From d20d5e648f88511b9c594f674b606dad6ebb5c9d Mon Sep 17 00:00:00 2001
From: Alexander Block <ablock84@gmail.com>
Date: Wed, 7 Dec 2016 17:41:53 +0100
Subject: [PATCH] Add pseudo network plugin called "cloud" to use cloud
 provider for network

Allow to let the cloud provider configure proper routing for nodes.
---
 inventory/group_vars/all.yml                             | 1 +
 .../manifests/kube-controller-manager.manifest.j2        | 5 +++++
 roles/kubernetes/node/templates/kubelet.j2               | 2 ++
 roles/network_plugin/cloud/tasks/main.yml                | 9 +++++++++
 roles/network_plugin/meta/main.yml                       | 2 ++
 5 files changed, 19 insertions(+)
 create mode 100644 roles/network_plugin/cloud/tasks/main.yml

diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index 73f0fb55a..dc8a169e4 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -79,6 +79,7 @@ etcd_multiaccess: true
 loadbalancer_apiserver_localhost: true
 
 # Choose network plugin (calico, weave or flannel)
+# Can also be set to 'cloud', which lets the cloud provider setup appropriate routing
 kube_network_plugin: flannel
 
 # Kubernetes internal network for services, unused block of space.
diff --git a/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2
index cdfbef064..29a5af1a5 100644
--- a/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-controller-manager.manifest.j2
@@ -27,6 +27,11 @@ spec:
     - --cloud-config={{ kube_config_dir }}/cloud_config
 {% elif cloud_provider is defined and cloud_provider == "aws" %}
     - --cloud-provider={{cloud_provider}}
+{% endif %}
+{% if kube_network_plugin is defined and kube_network_plugin == 'cloud' %}
+    - --allocate-node-cidrs=true
+    - --configure-cloud-routes=true
+    - --cluster-cidr={{ kube_pods_subnet }}
 {% endif %}
     livenessProbe:
       httpGet:
diff --git a/roles/kubernetes/node/templates/kubelet.j2 b/roles/kubernetes/node/templates/kubelet.j2
index 3c1f31ab2..0961ea367 100644
--- a/roles/kubernetes/node/templates/kubelet.j2
+++ b/roles/kubernetes/node/templates/kubelet.j2
@@ -27,6 +27,8 @@ KUBELET_ARGS="--kubeconfig={{ kube_config_dir}}/kubelet.kubeconfig --require-kub
 KUBELET_NETWORK_PLUGIN="--network-plugin=cni --network-plugin-dir=/etc/cni/net.d"
 {% elif kube_network_plugin is defined and kube_network_plugin == "weave" %}
 DOCKER_SOCKET="--docker-endpoint=unix:/var/run/weave/weave.sock"
+{% elif kube_network_plugin is defined and kube_network_plugin == "cloud" %}
+KUBELET_NETWORK_PLUGIN="--hairpin-mode=promiscuous-bridge --network-plugin=kubenet"
 {% endif %}
 # Should this cluster be allowed to run privileged docker containers
 KUBE_ALLOW_PRIV="--allow-privileged=true"
diff --git a/roles/network_plugin/cloud/tasks/main.yml b/roles/network_plugin/cloud/tasks/main.yml
new file mode 100644
index 000000000..c8ae77830
--- /dev/null
+++ b/roles/network_plugin/cloud/tasks/main.yml
@@ -0,0 +1,9 @@
+---
+
+- name: Cloud | Copy cni plugins from hyperkube
+  command: "/usr/bin/docker run --rm -v /opt/cni/bin:/cnibindir {{ hyperkube_image_repo }}:{{ hyperkube_image_tag }} /bin/cp -r /opt/cni/bin/. /cnibindir/"
+  register: cni_task_result
+  until: cni_task_result.rc == 0
+  retries: 4
+  delay: "{{ retry_stagger | random + 3 }}"
+  changed_when: false
diff --git a/roles/network_plugin/meta/main.yml b/roles/network_plugin/meta/main.yml
index a964a4cba..a1c970efe 100644
--- a/roles/network_plugin/meta/main.yml
+++ b/roles/network_plugin/meta/main.yml
@@ -12,3 +12,5 @@ dependencies:
  - role: network_plugin/canal
    when: kube_network_plugin == 'canal'
    tags: canal
+ - role: network_plugin/cloud
+   when: kube_network_plugin == 'cloud'
-- 
GitLab