c12s-kubespray/docs/weave.md

99 lines
3.2 KiB
Markdown
Raw Normal View History

2017-07-27 12:40:52 +00:00
Weave
=======
Weave 2.0.1 is supported by kubespray
2017-08-01 12:30:12 +00:00
Weave uses [**consensus**](https://www.weave.works/docs/net/latest/ipam/##consensus) mode (default mode) and [**seed**](https://www.weave.works/docs/net/latest/ipam/#seed) mode.
2017-07-27 12:40:52 +00:00
2017-07-31 11:28:47 +00:00
`Consensus` mode is best to use on static size cluster and `seed` mode is best to use on dynamic size cluster
2017-07-31 11:23:01 +00:00
Weave encryption is supported for all communication
2017-07-28 09:33:13 +00:00
* To use Weave encryption, specify a strong password (if no password, no encryption)
2017-07-28 09:33:13 +00:00
2017-07-27 12:40:52 +00:00
```
# In file ./inventory/sample/group_vars/k8s-cluster.yml
2017-07-27 12:40:52 +00:00
weave_password: EnterPasswordHere
```
2017-07-31 11:23:01 +00:00
This password is used to set an environment variable inside weave container.
2017-07-28 09:33:13 +00:00
2017-08-01 12:12:21 +00:00
Weave is deployed by kubespray using a daemonSet
2017-07-28 09:33:13 +00:00
2017-07-27 12:40:52 +00:00
* Check the status of Weave containers
2017-07-28 09:33:13 +00:00
2017-07-27 12:40:52 +00:00
```
2017-07-31 11:23:01 +00:00
# From client
2017-07-27 12:40:52 +00:00
kubectl -n kube-system get pods | grep weave
2017-08-01 08:52:21 +00:00
# output
weave-net-50wd2 2/2 Running 0 2m
weave-net-js9rb 2/2 Running 0 2m
2017-07-27 12:40:52 +00:00
```
2017-08-01 12:24:19 +00:00
There must be as many pods as nodes (here kubernetes have 2 nodes so there are 2 weave pods).
2017-07-28 09:33:13 +00:00
2017-07-31 11:23:01 +00:00
* Check status of weave (connection,encryption ...) for each node
2017-07-28 09:33:13 +00:00
2017-07-27 12:40:52 +00:00
```
2017-07-31 11:23:01 +00:00
# On nodes
2017-07-27 12:40:52 +00:00
curl http://127.0.0.1:6784/status
2017-08-01 08:52:21 +00:00
# output on node1
Version: 2.0.1 (up to date; next check at 2017/08/01 13:51:34)
Service: router
Protocol: weave 1..2
Name: fa:16:3e:b3:d6:b2(node1)
Encryption: enabled
PeerDiscovery: enabled
Targets: 2
Connections: 2 (1 established, 1 failed)
Peers: 2 (with 2 established connections)
TrustedSubnets: none
Service: ipam
Status: ready
Range: 10.233.64.0/18
DefaultSubnet: 10.233.64.0/18
2017-07-27 12:40:52 +00:00
```
2017-07-31 11:23:01 +00:00
* Check parameters of weave for each node
2017-07-28 09:33:13 +00:00
```
2017-07-31 11:23:01 +00:00
# On nodes
2017-07-28 09:33:13 +00:00
ps -aux | grep weaver
2017-08-01 08:52:21 +00:00
# output on node1 (here its use seed mode)
root 8559 0.2 3.0 365280 62700 ? Sl 08:25 0:00 /home/weave/weaver --name=fa:16:3e:b3:d6:b2 --port=6783 --datapath=datapath --host-root=/host --http-addr=127.0.0.1:6784 --status-addr=0.0.0.0:6782 --docker-api= --no-dns --db-prefix=/weavedb/weave-net --ipalloc-range=10.233.64.0/18 --nickname=node1 --ipalloc-init seed=fa:16:3e:b3:d6:b2,fa:16:3e:f0:50:53 --conn-limit=30 --expect-npc 192.168.208.28 192.168.208.19
2017-07-28 09:33:13 +00:00
```
2017-07-27 12:40:52 +00:00
### Consensus mode (default mode)
2017-07-28 09:33:13 +00:00
2017-07-31 11:23:01 +00:00
This mode is best to use on static size cluster
2017-07-27 12:40:52 +00:00
### Seed mode
2017-07-28 09:33:13 +00:00
2017-07-31 11:23:01 +00:00
This mode is best to use on dynamic size cluster
2017-07-27 15:00:54 +00:00
2017-07-31 11:23:01 +00:00
The seed mode also allows multi-clouds and hybrid on-premise/cloud clusters deployement.
2017-07-28 09:33:13 +00:00
2017-07-31 11:23:01 +00:00
* Switch from consensus mode to seed mode
2017-07-28 09:33:13 +00:00
2017-07-27 12:40:52 +00:00
```
# In file ./inventory/sample/group_vars/k8s-cluster.yml
2017-07-27 12:40:52 +00:00
weave_mode_seed: true
```
2017-07-28 09:33:13 +00:00
2017-07-31 11:23:01 +00:00
These two variables are only used when `weave_mode_seed` is set to `true` (**/!\ do not manually change these values**)
2017-07-28 09:33:13 +00:00
2017-07-27 12:40:52 +00:00
```
# In file ./inventory/sample/group_vars/k8s-cluster.yml
2017-07-27 12:40:52 +00:00
weave_seed: uninitialized
weave_peers: uninitialized
2017-07-27 15:00:54 +00:00
```
2017-08-01 13:55:38 +00:00
The first variable, `weave_seed`, contains the initial nodes of the weave network
2017-07-28 09:33:13 +00:00
2017-11-06 13:51:22 +00:00
The second variable, `weave_peers`, saves the IPs of all nodes joined to the weave network
2017-07-27 15:00:54 +00:00
2017-07-31 11:23:01 +00:00
These two variables are used to connect a new node to the weave network. The new node needs to know the firsts nodes (seed) and the list of IPs of all nodes.
2017-07-27 15:00:54 +00:00
2017-08-01 12:30:12 +00:00
To reset these variables and reset the weave network set them to `uninitialized`