d08d2fd808
Admin certs are only available for kube-master nodes. When etcd nodes are separate, calico fails to access them with missing admin certs and etcd fails to configure ETCD_PEER_* env vars due to missing member certs. Fix this by switching curls to the first etcd node and delegate to the first master. This assumes only admin certs allow to get calico keys from etcd but not member/node certs. Also move member certs from master_certs to node_certs list as ETCD(_PEER)_CERT/KEY env vars expects. Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com> |
||
---|---|---|
contrib/terraform | ||
docs | ||
inventory | ||
roles | ||
scripts | ||
tests | ||
.gitignore | ||
.gitmodules | ||
.travis.yml | ||
ansible.cfg | ||
cluster.yml | ||
code-of-conduct.md | ||
CONTRIBUTING.md | ||
LICENSE | ||
OWNERS | ||
README.md | ||
RELEASE.md | ||
requirements.txt | ||
requirements.yml | ||
ubuntu-bootstrap.yml | ||
uploads.yml | ||
Vagrantfile |
##Deploy a production ready kubernetes cluster
If you have questions, you can invite yourself to chat with us on Slack!
- Can be deployed on AWS, GCE, OpenStack or Baremetal
- High available cluster
- Composable (Choice of the network plugin for instance)
- Support most popular Linux distributions
- Continuous integration tests
To deploy the cluster you can use :
kargo-cli (deprecated, a newer go version soon)
Ansible usual commands
vagrant by simply running vagrant up
(for tests purposes)
- Requirements
- Getting started
- Vagrant install
- CoreOS bootstrap
- Ansible variables
- Cloud providers
- OpenStack
- AWS
- Network plugins
- Roadmap
Supported Linux distributions
- CoreOS
- Debian Wheezy, Jessie
- Ubuntu 14.10, 15.04, 15.10, 16.04
- Fedora 23
- CentOS/RHEL 7
Versions
kubernetes v1.4.6
etcd v3.0.6
flanneld v0.6.2
calicoctl v0.22.0
weave v1.6.1
docker v1.10.3
Requirements
- The target servers must have access to the Internet in order to pull docker images.
- The firewalls are not managed, you'll need to implement your own rules the way you used to. in order to avoid any issue during deployment you should disable your firewall
- Copy your ssh keys to all the servers part of your inventory.
- Ansible v2.x and python-netaddr
Network plugins
You can choose between 3 network plugins. (default: flannel
with vxlan backend)
-
flannel: gre/vxlan (layer 2) networking.
-
calico: bgp (layer 3) networking.
-
weave: Weave is a lightweight container overlay network that doesn't require an external K/V database cluster.
(Please refer toweave
troubleshooting documentation)
The choice is defined with the variable kube_network_plugin
CI Tests
Google Compute Engine
| Calico | Flannel | Weave |
------------- | ------------- | ------------- | ------------- | Ubuntu Xenial |||| CentOS 7 |||| CoreOS (stable) ||||
CI tests sponsored by Google (GCE), and teuto.net for OpenStack.