Merge "Bump hyperkube to 1.12.3"
diff --git a/docker/swarm/stack/monitoring/sf_notifier.yml b/docker/swarm/stack/monitoring/sf_notifier.yml
index a66286a..a171ce8 100644
--- a/docker/swarm/stack/monitoring/sf_notifier.yml
+++ b/docker/swarm/stack/monitoring/sf_notifier.yml
@@ -41,4 +41,4 @@
SFDC_PASSWORD: "${_param:sf_notifier_sfdc_password}"
SFDC_ORGANIZATION_ID: "${_param:sf_notifier_sfdc_organization_id}"
SFDC_ENVIRONMENT_ID: "${_param:sf_notifier_sfdc_environment_id}"
- SFDC_SANDBOX_ENABLED: ${_param:sf_notifier_sfdc_sandbox_enabled}
+ SFDC_SANDBOX_ENABLED: "${_param:sf_notifier_sfdc_sandbox_enabled}"
diff --git a/kubernetes/common/init.yml b/kubernetes/common/init.yml
index 434cc40..69ad062 100644
--- a/kubernetes/common/init.yml
+++ b/kubernetes/common/init.yml
@@ -22,6 +22,7 @@
kubernetes_ingressnginx_repo: ${_param:mcp_docker_registry}/mirantis/kubernetes-ingress-nginx
kubernetes_corends_etcd_operator_repo: quay.io/coreos
kubernetes_containerd_repo: https://github.com/kubernetes-sigs/cri-tools/releases/download
+ kubernetes_openstack_provider_repo: ${_param:mcp_binary_registry}/mirantis/kubernetes/cloud-provider-openstack
# component images/binaries
kubernetes_calico_image: ${_param:kubernetes_calico_repo}/node:v3.1.3
@@ -111,6 +112,25 @@
kubernetes_telegraf_agent_quiet: false
kubernetes_telegraf_agent_omit_hostname: false
+ # Cloud providers parameters
+
+ kubernetes_cloudprovider_enabled: false
+ kubernetes_cloudprovider_type: openstack
+
+ # OpenStack cloud provider
+
+ kubernetes_openstack_provider_binary: ${_param:kubernetes_openstack_provider_repo}/openstack-cloud-controller-manager_v0.3.0-1_1543239267245
+ kubernetes_openstack_provider_binary_hash: md5=0d85b5877e9872690390f5b87e45efba
+ kubernetes_openstack_provider_cloud_user: admin
+ kubernetes_openstack_provider_cloud_password: secret
+ kubernetes_openstack_provider_cloud_auth_url: http://127.0.0.1:5000/v3
+ kubernetes_openstack_provider_cloud_tenant_id: tenant_id
+ kubernetes_openstack_provider_cloud_domain_id: default
+ kubernetes_openstack_provider_cloud_region: RegionOne
+ kubernetes_openstack_provider_lbaas_subnet_id: subnet_id
+ kubernetes_openstack_provider_floating_net_id: floating_net_id
+
+
linux:
system:
kernel:
@@ -134,6 +154,20 @@
plugins:
source: ${_param:kubernetes_cniplugins_source}
hash: ${_param:kubernetes_cniplugins_source_hash}
+ cloudprovider:
+ enabled: ${_param:kubernetes_cloudprovider_enabled}
+ provider: ${_param:kubernetes_cloudprovider_type}
+ params:
+ binary: ${_param:kubernetes_openstack_provider_binary}
+ binary_hash: ${_param:kubernetes_openstack_provider_binary_hash}
+ username: ${_param:kubernetes_openstack_provider_cloud_user}
+ password: ${_param:kubernetes_openstack_provider_cloud_password}
+ auth_url: ${_param:kubernetes_openstack_provider_cloud_auth_url}
+ tenant_id: ${_param:kubernetes_openstack_provider_cloud_tenant_id}
+ domain_id: ${_param:kubernetes_openstack_provider_cloud_domain_id}
+ region: ${_param:kubernetes_openstack_provider_cloud_region}
+ subnet_id: ${_param:kubernetes_openstack_provider_lbaas_subnet_id}
+ floating_net_id: ${_param:kubernetes_openstack_provider_floating_net_id}
addons:
dashboard:
enabled: ${_param:kubernetes_dashboard_enabled}
diff --git a/opencontrail/control/analytics.yml b/opencontrail/control/analytics.yml
index 7471997..d6cff61 100644
--- a/opencontrail/control/analytics.yml
+++ b/opencontrail/control/analytics.yml
@@ -6,7 +6,7 @@
parameters:
_param:
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
@@ -22,7 +22,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
diff --git a/opencontrail/control/analytics4_0.yml b/opencontrail/control/analytics4_0.yml
index f0cf352..ed6fb15 100644
--- a/opencontrail/control/analytics4_0.yml
+++ b/opencontrail/control/analytics4_0.yml
@@ -6,8 +6,9 @@
- system.haproxy.proxy.listen.opencontrail.analytics
parameters:
_param:
+ opencontrail_kafka_config_dir: '/usr/share/kafka/config'
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
opencontrail_version: 4.0
linux_repo_contrail_component: oc40
opencontrail_image_tag: latest
@@ -27,7 +28,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
@@ -101,10 +102,10 @@
- /var/lib/analyticsdb:/var/lib/cassandra
- /var/lib/analyticsdb_zookeeper_data:/var/lib/zookeeper
- /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
- - /usr/share/kafka/config/server.properties:/usr/share/kafka/config/server.properties
- - /usr/share/kafka/config/consumer.properties:/usr/share/kafka/config/consumer.properties
- - /usr/share/kafka/config/zookeeper.properties:/usr/share/kafka/config/zookeeper.properties
- - /usr/share/kafka/logs:/usr/share/kafka/logs
+ - ${_param:opencontrail_kafka_config_dir}/server.properties:${_param:opencontrail_kafka_config_dir}/server.properties
+ - ${_param:opencontrail_kafka_config_dir}/consumer.properties:${_param:opencontrail_kafka_config_dir}/consumer.properties
+ - ${_param:opencontrail_kafka_config_dir}/zookeeper.properties:${_param:opencontrail_kafka_config_dir}/zookeeper.properties
+ - ${_param:opencontrail_kafka_log_dir}:${_param:opencontrail_kafka_log_dir}
- /etc/zookeeper/conf/zoo_analytics.cfg:/etc/zookeeper/conf/zoo.cfg
- /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
- /var/log/contrail:/var/log/contrail
diff --git a/opencontrail/control/cluster.yml b/opencontrail/control/cluster.yml
index 28c12c4..33bfedc 100644
--- a/opencontrail/control/cluster.yml
+++ b/opencontrail/control/cluster.yml
@@ -7,7 +7,7 @@
parameters:
_param:
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
@@ -21,7 +21,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
diff --git a/opencontrail/control/cluster4_0.yml b/opencontrail/control/cluster4_0.yml
index 381a0d2..5914c50 100644
--- a/opencontrail/control/cluster4_0.yml
+++ b/opencontrail/control/cluster4_0.yml
@@ -6,8 +6,9 @@
- system.haproxy.proxy.listen.opencontrail.analytics
parameters:
_param:
+ opencontrail_kafka_config_dir: '/usr/share/kafka/config'
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
opencontrail_version: 4.0
linux_repo_contrail_component: oc40
opencontrail_image_tag: latest
@@ -31,7 +32,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
@@ -179,10 +180,10 @@
- /var/lib/analyticsdb:/var/lib/cassandra
- /var/lib/analyticsdb_zookeeper_data:/var/lib/zookeeper
- /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
- - /usr/share/kafka/config/server.properties:/usr/share/kafka/config/server.properties
- - /usr/share/kafka/config/consumer.properties:/usr/share/kafka/config/consumer.properties
- - /usr/share/kafka/config/zookeeper.properties:/usr/share/kafka/config/zookeeper.properties
- - /usr/share/kafka/logs:/usr/share/kafka/logs
+ - ${_param:opencontrail_kafka_config_dir}/server.properties:${_param:opencontrail_kafka_config_dir}/server.properties
+ - ${_param:opencontrail_kafka_config_dir}/consumer.properties:${_param:opencontrail_kafka_config_dir}/consumer.properties
+ - ${_param:opencontrail_kafka_config_dir}/zookeeper.properties:${_param:opencontrail_kafka_config_dir}/zookeeper.properties
+ - ${_param:opencontrail_kafka_log_dir}:${_param:opencontrail_kafka_log_dir}
- /etc/zookeeper/conf/zoo_analytics.cfg:/etc/zookeeper/conf/zoo.cfg
- /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
- /var/log/contrail:/var/log/contrail
diff --git a/opencontrail/control/cluster4_0_k8s.yml b/opencontrail/control/cluster4_0_k8s.yml
index cb9ce4f..5564ccf 100644
--- a/opencontrail/control/cluster4_0_k8s.yml
+++ b/opencontrail/control/cluster4_0_k8s.yml
@@ -6,7 +6,7 @@
parameters:
_param:
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
opencontrail_version: 4.0
linux_repo_contrail_component: oc40
opencontrail_image_tag: latest
@@ -30,7 +30,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
diff --git a/opencontrail/control/single.yml b/opencontrail/control/single.yml
index 2ba745b..ef798bd 100644
--- a/opencontrail/control/single.yml
+++ b/opencontrail/control/single.yml
@@ -4,7 +4,7 @@
parameters:
_param:
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
# Temprorary fix for MOS9 packages to pin old version of kafka
linux:
system:
@@ -20,7 +20,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
diff --git a/opencontrail/control/single4_0.yml b/opencontrail/control/single4_0.yml
index 779d8d0..9857221 100644
--- a/opencontrail/control/single4_0.yml
+++ b/opencontrail/control/single4_0.yml
@@ -4,8 +4,9 @@
- service.haproxy.proxy.single
parameters:
_param:
+ opencontrail_kafka_config_dir: '/usr/share/kafka/config'
opencontrail_kafka_log_cleanup_mtime: '+7'
- opencontrail_kafka_log_cleanup_dir: '/usr/share/kafka/logs/'
+ opencontrail_kafka_log_dir: '/usr/share/kafka/logs'
opencontrail_version: 4.0
linux_repo_contrail_component: oc40
opencontrail_image_tag: latest
@@ -26,7 +27,7 @@
- nf_conntrack_ipv4
job:
kafka_logs_cleanup:
- command: "find ${_param:opencontrail_kafka_log_cleanup_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
+ command: "find ${_param:opencontrail_kafka_log_dir} -name '*.log.*' -type f -mtime ${_param:opencontrail_kafka_log_cleanup_mtime} -exec rm {} \\;"
identifier: kafka_logs_cleanup
hour: 0
minute: 0
@@ -198,10 +199,10 @@
- /var/lib/analyticsdb:/var/lib/cassandra
- /var/lib/analyticsdb_zookeeper_data:/var/lib/zookeeper
- /var/lib/zookeeper/myid:/var/lib/zookeeper/myid
- - /usr/share/kafka/config/server.properties:/usr/share/kafka/config/server.properties
- - /usr/share/kafka/config/consumer.properties:/usr/share/kafka/config/consumer.properties
- - /usr/share/kafka/config/zookeeper.properties:/usr/share/kafka/config/zookeeper.properties
- - /usr/share/kafka/logs:/usr/share/kafka/logs
+ - ${_param:opencontrail_kafka_config_dir}/server.properties:${_param:opencontrail_kafka_config_dir}/server.properties
+ - ${_param:opencontrail_kafka_config_dir}/consumer.properties:${_param:opencontrail_kafka_config_dir}/consumer.properties
+ - ${_param:opencontrail_kafka_config_dir}/zookeeper.properties:${_param:opencontrail_kafka_config_dir}/zookeeper.properties
+ - ${_param:opencontrail_kafka_log_dir}:${_param:opencontrail_kafka_log_dir}
- /etc/zookeeper/conf/zoo_analytics.cfg:/etc/zookeeper/conf/zoo.cfg
- /etc/zookeeper/conf/log4j.properties:/etc/zookeeper/conf/log4j.properties
- /var/log/contrail:/var/log/contrail
diff --git a/salt/minion/cert/k8s_client.yml b/salt/minion/cert/k8s_client.yml
index 5f065d5..ff7dabf 100644
--- a/salt/minion/cert/k8s_client.yml
+++ b/salt/minion/cert/k8s_client.yml
@@ -12,6 +12,16 @@
organization_name: system:nodes
signing_policy: cert_client
alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_control_node01_address},IP:${_param:kubernetes_control_node02_address},IP:${_param:kubernetes_control_node03_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_client_fqdn:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kubelet-client-fqdn.key
+ cert_file: /etc/kubernetes/ssl/kubelet-client-fqdn.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:node:${linux:system:name}.${_param:cluster_domain}
+ organization_name: system:nodes
+ signing_policy: cert_client
+ alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_control_node01_address},IP:${_param:kubernetes_control_node02_address},IP:${_param:kubernetes_control_node03_address},IP:${_param:kubernetes_internal_api_address}
k8s_proxy:
host: ${_param:salt_minion_ca_host}
authority: ${_param:salt_minion_ca_authority}
diff --git a/salt/minion/cert/k8s_client_single.yml b/salt/minion/cert/k8s_client_single.yml
index a4302a3..a2f3d89 100644
--- a/salt/minion/cert/k8s_client_single.yml
+++ b/salt/minion/cert/k8s_client_single.yml
@@ -12,6 +12,16 @@
organization_name: system:nodes
signing_policy: cert_client
alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_client_fqdn:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kubelet-client-fqdn.key
+ cert_file: /etc/kubernetes/ssl/kubelet-client-fqdn.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:node:${linux:system:name}.${_param:cluster_domain}
+ organization_name: system:nodes
+ signing_policy: cert_client
+ alternative_names: IP:${_param:kubernetes_control_address},IP:${_param:kubernetes_internal_api_address}
k8s_proxy:
host: ${_param:salt_minion_ca_host}
authority: ${_param:salt_minion_ca_authority}