Create master tmptls for k8s ironic/coreos bay
Create sub templates for master resources. This brings the ironic and CoreOS k8s templates in line with the general heat kubernetes templates. Change-Id: I731688d8c92ab31f10c0dddaba97a39abbbe080a Implements: blueprint generate-heat-templates
This commit is contained in:
Tom Cammann
parent
eeb9b21681
commit
29e938c60d
|
|
@ -1,9 +1,9 @@
|
|||
heat_template_version: 2013-05-23
|
||||
|
||||
description: >
|
||||
This template will boot a coreos cluster with one or more
|
||||
minions (as specified by the number_of_minions parameter, which
|
||||
defaults to 1).
|
||||
This template will boot a coreos cluster with one or more minions (as
|
||||
specified by the number_of_minions parameter, which defaults to 1) and one
|
||||
master node. Mutliple masters is work in progress.
|
||||
|
||||
parameters:
|
||||
|
||||
|
|
@ -100,30 +100,15 @@ parameters:
|
|||
List of minions to be removed when doing an update. Individual minion may
|
||||
be referenced several ways: (1) The resource name (e.g. ['1', '3']),
|
||||
(2) The private IP address ['10.0.0.4', '10.0.0.6']. Note: the list should
|
||||
be empty when doing an create.
|
||||
be empty when doing a create.
|
||||
default: []
|
||||
|
||||
resources:
|
||||
|
||||
master_wait_handle:
|
||||
type: AWS::CloudFormation::WaitConditionHandle
|
||||
|
||||
master_wait_condition:
|
||||
type: AWS::CloudFormation::WaitCondition
|
||||
depends_on:
|
||||
- kube_master
|
||||
properties:
|
||||
Handle:
|
||||
get_resource: master_wait_handle
|
||||
Timeout: 6000
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# network resources. allocate a network and router for our server.
|
||||
# it would also be possible to take advantage of existing network
|
||||
# resources (and have the deployer provide network and subnet ids,
|
||||
# etc, as parameters), but I wanted to minmize the amount of
|
||||
# configuration necessary to make this go.
|
||||
# network resources. allocate a network and router for our server.
|
||||
#
|
||||
|
||||
fixed_network:
|
||||
type: OS::Neutron::Net
|
||||
|
|
@ -150,168 +135,44 @@ resources:
|
|||
|
||||
######################################################################
|
||||
#
|
||||
# security groups. we need to permit network traffic of various
|
||||
# sorts.
|
||||
# kubernetes masters. This is a resource group that will create
|
||||
# 1 master.
|
||||
#
|
||||
|
||||
secgroup_base:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
kube_master:
|
||||
type: OS::Heat::ResourceGroup
|
||||
depends_on:
|
||||
- extrouter_inside
|
||||
properties:
|
||||
rules:
|
||||
- protocol: icmp
|
||||
- protocol: tcp
|
||||
port_range_min: 22
|
||||
port_range_max: 22
|
||||
|
||||
secgroup_kubernetes:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
rules:
|
||||
- protocol: tcp
|
||||
port_range_min: 7080
|
||||
port_range_max: 7080
|
||||
- protocol: tcp
|
||||
port_range_min: 8080
|
||||
port_range_max: 8080
|
||||
- protocol: tcp
|
||||
port_range_min: 2379
|
||||
port_range_max: 2379
|
||||
- protocol: tcp
|
||||
port_range_min: 2380
|
||||
port_range_max: 2380
|
||||
count: 1
|
||||
resource_def:
|
||||
type: kubemaster-coreos.yaml
|
||||
properties:
|
||||
ssh_key_name: {get_param: ssh_key_name}
|
||||
server_image: {get_param: server_image}
|
||||
master_flavor: {get_param: master_flavor}
|
||||
external_network: {get_param: external_network}
|
||||
kube_allow_priv: {get_param: kube_allow_priv}
|
||||
flannel_network_cidr: {get_param: flannel_network_cidr}
|
||||
flannel_network_subnetlen: {get_param: flannel_network_subnetlen}
|
||||
flannel_use_vxlan: {get_param: flannel_use_vxlan}
|
||||
portal_network_cidr: {get_param: portal_network_cidr}
|
||||
fixed_network: {get_resource: fixed_network}
|
||||
fixed_subnet: {get_resource: fixed_subnet}
|
||||
token: {get_param: token}
|
||||
ssh_authorized_key: {get_param: ssh_authorized_key}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# software configs. these are components that are combined into
|
||||
# a multipart MIME user-data archive.
|
||||
# kubernetes minions. This is a resource group that will initially
|
||||
# create <number_of_minions> minions, and needs to be manually scaled.
|
||||
#
|
||||
|
||||
write_heat_params:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: {get_file: fragments/write-heat-params-master.yaml}
|
||||
params:
|
||||
"$MINION_ADDRESSES": {"Fn::Join": [",", {get_attr: [kube_minions, kube_minion_ip]}]}
|
||||
"$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
|
||||
"$WAIT_HANDLE": {get_resource: master_wait_handle}
|
||||
"$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
|
||||
"$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
|
||||
"$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan}
|
||||
"$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
|
||||
|
||||
configure_kubernetes:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/configure-kubernetes-master.sh}
|
||||
|
||||
write_flannel_config:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/write-flannel-config.sh}
|
||||
|
||||
flannel_config_service:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/flannel-config.service.yaml}
|
||||
|
||||
enable_services:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/enable-services-master.sh}
|
||||
|
||||
kube_user:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/kube-user.yaml}
|
||||
|
||||
kube_examples:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/kube-examples.yaml}
|
||||
|
||||
cfn_signal:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/cfn-signal.sh}
|
||||
|
||||
disable_selinux:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/disable-selinux.sh}
|
||||
|
||||
coreos_params:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: {get_file: fragments/coreos.params.yaml}
|
||||
params:
|
||||
token: {get_param: token}
|
||||
ssh_authorized_key: {get_param: ssh_authorized_key}
|
||||
|
||||
kube_master_init:
|
||||
type: OS::Heat::MultipartMime
|
||||
properties:
|
||||
parts:
|
||||
- config: {get_resource: disable_selinux}
|
||||
- config: {get_resource: write_heat_params}
|
||||
- config: {get_resource: kube_user}
|
||||
- config: {get_resource: configure_kubernetes}
|
||||
- config: {get_resource: enable_services}
|
||||
- config: {get_resource: write_flannel_config}
|
||||
- config: {get_resource: flannel_config_service}
|
||||
- config: {get_resource: kube_examples}
|
||||
- config: {get_resource: cfn_signal}
|
||||
- config: {get_resource: coreos_params}
|
||||
|
||||
kube_master:
|
||||
type: OS::Nova::Server
|
||||
depends_on:
|
||||
- extrouter_inside
|
||||
properties:
|
||||
image: {get_param: server_image}
|
||||
flavor: {get_param: master_flavor}
|
||||
key_name: {get_param: ssh_key_name}
|
||||
user_data_format: RAW
|
||||
user_data: {get_resource: kube_master_init}
|
||||
networks:
|
||||
- port: {get_resource: kube_master_eth0}
|
||||
|
||||
kube_master_eth0:
|
||||
type: OS::Neutron::Port
|
||||
properties:
|
||||
network: {get_resource: fixed_network}
|
||||
security_groups:
|
||||
- {get_resource: secgroup_base}
|
||||
- {get_resource: secgroup_kubernetes}
|
||||
fixed_ips:
|
||||
- subnet: {get_resource: fixed_subnet}
|
||||
replacement_policy: AUTO
|
||||
|
||||
kube_master_floating:
|
||||
type: OS::Neutron::FloatingIP
|
||||
depends_on:
|
||||
- extrouter_inside
|
||||
properties:
|
||||
floating_network: {get_param: external_network}
|
||||
port_id: {get_resource: kube_master_eth0}
|
||||
|
||||
kube_minions:
|
||||
type: OS::Heat::ResourceGroup
|
||||
depends_on:
|
||||
- extrouter_inside
|
||||
- kube_master
|
||||
properties:
|
||||
count: {get_param: number_of_minions}
|
||||
removal_policies: [{resource_list: {get_param: minions_to_remove}}]
|
||||
|
|
@ -333,7 +194,7 @@ resources:
|
|||
outputs:
|
||||
|
||||
kube_master:
|
||||
value: {get_attr: [kube_master_floating, floating_ip_address]}
|
||||
value: {get_attr: [kube_master, kube_master_external_ip]}
|
||||
|
||||
kube_minions:
|
||||
value: {get_attr: [kube_minions, kube_minion_ip]}
|
||||
|
|
|
|||
|
|
@ -84,134 +84,55 @@ parameters:
|
|||
|
||||
resources:
|
||||
|
||||
master_wait_handle:
|
||||
type: OS::Heat::WaitConditionHandle
|
||||
|
||||
master_wait_condition:
|
||||
type: OS::Heat::WaitCondition
|
||||
depends_on: kube_master
|
||||
properties:
|
||||
handle: {get_resource: master_wait_handle}
|
||||
timeout: {get_param: wait_condition_timeout}
|
||||
|
||||
master_wc_notify:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: |
|
||||
#!/bin/bash -v
|
||||
wc_notify --data-binary '{"status": "SUCCESS"}'
|
||||
params:
|
||||
wc_notify: {get_attr: [master_wait_handle, curl_cli]}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# software configs
|
||||
# kubernetes masters. This is a resource group that will create
|
||||
# 1 master.
|
||||
#
|
||||
disable_selinux:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/disable-selinux.sh}
|
||||
|
||||
kube_master_init:
|
||||
type: OS::Heat::MultipartMime
|
||||
properties:
|
||||
parts:
|
||||
- config: {get_resource: disable_selinux}
|
||||
- config: {get_resource: write_heat_params}
|
||||
- config: {get_resource: enable_etcd}
|
||||
- config: {get_resource: configure_kubernetes}
|
||||
- config: {get_resource: enable_services}
|
||||
- config: {get_resource: configure_flannel}
|
||||
- config: {get_resource: master_wc_notify}
|
||||
|
||||
write_heat_params:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: {get_file: fragments/write-heat-params-master.yaml}
|
||||
params:
|
||||
"$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
|
||||
"$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
|
||||
"$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
|
||||
"$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan}
|
||||
"$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
|
||||
|
||||
configure_kubernetes:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/configure-kubernetes-master.sh}
|
||||
|
||||
enable_etcd:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/enable-etcd.sh}
|
||||
|
||||
configure_flannel:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/configure-flannel.sh}
|
||||
|
||||
enable_services:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/enable-services-master.sh}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# databases server. this sets up a Kubernetes server
|
||||
#
|
||||
kube_master_floating:
|
||||
type: OS::Neutron::FloatingIP
|
||||
properties:
|
||||
floating_network:
|
||||
get_param: external_network
|
||||
port_id:
|
||||
get_attr: [kube_master, addresses, {get_param: fixed_network}, 0, port]
|
||||
|
||||
kube_master:
|
||||
type: OS::Nova::Server
|
||||
type: OS::Heat::ResourceGroup
|
||||
depends_on:
|
||||
- extrouter_inside
|
||||
properties:
|
||||
image: {get_param: server_image}
|
||||
flavor: {get_param: server_flavor}
|
||||
key_name: {get_param: ssh_key_name}
|
||||
networks:
|
||||
- network: {get_param: fixed_network}
|
||||
user_data_format: RAW
|
||||
user_data: {get_resource: kube_master_init}
|
||||
count: 1
|
||||
resource_def:
|
||||
type: kubemaster.yaml
|
||||
properties:
|
||||
ssh_key_name: {get_param: ssh_key_name}
|
||||
server_image: {get_param: server_image}
|
||||
master_flavor: {get_param: master_flavor}
|
||||
external_network: {get_param: external_network}
|
||||
kube_allow_priv: {get_param: kube_allow_priv}
|
||||
wait_condition_timeout: {get_param: wait_condition_timeout}
|
||||
flannel_network_cidr: {get_param: flannel_network_cidr}
|
||||
flannel_network_subnetlen: {get_param: flannel_network_subnetlen}
|
||||
flannel_use_vxlan: {get_param: flannel_use_vxlan}
|
||||
portal_network_cidr: {get_param: portal_network_cidr}
|
||||
fixed_network: {get_resource: fixed_network}
|
||||
|
||||
kube_minions:
|
||||
type: OS::Heat::ResourceGroup
|
||||
depends_on:
|
||||
- kube_master
|
||||
- master_wait_condition
|
||||
properties:
|
||||
count: {get_param: number_of_minions}
|
||||
removal_policies: [{resource_list: {get_param: minions_to_remove}}]
|
||||
resource_def:
|
||||
type: kubenode-fedora-ironic.yaml
|
||||
type: kubeminion-fedora-ironic.yaml
|
||||
properties:
|
||||
ssh_key_name: {get_param: ssh_key_name}
|
||||
server_image: {get_param: server_image}
|
||||
server_flavor: {get_param: server_flavor}
|
||||
fixed_network: {get_param: fixed_network}
|
||||
kube_master_ip: {get_attr: [kube_master, networks, {get_param: fixed_network}, 0]}
|
||||
kube_master_ip: {get_attr: [kube_master, kube_master_external_ip]}
|
||||
external_network: {get_param: external_network}
|
||||
kube_allow_priv: {get_param: kube_allow_priv}
|
||||
|
||||
outputs:
|
||||
|
||||
kube_master:
|
||||
value: {get_attr: [kube_master_floating, floating_ip_address]}
|
||||
value: {get_attr: [kube_master, kube_master_external_ip]}
|
||||
|
||||
kube_minions:
|
||||
value: {get_attr: [kube_minions, kube_node_ip]}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,268 @@
|
|||
heat_template_version: 2013-05-23
|
||||
|
||||
description: >
|
||||
This is a nested stack that defines a Kubernetes master. This stack is
|
||||
included by an ResourceGroup resource in the parent template
|
||||
(kubecluster-coreos.yaml).
|
||||
|
||||
parameters:
|
||||
|
||||
server_image:
|
||||
type: string
|
||||
description: glance image used to boot the server
|
||||
|
||||
master_flavor:
|
||||
type: string
|
||||
default: m1.small
|
||||
description: flavor to use when booting the server
|
||||
|
||||
ssh_key_name:
|
||||
type: string
|
||||
description: name of ssh key to be provisioned on our server
|
||||
|
||||
external_network:
|
||||
type: string
|
||||
description: uuid/name of a network to use for floating ip addresses
|
||||
default: public
|
||||
|
||||
token:
|
||||
type: string
|
||||
description: token is generated from https://discovery.etcd.io/new
|
||||
|
||||
ssh_authorized_key:
|
||||
type: string
|
||||
description: complete ssh key.
|
||||
|
||||
dns_nameserver:
|
||||
type: string
|
||||
description: address of a dns nameserver reachable in your environment
|
||||
default: 8.8.8.8
|
||||
|
||||
portal_network_cidr:
|
||||
type: string
|
||||
description: >
|
||||
address range used by kubernetes for service portals
|
||||
default: 10.254.0.0/16
|
||||
|
||||
kube_allow_priv:
|
||||
type: string
|
||||
description: >
|
||||
whether or not kubernetes should permit privileged containers.
|
||||
default: "true"
|
||||
constraints:
|
||||
- allowed_values: ["true", "false"]
|
||||
|
||||
flannel_network_cidr:
|
||||
type: string
|
||||
description: network range for flannel overlay network
|
||||
default: 10.100.0.0/16
|
||||
|
||||
flannel_network_subnetlen:
|
||||
type: string
|
||||
description: size of subnet assigned to each master
|
||||
default: 24
|
||||
|
||||
flannel_use_vxlan:
|
||||
type: string
|
||||
description: >
|
||||
if true use the vxlan backend, otherwise use the default
|
||||
udp backend
|
||||
default: "false"
|
||||
constraints:
|
||||
- allowed_values: ["true", "false"]
|
||||
|
||||
fixed_network:
|
||||
type: string
|
||||
description: Network from which to allocate fixed addresses.
|
||||
|
||||
fixed_subnet:
|
||||
type: string
|
||||
description: Subnet from which to allocate fixed addresses.
|
||||
|
||||
wait_condition_timeout:
|
||||
type: number
|
||||
default: 6000
|
||||
description : >
|
||||
timeout for the Wait Conditions
|
||||
|
||||
resources:
|
||||
|
||||
master_wait_handle:
|
||||
type: AWS::CloudFormation::WaitConditionHandle
|
||||
|
||||
master_wait_condition:
|
||||
type: AWS::CloudFormation::WaitCondition
|
||||
depends_on:
|
||||
- kube_master
|
||||
properties:
|
||||
Handle:
|
||||
get_resource: master_wait_handle
|
||||
Timeout: {get_param: wait_condition_timeout}
|
||||
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# security groups. we need to permit network traffic of various
|
||||
# sorts.
|
||||
#
|
||||
|
||||
secgroup_base:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
rules:
|
||||
- protocol: icmp
|
||||
- protocol: tcp
|
||||
port_range_min: 22
|
||||
port_range_max: 22
|
||||
|
||||
secgroup_kubernetes:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
rules:
|
||||
- protocol: tcp
|
||||
port_range_min: 7080
|
||||
port_range_max: 7080
|
||||
- protocol: tcp
|
||||
port_range_min: 8080
|
||||
port_range_max: 8080
|
||||
- protocol: tcp
|
||||
port_range_min: 2379
|
||||
port_range_max: 2379
|
||||
- protocol: tcp
|
||||
port_range_min: 2380
|
||||
port_range_max: 2380
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# software configs. these are components that are combined into
|
||||
# a multipart MIME user-data archive.
|
||||
#
|
||||
|
||||
write_heat_params:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: {get_file: fragments/write-heat-params-master.yaml}
|
||||
params:
|
||||
"$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
|
||||
"$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
|
||||
"$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
|
||||
"$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan}
|
||||
"$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
|
||||
|
||||
configure_kubernetes:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/configure-kubernetes-master.sh}
|
||||
|
||||
write_flannel_config:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/write-flannel-config.sh}
|
||||
|
||||
flannel_config_service:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/flannel-config.service.yaml}
|
||||
|
||||
enable_services:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/enable-services-master.sh}
|
||||
|
||||
kube_user:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/kube-user.yaml}
|
||||
|
||||
kube_examples:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/kube-examples.yaml}
|
||||
|
||||
cfn_signal:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/cfn-signal.sh}
|
||||
|
||||
disable_selinux:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/disable-selinux.sh}
|
||||
|
||||
coreos_params:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: {get_file: fragments/coreos.params.yaml}
|
||||
params:
|
||||
token: {get_param: token}
|
||||
ssh_authorized_key: {get_param: ssh_authorized_key}
|
||||
|
||||
kube_master_init:
|
||||
type: OS::Heat::MultipartMime
|
||||
properties:
|
||||
parts:
|
||||
- config: {get_resource: disable_selinux}
|
||||
- config: {get_resource: write_heat_params}
|
||||
- config: {get_resource: kube_user}
|
||||
- config: {get_resource: configure_kubernetes}
|
||||
- config: {get_resource: enable_services}
|
||||
- config: {get_resource: write_flannel_config}
|
||||
- config: {get_resource: flannel_config_service}
|
||||
- config: {get_resource: kube_examples}
|
||||
- config: {get_resource: cfn_signal}
|
||||
- config: {get_resource: coreos_params}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# a single kubernetes master.
|
||||
#
|
||||
|
||||
kube_master:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: {get_param: server_image}
|
||||
flavor: {get_param: master_flavor}
|
||||
key_name: {get_param: ssh_key_name}
|
||||
user_data_format: RAW
|
||||
user_data: {get_resource: kube_master_init}
|
||||
networks:
|
||||
- port: {get_resource: kube_master_eth0}
|
||||
|
||||
kube_master_eth0:
|
||||
type: OS::Neutron::Port
|
||||
properties:
|
||||
network: {get_param: fixed_network}
|
||||
security_groups:
|
||||
- {get_resource: secgroup_base}
|
||||
- {get_resource: secgroup_kubernetes}
|
||||
fixed_ips:
|
||||
- subnet: {get_param: fixed_subnet}
|
||||
replacement_policy: AUTO
|
||||
|
||||
kube_master_floating:
|
||||
type: OS::Neutron::FloatingIP
|
||||
properties:
|
||||
floating_network: {get_param: external_network}
|
||||
port_id: {get_resource: kube_master_eth0}
|
||||
|
||||
outputs:
|
||||
|
||||
kube_master_ip:
|
||||
value: {get_attr: [kube_master_eth0, fixed_ips, 0, ip_address]}
|
||||
|
||||
kube_master_external_ip:
|
||||
value: {get_attr: [kube_master_floating, floating_ip_address]}
|
||||
|
|
@ -0,0 +1,177 @@
|
|||
heat_template_version: 2013-05-23
|
||||
|
||||
description: >
|
||||
This template will create a group of kubernetes masters with the
|
||||
number of masters specified by the number_of_masters parameter, which
|
||||
defaults to 1.
|
||||
|
||||
parameters:
|
||||
|
||||
ssh_key_name:
|
||||
type: string
|
||||
description: name of ssh key to be provisioned on our server
|
||||
|
||||
external_network:
|
||||
type: string
|
||||
description: uuid/name of a network to use for floating ip addresses
|
||||
|
||||
fixed_network:
|
||||
type: string
|
||||
description: name of private network into which servers get deployed
|
||||
|
||||
server_image:
|
||||
type: string
|
||||
default: fedora-k8s
|
||||
description: glance image used to boot the server
|
||||
|
||||
master_flavor:
|
||||
type: string
|
||||
default: baremetal
|
||||
description: flavor to use when booting the server
|
||||
|
||||
portal_network_cidr:
|
||||
type: string
|
||||
description: >
|
||||
address range used by kubernetes for service portals
|
||||
default: 10.254.0.0/16
|
||||
|
||||
flannel_network_cidr:
|
||||
type: string
|
||||
description: network range for flannel overlay network
|
||||
default: 10.100.0.0/16
|
||||
|
||||
flannel_network_subnetlen:
|
||||
type: string
|
||||
description: size of subnet assigned to each minion
|
||||
default: 24
|
||||
|
||||
flannel_use_vxlan:
|
||||
type: string
|
||||
description: >
|
||||
if true use the vxlan backend, otherwise use the default
|
||||
udp backend
|
||||
default: "false"
|
||||
constraints:
|
||||
- allowed_values: ["true", "false"]
|
||||
|
||||
kube_allow_priv:
|
||||
type: string
|
||||
description: >
|
||||
whether or not kubernetes should permit privileged containers.
|
||||
default: "true"
|
||||
constraints:
|
||||
- allowed_values: ["true", "false"]
|
||||
|
||||
wait_condition_timeout:
|
||||
type: number
|
||||
description : >
|
||||
timeout for the Wait Conditions
|
||||
default: 6000
|
||||
|
||||
resources:
|
||||
|
||||
master_wait_handle:
|
||||
type: OS::Heat::WaitConditionHandle
|
||||
|
||||
master_wait_condition:
|
||||
type: OS::Heat::WaitCondition
|
||||
depends_on: kube_master
|
||||
properties:
|
||||
handle: {get_resource: master_wait_handle}
|
||||
timeout: {get_param: wait_condition_timeout}
|
||||
|
||||
######################################################################
|
||||
#
|
||||
# software configs
|
||||
#
|
||||
disable_selinux:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/disable-selinux.sh}
|
||||
|
||||
kube_master_init:
|
||||
type: OS::Heat::MultipartMime
|
||||
properties:
|
||||
parts:
|
||||
- config: {get_resource: disable_selinux}
|
||||
- config: {get_resource: write_heat_params}
|
||||
- config: {get_resource: enable_etcd}
|
||||
- config: {get_resource: configure_kubernetes}
|
||||
- config: {get_resource: enable_services}
|
||||
- config: {get_resource: configure_flannel}
|
||||
- config: {get_resource: master_wc_notify}
|
||||
|
||||
master_wc_notify:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: |
|
||||
#!/bin/bash -v
|
||||
wc_notify --data-binary '{"status": "SUCCESS"}'
|
||||
params:
|
||||
wc_notify: {get_attr: [master_wait_handle, curl_cli]}
|
||||
|
||||
write_heat_params:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config:
|
||||
str_replace:
|
||||
template: {get_file: fragments/write-heat-params-master.yaml}
|
||||
params:
|
||||
"$KUBE_ALLOW_PRIV": {get_param: kube_allow_priv}
|
||||
"$FLANNEL_NETWORK_CIDR": {get_param: flannel_network_cidr}
|
||||
"$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
|
||||
"$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan}
|
||||
"$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
|
||||
|
||||
configure_kubernetes:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/configure-kubernetes-master.sh}
|
||||
|
||||
enable_etcd:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/enable-etcd.sh}
|
||||
|
||||
configure_flannel:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/configure-flannel.sh}
|
||||
|
||||
enable_services:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/enable-services-master.sh}
|
||||
|
||||
kube_master_floating:
|
||||
type: OS::Neutron::FloatingIP
|
||||
properties:
|
||||
floating_network:
|
||||
get_param: external_network
|
||||
port_id:
|
||||
get_attr: [kube_master, addresses, {get_param: fixed_network}, 0, port]
|
||||
|
||||
kube_master:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: {get_param: server_image}
|
||||
flavor: {get_param: master_flavor}
|
||||
key_name: {get_param: ssh_key_name}
|
||||
networks:
|
||||
- network: {get_param: fixed_network}
|
||||
user_data_format: RAW
|
||||
user_data: {get_resource: kube_master_init}
|
||||
|
||||
outputs:
|
||||
|
||||
kube_master_external_ip:
|
||||
value: {get_attr: [kube_master_floating, floating_ip_address]}
|
||||
Loading…
Reference in New Issue