C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #880 from bradbeam/weave-kube

Browse source 
Weave kube
This commit is contained in:
Matthew Mosesohn 2017-01-31 13:31:09 +03:00 committed by GitHub
commit 14331d938c
13 changed files with 161 additions and 149 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitlab-ci.yml
View file

@ -54,6 +54,7 @@ before_script:
LOG_LEVEL: "-vv"
ETCD_DEPLOYMENT: "docker"
KUBELET_DEPLOYMENT: "docker"
WEAVE_CPU_LIMIT: "100m"
MAGIC: "ci check this"
.gce: &gce
@ -114,6 +115,8 @@ before_script:
-e kubelet_deployment_type=${KUBELET_DEPLOYMENT}
-e local_release_dir=${PWD}/downloads
-e resolvconf_mode=${RESOLVCONF_MODE}
-e weave_cpu_requests=${WEAVE_CPU_LIMIT}
-e weave_cpu_limit=${WEAVE_CPU_LIMIT}
cluster.yml

29
roles/download/defaults/main.yml
View file

@ -23,16 +23,14 @@ etcd_version: v3.0.6
# after migration to container download
calico_version: "v1.0.0"
calico_cni_version: "v1.5.5"
weave_version: v1.6.1
weave_version: 1.8.2
flannel_version: v0.6.2
pod_infra_version: 3.0
# Download URL's
etcd_download_url: "https://storage.googleapis.com/kargo/{{etcd_version}}_etcd"
weave_download_url: "https://storage.googleapis.com/kargo/{{weave_version}}_weave"
# Checksums
weave_checksum: "9bf9d6e5a839e7bcbb28cc00c7acae9d09284faa3e7a3720ca9c2b9e93c68580"
etcd_checksum: "385afd518f93e3005510b7aaa04d38ee4a39f06f5152cd33bb86d4f0c94c7485"
# Containers
@ -66,6 +64,10 @@ netcheck_kubectl_tag: v0.18.0-120-gaeb4ac55ad12b1-dirty
netcheck_agent_img_repo: "quay.io/l23network/mcp-netchecker-agent"
netcheck_server_img_repo: "quay.io/l23network/mcp-netchecker-server"
netcheck_kubectl_img_repo: "gcr.io/google_containers/kubectl"
weave_kube_image_repo: "weaveworks/weave-kube"
weave_kube_image_tag: "{{ weave_version }}"
weave_npc_image_repo: "weaveworks/weave-npc"
weave_npc_image_tag: "{{ weave_version }}"
nginx_image_repo: nginx
nginx_image_tag: 1.11.4-alpine
@ -100,15 +102,6 @@ downloads:
tag: "{{ netcheck_kubectl_tag }}"
sha256: "{{ netcheck_kubectl_digest_checksum|default(None) }}"
enabled: "{{ deploy_netchecker|bool }}"
weave:
dest: weave/bin/weave
version: "{{weave_version}}"
source_url: "{{weave_download_url}}"
url: "{{weave_download_url}}"
sha256: "{{ weave_checksum }}"
owner: "root"
mode: "0755"
enabled: "{{ kube_network_plugin == 'weave' }}"
etcd:
version: "{{etcd_version}}"
dest: "etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz"
@ -163,6 +156,18 @@ downloads:
tag: "{{ calico_rr_image_tag }}"
sha256: "{{ calico_rr_digest_checksum|default(None) }}"
enabled: "{{ peer_with_calico_rr is defined and peer_with_calico_rr}} and kube_network_plugin == 'calico'"
weave_kube:
container: true
repo: "{{ weave_kube_image_repo }}"
tag: "{{ weave_kube_image_tag }}"
sha256: "{{ weave_kube_digest_checksum|default(None) }}"
enabled: "{{ kube_network_plugin == 'weave' }}"
weave_npc:
container: true
repo: "{{ weave_npc_image_repo }}"
tag: "{{ weave_npc_image_tag }}"
sha256: "{{ weave_npc_digest_checksum|default(None) }}"
enabled: "{{ kube_network_plugin == 'weave' }}"
pod_infra:
container: true
repo: "{{ pod_infra_image_repo }}"

3
roles/kubernetes-apps/network_plugin/meta/main.yml
View file

@ -3,3 +3,6 @@ dependencies:
- role: kubernetes-apps/network_plugin/canal
when: kube_network_plugin == 'canal'
tags: canal
- role: kubernetes-apps/network_plugin/weave
when: kube_network_plugin == 'weave'
tags: weave

24
roles/kubernetes-apps/network_plugin/weave/tasks/main.yml Normal file
View file

@ -0,0 +1,24 @@
- name: Weave | Start Resources
run_once: true
kube:
name: "weave-kube"
kubectl: "{{ bin_dir }}/kubectl"
filename: "{{ kube_config_dir }}/weave-kube.yml"
resource: "ds"
namespace: "{{system_namespace}}"
state: "{{ item | ternary('latest','present') }}"
with_items: "{{ weave_manifest.changed }}"
- name: "Weave | wait for weave to become available"
uri:
url: http://127.0.0.1:6784/status
return_content: yes
register: weave_status
retries: 10
delay: "{{ retry_stagger | random + 3 }}"
until: weave_status.status == 200
- name: "Weave | check if weave is ready"
fail:
when: "'Status: ready' not in weave_status.content"

2
roles/network_plugin/weave/defaults/main.yml
View file

@ -2,3 +2,5 @@
# Limits
weave_memory_limit: 500M
weave_cpu_limit: 300m
weave_memory_requests: 300M
weave_cpu_requests: 200m

36
roles/network_plugin/weave/handlers/main.yml
View file

@ -1,36 +0,0 @@
---
- name: restart weave
command: /bin/true
notify:
- Weave | reload systemd
- reload weave
- name : Weave | reload systemd
shell: systemctl daemon-reload
- name: restart weaveproxy
command: /bin/true
notify:
- Weave | reload systemd
- reload weaveproxy
- name: restart weaveexpose
command: /bin/true
notify:
- Weave | reload systemd
- reload weaveexpose
- name: reload weave
service:
name: weave
state: restarted
- name: reload weaveproxy
service:
name: weaveproxy
state: restarted
- name: reload weaveexpose
service:
name: weaveexpose
state: restarted

5
roles/network_plugin/weave/meta/main.yml
View file

@ -1,5 +1,8 @@
---
dependencies:
- role: download
file: "{{ downloads.weave }}"
file: "{{ downloads.weave_kube }}"
tags: download
- role: download
file: "{{ downloads.weave_npc }}"
tags: download

46
roles/network_plugin/weave/tasks/main.yml
View file

@ -8,46 +8,8 @@
changed_when: false
tags: [hyperkube, upgrade]
- name: Weave | Install weave
command: rsync -piu "{{ local_release_dir }}/weave/bin/weave" "{{ bin_dir }}/weave"
changed_when: false
- name: Weave | pull weave images
shell: "{{ bin_dir }}/weave setup"
changed_when: false
- name: Weave | set perms
file: path="{{ bin_dir }}/weave" mode=0755 state=file
- name: Weave | Set options
- name: Weave | Create weave-kube manifest
template:
src: weave.j2
dest: "/etc/weave.env"
owner: root
group: root
mode: 0644
notify:
- restart weave
- name: Weave | Write weave systemd init file
template: src=weave.service.j2 dest=/etc/systemd/system/weave.service
notify: restart weave
- name: Weave | Write weaveproxy systemd init file
template: src=weaveproxy.service.j2 dest=/etc/systemd/system/weaveproxy.service
notify: restart weaveproxy
- name: Weave | Write weaveexpose systemd init file
template: src=weaveexpose.service.j2 dest=/etc/systemd/system/weaveexpose.service
notify: restart weaveexpose
- meta: flush_handlers
- name: Weave | Enable weave
service: name=weave enabled=yes state=started
- name: Weave | Enable weaveproxy
service: name=weaveproxy enabled=yes state=started
- name: Weave | Enable weaveexpose
service: name=weaveexpose enabled=yes state=started
src: weave-kube.yml.j2
dest: "{{ kube_config_dir }}/weave-kube.yml"
register: weave_manifest

104
roles/network_plugin/weave/templates/weave-kube.yml.j2 Normal file
View file

@ -0,0 +1,104 @@
---
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: weave-net
namespace: {{ system_namespace }}
labels:
version: {{ weave_version }}
spec:
template:
metadata:
labels:
name: weave-net
annotations:
scheduler.alpha.kubernetes.io/tolerations: |
[
{
"key": "dedicated",
"operator": "Equal",
"value": "master",
"effect": "NoSchedule"
}
]
spec:
hostNetwork: true
hostPID: true
containers:
- name: weave
image: {{ weave_kube_image_repo }}:{{ weave_kube_image_tag }}
imagePullPolicy: Always
command:
- /home/weave/launch.sh
env:
- name: IPALLOC_RANGE
value: {{ kube_pods_subnet }}
{% if weave_checkpoint_disable is defined %}
- name: CHECKPOINT_DISABLE
value: {{ weave_checkpoint_disable }}
{% endif %}
{% if weave_expect_npc is defined %}
- name: EXPECT_NPC
value: {{ weave_expect_npc }}
{% endif %}
{% if weave_kube_peers is defined %}
- name: KUBE_PEERS
value: {{ weave_kube_peers }}
{% endif %}
{% if weave_ipalloc_init is defined %}
- name: IPALLOC_INIT
value: {{ weave_ipalloc_init }}
{% endif %}
{% if weave_expose_ip is defined %}
- name: WEAVE_EXPOSE_IP
value: {{ weave_expose_ip }}
{% endif %}
livenessProbe:
initialDelaySeconds: 30
httpGet:
host: 127.0.0.1
path: /status
port: 6784
securityContext:
privileged: true
volumeMounts:
- name: weavedb
mountPath: /weavedb
- name: cni-bin
mountPath: /opt
- name: cni-bin2
mountPath: /host_home
- name: cni-conf
mountPath: /etc
resources:
requests:
cpu: {{ weave_cpu_requests }}
memory: {{ weave_memory_requests }}
limits:
cpu: {{ weave_cpu_limit }}
memory: {{ weave_memory_limit }}
- name: weave-npc
image: {{ weave_npc_image_repo }}:{{ weave_npc_image_tag }}
imagePullPolicy: Always
resources:
requests:
cpu: {{ weave_cpu_requests }}
memory: {{ weave_memory_requests }}
limits:
cpu: {{ weave_cpu_limit }}
memory: {{ weave_memory_limit }}
securityContext:
privileged: true
restartPolicy: Always
volumes:
- name: weavedb
emptyDir: {}
- name: cni-bin
hostPath:
path: /opt
- name: cni-bin2
hostPath:
path: /home
- name: cni-conf
hostPath:
path: /etc

7
roles/network_plugin/weave/templates/weave.j2
View file

@ -1,7 +0,0 @@
WEAVE_DOCKER_ARGS="--memory={{ weave_memory_limit|regex_replace('Mi', 'M') }} --cpu-shares={{ weave_cpu_limit|regex_replace('m', '') }}"
WEAVE_PEERS="{% for host in groups['k8s-cluster'] %}{{ hostvars[host]['access_ip'] | default(hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address'])) }}{% if not loop.last %} {% endif %}{% endfor %}"
WEAVEPROXY_ARGS="--rewrite-inspect --without-dns"
WEAVE_SUBNET="--ipalloc-range {{ kube_pods_subnet }}"
{% if weave_password is defined %}
WEAVE_PASSWORD="{{ weave_password }}"
{% endif %}

18
roles/network_plugin/weave/templates/weave.service.j2
View file

@ -1,18 +0,0 @@
[Unit]
Description=Weave Network
Documentation=http://docs.weave.works/weave/latest_release/
Wants=docker.socket
After=docker.service docker.socket
[Service]
EnvironmentFile=-/etc/weave.env
ExecStartPre=-{{ docker_bin_dir }}/docker rm -f weave
ExecStartPre={{ bin_dir }}/weave launch-router \
$WEAVE_SUBNET \
$WEAVE_PEERS
ExecStart={{ docker_bin_dir }}/docker attach weave
ExecStop={{ bin_dir }}/weave stop
Restart=on-failure
[Install]
WantedBy=multi-user.target

16
roles/network_plugin/weave/templates/weaveexpose.service.j2
View file

@ -1,16 +0,0 @@
[Unit]
Documentation=http://docs.weave.works/
Wants=docker.socket weave.service
After=docker.service docker.socket weave.service
[Service]
Type=oneshot
RemainAfterExit=yes
TimeoutStartSec=0
EnvironmentFile=-/etc/weave.%H.env
EnvironmentFile=-/etc/weave.env
ExecStart={{ bin_dir }}/weave expose
ExecStop={{ bin_dir }}/weave hide
[Install]
WantedBy=weave-network.target

17
roles/network_plugin/weave/templates/weaveproxy.service.j2
View file

@ -1,17 +0,0 @@
[Unit]
Description=Weave proxy for Docker API
Documentation=http://docs.weave.works/
Wants=docker.socket
After=docker.service docker.socket
[Service]
EnvironmentFile=-/etc/weave.%H.env
EnvironmentFile=-/etc/weave.env
ExecStartPre=-{{ docker_bin_dir }}/docker rm -f weaveproxy
ExecStartPre={{ bin_dir }}/weave launch-proxy $WEAVEPROXY_ARGS
ExecStart={{ docker_bin_dir }}/docker attach weaveproxy
Restart=on-failure
ExecStop={{ bin_dir }}/weave stop-proxy
[Install]
WantedBy=weave-network.target