Add ConfigMap for basic configuration options

Container settings moved from deamonset yaml to a separate
configmap.
This commit is contained in:
Aleksandr Didenko 2016-11-08 12:13:20 +01:00
parent fec253abaf
commit 9acb8cd954
6 changed files with 83 additions and 14 deletions

View file

@ -19,4 +19,5 @@
when: inventory_hostname == groups['kube-master'][0]
- include: tasks/calico-policy-controller.yml
when: enable_network_policy is defined and enable_network_policy == True
when: ( enable_network_policy is defined and enable_network_policy == True ) or
( kube_network_plugin == 'canal' )

View file

@ -1,3 +1,12 @@
- name: Create canal ConfigMap
run_once: true
kube:
name: "canal-config"
kubectl: "{{bin_dir}}/kubectl"
filename: "/etc/kubernetes/canal-config.yaml"
resource: "configmap"
namespace: "kube-system"
- name: Start flannel and calico-node
run_once: true
kube:

View file

@ -5,11 +5,9 @@
"type": "calico",
"etcd_endpoints": "{{ etcd_access_endpoint }}",
"log_level": "info",
{% if enable_network_policy is defined and enable_network_policy == True %}
"policy": {
"type": "k8s"
},
{% endif %}
"kubernetes": {
"kubeconfig": "{{ kube_config_dir }}/node-kubeconfig.yaml"
}

View file

@ -5,7 +5,12 @@
dest: /etc/flannel-network.json
backup: yes
- name: Canal | Write canal configuration
- name: Canal | Write canal configmap
template:
src: canal-config.yml.j2
dest: /etc/kubernetes/canal-config.yaml
- name: Canal | Write canal node configuration
template:
src: canal-node.yml.j2
dest: /etc/kubernetes/canal-node.yaml

View file

@ -0,0 +1,22 @@
# This ConfigMap can be used to configure a self-hosted Canal installation.
# See `canal.yaml` for an example of a Canal deployment which uses
# the config in this ConfigMap.
kind: ConfigMap
apiVersion: v1
metadata:
name: canal-config
data:
# Configure this with the location of your etcd cluster.
etcd_endpoints: "{{ etcd_access_endpoint }}"
# The interface used by canal for host <-> host communication.
# If left blank, then the interface is chosing using the node's
# default route.
flanneld_iface: "{{ canal_iface }}"
# Whether or not to masquerade traffic to destinations not within
# the pod network.
masquerade: "{{ canal_masquerade }}"
# Cluster name for Flannel etcd path
cluster_name: "{{ cluster_name }}"

View file

@ -47,10 +47,23 @@ spec:
containers:
- name: "flannel-server-helper"
image: "{{ flannel_server_helper_image_repo }}:{{ flannel_server_helper_image_tag }}"
env:
# Cluster name
- name: CLUSTER_NAME
valueFrom:
configMapKeyRef:
name: canal-config
key: cluster_name
# The location of the etcd cluster.
- name: FLANNELD_ETCD_ENDPOINTS
valueFrom:
configMapKeyRef:
name: canal-config
key: etcd_endpoints
args:
- "--network-config=/etc/flannel-network.json"
- "--etcd-prefix=/{{ cluster_name }}/network"
- "--etcd-server={{ etcd_endpoint }}"
- "--etcd-prefix=/$(CLUSTER_NAME)/network"
- "--etcd-server=$(FLANNELD_ETCD_ENDPOINTS)"
volumeMounts:
- name: "networkconfig"
mountPath: "/etc/flannel-network.json"
@ -60,22 +73,40 @@ spec:
- name: flannel
image: "{{ flannel_image_repo }}:{{ flannel_image_tag }}"
env:
# Cluster name
- name: CLUSTER_NAME
valueFrom:
configMapKeyRef:
name: canal-config
key: cluster_name
# The location of the etcd cluster.
- name: FLANNELD_ETCD_ENDPOINTS
value: "{{ etcd_access_endpoint }}"
valueFrom:
configMapKeyRef:
name: canal-config
key: etcd_endpoints
# The interface flannel should run on.
- name: FLANNELD_IFACE
value: "{{ canal_iface }}"
valueFrom:
configMapKeyRef:
name: canal-config
key: flanneld_iface
# Perform masquerade on traffic leaving the pod cidr.
- name: FLANNELD_IP_MASQ
value: "{{ canal_masquerade }}"
valueFrom:
configMapKeyRef:
name: canal-config
key: masquerade
# Set etcd-prefix
- name: DOCKER_OPT_ETCD_PREFIX
value: "-etcd-prefix=/$(CLUSTER_NAME)/network"
# Write the subnet.env file to the mounted directory.
- name: FLANNELD_SUBNET_FILE
value: "/run/flannel/subnet.env"
command:
- "/bin/sh"
- "-c"
- "/opt/bin/flanneld -etcd-endpoints {{ etcd_access_endpoint }} -etcd-prefix /{{ cluster_name }}/network {% if canal_iface %}-iface {{ canal_iface }}{% endif %}"
- "/opt/bin/flanneld -etcd-prefix /$(CLUSTER_NAME)/network"
ports:
- hostPort: 10253
containerPort: 10253
@ -94,7 +125,10 @@ spec:
env:
# The location of the etcd cluster.
- name: ETCD_ENDPOINTS
value: "{{ etcd_access_endpoint }}"
valueFrom:
configMapKeyRef:
name: canal-config
key: etcd_endpoints
# Disable Calico BGP. Calico is simply enforcing policy.
- name: CALICO_NETWORKING
value: "false"