Opencontrail tweaks

- opencontrail replaces kube-proxy (so turn it off)
  - opencontrail needs a plug-in
  - Allow kubelet to run every but only register from nodes (helps opencontrail gateways)

Add a playbook file that runs opencontrail.
This commit is contained in:
Greg Althaus 2016-02-02 12:47:57 -06:00
parent ba4c89a12e
commit 0913cb2d12
3 changed files with 49 additions and 1 deletions

44
cluster-opencontrail.yml Normal file
View file

@ -0,0 +1,44 @@
---
#
# To use Opencontrail with Kubernetes, you will need to do the following:
# 1. checkout https://github.com/rackn/container-networking-ansible
# 2. Copy the filters directory from container-network-ansible to this directory.
# 3. Copy the roles/* directory content to the roles directory
#
# Update your inventory file to use opencontrail as the network_plugin.
# Update your inventory to have masters group that is the same as kube-master
# Update your inventory to have nodes group that is the same as kube-node
# Update your inventory to have a gateway group
#
# Add vars to group_var file:
# Publics IP Opencontrail should use to expose services.
# opencontrail_public_subnet=192.0.2.0/24
# opencontrail_kube_release=1.1
#
# See here for more info: https://github.com/rackn/container-networking-ansible
#
- hosts: k8s-cluster
roles:
- { role: adduser, tags: adduser }
- { role: download, tags: download }
- { role: kubernetes/preinstall, tags: preinstall }
- { role: etcd, tags: etcd }
- { role: docker, tags: docker }
- { role: kubernetes/node, tags: node }
- { role: network_plugin, tags: network, when: kube_network_plugin != 'opencontrail' }
- { role: opencontrail_facts, when: kube_network_plugin == 'opencontrail' }
- { role: opencontrail, when: kube_network_plugin == 'opencontrail' }
- { role: dnsmasq, tags: dnsmasq }
- hosts: kube-master
roles:
- { role: kubernetes/master, tags: master }
- hosts: k8s-cluster
roles:
- { role: opencontrail_facts, when: kube_network_plugin == 'opencontrail' }
- { role: opencontrail_provision, when: kube_network_plugin == 'opencontrail' }

View file

@ -22,6 +22,7 @@
template: template:
src: manifests/kube-proxy.manifest.j2 src: manifests/kube-proxy.manifest.j2
dest: "{{ kube_manifest_dir }}/kube-proxy.manifest" dest: "{{ kube_manifest_dir }}/kube-proxy.manifest"
when: kube_network_plugin != "opencontrail"
- name: Restart kubelet if binary changed - name: Restart kubelet if binary changed
command: /bin/true command: /bin/true

View file

@ -14,7 +14,7 @@ KUBELET_ADDRESS="--address=0.0.0.0"
# KUBELET_PORT="--port=10250" # KUBELET_PORT="--port=10250"
# You may leave this blank to use the actual hostname # You may leave this blank to use the actual hostname
KUBELET_HOSTNAME="--hostname_override={{ inventory_hostname }}" KUBELET_HOSTNAME="--hostname_override={{ inventory_hostname }}"
{% if inventory_hostname in groups['kube-master'] and inventory_hostname not in groups['kube-node'] %} {% if inventory_hostname not in groups['kube-node'] %}
KUBELET_REGISTER_NODE="--register-node=false" KUBELET_REGISTER_NODE="--register-node=false"
{% endif %} {% endif %}
# location of the api-server # location of the api-server
@ -28,6 +28,9 @@ KUBELET_NETWORK_PLUGIN="--network_plugin=cni --network-plugin-dir=/etc/cni/net.d
{% elif kube_network_plugin is defined and kube_network_plugin == "weave" %} {% elif kube_network_plugin is defined and kube_network_plugin == "weave" %}
DOCKER_SOCKET="--docker-endpoint=unix:/var/run/weave/weave.sock" DOCKER_SOCKET="--docker-endpoint=unix:/var/run/weave/weave.sock"
{% endif %} {% endif %}
{% if kube_network_plugin is defined and kube_network_plugin == "opencontrail" and inventory_hostname in groups['kube-node'] %}
KUBELET_NETWORK_PLUGIN="--network_plugin={{ kube_network_plugin }}"
{% endif %}
# Should this cluster be allowed to run privileged docker containers # Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow_privileged=true" KUBE_ALLOW_PRIV="--allow_privileged=true"
{% if ansible_service_mgr in ["sysvinit","upstart"] %} {% if ansible_service_mgr in ["sysvinit","upstart"] %}