Browse Source

Merge "Update kubernetes dashboard to v1.8.3" into stable/queens

tags/6.1.0^0
Zuul 1 year ago
parent
commit
dd1a2aa3c8

+ 8
- 0
doc/source/user/index.rst View File

@@ -345,6 +345,9 @@ the table are linked to more details elsewhere in the user guide.
345 345
 | `kube_dashboard_enabled`_             | - true             | true          |
346 346
 |                                       | - false            |               |
347 347
 +---------------------------------------+--------------------+---------------+
348
+| `influx_grafana_dashboard_enabled`_   | - true             | false         |
349
+|                                       | - false            |               |
350
++---------------------------------------+--------------------+---------------+
348 351
 | `docker_volume_type`_                 | see below          | see below     |
349 352
 +---------------------------------------+--------------------+---------------+
350 353
 | `etcd_volume_size`_                   | etcd storage       | 0             |
@@ -1184,6 +1187,11 @@ _`kubescheduler_options`
1184 1187
   <https://kubernetes.io/docs/admin/kube-scheduler//>`_.
1185 1188
   By default no additional options are passed.
1186 1189
 
1190
+_`influx_grafana_dashboard_enabled`
1191
+  The kubernetes dashboard comes with heapster enabled. If this
1192
+  label is set, an influxdb and grafana instance will be deployed,
1193
+  heapster will push data to influx and grafana will project them.
1194
+
1187 1195
 External load balancer for services
1188 1196
 -----------------------------------
1189 1197
 

+ 1
- 1
magnum/drivers/common/image/heat-container-agent/Dockerfile View File

@@ -15,7 +15,7 @@ RUN dnf -y --setopt=tsflags=nodocs install \
15 15
     findutils os-collect-config os-apply-config \
16 16
     os-refresh-config dib-utils python-pip python-docker-py \
17 17
     python-yaml python-zaqarclient python2-oslo-log \
18
-    python-psutil && dnf clean all
18
+    python-psutil kubernetes-client && dnf clean all
19 19
 
20 20
 # pip installing dpath as python-dpath is an older version of dpath
21 21
 # install docker-compose

+ 379
- 81
magnum/drivers/common/templates/kubernetes/fragments/kube-dashboard-service.sh View File

@@ -1,8 +1,4 @@
1
-#!/bin/sh
2
-
3
-# this service is required because docker will start only after cloud init was finished
4
-# due to the service dependencies in Fedora Atomic (docker <- docker-storage-setup <- cloud-final)
5
-
1
+#!/bin/bash -x
6 2
 
7 3
 . /etc/sysconfig/heat-params
8 4
 
@@ -11,18 +7,115 @@ if [ "$(echo $KUBE_DASHBOARD_ENABLED | tr '[:upper:]' '[:lower:]')" == "false" ]
11 7
 fi
12 8
 
13 9
 KUBE_DASH_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}kubernetes-dashboard-amd64:${KUBE_DASHBOARD_VERSION}"
10
+HEAPSTER_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}heapster-amd64:v1.4.2"
14 11
 
15
-KUBE_DASH_DEPLOY=/srv/kubernetes/manifests/kube-dash-deploy.yaml
12
+KUBE_DASH_DEPLOY=/srv/magnum/kubernetes/kubernetes-dashboard.yaml
16 13
 
17 14
 [ -f ${KUBE_DASH_DEPLOY} ] || {
18 15
     echo "Writing File: $KUBE_DASH_DEPLOY"
19 16
     mkdir -p $(dirname ${KUBE_DASH_DEPLOY})
20 17
     cat << EOF > ${KUBE_DASH_DEPLOY}
18
+# Copyright 2017 The Kubernetes Authors.
19
+#
20
+# Licensed under the Apache License, Version 2.0 (the "License");
21
+# you may not use this file except in compliance with the License.
22
+# You may obtain a copy of the License at
23
+#
24
+#     http://www.apache.org/licenses/LICENSE-2.0
25
+#
26
+# Unless required by applicable law or agreed to in writing, software
27
+# distributed under the License is distributed on an "AS IS" BASIS,
28
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29
+# See the License for the specific language governing permissions and
30
+# limitations under the License.
31
+
32
+# Configuration to deploy release version of the Dashboard UI compatible with
33
+# Kubernetes 1.8.
34
+#
35
+# Example usage: kubectl create -f <this_file>
36
+
37
+# ------------------- Dashboard Secret ------------------- #
38
+
39
+apiVersion: v1
40
+kind: Secret
41
+metadata:
42
+  labels:
43
+    k8s-app: kubernetes-dashboard
44
+  name: kubernetes-dashboard-certs
45
+  namespace: kube-system
46
+type: Opaque
47
+
48
+---
49
+# ------------------- Dashboard Service Account ------------------- #
50
+
51
+apiVersion: v1
52
+kind: ServiceAccount
53
+metadata:
54
+  labels:
55
+    k8s-app: kubernetes-dashboard
56
+  name: kubernetes-dashboard
57
+  namespace: kube-system
58
+
59
+---
60
+# ------------------- Dashboard Role & Role Binding ------------------- #
61
+
62
+kind: Role
63
+apiVersion: rbac.authorization.k8s.io/v1
64
+metadata:
65
+  name: kubernetes-dashboard-minimal
66
+  namespace: kube-system
67
+rules:
68
+  # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
69
+- apiGroups: [""]
70
+  resources: ["secrets"]
71
+  verbs: ["create"]
72
+  # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
73
+- apiGroups: [""]
74
+  resources: ["configmaps"]
75
+  verbs: ["create"]
76
+  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
77
+- apiGroups: [""]
78
+  resources: ["secrets"]
79
+  resourceNames: ["kubernetes-dashboard-key-holder", "kubernetes-dashboard-certs"]
80
+  verbs: ["get", "update", "delete"]
81
+  # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
82
+- apiGroups: [""]
83
+  resources: ["configmaps"]
84
+  resourceNames: ["kubernetes-dashboard-settings"]
85
+  verbs: ["get", "update"]
86
+  # Allow Dashboard to get metrics from heapster.
87
+- apiGroups: [""]
88
+  resources: ["services"]
89
+  resourceNames: ["heapster"]
90
+  verbs: ["proxy"]
91
+- apiGroups: [""]
92
+  resources: ["services/proxy"]
93
+  resourceNames: ["heapster", "http:heapster:", "https:heapster:"]
94
+  verbs: ["get"]
95
+
96
+---
97
+apiVersion: rbac.authorization.k8s.io/v1
98
+kind: RoleBinding
99
+metadata:
100
+  name: kubernetes-dashboard-minimal
101
+  namespace: kube-system
102
+roleRef:
103
+  apiGroup: rbac.authorization.k8s.io
104
+  kind: Role
105
+  name: kubernetes-dashboard-minimal
106
+subjects:
107
+- kind: ServiceAccount
108
+  name: kubernetes-dashboard
109
+  namespace: kube-system
110
+
111
+---
112
+# ------------------- Dashboard Deployment ------------------- #
113
+
21 114
 kind: Deployment
22
-apiVersion: extensions/v1beta1
115
+apiVersion: apps/v1beta2
23 116
 metadata:
24 117
   labels:
25
-    app: kubernetes-dashboard
118
+    k8s-app: kubernetes-dashboard
26 119
   name: kubernetes-dashboard
27 120
   namespace: kube-system
28 121
 spec:
@@ -30,114 +123,319 @@ spec:
30 123
   revisionHistoryLimit: 10
31 124
   selector:
32 125
     matchLabels:
33
-      app: kubernetes-dashboard
126
+      k8s-app: kubernetes-dashboard
34 127
   template:
35 128
     metadata:
36 129
       labels:
37
-        app: kubernetes-dashboard
38
-      # Comment the following annotation if Dashboard must not be deployed on master
39
-      annotations:
40
-        scheduler.alpha.kubernetes.io/tolerations: |
41
-          [
42
-            {
43
-              "key": "dedicated",
44
-              "operator": "Equal",
45
-              "value": "master",
46
-              "effect": "NoSchedule"
47
-            }
48
-          ]
130
+        k8s-app: kubernetes-dashboard
49 131
     spec:
50 132
       containers:
51 133
       - name: kubernetes-dashboard
134
+        env:
135
+        - name: POD_NAME
136
+          valueFrom:
137
+            fieldRef:
138
+              fieldPath: metadata.name
139
+        - name: POD_NAMESPACE
140
+          valueFrom:
141
+            fieldRef:
142
+              fieldPath: metadata.namespace
143
+        - name: POD_IP
144
+          valueFrom:
145
+            fieldRef:
146
+              fieldPath: status.podIP
52 147
         image: ${KUBE_DASH_IMAGE}
53
-        imagePullPolicy: Always
54 148
         ports:
55
-        - containerPort: 9090
149
+        - containerPort: 8443
56 150
           protocol: TCP
57 151
         args:
152
+          - --auto-generate-certificates
153
+          - --heapster-host=heapster:80
154
+          # Uncomment the following line to manually specify Kubernetes API server Host
155
+          # If not specified, Dashboard will attempt to auto discover the API server and connect
156
+          # to it. Uncomment only if the default does not work.
157
+          # - --apiserver-host=http://my-address:port
158
+        volumeMounts:
159
+        - name: kubernetes-dashboard-certs
160
+          mountPath: /certs
161
+          # Create on-disk volume to store exec logs
162
+        - mountPath: /tmp
163
+          name: tmp-volume
58 164
         livenessProbe:
59 165
           httpGet:
166
+            scheme: HTTPS
60 167
             path: /
61
-            port: 9090
168
+            port: 8443
62 169
           initialDelaySeconds: 30
63 170
           timeoutSeconds: 30
64
-EOF
65
-}
171
+      volumes:
172
+      - name: kubernetes-dashboard-certs
173
+        secret:
174
+          secretName: kubernetes-dashboard-certs
175
+      - name: tmp-volume
176
+        emptyDir: {}
177
+      serviceAccountName: kubernetes-dashboard
178
+      # Comment the following tolerations if Dashboard must not be deployed on master
179
+      tolerations:
180
+      - key: node-role.kubernetes.io/master
181
+        effect: NoSchedule
182
+
183
+---
184
+# ------------------- Dashboard Service ------------------- #
66 185
 
67
-KUBE_DASH_SVC=/srv/kubernetes/manifests/kube-dash-svc.yaml
68
-[ -f ${KUBE_DASH_SVC} ] || {
69
-    echo "Writing File: $KUBE_DASH_SVC"
70
-    mkdir -p $(dirname ${KUBE_DASH_SVC})
71
-    cat << EOF > ${KUBE_DASH_SVC}
72 186
 kind: Service
73 187
 apiVersion: v1
74 188
 metadata:
75 189
   labels:
76
-    app: kubernetes-dashboard
190
+    k8s-app: kubernetes-dashboard
77 191
   name: kubernetes-dashboard
78 192
   namespace: kube-system
79 193
 spec:
80
-  type: NodePort
81 194
   ports:
82
-  - port: 80
83
-    targetPort: 9090
195
+    - port: 443
196
+      targetPort: 8443
84 197
   selector:
85
-    app: kubernetes-dashboard
198
+    k8s-app: kubernetes-dashboard
199
+---
200
+# Grant admin privileges to the dashboard serviceacount
201
+
202
+apiVersion: rbac.authorization.k8s.io/v1beta1
203
+kind: ClusterRoleBinding
204
+metadata:
205
+  name: kubernetes-dashboard
206
+  labels:
207
+    k8s-app: kubernetes-dashboard
208
+roleRef:
209
+  apiGroup: rbac.authorization.k8s.io
210
+  kind: ClusterRole
211
+  name: cluster-admin
212
+subjects:
213
+- kind: ServiceAccount
214
+  name: kubernetes-dashboard
215
+  namespace: kube-system
86 216
 EOF
87 217
 }
88 218
 
89
-KUBE_DASH_BIN=/usr/local/bin/kube-dash
90
-[ -f ${KUBE_DASH_BIN} ] || {
91
-    echo "Writing File: $KUBE_DASH_BIN"
92
-    mkdir -p $(dirname ${KUBE_DASH_BIN})
93
-    cat << EOF > ${KUBE_DASH_BIN}
94
-#!/bin/sh
95
-until curl -sf "http://127.0.0.1:8080/healthz"
96
-do
97
-    echo "Waiting for Kubernetes API..."
98
-    sleep 5
99
-done
219
+INFLUX_SINK=""
220
+# Deploy INFLUX AND GRAFANA
221
+if [ "$(echo $INFLUX_GRAFANA_DASHBOARD_ENABLED | tr '[:upper:]' '[:lower:]')" == "true" ]; then
222
+    INFLUX_SINK="        - --sink=influxdb:http://monitoring-influxdb.kube-system.svc:8086"
223
+    INFLUX_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}heapster-influxdb-amd64:v1.3.3"
224
+    GRAFANA_IMAGE="${CONTAINER_INFRA_PREFIX:-gcr.io/google_containers/}heapster-grafana-amd64:v4.4.3"
100 225
 
101
-#echo check for existence of kubernetes-dashboard deployment
102
-/usr/bin/kubectl get deployment kubernetes-dashboard --namespace=kube-system
226
+    INFLUX_DEPLOY=/srv/magnum/kubernetes/influxdb.yaml
227
+    GRAFANA_DEPLOY=/srv/magnum/kubernetes/grafana.yaml
103 228
 
104
-if [ "\$?" != "0" ]; then
105
-    /usr/bin/kubectl create -f /srv/kubernetes/manifests/kube-dash-deploy.yaml --namespace=kube-system
106
-fi
229
+    [ -f ${INFLUX_DEPLOY} ] || {
230
+        echo "Writing File: $INFLUX_DEPLOY"
231
+        mkdir -p $(dirname ${INFLUX_DEPLOY})
232
+        cat << EOF > ${INFLUX_DEPLOY}
233
+apiVersion: extensions/v1beta1
234
+kind: Deployment
235
+metadata:
236
+  name: monitoring-influxdb
237
+  namespace: kube-system
238
+spec:
239
+  replicas: 1
240
+  template:
241
+    metadata:
242
+      labels:
243
+        task: monitoring
244
+        k8s-app: influxdb
245
+    spec:
246
+      containers:
247
+      - name: influxdb
248
+        image: ${INFLUX_IMAGE}
249
+        volumeMounts:
250
+        - mountPath: /data
251
+          name: influxdb-storage
252
+      volumes:
253
+      - name: influxdb-storage
254
+        emptyDir: {}
255
+---
256
+apiVersion: v1
257
+kind: Service
258
+metadata:
259
+  labels:
260
+    task: monitoring
261
+    # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
262
+    # If you are NOT using this as an addon, you should comment out this line.
263
+    # kubernetes.io/cluster-service: 'true'
264
+    kubernetes.io/name: monitoring-influxdb
265
+  name: monitoring-influxdb
266
+  namespace: kube-system
267
+spec:
268
+  ports:
269
+  - port: 8086
270
+    targetPort: 8086
271
+  selector:
272
+    k8s-app: influxdb
273
+EOF
274
+    }
275
+
276
+    [ -f ${GRAFANA_DEPLOY} ] || {
277
+        echo "Writing File: $GRAFANA_DEPLOY"
278
+        mkdir -p $(dirname ${GRAFANA_DEPLOY})
279
+        cat << EOF > ${GRAFANA_DEPLOY}
280
+apiVersion: extensions/v1beta1
281
+kind: Deployment
282
+metadata:
283
+  name: monitoring-grafana
284
+  namespace: kube-system
285
+spec:
286
+  replicas: 1
287
+  template:
288
+    metadata:
289
+      labels:
290
+        task: monitoring
291
+        k8s-app: grafana
292
+    spec:
293
+      containers:
294
+      - name: grafana
295
+        image: ${GRAFANA_IMAGE}
296
+        ports:
297
+        - containerPort: 3000
298
+          protocol: TCP
299
+        volumeMounts:
300
+        - mountPath: /etc/ssl/certs
301
+          name: ca-certificates
302
+          readOnly: true
303
+        - mountPath: /var
304
+          name: grafana-storage
305
+        env:
306
+        - name: INFLUXDB_HOST
307
+          value: monitoring-influxdb
308
+        - name: GF_SERVER_HTTP_PORT
309
+          value: "3000"
310
+          # The following env variables are required to make Grafana accessible via
311
+          # the kubernetes api-server proxy. On production clusters, we recommend
312
+          # removing these env variables, setup auth for grafana, and expose the grafana
313
+          # service using a LoadBalancer or a public IP.
314
+        - name: GF_AUTH_BASIC_ENABLED
315
+          value: "false"
316
+        - name: GF_AUTH_ANONYMOUS_ENABLED
317
+          value: "true"
318
+        - name: GF_AUTH_ANONYMOUS_ORG_ROLE
319
+          value: Admin
320
+        - name: GF_SERVER_ROOT_URL
321
+          # If you're only using the API Server proxy, set this value instead:
322
+          # value: /api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
323
+          value: /
324
+      volumes:
325
+      - name: ca-certificates
326
+        hostPath:
327
+          path: /etc/ssl/certs
328
+      - name: grafana-storage
329
+        emptyDir: {}
330
+---
331
+apiVersion: v1
332
+kind: Service
333
+metadata:
334
+  labels:
335
+    # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
336
+    # If you are NOT using this as an addon, you should comment out this line.
337
+    # kubernetes.io/cluster-service: 'true'
338
+    kubernetes.io/name: monitoring-grafana
339
+  name: monitoring-grafana
340
+  namespace: kube-system
341
+spec:
342
+  # In a production setup, we recommend accessing Grafana through an external Loadbalancer
343
+  # or through a public IP.
344
+  # type: LoadBalancer
345
+  # You could also use NodePort to expose the service at a randomly-generated port
346
+  # type: NodePort
347
+  ports:
348
+  - port: 80
349
+    targetPort: 3000
350
+  selector:
351
+    k8s-app: grafana
352
+EOF
353
+    }
107 354
 
108
-#echo check for existence of kubernetes-dashboard service
109
-/usr/bin/kubectl get service kubernetes-dashboard --namespace=kube-system
355
+    echo "Waiting for Kubernetes API..."
356
+    until curl --silent "http://127.0.0.1:8080/version"
357
+    do
358
+        sleep 5
359
+    done
110 360
 
111
-if [ "\$?" != "0" ]; then
112
-    /usr/bin/kubectl create -f /srv/kubernetes/manifests/kube-dash-svc.yaml --namespace=kube-system
361
+    kubectl apply --validate=false -f $INFLUX_DEPLOY
362
+    kubectl apply --validate=false -f $GRAFANA_DEPLOY
113 363
 fi
114
-EOF
115
-}
116 364
 
117
-KUBE_DASH_SERVICE=/etc/systemd/system/kube-dash.service
118
-[ -f ${KUBE_DASH_SERVICE} ] || {
119
-    echo "Writing File: $KUBE_DASH_SERVICE"
120
-    mkdir -p $(dirname ${KUBE_DASH_SERVICE})
121
-    cat << EOF > ${KUBE_DASH_SERVICE}
122
-[Unit]
123
-Description=Enable kubernetes dashboard
124
-
125
-[Service]
126
-Type=oneshot
127
-Environment=HOME=/root
128
-EnvironmentFile=-/etc/kubernetes/config
129
-ExecStart=${KUBE_DASH_BIN}
130
-
131
-[Install]
132
-WantedBy=multi-user.target
365
+# Deploy Heapster
366
+HEAPSTER_DEPLOY=/srv/magnum/kubernetes/heapster-controller.yaml
367
+
368
+[ -f ${HEAPSTER_DEPLOY} ] || {
369
+    echo "Writing File: $HEAPSTER_DEPLOY"
370
+    mkdir -p $(dirname ${HEAPSTER_DEPLOY})
371
+    cat << EOF > ${HEAPSTER_DEPLOY}
372
+apiVersion: v1
373
+kind: ServiceAccount
374
+metadata:
375
+  name: heapster
376
+  namespace: kube-system
377
+---
378
+apiVersion: extensions/v1beta1
379
+kind: Deployment
380
+metadata:
381
+  name: heapster
382
+  namespace: kube-system
383
+spec:
384
+  replicas: 1
385
+  template:
386
+    metadata:
387
+      labels:
388
+        task: monitoring
389
+        k8s-app: heapster
390
+    spec:
391
+      serviceAccountName: heapster
392
+      containers:
393
+      - name: heapster
394
+        image: ${HEAPSTER_IMAGE}
395
+        imagePullPolicy: IfNotPresent
396
+        command:
397
+        - /heapster
398
+        - --source=kubernetes:https://kubernetes.default
399
+${INFLUX_SINK}
400
+---
401
+apiVersion: v1
402
+kind: Service
403
+metadata:
404
+  labels:
405
+    task: monitoring
406
+    # For use as a Cluster add-on (https://github.com/kubernetes/kubernetes/tree/master/cluster/addons)
407
+    # If you are NOT using this as an addon, you should comment out this line.
408
+    kubernetes.io/cluster-service: 'true'
409
+    kubernetes.io/name: Heapster
410
+  name: heapster
411
+  namespace: kube-system
412
+spec:
413
+  ports:
414
+  - port: 80
415
+    targetPort: 8082
416
+  selector:
417
+    k8s-app: heapster
418
+---
419
+kind: ClusterRoleBinding
420
+apiVersion: rbac.authorization.k8s.io/v1beta1
421
+metadata:
422
+  name: heapster
423
+roleRef:
424
+  apiGroup: rbac.authorization.k8s.io
425
+  kind: ClusterRole
426
+  name: system:heapster
427
+subjects:
428
+- kind: ServiceAccount
429
+  name: heapster
430
+  namespace: kube-system
133 431
 EOF
134 432
 }
135 433
 
136
-chown root:root ${KUBE_DASH_BIN}
137
-chmod 0755 ${KUBE_DASH_BIN}
138
-
139
-chown root:root ${KUBE_DASH_SERVICE}
140
-chmod 0644 ${KUBE_DASH_SERVICE}
434
+echo "Waiting for Kubernetes API..."
435
+until curl --silent "http://127.0.0.1:8080/version"
436
+do
437
+    sleep 5
438
+done
141 439
 
142
-systemctl enable kube-dash
143
-systemctl start --no-block kube-dash
440
+kubectl apply --validate=false -f $KUBE_DASH_DEPLOY
441
+kubectl apply --validate=false -f $HEAPSTER_DEPLOY

+ 1
- 0
magnum/drivers/common/templates/kubernetes/fragments/write-heat-params-master.yaml View File

@@ -31,6 +31,7 @@ write_files:
31 31
       CLUSTER_SUBNET="$CLUSTER_SUBNET"
32 32
       TLS_DISABLED="$TLS_DISABLED"
33 33
       KUBE_DASHBOARD_ENABLED="$KUBE_DASHBOARD_ENABLED"
34
+      INFLUX_GRAFANA_DASHBOARD_ENABLED="$INFLUX_GRAFANA_DASHBOARD_ENABLED"
34 35
       VERIFY_CA="$VERIFY_CA"
35 36
       CLUSTER_UUID="$CLUSTER_UUID"
36 37
       MAGNUM_URL="$MAGNUM_URL"

+ 2
- 1
magnum/drivers/heat/k8s_template_def.py View File

@@ -121,7 +121,8 @@ class K8sTemplateDefinition(template_def.BaseTemplateDefinition):
121 121
                       'kubeapi_options',
122 122
                       'kubeproxy_options',
123 123
                       'kubecontroller_options',
124
-                      'kubescheduler_options']
124
+                      'kubescheduler_options',
125
+                      'influx_grafana_dashboard_enabled']
125 126
 
126 127
         for label in label_list:
127 128
             extra_params[label] = cluster.labels.get(label)

+ 6
- 0
magnum/drivers/k8s_coreos_v1/templates/kubecluster.yaml View File

@@ -155,6 +155,11 @@ parameters:
155 155
     description: whether or not to disable kubernetes dashboard
156 156
     default: True
157 157
 
158
+  influx_grafana_dashboard_enabled:
159
+    type: boolean
160
+    description: Enable influxdb with grafana dashboard for data from heapster
161
+    default: False
162
+
158 163
   verify_ca:
159 164
     type: boolean
160 165
     description: whether or not to validate certificate authority
@@ -459,6 +464,7 @@ resources:
459 464
           kubernetes_port: {get_param: kubernetes_port}
460 465
           tls_disabled: {get_param: tls_disabled}
461 466
           kube_dashboard_enabled: {get_param: kube_dashboard_enabled}
467
+          influx_grafana_dashboard_enabled: {get_param: influx_grafana_dashboard_enabled}
462 468
           verify_ca: {get_param: verify_ca}
463 469
           secgroup_kube_master_id: {get_resource: secgroup_master}
464 470
           http_proxy: {get_param: http_proxy}

+ 5
- 0
magnum/drivers/k8s_coreos_v1/templates/kubemaster.yaml View File

@@ -115,6 +115,10 @@ parameters:
115 115
     type: boolean
116 116
     description: whether or not to disable kubernetes dashboard
117 117
 
118
+  influx_grafana_dashboard_enabled:
119
+    type: boolean
120
+    description: whether or not to disable kubernetes dashboard
121
+
118 122
   verify_ca:
119 123
     type: boolean
120 124
     description: whether or not to validate certificate authority
@@ -293,6 +297,7 @@ resources:
293 297
             "$TLS_DISABLED": {get_param: tls_disabled}
294 298
             "$VERIFY_CA": {get_param: verify_ca}
295 299
             "$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
300
+            "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: enable_influx_grafana_dashboard}
296 301
             "$KUBE_VERSION": {get_param: kube_version}
297 302
             "$KUBE_DASHBOARD_VERSION": {get_param: kube_dashboard_version}
298 303
             "$CLUSTER_UUID": {get_param: cluster_uuid}

+ 7
- 1
magnum/drivers/k8s_fedora_atomic_v1/templates/kubecluster.yaml View File

@@ -250,6 +250,11 @@ parameters:
250 250
     description: whether or not to enable kubernetes dashboard
251 251
     default: True
252 252
 
253
+  influx_grafana_dashboard_enabled:
254
+    type: boolean
255
+    description: Enable influxdb with grafana dashboard for data from heapster
256
+    default: False
257
+
253 258
   verify_ca:
254 259
     type: boolean
255 260
     description: whether or not to validate certificate authority
@@ -333,7 +338,7 @@ parameters:
333 338
   kube_dashboard_version:
334 339
     type: string
335 340
     description: version of kubernetes dashboard used for kubernetes cluster
336
-    default: v1.5.1
341
+    default: v1.8.3
337 342
 
338 343
   insecure_registry_url:
339 344
     type: string
@@ -631,6 +636,7 @@ resources:
631 636
           kubernetes_port: {get_param: kubernetes_port}
632 637
           tls_disabled: {get_param: tls_disabled}
633 638
           kube_dashboard_enabled: {get_param: kube_dashboard_enabled}
639
+          influx_grafana_dashboard_enabled: {get_param: influx_grafana_dashboard_enabled}
634 640
           verify_ca: {get_param: verify_ca}
635 641
           secgroup_kube_master_id: {get_resource: secgroup_kube_master}
636 642
           http_proxy: {get_param: http_proxy}

+ 19
- 7
magnum/drivers/k8s_fedora_atomic_v1/templates/kubemaster.yaml View File

@@ -112,6 +112,10 @@ parameters:
112 112
     type: boolean
113 113
     description: whether or not to disable kubernetes dashboard
114 114
 
115
+  influx_grafana_dashboard_enabled:
116
+    type: boolean
117
+    description: Enable influxdb with grafana dashboard for data from heapster
118
+
115 119
   verify_ca:
116 120
     type: boolean
117 121
     description: whether or not to validate certificate authority
@@ -410,6 +414,7 @@ resources:
410 414
             "$CLUSTER_SUBNET": {get_param: fixed_subnet}
411 415
             "$TLS_DISABLED": {get_param: tls_disabled}
412 416
             "$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
417
+            "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: influx_grafana_dashboard_enabled}
413 418
             "$VERIFY_CA": {get_param: verify_ca}
414 419
             "$CLUSTER_UUID": {get_param: cluster_uuid}
415 420
             "$MAGNUM_URL": {get_param: magnum_url}
@@ -512,12 +517,6 @@ resources:
512 517
       group: ungrouped
513 518
       config: {get_file: ../../common/templates/kubernetes/fragments/kube-apiserver-to-kubelet-role.sh}
514 519
 
515
-  kube_ui_service:
516
-    type: OS::Heat::SoftwareConfig
517
-    properties:
518
-      group: ungrouped
519
-      config: {get_file: ../../common/templates/kubernetes/fragments/kube-dashboard-service.sh}
520
-
521 520
   core_dns_service:
522 521
     type: OS::Heat::SoftwareConfig
523 522
     properties:
@@ -567,7 +566,6 @@ resources:
567 566
         - config: {get_resource: network_config_service}
568 567
         - config: {get_resource: kube_apiserver_to_kubelet_role}
569 568
         - config: {get_resource: core_dns_service}
570
-        - config: {get_resource: kube_ui_service}
571 569
         - config: {get_resource: master_wc_notify}
572 570
 
573 571
   enable_prometheus_monitoring:
@@ -638,6 +636,20 @@ resources:
638 636
       server: {get_resource: kube-master}
639 637
       actions: ['CREATE']
640 638
 
639
+  kubernetes_dashboard:
640
+    type: OS::Heat::SoftwareConfig
641
+    properties:
642
+      group: script
643
+      config: {get_file: ../../common/templates/kubernetes/fragments/kube-dashboard-service.sh}
644
+
645
+  kubernetes_dashboard_deployment:
646
+    type: OS::Heat::SoftwareDeployment
647
+    properties:
648
+      signal_transport: HEAT_SIGNAL
649
+      config: {get_resource: kubernetes_dashboard}
650
+      server: {get_resource: kube-master}
651
+      actions: ['CREATE']
652
+
641 653
   ######################################################################
642 654
   #
643 655
   # a single kubernetes master.

+ 6
- 0
magnum/drivers/k8s_fedora_ironic_v1/templates/kubecluster.yaml View File

@@ -248,6 +248,11 @@ parameters:
248 248
     description: whether or not to disable kubernetes dashboard
249 249
     default: True
250 250
 
251
+  influx_grafana_dashboard_enabled:
252
+    type: boolean
253
+    description: Enable influxdb with grafana dashboard for data from heapster
254
+    default: False
255
+
251 256
   verify_ca:
252 257
     type: boolean
253 258
     description: whether or not to validate certificate authority
@@ -510,6 +515,7 @@ resources:
510 515
           kubernetes_port: {get_param: kubernetes_port}
511 516
           tls_disabled: {get_param: tls_disabled}
512 517
           kube_dashboard_enabled: {get_param: kube_dashboard_enabled}
518
+          influx_grafana_dashboard_enabled: {get_param: influx_grafana_dashboard_enabled}
513 519
           verify_ca: {get_param: verify_ca}
514 520
           secgroup_base_id: {get_resource: secgroup_base}
515 521
           secgroup_kube_master_id: {get_resource: secgroup_kube_master}

+ 5
- 0
magnum/drivers/k8s_fedora_ironic_v1/templates/kubemaster.yaml View File

@@ -97,6 +97,10 @@ parameters:
97 97
     type: boolean
98 98
     description: whether or not to disable kubernetes dashboard
99 99
 
100
+  influx_grafana_dashboard_enabled:
101
+    type: boolean
102
+    description: Enable influxdb with grafana dashboard for data from heapster
103
+
100 104
   verify_ca:
101 105
     type: boolean
102 106
     description: whether or not to validate certificate authority
@@ -299,6 +303,7 @@ resources:
299 303
             "$CLUSTER_SUBNET": {get_param: fixed_subnet}
300 304
             "$TLS_DISABLED": {get_param: tls_disabled}
301 305
             "$KUBE_DASHBOARD_ENABLED": {get_param: kube_dashboard_enabled}
306
+            "$INFLUX_GRAFANA_DASHBOARD_ENABLED": {get_param: influx_grafana_dashboard_enabled}
302 307
             "$VERIFY_CA": {get_param: verify_ca}
303 308
             "$CLUSTER_UUID": {get_param: cluster_uuid}
304 309
             "$MAGNUM_URL": {get_param: magnum_url}

+ 10
- 1
magnum/tests/unit/conductor/handlers/test_k8s_cluster_conductor.py View File

@@ -56,6 +56,7 @@ class TestClusterConductorWithK8s(base.TestCase):
56 56
                        'prometheus_monitoring': 'False',
57 57
                        'grafana_admin_passwd': 'fake_pwd',
58 58
                        'kube_dashboard_enabled': 'True',
59
+                       'influx_grafana_dashboard_enabled': 'True',
59 60
                        'docker_volume_type': 'lvmdriver-1',
60 61
                        'etcd_volume_size': 0,
61 62
                        'availability_zone': 'az_1'},
@@ -105,7 +106,8 @@ class TestClusterConductorWithK8s(base.TestCase):
105 106
                        'kubeapi_options': '--kubeapi',
106 107
                        'kubecontroller_options': '--kubecontroller',
107 108
                        'kubescheduler_options': '--kubescheduler',
108
-                       'kubeproxy_options': '--kubeproxy'},
109
+                       'kubeproxy_options': '--kubeproxy',
110
+                       'influx_grafana_dashboard_enabled': 'True'},
109 111
             'master_flavor_id': 'master_flavor_id',
110 112
             'flavor_id': 'flavor_id',
111 113
         }
@@ -183,6 +185,7 @@ class TestClusterConductorWithK8s(base.TestCase):
183 185
                        'prometheus_monitoring': 'False',
184 186
                        'grafana_admin_passwd': 'fake_pwd',
185 187
                        'kube_dashboard_enabled': 'True',
188
+                       'influx_grafana_dashboard_enabled': 'True',
186 189
                        'docker_volume_type': 'lvmdriver-1',
187 190
                        'etcd_volume_size': None,
188 191
                        'availability_zone': 'az_1',
@@ -230,6 +233,7 @@ class TestClusterConductorWithK8s(base.TestCase):
230 233
             'prometheus_monitoring': 'False',
231 234
             'grafana_admin_passwd': 'fake_pwd',
232 235
             'kube_dashboard_enabled': 'True',
236
+            'influx_grafana_dashboard_enabled': 'True',
233 237
             'http_proxy': 'http_proxy',
234 238
             'https_proxy': 'https_proxy',
235 239
             'no_proxy': 'no_proxy',
@@ -328,6 +332,7 @@ class TestClusterConductorWithK8s(base.TestCase):
328 332
             'prometheus_monitoring': 'False',
329 333
             'grafana_admin_passwd': 'fake_pwd',
330 334
             'kube_dashboard_enabled': 'True',
335
+            'influx_grafana_dashboard_enabled': 'True',
331 336
             'http_proxy': 'http_proxy',
332 337
             'https_proxy': 'https_proxy',
333 338
             'magnum_url': 'http://127.0.0.1:9511/v1',
@@ -429,6 +434,7 @@ class TestClusterConductorWithK8s(base.TestCase):
429 434
             'prometheus_monitoring': 'False',
430 435
             'grafana_admin_passwd': 'fake_pwd',
431 436
             'kube_dashboard_enabled': 'True',
437
+            'influx_grafana_dashboard_enabled': 'True',
432 438
             'docker_volume_type': 'lvmdriver-1',
433 439
             'etcd_volume_size': None,
434 440
             'insecure_registry_url': '10.0.0.1:5000',
@@ -522,6 +528,7 @@ class TestClusterConductorWithK8s(base.TestCase):
522 528
             'prometheus_monitoring': 'False',
523 529
             'grafana_admin_passwd': 'fake_pwd',
524 530
             'kube_dashboard_enabled': 'True',
531
+            'influx_grafana_dashboard_enabled': 'True',
525 532
             'tls_disabled': False,
526 533
             'registry_enabled': False,
527 534
             'trustee_domain_id': self.mock_keystone.trustee_domain_id,
@@ -603,6 +610,7 @@ class TestClusterConductorWithK8s(base.TestCase):
603 610
             'prometheus_monitoring': 'False',
604 611
             'grafana_admin_passwd': 'fake_pwd',
605 612
             'kube_dashboard_enabled': 'True',
613
+            'influx_grafana_dashboard_enabled': 'True',
606 614
             'tls_disabled': False,
607 615
             'registry_enabled': False,
608 616
             'trustee_domain_id': self.mock_keystone.trustee_domain_id,
@@ -781,6 +789,7 @@ class TestClusterConductorWithK8s(base.TestCase):
781 789
             'prometheus_monitoring': 'False',
782 790
             'grafana_admin_passwd': 'fake_pwd',
783 791
             'kube_dashboard_enabled': 'True',
792
+            'influx_grafana_dashboard_enabled': 'True',
784 793
             'username': 'fake_user',
785 794
             'cluster_uuid': self.cluster_dict['uuid'],
786 795
             'magnum_url': self.mock_osc.magnum_url.return_value,

+ 8
- 0
magnum/tests/unit/drivers/test_template_definition.py View File

@@ -266,6 +266,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
266 266
             'grafana_admin_passwd')
267 267
         kube_dashboard_enabled = mock_cluster.labels.get(
268 268
             'kube_dashboard_enabled')
269
+        influx_grafana_dashboard_enabled = mock_cluster.labels.get(
270
+            'influx_grafana_dashboard_enabled')
269 271
         docker_volume_type = mock_cluster.labels.get(
270 272
             'docker_volume_type')
271 273
         etcd_volume_size = mock_cluster.labels.get(
@@ -322,6 +324,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
322 324
             'prometheus_monitoring': prometheus_monitoring,
323 325
             'grafana_admin_passwd': grafana_admin_passwd,
324 326
             'kube_dashboard_enabled': kube_dashboard_enabled,
327
+            'influx_grafana_dashboard_enabled':
328
+                influx_grafana_dashboard_enabled,
325 329
             'docker_volume_type': docker_volume_type,
326 330
             'etcd_volume_size': etcd_volume_size,
327 331
             'kubelet_options': kubelet_options,
@@ -398,6 +402,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
398 402
             'grafana_admin_passwd')
399 403
         kube_dashboard_enabled = mock_cluster.labels.get(
400 404
             'kube_dashboard_enabled')
405
+        influx_grafana_dashboard_enabled = mock_cluster.labels.get(
406
+            'influx_grafana_dashboard_enabled')
401 407
         docker_volume_type = mock_cluster.labels.get(
402 408
             'docker_volume_type')
403 409
         etcd_volume_size = mock_cluster.labels.get(
@@ -454,6 +460,8 @@ class AtomicK8sTemplateDefinitionTestCase(BaseTemplateDefinitionTestCase):
454 460
             'prometheus_monitoring': prometheus_monitoring,
455 461
             'grafana_admin_passwd': grafana_admin_passwd,
456 462
             'kube_dashboard_enabled': kube_dashboard_enabled,
463
+            'influx_grafana_dashboard_enabled':
464
+                influx_grafana_dashboard_enabled,
457 465
             'docker_volume_type': docker_volume_type,
458 466
             'etcd_volume_size': etcd_volume_size,
459 467
             'kubelet_options': kubelet_options,

+ 8
- 0
releasenotes/notes/update-kubernetes-dashboard-5196831c32d55aee.yaml View File

@@ -0,0 +1,8 @@
1
+---
2
+features:
3
+  - |
4
+    Update kubernetes dashboard to `v1.8.3` which is compatible via kubectl
5
+    proxy. Addionally, heapster is deployed as standalone deployemt and the
6
+    user can enable a grafana-influx stack with the
7
+    `influx_grafana_dashboard_enabled` label. See the kubernetes dashboard
8
+    documenation for more details. https://github.com/kubernetes/dashboard/wiki

Loading…
Cancel
Save