From 1481f7d64b7cdaa7d269cc71b1bef6c442ec0b02 Mon Sep 17 00:00:00 2001
From: Sergey Bondarev <s.bondarev@southbridge.ru>
Date: Sat, 17 Mar 2018 02:54:46 +0300
Subject: [PATCH] Dedicated node for ingress nginx controller

The ability to create dedicated node for ingress nginx controller
host type network for nginx controller

and add from example https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/static-ip/nginx-ingress-controller.yaml
terminationGracePeriodSeconds: 60
---
 inventory/sample/group_vars/k8s-cluster.yml               | 1 +
 inventory/sample/hosts.ini                                | 5 +++++
 .../templates/ingress-nginx-controller-ds.yml.j2          | 8 ++++++++
 roles/kubernetes/node/templates/kubelet.standard.env.j2   | 2 ++
 4 files changed, 16 insertions(+)

diff --git a/inventory/sample/group_vars/k8s-cluster.yml b/inventory/sample/group_vars/k8s-cluster.yml
index 128e8cc99..19ffc8cca 100644
--- a/inventory/sample/group_vars/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s-cluster.yml
@@ -189,6 +189,7 @@ cephfs_provisioner_enabled: false
 
 # Nginx ingress controller deployment
 ingress_nginx_enabled: false
+# ingres_nginx_host_network: true
 # ingress_nginx_namespace: "ingress-nginx"
 # ingress_nginx_insecure_port: 80
 # ingress_nginx_secure_port: 443
diff --git a/inventory/sample/hosts.ini b/inventory/sample/hosts.ini
index 13cc3612e..8eece0d48 100644
--- a/inventory/sample/hosts.ini
+++ b/inventory/sample/hosts.ini
@@ -26,6 +26,11 @@
 # node5
 # node6
 
+# optional for dedicated ingress node
+# [kube-ingress]
+# node2
+# node3
+
 # [k8s-cluster:children]
 # kube-node
 # kube-master
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ingress-nginx-controller-ds.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ingress-nginx-controller-ds.yml.j2
index 7fd3a946c..289119a60 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ingress-nginx-controller-ds.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ingress-nginx-controller-ds.yml.j2
@@ -21,6 +21,14 @@ spec:
         k8s-app: ingress-nginx
         version: v{{ ingress_nginx_controller_image_tag }}
     spec:
+{% if ingres_nginx_host_network is defined and ingres_nginx_host_network %}
+      hostNetwork: true
+{% endif %}
+{% if 'kube-ingress' in groups %}
+      nodeSelector:
+        node-role.kubernetes.io/ingress: "true"
+{% endif %}
+      terminationGracePeriodSeconds: 60
       containers:
         - name: ingress-nginx-controller
           image: {{ ingress_nginx_controller_image_repo }}:{{ ingress_nginx_controller_image_tag }}
diff --git a/roles/kubernetes/node/templates/kubelet.standard.env.j2 b/roles/kubernetes/node/templates/kubelet.standard.env.j2
index 8e05e0253..ed06cf72d 100644
--- a/roles/kubernetes/node/templates/kubelet.standard.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.standard.env.j2
@@ -84,6 +84,8 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
 {%   if not standalone_kubelet|bool %}
 {%     set node_labels %}{{ node_labels }},node-role.kubernetes.io/node=true{% endset %}
 {%   endif %}
+{% elif inventory_hostname in groups['kube-ingress']|default([]) %}
+{%   set node_labels %}--node-labels=node-role.kubernetes.io/ingress=true{% endset %}
 {% else %}
 {%   set node_labels %}--node-labels=node-role.kubernetes.io/node=true{% endset %}
 {% endif %}
-- 
GitLab