5448f62869
When a new K8s resource (e.g. pod) is created, a series of events are
triggered. The current flow is as follows:
1. events A and B happen in a short succession; neither of them
contain Kuryr-related annotation
2. Kuryr handles event A, creates necessary Neutron resources and
adds an annotation, which triggers another event C
3. Kuryr then handles event B, but since the annotations added in
previous step are not yet available in event B, Kuryr is not
aware of already created Neutron resources
This patch introduces a workaround that allows to skip events that
happen in short 'bursts' so handlers will only receive the latest
event. A more robust solution will be added in a later patch.
Change-Id: I794b34a7b9518b8212ff14e61e2bde61f44546f9
Team and repository tags
kuryr-kubernetes
Kubernetes integration with OpenStack networking
Please fill here a long description which must be at least 3 lines wrapped on 80 cols, so that distribution package maintainers can use it in their packages. Note that this is a hard requirement.
- Free software: Apache license
- Documentation: http://docs.openstack.org/developer/kuryr-kubernetes
- Source: http://git.openstack.org/cgit/openstack/kuryr-kubernetes
- Bugs: http://bugs.launchpad.net/kuryr-kubernetes
Configuring Kuryr
Generate sample config, etc/kuryr.conf.sample, running the following:
$ ./tools/generate_config_file_samples.shRename and copy config file at required path:
$ cp etc/kuryr.conf.sample /etc/kuryr/kuryr.confEdit Neutron section in /etc/kuryr/kuryr.conf, replace ADMIN_PASSWORD:
[neutron]
auth_url = http://127.0.0.1:35357/v3/
username = admin
user_domain_name = Default
password = ADMIN_PASSWORD
project_name = service
project_domain_name = Default
auth_type = passwordIn the same file uncomment the bindir parameter with the path to the Kuryr vif binding executables. For example, if you installed it on Debian or Ubuntu:
[DEFAULT]
bindir = /usr/local/libexec/kuryrHow to try out nested-pods locally:
To install OpenStack services run devstack with
devstack/local.conf.pod-in-vm.undercloud.sample. Ensure that "trunk" service plugin is enabled in/etc/neutron/neutron.conf:[DEFAULT] service_plugins = neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.trunk.plugin.TrunkPluginLaunch a VM with Neutron trunk port.
- Inside VM, install and setup Kubernetes along with Kuryr using devstack:
-
- Since undercloud Neutron will be used by pods, neutron services should be disabled in localrc.
- git clone kuryr-kubernetes at
/opt/stack/. - In the
devstack/plugin.sh, comment out configure_neutron_defaults. This method is getting UUID of default Neutron resources project, pod_subnet etc. using local neutron client and setting those values in/etc/kuryr/kuryr.conf. This will not work at the moment because Neutron is running remotely. Thats why this is being commented out and manually these variables will be configured in/etc/kuryr/kuryr.conf - Run devstack with
devstack/local.conf.pod-in-vm.overcloud.sample.
- Once devstack is done and all services are up inside VM:
-
Configure
/etc/kuryr/kuryr.confto set UUID of Neutron resources from undercloud Neutron:[neutron_defaults] ovs_bridge = br-int pod_security_groups = <UNDERCLOUD_DEFAULT_SG_UUID> pod_subnet = <UNDERCLOUD_SUBNET_FOR_PODS_UUID> project = <UNDERCLOUD_DEFAULT_PROJECT_UUID> worker_nodes_subnet = <UNDERCLOUD_SUBNET_WORKER_NODES_UUID>Configure “pod_vif_driver” as “nested-vlan”:
[kubernetes] pod_vif_driver = nested-vlanRestart kuryr-k8s-controller from within devstack screen.
Now launch pods using kubectl, Undercloud Neutron will serve the networking.
Features
- TODO