openstack
/
tripleo-heat-templates
Code Issues Proposed changes

Merge "Remove deprecated kubernetes services"

This commit is contained in:
Zuul 2020-02-21 01:25:46 +00:00 committed by Gerrit Code Review
parent e86b3e9b33 80a8ec48b1
commit 0941e87e8c
14 changed files with 0 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ci/environments/scenario000-standalone.yaml
View File

@ -86,8 +86,6 @@ resource_registry:
OS::TripleO::Services::Iscsid: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
# OS::TripleO::Services::Keystone: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
OS::TripleO::Services::LiquidioCompute: OS::Heat::None
OS::TripleO::Services::Logging::BarbicanApi: OS::Heat::None
OS::TripleO::Services::Logging::GlanceApi: OS::Heat::None

61
ci/environments/scenario006-multinode.yaml
View File

@ -1,61 +0,0 @@
resource_registry:
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
OS::TripleO::Services::SwiftProxy: OS::Heat::None
OS::TripleO::Services::SwiftStorage: OS::Heat::None
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
OS::TripleO::Services::Keystone: OS::Heat::None
OS::TripleO::Services::GlanceApi: OS::Heat::None
OS::TripleO::Services::MySQL: OS::Heat::None
OS::TripleO::Services::MySQLClient: OS::Heat::None
OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
OS::TripleO::Services::NeutronApi: OS::Heat::None
OS::TripleO::Services::NeutronCorePlugin: OS::Heat::None
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
OS::TripleO::Services::RabbitMQ: OS::Heat::None
OS::TripleO::Services::HAproxy: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::Services::Memcached: OS::Heat::None
OS::TripleO::Services::NovaConductor: OS::Heat::None
OS::TripleO::Services::NovaApi: OS::Heat::None
OS::TripleO::Services::PlacementApi: OS::Heat::None
OS::TripleO::Services::NovaMetadata: OS::Heat::None
OS::TripleO::Services::NovaScheduler: OS::Heat::None
OS::TripleO::Services::NovaCompute: OS::Heat::None
OS::TripleO::Services::NovaLibvirt: OS::Heat::None
parameter_defaults:
# NOTE: CI envs have swap, which by default blocks Kubespray and Kubelet.
# https://github.com/kubernetes-incubator/kubespray/issues/1787#issuecomment-336155007
KubesprayIgnoreAssertErrors: true
ControllerServices:
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::ContainerImagePrepare
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timesync
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Kubernetes::Master
- OS::TripleO::Services::Kubernetes::Worker
ComputeServices:
- OS::TripleO::Services::CACerts
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timesync
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Kubernetes::Worker
Debug: true

182
deployment/deprecated/kubernetes/kubernetes-master-baremetal-ansible.yaml
View File

@ -1,182 +0,0 @@
heat_template_version: rocky
description: Triggers a Mistral workflow for the deployment of Kubernetes
parameters:
RoleNetIpMap:
default: {}
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
KubesprayIgnoreAssertErrors:
default: false
description: Ignore kubespray pre-flight checks. Useful for deploying
on environments with swap enabled.
type: boolean
outputs:
role_data:
description: Role data for the Kubernetes Service
value:
service_name: kubernetes_master
firewall_rules:
'200 kubernetes-master api':
dport: 6443
proto: tcp
'200 kubernetes-master etcd':
dport:
- 2379
- 2380
proto: tcp
'200 kubernetes-master flannel':
dport:
- 8285
- 8472
proto: udp
upgrade_tasks: []
step_config: ''
external_deploy_tasks:
# FIXME: remove this block when kubespray is packaged
- name: kubernetes_master step 2 kubespray repository
when: step|int == 2
block:
- name: check kubespray directory existence
stat:
path: /usr/share/kubespray
register: kubespray_stat
- set_fact:
kubespray_dir: >-
{%- if kubespray_stat.stat.exists -%}
/usr/share/kubespray
{%- elif ansible_user_id == 'mistral' -%}
/var/lib/mistral/kubespray
{%- else -%}
{{ ansible_user_dir }}/kubespray
{%- endif -%}
- name: check cloned kubespray directory existence
stat:
path: "{{ kubespray_dir }}"
register: kubespray_cloned_stat
when: not kubespray_stat.stat.exists
- name: download kubespray source
shell: |
set -eux
mkdir '{{ kubespray_dir }}'
cd '{{ kubespray_dir }}'
curl -Lo kubespray.tar.gz 'https://github.com/kubernetes-incubator/kubespray/archive/master.tar.gz'
tar --strip-components 1 -xzvf kubespray.tar.gz
# do not overwrite existing contents
when: not kubespray_stat.stat.exists and not kubespray_cloned_stat.stat.exists
- name: kubernetes_master step 2
when: step|int == 2
block:
- name: create kubespray temp dirs
become: true
file:
path: "{{item}}"
state: directory
owner: "{{ ansible_user }}"
with_items:
- "{{playbook_dir}}/kubespray"
- "{{playbook_dir}}/kubespray/artifacts"
- name: generate kubespray inventory
copy:
dest: "{{playbook_dir}}/kubespray/inventory.yml"
content: |
kube-master:
hosts:
{% for host in groups['kubernetes_master'] -%}
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
ansible_become: true
{% endfor %}
kube-node:
hosts:
{% for host in groups['kubernetes_worker'] -%}
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
ansible_become: true
{% endfor %}
etcd:
children:
kube-master: {}
k8s-cluster:
children:
kube-master: {}
kube-node: {}
- name: generate kubespray global vars
copy:
dest: "{{playbook_dir}}/kubespray/global_vars.yml"
content:
str_replace:
template: |
kubeconfig_localhost: true
artifacts_dir: '{{playbook_dir}}/kubespray/artifacts'
ignore_assert_errors: IGNORE_ASSERT_ERRORS
kubelet_fail_swap_on: KUBELET_FAIL_SWAP_ON
params:
IGNORE_ASSERT_ERRORS: {get_param: KubesprayIgnoreAssertErrors}
KUBELET_FAIL_SWAP_ON:
yaql:
expression: not $.data
data: {get_param: KubesprayIgnoreAssertErrors}
- name: generate kubespray playbook
copy:
dest: "{{playbook_dir}}/kubespray/playbook.yml"
content: |
- import_playbook: {{ kubespray_dir|default('/usr/share/kubespray') }}/cluster.yml
- name: set kubespray command
set_fact:
# NOTE: We could let kubespray configure docker
# (remove --skip-tags docker) and run it in step 1
# when this RFE is implemented:
# https://github.com/kubernetes-incubator/kubespray/issues/1836
kubespray_command: >-
{%- if kubespray_command is defined -%}
{{kubespray_command}}
{%- else -%}
ANSIBLE_HOST_KEY_CHECKING=False
ansible-playbook
-i '{{playbook_dir}}/kubespray/inventory.yml'
--skip-tags docker,bastion-ssh-config
--extra-vars '@{{playbook_dir}}/kubespray/global_vars.yml'
{% if ansible_ssh_private_key_file is defined %}--private-key '{{ansible_ssh_private_key_file}}'{% endif %}
'{{playbook_dir}}/kubespray/playbook.yml'
{%- endif -%}
- name: print kubespray command
debug:
var: kubespray_command
- name: run kubespray (immediate log at {{playbook_dir}}/kubespray/playbook.log)
shell: |
{{kubespray_command}} 2>&1 | tee {{playbook_dir}}/kubespray/playbook.log
exit ${PIPESTATUS[0]}

62
deployment/deprecated/kubernetes/kubernetes-worker-baremetal-ansible.yaml
View File

@ -1,62 +0,0 @@
heat_template_version: rocky
description: Triggers a Mistral workflow for the deployment of Kubernetes
parameters:
RoleNetIpMap:
default: {}
type: json
ServiceData:
default: {}
description: Dictionary packing service data
type: json
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry. This
mapping overrides those in ServiceNetMapDefaults.
type: json
DefaultPasswords:
default: {}
type: json
RoleName:
default: ''
description: Role name on which the service is applied
type: string
RoleParameters:
default: {}
description: Parameters specific to the role
type: json
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
outputs:
role_data:
description: Role data for the Kubernetes Service
value:
# This service template essentially tags the nodes that we want
# as workers. The actual installation is performed in
# kubernetes-master service template.
service_name: kubernetes_worker
firewall_rules:
'200 kubernetes-worker kubelet':
dport:
- 10250
- 10255
proto: tcp
'200 kubernetes-worker external services':
dport: '30000-32767'
'200 kubernetes-worker flannel':
dport:
- 8285
- 8472
proto: udp
'200 kubernetes-worker calico bgp':
dport: 179
proto: tcp
'200 kubernetes-worker calico ipv4-in-ip':
proto: ipv4
upgrade_tasks: []

1
deployment/haproxy/haproxy-edge-container-puppet.yaml
View File

@ -98,7 +98,6 @@ outputs:
tripleo::haproxy::ironic_inspector: false
tripleo::haproxy::keystone_admin: false
tripleo::haproxy::keystone_public: false
tripleo::haproxy::kubernetes_master: false
tripleo::haproxy::manila: false
tripleo::haproxy::mistral: false
tripleo::haproxy::mysql: false

4
environments/kubernetes.yaml
View File

@ -1,4 +0,0 @@
resource_registry:
OS::TripleO::Services::Docker: ../deployment/deprecated/docker/docker-baremetal-ansible.yaml
OS::TripleO::Services::Kubernetes::Worker: ../deployment/deprecated/kubernetes/kubernetes-worker-baremetal-ansible.yaml
OS::TripleO::Services::Kubernetes::Master: ../deployment/deprecated/kubernetes/kubernetes-master-baremetal-ansible.yaml

2
environments/standalone.yaml
View File

@ -12,8 +12,6 @@ resource_registry:
# Disable non-openstack services that are enabled by default
OS::TripleO::Services::HAproxy: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
OS::TripleO::Services::Redis: OS::Heat::None
# By default we only want the following OpenStack services to be enabled:

2
environments/standalone/standalone-overcloud.yaml
View File

@ -77,8 +77,6 @@ resource_registry:
OS::TripleO::Services::IronicInspector: OS::Heat::None
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
OS::TripleO::Services::IronicPxe: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
OS::TripleO::Services::ManilaApi: OS::Heat::None
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None

2
environments/standalone/standalone-tripleo.yaml
View File

@ -87,8 +87,6 @@ resource_registry:
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
OS::TripleO::Services::IronicPxe: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
OS::TripleO::Services::ManilaApi: OS::Heat::None
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None

2
environments/undercloud/undercloud-minion.yaml
View File

@ -111,8 +111,6 @@ resource_registry:
OS::TripleO::Services::Iscsid: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::Services::Keystone: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
OS::TripleO::Services::LiquidioCompute: OS::Heat::None
OS::TripleO::Services::Logging::BarbicanApi: OS::Heat::None
OS::TripleO::Services::Logging::GlanceApi: OS::Heat::None

2
overcloud-resource-registry-puppet.j2.yaml
View File

@ -130,8 +130,6 @@ resource_registry:
OS::TripleO::Services::HeatApiCloudwatch: deployment/heat/heat-api-cloudwatch-disabled-puppet.yaml
OS::TripleO::Services::HeatEngine: deployment/heat/heat-engine-container-puppet.yaml
OS::TripleO::Services::Kernel: deployment/kernel/kernel-baremetal-ansible.yaml
OS::TripleO::Services::Kubernetes::Master: deployment/deprecated/kubernetes/kubernetes-master-baremetal-ansible.yaml
OS::TripleO::Services::Kubernetes::Worker: deployment/deprecated/kubernetes/kubernetes-worker-baremetal-ansible.yaml
OS::TripleO::Services::MySQL: deployment/database/mysql-container-puppet.yaml
OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None
OS::TripleO::Services::NeutronBgpVpnBagpipe: OS::Heat::None

6
sample-env-generator/standalone.yaml
View File

@ -73,8 +73,6 @@ environments:
# Disable non-openstack services that are enabled by default
OS::TripleO::Services::HAproxy: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
# Aodh
OS::TripleO::Services::AodhApi: OS::Heat::None
@ -186,10 +184,6 @@ environments:
OS::TripleO::Services::OpenStackClients: ../../deployment/clients/openstack-clients-baremetal-ansible.yaml
# Disable non-openstack services that are enabled by default
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
# Aodh
OS::TripleO::Services::AodhApi: OS::Heat::None
OS::TripleO::Services::AodhEvaluator: OS::Heat::None

2
sample-env-generator/undercloud-minion.yaml
View File

@ -134,8 +134,6 @@ environments:
OS::TripleO::Services::Iscsid: OS::Heat::None
OS::TripleO::Services::Keepalived: OS::Heat::None
OS::TripleO::Services::Keystone: OS::Heat::None
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
OS::TripleO::Services::LiquidioCompute: OS::Heat::None
OS::TripleO::Services::Logging::BarbicanApi: OS::Heat::None
OS::TripleO::Services::Logging::GlanceApi: OS::Heat::None

11
zuul.d/layout.yaml
View File

@ -129,17 +129,6 @@
- ci/environments/scenario011-multinode-containers.yaml
- ^(deployment|docker|puppet)/.*ironic.*$
- ^environments\/.*ironic.*$
- tripleo-ci-centos-7-scenario006-multinode-oooq-container:
dependencies: *deps_unit_lint
files:
- ^ci/common/.*$
- ^coe/kubernetes.*$
- ^environments/kubernetes.*$
- ^deployment/.*kubernetes/.*$
- ci/environments/scenario006-multinode.yaml
- ^deployed-server/.*$
- ^common/.*$
- zuul.d/*
- job:
name: openstack-tox-tht
parent: openstack-tox