumes:
685 - name: config
686 mount: /test
687
marcoee859d32016-11-07 11:04:57 +0100[diff] [blame]688Affinity
689--------
690
691podAffinity
692===========
693
694Example pillar:
695
696.. code-block:: bash
697
698 kubernetes:
699 control:
700 service:
701 memcached:
702 affinity:
703 pod_affinity:
704 name: podAffinity
705 expression:
706 label_selector:
707 name: labelSelector
708 selectors:
709 - key: app
710 value: memcached
711 topology_key: kubernetes.io/hostname
712
713podAntiAffinity
714===============
715
716Example pillar:
717
718.. code-block:: bash
719
720 kubernetes:
721 control:
722 service:
723 memcached:
724 affinity:
725 anti_affinity:
726 name: podAntiAffinity
727 expression:
728 label_selector:
729 name: labelSelector
730 selectors:
731 - key: app
732 value: opencontrail-control
733 topology_key: kubernetes.io/hostname
734
735nodeAffinity
736===============
737
738Example pillar:
739
740.. code-block:: bash
741
742 kubernetes:
743 control:
744 service:
745 memcached:
746 affinity:
747 node_affinity:
748 name: nodeAffinity
749 expression:
750 match_expressions:
751 name: matchExpressions
752 selectors:
753 - key: key
754 operator: In
755 values:
756 - value1
757 - value2
758
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]759Volumes
760-------
761
762hostPath
Jakub Pavlik495d06f2016-06-17 11:33:05 +0200[diff] [blame]763==========
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]764
765.. code-block:: yaml
766
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]767 service:
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]768 memcached:
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]769 container:
770 memcached:
771 volumes:
772 - name: volume1
773 mountPath: /volume
774 readOnly: True
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]775 ...
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]776 volume:
777 volume1:
778 name: /etc/certs
779 type: hostPath
780 path: /etc/certs
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]781
782emptyDir
Ales Komarek688a04c2016-07-15 15:12:30 +0200[diff] [blame]783========
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]784
785.. code-block:: yaml
786
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]787 service:
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]788 memcached:
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]789 container:
790 memcached:
791 volumes:
792 - name: volume1
793 mountPath: /volume
794 readOnly: True
marcoacdae7e2015-12-02 15:35:37 +0100[diff] [blame]795 ...
marcob469f882016-09-27 09:56:13 +0200[diff] [blame]796 volume:
797 volume1:
798 name: /etc/certs
799 type: emptyDir
800
801configMap
802=========
803
804.. code-block:: yaml
805
806 service:
807 memcached:
808 container:
809 memcached:
810 volumes:
811 - name: volume1
812 mountPath: /volume
813 readOnly: True
814 ...
815 volume:
816 volume1:
817 type: config_map
818 item:
819 configMap1:
820 key: config.conf
821 path: config.conf
822 configMap2:
823 key: policy.json
824 path: policy.json
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]825
marco0eda4fb2016-10-10 19:08:27 +0200[diff] [blame]826To mount single configuration file instead of whole directory:
827
828.. code-block:: yaml
829
830 service:
831 memcached:
832 container:
833 memcached:
834 volumes:
835 - name: volume1
836 mountPath: /volume/config.conf
837 sub_path: config.conf
838
marcofcc20d02016-10-10 09:56:12 +0200[diff] [blame]839Generating Jobs
840===============
841
842Example pillar:
843
844.. code-block:: yaml
845
846 kubernetes:
847 control:
848 job:
849 sleep:
850 job: sleep
851 restart_policy: Never
852 container:
853 sleep:
854 image: busybox
855 tag: latest
856 command:
857 - sleep
858 - "3600"
859
860Volumes and Variables can be used as the same way as during Deployment generation.
861
862Custom params:
863
864.. code-block:: yaml
865
866 kubernetes:
867 control:
868 job:
869 host_network: True
870 host_pid: True
871 container:
872 sleep:
873 privileged: True
874 node_selector:
875 key: node
876 value: one
877 image_pull_secretes: password
878
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]879
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]880More Information
881================
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]882
Ales Komarek9db8af42017-06-08 11:08:05 +0200[diff] [blame]883* https://github.com/Juniper/kubernetes/blob
884/opencontrail-integration/docs /getting-started-guides/opencontrail.md
885* https://github.com/kubernetes/kubernetes/tree/master/cluster/saltbase
Jakub Pavlik27ad3a62016-08-05 11:39:45 +0200[diff] [blame]886
Filip Pytlound06f6272017-02-02 13:02:03 +0100[diff] [blame]887
888Documentation and Bugs
889======================
890
891To learn how to install and update salt-formulas, consult the documentation
892available online at:
893
894 http://salt-formulas.readthedocs.io/
895
896In the unfortunate event that bugs are discovered, they should be reported to
897the appropriate issue tracker. Use Github issue tracker for specific salt
898formula:
899
900 https://github.com/salt-formulas/salt-formula-kubernetes/issues
901
902For feature requests, bug reports or blueprints affecting entire ecosystem,
903use Launchpad salt-formulas project:
904
905 https://launchpad.net/salt-formulas
906
907You can also join salt-formulas-users team and subscribe to mailing list:
908
909 https://launchpad.net/~salt-formulas-users
910
911Developers wishing to work on the salt-formulas projects should always base
912their work on master branch and submit pull request against specific formula.
913
914 https://github.com/salt-formulas/salt-formula-kubernetes
915
916Any questions or feedback is always welcome so feel free to join our IRC
917channel:
918
919 #salt-formulas @ irc.freenode.net