Browse Source

Merge "Propagate cloud_provider_enabled correctly"

changes/88/667088/8
Zuul 2 years ago
committed by Gerrit Code Review
parent
commit
9c55bcba91
  1. 11
      doc/source/user/index.rst
  2. 9
      magnum/drivers/heat/k8s_fedora_template_def.py
  3. 1
      magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml
  4. 4
      magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py

11
doc/source/user/index.rst

@ -386,7 +386,7 @@ the table are linked to more details elsewhere in the user guide.
| `cgroup_driver`_ | - systemd | "cgroupfs" |
| | - cgroupfs | |
+---------------------------------------+--------------------+---------------+
| `cloud_provider_enabled`_ | - true | true |
| `cloud_provider_enabled`_ | - true | see below |
| | - false | |
+---------------------------------------+--------------------+---------------+
| `service_cluster_ip_range` | IPv4 CIDR for k8s | 10.254.0.0/16 |
@ -1284,9 +1284,12 @@ _`cgroup_driver`
_`cloud_provider_enabled`
Add 'cloud_provider_enabled' label for the k8s_fedora_atomic driver. Defaults
to true. For specific kubernetes versions if 'cinder' is selected as a
'volume_driver', it is implied that the cloud provider will be enabled since
they are combined.
to the value of 'cluster_user_trust' (default: 'false' unless explicitly set
to 'true' in magnum.conf due to CVE-2016-7404). Consequently,
'cloud_provider_enabled' label cannot be overridden to 'true' when
'cluster_user_trust' resolves to 'false'. For specific kubernetes versions,
if 'cinder' is selected as a 'volume_driver', it is implied that the cloud
provider will be enabled since they are combined.
_`keystone_auth_enabled`
If this label is set to True, Kubernetes will support use Keystone for

9
magnum/drivers/heat/k8s_fedora_template_def.py

@ -108,17 +108,18 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
# the cloud provider needs to be enabled.
cloud_provider_enabled = cluster.labels.get(
'cloud_provider_enabled',
'true' if CONF.trust.cluster_user_trust else 'false').lower()
'true' if CONF.trust.cluster_user_trust else 'false')
if (not CONF.trust.cluster_user_trust
and cloud_provider_enabled == 'true'):
and cloud_provider_enabled.lower() == 'true'):
raise exception.InvalidParameterValue(_(
'"cluster_user_trust" must be set to True in magnum.conf when '
'"cloud_provider_enabled" label is set to true.'))
if (cluster_template.volume_driver == 'cinder'
and cloud_provider_enabled == 'false'):
and cloud_provider_enabled.lower() == 'false'):
raise exception.InvalidParameterValue(_(
'"cinder" volume driver needs "cloud_provider_enabled" label '
'to be true or unset.'))
extra_params['cloud_provider_enabled'] = cloud_provider_enabled
extra_params['master_image'] = cluster_template.image_id
extra_params['minion_image'] = cluster_template.image_id
@ -130,7 +131,7 @@ class K8sFedoraTemplateDefinition(k8s_template_def.K8sTemplateDefinition):
'calico_tag',
'calico_kube_controllers_tag', 'calico_ipv4pool',
'etcd_tag', 'flannel_tag', 'flannel_cni_tag',
'cloud_provider_enabled', 'cloud_provider_tag',
'cloud_provider_tag',
'prometheus_tag', 'grafana_tag',
'heat_container_agent_tag',
'keystone_auth_enabled', 'k8s_keystone_auth_tag',

1
magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml

@ -382,7 +382,6 @@ parameters:
cloud_provider_enabled:
type: boolean
description: Enable or disable the openstack kubernetes cloud provider
default: true
etcd_tag:
type: string

4
magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py

@ -290,6 +290,7 @@ class TestClusterConductorWithK8s(base.TestCase):
'insecure_registry': '10.0.0.1:5000',
}
expected = {
'cloud_provider_enabled': 'false',
'ssh_key_name': 'keypair_id',
'external_network': 'e2a6c8b0-a3c2-42a3-b3f4-01400a30896e',
'fixed_network': 'fixed_network',
@ -432,6 +433,7 @@ class TestClusterConductorWithK8s(base.TestCase):
expected = {
'auth_url': 'http://192.168.10.10:5000/v3',
'cloud_provider_enabled': 'true',
'cluster_uuid': '5d12f6fd-a196-4bf0-ae4c-1f639a523a52',
'discovery_url': 'https://discovery.etcd.io/test',
'dns_nameserver': 'dns_nameserver',
@ -567,6 +569,7 @@ class TestClusterConductorWithK8s(base.TestCase):
expected = {
'auth_url': 'http://192.168.10.10:5000/v3',
'cloud_provider_enabled': 'false',
'cluster_uuid': '5d12f6fd-a196-4bf0-ae4c-1f639a523a52',
'discovery_url': 'https://discovery.etcd.io/test',
'docker_volume_size': 20,
@ -994,6 +997,7 @@ class TestClusterConductorWithK8s(base.TestCase):
cluster)
expected = {
'cloud_provider_enabled': 'false',
'ssh_key_name': 'keypair_id',
'external_network': 'e2a6c8b0-a3c2-42a3-b3f4-01400a30896e',
'fixed_network': 'fixed_network',

Loading…
Cancel
Save