[K8s Cluster refresh] K8s v.1.3 Configuration updates

1. default_scripts/kube-apiserver parametres updates:
Replaced: address, ports with insecure-bind-address, insecure-port
Added: service-cluster-ip-range, admission-control, advertise-address
Depricated: portal_net

2. environ/apiserver parametres updates:
Updated: KUBE_API_ADDRESS, KUBE_API_PORTS
Added: KUBE_API_IP
Depricated: KUBE_API_ARGS

3. systemd/kube-apiserver.service parametres updates:
Added: KUBE_API_IP
Update: KUBE_SERVICE_ADDRESSES with KUBE_SERVICE
Depricated: KUBE_API_ARGS

4. default_scripts/kube-controller-manager updates:
Added: New params for KUBE_CONTROLLER_MANAGER_OPTS such as
service-cluster-ip-range, cluster-cidr, cluster-name

5. systemd/kube-controller-manager.service updates:
Added: new argumunets to start up command such as
KUBE_SERVICE, KUBE_NAME, KUBE_CIDR
Removed: KUBE_CONTROLLER_MANAGER_ARGS

6. kube-config updates with new
Added new argumunets to start up command such as
KUBE_SERVICE, KUBE_NAME, KUBE_CIDR

7. scripts/master-kube-setup.sh update:
Set Master IP value for apiserver and kube-apiserver scripts

Change-Id: I808ef5459e5fd5f1f5c916ddd3f94beab05e5c5d

Kubernetes/KubernetesCluster/package/Resources/scripts/default_scripts/kube-apiserver

@@ -4,11 +4,12 @@
 KUBE_APISERVER="/opt/bin/hyperkube"
 
 # Use KUBE_APISERVER_OPTS to modify the start/restart options
-KUBE_APISERVER_OPTS="--address=0.0.0.0 \
-  --port=8080 \
+KUBE_APISERVER_OPTS="--insecure-bind-address=0.0.0.0 \
+  --insecure-port=8080 \
   --etcd_servers=http://127.0.0.1:4001 \
   --logtostderr=false \
-  --portal_net=11.1.0.0/16  --log_dir=/var/log/kubernetes \
-  --allow_privileged=true"
+  --service-cluster-ip-range=10.32.0.0/24  --log_dir=/var/log/kubernetes \
+  --allow-privileged=true  --advertise-address=%%MASTER_IP%% \
+  --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
 
-# Add more environment settings used by kube-apiserver here
+# Add more environment settings used by kube-apiserver here

Kubernetes/KubernetesCluster/package/Resources/scripts/default_scripts/kube-controller-manager

@@ -5,6 +5,8 @@
 
  # Use KUBE_CONTROLLER_MANAGER_OPTS to modify the start/restart options
  KUBE_CONTROLLER_MANAGER_OPTS="--master=127.0.0.1:8080 \
-   --logtostderr=false --log_dir=/var/log/kubernetes"
+   --logtostderr=false --log_dir=/var/log/kubernetes \
+   --cluster-cidr=10.200.0.0/24 --cluster-name=kubernetes \
+   --service-cluster-ip-range=10.32.0.0/24 "
 
- # Add more environment settings used by kube-controller-manager here
+ # Add more environment settings used by kube-controller-manager here

Kubernetes/KubernetesCluster/package/Resources/scripts/environ/apiserver

@@ -4,11 +4,11 @@
 # The following values are used to configure the kube-apiserver
 #
 
-# The address on the local server to listen to.
-KUBE_API_ADDRESS="--address=0.0.0.0"
+# The IP address on the local server to serve the --insecure-port.
+KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0"
 
-# The port on the local server to listen on.
-# KUBE_API_PORT="--port=8080"
+# The port on which to serve unsecured, unauthenticated access.
+# KUBE_API_PORT="--insecure-port=8080"
 
 # Port minions listen on
 # KUBELET_PORT="--kubelet-port=10250"
@@ -16,11 +16,8 @@ KUBE_API_ADDRESS="--address=0.0.0.0"
 # Comma separated list of nodes in the etcd cluster
 KUBE_ETCD_SERVERS="--etcd-servers=http://127.0.0.1:4001"
 
-# Address range to use for services
-KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
-
-# default admission control policies
+# Default admission control policies
 KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
 
-# Add your own!
-KUBE_API_ARGS="--portal_net=11.1.0.0/16"
+# The IP address on which to advertise the apiserver to cluster members
+KUBE_API_IP="--advertise-address=%%MASTER_IP%%"

Kubernetes/KubernetesCluster/package/Resources/scripts/environ/kube-config

@@ -19,4 +19,14 @@ KUBE_LOG_LEVEL="--v=0"
 KUBE_ALLOW_PRIV="--allow-privileged"
 
 # How the controller-manager, scheduler, and proxy find the apiserver
-KUBE_MASTER="--master=http://%%MASTER_IP%%:8080"
+KUBE_MASTER="--master=http://%%MASTER_IP%%:8080"
+
+# Address range to assign service cluster IPs. Must not overlap with any
+# IP ranges assigned to nodes for pods
+KUBE_SERVICE="--service-cluster-ip-range=10.32.0.0/24"
+
+# The instance prefix for the cluster
+KUBE_NAME="--cluster-name=kubernetes"
+
+# CIDR Range for Pods in cluster
+KUBE_CIDR="--cluster-cidr=10.200.0.0/24"

Kubernetes/KubernetesCluster/package/Resources/scripts/master-kube-setup.sh

@@ -9,6 +9,8 @@ mkdir -p /var/run/murano-kubernetes
 if [[ $(which systemctl) ]]; then
   systemctl stop kube*
   sed -i.bak "s/%%MASTER_IP%%/$2/g" environ/kube-config
+  sed -i.bak "s/%%MASTER_IP%%/$2/g" environ/apiserver
+  sed -i.bak "s/%%MASTER_IP%%/$2/g" default_scripts/kube-apiserver
 
   mkdir -p /etc/kubernetes/
 
@@ -61,4 +63,4 @@ fi
 
 mkdir /var/log/kubernetes
 /opt/bin/kubectl delete node 127.0.0.1
-sleep 1
+sleep 1

Kubernetes/KubernetesCluster/package/Resources/scripts/systemd/kube-apiserver.service

@@ -15,9 +15,9 @@ ExecStart=/opt/bin/hyperkube apiserver \
             $KUBE_API_PORT \
             $KUBELET_PORT \
             $KUBE_ALLOW_PRIV \
-            $KUBE_SERVICE_ADDRESSES \
+            $KUBE_SERVICE \
             $KUBE_ADMISSION_CONTROL \
-            $KUBE_API_ARGS
+            $KUBE_API_IP
 Restart=on-failure
 Type=notify
 LimitNOFILE=65536

Kubernetes/KubernetesCluster/package/Resources/scripts/systemd/kube-controller-manager.service

@@ -8,9 +8,11 @@ ExecStart=/opt/bin/hyperkube controller-manager \
             $KUBE_LOGTOSTDERR \
             $KUBE_LOG_LEVEL \
             $KUBE_MASTER \
-            $KUBE_CONTROLLER_MANAGER_ARGS
+            $KUBE_SERVICE \
+            $KUBE_NAME \
+            $KUBE_CIDR
 Restart=on-failure
 LimitNOFILE=65536
 
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target