summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZuul <zuul@review.openstack.org>2017-10-16 04:54:28 +0000
committerGerrit Code Review <review@openstack.org>2017-10-16 04:54:28 +0000
commit50e789c8db1bb8fda9a3b5817aeb40e392aaee95 (patch)
tree7f7a14f2b894a8d956e3aecae1bf970c8af83775
parent77a1d1bb3b8c439df82bec40705709a28a0d8ffe (diff)
parent8a667217632004c9061d083c65f026a84c7e659a (diff)
Merge "Add CoreDNS deployment in kubernetes atomic" into stable/newtonnewton-eol
-rw-r--r--magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh1
-rw-r--r--magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh1
-rw-r--r--magnum/drivers/common/templates/kubernetes/fragments/core-dns-service.sh112
-rw-r--r--magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml2
-rw-r--r--magnum/drivers/common/templates/kubernetes/fragments/write-heat-params.yaml2
-rw-r--r--magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml16
-rw-r--r--magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml19
-rw-r--r--magnum/drivers/k8s_fedora_atomic_v1/templates/kubeminion.yaml12
8 files changed, 165 insertions, 0 deletions
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
index dc13f23..572442f 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
+++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
@@ -62,6 +62,7 @@ sed -i '
62 62
63HOSTNAME_OVERRIDE=$(hostname --short | sed 's/\.novalocal//') 63HOSTNAME_OVERRIDE=$(hostname --short | sed 's/\.novalocal//')
64KUBELET_ARGS="--register-node=true --register-schedulable=false --config=/etc/kubernetes/manifests --hostname-override=${HOSTNAME_OVERRIDE}" 64KUBELET_ARGS="--register-node=true --register-schedulable=false --config=/etc/kubernetes/manifests --hostname-override=${HOSTNAME_OVERRIDE}"
65KUBELET_ARGS="${KUBELET_ARGS} --cluster_dns=${DNS_SERVICE_IP} --cluster_domain=${DNS_CLUSTER_DOMAIN}"
65 66
66if [ -n "${INSECURE_REGISTRY_URL}" ]; then 67if [ -n "${INSECURE_REGISTRY_URL}" ]; then
67 KUBELET_ARGS="${KUBELET_ARGS} --pod-infra-container-image=${INSECURE_REGISTRY_URL}/google_containers/pause\:0.8.0" 68 KUBELET_ARGS="${KUBELET_ARGS} --pod-infra-container-image=${INSECURE_REGISTRY_URL}/google_containers/pause\:0.8.0"
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh
index 8dc16ac..b063598 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh
+++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh
@@ -28,6 +28,7 @@ sed -i '
28# Using any other name will break the load balancer and cinder volume features. 28# Using any other name will break the load balancer and cinder volume features.
29HOSTNAME_OVERRIDE=$(hostname --short | sed 's/\.novalocal//') 29HOSTNAME_OVERRIDE=$(hostname --short | sed 's/\.novalocal//')
30KUBELET_ARGS="--config=/etc/kubernetes/manifests --cadvisor-port=4194 ${KUBE_CONFIG} --hostname-override=${HOSTNAME_OVERRIDE}" 30KUBELET_ARGS="--config=/etc/kubernetes/manifests --cadvisor-port=4194 ${KUBE_CONFIG} --hostname-override=${HOSTNAME_OVERRIDE}"
31KUBELET_ARGS="${KUBELET_ARGS} --cluster_dns=${DNS_SERVICE_IP} --cluster_domain=${DNS_CLUSTER_DOMAIN}"
31 32
32if [ -n "$TRUST_ID" ]; then 33if [ -n "$TRUST_ID" ]; then
33 KUBELET_ARGS="$KUBELET_ARGS --cloud-provider=openstack --cloud-config=/etc/sysconfig/kube_openstack_config" 34 KUBELET_ARGS="$KUBELET_ARGS --cloud-provider=openstack --cloud-config=/etc/sysconfig/kube_openstack_config"
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/core-dns-service.sh b/magnum/drivers/common/templates/kubernetes/fragments/core-dns-service.sh
new file mode 100644
index 0000000..7f293f6
--- /dev/null
+++ b/magnum/drivers/common/templates/kubernetes/fragments/core-dns-service.sh
@@ -0,0 +1,112 @@
1#!/bin/sh
2
3. /etc/sysconfig/heat-params
4
5CORE_DNS=/etc/kubernetes/manifests/kube-coredns.yaml
6[ -f ${CORE_DNS} ] || {
7 echo "Writing File: $CORE_DNS"
8 mkdir -p $(dirname ${CORE_DNS})
9 cat << EOF > ${CORE_DNS}
10apiVersion: v1
11kind: ConfigMap
12metadata:
13 name: coredns
14 namespace: kube-system
15data:
16 Corefile: |
17 .:53 {
18 errors
19 log stdout
20 health
21 kubernetes ${DNS_CLUSTER_DOMAIN} {
22 cidrs ${PORTAL_NETWORK_CIDR}
23 }
24 proxy . /etc/resolv.conf
25 cache 30
26 }
27---
28apiVersion: extensions/v1beta1
29kind: Deployment
30metadata:
31 name: coredns
32 namespace: kube-system
33 labels:
34 k8s-app: coredns
35 kubernetes.io/cluster-service: "true"
36 kubernetes.io/name: "CoreDNS"
37spec:
38 replicas: 1
39 selector:
40 matchLabels:
41 k8s-app: coredns
42 template:
43 metadata:
44 labels:
45 k8s-app: coredns
46 annotations:
47 scheduler.alpha.kubernetes.io/critical-pod: ''
48 scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
49 spec:
50 containers:
51 - name: coredns
52 image: coredns/coredns:007
53 imagePullPolicy: Always
54 args: [ "-conf", "/etc/coredns/Corefile" ]
55 volumeMounts:
56 - name: config-volume
57 mountPath: /etc/coredns
58 ports:
59 - containerPort: 53
60 name: dns
61 protocol: UDP
62 - containerPort: 53
63 name: dns-tcp
64 protocol: TCP
65 livenessProbe:
66 httpGet:
67 path: /health
68 port: 8080
69 scheme: HTTP
70 initialDelaySeconds: 60
71 timeoutSeconds: 5
72 successThreshold: 1
73 failureThreshold: 5
74 dnsPolicy: Default
75 volumes:
76 - name: config-volume
77 configMap:
78 name: coredns
79 items:
80 - key: Corefile
81 path: Corefile
82---
83apiVersion: v1
84kind: Service
85metadata:
86 name: kube-dns
87 namespace: kube-system
88 labels:
89 k8s-app: coredns
90 kubernetes.io/cluster-service: "true"
91 kubernetes.io/name: "CoreDNS"
92spec:
93 selector:
94 k8s-app: coredns
95 clusterIP: ${DNS_SERVICE_IP}
96 ports:
97 - name: dns
98 port: 53
99 protocol: UDP
100 - name: dns-tcp
101 port: 53
102 protocol: TCP
103EOF
104}
105
106echo "Waiting for Kubernetes API..."
107until curl --silent "http://127.0.0.1:8080/version"
108do
109 sleep 5
110done
111
112kubectl create --validate=false -f $CORE_DNS
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
index cdc2320..1ed1348 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
+++ b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
@@ -42,3 +42,5 @@ write_files:
42 TRUST_ID="$TRUST_ID" 42 TRUST_ID="$TRUST_ID"
43 AUTH_URL="$AUTH_URL" 43 AUTH_URL="$AUTH_URL"
44 INSECURE_REGISTRY_URL="$INSECURE_REGISTRY_URL" 44 INSECURE_REGISTRY_URL="$INSECURE_REGISTRY_URL"
45 DNS_SERVICE_IP="$DNS_SERVICE_IP"
46 DNS_CLUSTER_DOMAIN="$DNS_CLUSTER_DOMAIN"
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params.yaml b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params.yaml
index a5d66c4..315a0b6 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params.yaml
+++ b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params.yaml
@@ -41,3 +41,5 @@ write_files:
41 TRUST_ID="$TRUST_ID" 41 TRUST_ID="$TRUST_ID"
42 AUTH_URL="$AUTH_URL" 42 AUTH_URL="$AUTH_URL"
43 INSECURE_REGISTRY_URL="$INSECURE_REGISTRY_URL" 43 INSECURE_REGISTRY_URL="$INSECURE_REGISTRY_URL"
44 DNS_SERVICE_IP="$DNS_SERVICE_IP"
45 DNS_CLUSTER_DOMAIN="$DNS_CLUSTER_DOMAIN"
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
index 940935a..e3846d2 100644
--- a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
@@ -279,6 +279,18 @@ parameters:
279 description: insecure registry url 279 description: insecure registry url
280 default: "" 280 default: ""
281 281
282 dns_service_ip:
283 type: string
284 description: >
285 address used by Kubernetes DNS service
286 default: 10.254.0.10
287
288 dns_cluster_domain:
289 type: string
290 description: >
291 domain name for cluster DNS
292 default: "cluster.local"
293
282resources: 294resources:
283 295
284 ###################################################################### 296 ######################################################################
@@ -517,6 +529,8 @@ resources:
517 trust_id: {get_param: trust_id} 529 trust_id: {get_param: trust_id}
518 auth_url: {get_param: auth_url} 530 auth_url: {get_param: auth_url}
519 insecure_registry_url: {get_param: insecure_registry_url} 531 insecure_registry_url: {get_param: insecure_registry_url}
532 dns_service_ip: {get_param: dns_service_ip}
533 dns_cluster_domain: {get_param: dns_cluster_domain}
520 534
521 ###################################################################### 535 ######################################################################
522 # 536 #
@@ -576,6 +590,8 @@ resources:
576 trust_id: {get_param: trust_id} 590 trust_id: {get_param: trust_id}
577 auth_url: {get_param: auth_url} 591 auth_url: {get_param: auth_url}
578 insecure_registry_url: {get_param: insecure_registry_url} 592 insecure_registry_url: {get_param: insecure_registry_url}
593 dns_service_ip: {get_param: dns_service_ip}
594 dns_cluster_domain: {get_param: dns_cluster_domain}
579 595
580outputs: 596outputs:
581 597
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
index ff18e68..96eac1d 100644
--- a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
+++ b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
@@ -200,6 +200,16 @@ parameters:
200 type: string 200 type: string
201 description: insecure registry url 201 description: insecure registry url
202 202
203 dns_service_ip:
204 type: string
205 description: >
206 address used by Kubernetes DNS service
207
208 dns_cluster_domain:
209 type: string
210 description: >
211 domain name for cluster DNS
212
203resources: 213resources:
204 214
205 master_wait_handle: 215 master_wait_handle:
@@ -276,6 +286,8 @@ resources:
276 "$TRUSTEE_PASSWORD": {get_param: trustee_password} 286 "$TRUSTEE_PASSWORD": {get_param: trustee_password}
277 "$TRUST_ID": {get_param: trust_id} 287 "$TRUST_ID": {get_param: trust_id}
278 "$INSECURE_REGISTRY_URL": {get_param: insecure_registry_url} 288 "$INSECURE_REGISTRY_URL": {get_param: insecure_registry_url}
289 "$DNS_SERVICE_IP": {get_param: dns_service_ip}
290 "$DNS_CLUSTER_DOMAIN": {get_param: dns_cluster_domain}
279 291
280 make_cert: 292 make_cert:
281 type: OS::Heat::SoftwareConfig 293 type: OS::Heat::SoftwareConfig
@@ -365,6 +377,12 @@ resources:
365 group: ungrouped 377 group: ungrouped
366 config: {get_file: ../../common/templates/kubernetes/fragments/enable-kube-proxy-master.sh} 378 config: {get_file: ../../common/templates/kubernetes/fragments/enable-kube-proxy-master.sh}
367 379
380 core_dns_service:
381 type: OS::Heat::SoftwareConfig
382 properties:
383 group: ungrouped
384 config: {get_file: ../../common/templates/kubernetes/fragments/core-dns-service.sh}
385
368 master_wc_notify: 386 master_wc_notify:
369 type: OS::Heat::SoftwareConfig 387 type: OS::Heat::SoftwareConfig
370 properties: 388 properties:
@@ -401,6 +419,7 @@ resources:
401 - config: {get_resource: network_service} 419 - config: {get_resource: network_service}
402 - config: {get_resource: kube_system_namespace_service} 420 - config: {get_resource: kube_system_namespace_service}
403 - config: {get_resource: enable_kube_podmaster} 421 - config: {get_resource: enable_kube_podmaster}
422 - config: {get_resource: core_dns_service}
404 - config: {get_resource: enable_kube_proxy} 423 - config: {get_resource: enable_kube_proxy}
405 - config: {get_resource: kube_ui_service} 424 - config: {get_resource: kube_ui_service}
406 - config: {get_resource: kube_examples} 425 - config: {get_resource: kube_examples}
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubeminion.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubeminion.yaml
index 264f33e..03d71c4 100644
--- a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubeminion.yaml
+++ b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubeminion.yaml
@@ -194,6 +194,16 @@ parameters:
194 type: string 194 type: string
195 description: insecure registry url 195 description: insecure registry url
196 196
197 dns_service_ip:
198 type: string
199 description: >
200 address used by Kubernetes DNS service
201
202 dns_cluster_domain:
203 type: string
204 description: >
205 domain name for cluster DNS
206
197resources: 207resources:
198 208
199 minion_wait_handle: 209 minion_wait_handle:
@@ -254,6 +264,8 @@ resources:
254 $TRUST_ID: {get_param: trust_id} 264 $TRUST_ID: {get_param: trust_id}
255 $AUTH_URL: {get_param: auth_url} 265 $AUTH_URL: {get_param: auth_url}
256 $INSECURE_REGISTRY_URL: {get_param: insecure_registry_url} 266 $INSECURE_REGISTRY_URL: {get_param: insecure_registry_url}
267 $DNS_SERVICE_IP: {get_param: dns_service_ip}
268 $DNS_CLUSTER_DOMAIN: {get_param: dns_cluster_domain}
257 269
258 write_kubeconfig: 270 write_kubeconfig:
259 type: OS::Heat::SoftwareConfig 271 type: OS::Heat::SoftwareConfig