C12s/c12s-kubespray
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #35 from ansibl8s/dockerize_etcd

Browse source 
Dockerize etcd
This commit is contained in:
Smaine Kahlouch 2015-12-30 14:01:00 +01:00
commit ddaeb2b8fa
19 changed files with 103 additions and 158 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
cluster.yml
View file

@ -6,15 +6,12 @@
- hosts: k8s-cluster - hosts: k8s-cluster
roles: roles:
- { role: etcd, tags: etcd }
- { role: docker, tags: docker } - { role: docker, tags: docker }
- { role: kubernetes/node, tags: node }
- { role: etcd, tags: etcd }
- { role: dnsmasq, tags: dnsmasq } - { role: dnsmasq, tags: dnsmasq }
- { role: network_plugin, tags: ['calico', 'flannel', 'network'] } - { role: network_plugin, tags: ['calico', 'flannel', 'network'] }
- hosts: kube-master - hosts: kube-master
roles: roles:
- { role: kubernetes/master, tags: master } - { role: kubernetes/master, tags: master }
- hosts: kube-node
roles:
- { role: kubernetes/node, tags: node }

2
roles/apps/k8s-kube-logstash

@ -1 +1 @@
Subproject commit 340d1a5ec75e7b7c43783dc7a1c02aa7d5991dbe Subproject commit 256fa156e46d623ab0a7a60efdc7bac535cea8d7

3
roles/download/defaults/main.yml
View file

@ -7,9 +7,10 @@ kubectl_checksum: "01b9bea18061a27b1cf30e34fd8ab45cfc096c9a9d57d0ed21072abb40dd3
kubelet_checksum: "62191c66f2d670dd52ddf1d88ef81048977abf1ffaa95ee6333299447eb6a482" kubelet_checksum: "62191c66f2d670dd52ddf1d88ef81048977abf1ffaa95ee6333299447eb6a482"
calico_version: v0.13.0 calico_version: v0.13.0
calico_plugin_version: v0.7.0
etcd_download_url: "https://github.com/coreos/etcd/releases/download" etcd_download_url: "https://github.com/coreos/etcd/releases/download"
flannel_download_url: "https://github.com/coreos/flannel/releases/download" flannel_download_url: "https://github.com/coreos/flannel/releases/download"
kube_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/amd64" kube_download_url: "https://storage.googleapis.com/kubernetes-release/release/{{ kube_version }}/bin/linux/amd64"
calico_download_url: "https://github.com/Metaswitch/calico-docker/releases/download" calico_download_url: "https://github.com/Metaswitch/calico-docker/releases/download"
calico_plugin_download_url: "https://github.com/projectcalico/calico-kubernetes/releases/download/{{calico_plugin_version}}/calico_kubernetes"

6
roles/download/tasks/calico.yml
View file

@ -19,3 +19,9 @@
when: not c_tar.stat.exists when: not c_tar.stat.exists
register: dl_calico register: dl_calico
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
- name: Download calico-kubernetes-plugin
local_action: get_url
url="{{calico_plugin_download_url}}"
dest="{{ local_release_dir }}/calico/bin/calico"

42
roles/download/tasks/etcd.yml
View file

@ -1,42 +0,0 @@
---
- name: Create etcd release directory
local_action: file
path={{ local_release_dir }}/etcd/bin
recurse=yes
state=directory
delegate_to: "{{ groups['kube-master'][0] }}"
- name: Check if etcd release archive has been downloaded
local_action: stat
path={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz
register: e_tar
delegate_to: "{{ groups['kube-master'][0] }}"
# issues with get_url module and redirects, to be tested again in the near future
- name: Download etcd
local_action: shell
curl -o {{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz -Ls {{ etcd_download_url }}/{{ etcd_version }}/etcd-{{ etcd_version }}-linux-amd64.tar.gz
when: not e_tar.stat.exists
register: dl_etcd
delegate_to: "{{ groups['kube-master'][0] }}"
- name: Extract etcd archive
local_action: unarchive
src={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64.tar.gz
dest={{ local_release_dir }}/etcd copy=no
when: dl_etcd|changed
delegate_to: "{{ groups['kube-master'][0] }}"
- name: Pick up only etcd binaries
local_action: copy
src={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64/{{ item }}
dest={{ local_release_dir }}/etcd/bin
with_items:
- etcdctl
- etcd
when: dl_etcd|changed
- name: Delete unused etcd files
local_action: file
path={{ local_release_dir }}/etcd/etcd-{{ etcd_version }}-linux-amd64 state=absent
when: dl_etcd|changed

1
roles/download/tasks/main.yml
View file

@ -1,5 +1,4 @@
--- ---
- include: kubernetes.yml - include: kubernetes.yml
- include: etcd.yml
- include: calico.yml - include: calico.yml
- include: flannel.yml - include: flannel.yml

14
roles/etcd/handlers/main.yml
View file

@ -1,14 +0,0 @@
---
- name: reload systemd
command: systemctl daemon-reload
- name: restart reloaded-etcd2
service:
name: etcd2
state: restarted
- name: restart etcd2
command: /bin/true
notify:
- reload systemd
- restart reloaded-etcd2

16
roles/etcd/tasks/configure.yml
View file

@ -1,16 +0,0 @@
---
- name: Copy etcd2.service systemd file
template:
src: systemd-etcd2.service.j2
dest: /lib/systemd/system/etcd2.service
backup: yes
notify:
- restart etcd2
- name: Create etcd2 environment vars file
template:
src: etcd2-environment.j2
dest: /etc/etcd2-environment
- name: Ensure etcd2 is running
service: name=etcd2 state=started enabled=yes

23
roles/etcd/tasks/install.yml
View file

@ -1,23 +0,0 @@
---
- name: Create etcd user
user: name=etcd shell=/bin/nologin home=/var/lib/etcd2
- name: Install etcd binaries
copy:
src={{ local_release_dir }}/etcd/bin/{{ item }}
dest={{ bin_dir }}
owner=etcd
mode=0755
with_items:
- etcdctl
- etcd
notify: restart etcd2
- name: Create etcd2 binary symlink
file: src=/usr/local/bin/etcd dest=/usr/local/bin/etcd2 state=link
- name: install required python module 'httplib2'
apt:
name: "python-httplib2"
state: present
when: inventory_hostname == groups['kube-master'][0] or inventory_hostname == groups['etcd'][0]

14
roles/etcd/tasks/main.yml
View file

@ -1,3 +1,13 @@
--- ---
- include: install.yml - name: ETCD2 | Stop etcd2 service
- include: configure.yml service: name=etcd state=stopped
ignore_errors: yes
- name: ETCD2 | create etcd pod template
template: src=etcd-pod.yml dest=/etc/kubernetes/manifests/etcd-pod.manifest
- name: ETCD2 | Check for etcd2 port
wait_for:
port: 2379
delay: 5
timeout: 30

54
roles/etcd/templates/etcd-pod.yml Normal file
View file

@ -0,0 +1,54 @@
---
apiVersion: v1
kind: Pod
metadata:
name: etcd
namespace: kube-system
spec:
hostNetwork: true
containers:
- name: etcd
image: quay.io/coreos/etcd:v2.2.2
resources:
limits:
cpu: 100m
memory: 256M
args:
{% if inventory_hostname in groups['etcd'] %}
- --name
- etcd-{{inventory_hostname}}-master
- --advertise-client-urls
- "http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379"
- --listen-peer-urls
- http://0.0.0.0:2380
- --initial-advertise-peer-urls
- http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2380
- --data-dir
- /var/etcd/data
- --initial-cluster-state
- new
{% else %}
- --proxy
- 'on'
{% endif %}
- --listen-client-urls
- "http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379,http://127.0.0.1:2379"
- --initial-cluster
- "{% for host in groups['etcd'] %}etcd-{{host}}-master=http://{{ hostvars[host]['ip'] | default( hostvars[host]['ansible_default_ipv4']['address']) }}:2380{% if not loop.last %},{% endif %}{% endfor %}"
- --initial-cluster-token
- etcd-k8s-cluster
ports:
- name: etcd-client
containerPort: 2379
hostPort: 2379
- name: etcd-peer
containerPort: 2380
hostPort: 2380
volumeMounts:
- name: varetcd
mountPath: /var/etcd
readOnly: false
volumes:
- name: varetcd
hostPath:
path: /containers/pods/etcd-{{inventory_hostname}}/rootfs/var/etcd

20
roles/etcd/templates/etcd2-environment.j2
View file

@ -1,20 +0,0 @@
ETCD_DATA_DIR="/var/lib/etcd2"
{% if inventory_hostname in groups['etcd'] %}
{% set etcd = {} %}
{% for host in groups['etcd'] %}
{% if inventory_hostname == host %}
{% set _dummy = etcd.update({'name':"master"+loop.index|string}) %}
{% endif %}
{% endfor %}
ETCD_ADVERTISE_CLIENT_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2380"
ETCD_INITIAL_CLUSTER="{% for host in groups['etcd'] %}master{{ loop.index|string }}=http://{{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}:2380{% if not loop.last %},{% endif %}{% endfor %}"
ETCD_INITIAL_CLUSTER_STATE="new"
ETCD_INITIAL_CLUSTER_TOKEN="k8s_etcd"
ETCD_LISTEN_CLIENT_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2379,http://127.0.0.1:2379"
ETCD_LISTEN_PEER_URLS="http://{{ hostvars[inventory_hostname]['ip'] | default( ansible_default_ipv4.address) }}:2380"
ETCD_NAME="{{ etcd.name }}"
{% else %}
ETCD_INITIAL_CLUSTER="{% for host in groups['etcd'] %}master{{ loop.index|string }}=http://{{ hostvars[host]['ip'] | default(hostvars[host]['ansible_default_ipv4']['address']) }}:2380{% if not loop.last %},{% endif %}{% endfor %}"
ETCD_LISTEN_CLIENT_URLS="http://127.0.0.1:23799"
{% endif %}

18
roles/etcd/templates/systemd-etcd2.service.j2
View file

@ -1,18 +0,0 @@
[Unit]
Description=etcd2
Conflicts=etcd.service
[Service]
User=etcd
EnvironmentFile=/etc/etcd2-environment
{% if inventory_hostname in groups['etcd'] %}
ExecStart={{ bin_dir }}/etcd2
{% else %}
ExecStart={{ bin_dir }}/etcd2 -proxy on
{% endif %}
Restart=always
RestartSec=10s
LimitNOFILE=40000
[Install]
WantedBy=multi-user.target

1
roles/kubernetes/master/tasks/main.yml
View file

@ -48,6 +48,7 @@
wait_for: wait_for:
port: "{{kube_apiserver_insecure_port}}" port: "{{kube_apiserver_insecure_port}}"
delay: 10 delay: 10
timeout: 60
- name: Create 'kube-system' namespace - name: Create 'kube-system' namespace
uri: uri:

7
roles/kubernetes/node/tasks/gen_tokens.yml
View file

@ -46,10 +46,3 @@
register: calico_token register: calico_token
when: kube_network_plugin == "calico" when: kube_network_plugin == "calico"
delegate_to: "{{ groups['kube-master'][0] }}" delegate_to: "{{ groups['kube-master'][0] }}"
- name: tokens | Add KUBE_AUTH_TOKEN for calico
lineinfile:
regexp: "^KUBE_AUTH_TOKEN=.*$"
line: "KUBE_AUTH_TOKEN={{ calico_token.content|b64decode }}"
dest: "/etc/network-environment"
when: kube_network_plugin == "calico"

13
roles/kubernetes/node/tasks/install.yml
View file

@ -11,3 +11,16 @@
mode=0755 mode=0755
notify: notify:
- restart kubelet - restart kubelet
- name: Calico-plugin | Directory
file: path=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/ state=directory
when: kube_network_plugin == "calico"
- name: Calico-plugin | Binary
copy:
src={{ local_release_dir }}/calico/bin/calico
dest=/usr/libexec/kubernetes/kubelet-plugins/net/exec/calico/calico
mode=0755
when: kube_network_plugin == "calico"
notify:
- restart kubelet

3
roles/kubernetes/node/tasks/main.yml
View file

@ -42,6 +42,9 @@
src: manifests/kube-proxy.manifest.j2 src: manifests/kube-proxy.manifest.j2
dest: "{{ kube_manifest_dir }}/kube-proxy.manifest" dest: "{{ kube_manifest_dir }}/kube-proxy.manifest"
- name: Write network-environment
template: src=network-environment.j2 dest=/etc/network-environment mode=640
- name: Enable kubelet - name: Enable kubelet
service: service:
name: kubelet name: kubelet

12
roles/network_plugin/templates/network-environment.j2 → roles/kubernetes/node/templates/network-environment.j2
View file

@ -13,11 +13,12 @@ KUBERNETES_MASTER={{ hostvars[groups['kube-master'][0]]['ip'] | default(hostvars
# Location of etcd cluster used by Calico. By default, this uses the etcd # Location of etcd cluster used by Calico. By default, this uses the etcd
# instance running on the Kubernetes Master # instance running on the Kubernetes Master
{% if inventory_hostname in groups['etcd'] %}
ETCD_AUTHORITY="127.0.0.1:2379" ETCD_AUTHORITY="127.0.0.1:2379"
{% else %} #{% if inventory_hostname in groups['etcd'] %}
ETCD_AUTHORITY="127.0.0.1:23799" #ETCD_AUTHORITY="127.0.0.1:2379"
{% endif %} #{% else %}
#ETCD_AUTHORITY="127.0.0.1:23799"
#{% endif %}
# The kubernetes-apiserver location - used by the calico plugin # The kubernetes-apiserver location - used by the calico plugin
{% if loadbalancer_apiserver is defined and apiserver_loadbalancer_domain_name is defined %} {% if loadbalancer_apiserver is defined and apiserver_loadbalancer_domain_name is defined %}
@ -28,3 +29,6 @@ KUBE_API_ROOT=https://{{ hostvars[groups['kube-master'][0]]['ip'] | default(host
{% else %} {% else %}
FLANNEL_ETCD_PREFIX="--etcd-prefix=/{{ cluster_name }}/network" FLANNEL_ETCD_PREFIX="--etcd-prefix=/{{ cluster_name }}/network"
{% endif %} {% endif %}
{% if calico_token is defined | default('') %}
KUBE_AUTH_TOKEN={{ calico_token.content|b64decode }}
{% endif %}

3
roles/network_plugin/tasks/main.yml
View file

@ -4,9 +4,6 @@
when: ( kube_network_plugin is defined and kube_network_plugin == "calico" and kube_network_plugin == "flannel" ) or when: ( kube_network_plugin is defined and kube_network_plugin == "calico" and kube_network_plugin == "flannel" ) or
kube_network_plugin is not defined kube_network_plugin is not defined
- name: Write network-environment
template: src=network-environment.j2 dest=/etc/network-environment mode=640
- include: flannel.yml - include: flannel.yml
when: kube_network_plugin == "flannel" when: kube_network_plugin == "flannel"