diff --git a/doc/source/user/index.rst b/doc/source/user/index.rst
index f7dad12c53..995f02078d 100644
--- a/doc/source/user/index.rst
+++ b/doc/source/user/index.rst
@@ -345,6 +345,9 @@ the table are linked to more details elsewhere in the user guide.
| `kube_dashboard_enabled`_ | - true | true |
| | - false | |
+---------------------------------------+--------------------+---------------+
+| `influx_grafana_dashboard_enabled`_ | - true | false |
+| | - false | |
++---------------------------------------+--------------------+---------------+
| `docker_volume_type`_ | see below | see below |
+---------------------------------------+--------------------+---------------+
| `etcd_volume_size`_ | etcd storage | 0 |
@@ -1184,6 +1187,11 @@ _`kubescheduler_options`
`_.
By default no additional options are passed.
+_`influx_grafana_dashboard_enabled`
+ The kubernetes dashboard comes with heapster enabled. If this
+ label is set, an influxdb and grafana instance will be deployed,
+ heapster will push data to influx and grafana will project them.
+
External load balancer for services
-----------------------------------
diff --git a/magnum/drivers/common/image/heat-container-agent/Dockerfile b/magnum/drivers/common/image/heat-container-agent/Dockerfile
index eea7e42676..6b80f3e517 100644
--- a/magnum/drivers/common/image/heat-container-agent/Dockerfile
+++ b/magnum/drivers/common/image/heat-container-agent/Dockerfile
@@ -15,7 +15,7 @@ RUN dnf -y --setopt=tsflags=nodocs install \
findutils os-collect-config os-apply-config \
os-refresh-config dib-utils python-pip python-docker-py \
python-yaml python-zaqarclient python2-oslo-log \
- python-psutil && dnf clean all
+ python-psutil kubernetes-client && dnf clean all
# pip installing dpath as python-dpath is an older version of dpath
# install docker-compose
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh b/magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh
index 957efdcc91..6760adb537 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh
+++ b/magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh
@@ -1,8 +1,4 @@
-#!/bin/sh
-
-# this service is required because docker will start only after cloud init was finished
-# due to the service dependencies in Fedora Atomic (docker <- docker-storage-setup <- cloud-final)
-
+#!/bin/bash -x
. /etc/sysconfig/heat-params
@@ -11,18 +7,115 @@ if [ "$(echo $KUBE_DASHBOARD_ENABLED | tr '[:upper:]' '[:lower:]')" == "false" ]
fi
KUBE_DASH_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}kubernetes-dashboard-amd64:${KUBE_DASHBOARD_VERSION}"
+HEAPSTER_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}heapster-amd64:v1.4.2"
-KUBE_DASH_DEPLOY=/srv/kubernetes/manifests/kube-dash-deploy.yaml
+KUBE_DASH_DEPLOY=/srv/magnum/kubernetes/kubernetes-dashboard.yaml
[ -f ${KUBE_DASH_DEPLOY} ] || {
echo "Writing File: $KUBE_DASH_DEPLOY"
mkdir -p $(dirname ${KUBE_DASH_DEPLOY})
cat << EOF > ${KUBE_DASH_DEPLOY}
-kind: Deployment
-apiVersion: extensions/v1beta1
+# Copyright 2017 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Configuration to deploy release version of the Dashboard UI compatible with
+# Kubernetes 1.8.
+#
+# Example usage: kubectl create -f
+
+# ------------------- Dashboard Secret ------------------- #
+
+apiVersion: v1
+kind: Secret
metadata:
labels:
- app: kubernetes-dashboard
+ k8s-app: kubernetes-dashboard
+ name: kubernetes-dashboard-certs
+ namespace: kube-system
+type: Opaque
+
+---
+# ------------------- Dashboard Service Account ------------------- #
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ k8s-app: kubernetes-dashboard
+ name: kubernetes-dashboard
+ namespace: kube-system
+
+---
+# ------------------- Dashboard Role & Role Binding ------------------- #
+
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: kubernetes-dashboard-minimal
+ namespace: kube-system
+rules:
+ # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
+- apiGroups: [""]
+ resources: ["secrets"]
+ verbs: ["create"]
+ # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
+- apiGroups: [""]
+ resources: ["configmaps"]
+ verbs: ["create"]
+ # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
+- apiGroups: [""]
+ resources: ["secrets"]
+ resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
+ verbs: ["get", "update", "delete"]
+ # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
+- apiGroups: [""]
+ resources: ["configmaps"]
+ resourceNames: ["kubernetes-dashboard-settings"]
+ verbs: ["get", "update"]
+ # Allow Dashboard to get metrics from heapster.
+- apiGroups: [""]
+ resources: ["services"]
+ resourceNames: ["heapster"]
+ verbs: ["proxy"]
+- apiGroups: [""]
+ resources: ["services/proxy"]
+ resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
+ verbs: ["get"]
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: kubernetes-dashboard-minimal
+ namespace: kube-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: kubernetes-dashboard-minimal
+subjects:
+- kind: ServiceAccount
+ name: kubernetes-dashboard
+ namespace: kube-system
+
+---
+# ------------------- Dashboard Deployment ------------------- #
+
+kind: Deployment
+apiVersion: apps/v1beta2
+metadata:
+ labels:
+ k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
@@ -30,114 +123,319 @@ spec:
revisionHistoryLimit: 10
selector:
matchLabels:
- app: kubernetes-dashboard
+ k8s-app: kubernetes-dashboard
template:
metadata:
labels:
- app: kubernetes-dashboard
- # Comment the following annotation if Dashboard must not be deployed on master
- annotations:
- scheduler.alpha.kubernetes.io/tolerations: |
- [
- {
- "key": "dedicated",
- "operator": "Equal",
- "value": "master",
- "effect": "NoSchedule"
- }
- ]
+ k8s-app: kubernetes-dashboard
spec:
containers:
- name: kubernetes-dashboard
+ env:
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
image: ${KUBE_DASH_IMAGE}
- imagePullPolicy: Always
ports:
- - containerPort: 9090
+ - containerPort: 8443
protocol: TCP
args:
+ - --auto-generate-certificates
+ - --heapster-host=heapster:80
+ # Uncomment the following line to manually specify Kubernetes API server Host
+ # If not specified, Dashboard will attempt to auto discover the API server and connect
+ # to it. Uncomment only if the default does not work.
+ # - --apiserver-host=http://my-address:port
+ volumeMounts:
+ - name: kubernetes-dashboard-certs
+ mountPath: /certs
+ # Create on-disk volume to store exec logs
+ - mountPath: /tmp
+ name: tmp-volume
livenessProbe:
httpGet:
+ scheme: HTTPS
path: /
- port: 9090
+ port: 8443
initialDelaySeconds: 30
timeoutSeconds: 30
-EOF
-}
+ volumes:
+ - name: kubernetes-dashboard-certs
+ secret:
+ secretName: kubernetes-dashboard-certs
+ - name: tmp-volume
+ emptyDir: {}
+ serviceAccountName: kubernetes-dashboard
+ # Comment the following tolerations if Dashboard must not be deployed on master
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ effect: NoSchedule
+
+---
+# ------------------- Dashboard Service ------------------- #
-KUBE_DASH_SVC=/srv/kubernetes/manifests/kube-dash-svc.yaml
-[ -f ${KUBE_DASH_SVC} ] || {
- echo "Writing File: $KUBE_DASH_SVC"
- mkdir -p $(dirname ${KUBE_DASH_SVC})
- cat << EOF > ${KUBE_DASH_SVC}
kind: Service
apiVersion: v1
metadata:
labels:
- app: kubernetes-dashboard
+ k8s-app: kubernetes-dashboard
name: kubernetes-dashboard
namespace: kube-system
spec:
- type: NodePort
ports:
- - port: 80
- targetPort: 9090
+ - port: 443
+ targetPort: 8443
selector:
- app: kubernetes-dashboard
+ k8s-app: kubernetes-dashboard
+---
+# Grant admin privileges to the dashboard serviceacount
+
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: kubernetes-dashboard
+ labels:
+ k8s-app: kubernetes-dashboard
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: cluster-admin
+subjects:
+- kind: ServiceAccount
+ name: kubernetes-dashboard
+ namespace: kube-system
EOF
}
-KUBE_DASH_BIN=/usr/local/bin/kube-dash
-[ -f ${KUBE_DASH_BIN} ] || {
- echo "Writing File: $KUBE_DASH_BIN"
- mkdir -p $(dirname ${KUBE_DASH_BIN})
- cat << EOF > ${KUBE_DASH_BIN}
-#!/bin/sh
-until curl -sf "http://127.0.0.1:8080/healthz"
-do
+INFLUX_SINK=""
+# Deploy INFLUX AND GRAFANA
+if [ "$(echo $INFLUX_GRAFANA_DASHBOARD_ENABLED | tr '[:upper:]' '[:lower:]')" == "true" ]; then
+ INFLUX_SINK=" - --sink=influxdb:http://monitoring-influxdb.kube-system.svc:8086"
+ INFLUX_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}heapster-influxdb-amd64:v1.3.3"
+ GRAFANA_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}heapster-grafana-amd64:v4.4.3"
+
+ INFLUX_DEPLOY=/srv/magnum/kubernetes/influxdb.yaml
+ GRAFANA_DEPLOY=/srv/magnum/kubernetes/grafana.yaml
+
+ [ -f ${INFLUX_DEPLOY} ] || {
+ echo "Writing File: $INFLUX_DEPLOY"
+ mkdir -p $(dirname ${INFLUX_DEPLOY})
+ cat << EOF > ${INFLUX_DEPLOY}
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: monitoring-influxdb
+ namespace: kube-system
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ task: monitoring
+ k8s-app: influxdb
+ spec:
+ containers:
+ - name: influxdb
+ image: ${INFLUX_IMAGE}
+ volumeMounts:
+ - mountPath: /data
+ name: influxdb-storage
+ volumes:
+ - name: influxdb-storage
+ emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ task: monitoring
+ # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
+ # If you are NOT using this as an addon, you should comment out this line.
+ # kubernetes.io/cluster-service: 'true'
+ kubernetes.io/name: monitoring-influxdb
+ name: monitoring-influxdb
+ namespace: kube-system
+spec:
+ ports:
+ - port: 8086
+ targetPort: 8086
+ selector:
+ k8s-app: influxdb
+EOF
+ }
+
+ [ -f ${GRAFANA_DEPLOY} ] || {
+ echo "Writing File: $GRAFANA_DEPLOY"
+ mkdir -p $(dirname ${GRAFANA_DEPLOY})
+ cat << EOF > ${GRAFANA_DEPLOY}
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: monitoring-grafana
+ namespace: kube-system
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ task: monitoring
+ k8s-app: grafana
+ spec:
+ containers:
+ - name: grafana
+ image: ${GRAFANA_IMAGE}
+ ports:
+ - containerPort: 3000
+ protocol: TCP
+ volumeMounts:
+ - mountPath: /etc/ssl/certs
+ name: ca-certificates
+ readOnly: true
+ - mountPath: /var
+ name: grafana-storage
+ env:
+ - name: INFLUXDB_HOST
+ value: monitoring-influxdb
+ - name: GF_SERVER_HTTP_PORT
+ value: "3000"
+ # The following env variables are required to make Grafana accessible via
+ # the kubernetes api-server proxy. On production clusters, we recommend
+ # removing these env variables, setup auth for grafana, and expose the grafana
+ # service using a LoadBalancer or a public IP.
+ - name: GF_AUTH_BASIC_ENABLED
+ value: "false"
+ - name: GF_AUTH_ANONYMOUS_ENABLED
+ value: "true"
+ - name: GF_AUTH_ANONYMOUS_ORG_ROLE
+ value: Admin
+ - name: GF_SERVER_ROOT_URL
+ # If you're only using the API Server proxy, set this value instead:
+ # value: /api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
+ value: /
+ volumes:
+ - name: ca-certificates
+ hostPath:
+ path: /etc/ssl/certs
+ - name: grafana-storage
+ emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
+ # If you are NOT using this as an addon, you should comment out this line.
+ # kubernetes.io/cluster-service: 'true'
+ kubernetes.io/name: monitoring-grafana
+ name: monitoring-grafana
+ namespace: kube-system
+spec:
+ # In a production setup, we recommend accessing Grafana through an external Loadbalancer
+ # or through a public IP.
+ # type: LoadBalancer
+ # You could also use NodePort to expose the service at a randomly-generated port
+ # type: NodePort
+ ports:
+ - port: 80
+ targetPort: 3000
+ selector:
+ k8s-app: grafana
+EOF
+ }
+
echo "Waiting for Kubernetes API..."
+ until curl --silent "http://127.0.0.1:8080/version"
+ do
+ sleep 5
+ done
+
+ kubectl apply --validate=false -f $INFLUX_DEPLOY
+ kubectl apply --validate=false -f $GRAFANA_DEPLOY
+fi
+
+# Deploy Heapster
+HEAPSTER_DEPLOY=/srv/magnum/kubernetes/heapster-controller.yaml
+
+[ -f ${HEAPSTER_DEPLOY} ] || {
+ echo "Writing File: $HEAPSTER_DEPLOY"
+ mkdir -p $(dirname ${HEAPSTER_DEPLOY})
+ cat << EOF > ${HEAPSTER_DEPLOY}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: heapster
+ namespace: kube-system
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+ name: heapster
+ namespace: kube-system
+spec:
+ replicas: 1
+ template:
+ metadata:
+ labels:
+ task: monitoring
+ k8s-app: heapster
+ spec:
+ serviceAccountName: heapster
+ containers:
+ - name: heapster
+ image: ${HEAPSTER_IMAGE}
+ imagePullPolicy: IfNotPresent
+ command:
+ - /heapster
+ - --source=kubernetes:https://kubernetes.default
+${INFLUX_SINK}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ task: monitoring
+ # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
+ # If you are NOT using this as an addon, you should comment out this line.
+ kubernetes.io/cluster-service: 'true'
+ kubernetes.io/name: Heapster
+ name: heapster
+ namespace: kube-system
+spec:
+ ports:
+ - port: 80
+ targetPort: 8082
+ selector:
+ k8s-app: heapster
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+ name: heapster
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: system:heapster
+subjects:
+- kind: ServiceAccount
+ name: heapster
+ namespace: kube-system
+EOF
+}
+
+echo "Waiting for Kubernetes API..."
+until curl --silent "http://127.0.0.1:8080/version"
+do
sleep 5
done
-#echo check for existence of kubernetes-dashboard deployment
-/usr/bin/kubectl get deployment kubernetes-dashboard --namespace=kube-system
-
-if [ "\$?" != "0" ]; then
- /usr/bin/kubectl create -f /srv/kubernetes/manifests/kube-dash-deploy.yaml --namespace=kube-system
-fi
-
-#echo check for existence of kubernetes-dashboard service
-/usr/bin/kubectl get service kubernetes-dashboard --namespace=kube-system
-
-if [ "\$?" != "0" ]; then
- /usr/bin/kubectl create -f /srv/kubernetes/manifests/kube-dash-svc.yaml --namespace=kube-system
-fi
-EOF
-}
-
-KUBE_DASH_SERVICE=/etc/systemd/system/kube-dash.service
-[ -f ${KUBE_DASH_SERVICE} ] || {
- echo "Writing File: $KUBE_DASH_SERVICE"
- mkdir -p $(dirname ${KUBE_DASH_SERVICE})
- cat << EOF > ${KUBE_DASH_SERVICE}
-[Unit]
-Description=Enable kubernetes dashboard
-
-[Service]
-Type=oneshot
-Environment=HOME=/root
-EnvironmentFile=-/etc/kubernetes/config
-ExecStart=${KUBE_DASH_BIN}
-
-[Install]
-WantedBy=multi-user.target
-EOF
-}
-
-chown root:root ${KUBE_DASH_BIN}
-chmod 0755 ${KUBE_DASH_BIN}
-
-chown root:root ${KUBE_DASH_SERVICE}
-chmod 0644 ${KUBE_DASH_SERVICE}
-
-systemctl enable kube-dash
-systemctl start --no-block kube-dash
+kubectl apply --validate=false -f $KUBE_DASH_DEPLOY
+kubectl apply --validate=false -f $HEAPSTER_DEPLOY
diff --git a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
index dfbb1b0265..1a7d067dc4 100644
--- a/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
+++ b/magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml
@@ -31,6 +31,7 @@ write_files:
CLUSTER_SUBNET="$CLUSTER_SUBNET"
TLS_DISABLED="$TLS_DISABLED"
KUBE_DASHBOARD_ENABLED="$KUBE_DASHBOARD_ENABLED"
+ INFLUX_GRAFANA_DASHBOARD_ENABLED="$INFLUX_GRAFANA_DASHBOARD_ENABLED"
VERIFY_CA="$VERIFY_CA"
CLUSTER_UUID="$CLUSTER_UUID"
MAGNUM_URL="$MAGNUM_URL"
diff --git a/magnum/drivers/heat/k8s_template_def.py b/magnum/drivers/heat/k8s_template_def.py
index f9d311019a..17f70da55a 100644
--- a/magnum/drivers/heat/k8s_template_def.py
+++ b/magnum/drivers/heat/k8s_template_def.py
@@ -121,7 +121,8 @@ class K8sTemplateDefinition(template_def.BaseTemplateDefinition):
'kubeapi_options',
'kubeproxy_options',
'kubecontroller_options',
- 'kubescheduler_options']
+ 'kubescheduler_options',
+ 'influx_grafana_dashboard_enabled']
for label in label_list:
extra_params[label] = cluster.labels.get(label)
diff --git a/magnum/drivers/k8s_coreos_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_coreos_v1/templates/kubecluster.yaml
index 5c2de9933b..2f1122d360 100644
--- a/magnum/drivers/k8s_coreos_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_coreos_v1/templates/kubecluster.yaml
@@ -155,6 +155,11 @@ parameters:
description: whether or not to disable kubernetes dashboard
default: True
+ influx_grafana_dashboard_enabled:
+ type: boolean
+ description: Enable influxdb with grafana dashboard for data from heapster
+ default: False
+
verify_ca:
type: boolean
description: whether or not to validate certificate authority
@@ -459,6 +464,7 @@ resources:
kubernetes_port: {get_param: kubernetes_port}
tls_disabled: {get_param: tls_disabled}
kube_dashboard_enabled: {get_param: kube_dashboard_enabled}
+ influx_grafana_dashboard_enabled: {get_param: influx_grafana_dashboard_enabled}
verify_ca: {get_param: verify_ca}
secgroup_kube_master_id: {get_resource: secgroup_master}
http_proxy: {get_param: http_proxy}
diff --git a/magnum/drivers/k8s_coreos_v1/templates/kubemaster.yaml b/magnum/drivers/k8s_coreos_v1/templates/kubemaster.yaml
index 157df46a3d..c44244afdf 100644
--- a/magnum/drivers/k8s_coreos_v1/templates/kubemaster.yaml
+++ b/magnum/drivers/k8s_coreos_v1/templates/kubemaster.yaml
@@ -115,6 +115,10 @@ parameters:
type: boolean
description: whether or not to disable kubernetes dashboard
+ influx_grafana_dashboard_enabled:
+ type: boolean
+ description: whether or not to disable kubernetes dashboard
+
verify_ca:
type: boolean
description: whether or not to validate certificate authority
@@ -293,6 +297,7 @@ resources:
"$TLS_DISABLED": {get_param: tls_disabled}
"$VERIFY_CA": {get_param: verify_ca}
"$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
+ "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: enable_influx_grafana_dashboard}
"$KUBE_VERSION": {get_param: kube_version}
"$KUBE_DASHBOARD_VERSION": {get_param: kube_dashboard_version}
"$CLUSTER_UUID": {get_param: cluster_uuid}
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
index 4d725f9e0d..d3fcd697f2 100644
--- a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
@@ -250,6 +250,11 @@ parameters:
description: whether or not to enable kubernetes dashboard
default: True
+ influx_grafana_dashboard_enabled:
+ type: boolean
+ description: Enable influxdb with grafana dashboard for data from heapster
+ default: False
+
verify_ca:
type: boolean
description: whether or not to validate certificate authority
@@ -333,7 +338,7 @@ parameters:
kube_dashboard_version:
type: string
description: version of kubernetes dashboard used for kubernetes cluster
- default: v1.5.1
+ default: v1.8.3
insecure_registry_url:
type: string
@@ -631,6 +636,7 @@ resources:
kubernetes_port: {get_param: kubernetes_port}
tls_disabled: {get_param: tls_disabled}
kube_dashboard_enabled: {get_param: kube_dashboard_enabled}
+ influx_grafana_dashboard_enabled: {get_param: influx_grafana_dashboard_enabled}
verify_ca: {get_param: verify_ca}
secgroup_kube_master_id: {get_resource: secgroup_kube_master}
http_proxy: {get_param: http_proxy}
diff --git a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
index 623ad94754..f72f04f107 100644
--- a/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
+++ b/magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml
@@ -112,6 +112,10 @@ parameters:
type: boolean
description: whether or not to disable kubernetes dashboard
+ influx_grafana_dashboard_enabled:
+ type: boolean
+ description: Enable influxdb with grafana dashboard for data from heapster
+
verify_ca:
type: boolean
description: whether or not to validate certificate authority
@@ -410,6 +414,7 @@ resources:
"$CLUSTER_SUBNET": {get_param: fixed_subnet}
"$TLS_DISABLED": {get_param: tls_disabled}
"$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
+ "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: influx_grafana_dashboard_enabled}
"$VERIFY_CA": {get_param: verify_ca}
"$CLUSTER_UUID": {get_param: cluster_uuid}
"$MAGNUM_URL": {get_param: magnum_url}
@@ -512,12 +517,6 @@ resources:
group: ungrouped
config: {get_file: ../../common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh}
- kube_ui_service:
- type: OS::Heat::SoftwareConfig
- properties:
- group: ungrouped
- config: {get_file: ../../common/templates/kubernetes/fragments/kube-dashboard-service.sh}
-
core_dns_service:
type: OS::Heat::SoftwareConfig
properties:
@@ -567,7 +566,6 @@ resources:
- config: {get_resource: network_config_service}
- config: {get_resource: kube_apiserver_to_kubelet_role}
- config: {get_resource: core_dns_service}
- - config: {get_resource: kube_ui_service}
- config: {get_resource: master_wc_notify}
enable_prometheus_monitoring:
@@ -638,6 +636,20 @@ resources:
server: {get_resource: kube-master}
actions: ['CREATE']
+ kubernetes_dashboard:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: ../../common/templates/kubernetes/fragments/kube-dashboard-service.sh}
+
+ kubernetes_dashboard_deployment:
+ type: OS::Heat::SoftwareDeployment
+ properties:
+ signal_transport: HEAT_SIGNAL
+ config: {get_resource: kubernetes_dashboard}
+ server: {get_resource: kube-master}
+ actions: ['CREATE']
+
######################################################################
#
# a single kubernetes master.
diff --git a/magnum/drivers/k8s_fedora_ironic_v1/templates/kubecluster.yaml b/magnum/drivers/k8s_fedora_ironic_v1/templates/kubecluster.yaml
index ff6f484998..d702da1159 100644
--- a/magnum/drivers/k8s_fedora_ironic_v1/templates/kubecluster.yaml
+++ b/magnum/drivers/k8s_fedora_ironic_v1/templates/kubecluster.yaml
@@ -248,6 +248,11 @@ parameters:
description: whether or not to disable kubernetes dashboard
default: True
+ influx_grafana_dashboard_enabled:
+ type: boolean
+ description: Enable influxdb with grafana dashboard for data from heapster
+ default: False
+
verify_ca:
type: boolean
description: whether or not to validate certificate authority
@@ -510,6 +515,7 @@ resources:
kubernetes_port: {get_param: kubernetes_port}
tls_disabled: {get_param: tls_disabled}
kube_dashboard_enabled: {get_param: kube_dashboard_enabled}
+ influx_grafana_dashboard_enabled: {get_param: influx_grafana_dashboard_enabled}
verify_ca: {get_param: verify_ca}
secgroup_base_id: {get_resource: secgroup_base}
secgroup_kube_master_id: {get_resource: secgroup_kube_master}
diff --git a/magnum/drivers/k8s_fedora_ironic_v1/templates/kubemaster.yaml b/magnum/drivers/k8s_fedora_ironic_v1/templates/kubemaster.yaml
index ca4131d027..e2071ddf62 100644
--- a/magnum/drivers/k8s_fedora_ironic_v1/templates/kubemaster.yaml
+++ b/magnum/drivers/k8s_fedora_ironic_v1/templates/kubemaster.yaml
@@ -97,6 +97,10 @@ parameters:
type: boolean
description: whether or not to disable kubernetes dashboard
+ influx_grafana_dashboard_enabled:
+ type: boolean
+ description: Enable influxdb with grafana dashboard for data from heapster
+
verify_ca:
type: boolean
description: whether or not to validate certificate authority
@@ -299,6 +303,7 @@ resources:
"$CLUSTER_SUBNET": {get_param: fixed_subnet}
"$TLS_DISABLED": {get_param: tls_disabled}
"$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
+ "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: influx_grafana_dashboard_enabled}
"$VERIFY_CA": {get_param: verify_ca}
"$CLUSTER_UUID": {get_param: cluster_uuid}
"$MAGNUM_URL": {get_param: magnum_url}
diff --git a/magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py b/magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py
index df1a392152..a63a38ed1e 100644
--- a/magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py
+++ b/magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py
@@ -56,6 +56,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'docker_volume_type': 'lvmdriver-1',
'etcd_volume_size': 0,
'availability_zone': 'az_1'},
@@ -105,7 +106,8 @@ class TestClusterConductorWithK8s(base.TestCase):
'kubeapi_options': '--kubeapi',
'kubecontroller_options': '--kubecontroller',
'kubescheduler_options': '--kubescheduler',
- 'kubeproxy_options': '--kubeproxy'},
+ 'kubeproxy_options': '--kubeproxy',
+ 'influx_grafana_dashboard_enabled': 'True'},
'master_flavor_id': 'master_flavor_id',
'flavor_id': 'flavor_id',
}
@@ -183,6 +185,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'docker_volume_type': 'lvmdriver-1',
'etcd_volume_size': None,
'availability_zone': 'az_1',
@@ -230,6 +233,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'http_proxy': 'http_proxy',
'https_proxy': 'https_proxy',
'no_proxy': 'no_proxy',
@@ -328,6 +332,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'http_proxy': 'http_proxy',
'https_proxy': 'https_proxy',
'magnum_url': 'http://127.0.0.1:9511/v1',
@@ -429,6 +434,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'docker_volume_type': 'lvmdriver-1',
'etcd_volume_size': None,
'insecure_registry_url': '10.0.0.1:5000',
@@ -522,6 +528,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'tls_disabled': False,
'registry_enabled': False,
'trustee_domain_id': self.mock_keystone.trustee_domain_id,
@@ -603,6 +610,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'tls_disabled': False,
'registry_enabled': False,
'trustee_domain_id': self.mock_keystone.trustee_domain_id,
@@ -781,6 +789,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'prometheus_monitoring': 'False',
'grafana_admin_passwd': 'fake_pwd',
'kube_dashboard_enabled': 'True',
+ 'influx_grafana_dashboard_enabled': 'True',
'username': 'fake_user',
'cluster_uuid': self.cluster_dict['uuid'],
'magnum_url': self.mock_osc.magnum_url.return_value,
diff --git a/magnum/tests/unit/drivers/test_template_definition.py b/magnum/tests/unit/drivers/test_template_definition.py
index 4231bb890a..644eece18e 100644
--- a/magnum/tests/unit/drivers/test_template_definition.py
+++ b/magnum/tests/unit/drivers/test_template_definition.py
@@ -266,6 +266,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
'grafana_admin_passwd')
kube_dashboard_enabled = mock_cluster.labels.get(
'kube_dashboard_enabled')
+ influx_grafana_dashboard_enabled = mock_cluster.labels.get(
+ 'influx_grafana_dashboard_enabled')
docker_volume_type = mock_cluster.labels.get(
'docker_volume_type')
etcd_volume_size = mock_cluster.labels.get(
@@ -322,6 +324,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
'prometheus_monitoring': prometheus_monitoring,
'grafana_admin_passwd': grafana_admin_passwd,
'kube_dashboard_enabled': kube_dashboard_enabled,
+ 'influx_grafana_dashboard_enabled':
+ influx_grafana_dashboard_enabled,
'docker_volume_type': docker_volume_type,
'etcd_volume_size': etcd_volume_size,
'kubelet_options': kubelet_options,
@@ -398,6 +402,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
'grafana_admin_passwd')
kube_dashboard_enabled = mock_cluster.labels.get(
'kube_dashboard_enabled')
+ influx_grafana_dashboard_enabled = mock_cluster.labels.get(
+ 'influx_grafana_dashboard_enabled')
docker_volume_type = mock_cluster.labels.get(
'docker_volume_type')
etcd_volume_size = mock_cluster.labels.get(
@@ -454,6 +460,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
'prometheus_monitoring': prometheus_monitoring,
'grafana_admin_passwd': grafana_admin_passwd,
'kube_dashboard_enabled': kube_dashboard_enabled,
+ 'influx_grafana_dashboard_enabled':
+ influx_grafana_dashboard_enabled,
'docker_volume_type': docker_volume_type,
'etcd_volume_size': etcd_volume_size,
'kubelet_options': kubelet_options,
diff --git a/releasenotes/notes/update-kubernetes-dashboard-5196831c32d55aee.yaml b/releasenotes/notes/update-kubernetes-dashboard-5196831c32d55aee.yaml
new file mode 100644
index 0000000000..a3b1978907
--- /dev/null
+++ b/releasenotes/notes/update-kubernetes-dashboard-5196831c32d55aee.yaml
@@ -0,0 +1,8 @@
+---
+features:
+ - |
+ Update kubernetes dashboard to `v1.8.3` which is compatible via kubectl
+ proxy. Addionally, heapster is deployed as standalone deployemt and the
+ user can enable a grafana-influx stack with the
+ `influx_grafana_dashboard_enabled` label. See the kubernetes dashboard
+ documenation for more details. https://github.com/kubernetes/dashboard/wiki