openstack
/
magnum
Code Issues Proposed changes

Add CoreOS/K8s recommended defaults to kube-proxy 

The cluster-cidr fix asymetric routing in specific
use case. Adding dbus removes iptables error message for kube-proxy and
adding ${HOST_CERT_PATH} is just common practice.

Change-Id: I8912091ebcb5c1ef940f43e5195a849f8fa6370e
Partially-Implements: bp coreos-best-pratice
This commit is contained in:
ArchiFleKs 2017-03-01 11:15:16 +01:00 committed by yatin
parent 1a36735599
commit a18724b612
2 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
magnum/drivers/k8s_coreos_v1/templates/fragments/enable-kube-proxy-master.yaml
View File

@ -38,8 +38,23 @@ write_files:
- /hyperkube
- proxy
- --master=http://127.0.0.1:8080
- --cluster-cidr=${FLANNEL_NETWORK_CIDR}
- --logtostderr=true
- --v=0
securityContext:
privileged: true
volumeMounts:
- mountPath: /etc/ssl/certs
name: ssl-certs-host
readOnly: true
- mountPath: /var/run/dbus
name: dbus
readOnly: false
volumes:
- hostPath:
path: ${HOST_CERTS_PATH}
name: ssl-certs-host
- hostPath:
path: /var/run/dbus
name: dbus
EOF

13
magnum/drivers/k8s_coreos_v1/templates/fragments/enable-kube-proxy-minion.yaml
View File

@ -48,6 +48,7 @@ write_files:
- proxy
- --master=${KUBE_MASTER_URI}
- --kubeconfig=${KUBE_CONFIG}
- --cluster-cidr=${FLANNEL_NETWORK_CIDR}
- --logtostderr=true
- --v=0
securityContext:
@ -59,6 +60,12 @@ write_files:
- mountPath: ${KUBE_CERTS_PATH}
name: ssl-certs-kubernetes
readOnly: true
- mountPath: /etc/ssl/certs
name: ssl-certs-host
readOnly: true
- mountPath: /var/run/dbus
name: dbus
readOnly: false
volumes:
- name: kubeconfig
hostPath:
@ -66,4 +73,10 @@ write_files:
- name: ssl-certs-kubernetes
hostPath:
path: ${KUBE_CERTS_PATH}
- hostPath:
path: ${HOST_CERTS_PATH}
name: ssl-certs-host
- hostPath:
path: /var/run/dbus
name: dbus
EOF