diff --git a/roles/network_plugin/contiv/defaults/main.yml b/roles/network_plugin/contiv/defaults/main.yml
index 6d1299c0bd21c4b87ce8d10fe9f4fa2b62a15bb1..83d940173ebbd25a19e1d5e75c0c5e19147abd4d 100644
--- a/roles/network_plugin/contiv/defaults/main.yml
+++ b/roles/network_plugin/contiv/defaults/main.yml
@@ -6,6 +6,8 @@ contiv_etcd_data_dir: "/var/lib/etcd/contiv-data"
contiv_netmaster_port: 9999
contiv_cni_version: 0.1.0
+contiv_etcd_image_repo: "{{ etcd_image_repo }}"
+contiv_etcd_image_tag: "{{ etcd_image_tag }}"
contiv_etcd_listen_ip: "{{ ip | default(ansible_default_ipv4['address']) }}"
contiv_etcd_listen_port: 6666
contiv_etcd_peer_port: 6667
@@ -14,6 +16,14 @@ contiv_etcd_peer_urls: http://{{ contiv_etcd_listen_ip }}:{{ contiv_etcd_peer_po
contiv_etcd_listen_urls:
- http://{{ contiv_etcd_listen_ip }}:{{ contiv_etcd_listen_port }}
- http://127.0.0.1:{{ contiv_etcd_listen_port }}
+contiv_etcd_endpoints: |-
+ {% for host in groups['kube-master'] -%}
+ contiv_etcd{{ loop.index }}=http://{{ hostvars[host]['ip'] | default(hostvars[host].ansible_default_ipv4['address']) }}:{{ contiv_etcd_peer_port }}{% if not loop.last %},{% endif %}
+ {%- endfor %}
+contiv_etcd_name: |-
+ {% for host in groups['kube-master'] %}
+ {% if host == inventory_hostname -%}contiv_etcd{{ loop.index }}{%- endif %}
+ {% endfor %}
# Parameters for Contiv api-proxy
contiv_enable_api_proxy: true
diff --git a/roles/network_plugin/contiv/tasks/main.yml b/roles/network_plugin/contiv/tasks/main.yml
index b1ed41c24dba878762287728564060087deed40a..f05090ffb7bf9afc77c958eb24a0014db1492926 100644
--- a/roles/network_plugin/contiv/tasks/main.yml
+++ b/roles/network_plugin/contiv/tasks/main.yml
@@ -21,6 +21,7 @@
template:
src: contiv-etcd.env.j2
dest: "{{ contiv_etcd_conf_dir }}/contiv-etcd.env"
+ when: inventory_hostname in groups['kube-master']
- set_fact:
contiv_config_dir: "{{ contiv_config_dir }}"
@@ -38,6 +39,7 @@
- {name: contiv-netplugin, file: contiv-netplugin-clusterrole.yml, type: clusterrole}
- {name: contiv-netplugin, file: contiv-netplugin-serviceaccount.yml, type: serviceaccount}
- {name: contiv-etcd, file: contiv-etcd.yml, type: daemonset}
+ - {name: contiv-etcd-proxy, file: contiv-etcd-proxy.yml, type: daemonset}
- {name: contiv-netplugin, file: contiv-netplugin.yml, type: daemonset}
- {name: contiv-netmaster, file: contiv-netmaster.yml, type: daemonset}
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
new file mode 100644
index 0000000000000000000000000000000000000000..5b4b643c23e516ce27ef17a5e6d9e1bd7e52c86c
--- /dev/null
+++ b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
@@ -0,0 +1,31 @@
+---
+kind: DaemonSet
+apiVersion: extensions/v1beta1
+metadata:
+ name: contiv-etcd-proxy
+ namespace: {{ system_namespace }}
+ labels:
+ k8s-app: contiv-etcd-proxy
+spec:
+ selector:
+ matchLabels:
+ k8s-app: contiv-etcd-proxy
+ template:
+ metadata:
+ labels:
+ k8s-app: contiv-etcd-proxy
+ annotations:
+ scheduler.alpha.kubernetes.io/critical-pod: ''
+ spec:
+ hostNetwork: true
+ hostPID: true
+ containers:
+ - name: contiv-etcd-proxy
+ image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}
+ env:
+ - name: ETCD_LISTEN_CLIENT_URLS
+ value: http://127.0.0.1:{{ contiv_etcd_listen_port }}
+ - name: ETCD_PROXY
+ value: "on"
+ - name: ETCD_INITIAL_CLUSTER
+ value: {{ contiv_etcd_endpoints }}
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.env.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.env.j2
index 1a4efb466ef3d119ac6b6d2ee55a3104dcc89472..e5f920af194df05e7c0d3acc0439ef090b09633e 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd.env.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd.env.j2
@@ -1,22 +1,8 @@
# contiv etcd config
-{% if inventory_hostname in groups['kube-master'] %}
export ETCD_DATA_DIR=/var/lib/etcd/contiv-data
export ETCD_ADVERTISE_CLIENT_URLS={{ contiv_etcd_ad_urls }}
export ETCD_INITIAL_ADVERTISE_PEER_URLS={{ contiv_etcd_peer_urls }}
export ETCD_LISTEN_PEER_URLS={{ contiv_etcd_peer_urls }}
export ETCD_LISTEN_CLIENT_URLS={{ contiv_etcd_listen_urls | join(",") }}
-export ETCD_NAME=
-{%- for host in groups['kube-master'] -%}
-{%- if host == inventory_hostname -%}
-contiv_etcd{{ loop.index }}
-{%- endif %}
-{%- endfor %}
-
-{% else %}
-export ETCD_LISTEN_CLIENT_URLS=http://127.0.0.1:{{ contiv_etcd_listen_port }}
-export ETCD_PROXY=on
-{% endif %}
-export ETCD_INITIAL_CLUSTER=
-{%- for host in groups['kube-master'] -%}
-contiv_etcd{{ loop.index }}=http://{{ hostvars[host]['ip'] | default(hostvars[host].ansible_default_ipv4['address']) }}:{{ contiv_etcd_peer_port }},
-{%- endfor -%}
+export ETCD_NAME={{ contiv_etcd_name }}
+export ETCD_INITIAL_CLUSTER={{ contiv_etcd_endpoints }}
diff --git a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2 b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
index b5519ed45e80280a4b745e5a6333b51ca19922c6..5e2327a3cf67da3007040897a51947fda304e5b3 100644
--- a/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd.yml.j2
@@ -19,26 +19,26 @@ spec:
spec:
hostNetwork: true
hostPID: true
+ nodeSelector:
+ node-role.kubernetes.io/master: "true"
tolerations:
- - key: node-role.kubernetes.io/master
- effect: NoSchedule
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
containers:
- name: contiv-etcd
- image: {{ etcd_image_repo }}:{{ etcd_image_tag }}
+ image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}
command: ["sh","-c"]
args:
- '. {{ contiv_etcd_conf_dir }}/contiv-etcd.env && /usr/local/bin/etcd'
volumeMounts:
- - name: etc-contiv-etcd
+ - name: contiv-etcd-conf-dir
mountPath: {{ contiv_etcd_conf_dir }}
- - name: var-lib-etcd-contiv-data
+ - name: contiv-etcd-data-dir
mountPath: {{ contiv_etcd_data_dir }}
- securityContext:
- privileged: true
volumes:
- - name: etc-contiv-etcd
- hostPath:
- path: {{ contiv_etcd_conf_dir }}
- - name: var-lib-etcd-contiv-data
+ - name: contiv-etcd-data-dir
hostPath:
path: {{ contiv_etcd_data_dir }}
+ - name: contiv-etcd-conf-dir
+ hostPath:
+ path: {{ contiv_etcd_conf_dir }}