From 16b10b026b50e1530dbf77ba932c1dabe381727c Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Wed, 24 May 2017 15:49:21 -0400 Subject: [PATCH 1/5] add scale.yml to do minimum needed for a node bootstrap --- docs/getting-started.md | 12 ++++++++++++ scale.yml | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 scale.yml diff --git a/docs/getting-started.md b/docs/getting-started.md index 5c61ef764..6e323d9cd 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -55,3 +55,15 @@ ansible-playbook -i my_inventory/inventory.cfg cluster.yml -b -v \ ``` See more details in the [ansible guide](ansible.md). + +Adding nodes +-------------------------- + +You may want to add worker nodes to your existing cluster. This can be done by re-running the `cluster.yml` playbook, or you can target the bare minimum needed to get kubelet installed on the worker and talking to your masters. This is especially helpful when doing something like autoscaling your clusters. + +- Add the new worker node to your inventory under kube-node (or utilize a [dynamic inventory](https://docs.ansible.com/ansible/intro_dynamic_inventory.html)). +- Run the ansible-playbook command, substituting `scale.yml` for `cluster.yml`: +``` +ansible-playbook -i my_inventory/inventory.cfg scale.yml -b -v \ + --private-key=~/.ssh/private_key +``` \ No newline at end of file diff --git a/scale.yml b/scale.yml new file mode 100644 index 000000000..02e79aa37 --- /dev/null +++ b/scale.yml @@ -0,0 +1,34 @@ +--- + +##Bootstrap any new workers +- hosts: kube-node + any_errors_fatal: "{{ any_errors_fatal | default(true) }}" + gather_facts: false + vars: + ansible_ssh_pipelining: false + roles: + - { role: kargo-defaults} + - { role: bootstrap-os, tags: bootstrap-os} + +##We still have to gather facts about our masters and etcd nodes +- hosts: k8s-cluster:etcd:calico-rr + any_errors_fatal: "{{ any_errors_fatal | default(true) }}" + vars: + ansible_ssh_pipelining: true + gather_facts: true + +##Target only workers to get kubelet installed and checking in on any new nodes +- hosts: kube-node + any_errors_fatal: "{{ any_errors_fatal | default(true) }}" + roles: + - { role: kargo-defaults} + - { role: kernel-upgrade, tags: kernel-upgrade, when: kernel_upgrade is defined and kernel_upgrade } + - { role: kubernetes/preinstall, tags: preinstall } + - { role: docker, tags: docker } + - role: rkt + tags: rkt + when: "'rkt' in [etcd_deployment_type, kubelet_deployment_type, vault_deployment_type]" + - { role: etcd, tags: etcd, etcd_cluster_setup: false } + - { role: vault, tags: vault, when: "cert_management == 'vault'"} + - { role: kubernetes/node, tags: node } + - { role: network_plugin, tags: network } From bb6f727f25aaa626698688fac2faa4872635a88d Mon Sep 17 00:00:00 2001 From: vgkowski Date: Mon, 19 Jun 2017 15:48:34 +0200 Subject: [PATCH 2/5] Update openstack documentation with Calico Linked to the issue https://github.com/kubernetes-incubator/kubespray/issues/1359 --- docs/openstack.md | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/docs/openstack.md b/docs/openstack.md index 1a82133c0..77bb293bf 100644 --- a/docs/openstack.md +++ b/docs/openstack.md @@ -37,12 +37,8 @@ Then you can use the instance ids to find the connected [neutron](https://wiki.o Given the port ids on the left, you can set the `allowed_address_pairs` in neutron: - # allow kube_service_addresses network - neutron port-update 5662a4e0-e646-47f0-bf88-d80fbd2d99ef --allowed_address_pairs list=true type=dict ip_address=10.233.0.0/18 - neutron port-update e5ae2045-a1e1-4e99-9aac-4353889449a7 --allowed_address_pairs list=true type=dict ip_address=10.233.0.0/18 - - # allow kube_pods_subnet network - neutron port-update 5662a4e0-e646-47f0-bf88-d80fbd2d99ef --allowed_address_pairs list=true type=dict ip_address=10.233.64.0/18 - neutron port-update e5ae2045-a1e1-4e99-9aac-4353889449a7 --allowed_address_pairs list=true type=dict ip_address=10.233.64.0/18 + # allow kube_service_addresses and kube_pods_subnet network + neutron port-update 5662a4e0-e646-47f0-bf88-d80fbd2d99ef --allowed_address_pairs list=true type=dict ip_address=10.233.0.0/18 ip_address=10.233.64.0/18 + neutron port-update e5ae2045-a1e1-4e99-9aac-4353889449a7 --allowed_address_pairs list=true type=dict ip_address=10.233.0.0/18 ip_address=10.233.64.0/18 Now you can finally run the playbook. From 9e123011c2b1ad6b651cb89c68cadecb12851c0a Mon Sep 17 00:00:00 2001 From: TAKAHASHI Yuto Date: Wed, 14 Jun 2017 16:22:07 +0900 Subject: [PATCH 3/5] Modify documented neutron commands for Calico setup --- docs/openstack.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/openstack.md b/docs/openstack.md index 77bb293bf..7a4368e2e 100644 --- a/docs/openstack.md +++ b/docs/openstack.md @@ -35,7 +35,9 @@ Then you can use the instance ids to find the connected [neutron](https://wiki.o | 5662a4e0-e646-47f0-bf88-d80fbd2d99ef | e1f48aad-df96-4bce-bf61-62ae12bf3f95 | | e5ae2045-a1e1-4e99-9aac-4353889449a7 | 725cd548-6ea3-426b-baaa-e7306d3c8052 | -Given the port ids on the left, you can set the `allowed_address_pairs` in neutron: +Given the port ids on the left, you can set the `allowed_address_pairs` in neutron. +Note that you have to allow both of `kube_service_addresses` (default `10.233.0.0/18`) +and `kube_pods_subnet` (default `10.233.64.0/18`.) # allow kube_service_addresses and kube_pods_subnet network neutron port-update 5662a4e0-e646-47f0-bf88-d80fbd2d99ef --allowed_address_pairs list=true type=dict ip_address=10.233.0.0/18 ip_address=10.233.64.0/18 From 0cd83eadc0497c7ff4ab98ceb77ebb6419ec1665 Mon Sep 17 00:00:00 2001 From: Anton Nerozya Date: Thu, 22 Jun 2017 18:29:48 +0200 Subject: [PATCH 4/5] README: Integration with existing ansible repo --- README.md | 1 + docs/integration.md | 121 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 122 insertions(+) create mode 100644 docs/integration.md diff --git a/README.md b/README.md index aa1360a77..ccba240b6 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ To deploy the cluster you can use : * [Kargo vs ...](docs/comparisons.md) * [Getting started](docs/getting-started.md) * [Ansible inventory and tags](docs/ansible.md) +* [Integration with existing ansible repo](docs/integration.md) * [Deployment data variables](docs/vars.md) * [DNS stack](docs/dns-stack.md) * [HA mode](docs/ha-mode.md) diff --git a/docs/integration.md b/docs/integration.md new file mode 100644 index 000000000..0d6f4ba0f --- /dev/null +++ b/docs/integration.md @@ -0,0 +1,121 @@ +# Kubespray (kargo) in own ansible playbooks repo + +1. Fork [kubespray repo](https://github.com/kubernetes-incubator/kubespray) to your personal/organisation account on github. + Note: + * All forked public repos at github will be also public, so **never commit sensitive data to your public forks**. + * List of all forked repos could be retrieved from github page of original project. + +2. Add **forked repo** as submodule to desired folder in your existent ansible repo(for example 3d/kubespray): + ```git submodule add https://github.com/YOUR_GITHUB/kubespray.git kubespray``` + Git will create _.gitmodules_ file in your existent ansible repo: + ``` + [submodule "3d/kubespray"] + path = 3d/kubespray + url = https://github.com/YOUR_GITHUB/kubespray.git + ``` + +3. Configure git to show submodule status: +```git config --global status.submoduleSummary true``` + +4. Add *original* kubespray repo as upstream: +```git remote add upstream https://github.com/kubernetes-incubator/kubespray.git``` + +5. Sync your master branch with upstream: + ``` + git checkout master + git fetch upstream + git merge upstream/master + git push origin master + ``` + +6. Create a new branch which you will use in your working environment: +```git checkout -b work``` + ***Never*** use master branch of your repository for your commits. + +7. Modify path to library and roles in your ansible.cfg file (role naming should be uniq, you may have to rename your existent roles if they have same names as kubespray project): + ``` + ... + library = 3d/kubespray/library/ + roles_path = 3d/kubespray/roles/ + ... + ``` + +8. Copy and modify configs from kubespray `group_vars` folder to corresponging `group_vars` folder in your existent project. +You could rename *all.yml* config to something else, i.e. *kubespray.yml* and create corresponding group in your inventory file, which will include all hosts groups related to kubernetes setup. + +9. Modify your ansible inventory file by adding mapping of your existent groups (if any) to kubespray naming. + For example: + ``` + ... + #Kargo groups: + [kube-node:children] + kubenode + + [k8s-cluster:children] + kubernetes + + [etcd:children] + kubemaster + kubemaster-ha + + [kube-master:children] + kubemaster + kubemaster-ha + + [vault:children] + kube-master + + [kubespray:children] + kubernetes + ``` + * Last entry here needed to apply kubespray.yml config file, renamed from all.yml of kubespray project. + +10. Now you can include kargo tasks in you existent playbooks by including cluster.yml file: + ``` + - name: Include kargo tasks + include: 3d/kubespray/cluster.yml + ``` + Or your could copy separate tasks from cluster.yml into your ansible repository. + +11. Commit changes to your ansible repo. Keep in mind, that submodule folder is just a link to the git commit hash of your forked repo. +When you update your "work" branch you need to commit changes to ansible repo as well. +Other members of your team should use ```git submodule sync```, ```git submodule update --init``` to get actual code from submodule. + +# Contributing +If you made useful changes or fixed a bug in existent kubespray repo, use this flow for PRs to original kubespray repo. + +0. Sign the [CNCF CLA](https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ). + +1. Change working directory to git submodule directory (3d/kubespray). + +2. Setup desired user.name and user.email for submodule. +If kubespray is only one submodule in your repo you could use something like: +```git submodule foreach --recursive 'git config user.name "First Last" && git config user.email "your-email-addres@used.for.cncf"'``` + +3. Sync with upstream master: + ``` + git fetch upstream + git merge upstream/master + git push origin master + ``` +4. Create new branch for the specific fixes that you want to contribute: +```git checkout -b fixes-name-date-index``` +Branch name should be self explaining to you, adding date and/or index will help you to track/delete your old PRs. + +5. Find git hash of your commit in "work" repo and apply it to newly created "fix" repo: + ``` + git cherry-pick + ``` +6. If your have several temporary-stage commits - squash them using [```git rebase -i```](http://eli.thegreenplace.net/2014/02/19/squashing-github-pull-requests-into-a-single-commit) +Also you could use interactive rebase (```git rebase -i HEAD~10```) to delete commits which you don't want to contribute into original repo. + +7. When your changes is in place, you need to check upstream repo one more time because it could be changed during your work. +Check that you're on correct branch: +```git status``` +And pull changes from upstream (if any): +```git pull --rebase upstream master``` + +8. Now push your changes to your **fork** repo with ```git push```. If your branch doesn't exists on github, git will propose you to use something like ```git push --set-upstream origin fixes-name-date-index```. + +9. Open you forked repo in browser, on the main page you will see proposition to create pull request for your newly created branch. Check proposed diff of your PR. If something is wrong you could safely delete "fix" branch on github using ```git push origin --delete fixes-name-date-index```, ```git branch -D fixes-name-date-index``` and start whole process from the beginning. +If everything is fine - add description about your changes (what they do and why they're needed) and confirm pull request creation. From e17c2ef698beda88f132227b49e5b877c53fb7a2 Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Fri, 23 Jun 2017 11:49:48 -0400 Subject: [PATCH 5/5] premoderator breaks on redirect. update to use kubespray. --- scripts/premoderator.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/premoderator.sh b/scripts/premoderator.sh index 4b35af8d2..9ad490a57 100644 --- a/scripts/premoderator.sh +++ b/scripts/premoderator.sh @@ -8,7 +8,7 @@ MAGIC="${MAGIC:-ci check this}" # Get PR number from CI_BUILD_REF_NAME issue=$(echo ${CI_BUILD_REF_NAME} | perl -ne '/^pr-(\d+)-\S+$/ && print $1') # Get the user name from the PR comments with the wanted magic incantation casted -user=$(curl ${CURL_ARGS} "https://api.github.com/repos/kubernetes-incubator/kargo/issues/${issue}/comments" \ +user=$(curl ${CURL_ARGS} "https://api.github.com/repos/kubernetes-incubator/kubespray/issues/${issue}/comments" \ | jq -M "map(select(.body | contains (\"$MAGIC\"))) | .[0] .user.login" | tr -d '"') # Check for the required user group membership to allow (exit 0) or decline (exit >0) the pipeline if [ "$user" = "null" ]; then