diff --git a/magnum/templates/heat-kubernetes/kubecluster-fedora-ironic.yaml b/magnum/templates/heat-kubernetes/kubecluster-fedora-ironic.yaml index 893cc2dc47..f8e1f2a523 100644 --- a/magnum/templates/heat-kubernetes/kubecluster-fedora-ironic.yaml +++ b/magnum/templates/heat-kubernetes/kubecluster-fedora-ironic.yaml @@ -17,7 +17,11 @@ parameters: fixed_network: type: string - description: name of private network into which servers get deployed + description: > + name of private network into which servers get deployed + Important: the Load Balancer feature in Kubernetes requires that + the name for the fixed_network must be "private" for the + address lookup in Kubernetes to work properly server_image: type: string @@ -82,6 +86,29 @@ parameters: timeout for the Wait Conditions default: 6000 + auth_url: + type: string + description: > + url for kubernetes to authenticate before sending request to neutron + + username: + type: string + description: > + user account + + password: + type: string + description: > + user password, not set in current implementation, only used to + fill in for Kubernetes config file + default: + ChangeMe + + tenant_name: + type: string + description: > + tenant name + resources: ###################################################################### @@ -110,6 +137,10 @@ resources: flannel_use_vxlan: {get_param: flannel_use_vxlan} portal_network_cidr: {get_param: portal_network_cidr} fixed_network: {get_resource: fixed_network} + auth_url: {get_param: auth_url} + username: {get_param: username} + password: {get_param: password} + tenant_name: {get_param: tenant_name} kube_minions: type: OS::Heat::ResourceGroup diff --git a/magnum/templates/heat-kubernetes/kubemaster-fedora-ironic.yaml b/magnum/templates/heat-kubernetes/kubemaster-fedora-ironic.yaml index 23878d6b49..4d2f4ba416 100644 --- a/magnum/templates/heat-kubernetes/kubemaster-fedora-ironic.yaml +++ b/magnum/templates/heat-kubernetes/kubemaster-fedora-ironic.yaml @@ -68,6 +68,27 @@ parameters: timeout for the Wait Conditions default: 6000 + auth_url: + type: string + description: > + url for kubernetes to authenticate before sending request to neutron + must be v2 since kubernetes backend only suppor v2 at this point + + username: + type: string + description: > + user account + + password: + type: string + description: > + user password + + tenant_name: + type: string + description: > + tenant name + resources: master_wait_handle: @@ -97,6 +118,7 @@ resources: - config: {get_resource: disable_selinux} - config: {get_resource: write_heat_params} - config: {get_resource: enable_etcd} + - config: {get_resource: write_kube_os_config} - config: {get_resource: configure_kubernetes} - config: {get_resource: enable_services} - config: {get_resource: configure_flannel} @@ -127,6 +149,11 @@ resources: "$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen} "$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan} "$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr} + "$AUTH_URL": {get_param: auth_url} + "$USERNAME": {get_param: username} + "$PASSWORD": {get_param: password} + "$TENANT_NAME": {get_param: tenant_name} + "$CLUSTER_SUBNET": {get_param: fixed_subnet} configure_kubernetes: type: OS::Heat::SoftwareConfig @@ -146,6 +173,12 @@ resources: group: ungrouped config: {get_file: fragments/configure-flannel.sh} + write_kube_os_config: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: {get_file: fragments/write-kube-os-config.sh} + enable_services: type: OS::Heat::SoftwareConfig properties: diff --git a/magnum/templates/heat-kubernetes/kubeminion-fedora-ironic.yaml b/magnum/templates/heat-kubernetes/kubeminion-fedora-ironic.yaml index d6fcd15e55..24021a6e6e 100644 --- a/magnum/templates/heat-kubernetes/kubeminion-fedora-ironic.yaml +++ b/magnum/templates/heat-kubernetes/kubeminion-fedora-ironic.yaml @@ -53,7 +53,7 @@ resources: minion_wait_condition: type: OS::Heat::WaitCondition - depends_on: kube_minion + depends_on: kube-minion properties: handle: {get_resource: minion_wait_handle} timeout: {get_param: wait_condition_timeout} @@ -144,7 +144,14 @@ resources: - config: {get_resource: enable_services} - config: {get_resource: minion_wc_notify} - kube_minion: + # Important: the name for the heat resource kube-minion below must + # not contain "_" (underscore) because it will be used in the + # hostname. Because DNS domain name does not allow "_", the "_" + # will be converted to a "-" and this will make the hostname different + # from the Nova instance name. This in turn will break the load + # balancer feature in Kubernetes. + + kube-minion: type: OS::Nova::Server properties: image: {get_param: server_image} @@ -160,15 +167,15 @@ resources: properties: floating_network: {get_param: external_network} port_id: - get_attr: [kube_minion, addresses, {get_param: fixed_network}, 0, port] + get_attr: [kube-minion, addresses, {get_param: fixed_network}, 0, port] outputs: kube_minion_ip: - value: {get_attr: [kube_minion, networks, private, 0]} + value: {get_attr: [kube-minion, networks, private, 0]} kube_minion_external_ip: value: {get_attr: [kube_minion_floating, floating_ip_address]} OS::stack_id: - value: {get_attr: [kube_minion, networks, private, 0]} + value: {get_attr: [kube-minion, networks, private, 0]}