Configure Ironic for Kubernetes load balancer feature
Kubernetes service provides the LoadBalancer feature This is supported through an OpenStack plugin in Kubernetes code. Enabling this features require configuring the cluster properly for Kubernetes to interface with Neutron. Kubernetes backend will then create the Neutron load balancer pool, members, VIP and monitor, and manage the pool members as pods are added/removed from the service. This patch updates the Ironic heat templates to adjust the minion name and private network name to match what Kubernetes expects. Additional scripts are from the patch for Fedora Atomic which this patch has a dependency on. Partially-Implements: blueprint external-lb Change-Id: I74eaffe280b8ed20fce432d92fa6fc29048de8a5
This commit is contained in:
parent
3f4b8aaa53
commit
4a17de8c6a
|
@ -17,7 +17,11 @@ parameters:
|
|||
|
||||
fixed_network:
|
||||
type: string
|
||||
description: name of private network into which servers get deployed
|
||||
description: >
|
||||
name of private network into which servers get deployed
|
||||
Important: the Load Balancer feature in Kubernetes requires that
|
||||
the name for the fixed_network must be "private" for the
|
||||
address lookup in Kubernetes to work properly
|
||||
|
||||
server_image:
|
||||
type: string
|
||||
|
@ -82,6 +86,29 @@ parameters:
|
|||
timeout for the Wait Conditions
|
||||
default: 6000
|
||||
|
||||
auth_url:
|
||||
type: string
|
||||
description: >
|
||||
url for kubernetes to authenticate before sending request to neutron
|
||||
|
||||
username:
|
||||
type: string
|
||||
description: >
|
||||
user account
|
||||
|
||||
password:
|
||||
type: string
|
||||
description: >
|
||||
user password, not set in current implementation, only used to
|
||||
fill in for Kubernetes config file
|
||||
default:
|
||||
ChangeMe
|
||||
|
||||
tenant_name:
|
||||
type: string
|
||||
description: >
|
||||
tenant name
|
||||
|
||||
resources:
|
||||
|
||||
######################################################################
|
||||
|
@ -110,6 +137,10 @@ resources:
|
|||
flannel_use_vxlan: {get_param: flannel_use_vxlan}
|
||||
portal_network_cidr: {get_param: portal_network_cidr}
|
||||
fixed_network: {get_resource: fixed_network}
|
||||
auth_url: {get_param: auth_url}
|
||||
username: {get_param: username}
|
||||
password: {get_param: password}
|
||||
tenant_name: {get_param: tenant_name}
|
||||
|
||||
kube_minions:
|
||||
type: OS::Heat::ResourceGroup
|
||||
|
|
|
@ -68,6 +68,27 @@ parameters:
|
|||
timeout for the Wait Conditions
|
||||
default: 6000
|
||||
|
||||
auth_url:
|
||||
type: string
|
||||
description: >
|
||||
url for kubernetes to authenticate before sending request to neutron
|
||||
must be v2 since kubernetes backend only suppor v2 at this point
|
||||
|
||||
username:
|
||||
type: string
|
||||
description: >
|
||||
user account
|
||||
|
||||
password:
|
||||
type: string
|
||||
description: >
|
||||
user password
|
||||
|
||||
tenant_name:
|
||||
type: string
|
||||
description: >
|
||||
tenant name
|
||||
|
||||
resources:
|
||||
|
||||
master_wait_handle:
|
||||
|
@ -97,6 +118,7 @@ resources:
|
|||
- config: {get_resource: disable_selinux}
|
||||
- config: {get_resource: write_heat_params}
|
||||
- config: {get_resource: enable_etcd}
|
||||
- config: {get_resource: write_kube_os_config}
|
||||
- config: {get_resource: configure_kubernetes}
|
||||
- config: {get_resource: enable_services}
|
||||
- config: {get_resource: configure_flannel}
|
||||
|
@ -127,6 +149,11 @@ resources:
|
|||
"$FLANNEL_NETWORK_SUBNETLEN": {get_param: flannel_network_subnetlen}
|
||||
"$FLANNEL_USE_VXLAN": {get_param: flannel_use_vxlan}
|
||||
"$PORTAL_NETWORK_CIDR": {get_param: portal_network_cidr}
|
||||
"$AUTH_URL": {get_param: auth_url}
|
||||
"$USERNAME": {get_param: username}
|
||||
"$PASSWORD": {get_param: password}
|
||||
"$TENANT_NAME": {get_param: tenant_name}
|
||||
"$CLUSTER_SUBNET": {get_param: fixed_subnet}
|
||||
|
||||
configure_kubernetes:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
|
@ -146,6 +173,12 @@ resources:
|
|||
group: ungrouped
|
||||
config: {get_file: fragments/configure-flannel.sh}
|
||||
|
||||
write_kube_os_config:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
group: ungrouped
|
||||
config: {get_file: fragments/write-kube-os-config.sh}
|
||||
|
||||
enable_services:
|
||||
type: OS::Heat::SoftwareConfig
|
||||
properties:
|
||||
|
|
|
@ -53,7 +53,7 @@ resources:
|
|||
|
||||
minion_wait_condition:
|
||||
type: OS::Heat::WaitCondition
|
||||
depends_on: kube_minion
|
||||
depends_on: kube-minion
|
||||
properties:
|
||||
handle: {get_resource: minion_wait_handle}
|
||||
timeout: {get_param: wait_condition_timeout}
|
||||
|
@ -144,7 +144,14 @@ resources:
|
|||
- config: {get_resource: enable_services}
|
||||
- config: {get_resource: minion_wc_notify}
|
||||
|
||||
kube_minion:
|
||||
# Important: the name for the heat resource kube-minion below must
|
||||
# not contain "_" (underscore) because it will be used in the
|
||||
# hostname. Because DNS domain name does not allow "_", the "_"
|
||||
# will be converted to a "-" and this will make the hostname different
|
||||
# from the Nova instance name. This in turn will break the load
|
||||
# balancer feature in Kubernetes.
|
||||
|
||||
kube-minion:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: {get_param: server_image}
|
||||
|
@ -160,15 +167,15 @@ resources:
|
|||
properties:
|
||||
floating_network: {get_param: external_network}
|
||||
port_id:
|
||||
get_attr: [kube_minion, addresses, {get_param: fixed_network}, 0, port]
|
||||
get_attr: [kube-minion, addresses, {get_param: fixed_network}, 0, port]
|
||||
|
||||
outputs:
|
||||
|
||||
kube_minion_ip:
|
||||
value: {get_attr: [kube_minion, networks, private, 0]}
|
||||
value: {get_attr: [kube-minion, networks, private, 0]}
|
||||
|
||||
kube_minion_external_ip:
|
||||
value: {get_attr: [kube_minion_floating, floating_ip_address]}
|
||||
|
||||
OS::stack_id:
|
||||
value: {get_attr: [kube_minion, networks, private, 0]}
|
||||
value: {get_attr: [kube-minion, networks, private, 0]}
|
||||
|
|
Loading…
Reference in New Issue