[suse] Update k8s_opensuse_v1 driver

This change is collecting fixes and updates for k8s_opensuse_v1 drver * Fix indentation for bash scripts * Fix DOCKER_NETWORK_OPTIONS for configure-docker.sh * Add FLANNEL_BACKEND option * Update deprecated options for kubernetes services * Fix KUBE_NODE_IP option for kube-minions * Add kube_version and volume_driver options * Sync changes with opensuse Mitaka driver Change-Id: I33bf90331ff78ed538a55451f6de64c4a576cb2d Partial-Bug: #1622949 Partially-Implements: blueprint k8s-opensuse-support
2016-11-22 17:02:26 +01:00 · 2016-11-22 17:02:26 +01:00 · 07a68dcd95
commit 07a68dcd95
parent edd6934577
12 changed files with 113 additions and 92 deletions
--- a/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-docker.sh
+++ b/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-docker.sh
@ -7,6 +7,7 @@ systemctl stop docker
 ip link del docker0

 if [ "$NETWORK_DRIVER" == "flannel" ]; then
+
    FLANNEL_ENV=/run/flannel/subnet.env

    attempts=60
@ -23,9 +24,16 @@ if [ "$NETWORK_DRIVER" == "flannel" ]; then
        exit 1
    fi

+    if `grep -q DOCKER_NETWORK_OPTIONS /etc/sysconfig/docker`; then
+        sed -i '
+            /^DOCKER_NETWORK_OPTIONS=/ s|=.*|="--bip='"$FLANNEL_SUBNET"' --mtu='"$FLANNEL_MTU"'"|
+        ' /etc/sysconfig/docker
+    else
+        echo "DOCKER_NETWORK_OPTIONS=\"--bip=$FLANNEL_SUBNET --mtu=$FLANNEL_MTU\"" >> /etc/sysconfig/docker
+    fi
+
    sed -i '
        /^DOCKER_OPTS=/ s/=.*/="--storage-driver=btrfs"/
-      /^DOCKER_NETWORK_OPTIONS=/ s|=.*|="--bip='"$FLANNEL_SUBNET"' --mtu='"$FLANNEL_MTU"'"|
    ' /etc/sysconfig/docker
 fi

--- a/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-flanneld-master.sh
+++ b/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-flanneld-master.sh
@ -9,9 +9,6 @@ fi
 FLANNEL_ETCD="http://127.0.0.1:2379"
 FLANNEL_JSON=/etc/sysconfig/flannel-network.json
 FLANNELD_CONFIG=/etc/sysconfig/flanneld
-FLANNEL_NETWORK_CIDR="$FLANNEL_NETWORK_CIDR"
-FLANNEL_NETWORK_SUBNETLEN="$FLANNEL_NETWORK_SUBNETLEN"
-FLANNEL_USE_VXLAN="$FLANNEL_USE_VXLAN"

 sed -i '
    /^FLANNEL_ETCD=/ s/=.*/="http:\/\/127.0.0.1:2379"/
@ -27,28 +24,15 @@ EOF

 . /etc/sysconfig/flanneld

-if [ "$FLANNEL_USE_VXLAN" == "true" ]; then
-    use_vxlan=1
-fi
-
 # Generate a flannel configuration that we will
 # store into etcd using curl.
 cat > $FLANNEL_JSON <<EOF
 {
  "Network": "$FLANNEL_NETWORK_CIDR",
-  "Subnetlen": $FLANNEL_NETWORK_SUBNETLEN
-EOF
-
-if [ "$use_vxlan" = 1 ]; then
-cat >> $FLANNEL_JSON <<EOF
-  ,
+  "Subnetlen": $FLANNEL_NETWORK_SUBNETLEN,
  "Backend": {
-    "Type": "vxlan"
+    "Type": "$FLANNEL_BACKEND"
  }
-EOF
-fi
-
-cat >> $FLANNEL_JSON <<EOF
 }
 EOF

--- a/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-kubernetes-master.sh
+++ b/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-kubernetes-master.sh
@ -11,29 +11,33 @@ KUBE_API_ADDRESS="--insecure-bind-address=0.0.0.0 --insecure-port=$KUBE_API_PORT
 chown -R kube:kube /var/lib/kubernetes

 sed -i '
-  /^KUBE_ALLOW_PRIV=/ s/=.*/="--allow_privileged='"$KUBE_ALLOW_PRIV"'"/
+    /^KUBE_ALLOW_PRIV=/ s|=.*|="--allow-privileged='"$KUBE_ALLOW_PRIV"'"|
 ' /etc/kubernetes/config

 sed -i '
-  /^KUBE_API_ADDRESS=/ s/=.*/='"${KUBE_API_ADDRESS}"'/
+    /^KUBE_API_ADDRESS=/ s|=.*|="--advertise-address='"$KUBE_NODE_IP"' --insecure-bind-address=0.0.0.0"|
+    /^KUBE_API_PORT=/ s|=.*|="--insecure-port='"$KUBE_API_PORT"'"|
    /^KUBE_SERVICE_ADDRESSES=/ s|=.*|="--service-cluster-ip-range='"$PORTAL_NETWORK_CIDR"'"|
-  /^KUBE_API_ARGS=/ s/KUBE_API_ARGS.//
-  /^KUBE_ETCD_SERVERS=/ s/=.*/="--etcd_servers=http:\/\/127.0.0.1:2379"/
-  /^KUBE_ADMISSION_CONTROL=/ s/=.*/=""/
+    /^KUBE_API_ARGS=/ s/=.*/="--runtime-config=api\/all=true"/
+    /^KUBE_ETCD_SERVERS=/ s/=.*/="--etcd-servers=http:\/\/127.0.0.1:2379"/
+    /^KUBE_ADMISSION_CONTROL=/ s/=.*/="--admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,ResourceQuota"/
 ' /etc/kubernetes/apiserver

 cat >> /etc/kubernetes/apiserver <<EOF
-#Uncomment the following line to disable Load Balancer feature
-KUBE_API_ARGS="$KUBE_API_ARGS"
 #Uncomment the following line to enable Load Balancer feature
-#KUBE_API_ARGS="$KUBE_API_ARGS --cloud_config=/etc/sysconfig/kubernetes_openstack_config --cloud_provider=openstack"
+#KUBE_API_ARGS="--runtime-config=api/all=true --cloud-config=/etc/sysconfig/kubernetes_openstack_config --cloud-provider=openstack"
 EOF

 sed -i '
-  /^KUBELET_ADDRESSES=/ s/=.*/="--machines='""'"/
-  /^KUBE_CONTROLLER_MANAGER_ARGS=/ s/KUBE_CONTROLLER_MANAGER_ARGS.*/#Uncomment the following line to enable Kubernetes Load Balancer feature \n#KUBE_CONTROLLER_MANAGER_ARGS="--cloud_config=\/etc\/sysconfig\/kubernetes_openstack_config --cloud_provider=openstack"/
+    /^KUBE_CONTROLLER_MANAGER_ARGS=/ s|=.*|="--leader-elect=true --cluster-name=kubernetes --cluster-cidr='"$FLANNEL_NETWORK_CIDR"'"|
 ' /etc/kubernetes/controller-manager

+cat >> /etc/kubernetes/controller-manager <<EOF
+
+#Uncomment the following line to enable Kubernetes Load Balancer feature
+#KUBE_CONTROLLER_MANAGER_ARGS="--cloud-config=/etc/sysconfig/kubernetes_openstack_config --cloud-provider=openstack"
+EOF
+
 # Generate a the configuration for Kubernetes services to talk to OpenStack Neutron
 cat > /etc/sysconfig/kubernetes_openstack_config <<EOF
 [Global]
--- a/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-kubernetes-minion.sh
+++ b/contrib/drivers/k8s_opensuse_v1/templates/fragments/configure-kubernetes-minion.sh
@ -4,9 +4,7 @@

 echo "configuring kubernetes (minion)"

-myip=$(ip addr show eth0 |
-       awk '$1 == "inet" {print $2}' |
-       cut -f1 -d/)
+myip="$KUBE_NODE_IP"

 ETCD_SERVER_IP=${ETCD_SERVER_IP:-$KUBE_MASTER_IP}

@ -21,20 +19,20 @@ fi
 KUBE_MASTER_URI="$KUBE_PROTOCOL://$KUBE_MASTER_IP:$KUBE_API_PORT"

 sed -i '
-/^KUBE_ALLOW_PRIV=/ s/=.*/="--allow_privileged='"$KUBE_ALLOW_PRIV"'"/
-/^KUBE_ETCD_SERVERS=/ s|=.*|="--etcd_servers=http://'"$ETCD_SERVER_IP"':2379"|
-/^KUBE_MASTER=/ s|=.*|="--master='"$KUBE_MASTER_URI"'"|
+    /^KUBE_ALLOW_PRIV=/ s/=.*/="--allow-privileged='"$KUBE_ALLOW_PRIV"'"/
+    /^KUBE_ETCD_SERVERS=/ s|=.*|="--etcd-servers=http://'"$ETCD_SERVER_IP"':2379"|
+    /^KUBE_MASTER=/ s|=.*|="--master='"$KUBE_MASTER_URI"'"|
 ' /etc/kubernetes/config

 sed -i '
-/^KUBELET_ADDRESS=/ s/=.*/="--address=0.0.0.0"/
-/^KUBELET_HOSTNAME=/ s/=.*/="--hostname-override='"$myip"'"/
-/^KUBELET_API_SERVER=/ s|=.*|="--api_servers='"$KUBE_MASTER_URI"'"|
-/^KUBELET_ARGS=/ s|=.*|='"$KUBE_CONFIG"'|
+    /^KUBELET_ADDRESS=/ s/=.*/="--address=0.0.0.0"/
+    /^KUBELET_HOSTNAME=/ s/=.*/="--hostname-override='"$myip"'"/
+    /^KUBELET_API_SERVER=/ s|=.*|="--api-servers='"$KUBE_MASTER_URI"'"|
+    /^KUBELET_ARGS=/ s|=.*|="--node-ip='"$myip"' --container-runtime=docker --config=/etc/kubernetes/manifests '"$KUBE_CONFIG"'"|
 ' /etc/kubernetes/kubelet

 sed -i '
-/^KUBE_PROXY_ARGS=/ s|=.*|='"$KUBE_CONFIG"'|
+    /^KUBE_PROXY_ARGS=/ s/=.*/="--proxy-mode=iptables"/
 ' /etc/kubernetes/proxy

 cat >> /etc/environment <<EOF
--- a/contrib/drivers/k8s_opensuse_v1/templates/fragments/write-heat-params-master.yaml
+++ b/contrib/drivers/k8s_opensuse_v1/templates/fragments/write-heat-params-master.yaml
@ -5,7 +5,6 @@ write_files:
    owner: "root:root"
    permissions: "0644"
    content: |
-      KUBE_NODE_PUBLIC_IP="$KUBE_NODE_PUBLIC_IP"
      KUBE_NODE_IP="$KUBE_NODE_IP"
      KUBE_API_PORT="$KUBE_API_PORT"
      KUBE_ALLOW_PRIV="$KUBE_ALLOW_PRIV"
@ -21,5 +20,6 @@ write_files:
      TENANT_NAME="$TENANT_NAME"
      CLUSTER_SUBNET="$CLUSTER_SUBNET"
      TLS_DISABLED="$TLS_DISABLED"
+      KUBE_VERSION="$KUBE_VERSION"
      CLUSTER_UUID="$CLUSTER_UUID"
      MAGNUM_URL="$MAGNUM_URL"
--- a/contrib/drivers/k8s_opensuse_v1/templates/fragments/write-heat-params-minion.yaml
+++ b/contrib/drivers/k8s_opensuse_v1/templates/fragments/write-heat-params-minion.yaml
@ -24,9 +24,9 @@ write_files:
      REGISTRY_INSECURE="$REGISTRY_INSECURE"
      REGISTRY_CHUNKSIZE="$REGISTRY_CHUNKSIZE"
      TLS_DISABLED="$TLS_DISABLED"
+      KUBE_VERSION="$KUBE_VERSION"
      CLUSTER_UUID="$CLUSTER_UUID"
      MAGNUM_URL="$MAGNUM_URL"
      HTTP_PROXY="$HTTP_PROXY"
      HTTPS_PROXY="$HTTPS_PROXY"
      NO_PROXY="$NO_PROXY"
-      WAIT_CURL="$WAIT_CURL"
--- a/contrib/drivers/k8s_opensuse_v1/templates/kubecluster.yaml
+++ b/contrib/drivers/k8s_opensuse_v1/templates/kubecluster.yaml
@ -181,6 +181,16 @@ parameters:
      url for kubernetes to authenticate before sending request to neutron
      must be v2 since kubernetes backend only suppor v2 at this point

+  kube_version:
+    type: string
+    description: version of kubernetes used for kubernetes cluster
+    default: v1.3.7
+
+  volume_driver:
+    type: string
+    description: volume driver to use for container storage
+    default: ""
+
  username:
    type: string
    description: >
@ -484,6 +494,7 @@ resources:
          http_proxy: {get_param: http_proxy}
          https_proxy: {get_param: https_proxy}
          no_proxy: {get_param: no_proxy}
+          kube_version: {get_param: kube_version}
          fixed_network: {get_resource: fixed_network}
          fixed_subnet: {get_resource: fixed_subnet}
          api_pool_id: {get_resource: api_pool}
@ -496,6 +507,7 @@ resources:
          tls_disabled: {get_param: tls_disabled}
          secgroup_base_id: {get_resource: secgroup_base}
          secgroup_kube_master_id: {get_resource: secgroup_kube_master}
+          kube_master_id: 'kube-master%index%'

  ######################################################################
  #
@ -542,10 +554,11 @@ resources:
          http_proxy: {get_param: http_proxy}
          https_proxy: {get_param: https_proxy}
          no_proxy: {get_param: no_proxy}
+          kube_version: {get_param: kube_version}
          kubernetes_port: {get_param: kubernetes_port}
          tls_disabled: {get_param: tls_disabled}
          secgroup_kube_minion_id: {get_resource: secgroup_kube_minion}
-          kube_minion_id: 'kube_minion_%index%'
+          kube_minion_id: 'kube-minion%index%'

 outputs:

--- a/contrib/drivers/k8s_opensuse_v1/templates/kubemaster.yaml
+++ b/contrib/drivers/k8s_opensuse_v1/templates/kubemaster.yaml
@ -73,6 +73,10 @@ parameters:
      service.
    default: 6443

+  kube_version:
+    type: string
+    description: version of kubernetes used for kubernetes cluster
+
  cluster_uuid:
    type: string
    description: identifier for the cluster this template is generating
@ -156,6 +160,10 @@ parameters:
    description: >
      tenant name

+  kube_master_id:
+    type: string
+    description: ID of for kubernetes master.
+
 resources:

  master_wait_handle:
@ -198,6 +206,7 @@ resources:
            "$TENANT_NAME": {get_param: tenant_name}
            "$CLUSTER_SUBNET": {get_param: fixed_subnet}
            "$TLS_DISABLED": {get_param: tls_disabled}
+            "$KUBE_VERSION": {get_param: kube_version}
            "$CLUSTER_UUID": {get_param: cluster_uuid}
            "$MAGNUM_URL": {get_param: magnum_url}
            "$HTTP_PROXY": {get_param: http_proxy}
@ -266,7 +275,7 @@ resources:
  kube_master:
    type: OS::Nova::Server
    properties:
-      name: kube_master
+      name: {get_param: kube_master_id}
      image: {get_param: server_image}
      flavor: {get_param: master_flavor}
      key_name: {get_param: ssh_key_name}
--- a/contrib/drivers/k8s_opensuse_v1/templates/kubeminion.yaml
+++ b/contrib/drivers/k8s_opensuse_v1/templates/kubeminion.yaml
@ -3,7 +3,7 @@ heat_template_version: 2014-10-16
 description: >
  This is a nested stack that defines a single Kubernetes minion, This stack is
  included by an AutoScalingGroup resource in the parent template
-  (kubecluster-jeos.yaml).
+  (kubecluster.yaml).

 parameters:

@ -60,6 +60,10 @@ parameters:
    type: string
    description: endpoint to retrieve TLS certs from

+  kube_version:
+    type: string
+    description: version of kubernetes used for kubernetes cluster
+
  kube_master_ip:
    type: string
    description: IP address of the Kubernetes master server.
@ -188,32 +192,33 @@ resources:
      group: ungrouped
      config:
        str_replace:
-          template: {get_file: fragments/write-heat-params.yaml}
+          template: {get_file: fragments/write-heat-params-minion.yaml}
          params:
-            $KUBE_ALLOW_PRIV: {get_param: kube_allow_priv}
-            $KUBE_MASTER_IP: {get_param: kube_master_ip}
-            $KUBE_API_PORT: {get_param: kubernetes_port}
-            $ETCD_SERVER_IP: {get_param: etcd_server_ip}
-            $DOCKER_VOLUME: {get_resource: docker_volume}
-            $NETWORK_DRIVER: {get_param: network_driver}
-            $REGISTRY_ENABLED: {get_param: registry_enabled}
-            $REGISTRY_PORT: {get_param: registry_port}
-            $REGISTRY_AUTH_URL: {get_param: registry_auth_url}
-            $REGISTRY_REGION: {get_param: registry_region}
-            $REGISTRY_USERNAME: {get_param: registry_username}
-            $REGISTRY_PASSWORD: {get_param: registry_password}
-            $REGISTRY_DOMAIN: {get_param: registry_domain}
-            $REGISTRY_TRUST_ID: {get_param: registry_trust_id}
-            $REGISTRY_CONTAINER: {get_param: registry_container}
-            $REGISTRY_INSECURE: {get_param: registry_insecure}
-            $REGISTRY_CHUNKSIZE: {get_param: registry_chunksize}
-            $TLS_DISABLED: {get_param: tls_disabled}
-            $CLUSTER_UUID: {get_param: cluster_uuid}
-            $MAGNUM_URL: {get_param: magnum_url}
-            $HTTP_PROXY: {get_param: http_proxy}
-            $HTTPS_PROXY: {get_param: https_proxy}
-            $NO_PROXY: {get_param: no_proxy}
-            $NODE_FIXED_IP: {get_attr: [kube_minion_eth0, fixed_ips, 0, ip_address]}
+            "$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
+            "$KUBE_MASTER_IP": {get_param: kube_master_ip}
+            "$KUBE_NODE_IP": {get_attr: [kube_minion_eth0, fixed_ips, 0, ip_address]}
+            "$KUBE_API_PORT": {get_param: kubernetes_port}
+            "$ETCD_SERVER_IP": {get_param: etcd_server_ip}
+            "$DOCKER_VOLUME": {get_resource: docker_volume}
+            "$NETWORK_DRIVER": {get_param: network_driver}
+            "$REGISTRY_ENABLED": {get_param: registry_enabled}
+            "$REGISTRY_PORT": {get_param: registry_port}
+            "$REGISTRY_AUTH_URL": {get_param: registry_auth_url}
+            "$REGISTRY_REGION": {get_param: registry_region}
+            "$REGISTRY_USERNAME": {get_param: registry_username}
+            "$REGISTRY_PASSWORD": {get_param: registry_password}
+            "$REGISTRY_DOMAIN": {get_param: registry_domain}
+            "$REGISTRY_TRUST_ID": {get_param: registry_trust_id}
+            "$REGISTRY_CONTAINER": {get_param: registry_container}
+            "$REGISTRY_INSECURE": {get_param: registry_insecure}
+            "$REGISTRY_CHUNKSIZE": {get_param: registry_chunksize}
+            "$TLS_DISABLED": {get_param: tls_disabled}
+            "$KUBE_VERSION": {get_param: kube_version}
+            "$CLUSTER_UUID": {get_param: cluster_uuid}
+            "$MAGNUM_URL": {get_param: magnum_url}
+            "$HTTP_PROXY": {get_param: http_proxy}
+            "$HTTPS_PROXY": {get_param: https_proxy}
+            "$NO_PROXY": {get_param: no_proxy}

  configure_flanneld:
    type: OS::Heat::SoftwareConfig
--- a/contrib/drivers/k8s_opensuse_v1/version.py
+++ b/contrib/drivers/k8s_opensuse_v1/version.py
@ -14,4 +14,4 @@

 version = '1.0.0'
 driver = 'k8s_opensuse_v1'
-container_version = '1.12.1'
+container_version = '1.12.3'