This patch adds LBaaSv2 support to 'local.conf.sample' and
creates subnet for Kubernetes' services.
Change-Id: I480e6200230d0d3e29b27e3f800fbf5276e6d3ad
Partially-Implements: blueprint kuryr-k8s-integration
The 0.13.1 release breaks some documentation jobs when it tries to build docs
with remote images. This has been reported upstream[0]. The version matches
the supported docutils versions for sphinx.
The requirements patch is here: [1]
[0] https://sourceforge.net/p/docutils/bugs/301/
[1] https://review.openstack.org/#/c/409529/
Change-Id: Ie82b943299a89d99aa70f3cc7139ecbb19b4b593
In before, we checked docker installation by:
$ rpm -q docker-engine
However, this doesn't work for all cases in fedora 24.
* If docker was installed by "sudo dnf install docker-engine", the
package will be named as "docker". Therefore, it should be checked
by "rpm -q docker".
* If docker was installed by devstack (by using
https://get.docker.com/), the package will be named as
"docker-engine". Therefore, it should be checked by
"rpm -q docker-engine".
This commit added check for "docker" as well.
Change-Id: If2fc8a9d210bb663bfd9780c564053a901327a20
Closes-Bug: #1647459
This patch provides an experimental CNI driver. It's primary purpose
is to enable development of other components (e.g. functional tests,
service/LBaaSv2 support). It is expected to be replaced with daemon
to configure VIF and connect it to the pods and a small lightweight
client to serve as CNI driver called by Kubernetes.
NOTE: unit tests are not provided as part of this patch as it is yet
unclear what parts of it will be reused in daemon-based
implementation.
Change-Id: Iacc8439dd3aee910d542e48ed013d6d3f354786e
Partially-Implements: blueprint kuryr-k8s-integration
This patch installs 'nsenter' as part of 'hyperkube' installation and
introduces a workaround for a race between 'setup-files.sh' and
'kubernetes-api' service.
Change-Id: Ic7fc7adbc27671b716f5be18529053790b6bd049
With Kubernetes 1.4.0 the hyperkube scripts that setup the certificates
for API <-> nodes communication changed the place where they place the
certificates. This patch accomodates these differences.
Change-Id: I5f5755977be91325dac369d1f716893c2b071acf
Signed-off-by: Antoni Segura Puimedon <antonisp@celebdor.com>
Before this patch, devstack users had to use:
hyperkube kubectl
instead of what k8s users are used to:
kubectl
This patch addresses that with a simple unix shell script.
Change-Id: Ic9471443634680616a5d7675e866d3a10962b5f7
Signed-off-by: Antoni S. Puimedon <asegurap@redhat.com>
In the patch I9abc0878612b97795c68c8d773e7a29e891d1a6f, I introduced
the configuration of CNI settings. However, that was not supported on
1.3.x, so a bump was necessary. This highlights the need for devstack
fullstack tests.
Change-Id: Id4391b6a13f330cf346bd9dc3de2b23ea4f9833c
Signed-off-by: Antoni S. Puimedon <asegurap@redhat.com>
Current VIFHandler drivers require several options to be set in
kuryr.conf. This patch updates devstack plugin to configure those
options before running kuryr-kubernetes.
Change-Id: I223f17f98ffe10eb89a38995142c7b699ade2fba
Partially-Implements: blueprint kuryr-k8s-integration
This patch introduces VIFHandler that is used by Kuryr-Kubernetes
controller to manage VIF annotation and related Neutron resources
which are used by CNI driver to enable pod networking.
Change-Id: I1acfa052a530f06def4f7179945fac1687e1951a
Partially-Implements: blueprint kuryr-k8s-integration
This patch introduces a driver that manages normal Neutron ports to
provide VIFs for Kubernetes Pods.
Change-Id: Ice32e96e107f7b7331caca3b79c488532710b4a2
Partially-Implements: blueprint kuryr-k8s-integration
This patch introduces Port-to-VIF translation to 'os_vif_util' and
implements a translator that supports hybrid OpenVSwitch plugging
case.
Change-Id: I9f5c36fa32b51da8cccf377455b096270f23a782
Partially-Implements: blueprint kuryr-k8s-integration
This patch adds a new driver type used to determine Neutron security
groups that should be used for Kubernetes pods. This patch also
provides a default driver implementation that uses a list of security
groups set in configuration file.
Change-Id: Id76f70b8a99ffa8372dfd3d199371e7db46fb812
Partially-Implements: blueprint kuryr-k8s-integration
This patch adds a new driver type used to determine Neutron subnet
that should be used for Kubernetes pods' ports. This patch also
provides a default subnet driver implementation that uses a
subnet set in configuration file.
This patch also introduces the 'os_vif_util' module that contains
functions to translate data structures returned by Neutron client to
os-vif objects. Only the subnet-related functions are added in this
patch.
Change-Id: I643b22858239ce7f64e6ba81822b31e788fc9990
Partially-Implements: blueprint kuryr-k8s-integration
This patch adds stevedore-based driver support to the controller and
implements a driver to determine OpenStack project ID used to create
pod ports.
Change-Id: I0002ce1c1f7985955b7f66902dcf5386db212a1a
Partially-Implements: blueprint kuryr-k8s-integration
'tox -e cover' was broken as 'coverage' was looking for
'kuryr-kubernetes' package instead of 'kuryr_kubernetes'.
Change-Id: I3c52e5ce8b5e2fdad385a2edf16f9dc35f9286cd
With this patch, we'll be able to place our cni executables in:
/opt/stack/cni/bin
It also allows you to put configuration files for the kuryr cni driver
in:
/opt/stack/cni/conf
For now we are not setting any non standard conf. It is foreseeable
though that some configuration like which host device to base the
ipvlan/vlan/macvlan devices off on container-in-vm environments could go
here (Although it could also be in a kuryr.conf for the cni driver).
Change-Id: I9abc0878612b97795c68c8d773e7a29e891d1a6f
Signed-off-by: Antoni S. Puimedon <asegurap@redhat.com>
This patch introduces ControllerPipeline which is an entry point
handler for the Kuryr-Kubernetes controller. ControllerPipeline
allows registering ResourceEventHandlers and ensures the proper
handler is called for each event that is passed to the
ControllerPipeline. Also it ensures the following behavior:
- multiple ResourceEventHandlers can be registered for the same
resource type (OBJECT_KIND)
- failing handlers (i.e. ones that raise Exceptions) are retried
until either the handler succeeds or a finite amount of time
passes, in which case the most recent exception is logged
- in case there are multiple handlers registered for the same
resource type, all such handlers are considered independent (i.e.
if one handler fails, other handlers will still be called
regardless; and the order in which such handlers are called is not
determined)
- events for different Kubernetes objects can be handled concurrently
- events for the same Kubernetes object are handled sequentially in
the order of arrival
Change-Id: Ib17e0c7a2790cdbc31be4f59d50972b43c272480
Partially-Implements: blueprint kuryr-k8s-integration
This patch adds the Async handler that can be used as part of the
event handling pipeline to run handlers asynchronously.
Change-Id: I094b54dc59b4b533b67b2ed329d38d69348305af
Partially-Implements: blueprint kuryr-k8s-integration
This patch adds the Retry handler that can be used as part of the
event handling pipeline to retry failed handlers.
Change-Id: Ia86790de8efa6a3ef5b677a70ffbd2d8201f9d95
Partially-Implements: blueprint kuryr-k8s-integration
This patch provides basic event handling pipeline components.
The EventPipeline class provided by this patch will serve as a base
class for ControllerEventPipeline and CNIEventPipeline classes that
are to be implemented by future patches.
Change-Id: I8c68941cbe323f80cd67341fe05656efd57bcdc5
Partially-Implements: blueprint kuryr-k8s-integration
There are several issues with the current Kuryr-Kubernetes DevStack
plugin that prevent 'stack.sh' from completing successfully:
1. 'curl http://get.docker.com' fails with HTTP 301
2. Killing Docker using 'docker.pid' file fails if Docker is already
stopped
3. 'get_container' calls 'docker pull' with an empty image name which
causes 'docker pull' to fail
4. 'etcd', 'kubernetes-api' fail to start due to the use of
uninitialized variables (KURYR_ETCD_CLIENT_URL and
KURYR_ETCD_PEER_URL)
5. 'kubelet' fails to start under unprivileged user
Also the plugin currently disables the bash 'xtrace' option which
results in uninformative error messages in 'stack.sh' output in case of
failure.
Change-Id: I1230987de98a02045fa049cf6426242a04cd7a8a
Closes-Bug: #1634656
This patch removes Python 3.5-specific parts from Kuryr-Kubernetes.
The desicion was made [1] to make Kuryr-Kubernetes compatible with
Python 2.
[1] http://eavesdrop.openstack.org/\
meetings/kuryr/2016/kuryr.2016-10-03-14.00.html
Change-Id: Iff66ee2818088b02f259d56d50ce3e994814cc5d
Partially-Implements: blueprint kuryr-k8s-integration
This patch introduces an eventlet-based Kuryr-Kubernetes controller service
base (based on oslo.service) and command-line launcher.
Change-Id: Idfd5efd71d9dd7cb184905dd487eea4ba33b029e
Partially-Implements: blueprint kuryr-k8s-integration
Adds basic K8s client implementation and CONF-based singletons for
both Neutron and K8s clients.
The K8s client added by this patch should be considered a temporary
solution that only implements the necessary parts to let us move
forward with kuryr-kubernetes. Eventually it will be replaced by either
[1] or [2].
The problem with [1] is that it does not yet support the streaming API
that we need for WATCH. And [2] is outside of the OSt umbrella, so [1]
is preferred over [2] unless [2] makes it into global-requirements.txt.
[1] https://github.com/openstack/python-k8sclient
[2] https://pypi.python.org/pypi/pykube
NOTE: Removed py3-related code from config and top-level __init__.
How to properly deal with that code is TBD.
Change-Id: Ib4eb410eaf9725c296fcdddd8857eb24b8929915
Partially-Implements: blueprint kuryr-k8s-integration
The config generation was from back when we did not have keystone v3
support, which moved around how it all is generated. This patch puts
kuryr-kubernetes in line with the rest of Kuryr.
Change-Id: I877fa57308aa4c2128bb5d12e801e7e566aef108
Closes-bug: #1626014
Signed-off-by: Antoni Segura Puimedon <antonisp@celebdor.com>
At the moment, since the repo doesn't have CNI, and the event processing
pipeline is just a stub, it won't do practically anything, but it should
already be laying all the environment that we'll use to develop the
missing pieces and we can use it for the fullstack tests as well.
Partially implements: blueprint kuryr-k8s-integration
Change-Id: I7ca43ec7d0379d73273609078f5377ea6f55c363
Signed-off-by: Antoni Segura Puimedon <antonisp@celebdor.com>