From 2fc8b46996d88f389154c2bf11244b7e99ca54fe Mon Sep 17 00:00:00 2001 From: Smaine Kahlouch Date: Mon, 14 Dec 2015 10:39:13 +0100 Subject: [PATCH] etcd can run on a distinct cluster --- README.md | 10 +++++++++- cluster.yml | 2 +- .../templates/manifests/kube-apiserver.manifest.j2 | 3 ++- .../templates/manifests/kube-podmaster.manifest.j2 | 6 ++++-- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 779d6a2d9..fd8f41668 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,10 @@ Edit the inventory according to the number of servers [kube-master] 10.115.99.31 +[etcd] +10.115.99.31 +10.115.99.32 + [kube-node] 10.115.99.32 10.115.99.33 @@ -76,6 +80,10 @@ In node-mesh mode the nodes peers with all the nodes in order to exchange routes 10.99.0.26 10.99.0.59 +[etcd] +10.99.0.26 +10.99.0.59 + [kube-node] 10.99.0.59 10.99.0.4 @@ -115,7 +123,7 @@ loadbalancer_address="10.99.0.44" - { role: download, tags: download } # etcd must be running on master(s) before going on -- hosts: kube-master +- hosts: etcd roles: - { role: etcd, tags: etcd } diff --git a/cluster.yml b/cluster.yml index 8e0792a2b..d411f381c 100644 --- a/cluster.yml +++ b/cluster.yml @@ -5,7 +5,7 @@ - { role: download, tags: download } # etcd must be running on master(s) before going on -- hosts: kube-master +- hosts: etcd roles: - { role: etcd, tags: etcd } diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 index 666d61759..37f65357b 100644 --- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 @@ -11,7 +11,8 @@ spec: - /hyperkube - apiserver - --insecure-bind-address=0.0.0.0 - - --etcd-servers=http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379 + - --etcd-servers={% for srv in groups['etcd'] %}http://{{ srv }}:2379{% if not loop.last %},{% endif %}{% endfor %} + - --admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota - --service-cluster-ip-range={{ kube_service_addresses }} - --client-ca-file={{ kube_cert_dir }}/ca.pem diff --git a/roles/kubernetes/master/templates/manifests/kube-podmaster.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-podmaster.manifest.j2 index a75fa3b32..86447badf 100644 --- a/roles/kubernetes/master/templates/manifests/kube-podmaster.manifest.j2 +++ b/roles/kubernetes/master/templates/manifests/kube-podmaster.manifest.j2 @@ -10,7 +10,8 @@ spec: image: gcr.io/google_containers/podmaster:1.1 command: - /podmaster - - --etcd-servers=http://127.0.0.1:2379 + - --etcd-servers={% for srv in groups['etcd'] %}http://{{ srv }}:2379{% if not loop.last %},{% endif %}{% endfor %} + - --key=scheduler - --source-file={{ kube_config_dir}}/kube-scheduler.manifest - --dest-file={{ kube_manifest_dir }}/kube-scheduler.manifest @@ -24,7 +25,8 @@ spec: image: gcr.io/google_containers/podmaster:1.1 command: - /podmaster - - --etcd-servers=http://127.0.0.1:2379 + - --etcd-servers={% for srv in groups['etcd'] %}http://{{ srv }}:2379{% if not loop.last %},{% endif %}{% endfor %} + - --key=controller - --source-file={{ kube_config_dir }}/kube-controller-manager.manifest - --dest-file={{ kube_manifest_dir }}/kube-controller-manager.manifest