Skip to content
Snippets Groups Projects
Commit c75f3947 authored by Bogdan Dobrelya's avatar Bogdan Dobrelya
Browse files

Address standalone kubelet config case


Also place in global vars and do not repeat the kube_*_config_dir
and kube_namespace vars for better code maintainability and UX.

Signed-off-by: default avatarBogdan Dobrelya <bdobrelia@mirantis.com>
parent 45135ad3
No related branches found
No related tags found
No related merge requests found
Showing
with 55 additions and 76 deletions
---
- name: Kubernetes Apps | Lay Down k8s GlusterFS Endpoint and PV
template: src={{item.file}} dest=/etc/kubernetes/{{item.dest}}
template: src={{item.file}} dest={{kube_config_dir}}/{{item.dest}}
with_items:
- { file: glusterfs-kubernetes-endpoint.json.j2, type: ep, dest: glusterfs-kubernetes-endpoint.json}
- { file: glusterfs-kubernetes-pv.yml.j2, type: pv, dest: glusterfs-kubernetes-pv.yml}
......@@ -13,7 +13,7 @@
namespace: default
kubectl: "{{bin_dir}}/kubectl"
resource: "{{item.item.type}}"
filename: "/etc/kubernetes/{{item.item.dest}}"
filename: "{{kube_config_dir}}/{{item.item.dest}}"
state: "{{item.changed | ternary('latest','present') }}"
with_items: "{{ gluster_pv.results }}"
when: inventory_hostname == groups['kube-master'][0] and groups['gfs-cluster'] is defined
......@@ -4,6 +4,28 @@ bootstrap_os: none
# Directory where the binaries will be installed
bin_dir: /usr/local/bin
# Kubernetes configuration dirs and system namespace.
# Those are where all the additional config stuff goes
# the kubernetes normally puts in /srv/kubernets.
# This puts them in a sane location and namespace.
# Editting those values will almost surely break something.
kube_config_dir: /etc/kubernetes
kube_script_dir: "{{ bin_dir }}/kubernetes-scripts"
kube_manifest_dir: "{{ kube_config_dir }}/manifests"
system_namespace: kube-system
# Logging directory (sysvinit systems)
kube_log_dir: "/var/log/kubernetes"
# This is where all the cert scripts and certs will be located
kube_cert_dir: "{{ kube_config_dir }}/ssl"
# This is where all of the bearer tokens will be stored
kube_token_dir: "{{ kube_config_dir }}/tokens"
# This is where to save basic auth file
kube_users_dir: "{{ kube_config_dir }}/users"
# Where the binaries will be downloaded.
# Note: ensure that you've enough disk space (about 1G)
local_release_dir: "/tmp/releases"
......
......@@ -34,7 +34,7 @@
state: link
- name: Create dnsmasq manifests
template: src={{item.file}} dest=/etc/kubernetes/{{item.file}}
template: src={{item.file}} dest={{kube_config_dir}}/{{item.file}}
with_items:
- {file: dnsmasq-ds.yml, type: ds}
- {file: dnsmasq-svc.yml, type: svc}
......@@ -44,10 +44,10 @@
- name: Start Resources
kube:
name: dnsmasq
namespace: kube-system
namespace: "{{system_namespace}}"
kubectl: "{{bin_dir}}/kubectl"
resource: "{{item.item.type}}"
filename: /etc/kubernetes/{{item.item.file}}
filename: "{{kube_config_dir}}/{{item.item.file}}"
state: "{{item.changed | ternary('latest','present') }}"
with_items: "{{ manifests.results }}"
when: inventory_hostname == groups['kube-master'][0]
......
......@@ -3,7 +3,7 @@ apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: dnsmasq
namespace: kube-system
namespace: "{{system_namespace}}"
labels:
k8s-app: dnsmasq
spec:
......
......@@ -6,7 +6,7 @@ metadata:
kubernetes.io/cluster-service: 'true'
k8s-app: dnsmasq
name: dnsmasq
namespace: kube-system
namespace: {{system_namespace}}
spec:
ports:
- port: 53
......
kube_config_dir: /etc/kubernetes
kube_namespace: kube-system
# Versions
kubedns_version: 1.9
kubednsmasq_version: 1.3
......
......@@ -8,6 +8,6 @@
name: "calico-policy-controller"
kubectl: "{{bin_dir}}/kubectl"
filename: "{{kube_config_dir}}/calico-policy-controller.yml"
namespace: "{{kube_namespace}}"
namespace: "{{system_namespace}}"
resource: "rs"
when: inventory_hostname == groups['kube-master'][0]
......@@ -11,7 +11,7 @@
- name: Kubernetes Apps | Start Resources
kube:
name: kubedns
namespace: "{{ kube_namespace }}"
namespace: "{{ system_namespace }}"
kubectl: "{{bin_dir}}/kubectl"
resource: "{{item.item.type}}"
filename: "{{kube_config_dir}}/{{item.item.file}}"
......
......@@ -2,7 +2,7 @@ apiVersion: extensions/v1beta1
kind: ReplicaSet
metadata:
name: calico-policy-controller
namespace: {{ kube_namespace }}
namespace: {{ system_namespace }}
labels:
k8s-app: calico-policy
kubernetes.io/cluster-service: "true"
......@@ -15,7 +15,7 @@ spec:
template:
metadata:
name: calico-policy-controller
namespace: kube-system
namespace: {{system_namespace}}
labels:
kubernetes.io/cluster-service: "true"
k8s-app: calico-policy
......
......@@ -2,7 +2,7 @@ apiVersion: v1
kind: ReplicationController
metadata:
name: kubedns
namespace: {{ kube_namespace }}
namespace: {{ system_namespace }}
labels:
k8s-app: kubedns
version: v19
......
......@@ -2,7 +2,7 @@ apiVersion: v1
kind: Service
metadata:
name: kubedns
namespace: {{ kube_namespace }}
namespace: {{ system_namespace }}
labels:
k8s-app: kubedns
kubernetes.io/cluster-service: "true"
......
......@@ -3,15 +3,15 @@
kube:
name: "canal-config"
kubectl: "{{bin_dir}}/kubectl"
filename: "/etc/kubernetes/canal-config.yaml"
filename: "{{kube_config_dir}}/canal-config.yaml"
resource: "configmap"
namespace: "kube-system"
namespace: "{{system_namespace}}"
- name: Start flannel and calico-node
run_once: true
kube:
name: "canal-node"
kubectl: "{{bin_dir}}/kubectl"
filename: "/etc/kubernetes/canal-node.yaml"
filename: "{{kube_config_dir}}/canal-node.yaml"
resource: "ds"
namespace: "kube-system"
namespace: "{{system_namespace}}"
# This is where all the cert scripts and certs will be located
kube_cert_dir: "{{ kube_config_dir }}/ssl"
# This is where all of the bearer tokens will be stored
kube_token_dir: "{{ kube_config_dir }}/tokens"
# This is where to save basic auth file
kube_users_dir: "{{ kube_config_dir }}/users"
# An experimental dev/test only dynamic volumes provisioner,
# for PetSets. Works for kube>=v1.3 only.
kube_hostpath_dynamic_provisioner: "false"
# This is where you can drop yaml/json files and the kubelet will run those
# pods on startup
kube_manifest_dir: "{{ kube_config_dir }}/manifests"
# This directory is where all the additional config stuff goes
# the kubernetes normally puts in /srv/kubernets.
# This puts them in a sane location.
# Editting this value will almost surely break something. Don't
# change it. Things like the systemd scripts are hard coded to
# look in here. Don't do it.
kube_config_dir: /etc/kubernetes
# change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
kube_apiserver_insecure_bind_address: 127.0.0.1
......@@ -30,9 +9,6 @@ kube_apiserver_insecure_bind_address: 127.0.0.1
# Inclusive at both ends of the range.
kube_apiserver_node_port_range: "30000-32767"
# Logging directory (sysvinit systems)
kube_log_dir: "/var/log/kubernetes"
# ETCD cert dir for connecting apiserver to etcd
etcd_config_dir: /etc/ssl/etcd
etcd_cert_dir: "{{ etcd_config_dir }}/ssl"
......
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
name: "{{system_namespace}}"
......@@ -36,28 +36,27 @@
tags: kube-apiserver
- meta: flush_handlers
# Create kube-system namespace
- name: copy 'kube-system' namespace manifest
copy: src=namespace.yml dest=/etc/kubernetes/kube-system-ns.yml
- name: copy kube system namespace manifest
copy: src=namespace.yml dest={{kube_config_dir}}/{{system_namespace}}-ns.yml
run_once: yes
when: inventory_hostname == groups['kube-master'][0]
tags: apps
- name: Check if kube-system exists
command: "{{ bin_dir }}/kubectl get ns kube-system"
- name: Check if kube system namespace exists
command: "{{ bin_dir }}/kubectl get ns {{system_namespace}}"
register: 'kubesystem'
changed_when: False
failed_when: False
run_once: yes
tags: apps
- name: Create 'kube-system' namespace
command: "{{ bin_dir }}/kubectl create -f /etc/kubernetes/kube-system-ns.yml"
- name: Create kube system namespace
command: "{{ bin_dir }}/kubectl create -f {{kube_config_dir}}/{{system_namespace}}-ns.yml"
changed_when: False
when: kubesystem|failed and inventory_hostname == groups['kube-master'][0]
tags: apps
# Write other manifests
- name: Write kube-controller-manager manifest
template:
src: manifests/kube-controller-manager.manifest.j2
......
......@@ -2,7 +2,7 @@ apiVersion: v1
kind: Pod
metadata:
name: kube-apiserver
namespace: kube-system
namespace: {{system_namespace}}
labels:
k8s-app: kube-apiserver
spec:
......
......@@ -2,7 +2,7 @@ apiVersion: v1
kind: Pod
metadata:
name: kube-controller-manager
namespace: kube-system
namespace: {{system_namespace}}
labels:
k8s-app: kube-controller
spec:
......
......@@ -3,4 +3,4 @@ namespace_kubesystem:
apiVersion: v1
kind: Namespace
metadata:
name: kube-system
\ No newline at end of file
name: "{{system_namespace}}"
# This is where all the cert scripts and certs will be located
kube_cert_dir: "{{ kube_config_dir }}/ssl"
# change to 0.0.0.0 to enable insecure access from anywhere (not recommended)
kube_apiserver_insecure_bind_address: 127.0.0.1
# This is where you can drop yaml/json files and the kubelet will run those
# pods on startup
kube_manifest_dir: "{{ kube_config_dir }}/manifests"
dns_domain: "{{ cluster_name }}"
# resolv.conf to base dns config
kube_resolv_conf: "/etc/resolv.conf"
......@@ -22,16 +13,5 @@ kube_proxy_masquerade_all: true
# - extensions/v1beta1/daemonsets=true
# - extensions/v1beta1/deployments=true
# Logging directory (sysvinit systems)
kube_log_dir: "/var/log/kubernetes"
# This directory is where all the additional config stuff goes
# the kubernetes normally puts in /srv/kubernets.
# This puts them in a sane location.
# Editting this value will almost surely break something. Don't
# change it. Things like the systemd scripts are hard coded to
# look in here. Don't do it.
kube_config_dir: /etc/kubernetes
nginx_image_repo: nginx
nginx_image_tag: 1.11.4-alpine
---
- set_fact:
standalone_kubelet: >-
{%- if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] -%}true{%- else -%}false{%- endif -%}
tags: facts
- include: install.yml
tags: kubelet
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment