[k8s] Add new label service_cluster_ip_range

A new label `service_cluster_ip_range` is added for k8s so that user can set the service portal ip range to avoid conflicts with pod ip range. Task: 22568 Story: 2002725 Change-Id: Ie6e95a953059cc4bd5cf15a44f8666b714defb13
2018-06-28 06:42:42 +12:00 · 2018-06-28 06:42:42 +12:00 · 80fcf76d27
commit 80fcf76d27
parent e6aef9d15c
5 changed files with 30 additions and 2 deletions
--- a/doc/source/user/index.rst
+++ b/doc/source/user/index.rst
@ -362,6 +362,9 @@ the table are linked to more details elsewhere in the user guide.
 | `cloud_provider_enabled`_             | - true             | true          |
 |                                       | - false            |               |
 +---------------------------------------+--------------------+---------------+
+| `service_cluster_ip_range`            | IPv4 CIDR for k8s  | 10.254.0.0/16 |
+|                                       | service portals    |               |
+---------------------------------------+--------------------+---------------+

 Cluster
 -------
--- a/magnum/drivers/heat/k8s_template_def.py
+++ b/magnum/drivers/heat/k8s_template_def.py
@ -130,6 +130,10 @@ class K8sTemplateDefinition(template_def.BaseTemplateDefinition):
        for label in label_list:
            extra_params[label] = cluster.labels.get(label)

+        cluser_ip_range = cluster.labels.get('service_cluster_ip_range')
+        if cluser_ip_range:
+            extra_params['portal_network_cidr'] = cluser_ip_range
+
        if cluster_template.registry_enabled:
            extra_params['swift_region'] = CONF.docker_registry.swift_region
            extra_params['registry_container'] = (
--- a/magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py
+++ b/magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py
@ -59,7 +59,8 @@ class TestClusterConductorWithK8s(base.TestCase):
                       'influx_grafana_dashboard_enabled': 'True',
                       'docker_volume_type': 'lvmdriver-1',
                       'etcd_volume_size': 0,
-                       'availability_zone': 'az_1'},
+                       'availability_zone': 'az_1',
+                       'service_cluster_ip_range': '10.254.0.0/16'},
            'tls_disabled': False,
            'server_type': 'vm',
            'registry_enabled': False,
@ -107,7 +108,8 @@ class TestClusterConductorWithK8s(base.TestCase):
                       'kubecontroller_options': '--kubecontroller',
                       'kubescheduler_options': '--kubescheduler',
                       'kubeproxy_options': '--kubeproxy',
-                       'influx_grafana_dashboard_enabled': 'True'},
+                       'influx_grafana_dashboard_enabled': 'True',
+                       'service_cluster_ip_range': '10.254.0.0/16'},
            'master_flavor_id': 'master_flavor_id',
            'flavor_id': 'flavor_id',
        }
@ -217,6 +219,7 @@ class TestClusterConductorWithK8s(base.TestCase):
                       'kubecontroller_options': '--kubecontroller',
                       'kubescheduler_options': '--kubescheduler',
                       'kubeproxy_options': '--kubeproxy',
+                       'service_cluster_ip_range': '10.254.0.0/16',
                       },
            'http_proxy': 'http_proxy',
            'https_proxy': 'https_proxy',
@ -286,6 +289,7 @@ class TestClusterConductorWithK8s(base.TestCase):
            'octavia_enabled': False,
            'kube_service_account_key': 'public_key',
            'kube_service_account_private_key': 'private_key',
+            'portal_network_cidr': '10.254.0.0/16',
        }
        if missing_attr is not None:
            expected.pop(mapping[missing_attr], None)
@ -405,6 +409,7 @@ class TestClusterConductorWithK8s(base.TestCase):
            'octavia_enabled': False,
            'kube_service_account_key': 'public_key',
            'kube_service_account_private_key': 'private_key',
+            'portal_network_cidr': '10.254.0.0/16',
        }

        self.assertEqual(expected, definition)
@ -511,6 +516,7 @@ class TestClusterConductorWithK8s(base.TestCase):
            'octavia_enabled': False,
            'kube_service_account_key': 'public_key',
            'kube_service_account_private_key': 'private_key',
+            'portal_network_cidr': '10.254.0.0/16',
        }
        self.assertEqual(expected, definition)
        self.assertEqual(
@ -600,6 +606,7 @@ class TestClusterConductorWithK8s(base.TestCase):
            'kubescheduler_options': '--kubescheduler',
            'kubeproxy_options': '--kubeproxy',
            'octavia_enabled': False,
+            'portal_network_cidr': '10.254.0.0/16',
        }
        self.assertEqual(expected, definition)
        self.assertEqual(
@ -684,6 +691,7 @@ class TestClusterConductorWithK8s(base.TestCase):
            'kubescheduler_options': '--kubescheduler',
            'kubeproxy_options': '--kubeproxy',
            'octavia_enabled': False,
+            'portal_network_cidr': '10.254.0.0/16',
        }
        self.assertEqual(expected, definition)
        self.assertEqual(
@ -922,6 +930,7 @@ class TestClusterConductorWithK8s(base.TestCase):
            'octavia_enabled': False,
            'kube_service_account_key': 'public_key',
            'kube_service_account_private_key': 'private_key',
+            'portal_network_cidr': '10.254.0.0/16',
        }
        self.assertEqual(expected, definition)
        self.assertEqual(
--- a/magnum/tests/unit/drivers/test_template_definition.py
+++ b/magnum/tests/unit/drivers/test_template_definition.py
@ -371,6 +371,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
            'kubeproxy_options')
        cloud_provider_enabled = mock_cluster.labels.get(
            'cloud_provider_enabled')
+        service_cluster_ip_range = mock_cluster.labels.get(
+            'service_cluster_ip_range')

        k8s_def = k8sa_tdef.AtomicK8sTemplateDefinition()

@ -420,6 +422,7 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
            'octavia_enabled': False,
            'kube_service_account_key': 'public_key',
            'kube_service_account_private_key': 'private_key',
+            'portal_network_cidr': service_cluster_ip_range,
        }}
        mock_get_params.assert_called_once_with(mock_context,
                                                mock_cluster_template,
@ -541,6 +544,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
            'kubeproxy_options')
        cloud_provider_enabled = mock_cluster.labels.get(
            'cloud_provider_enabled')
+        service_cluster_ip_range = mock_cluster.labels.get(
+            'service_cluster_ip_range')

        k8s_def = k8sa_tdef.AtomicK8sTemplateDefinition()

@ -592,6 +597,7 @@ class AtomicK8sTemplateDefinitionTestCase(BaseK8sTemplateDefinitionTestCase):
            'octavia_enabled': False,
            'kube_service_account_key': 'public_key',
            'kube_service_account_private_key': 'private_key',
+            'portal_network_cidr': service_cluster_ip_range,
        }}
        mock_get_params.assert_called_once_with(mock_context,
                                                mock_cluster_template,
--- a/releasenotes/notes/add-k8s-label-for-portal-network-cidr-a09edab29da6e7da.yaml
+++ b/releasenotes/notes/add-k8s-label-for-portal-network-cidr-a09edab29da6e7da.yaml
@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Add a new label `service_cluster_ip_range` for kubernetes so that user can
+    set the IP range for service portals to avoid conflicts with pod IP range.
+