Updating vsphere cloud provider support

This commit is contained in:
Brad Beam 2017-02-16 21:59:40 -06:00
parent df476b0088
commit dbf13290f5
6 changed files with 64 additions and 73 deletions

View file

@ -32,7 +32,7 @@ spec:
- --node-monitor-period={{ kube_controller_node_monitor_period }} - --node-monitor-period={{ kube_controller_node_monitor_period }}
- --pod-eviction-timeout={{ kube_controller_pod_eviction_timeout }} - --pod-eviction-timeout={{ kube_controller_pod_eviction_timeout }}
- --v={{ kube_log_level }} - --v={{ kube_log_level }}
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
- --cloud-provider={{cloud_provider}} - --cloud-provider={{cloud_provider}}
- --cloud-config={{ kube_config_dir }}/cloud_config - --cloud-config={{ kube_config_dir }}/cloud_config
{% elif cloud_provider is defined and cloud_provider == "aws" %} {% elif cloud_provider is defined and cloud_provider == "aws" %}
@ -54,7 +54,7 @@ spec:
- mountPath: {{ kube_cert_dir }} - mountPath: {{ kube_cert_dir }}
name: ssl-certs-kubernetes name: ssl-certs-kubernetes
readOnly: true readOnly: true
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere" ] %}
- mountPath: {{ kube_config_dir }}/cloud_config - mountPath: {{ kube_config_dir }}/cloud_config
name: cloudconfig name: cloudconfig
readOnly: true readOnly: true
@ -63,7 +63,7 @@ spec:
- hostPath: - hostPath:
path: {{ kube_cert_dir }} path: {{ kube_cert_dir }}
name: ssl-certs-kubernetes name: ssl-certs-kubernetes
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
- hostPath: - hostPath:
path: {{ kube_config_dir }}/cloud_config path: {{ kube_config_dir }}/cloud_config
name: cloudconfig name: cloudconfig

View file

@ -42,7 +42,7 @@ KUBELET_NETWORK_PLUGIN="--hairpin-mode=promiscuous-bridge --network-plugin=kuben
{% endif %} {% endif %}
# Should this cluster be allowed to run privileged docker containers # Should this cluster be allowed to run privileged docker containers
KUBE_ALLOW_PRIV="--allow-privileged=true" KUBE_ALLOW_PRIV="--allow-privileged=true"
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere" ] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config" KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config"
{% elif cloud_provider is defined and cloud_provider == "aws" %} {% elif cloud_provider is defined and cloud_provider == "aws" %}
KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}" KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}"

View file

@ -29,16 +29,22 @@ openstack_password: "{{ lookup('env','OS_PASSWORD') }}"
openstack_region: "{{ lookup('env','OS_REGION_NAME') }}" openstack_region: "{{ lookup('env','OS_REGION_NAME') }}"
openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')|default(lookup('env','OS_PROJECT_ID'),true) }}" openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')|default(lookup('env','OS_PROJECT_ID'),true) }}"
# For the vsphere integration, kubelet will need credentials to access
# vsphere apis
# Documentation regarting these values can be found
# https://github.com/kubernetes/kubernetes/blob/master/pkg/cloudprovider/providers/vsphere/vsphere.go#L105
vsphere_vcenter_ip: "{{ lookup('env', 'VSPHERE_VCENTER') }}"
vsphere_vcenter_port: "{{ lookup('env', 'VSPHERE_VCENTER_PORT') }}"
vsphere_user: "{{ lookup('env', 'VSPHERE_USER') }}"
vsphere_password: "{{ lookup('env', 'VSPHERE_PASSWORD') }}"
vsphere_datacenter: "{{ lookup('env', 'VSPHERE_DATACENTER') }}"
vsphere_datastore: "{{ lookup('env', 'VSPHERE_DATASTORE') }}"
vsphere_working_dir: "{{ lookup('env', 'VSPHERE_WORKING_DIR') }}"
vsphere_insecure: "{{ lookup('env', 'VSPHERE_INSECURE') }}"
vsphere_scsi_controller_type: pvscsi
# vsphere_public_network is name of the network the VMs are joined to
vsphere_public_network: "{{ lookup('env', 'VSPHERE_PUBLIC_NETWORK')|default('') }}"
# Container Linux by CoreOS cloud init config file to define /etc/resolv.conf content # Container Linux by CoreOS cloud init config file to define /etc/resolv.conf content
# for hostnet pods and infra needs # for hostnet pods and infra needs
resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf resolveconf_cloud_init_conf: /etc/resolveconf_cloud_init.conf
# For the vSphere integration kubelet will need credentials to access
# the api. Per default this values will be
# read from the environment.
vsphere_username: "{{ lookup('env', VSPHERE_USERNAME ) }}"
vsphere_password: "{{ lookup('env', VSPHERE_PASSWORD ) }}"
vsphere_server: "{{ lookup('env', VSPHERE_SERVER ) }}"
vsphere_datacenter: "{{ lookup('env', VSPHERE_DATACENTER ) }}"
vsphere_datastore: "{{ lookup('env', VSPHERE_DATASTORE ) }}"
vsphere_working_dir: "{{ lookup('env', VSPHERE_WORKING_DIR ) }}"

View file

@ -64,21 +64,13 @@
- name: check cloud_provider value - name: check cloud_provider value
fail: fail:
msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'vsphere', or 'openstack'" msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'azure', 'openstack' or 'vsphere'"
when: cloud_provider is defined and cloud_provider not in ['generic', 'gce', 'aws', 'openstack', 'azure', 'vsphere'] when: cloud_provider is defined and cloud_provider not in ['generic', 'gce', 'aws', 'azure', 'openstack', 'vsphere']
tags: [cloud-provider, facts] tags: [cloud-provider, facts]
- include: openstack-credential-check.yml - include: "{{ cloud_provider }}-credential-check.yml"
when: cloud_provider is defined and cloud_provider == 'openstack' when: cloud_provider is defined and cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
tags: [cloud-provider, openstack, facts] tags: [cloud-provider, "{{ cloud_provider }}", facts]
- include: azure-credential-check.yml
when: cloud_provider is defined and cloud_provider == 'azure'
tags: [cloud-provider, azure, facts]
- include: vsphere-credential-check.yml
when: cloud_provider is defined and cloud_provider == 'vsphere'
tags: [cloud-provider, vsphere, facts]
- name: Create cni directories - name: Create cni directories
file: file:
@ -183,23 +175,14 @@
state: present state: present
tags: bootstrap-os tags: bootstrap-os
- name: "Write {{ cloud_provider}} cloud-config" - name: Write cloud-config
template: template:
src: "{{ cloud_provider }}-cloud-config.j2" src: "{{ cloud_provider }}-cloud-config.j2"
dest: "{{ kube_config_dir }}/cloud_config" dest: "{{ kube_config_dir }}/cloud_config"
group: "{{ kube_cert_group }}" group: "{{ kube_cert_group }}"
mode: 0640 mode: 0640
when: inventory_hostname in groups['k8s-cluster'] and cloud_provider is defined and cloud_provider in [ "openstack", "vsphere" ] when: inventory_hostname in groups['k8s-cluster'] and cloud_provider is defined and cloud_provider in [ 'openstack', 'azure', 'vsphere' ]
tags: [cloud-provider, openstack, vsphere] tags: [cloud-provider, "{{ cloud_provider }}"]
- name: Write azure cloud-config
template:
src: azure-cloud-config.j2
dest: "{{ kube_config_dir }}/cloud_config"
group: "{{ kube_cert_group }}"
mode: 0640
when: inventory_hostname in groups['k8s-cluster'] and cloud_provider is defined and cloud_provider == "azure"
tags: [cloud-provider, azure]
- include: etchosts.yml - include: etchosts.yml
tags: [bootstrap-os, etchosts] tags: [bootstrap-os, etchosts]

View file

@ -1,30 +1,21 @@
--- - name: check vsphere environment variables
- name: check vsphere_username value
fail: fail:
msg: "vsphere_username is missing" msg: "{{ item.name }} is missing"
when: vsphere_username is not defined or vsphere_username == "" when: item.value is not defined or item.value == ''
with_items:
- name: check vsphere_password value - name: vsphere_vcenter_ip
fail: value: "{{ vsphere_vcenter_ip }}"
msg: "vsphere_password is missing" - name: vsphere_vcenter_port
when: vsphere_password is not defined or vsphere_password == "" value: "{{ vsphere_vcenter_port }}"
- name: vsphere_user
- name: check vsphere_server value value: "{{ vsphere_user }}"
fail: - name: vsphere_password
msg: "vsphere_server is missing" value: "{{ vsphere_password }}"
when: vsphere_server is not defined or vsphere_server == "" - name: vsphere_datacenter
value: "{{ vsphere_datacenter }}"
- name: check vsphere_datacenter value - name: vsphere_datastore
fail: value: "{{ vsphere_datastore }}"
msg: "vsphere_datacenter is missing" - name: vsphere_working_dir
when: vsphere_datacenter is not defined or vsphere_datacenter == "" value: "{{ vsphere_working_dir }}"
- name: vsphere_insecure
- name: check vsphere_datastore value value: "{{ vsphere_insecure }}"
fail:
msg: "vsphere_datastore is missing"
when: vsphere_datastore is not defined or vsphere_datastore == ""
- name: check vsphere_working_dir value
fail:
msg: "vsphere_working_dir is missing"
when: vsphere_working_dir is not defined or vsphere_working_dir == ""

View file

@ -1,9 +1,20 @@
[Global] [Global]
user = {{ vsphere_username }}
password = {{ vsphere_password }}
server = {{ vsphere_server }}
port = 443
insecure-flag = true
datacenter = {{ vsphere_datacenter }} datacenter = {{ vsphere_datacenter }}
datastore = {{ vsphere_datastore }} datastore = {{ vsphere_datastore }}
insecure-flag = {{ vsphere_insecure }}
password = {{ vsphere_password }}
port = {{ vsphere_vcenter_port }}
server = {{ vsphere_vcenter_ip }}
user = {{ vsphere_user }}
working-dir = {{ vsphere_working_dir }} working-dir = {{ vsphere_working_dir }}
{% if vsphere_vm_uuid is defined %}
vm-uuid = {{ vsphere_vm_uuid }}
{% endif %}
[Disk]
scsicontrollertype = {{ vsphere_scsi_controller_type }}
{% if vsphere_public_network is defined and vsphere_public_network != "" %}
[Network]
public-network = {{ vsphere_public_network }}
{% endif %}