airship
/
promenade
Code Issues Proposed changes

update templates for new config

This commit is contained in:
Mark Burnett 2017-06-19 15:43:37 -05:00
parent 1a930e8b79
commit 0faaddbaa4
21 changed files with 28 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
promenade/templates/common/etc/dnsmasq.d/auxilliary-etcd
View File

@ -1,2 +0,0 @@
host-record=auxiliary-etcd-0,{{ genesis['ip'] }}
host-record=auxiliary-etcd-1,{{ genesis['ip'] }}

2
promenade/templates/common/etc/dnsmasq.d/kubernetes-masters
View File

@ -1,4 +1,4 @@
{% for master in masters %}
{% for master in config['Masters']['nodes'] %}
host-record=kubernetes,{{ master['ip'] }}
host-record={{ master['hostname'] }},{{ master['ip'] }}
{% endfor %}

13
promenade/templates/common/etc/kubernetes/cfssl/ca-config.json
View File

@ -1,13 +0,0 @@
{
"signing": {
"default": {
"expiry": "8760h"
},
"profiles": {
"kubernetes": {
"usages": ["signing", "key encipherment", "server auth", "client auth"],
"expiry": "8760h"
}
}
}
}

16
promenade/templates/common/etc/kubernetes/cfssl/csr-configs/kubelet.json
View File

@ -1,16 +0,0 @@
{
"CN": "system:node:{{ current_node['hostname'] }}",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"names": [
{
"O": "system:nodes"
}
],
"key": {
"algo": "rsa",
"size": 2048
}
}

11
promenade/templates/common/etc/kubernetes/cfssl/csr-configs/proxy.json
View File

@ -1,11 +0,0 @@
{
"CN": "system:kube-proxy",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"key": {
"algo": "rsa",
"size": 2048
}
}

2
promenade/templates/common/etc/kubernetes/kubelet/manifests/kube-proxy.yaml
View File

@ -16,7 +16,7 @@ spec:
command:
- /hyperkube
- proxy
- --cluster-cidr={{ network.pod_ip_cidr }}
- --cluster-cidr={{ config['Network']['pod_ip_cidr'] }}
- --hostname-override=$(NODE_NAME)
- --kubeconfig=/etc/kubernetes/config/kubeconfig.yaml
- --proxy-mode=iptables

10
promenade/templates/common/etc/systemd/system/kubelet.service
View File

@ -5,15 +5,15 @@ Documentation=https://kubernetes.io/docs/admin/kubelet/
[Service]
ExecStart=/usr/local/bin/kubelet \
--allow-privileged=true \
--cluster-dns={{ network.cluster_dns }} \
--cluster-domain={{ network.cluster_domain }} \
--cluster-dns={{ config['Network']['cluster_dns'] }} \
--cluster-domain={{ config['Network']['cluster_domain'] }} \
--cni-bin-dir=/opt/cni/bin \
--cni-conf-dir=/etc/cni/net.d \
--hostname-override={{ current_node.hostname }} \
--hostname-override={{ config['Node']['hostname'] }} \
--kubeconfig=/etc/kubernetes/kubelet/kubeconfig.yaml \
--network-plugin=cni \
--node-ip={{ current_node.ip }} \
--node-labels={{ current_node.labels | join(',') }} \
--node-ip={{ config['Node']['ip'] }} \
--node-labels={{ config['Node']['labels'] | join(',') }} \
--pod-manifest-path=/etc/kubernetes/kubelet/manifests \
--require-kubeconfig=true \
--v=5

2
promenade/templates/genesis/etc/kubernetes/asset-loader/assets/flannel.yaml
View File

@ -67,7 +67,7 @@ data:
}
net-conf.json: |
{
"Network": "{{ network.pod_ip_cidr }}",
"Network": "{{ config['Network']['pod_ip_cidr'] }}",
"Backend": {
"Type": "vxlan"
}

2
promenade/templates/genesis/etc/kubernetes/asset-loader/assets/kube-dns.yaml
View File

@ -23,7 +23,7 @@ metadata:
spec:
selector:
k8s-app: kube-dns
clusterIP: {{ network.cluster_dns }}
clusterIP: {{ config['Network']['cluster_dns'] }}
ports:
- name: dns
port: 53

16
promenade/templates/genesis/etc/kubernetes/cfssl/csr-configs/asset-loader.json
View File

@ -1,16 +0,0 @@
{
"CN": "asset-loader",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"names": [
{
"O": "system:masters"
}
],
"key": {
"algo": "rsa",
"size": 2048
}
}

19
promenade/templates/genesis/etc/kubernetes/cfssl/csr-configs/etcd.json
View File

@ -1,19 +0,0 @@
{
"CN": "etcd:{{ current_node['hostname'] }}",
"hosts": [
"kubernetes",
"kubernetes.default",
"kubernetes.default.svc",
"kubernetes.default.svc.cluster.local",
"127.0.0.1",
"{{ current_node['hostname'] }}",
"auxiliary-etcd-0",
"auxiliary-etcd-1",
"{{ current_node['ip'] }}",
"{{ network.kube_service_ip }}"
],
"key": {
"algo": "rsa",
"size": 2048
}
}

16
promenade/templates/genesis/etc/kubernetes/cfssl/csr-configs/genesis.json
View File

@ -1,16 +0,0 @@
{
"CN": "genesis",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"names": [
{
"O": "system:masters"
}
],
"key": {
"algo": "rsa",
"size": 2048
}
}

22
promenade/templates/genesis/etc/kubernetes/kubelet/manifests/auxiliary-etcd.yaml
View File

@ -43,10 +43,10 @@ spec:
value: https://0.0.0.0:12379
- name: ETCD_LISTEN_PEER_URLS
value: https://0.0.0.0:12380
{%- for env_name, env_value in etcd['env'].items() %}
- name: {{ env_name }}
value: {{ env_value }}
{%- endfor %}
- name: ETCD_INITIAL_CLUSTER_STATE
value: {{ config['Etcd']['initial_cluster_state'] }}
- name: ETCD_INITIAL_CLUSTER
value: {{ config['Etcd']['initial_cluster'] | join(',') }}
ports:
- name: client
containerPort: 12379
@ -96,10 +96,10 @@ spec:
value: https://0.0.0.0:22379
- name: ETCD_LISTEN_PEER_URLS
value: https://0.0.0.0:22380
{%- for env_name, env_value in etcd['env'].items() %}
- name: {{ env_name }}
value: {{ env_value }}
{%- endfor %}
- name: ETCD_INITIAL_CLUSTER_STATE
value: {{ config['Etcd']['initial_cluster_state'] }}
- name: ETCD_INITIAL_CLUSTER
value: {{ config['Etcd']['initial_cluster'] | join(',') }}
ports:
- name: client
containerPort: 22379
@ -124,8 +124,8 @@ spec:
- |-
set -x
while true; do
if [ $(etcdctl member list | grep -v unstarted | wc -l || echo 0) -ge {{ masters | length }} ]; then
{%- for master in masters %}
if [ $(etcdctl member list | grep -v unstarted | wc -l || echo 0) -ge {{ config['Masters']['nodes'] | length }} ]; then
{%- for master in config['Masters']['nodes'] %}
etcdctl member add {{ master['hostname'] }} --peer-urls https://{{ master['hostname'] }}:2380
{%- endfor %}
break
@ -133,7 +133,7 @@ spec:
done
while true; do
sleep 5
if [ $(etcdctl member list | grep -v unstarted | wc -l || echo 0) -eq {{ 2 + (masters | length) }} ]; then
if [ $(etcdctl member list | grep -v unstarted | wc -l || echo 0) -eq {{ 2 + (config['Masters']['nodes'] | length) }} ]; then
etcdctl member remove $(etcdctl member list | grep auxiliary-etcd-1 | cut -d , -f 1)
etcdctl member remove $(etcdctl member list | grep auxiliary-etcd-0 | cut -d , -f 1)
sleep 60

16
promenade/templates/master/etc/kubernetes/cfssl/csr-configs/admin.json
View File

@ -1,16 +0,0 @@
{
"CN": "admin",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"names": [
{
"O": "system:masters"
}
],
"key": {
"algo": "rsa",
"size": 2048
}
}

17
promenade/templates/master/etc/kubernetes/cfssl/csr-configs/apiserver.json
View File

@ -1,17 +0,0 @@
{
"CN": "system:kube-apiserver",
"hosts": [
"kubernetes",
"kubernetes.default",
"kubernetes.default.svc",
"kubernetes.default.svc.cluster.local",
"127.0.0.1",
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}",
"{{ network.kube_service_ip }}"
],
"key": {
"algo": "rsa",
"size": 2048
}
}

11
promenade/templates/master/etc/kubernetes/cfssl/csr-configs/controller-manager.json
View File

@ -1,11 +0,0 @@
{
"CN": "system:kube-controller-manager",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"key": {
"algo": "rsa",
"size": 2048
}
}

17
promenade/templates/master/etc/kubernetes/cfssl/csr-configs/etcd.json
View File

@ -1,17 +0,0 @@
{
"CN": "etcd:{{ current_node['hostname'] }}",
"hosts": [
"kubernetes",
"kubernetes.default",
"kubernetes.default.svc",
"kubernetes.default.svc.cluster.local",
"127.0.0.1",
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}",
"{{ network.kube_service_ip }}"
],
"key": {
"algo": "rsa",
"size": 2048
}
}

11
promenade/templates/master/etc/kubernetes/cfssl/csr-configs/scheduler.json
View File

@ -1,11 +0,0 @@
{
"CN": "system:kube-scheduler",
"hosts": [
"{{ current_node['hostname'] }}",
"{{ current_node['ip'] }}"
],
"key": {
"algo": "rsa",
"size": 2048
}
}

4
promenade/templates/master/etc/kubernetes/kubelet/manifests/kube-apiserver.yaml
View File

@ -17,7 +17,7 @@ spec:
command:
- /hyperkube
- apiserver
- --advertise-address={{ current_node.ip }}
- --advertise-address={{ config['Node']['ip'] }}
- --authorization-mode=RBAC
- --admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,PersistentVolumeLabel,DefaultStorageClass,ResourceQuota,DefaultTolerationSeconds
- --anonymous-auth=false
@ -30,7 +30,7 @@ spec:
- --etcd-cafile=/etc/kubernetes/pki/cluster-ca.pem
- --etcd-certfile=/etc/kubernetes/pki/apiserver.pem
- --etcd-keyfile=/etc/kubernetes/pki/apiserver-key.pem
- --service-cluster-ip-range={{ network.service_ip_cidr }}
- --service-cluster-ip-range={{ config['Network']['service_ip_cidr'] }}
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --service-account-key-file=/etc/kubernetes/pki/sa.pem
- --tls-cert-file=/etc/kubernetes/pki/apiserver.pem

4
promenade/templates/master/etc/kubernetes/kubelet/manifests/kube-controller-manager.yaml
View File

@ -19,7 +19,7 @@ spec:
- ./hyperkube
- controller-manager
- --allocate-node-cidrs=true
- --cluster-cidr={{ network.pod_ip_cidr }}
- --cluster-cidr={{ config['Network']['pod_ip_cidr'] }}
- --cluster-signing-cert-file=/etc/kubernetes/pki/cluster-ca.pem
- --cluster-signing-key-file=/etc/kubernetes/pki/cluster-ca-key.pem
- --configure-cloud-routes=false
@ -27,7 +27,7 @@ spec:
- --kubeconfig=/etc/kubernetes/kubeconfig.yaml
- --root-ca-file=/etc/kubernetes/pki/cluster-ca.pem
- --service-account-private-key-file=/etc/kubernetes/pki/sa-key.pem
- --service-cluster-ip-range={{ network.service_ip_cidr }}
- --service-cluster-ip-range={{ config['Network']['service_ip_cidr'] }}
- --use-service-account-credentials=true
- --v=5
volumeMounts:

8
promenade/templates/master/etc/kubernetes/kubelet/manifests/kube-etcd.yaml
View File

@ -45,10 +45,10 @@ spec:
value: https://0.0.0.0:2379
- name: ETCD_LISTEN_PEER_URLS
value: https://0.0.0.0:2380
{%- for env_name, env_value in etcd['env'].items() %}
- name: {{ env_name }}
value: {{ env_value }}
{%- endfor %}
- name: ETCD_INITIAL_CLUSTER_STATE
value: {{ config['Etcd']['initial_cluster_state'] }}
- name: ETCD_INITIAL_CLUSTER
value: {{ config['Etcd']['initial_cluster'] | join(',') }}
ports:
- name: client
containerPort: 2379