Sync sl-k8s-calico model with virtual-mcp11-k8s-calico
Change-Id: Ie3ac2560746f33a6d02a44baeaa8175dadff25b7
diff --git a/classes/cluster/sl-k8s-calico/kubernetes/compute.yml b/classes/cluster/sl-k8s-calico/kubernetes/compute.yml
index ac2f555..3522796 100644
--- a/classes/cluster/sl-k8s-calico/kubernetes/compute.yml
+++ b/classes/cluster/sl-k8s-calico/kubernetes/compute.yml
@@ -1,33 +1,43 @@
classes:
-- system.linux.system.repo.docker_legacy
+- system.linux.system.repo.mcp.apt_mirantis.docker_legacy
- system.kubernetes.pool.cluster
-- system.linux.network.hosts
- system.salt.minion.cert.k8s_client
- system.salt.minion.cert.etcd_client
- cluster.sl-k8s-calico
parameters:
- _param:
- kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
- kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
- kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
- kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
docker:
host:
pkgs:
- - docker-engine=1.12.6-0~ubuntu-xenial
+ - ${_param:kubernetes_docker_package}
- python-docker
+ options:
+ bip: 172.31.255.1/24
+ storage-driver: overlay2
kubernetes:
pool:
+ kubelet:
+ fail_on_swap: ${_param:kubelet_fail_on_swap}
network:
calico:
enabled: true
image: ${_param:kubernetes_calico_image}
calicoctl_image: ${_param:kubernetes_calico_calicoctl_image}
cni_image: ${_param:kubernetes_calico_cni_image}
+ mtu: ${_param:kubernetes_mtu}
etcd:
ssl:
enabled: true
common:
+ addons:
+ virtlet:
+ enabled: ${_param:kubernetes_virtlet_enabled}
+ namespace: kube-system
+ image: ${_param:kubernetes_virtlet_image}
+ criproxy_version: ${_param:kubernetes_criproxy_version}
+ criproxy_source: ${_param:kubernetes_criproxy_checksum}
+ hosts:
+ - ${_param:kubernetes_compute_node01_hostname}
+ - ${_param:kubernetes_compute_node02_hostname}
hyperkube:
image: ${_param:kubernetes_hyperkube_image}
linux:
@@ -37,15 +47,23 @@
- 10.254.0.10
- 172.18.176.4
- 172.18.176.7
- domain: virtual-mcp11-k8s-calico.local
- options:
- - ndots:5
- - timeout:2
- - attempts:2
interface:
- primary_interface:
+ ens3:
+ enabled: true
+ type: eth
+ proto: static
+ name: ${_param:primary_interface}
+ address: ${_param:deploy_address}
+ netmask: 255.255.255.0
+ gateway: 192.168.10.1
route:
kubernetes_services:
address: 10.254.0.0
netmask: 255.255.0.0
- gateway: ${_param:single_address}
+ gateway: ${_param:deploy_address}
+ ens4:
+ enabled: true
+ type: eth
+ proto: static
+ address: ${_param:single_address}
+ netmask: '255.255.255.0'
diff --git a/classes/cluster/sl-k8s-calico/kubernetes/control.yml b/classes/cluster/sl-k8s-calico/kubernetes/control.yml
index 1c0f9d1..9093496 100644
--- a/classes/cluster/sl-k8s-calico/kubernetes/control.yml
+++ b/classes/cluster/sl-k8s-calico/kubernetes/control.yml
@@ -1,7 +1,7 @@
classes:
- service.etcd.server.cluster
- system.haproxy.proxy.listen.kubernetes.apiserver
-- system.linux.system.repo.docker_legacy
+- system.linux.system.repo.mcp.apt_mirantis.docker_legacy
- system.salt.minion.cert.etcd_server
- system.kubernetes.master.cluster
- cluster.sl-k8s-calico.kubernetes.compute
@@ -24,10 +24,15 @@
kubernetes:
common:
addons:
- netchecker:
- enabled: true
helm:
- enabled: true
+ enabled: ${_param:kubernetes_helm_enabled}
+ calico_policy:
+ enabled: ${_param:kubernetes_calico_policy_enabled}
+ image: ${_param:kubernetes_calico_policy_image}
+ netchecker:
+ enabled: ${_param:kubernetes_netchecker_enabled}
+ agent_image: ${_param:kubernetes_netchecker_agent_image}
+ server_image: ${_param:kubernetes_netchecker_server_image}
coredns:
enabled: ${_param:kubernetes_coredns_enabled}
externaldns:
@@ -35,6 +40,8 @@
image: ${_param:kubernetes_externaldns_image}
provider: ${_param:kubernetes_externaldns_provider}
master:
+ kubelet:
+ fail_on_swap: ${_param:kubelet_fail_on_swap}
etcd:
ssl:
enabled: true
@@ -46,4 +53,6 @@
enabled: true
namespace:
netchecker:
- enabled: true
+ enabled: ${_param:kubernetes_netchecker_enabled}
+ auth:
+ mode: Node,RBAC
diff --git a/classes/cluster/sl-k8s-calico/kubernetes/init.yml b/classes/cluster/sl-k8s-calico/kubernetes/init.yml
index d5cf684..4e03f24 100644
--- a/classes/cluster/sl-k8s-calico/kubernetes/init.yml
+++ b/classes/cluster/sl-k8s-calico/kubernetes/init.yml
@@ -3,6 +3,9 @@
salt_minion_ca_host: ${_param:infra_config_hostname}.${_param:cluster_domain}
salt_minion_ca_authority: salt_master_ca
+ # kubelet
+ kubelet_fail_on_swap: True
+
# kubernetes settings
kubernetes_admin_user: admin
kubernetes_admin_password: sbPfel23ZigJF3Bm
@@ -12,8 +15,36 @@
kubernetes_scheduler_token: VgkUHfrW07zNxrb0ucFyX7NBnSJN9Xp6
kubernetes_controller-manager_token: uXrdZ1YKF6qlYm3sHje2iEXMGAGDWOIU
kubernetes_dns_token: 0S1I4iJeFjq5fopPwwCwTp3xFpEZfeUl
+ kubernetes_mtu: 1500
+ mcp_version: testing
etcd_initial_token: IN7KaRMSo3xkGxkjAAPtkRkAgqN4ZNRq
+ # docker package version
+ kubernetes_docker_package: docker-engine=1.12.6-0~ubuntu-xenial
+
+ # component docker images
+ kubernetes_calico_calicoctl_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/ctl:latest
+ kubernetes_calico_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/node:latest
+ kubernetes_calico_cni_image: docker-prod-virtual.docker.mirantis.net/mirantis/projectcalico/calico/cni:latest
+ kubernetes_calico_policy_image: calico/kube-policy-controller:v0.5.4
+ kubernetes_hyperkube_image: docker-prod-virtual.docker.mirantis.net/mirantis/kubernetes/hyperkube-amd64:v1.8.6-5
+ kubernetes_netchecker_agent_image: mirantis/k8s-netchecker-agent:stable
+ kubernetes_netchecker_server_image: mirantis/k8s-netchecker-server:stable
+ kubernetes_netchecker_agent_probeurls: "http://ipinfo.io"
+ kubernetes_virtlet_image: mirantis/virtlet:stable
+ kubernetes_criproxy_version: v0.9.4
+ kubernetes_criproxy_checksum: md5=f1a08e16e15f61240ea324f6b335e013
+ kubernetes_externaldns_image: mirantis/external-dns:latest
+ kubernetes_externaldns_provider: coredns
+
+ # switches of addons
+ kubernetes_helm_enabled: true
+ kubernetes_netchecker_enabled: true
+ kubernetes_calico_policy_enabled: false
+ kubernetes_virtlet_enabled: false
+ kubernetes_coredns_enabled: false
+ kubernetes_externaldns_enabled: false
+
# addresses and hostnames
kubernetes_internal_api_address: 10.254.0.1
kubernetes_control_hostname: ctl
@@ -49,14 +80,6 @@
calico_private_network: 192.168.0.0
calico_private_netmask: 16
- # component docker images
- kubernetes_externaldns_image: mirantis/external-dns:latest
- kubernetes_externaldns_provider: coredns
-
- # switches of addons
- kubernetes_coredns_enabled: false
- kubernetes_externaldns_enabled: false
-
linux:
network:
host:
@@ -96,16 +119,7 @@
- ${_param:kubernetes_proxy_node01_hostname}
- ${_param:kubernetes_proxy_node01_hostname}.${_param:cluster_domain}
system:
- rc:
- local: |
- #!/bin/sh -e
- #
- # rc.local
- #
- ######### This file is managed by Salt! ##########
- # This script is executed at the end of each multiuser runlevel.
- # Make sure that the script will "exit 0" on success or any other
- # value on error.
- #
- ip r a 10.254.0.0/16 dev ens3
- exit 0
+ user:
+ root:
+ name: root
+ password: false