Browse Source

Deploy traefik from the heat-agent

Use kubectl from the heat agent to apply the
traefik deployment. Current behaviour was to
create a systemd unit to send the manifests
to the API.

This way we will have only one way for applying
manifests to the API.

This change is triggered to adddress the kubectl
change [0] that is not using 127.0.0.1:8080 as
the default kubernetes API.

[0] https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#kubectl

story: 2005286
task: 39522

Change-Id: I8982bd4ec2ab69f35938970d604c16ac5e62e1fa
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
changes/38/721838/2
Spyros Trigazis 2 years ago committed by Spyros Trigazis
parent
commit
3e7924ffda
  1. 46
      magnum/drivers/common/templates/kubernetes/fragments/enable-ingress-traefik.sh
  2. 18
      releasenotes/notes/Deploy-traefik-from-the-heat-agent-0bb32f0f2c97405d.yaml

46
magnum/drivers/common/templates/kubernetes/fragments/enable-ingress-traefik.sh

@ -169,54 +169,10 @@ EOF
writeFile $INGRESS_TRAEFIK_MANIFEST "$INGRESS_TRAEFIK_MANIFEST_CONTENT"
INGRESS_TRAEFIK_BIN="/srv/magnum/kubernetes/bin/ingress-traefik"
INGRESS_TRAEFIK_SERVICE="/etc/systemd/system/ingress-traefik.service"
# Binary for ingress traefik
INGRESS_TRAEFIK_BIN_CONTENT='''#!/bin/sh
until [ "ok" = "$(curl --silent http://127.0.0.1:8080/healthz)" ]
do
echo "Waiting for Kubernetes API..."
sleep 5
done
# Check if all resources exist already before creating them
kubectl -n kube-system get service ingress-traefik
if [ "$?" != "0" ] && \
[ -f "'''${INGRESS_TRAEFIK_MANIFEST}'''" ]; then
kubectl create -f '''${INGRESS_TRAEFIK_MANIFEST}'''
fi
'''
writeFile $INGRESS_TRAEFIK_BIN "$INGRESS_TRAEFIK_BIN_CONTENT"
# Service for ingress traefik
INGRESS_TRAEFIK_SERVICE_CONTENT='''[Unit]
Requires=kube-apiserver.service
[Service]
User=root
Group=root
Type=simple
Restart=on-failure
EnvironmentFile=-/etc/kubernetes/config
ExecStart=/bin/bash '''${INGRESS_TRAEFIK_BIN}'''
RestartSec=10
[Install]
WantedBy=multi-user.target
'''
writeFile $INGRESS_TRAEFIK_SERVICE "$INGRESS_TRAEFIK_SERVICE_CONTENT"
chown root:root ${INGRESS_TRAEFIK_BIN}
chmod 0755 ${INGRESS_TRAEFIK_BIN}
chown root:root ${INGRESS_TRAEFIK_SERVICE}
chmod 0644 ${INGRESS_TRAEFIK_SERVICE}
# Launch the ingress traefik service
set -x
ssh_cmd="ssh -F /srv/magnum/.ssh/config root@localhost"
$ssh_cmd systemctl daemon-reload
$ssh_cmd systemctl enable ingress-traefik.service
$ssh_cmd systemctl start --no-block ingress-traefik.service
kubectl apply -f ${INGRESS_TRAEFIK_MANIFEST}

18
releasenotes/notes/Deploy-traefik-from-the-heat-agent-0bb32f0f2c97405d.yaml

@ -0,0 +1,18 @@
---
fixes:
- |
Deploy traefik from the heat-agent
Use kubectl from the heat agent to apply the
traefik deployment. Current behaviour was to
create a systemd unit to send the manifests
to the API.
This way we will have only one way for applying
manifests to the API.
This change is triggered to adddress the kubectl
change [0] that is not using 127.0.0.1:8080 as
the default kubernetes API.
[0] https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.18.md#kubectl
Loading…
Cancel
Save