Update virtual-mcp11-k8s-contrail
- Updated k8s part
- Minor updates for contrail part
Change-Id: Iad8cd491dcb33bd1fc03d05389ed0d3a848ef600
Related-PROD: PROD-18983
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/.env b/classes/cluster/virtual-mcp11-k8s-contrail/.env
index e5922db..49c1ca4 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/.env
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/.env
@@ -1 +1 @@
-EXTRA_FORMULAS="heka"
+EXTRA_FORMULAS="fluentd grafana heka nginx ntp prometheus rsyslog sphinx telegraf"
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml b/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml
index 422adc9..717aa88 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/infra/config.yml
@@ -1,18 +1,21 @@
classes:
+- system.linux.system.single
+- system.linux.system.single.debian
+- system.linux.system.repo.mcp.salt
- system.linux.system.repo.mcp.apt_mirantis.ubuntu
- system.linux.system.repo.mcp.apt_mirantis.saltstack_2016_3
-- system.linux.system.repo.mcp.salt
- system.openssh.client.lab
- system.salt.master.pkg
-- system.salt.minion.ca.salt_master
- system.salt.master.api
+- system.salt.minion.ca.salt_master
- system.salt.minion.cert.k8s_server
- system.mysql.client
- system.mysql.client.database.grafana
- system.reclass.storage.salt
- system.reclass.storage.system.kubernetes_control_cluster
- system.reclass.storage.system.opencontrail_control_cluster
-- cluster.virtual-mcp11-k8s-contrail.infra
+- system.sphinx.server.doc.reclass
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
salt_master_base_environment: prd
@@ -20,10 +23,16 @@
reclass_data_revision: master
reclass_config_master: ${_param:infra_config_deploy_address}
single_address: ${_param:infra_config_address}
+ deploy_address: ${_param:infra_config_deploy_address}
linux_system_codename: xenial
salt_api_password_hash: "$6$WV0P1shnoDh2gI/Z$22/Bcd7ffMv0jDlFpT63cAU4PiXHz9pjXwngToKwqAsgoeK4HNR3PiKaushjxp3JsQ8hNoJmAC6TxzVqfV8WH/"
salt_master_host: ${_param:infra_config_deploy_address}
openstack_version: pike
+ salt:
+ master:
+ reactor:
+ reclass/minion/classify:
+ - salt://reclass/reactor/node_register.sls
linux:
network:
interface:
@@ -33,11 +42,15 @@
proto: static
address: ${_param:single_address}
netmask: 255.255.255.0
- salt:
- master:
- reactor:
- reclass/minion/classify:
- - salt://reclass/reactor/node_register.sls
+ pre_up_cmds:
+ - "iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE"
+ post_down_cmds:
+ - "iptables -t nat -F POSTROUTING"
+ system:
+ kernel:
+ sysctl:
+ net.ipv4.conf.ens3.forwarding: 1
+ net.ipv4.conf.ens3.send_redirects: 0
reclass:
storage:
class_mapping:
@@ -50,6 +63,8 @@
value_template: <<node_os>>
salt_master_host:
value_template: <<node_master_ip>>
+ deploy_address:
+ value_template: <<node_deploy_ip>>
infra_config:
expression: <<node_hostname>>__equals__cfg01
cluster_param:
@@ -57,6 +72,8 @@
value_template: <<node_control_ip>>
infra_config_deploy_address:
value_template: <<node_deploy_ip>>
+ cluster_domain:
+ value_template: <<node_domain>>
infra_proxy:
expression: <<node_hostname>>__startswith__prx
node_class:
@@ -67,16 +84,37 @@
cluster_param:
kubernetes_control_node01_address:
value_template: <<node_control_ip>>
+ kubernetes_control_node01_deploy_address:
+ value_template: <<node_deploy_ip>>
kubernetes_control02:
expression: <<node_hostname>>__equals__ctl02
cluster_param:
kubernetes_control_node02_address:
value_template: <<node_control_ip>>
+ kubernetes_control_node02_deploy_address:
+ value_template: <<node_deploy_ip>>
kubernetes_control03:
expression: <<node_hostname>>__equals__ctl03
cluster_param:
kubernetes_control_node03_address:
value_template: <<node_control_ip>>
+ kubernetes_control_node03_deploy_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control01:
+ expression: <<node_hostname>>__equals__ctl01
+ cluster_param:
+ etcd_control_node01_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control02:
+ expression: <<node_hostname>>__equals__ctl02
+ cluster_param:
+ etcd_control_node02_address:
+ value_template: <<node_deploy_ip>>
+ etcd_control03:
+ expression: <<node_hostname>>__equals__ctl03
+ cluster_param:
+ etcd_control_node03_address:
+ value_template: <<node_deploy_ip>>
kubernetes_compute:
expression: <<node_hostname>>__startswith__cmp
node_class:
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
index b5a73b2..9b30986 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/infra/init.yml
@@ -1,31 +1,10 @@
-classes:
-- system.linux.system.single
-- system.linux.system.single.debian
-- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.mcp.salt
-- system.linux.system.repo.mcp.apt_mirantis.ubuntu
-- system.linux.system.repo.mcp.apt_mirantis.fluentd
-- system.linux.system.repo.mcp.apt_mirantis.openstack
-- system.openssh.server.team.all
-- system.rsyslog.client.single
-- system.fluentd
-- system.fluentd.label.default_metric
-- system.fluentd.label.default_metric.prometheus
-- system.fluentd.label.default_output.elasticsearch
-- system.fluentd.label.default_output.drop_event
-- system.telegraf.agent
-- system.prometheus.collector
-- service.grafana.collector
-- cluster.virtual-mcp11-k8s-contrail.kubernetes
-- cluster.virtual-mcp11-k8s-contrail.opencontrail
-- cluster.virtual-mcp11-k8s-contrail.stacklight
-- cluster.overrides
parameters:
_param:
# infra service addresses
infra_config_hostname: cfg01
infra_config_address: 172.16.10.100
infra_config_deploy_address: 192.168.10.90
+ cluster_public_host: 172.16.10.254
cluster_domain: virtual-mcp11-k8s-contrail.local
cluster_name: virtual-mcp11-k8s-contrail
@@ -33,6 +12,11 @@
linux:
network:
host:
+ self:
+ address: ${_param:single_address}
+ names:
+ - ${linux:system:name}
+ - ${linux:system:name}.${linux:system:domain}
cfg01:
address: ${_param:infra_config_address}
names:
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/init.yml
new file mode 100644
index 0000000..3577228
--- /dev/null
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/init.yml
@@ -0,0 +1,38 @@
+classes:
+- service.grafana.collector
+- system.linux.network.dynamic_hosts
+- system.linux.system.single
+- system.linux.system.single.debian
+- system.linux.system.repo.mcp.extra
+- system.linux.system.repo.mcp.apt_mirantis.fluentd
+- system.linux.system.repo.mcp.apt_mirantis.openstack
+- system.fluentd
+- system.fluentd.label.default_metric
+- system.fluentd.label.default_metric.prometheus
+- system.fluentd.label.default_output.elasticsearch
+- system.fluentd.label.default_output.drop_event
+- system.openssh.server.team.lab
+- system.openssh.server.team.tcpcloud
+- system.openssh.server.team.mcp_qa
+- system.openssh.server.team.k8s_team
+- system.rsyslog.client.single
+- system.prometheus.collector
+- system.telegraf.agent
+- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail.opencontrail
+- cluster.virtual-mcp11-k8s-contrail.kubernetes
+- cluster.virtual-mcp11-k8s-contrail.stacklight
+- cluster.overrides
+parameters:
+ salt:
+ minion:
+ trusted_ca_minions:
+ - cfg01
+ linux:
+ network:
+ host:
+ vsrx1:
+ address: 172.16.10.131
+ names:
+ - vsrx1
+ - vsrx1.${_param:cluster_domain}
\ No newline at end of file
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml
index f8f568b..3f1d2c3 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/compute.yml
@@ -1,11 +1,11 @@
classes:
- system.linux.system.repo.docker_legacy
- system.kubernetes.pool.cluster
+- system.linux.network.hosts
- system.salt.minion.cert.k8s_client
- system.salt.minion.cert.etcd_client
-- cluster.virtual-mcp11-k8s-contrail.infra
- cluster.virtual-mcp11-k8s-contrail.opencontrail.compute
-- cluster.overrides
+- cluster.virtual-mcp11-k8s-contrail
parameters:
linux:
network:
@@ -14,6 +14,7 @@
enabled: true
type: eth
proto: manual
+ ipflush_onchange: true
vhost0:
enabled: true
type: eth
@@ -34,6 +35,7 @@
kubernetes:
pool:
kubelet:
+ address: ${_param:single_address}
fail_on_swap: ${_param:kubelet_fail_on_swap}
network:
opencontrail:
@@ -46,12 +48,11 @@
addons:
virtlet:
enabled: ${_param:kubernetes_virtlet_enabled}
- namespace: kube-system
+ namespace: ${_param:kubernetes_addon_namespace}
image: ${_param:kubernetes_virtlet_image}
criproxy_version: ${_param:kubernetes_criproxy_version}
criproxy_source: ${_param:kubernetes_criproxy_checksum}
hosts:
- - ${_param:kubernetes_compute_node01_hostname}
- - ${_param:kubernetes_compute_node02_hostname}
+ - ${linux:system:name}
hyperkube:
image: ${_param:kubernetes_hyperkube_image}
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml
index ddfd347..552047c 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/control.yml
@@ -7,13 +7,16 @@
- system.salt.minion.cert.etcd_server
- system.kubernetes.master.cluster
- cluster.virtual-mcp11-k8s-contrail.kubernetes.compute
-- cluster.overrides
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
- keepalived_vip_interface: ens3
+ keepalived_vip_interface: vhost0
keepalived_vip_virtual_router_id: 60
+ cluster_local_address: ${_param:deploy_address}
etcd:
server:
+ bind:
+ host: ${_param:deploy_address}
source:
engine: docker_hybrid
ssl:
@@ -22,7 +25,8 @@
common:
addons:
dashboard:
- enabled: false
+ enabled: ${_param:kubernetes_dashboard}
+ image: ${_param:kubernetes_dashboard_image}
helm:
enabled: ${_param:kubernetes_helm_enabled}
netchecker:
@@ -30,9 +34,16 @@
agent_image: ${_param:kubernetes_netchecker_agent_image}
server_image: ${_param:kubernetes_netchecker_server_image}
contrail_network_controller:
- namespace: kube-system
- enabled: true
+ namespace: ${_param:kubernetes_addon_namespace}
+ enabled: ${_param:kubernetes_contrail_network_controller}
image: ${_param:kubernetes_contrail_network_controller_image}
+ dns:
+ enabled: ${_param:kubernetes_dns}
+ kubedns_image: ${_param:kubernetes_kubedns_image}
+ dnsmasq_image: ${_param:kubernetes_dnsmasq_image}
+ sidecar_image: ${_param:kubernetes_sidecar_image}
+ autoscaler:
+ image: ${_param:kubernetes_dns_autoscaler_image}
coredns:
enabled: ${_param:kubernetes_coredns_enabled}
externaldns:
@@ -41,15 +52,13 @@
provider: ${_param:kubernetes_externaldns_provider}
master:
kubelet:
+ address: ${_param:single_address}
fail_on_swap: ${_param:kubelet_fail_on_swap}
etcd:
ssl:
enabled: true
namespace:
netchecker:
- enabled: true
- namespace:
- netchecker:
enabled: ${_param:kubernetes_netchecker_enabled}
network:
opencontrail:
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
index adfdfff..33bf3dd 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/kubernetes/init.yml
@@ -2,7 +2,6 @@
parameters:
_param:
openstack_version: pike
-
salt_minion_ca_host: ${_param:infra_config_hostname}.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
@@ -27,27 +26,36 @@
kubernetes_opencontrail_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/contrail-integration/contrail-cni:v1.0.0
kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
- kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:v1.1.0
- kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:v1.1.0
- kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
- kubernetes_externaldns_image: mirantis/external-dns:latest
- kubernetes_externaldns_provider: coredns
kubernetes_criproxy_version: v0.10.0
kubernetes_criproxy_checksum: md5=52717b1f70f15558ef4bdb0e4d4948da
+ kubernetes_dashboard_image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.5.1
+ kubernetes_kubedns_image: gcr.io/google_containers/k8s-dns-kube-dns-amd64:1.14.5
+ kubernetes_dnsmasq_image: gcr.io/google_containers/k8s-dns-dnsmasq-amd64:1.14.5
+ kubernetes_sidecar_image: gcr.io/google_containers/k8s-dns-sidecar-amd64:1.14.5
+ kubernetes_dns_autoscaler_image: gcr.io/google_containers/cluster-proportional-autoscaler-amd64:1.0.0
+ kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
+ kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
+ kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
+ kubernetes_virtlet_image: mirantis/virtlet:v0.9.4
+ kubernetes_externaldns_image: mirantis/external-dns:latest
+ kubernetes_externaldns_provider: coredns
# switches of addons
+ kubernetes_addon_namespace: kube-system
+ kubernetes_dns: true
+ kubernetes_dashboard: false
kubernetes_helm_enabled: true
kubernetes_netchecker_enabled: true
kubernetes_calico_policy_enabled: false
kubernetes_virtlet_enabled: false
- kubernetes_virtlet_image: mirantis/virtlet:latest
+ kubernetes_contrail_network_controller: true
kubernetes_coredns_enabled: false
kubernetes_externaldns_enabled: false
# addresses and hostnames
kubernetes_internal_api_address: 10.254.0.1
kubernetes_control_hostname: ctl
- kubernetes_control_address: 192.168.10.253
+ kubernetes_control_address: 172.16.10.253
kubernetes_control_node01_hostname: ctl01
kubernetes_control_node02_hostname: ctl02
kubernetes_control_node03_hostname: ctl03
@@ -56,28 +64,32 @@
kubernetes_control_node01_address: 172.16.10.101
kubernetes_control_node02_address: 172.16.10.102
kubernetes_control_node03_address: 172.16.10.103
+ kubernetes_control_node01_deploy_address: 192.168.10.101
+ kubernetes_control_node02_deploy_address: 192.168.10.102
+ kubernetes_control_node03_deploy_address: 192.168.10.103
kubernetes_compute_node01_address: 172.16.10.105
kubernetes_compute_node02_address: 172.16.10.106
+ etcd_control_node01_address: 192.168.10.101
+ etcd_control_node02_address: 192.168.10.102
+ etcd_control_node03_address: 192.168.10.103
kubernetes_proxy_node01_hostname: prx01
kubernetes_proxy_node01_address: 172.16.10.121
cluster_vip_address: ${_param:kubernetes_control_address}
- cluster_local_address: ${_param:single_address}
# etcd stuff
cluster_node01_hostname: ${_param:kubernetes_control_node01_hostname}
- cluster_node01_address: ${_param:kubernetes_control_node01_address}
+ cluster_node01_address: ${_param:etcd_control_node01_address}
cluster_node01_port: 4001
cluster_node02_hostname: ${_param:kubernetes_control_node02_hostname}
- cluster_node02_address: ${_param:kubernetes_control_node02_address}
+ cluster_node02_address: ${_param:etcd_control_node02_address}
cluster_node02_port: 4001
cluster_node03_hostname: ${_param:kubernetes_control_node03_hostname}
- cluster_node03_address: ${_param:kubernetes_control_node03_address}
+ cluster_node03_address: ${_param:etcd_control_node03_address}
cluster_node03_port: 4001
linux:
network:
- purge_hosts: true
host:
ctl:
address: ${_param:kubernetes_control_address}
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml
index d3dde42..0945af2 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/control.yml
@@ -1,10 +1,10 @@
classes:
- system.linux.system.lowmem
-- system.linux.system.repo.cassandra
- system.linux.system.repo.mcp.contrail
- system.linux.system.repo.mcp.openstack
- system.linux.system.repo.mcp.extra
-- system.linux.system.repo.saltstack.trusty
+- system.linux.system.repo.mcp.apt_mirantis.cassandra
+- system.linux.system.repo.mcp.apt_mirantis.saltstack_2016_3
- system.opencontrail.client.resource.edge_router
- system.rabbitmq.server.cluster
- system.opencontrail.control.cluster
@@ -13,9 +13,10 @@
- system.opencontrail.client.resource.config_node
- system.opencontrail.client.resource.database_node
- system.opencontrail.client.resource.analytics_node
+- system.opencontrail.client.resource.global_vrouter_config
- system.haproxy.proxy.listen.opencontrail.analytics
- system.prometheus.exporters.jmx
-- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
openstack_version: mitaka
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml
index ad264cb..3ad59f2 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/opencontrail/init.yml
@@ -1,6 +1,7 @@
parameters:
_param:
opencontrail_version: 3.0
+ linux_repo_contrail_component: oc323
opencontrail_control_hostname: ntw
opencontrail_control_node01_hostname: ntw01
opencontrail_control_node02_hostname: ntw02
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml
index 52b8fbf..5bea43d 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/proxy.yml
@@ -5,7 +5,7 @@
- system.nginx.server.proxy.monitoring.prometheus_server
- system.nginx.server.proxy.monitoring.prometheus_alertmanager
- system.salt.minion.cert.proxy
-- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
nginx_proxy_grafana_port: 15013
diff --git a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
index 603d3c7..2c33d30 100644
--- a/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
+++ b/classes/cluster/virtual-mcp11-k8s-contrail/stacklight/server.yml
@@ -26,7 +26,7 @@
- system.prometheus.server.target.dns
- system.docker.swarm.stack.monitoring.prometheus_global
- system.docker.swarm.stack.dashboard
-- cluster.virtual-mcp11-k8s-contrail.infra
+- cluster.virtual-mcp11-k8s-contrail
parameters:
_param:
cluster_public_host: mon