Merge "Remove deprecated kubernetes services"
This commit is contained in:
commit
0941e87e8c
|
@ -86,8 +86,6 @@ resource_registry:
|
|||
OS::TripleO::Services::Iscsid: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
# OS::TripleO::Services::Keystone: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
OS::TripleO::Services::LiquidioCompute: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::BarbicanApi: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::GlanceApi: OS::Heat::None
|
||||
|
|
|
@ -1,61 +0,0 @@
|
|||
resource_registry:
|
||||
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
|
||||
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
|
||||
OS::TripleO::Services::SwiftProxy: OS::Heat::None
|
||||
OS::TripleO::Services::SwiftStorage: OS::Heat::None
|
||||
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
|
||||
OS::TripleO::Services::Keystone: OS::Heat::None
|
||||
OS::TripleO::Services::GlanceApi: OS::Heat::None
|
||||
OS::TripleO::Services::MySQL: OS::Heat::None
|
||||
OS::TripleO::Services::MySQLClient: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronApi: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronCorePlugin: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
||||
OS::TripleO::Services::RabbitMQ: OS::Heat::None
|
||||
OS::TripleO::Services::HAproxy: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
OS::TripleO::Services::Memcached: OS::Heat::None
|
||||
OS::TripleO::Services::NovaConductor: OS::Heat::None
|
||||
OS::TripleO::Services::NovaApi: OS::Heat::None
|
||||
OS::TripleO::Services::PlacementApi: OS::Heat::None
|
||||
OS::TripleO::Services::NovaMetadata: OS::Heat::None
|
||||
OS::TripleO::Services::NovaScheduler: OS::Heat::None
|
||||
OS::TripleO::Services::NovaCompute: OS::Heat::None
|
||||
OS::TripleO::Services::NovaLibvirt: OS::Heat::None
|
||||
|
||||
|
||||
|
||||
parameter_defaults:
|
||||
# NOTE: CI envs have swap, which by default blocks Kubespray and Kubelet.
|
||||
# https://github.com/kubernetes-incubator/kubespray/issues/1787#issuecomment-336155007
|
||||
KubesprayIgnoreAssertErrors: true
|
||||
|
||||
ControllerServices:
|
||||
- OS::TripleO::Services::CACerts
|
||||
- OS::TripleO::Services::ContainerImagePrepare
|
||||
- OS::TripleO::Services::Docker
|
||||
- OS::TripleO::Services::Kernel
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Timesync
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Kubernetes::Master
|
||||
- OS::TripleO::Services::Kubernetes::Worker
|
||||
ComputeServices:
|
||||
- OS::TripleO::Services::CACerts
|
||||
- OS::TripleO::Services::Docker
|
||||
- OS::TripleO::Services::Kernel
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Timesync
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Kubernetes::Worker
|
||||
Debug: true
|
|
@ -1,182 +0,0 @@
|
|||
heat_template_version: rocky
|
||||
|
||||
description: Triggers a Mistral workflow for the deployment of Kubernetes
|
||||
|
||||
parameters:
|
||||
RoleNetIpMap:
|
||||
default: {}
|
||||
type: json
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
KubesprayIgnoreAssertErrors:
|
||||
default: false
|
||||
description: Ignore kubespray pre-flight checks. Useful for deploying
|
||||
on environments with swap enabled.
|
||||
type: boolean
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Kubernetes Service
|
||||
value:
|
||||
service_name: kubernetes_master
|
||||
firewall_rules:
|
||||
'200 kubernetes-master api':
|
||||
dport: 6443
|
||||
proto: tcp
|
||||
'200 kubernetes-master etcd':
|
||||
dport:
|
||||
- 2379
|
||||
- 2380
|
||||
proto: tcp
|
||||
'200 kubernetes-master flannel':
|
||||
dport:
|
||||
- 8285
|
||||
- 8472
|
||||
proto: udp
|
||||
upgrade_tasks: []
|
||||
step_config: ''
|
||||
external_deploy_tasks:
|
||||
# FIXME: remove this block when kubespray is packaged
|
||||
- name: kubernetes_master step 2 kubespray repository
|
||||
when: step|int == 2
|
||||
block:
|
||||
- name: check kubespray directory existence
|
||||
stat:
|
||||
path: /usr/share/kubespray
|
||||
register: kubespray_stat
|
||||
- set_fact:
|
||||
kubespray_dir: >-
|
||||
{%- if kubespray_stat.stat.exists -%}
|
||||
/usr/share/kubespray
|
||||
{%- elif ansible_user_id == 'mistral' -%}
|
||||
/var/lib/mistral/kubespray
|
||||
{%- else -%}
|
||||
{{ ansible_user_dir }}/kubespray
|
||||
{%- endif -%}
|
||||
- name: check cloned kubespray directory existence
|
||||
stat:
|
||||
path: "{{ kubespray_dir }}"
|
||||
register: kubespray_cloned_stat
|
||||
when: not kubespray_stat.stat.exists
|
||||
- name: download kubespray source
|
||||
shell: |
|
||||
set -eux
|
||||
mkdir '{{ kubespray_dir }}'
|
||||
cd '{{ kubespray_dir }}'
|
||||
curl -Lo kubespray.tar.gz 'https://github.com/kubernetes-incubator/kubespray/archive/master.tar.gz'
|
||||
tar --strip-components 1 -xzvf kubespray.tar.gz
|
||||
# do not overwrite existing contents
|
||||
when: not kubespray_stat.stat.exists and not kubespray_cloned_stat.stat.exists
|
||||
- name: kubernetes_master step 2
|
||||
when: step|int == 2
|
||||
block:
|
||||
- name: create kubespray temp dirs
|
||||
become: true
|
||||
file:
|
||||
path: "{{item}}"
|
||||
state: directory
|
||||
owner: "{{ ansible_user }}"
|
||||
with_items:
|
||||
- "{{playbook_dir}}/kubespray"
|
||||
- "{{playbook_dir}}/kubespray/artifacts"
|
||||
- name: generate kubespray inventory
|
||||
copy:
|
||||
dest: "{{playbook_dir}}/kubespray/inventory.yml"
|
||||
content: |
|
||||
kube-master:
|
||||
hosts:
|
||||
{% for host in groups['kubernetes_master'] -%}
|
||||
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
|
||||
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
|
||||
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
|
||||
ansible_become: true
|
||||
{% endfor %}
|
||||
|
||||
kube-node:
|
||||
|
||||
hosts:
|
||||
{% for host in groups['kubernetes_worker'] -%}
|
||||
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
|
||||
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
|
||||
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
|
||||
ansible_become: true
|
||||
{% endfor %}
|
||||
|
||||
etcd:
|
||||
children:
|
||||
kube-master: {}
|
||||
|
||||
k8s-cluster:
|
||||
children:
|
||||
kube-master: {}
|
||||
kube-node: {}
|
||||
- name: generate kubespray global vars
|
||||
copy:
|
||||
dest: "{{playbook_dir}}/kubespray/global_vars.yml"
|
||||
content:
|
||||
str_replace:
|
||||
template: |
|
||||
kubeconfig_localhost: true
|
||||
artifacts_dir: '{{playbook_dir}}/kubespray/artifacts'
|
||||
ignore_assert_errors: IGNORE_ASSERT_ERRORS
|
||||
kubelet_fail_swap_on: KUBELET_FAIL_SWAP_ON
|
||||
params:
|
||||
IGNORE_ASSERT_ERRORS: {get_param: KubesprayIgnoreAssertErrors}
|
||||
KUBELET_FAIL_SWAP_ON:
|
||||
yaql:
|
||||
expression: not $.data
|
||||
data: {get_param: KubesprayIgnoreAssertErrors}
|
||||
- name: generate kubespray playbook
|
||||
copy:
|
||||
dest: "{{playbook_dir}}/kubespray/playbook.yml"
|
||||
content: |
|
||||
- import_playbook: {{ kubespray_dir|default('/usr/share/kubespray') }}/cluster.yml
|
||||
- name: set kubespray command
|
||||
set_fact:
|
||||
# NOTE: We could let kubespray configure docker
|
||||
# (remove --skip-tags docker) and run it in step 1
|
||||
# when this RFE is implemented:
|
||||
# https://github.com/kubernetes-incubator/kubespray/issues/1836
|
||||
kubespray_command: >-
|
||||
{%- if kubespray_command is defined -%}
|
||||
{{kubespray_command}}
|
||||
{%- else -%}
|
||||
ANSIBLE_HOST_KEY_CHECKING=False
|
||||
ansible-playbook
|
||||
-i '{{playbook_dir}}/kubespray/inventory.yml'
|
||||
--skip-tags docker,bastion-ssh-config
|
||||
--extra-vars '@{{playbook_dir}}/kubespray/global_vars.yml'
|
||||
{% if ansible_ssh_private_key_file is defined %}--private-key '{{ansible_ssh_private_key_file}}'{% endif %}
|
||||
'{{playbook_dir}}/kubespray/playbook.yml'
|
||||
{%- endif -%}
|
||||
- name: print kubespray command
|
||||
debug:
|
||||
var: kubespray_command
|
||||
- name: run kubespray (immediate log at {{playbook_dir}}/kubespray/playbook.log)
|
||||
shell: |
|
||||
{{kubespray_command}} 2>&1 | tee {{playbook_dir}}/kubespray/playbook.log
|
||||
exit ${PIPESTATUS[0]}
|
|
@ -1,62 +0,0 @@
|
|||
heat_template_version: rocky
|
||||
|
||||
description: Triggers a Mistral workflow for the deployment of Kubernetes
|
||||
|
||||
parameters:
|
||||
RoleNetIpMap:
|
||||
default: {}
|
||||
type: json
|
||||
ServiceData:
|
||||
default: {}
|
||||
description: Dictionary packing service data
|
||||
type: json
|
||||
ServiceNetMap:
|
||||
default: {}
|
||||
description: Mapping of service_name -> network name. Typically set
|
||||
via parameter_defaults in the resource registry. This
|
||||
mapping overrides those in ServiceNetMapDefaults.
|
||||
type: json
|
||||
DefaultPasswords:
|
||||
default: {}
|
||||
type: json
|
||||
RoleName:
|
||||
default: ''
|
||||
description: Role name on which the service is applied
|
||||
type: string
|
||||
RoleParameters:
|
||||
default: {}
|
||||
description: Parameters specific to the role
|
||||
type: json
|
||||
EndpointMap:
|
||||
default: {}
|
||||
description: Mapping of service endpoint -> protocol. Typically set
|
||||
via parameter_defaults in the resource registry.
|
||||
type: json
|
||||
|
||||
outputs:
|
||||
role_data:
|
||||
description: Role data for the Kubernetes Service
|
||||
value:
|
||||
# This service template essentially tags the nodes that we want
|
||||
# as workers. The actual installation is performed in
|
||||
# kubernetes-master service template.
|
||||
service_name: kubernetes_worker
|
||||
firewall_rules:
|
||||
'200 kubernetes-worker kubelet':
|
||||
dport:
|
||||
- 10250
|
||||
- 10255
|
||||
proto: tcp
|
||||
'200 kubernetes-worker external services':
|
||||
dport: '30000-32767'
|
||||
'200 kubernetes-worker flannel':
|
||||
dport:
|
||||
- 8285
|
||||
- 8472
|
||||
proto: udp
|
||||
'200 kubernetes-worker calico bgp':
|
||||
dport: 179
|
||||
proto: tcp
|
||||
'200 kubernetes-worker calico ipv4-in-ip':
|
||||
proto: ipv4
|
||||
upgrade_tasks: []
|
|
@ -98,7 +98,6 @@ outputs:
|
|||
tripleo::haproxy::ironic_inspector: false
|
||||
tripleo::haproxy::keystone_admin: false
|
||||
tripleo::haproxy::keystone_public: false
|
||||
tripleo::haproxy::kubernetes_master: false
|
||||
tripleo::haproxy::manila: false
|
||||
tripleo::haproxy::mistral: false
|
||||
tripleo::haproxy::mysql: false
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
resource_registry:
|
||||
OS::TripleO::Services::Docker: ../deployment/deprecated/docker/docker-baremetal-ansible.yaml
|
||||
OS::TripleO::Services::Kubernetes::Worker: ../deployment/deprecated/kubernetes/kubernetes-worker-baremetal-ansible.yaml
|
||||
OS::TripleO::Services::Kubernetes::Master: ../deployment/deprecated/kubernetes/kubernetes-master-baremetal-ansible.yaml
|
|
@ -12,8 +12,6 @@ resource_registry:
|
|||
# Disable non-openstack services that are enabled by default
|
||||
OS::TripleO::Services::HAproxy: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
OS::TripleO::Services::Redis: OS::Heat::None
|
||||
|
||||
# By default we only want the following OpenStack services to be enabled:
|
||||
|
|
|
@ -77,8 +77,6 @@ resource_registry:
|
|||
OS::TripleO::Services::IronicInspector: OS::Heat::None
|
||||
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
|
||||
OS::TripleO::Services::IronicPxe: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
OS::TripleO::Services::ManilaApi: OS::Heat::None
|
||||
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
|
||||
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None
|
||||
|
|
|
@ -87,8 +87,6 @@ resource_registry:
|
|||
OS::TripleO::Services::IronicNeutronAgent: OS::Heat::None
|
||||
OS::TripleO::Services::IronicPxe: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
OS::TripleO::Services::ManilaApi: OS::Heat::None
|
||||
OS::TripleO::Services::ManilaBackendCephFs: OS::Heat::None
|
||||
OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None
|
||||
|
|
|
@ -111,8 +111,6 @@ resource_registry:
|
|||
OS::TripleO::Services::Iscsid: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
OS::TripleO::Services::Keystone: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
OS::TripleO::Services::LiquidioCompute: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::BarbicanApi: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::GlanceApi: OS::Heat::None
|
||||
|
|
|
@ -130,8 +130,6 @@ resource_registry:
|
|||
OS::TripleO::Services::HeatApiCloudwatch: deployment/heat/heat-api-cloudwatch-disabled-puppet.yaml
|
||||
OS::TripleO::Services::HeatEngine: deployment/heat/heat-engine-container-puppet.yaml
|
||||
OS::TripleO::Services::Kernel: deployment/kernel/kernel-baremetal-ansible.yaml
|
||||
OS::TripleO::Services::Kubernetes::Master: deployment/deprecated/kubernetes/kubernetes-master-baremetal-ansible.yaml
|
||||
OS::TripleO::Services::Kubernetes::Worker: deployment/deprecated/kubernetes/kubernetes-worker-baremetal-ansible.yaml
|
||||
OS::TripleO::Services::MySQL: deployment/database/mysql-container-puppet.yaml
|
||||
OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None
|
||||
OS::TripleO::Services::NeutronBgpVpnBagpipe: OS::Heat::None
|
||||
|
|
|
@ -73,8 +73,6 @@ environments:
|
|||
# Disable non-openstack services that are enabled by default
|
||||
OS::TripleO::Services::HAproxy: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
|
||||
# Aodh
|
||||
OS::TripleO::Services::AodhApi: OS::Heat::None
|
||||
|
@ -186,10 +184,6 @@ environments:
|
|||
|
||||
OS::TripleO::Services::OpenStackClients: ../../deployment/clients/openstack-clients-baremetal-ansible.yaml
|
||||
|
||||
# Disable non-openstack services that are enabled by default
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
|
||||
# Aodh
|
||||
OS::TripleO::Services::AodhApi: OS::Heat::None
|
||||
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
|
||||
|
|
|
@ -134,8 +134,6 @@ environments:
|
|||
OS::TripleO::Services::Iscsid: OS::Heat::None
|
||||
OS::TripleO::Services::Keepalived: OS::Heat::None
|
||||
OS::TripleO::Services::Keystone: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Master: OS::Heat::None
|
||||
OS::TripleO::Services::Kubernetes::Worker: OS::Heat::None
|
||||
OS::TripleO::Services::LiquidioCompute: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::BarbicanApi: OS::Heat::None
|
||||
OS::TripleO::Services::Logging::GlanceApi: OS::Heat::None
|
||||
|
|
|
@ -129,17 +129,6 @@
|
|||
- ci/environments/scenario011-multinode-containers.yaml
|
||||
- ^(deployment|docker|puppet)/.*ironic.*$
|
||||
- ^environments\/.*ironic.*$
|
||||
- tripleo-ci-centos-7-scenario006-multinode-oooq-container:
|
||||
dependencies: *deps_unit_lint
|
||||
files:
|
||||
- ^ci/common/.*$
|
||||
- ^coe/kubernetes.*$
|
||||
- ^environments/kubernetes.*$
|
||||
- ^deployment/.*kubernetes/.*$
|
||||
- ci/environments/scenario006-multinode.yaml
|
||||
- ^deployed-server/.*$
|
||||
- ^common/.*$
|
||||
- zuul.d/*
|
||||
- job:
|
||||
name: openstack-tox-tht
|
||||
parent: openstack-tox
|
||||
|
|
Loading…
Reference in New Issue