32cd6e99b2
* Enforce a etcd-proxy role to a k8s-cluster group members. This provides an HA layout for all of the k8s cluster internal clients. * Proxies to be run on each node in the group as a separate etcd instances with a readwrite proxy mode and listen the given endpoint, which is either the access_ip:2379 or the localhost:2379. * A notion for the 'kube_etcd_multiaccess' is: ignore endpoints and loadbalancers and use the etcd members IPs as a comma-separated list. Otherwise, clients shall use the local endpoint provided by a etcd-proxy instances on each etcd node. A Netwroking plugins always use that access mode. * Fix apiserver's etcd servers args to use the etcd_access_endpoint. * Fix networking plugins flannel/calico to use the etcd_endpoint. * Fix name env var for non masters to be set as well. * Fix etcd_client_url was not used anywhere and other etcd_* facts evaluation was duplicated in a few places. * Define proxy modes only in the env file, if not a master. Del an automatic proxy mode decisions for etcd nodes in init/unit scripts. * Use Wants= instead of Requires= as "This is the recommended way to hook start-up of one unit to the start-up of another unit" * Make apiserver/calico Wants= etcd-proxy to keep it always up Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com> Co-authored-by: Matthew Mosesohn <mmosesohn@mirantis.com>
47 lines
1.5 KiB
YAML
47 lines
1.5 KiB
YAML
---
|
|
kind: "Pod"
|
|
apiVersion: "v1"
|
|
metadata:
|
|
name: "flannel"
|
|
namespace: "kube-system"
|
|
labels:
|
|
app: "flannel"
|
|
version: "v0.1"
|
|
spec:
|
|
volumes:
|
|
- name: "subnetenv"
|
|
hostPath:
|
|
path: "/run/flannel"
|
|
- name: "networkconfig"
|
|
hostPath:
|
|
path: "/etc/flannel-network.json"
|
|
containers:
|
|
- name: "flannel-server-helper"
|
|
image: "gcr.io/google_containers/flannel-server-helper:0.1"
|
|
args:
|
|
- "--network-config=/etc/flannel-network.json"
|
|
- "--etcd-prefix=/{{ cluster_name }}/network"
|
|
- "--etcd-server={{ etcd_endpoint }}"
|
|
volumeMounts:
|
|
- name: "networkconfig"
|
|
mountPath: "/etc/flannel-network.json"
|
|
imagePullPolicy: "Always"
|
|
- name: "flannel-container"
|
|
image: "quay.io/coreos/flannel:0.5.5"
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- "/opt/bin/flanneld -etcd-endpoints {{ etcd_access_endpoint }} -etcd-prefix /{{ cluster_name }}/network {% if flannel_interface is defined %}-iface {{ flannel_interface }}{% endif %} {% if flannel_public_ip is defined %}-public-ip {{ flannel_public_ip }}{% endif %}"
|
|
ports:
|
|
- hostPort: 10253
|
|
containerPort: 10253
|
|
resources:
|
|
limits:
|
|
cpu: "100m"
|
|
volumeMounts:
|
|
- name: "subnetenv"
|
|
mountPath: "/run/flannel"
|
|
securityContext:
|
|
privileged: true
|
|
hostNetwork: true
|