Browse Source

Merge "Add CoreDNS deployment in kubernetes atomic" into stable/newton

tags/newton-eol^0
Zuul 1 year ago
parent
commit
50e789c8db

+ 1
- 0
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh View File

@@ -62,6 +62,7 @@ sed -i '
62 62
 
63 63
 HOSTNAME_OVERRIDE=$(hostname --short | sed 's/\.novalocal//')
64 64
 KUBELET_ARGS="--register-node=true --register-schedulable=false --config=/etc/kubernetes/manifests --hostname-override=${HOSTNAME_OVERRIDE}"
65
+KUBELET_ARGS="${KUBELET_ARGS} --cluster_dns=${DNS_SERVICE_IP} --cluster_domain=${DNS_CLUSTER_DOMAIN}"
65 66
 
66 67
 if [ -n "${INSECURE_REGISTRY_URL}" ]; then
67 68
     KUBELET_ARGS="${KUBELET_ARGS} --pod-infra-container-image=${INSECURE_REGISTRY_URL}/google_containers/pause\:0.8.0"

+ 1
- 0
magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh View File

@@ -28,6 +28,7 @@ sed -i '
28 28
 # Using any other name will break the load balancer and cinder volume features.
29 29
 HOSTNAME_OVERRIDE=$(hostname --short | sed 's/\.novalocal//')
30 30
 KUBELET_ARGS="--config=/etc/kubernetes/manifests --cadvisor-port=4194 ${KUBE_CONFIG} --hostname-override=${HOSTNAME_OVERRIDE}"
31
+KUBELET_ARGS="${KUBELET_ARGS} --cluster_dns=${DNS_SERVICE_IP} --cluster_domain=${DNS_CLUSTER_DOMAIN}"
31 32
 
32 33
 if [ -n "$TRUST_ID" ]; then
33 34
     KUBELET_ARGS="$KUBELET_ARGS --cloud-provider=openstack --cloud-config=/etc/sysconfig/kube_openstack_config"

+ 112
- 0
magnum/drivers/common/templates/kubernetes/fragments/core-dns-service.sh View File

@@ -0,0 +1,112 @@
1
+#!/bin/sh
2
+
3
+. /etc/sysconfig/heat-params
4
+
5
+CORE_DNS=/etc/kubernetes/manifests/kube-coredns.yaml
6
+[ -f ${CORE_DNS} ] || {
7
+    echo "Writing File: $CORE_DNS"
8
+    mkdir -p $(dirname ${CORE_DNS})
9
+    cat << EOF > ${CORE_DNS}
10
+apiVersion: v1
11
+kind: ConfigMap
12
+metadata:
13
+  name: coredns
14
+  namespace: kube-system
15
+data:
16
+  Corefile: |
17
+    .:53 {
18
+        errors
19
+        log stdout
20
+        health
21
+        kubernetes ${DNS_CLUSTER_DOMAIN} {
22
+          cidrs ${PORTAL_NETWORK_CIDR}
23
+        }
24
+        proxy . /etc/resolv.conf
25
+        cache 30
26
+    }
27
+---
28
+apiVersion: extensions/v1beta1
29
+kind: Deployment
30
+metadata:
31
+  name: coredns
32
+  namespace: kube-system
33
+  labels:
34
+    k8s-app: coredns
35
+    kubernetes.io/cluster-service: "true"
36
+    kubernetes.io/name: "CoreDNS"
37
+spec:
38
+  replicas: 1
39
+  selector:
40
+    matchLabels:
41
+      k8s-app: coredns
42
+  template:
43
+    metadata:
44
+      labels:
45
+        k8s-app: coredns
46
+      annotations:
47
+        scheduler.alpha.kubernetes.io/critical-pod: ''
48
+        scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]'
49
+    spec:
50
+      containers:
51
+      - name: coredns
52
+        image: coredns/coredns:007
53
+        imagePullPolicy: Always
54
+        args: [ "-conf", "/etc/coredns/Corefile" ]
55
+        volumeMounts:
56
+        - name: config-volume
57
+          mountPath: /etc/coredns
58
+        ports:
59
+        - containerPort: 53
60
+          name: dns
61
+          protocol: UDP
62
+        - containerPort: 53
63
+          name: dns-tcp
64
+          protocol: TCP
65
+        livenessProbe:
66
+          httpGet:
67
+            path: /health
68
+            port: 8080
69
+            scheme: HTTP
70
+          initialDelaySeconds: 60
71
+          timeoutSeconds: 5
72
+          successThreshold: 1
73
+          failureThreshold: 5
74
+      dnsPolicy: Default
75
+      volumes:
76
+        - name: config-volume
77
+          configMap:
78
+            name: coredns
79
+            items:
80
+            - key: Corefile
81
+              path: Corefile
82
+---
83
+apiVersion: v1
84
+kind: Service
85
+metadata:
86
+  name: kube-dns
87
+  namespace: kube-system
88
+  labels:
89
+    k8s-app: coredns
90
+    kubernetes.io/cluster-service: "true"
91
+    kubernetes.io/name: "CoreDNS"
92
+spec:
93
+  selector:
94
+    k8s-app: coredns
95
+  clusterIP: ${DNS_SERVICE_IP}
96
+  ports:
97
+  - name: dns
98
+    port: 53
99
+    protocol: UDP
100
+  - name: dns-tcp
101
+    port: 53
102
+    protocol: TCP
103
+EOF
104
+}
105
+
106
+echo "Waiting for Kubernetes API..."
107
+until curl --silent "http://127.0.0.1:8080/version"
108
+do
109
+    sleep 5
110
+done
111
+
112
+kubectl create --validate=false -f $CORE_DNS

+ 2
- 0
magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml View File

@@ -42,3 +42,5 @@ write_files:
42 42
       TRUST_ID="$TRUST_ID"
43 43
       AUTH_URL="$AUTH_URL"
44 44
       INSECURE_REGISTRY_URL="$INSECURE_REGISTRY_URL"
45
+      DNS_SERVICE_IP="$DNS_SERVICE_IP"
46
+      DNS_CLUSTER_DOMAIN="$DNS_CLUSTER_DOMAIN"

+ 2
- 0
magnum/drivers/common/templates/kubernetes/fragments/write-heat-params.yaml View File

@@ -41,3 +41,5 @@ write_files:
41 41
       TRUST_ID="$TRUST_ID"
42 42
       AUTH_URL="$AUTH_URL"
43 43
       INSECURE_REGISTRY_URL="$INSECURE_REGISTRY_URL"
44
+      DNS_SERVICE_IP="$DNS_SERVICE_IP"
45
+      DNS_CLUSTER_DOMAIN="$DNS_CLUSTER_DOMAIN"

+ 16
- 0
magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml View File

@@ -279,6 +279,18 @@ parameters:
279 279
     description: insecure registry url
280 280
     default: ""
281 281
 
282
+  dns_service_ip:
283
+    type: string
284
+    description: >
285
+      address used by Kubernetes DNS service
286
+    default: 10.254.0.10
287
+
288
+  dns_cluster_domain:
289
+    type: string
290
+    description: >
291
+      domain name for cluster DNS
292
+    default: "cluster.local"
293
+
282 294
 resources:
283 295
 
284 296
   ######################################################################
@@ -517,6 +529,8 @@ resources:
517 529
           trust_id: {get_param: trust_id}
518 530
           auth_url: {get_param: auth_url}
519 531
           insecure_registry_url: {get_param: insecure_registry_url}
532
+          dns_service_ip: {get_param: dns_service_ip}
533
+          dns_cluster_domain: {get_param: dns_cluster_domain}
520 534
 
521 535
   ######################################################################
522 536
   #
@@ -576,6 +590,8 @@ resources:
576 590
           trust_id: {get_param: trust_id}
577 591
           auth_url: {get_param: auth_url}
578 592
           insecure_registry_url: {get_param: insecure_registry_url}
593
+          dns_service_ip: {get_param: dns_service_ip}
594
+          dns_cluster_domain: {get_param: dns_cluster_domain}
579 595
 
580 596
 outputs:
581 597
 

+ 19
- 0
magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml View File

@@ -200,6 +200,16 @@ parameters:
200 200
     type: string
201 201
     description: insecure registry url
202 202
 
203
+  dns_service_ip:
204
+    type: string
205
+    description: >
206
+      address used by Kubernetes DNS service
207
+
208
+  dns_cluster_domain:
209
+    type: string
210
+    description: >
211
+      domain name for cluster DNS
212
+
203 213
 resources:
204 214
 
205 215
   master_wait_handle:
@@ -276,6 +286,8 @@ resources:
276 286
             "$TRUSTEE_PASSWORD": {get_param: trustee_password}
277 287
             "$TRUST_ID": {get_param: trust_id}
278 288
             "$INSECURE_REGISTRY_URL": {get_param: insecure_registry_url}
289
+            "$DNS_SERVICE_IP": {get_param: dns_service_ip}
290
+            "$DNS_CLUSTER_DOMAIN": {get_param: dns_cluster_domain}
279 291
 
280 292
   make_cert:
281 293
     type: OS::Heat::SoftwareConfig
@@ -365,6 +377,12 @@ resources:
365 377
       group: ungrouped
366 378
       config: {get_file: ../../common/templates/kubernetes/fragments/enable-kube-proxy-master.sh}
367 379
 
380
+  core_dns_service:
381
+    type: OS::Heat::SoftwareConfig
382
+    properties:
383
+      group: ungrouped
384
+      config: {get_file: ../../common/templates/kubernetes/fragments/core-dns-service.sh}
385
+
368 386
   master_wc_notify:
369 387
     type: OS::Heat::SoftwareConfig
370 388
     properties:
@@ -401,6 +419,7 @@ resources:
401 419
         - config: {get_resource: network_service}
402 420
         - config: {get_resource: kube_system_namespace_service}
403 421
         - config: {get_resource: enable_kube_podmaster}
422
+        - config: {get_resource: core_dns_service}
404 423
         - config: {get_resource: enable_kube_proxy}
405 424
         - config: {get_resource: kube_ui_service}
406 425
         - config: {get_resource: kube_examples}

+ 12
- 0
magnum/drivers/k8s_fedora_atomic_v1/templates/kubeminion.yaml View File

@@ -194,6 +194,16 @@ parameters:
194 194
     type: string
195 195
     description: insecure registry url
196 196
 
197
+  dns_service_ip:
198
+    type: string
199
+    description: >
200
+      address used by Kubernetes DNS service
201
+
202
+  dns_cluster_domain:
203
+    type: string
204
+    description: >
205
+      domain name for cluster DNS
206
+
197 207
 resources:
198 208
 
199 209
   minion_wait_handle:
@@ -254,6 +264,8 @@ resources:
254 264
             $TRUST_ID: {get_param: trust_id}
255 265
             $AUTH_URL: {get_param: auth_url}
256 266
             $INSECURE_REGISTRY_URL: {get_param: insecure_registry_url}
267
+            $DNS_SERVICE_IP: {get_param: dns_service_ip}
268
+            $DNS_CLUSTER_DOMAIN: {get_param: dns_cluster_domain}
257 269
 
258 270
   write_kubeconfig:
259 271
     type: OS::Heat::SoftwareConfig

Loading…
Cancel
Save