openstack
/
magnum
Code Issues Proposed changes

Merge "Backport "Cleanup the templates""

This commit is contained in:
Jenkins 2015-06-15 23:51:50 +00:00 committed by Gerrit Code Review
parent c9e5994497 f114f1a252
commit 1f41d6c3f0
2 changed files with 93 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
magnum/templates/heat-kubernetes/kubecluster.yaml
View File

@ -3,13 +3,10 @@ heat_template_version: 2013-05-23
description: >
This template will boot a Kubernetes cluster with one or more
minions (as specified by the number_of_minions parameter, which
defaults to "2").
defaults to 2).
parameters:
#
# REQUIRED PARAMETERS
#
ssh_key_name:
type: string
description: name of ssh key to be provisioned on our server
@ -18,9 +15,6 @@ parameters:
type: string
description: uuid/name of a network to use for floating ip addresses
#
# OPTIONAL PARAMETERS
#
server_image:
type: string
default: centos-atomic
@ -49,18 +43,18 @@ parameters:
fixed_network_cidr:
type: string
description: network range for fixed ip network
default: "10.0.0.0/24"
default: 10.0.0.0/24
portal_network_cidr:
type: string
description: >
address range used by kubernetes for service portals
default: "10.254.0.0/16"
default: 10.254.0.0/16
flannel_network_cidr:
type: string
description: network range for flannel overlay network
default: "10.100.0.0/16"
default: 10.100.0.0/16
flannel_network_subnetlen:
type: string
@ -72,17 +66,17 @@ parameters:
description: >
if true use the vxlan backend, otherwise use the default
udp backend
default: "false"
default: false
constraints:
- allowed_values: ["true", "false"]
- allowed_values: [true, false]
kube_allow_priv:
type: string
description: >
whether or not kubernetes should permit privileged containers.
default: "true"
default: true
constraints:
- allowed_values: ["true", "false"]
- allowed_values: [true, false]
docker_volume_size:
type: string
@ -112,42 +106,30 @@ resources:
######################################################################
#
# network resources. allocate a network and router for our server.
# it would also be possible to take advantage of existing network
# resources (and have the deployer provide network and subnet ids,
# etc, as parameters), but I wanted to minmize the amount of
# configuration necessary to make this go.
#
fixed_network:
type: "OS::Neutron::Net"
type: OS::Neutron::Net
# This is the subnet on which we will deploy our server.
fixed_subnet:
type: "OS::Neutron::Subnet"
type: OS::Neutron::Subnet
properties:
cidr: {get_param: fixed_network_cidr}
network_id:
get_resource: fixed_network
network: {get_resource: fixed_network}
dns_nameservers:
- get_param: dns_nameserver
- {get_param: dns_nameserver}
# create a router attached to the external network provided as a
# parameter to this stack.
extrouter:
type: "OS::Neutron::Router"
type: OS::Neutron::Router
properties:
external_gateway_info:
network:
get_param: external_network
network: {get_param: external_network}
# attached fixed_subnet to our extrouter router.
extrouter_inside:
type: "OS::Neutron::RouterInterface"
type: OS::Neutron::RouterInterface
properties:
router_id:
get_resource: extrouter
subnet:
get_resource:
fixed_subnet
router_id: {get_resource: extrouter}
subnet: {get_resource: fixed_subnet}
######################################################################
#
@ -155,9 +137,8 @@ resources:
# sorts.
#
# permit ssh access
secgroup_base:
type: "OS::Neutron::SecurityGroup"
type: OS::Neutron::SecurityGroup
properties:
rules:
- protocol: icmp
@ -165,9 +146,8 @@ resources:
port_range_min: 22
port_range_max: 22
# open ports for kubernetes and etcd
secgroup_kubernetes:
type: "OS::Neutron::SecurityGroup"
type: OS::Neutron::SecurityGroup
properties:
rules:
- protocol: tcp
@ -190,7 +170,7 @@ resources:
#
write_heat_params:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
@ -204,43 +184,43 @@ resources:
"$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
configure_etcd:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/configure-etcd.yaml}
configure_kubernetes:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/configure-kubernetes-master.sh}
write_flannel_config:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/write-flannel-config.sh}
flannel_config_service:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/flannel-config.service.yaml}
enable_services:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/enable-services-master.sh}
kube_user:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/kube-user.yaml}
kube_examples:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/kube-examples.yaml}
@ -258,13 +238,13 @@ resources:
wc_notify: {get_attr: [master_wait_handle, curl_cli]}
disable_selinux:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/disable-selinux.sh}
kube_master_init:
type: "OS::Heat::MultipartMime"
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: disable_selinux}
@ -280,45 +260,45 @@ resources:
######################################################################
#
# databases server. this sets up a Kubernetes server
# kubernetes master server.
#
kube_master:
type: "OS::Nova::Server"
type: OS::Nova::Server
depends_on:
- extrouter_inside
properties:
image:
get_param: server_image
flavor:
get_param: master_flavor
key_name:
get_param: ssh_key_name
image: {get_param: server_image}
flavor: {get_param: master_flavor}
key_name: {get_param: ssh_key_name}
user_data_format: RAW
user_data: {get_resource: kube_master_init}
networks:
- port:
get_resource: kube_master_eth0
- port: {get_resource: kube_master_eth0}
kube_master_eth0:
type: "OS::Neutron::Port"
type: OS::Neutron::Port
properties:
network:
get_resource: fixed_network
network: {get_resource: fixed_network}
security_groups:
- get_resource: secgroup_base
- get_resource: secgroup_kubernetes
- {get_resource: secgroup_base}
- {get_resource: secgroup_kubernetes}
fixed_ips:
- subnet:
get_resource: fixed_subnet
- subnet: {get_resource: fixed_subnet}
replacement_policy: AUTO
kube_master_floating:
type: "OS::Neutron::FloatingIP"
type: OS::Neutron::FloatingIP
properties:
floating_network:
get_param: external_network
port_id:
get_resource: kube_master_eth0
floating_network: {get_param: external_network}
port_id: {get_resource: kube_master_eth0}
######################################################################
#
# kubernetes minions. This is an autoscaling group that will initially
# create <number_of_minions> minions, and will scale up to
# <max_number_of_minions> based on CPU utilization.
#
kube_minions:
type: "OS::Heat::ResourceGroup"

87
magnum/templates/heat-kubernetes/kubeminion.yaml
View File

@ -30,12 +30,12 @@ parameters:
type: string
description: >
whether or not kubernetes should permit privileged containers.
default: "false"
default: false
constraints:
- allowed_values: ["true", "false"]
- allowed_values: [true, false]
docker_volume_size:
type: string
type: number
description: >
size of a cinder volume to allocate to docker for container/image
storage
@ -68,14 +68,8 @@ resources:
handle: {get_resource: minion_wait_handle}
timeout: {get_param: wait_condition_timeout}
######################################################################
#
# security groups. we need to permit network traffic of various
# sorts.
#
secgroup_all_open:
type: "OS::Neutron::SecurityGroup"
type: OS::Neutron::SecurityGroup
properties:
rules:
- protocol: icmp
@ -89,25 +83,25 @@ resources:
#
write_heat_params:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: {get_file: fragments/write-heat-params.yaml}
params:
"$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
"$KUBE_MASTER_IP": {get_param: kube_master_ip}
"$DOCKER_VOLUME": {get_resource: docker_volume}
$KUBE_ALLOW_PRIV: {get_param: kube_allow_priv}
$KUBE_MASTER_IP: {get_param: kube_master_ip}
$DOCKER_VOLUME: {get_resource: docker_volume}
add_to_docker_group:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/add-to-docker-group.sh}
configure_docker_storage:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/configure-docker-storage.sh}
@ -119,31 +113,31 @@ resources:
config: {get_file: fragments/kube-register.yaml}
configure_kubernetes_minion:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/configure-kubernetes-minion.sh}
kube_user:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/kube-user.yaml}
kube_examples:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/kube-examples.yaml}
docker_service:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/docker.service.yaml}
enable_services:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/enable-services-minion.sh}
@ -161,13 +155,13 @@ resources:
wc_notify: {get_attr: [minion_wait_handle, curl_cli]}
disable_selinux:
type: "OS::Heat::SoftwareConfig"
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config: {get_file: fragments/disable-selinux.sh}
kube_minion_init:
type: "OS::Heat::MultipartMime"
type: OS::Heat::MultipartMime
properties:
parts:
- config: {get_resource: disable_selinux}
@ -182,48 +176,51 @@ resources:
- config: {get_resource: enable_services}
- config: {get_resource: minion_wc_notify}
######################################################################
#
# a single kubernetes minion.
#
kube_minion:
type: "OS::Nova::Server"
type: OS::Nova::Server
properties:
image:
get_param: server_image
flavor:
get_param: minion_flavor
key_name:
get_param: ssh_key_name
image: {get_param: server_image}
flavor: {get_param: minion_flavor}
key_name: {get_param: ssh_key_name}
user_data_format: RAW
user_data: {get_resource: kube_minion_init}
networks:
- port:
get_resource: kube_minion_eth0
- port: {get_resource: kube_minion_eth0}
kube_minion_eth0:
type: "OS::Neutron::Port"
type: OS::Neutron::Port
properties:
network:
get_param: fixed_network
network: {get_param: fixed_network}
security_groups:
- get_resource: secgroup_all_open
fixed_ips:
- subnet:
get_param: fixed_subnet
- subnet: {get_param: fixed_subnet}
replacement_policy: AUTO
kube_minion_floating:
type: "OS::Neutron::FloatingIP"
type: OS::Neutron::FloatingIP
properties:
floating_network:
get_param: external_network
port_id:
get_resource: kube_minion_eth0
floating_network: {get_param: external_network}
port_id: {get_resource: kube_minion_eth0}
######################################################################
#
# docker storage. This allocates a cinder volume and attaches it
# to the minion.
#
docker_volume:
type: "OS::Cinder::Volume"
type: OS::Cinder::Volume
properties:
size: {get_param: docker_volume_size}
docker_volume_attach:
type: "OS::Cinder::VolumeAttachment"
type: OS::Cinder::VolumeAttachment
properties:
instance_uuid: {get_resource: kube_minion}
volume_id: {get_resource: docker_volume}
@ -232,7 +229,5 @@ outputs:
kube_minion_ip:
value: {get_attr: [kube_minion_eth0, fixed_ips, 0, ip_address]}
kube_minion_external_ip:
value: {get_attr: [kube_minion_floating, floating_ip_address]}