Refactor the services to be more generic and sharable. Add the
external vip in case you need that, and allow node port to be
used.
Partially implements: blueprint external-ips
Change-Id: I2f98e01d069a2686dd8023fa1491475d026b97b0
This PS introduces a script which can be used to generated kubernetes
secrets which will be consumed by bootstraps to securely access passwords
for differenrt services.
TrivialFix
Change-Id: I07e06f78d24ed4ba0e7039fa6bdf47ca2a917437
Getting the latest kubectl is a pain to copy and paste
from the docs. Instead, added a script that will find the latest
version and add it to /usr/bin/kubectl.
Change-Id: I86011b3ab2f8f79684fb3ec6fb5b3b4c8f2dc4f7
Partially-implements: blueprint documentation-initialization
The kubernetes aio guide was out of date and not
working. Kubernetes removed hyperkube from support.
This method is similar to hypercube, but it installs
flannel and dnsmasq. It is also capable of scaling from
single to multiple nodes using the same repo.
Change-Id: Ife68cfc8e8bb535ccc2a4634522848421a955de6
Partially-implements: blueprint documentation-initialization
This patch switches glance over to use the k8s deployment type.
It also puts an haproxy in front of it so it can safely be drained
to perform rolling upgrades/node migrations and scale down. It
blocks access until the service is up via readiness probe. Lastly,
it removes an unneeded volume when ceph direct access is configured.
It also makes the glance services externally available.
We need to add more haproxy support in the cli as a follow up.
Partially-Implements: blueprint deployments
Partially-Implements: blueprint kolla-kubernetes-service-exposure
Partially-Implements: blueprint api-termination
Change-Id: Id95c2f0d891882a6cc91a8248156c998a204a294
This PS gets NOVA related pieces together in order to be able to
launch a VM. It builds upon the work done by wirehead.
Partially-Implements: blueprint nova-kubernetes
Change-Id: I528fc5d84e790bd739c8cb900a9ee14ba7bec9fb
Remove old constraint setup, these environments are completely unused.
way.
Note that the repo did not use constraints before - and does not use
them now since the repo is not part of global requirements process.
Change-Id: I676a6b7199a6c4db0b3420c38ff536acbd02b436
The last 2 patchsets removed the openvswitch services temporarily from the service list
This adds them back. It also adds them back in a new openvswitch service instead of
neutron as kolla-kubernetes can be used without it if the system has native openvswitch.
TrivialFix
Change-Id: Ib827e0ba13c73cc2fbff2583c84ba520d3d49645
The neutron openvswitch agent needs to know the ip address of the
tunnel interface to operate properly.
Also renames the daemonset to be more easily found and sharable
with the network node. openvswitch components will be merged
back in by another review.
Author: Kevin Fox <kevin@efox.cc>
Co-Authored-By: Serguei Bezverkhi <sbezverk@cisco.com>
Change-Id: I0691a2286a4b89720066c13b628b7221eb9422c5
Due to certain limitations and encountered instabilities while
deploying OVS components (ovsdb and vswitchd), this PS
introduces a different appraoch of starting these services.
TrivialFix
Change-Id: Id10f77a3951e81155470a0194e75fe3c1a7cd09f
This PS modified Keystone bootstrap to use secrets and adding
variables to kolla-kubernetes.yaml to make Keystone deployment
wihtout manual editing of the service configuration files.
TrivialFix
Change-Id: I933e8d764a3b19651d25837f095287b29a4d0b09
This PS adds a not for the process to follow, in order to generate
Kubernetes Secrets which requires for services' bootstrap processes.
Please note this script is only a TEMPORARY solution until final is
found.
TrivialFix
Change-Id: I0e6314e58de19167ac3761ee1d8b12bea72db44c
This PS adds steps to Neutron bootstrap process to:
create neutron-service-and-endpoint-admin
create neutron-service-and-endpoint-internal
create neutron-service-and-endpoint-public
create neutron-user-project-role
It also uses per service secrets so no password gets exposed
even on the rendering server.
Change-Id: Ic24aa471a56ad726c9322c674832def7ff550289
This PS adds steps to Glance bootstrap process to:
create glance-service-and-endpoint-admin
create glance-service-and-endpoint-internal
create glance-service-and-endpoint-public
create glance-user-project-role
It also uses per service secrets so no password gets exposed
even on the rendering server.
Change-Id: Ibfa747cdd86f1cd09a43e7d121704414a47efbcf
Partially-Fixes: #1605693
PartiallyImplements: blueprint glance-kubernetes
This PS adds mysqladmin shutdown command to gracefully shutdown Mariadb.
POD's lifecycle PreStop hook is used for this purpose. It also switches
to PetSet for mariadb pod.
Partially-implements: blueprint deployments
Partially-implements: blueprint api-termination
Change-Id: I582b35fe2cfd28ee23fbd9012d9420083291feb3
The jinja2 template is causing an error when creating a pvc.
Need to complete the if else statement.
Change-Id: I541e0470371a52402ee5d00a22076844a0b5e972
Closes-bug: #1612242
Prior code left room for ceph support, but did not implement it. This
patch finishes the job, but only for Mariadb.
Change-Id: I73af214dbee770ea496c9636a6b947567ff80b0c
Partially-implements: blueprint kolla-kubernetes-cli
Since PV and PVC templates are identical for all sercices, this PS makles them
a common template. Required size parameter will be passed from service_resources.yaml
After it is commited Mariadb and Glance will be repoted to use these scripts.
TrivialFix
Change-Id: I7fd58332ce0a9623b7a72f7310681ced93e68987
This PS "daemonizes" Openvswitch components: ovsdb-server,
ovs-vswitchd and neutron-openvswitch-agent. DaemonSet will start these
three components on all compute nodes automatically, it will also start
them automatically in case new compute nodes gets introduced into the
cluster (Kubernetes Auto Scaling Up feature).
Change-Id: Ibc06aa57ed84b8a73fc7a3a5dacb57dbdaceff5f
Partially-implements: blueprint neutron-kubernetes
* Broke out the discrete Nova containers into individual
replication controllers instead of having them running all
within the same pod. You want to be able to scale them
discretely down the road.
* Convert the discrete pods to replication controllers
* Split out the service (The Nova API ought to be exposed to
users, but the Metadata API shouldn't)
* Turned off Host networking.
Current config file:
api_interface_address: "0.0.0.0"
memcached_servers: "memcached"
rabbitmq_servers: "rabbitmq"
keystone_database_address: "mariadb"
neutron_database_address: "mariadb"
nova_database_address: "mariadb"
nova_api_database_address: "mariadb"
keystone_admin_url: "http://keystone-admin:35357/v3"
keystone_internal_url: "http://keystone-public:5000/v3"
keystone_public_url: "http://keystone-public:5000/v3"
glance_registry_host: "glance-registry"
neutron_host: "neutron"
glance_database_address: "mariadb"
enable_rabbitmq_cluster: "no"
storage_provider: "host"
Change-Id: I18e09843b5bebc0c71f7e98df59f7179831fe55d
Partially-implements: blueprint remove-net-host
Partially-implements: blueprint replication-controllers
Partially-implements: blueprint openstack-services
In order to run Glance in kubernetes multinode cluster, Glance must use
persistent volume so the glance images would be accessible from any
compute nodes. This PS adds persistent volume, persistent volume claim
and the script to instantiate glance disk.
Change-Id: Icbbcacf2e4c7186d5171c4df6159bd9733df5a2b
Partially-implementes: blueprint glance-kubernetes
This PS makes mariadb script reusable by other services. It also moves it to
./service/common folder.
TrivialFix
Change-Id: I717265ec3c5e407fd15d9db74ef6727000ac3e5e
- These changes necessary to enable template re-use. Enables the
specification of additional variables to be passed to each template
referenced in ./etc/kolla-kubernetes/service_resources.yml
- Template.vars are additional vars in the form of a dict passed to
the jinja templating engine. Templates may access this dict with
"kolla_kubernetes.template.vars.<subkey>". This enables arguments
to be passed to templates so that they may be re-used or configured.
These template.vars may not contain any other nested jinja
references, and are passed unmodified directly to the template.
- Used mariadb templates as an example for template.vars
- Changes to ./etc/kolla-kubernetes/service_resources.yml
resources:
disk:
- name: mariadb-disk <-- Name is new
template: services/mariadb/mariadb-disk.sh.j2 <-- New
vars: <-- Template variables are new
size_in_gb: 10 <-- Template var example
- CLI Syntax Change: Resource templates are specified by name (defined
in service_resources.yml) instead of path. This is necessary
because the same template may be referenced multiple times in
service_resources.yml (with different template args), and a name is
necessary to distinguish between the different
template/template_args combinations.
FROM: kolla-kubernetes resource-template \
<action> <resource_type> <service> <TEMPLATE-FILE>
TO: kolla-kubernetes resource-template \
<action> <service> <resource_type> <RESOURCE-NAME>
- CLI Syntax Change: Ordering changed to match resource-template
FROM: kolla-kubernetes resource <action> <resource_type> <service>
TO: kolla-kubernetes resource <action> <service> <resource_type>
Change-Id: Ie1e0c973206a239bc3759827149b4e8d67029752
Partially-implements: blueprint kolla-kubernetes-cli
This creates the service, endpoints, user project, and role
for Nova within Keystone.
Hat tip to Serguei Bezverkhi because I ended up having to figure
out why Nova's bootstrap was failing by comparing it against
346215. :)
Current config file:
api_interface_address: "0.0.0.0"
storage_provider: "host"
orchestration_engine: "KUBERNETES"
memcached_servers: "memcached"
rabbitmq_servers: "rabbitmq"
enable_rabbitmq_cluster: "no"
nova_database_address: "mariadb"
nova_api_database_address: "mariadb"
nova_admin_endpoint: "http://nova-api:{{ nova_api_port }}/v2/%(tenant_id)s"
nova_internal_endpoint: "http://nova-api:{{ nova_api_port }}/v2/%(tenant_id)s"
nova_public_endpoint: "http://nova-api:{{ nova_api_port }}/v2/%(tenant_id)s"
project_name: "nova"
openstack_nova_auth: "{'auth_url':'{{ keystone_admin_url }}','username':'{{ openstack_auth.username }}','password':'{{ openstack_auth.password }}','project_name':'{{ openstack_auth.project_name }}','domain_name':'default'}"
keystone_database_address: "mariadb"
keystone_admin_url: "http://keystone-admin:35357/v3"
keystone_internal_url: "http://keystone-public:5000/v3"
keystone_public_url: "http://keystone-public:5000/v3"
neutron_database_address: "mariadb"
neutron_host: "neutron"
glance_registry_host: "glance-registry"
glance_database_address: "mariadb"
Change-Id: I3529454a08cab6957da1e96cef1e0f28d7a9ce02
Partially-implements: blueprint remove-net-host
Partially-implements: blueprint replication-controllers
Partially-implements: blueprint nova-kubernetes
The existing bootstrap wasn't creating the databases in MariaDB
nor the users nor the permissions.
Some of the containers didn't need to be run as part of bootstrap.
Turned off hostnetworking.
Nova doesn't quite run properly, but it does bootstrap now.
Current config file:
api_interface_address: "0.0.0.0"
memcached_servers: "memcached"
rabbitmq_servers: "rabbitmq"
keystone_database_address: "mariadb"
neutron_database_address: "mariadb"
nova_database_address: "mariadb"
nova_api_database_address: "mariadb"
keystone_admin_url: "http://keystone-admin:35357/v3"
keystone_internal_url: "http://keystone-public:5000/v3"
keystone_public_url: "http://keystone-public:5000/v3"
glance_registry_host: "glance-registry"
neutron_host: "neutron"
glance_database_address: "mariadb"
enable_rabbitmq_cluster: "no"
storage_provider: "host"
Change-Id: I597e31988a21e0eacac4764a03672c15a3d7de4c
Partially-implements: blueprint remove-net-host
Partially-implements: blueprint replication-controllers
Partially-implements: blueprint openstack-services
Partially-implements: blueprint nova-kubernetes
Kevin Fox
Jenkins
Serguei Bezverkhi
Ryan Hallisey
Andreas Jaeger
David C Wang
Ken Wronkiewicz