From e4a00028a9a4400fe1c878f12842ff03035f8c2b Mon Sep 17 00:00:00 2001 From: Filip Pytloun Date: Wed, 25 Jan 2017 18:22:19 +0100 Subject: [PATCH] Retire project Change-Id: I290fe34314c62807ab48be73b6a0442bb4c827cd --- .gitignore | 4 - .gitreview | 4 - CHANGELOG.rst | 34 - LICENSE | 175 ---- Makefile | 26 - README.rst | 757 +----------------- VERSION | 1 - bindep.txt | 1 - kubernetes/_common.sls | 118 --- kubernetes/control/cluster.sls | 153 ---- kubernetes/control/init.sls | 3 - kubernetes/files/basic_auth.csv | 2 - .../files/calico/calico-node.service.master | 46 -- .../files/calico/calico-node.service.pool | 46 -- kubernetes/files/calico/calico.conf | 13 - .../files/calico/network-environment.master | 7 - .../files/calico/network-environment.pool | 10 - kubernetes/files/configmap.yml | 18 - kubernetes/files/flannel/default.master | 3 - kubernetes/files/flannel/default.pool | 3 - kubernetes/files/flannel/network.json | 9 - .../files/glusterfs/glusterfs-endpoints.yml | 12 - kubernetes/files/glusterfs/glusterfs-svc.yml | 8 - kubernetes/files/job.yml | 89 -- kubernetes/files/known_tokens.csv | 13 - .../dashboard/dashboard-address.yaml | 17 - .../dashboard/dashboard-controller.yaml | 43 - .../dashboard/dashboard-endpoint.yaml | 16 - .../dashboard/dashboard-service.yaml | 18 - .../files/kube-addons/dns/skydns-rc.yaml | 104 --- .../files/kube-addons/dns/skydns-svc.yaml | 21 - .../heapster-influxdb/heapster-address.yaml | 18 - .../heapster-controller.yaml | 30 - .../heapster-influxdb/heapster-endpoint.yaml | 17 - .../heapster-influxdb/heapster-service.yaml | 13 - .../influxdb-controller.yaml | 25 - .../heapster-influxdb/influxdb-service.yaml | 17 - .../kube-addons/registry/registry-rc.yaml | 59 -- .../files/kube-addons/registry/registry.svc | 17 - kubernetes/files/kube-proxy/proxy.kubeconfig | 20 - kubernetes/files/kubelet/default.master | 4 - kubernetes/files/kubelet/default.pool | 4 - kubernetes/files/kubelet/kubelet.kubeconfig | 24 - kubernetes/files/kubernetes.grain | 7 - .../manifest/contrail-vrouter-agent.manifest | 47 -- .../files/manifest/flannel-server.manifest | 78 -- .../files/manifest/kube-apiserver.manifest | 84 -- .../manifest/kube-controller-manager.manifest | 64 -- .../manifest/kube-network-manager.manifest | 24 - .../files/manifest/kube-proxy.manifest.pool | 52 -- .../files/manifest/kube-scheduler.manifest | 42 - kubernetes/files/opencontrail/network.conf | 15 - kubernetes/files/rc.yml | 211 ----- kubernetes/files/svc.yml | 25 - .../files/systemd/kube-apiserver.service | 30 - .../systemd/kube-controller-manager.service | 21 - kubernetes/files/systemd/kube-proxy.service | 22 - .../files/systemd/kube-scheduler.service | 22 - kubernetes/files/systemd/kubelet.service | 30 - kubernetes/init.sls | 13 - kubernetes/map.jinja | 44 - kubernetes/master/calico.sls | 40 - kubernetes/master/controller.sls | 170 ---- kubernetes/master/flannel.sls | 66 -- kubernetes/master/glusterfs.sls | 22 - kubernetes/master/init.sls | 20 - kubernetes/master/kube-addons.sls | 122 --- .../master/opencontrail-network-manager.sls | 23 - kubernetes/master/service.sls | 8 - kubernetes/master/setup.sls | 15 - kubernetes/meta/sphinx.yml | 15 - kubernetes/pool/calico.sls | 88 -- kubernetes/pool/cni.sls | 39 - kubernetes/pool/flannel.sls | 31 - kubernetes/pool/init.sls | 12 - kubernetes/pool/kube-proxy.sls | 52 -- kubernetes/pool/kubelet.sls | 31 - kubernetes/pool/service.sls | 24 - metadata.yml | 3 - metadata/service/common.yml | 5 - metadata/service/control/cluster.yml | 6 - metadata/service/master/cluster.yml | 65 -- metadata/service/master/single.yml | 57 -- metadata/service/pool/cluster.yml | 43 - metadata/service/pool/single.yml | 36 - metadata/service/support.yml | 11 - tests/pillar/master_cluster.sls | 66 -- tests/pillar/pool_cluster.sls | 51 -- tests/run_tests.sh | 163 ---- 89 files changed, 7 insertions(+), 4130 deletions(-) delete mode 100644 .gitignore delete mode 100644 .gitreview delete mode 100644 CHANGELOG.rst delete mode 100644 LICENSE delete mode 100644 Makefile delete mode 100644 VERSION delete mode 100644 bindep.txt delete mode 100644 kubernetes/_common.sls delete mode 100644 kubernetes/control/cluster.sls delete mode 100644 kubernetes/control/init.sls delete mode 100644 kubernetes/files/basic_auth.csv delete mode 100644 kubernetes/files/calico/calico-node.service.master delete mode 100644 kubernetes/files/calico/calico-node.service.pool delete mode 100644 kubernetes/files/calico/calico.conf delete mode 100644 kubernetes/files/calico/network-environment.master delete mode 100644 kubernetes/files/calico/network-environment.pool delete mode 100644 kubernetes/files/configmap.yml delete mode 100644 kubernetes/files/flannel/default.master delete mode 100644 kubernetes/files/flannel/default.pool delete mode 100644 kubernetes/files/flannel/network.json delete mode 100644 kubernetes/files/glusterfs/glusterfs-endpoints.yml delete mode 100644 kubernetes/files/glusterfs/glusterfs-svc.yml delete mode 100644 kubernetes/files/job.yml delete mode 100644 kubernetes/files/known_tokens.csv delete mode 100644 kubernetes/files/kube-addons/dashboard/dashboard-address.yaml delete mode 100644 kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml delete mode 100644 kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml delete mode 100644 kubernetes/files/kube-addons/dashboard/dashboard-service.yaml delete mode 100644 kubernetes/files/kube-addons/dns/skydns-rc.yaml delete mode 100644 kubernetes/files/kube-addons/dns/skydns-svc.yaml delete mode 100644 kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml delete mode 100644 kubernetes/files/kube-addons/heapster-influxdb/heapster-controller.yaml delete mode 100644 kubernetes/files/kube-addons/heapster-influxdb/heapster-endpoint.yaml delete mode 100644 kubernetes/files/kube-addons/heapster-influxdb/heapster-service.yaml delete mode 100644 kubernetes/files/kube-addons/heapster-influxdb/influxdb-controller.yaml delete mode 100644 kubernetes/files/kube-addons/heapster-influxdb/influxdb-service.yaml delete mode 100644 kubernetes/files/kube-addons/registry/registry-rc.yaml delete mode 100644 kubernetes/files/kube-addons/registry/registry.svc delete mode 100644 kubernetes/files/kube-proxy/proxy.kubeconfig delete mode 100644 kubernetes/files/kubelet/default.master delete mode 100644 kubernetes/files/kubelet/default.pool delete mode 100644 kubernetes/files/kubelet/kubelet.kubeconfig delete mode 100644 kubernetes/files/kubernetes.grain delete mode 100644 kubernetes/files/manifest/contrail-vrouter-agent.manifest delete mode 100644 kubernetes/files/manifest/flannel-server.manifest delete mode 100644 kubernetes/files/manifest/kube-apiserver.manifest delete mode 100644 kubernetes/files/manifest/kube-controller-manager.manifest delete mode 100644 kubernetes/files/manifest/kube-network-manager.manifest delete mode 100644 kubernetes/files/manifest/kube-proxy.manifest.pool delete mode 100644 kubernetes/files/manifest/kube-scheduler.manifest delete mode 100644 kubernetes/files/opencontrail/network.conf delete mode 100644 kubernetes/files/rc.yml delete mode 100644 kubernetes/files/svc.yml delete mode 100644 kubernetes/files/systemd/kube-apiserver.service delete mode 100644 kubernetes/files/systemd/kube-controller-manager.service delete mode 100644 kubernetes/files/systemd/kube-proxy.service delete mode 100644 kubernetes/files/systemd/kube-scheduler.service delete mode 100644 kubernetes/files/systemd/kubelet.service delete mode 100644 kubernetes/init.sls delete mode 100644 kubernetes/map.jinja delete mode 100644 kubernetes/master/calico.sls delete mode 100644 kubernetes/master/controller.sls delete mode 100644 kubernetes/master/flannel.sls delete mode 100644 kubernetes/master/glusterfs.sls delete mode 100644 kubernetes/master/init.sls delete mode 100644 kubernetes/master/kube-addons.sls delete mode 100644 kubernetes/master/opencontrail-network-manager.sls delete mode 100644 kubernetes/master/service.sls delete mode 100644 kubernetes/master/setup.sls delete mode 100644 kubernetes/meta/sphinx.yml delete mode 100644 kubernetes/pool/calico.sls delete mode 100644 kubernetes/pool/cni.sls delete mode 100644 kubernetes/pool/flannel.sls delete mode 100644 kubernetes/pool/init.sls delete mode 100644 kubernetes/pool/kube-proxy.sls delete mode 100644 kubernetes/pool/kubelet.sls delete mode 100644 kubernetes/pool/service.sls delete mode 100644 metadata.yml delete mode 100644 metadata/service/common.yml delete mode 100644 metadata/service/control/cluster.yml delete mode 100644 metadata/service/master/cluster.yml delete mode 100644 metadata/service/master/single.yml delete mode 100644 metadata/service/pool/cluster.yml delete mode 100644 metadata/service/pool/single.yml delete mode 100644 metadata/service/support.yml delete mode 100644 tests/pillar/master_cluster.sls delete mode 100644 tests/pillar/pool_cluster.sls delete mode 100755 tests/run_tests.sh diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 1bfce6e..0000000 --- a/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -tests/build/ -*.swp -*.pyc -.ropeproject \ No newline at end of file diff --git a/.gitreview b/.gitreview deleted file mode 100644 index 689b954..0000000 --- a/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/salt-formula-kubernetes.git diff --git a/CHANGELOG.rst b/CHANGELOG.rst deleted file mode 100644 index ab6845b..0000000 --- a/CHANGELOG.rst +++ /dev/null @@ -1,34 +0,0 @@ -kubernetes formula -================== - -2017.1.2 (2017-01-19) - -- fix cni copy order - -2017.1.1 (2017-01-18) - -- move basic k8s setup to common -- copy cni from hyperkube -- configurable calico node image -- use calico/cni image for obtaining cnis -- use calico/ctl image for obtaining calicoctl binary -- add cross requirement for k8s services and hyperkube -- update metadata for new pillar model -- update manifests to use hyperkube from common - - -2016.8.3 (2016-08-12) - -- remove obsolete kube-addons scripts - -2016.8.2 (2016-08-10) - -- minor fixes - -2016.8.1 (2016-08-05) - -- second release - -0.0.1 (2016-06-13) - -- Initial formula setup diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 19dc35b..0000000 --- a/LICENSE +++ /dev/null @@ -1,175 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. \ No newline at end of file diff --git a/Makefile b/Makefile deleted file mode 100644 index fc83783..0000000 --- a/Makefile +++ /dev/null @@ -1,26 +0,0 @@ -DESTDIR=/ -SALTENVDIR=/usr/share/salt-formulas/env -RECLASSDIR=/usr/share/salt-formulas/reclass -FORMULANAME=$(shell grep name: metadata.yml|head -1|cut -d : -f 2|grep -Eo '[a-z0-9\-]*') - -all: - @echo "make install - Install into DESTDIR" - @echo "make test - Run tests" - @echo "make clean - Cleanup after tests run" - -install: - # Formula - [ -d $(DESTDIR)/$(SALTENVDIR) ] || mkdir -p $(DESTDIR)/$(SALTENVDIR) - cp -a $(FORMULANAME) $(DESTDIR)/$(SALTENVDIR)/ - [ ! -d _modules ] || cp -a _modules $(DESTDIR)/$(SALTENVDIR)/ - [ ! -d _states ] || cp -a _states $(DESTDIR)/$(SALTENVDIR)/ || true - # Metadata - [ -d $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME) ] || mkdir -p $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME) - cp -a metadata/service/* $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME) - -test: - [ ! -d tests ] || (cd tests; ./run_tests.sh) - -clean: - [ ! -d tests/build ] || rm -rf tests/build - [ ! -d build ] || rm -rf build diff --git a/README.rst b/README.rst index 4f7a3e3..9a46d82 100644 --- a/README.rst +++ b/README.rst @@ -1,752 +1,9 @@ +Project moved +============= -================== -Kubernetes Formula -================== +This repository as a part of openstack-salt project was moved to join rest of +salt-formulas ecosystem. -Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. - -This formula deploys production ready Kubernetes and generate Kubernetes manifests as well. - -Based on official Kubernetes salt -https://github.com/kubernetes/kubernetes/tree/master/cluster/saltbase - -Extended on Contrail contribution https://github.com/Juniper/kubernetes/blob/opencontrail-integration/docs/getting-started-guides/opencontrail.md - - -Sample pillars -============== - -**REQUIRED:** Define image to use for hyperkube, CNIs and calicoctl image - -.. code-block:: yaml - - parameters: - kubernetes: - common: - hyperkube: - image: gcr.io/google_containers/hyperkube:v1.4.6 - pool: - network: - calicoctl: - image: calico/ctl - cni: - image: calico/cni - - -Containers on pool definitions in pool.service.local - -.. code-block:: yaml - - parameters: - kubernetes: - pool: - service: - local: - enabled: False - service: libvirt - cluster: openstack-compute - namespace: default - role: ${linux:system:name} - type: LoadBalancer - kind: Deployment - apiVersion: extensions/v1beta1 - replicas: 1 - host_pid: True - nodeSelector: - - key: openstack - value: ${linux:system:name} - hostNetwork: True - container: - libvirt-compute: - privileged: True - image: ${_param:docker_repository}/libvirt-compute - tag: ${_param:openstack_container_tag} - -Master definition - -.. code-block:: yaml - - kubernetes: - master: - addons: - dns: - domain: cluster.local - enabled: true - replicas: 1 - server: 10.254.0.10 - admin: - password: password - username: admin - apiserver: - address: 10.0.175.100 - port: 8080 - ca: kubernetes - enabled: true - etcd: - host: 127.0.0.1 - members: - - host: 10.0.175.100 - name: node040 - name: node040 - token: ca939ec9c2a17b0786f6d411fe019e9b - kubelet: - allow_privileged: true - network: - engine: calico - hash: fb5e30ebe6154911a66ec3fb5f1195b2 - private_ip_range: 10.150.0.0/16 - version: v0.19.0 - service_addresses: 10.254.0.0/16 - storage: - engine: glusterfs - members: - - host: 10.0.175.101 - port: 24007 - - host: 10.0.175.102 - port: 24007 - - host: 10.0.175.103 - port: 24007 - port: 24007 - token: - admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv - controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx - dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3 - kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe - kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r - logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf - monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd - scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk - version: v1.2.4 - - - kubernetes: - pool: - address: 0.0.0.0 - allow_privileged: true - ca: kubernetes - cluster_dns: 10.254.0.10 - cluster_domain: cluster.local - enabled: true - kubelet: - allow_privileged: true - config: /etc/kubernetes/manifests - frequency: 5s - master: - apiserver: - members: - - host: 10.0.175.100 - etcd: - members: - - host: 10.0.175.100 - host: 10.0.175.100 - network: - engine: calico - hash: fb5e30ebe6154911a66ec3fb5f1195b2 - version: v0.19.0 - token: - kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe - kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r - version: v1.2.4 - - - -Kubernetes with OpenContrail network plugin ------------------------------------------------- - -On Master: - -.. code-block:: yaml - - kubernetes: - master: - network: - engine: opencontrail - host: 10.0.170.70 - port: 8082 - default_domain: default-domain - default_project: default-domain:default-project - public_network: default-domain:default-project:Public - public_ip_range: 185.22.97.128/26 - private_ip_range: 10.150.0.0/16 - service_cluster_ip_range: 10.254.0.0/16 - network_label: name - service_label: uses - cluster_service: kube-system/default - network_manager: - image: pupapaik/opencontrail-kube-network-manager - tag: release-1.1-jpa-final-1 - -On pools: - -.. code-block:: yaml - - kubernetes: - pool: - network: - engine: opencontrail - -Kubernetes control plane running in systemd -------------------------------------------- - -By default kube-apiserver, kube-scheduler, kube-controllermanager, kube-proxy, etcd running in docker containers through manifests. For stable production environment this should be run in systemd. - -.. code-block:: yaml - - kubernetes: - master: - container: false - - kubernetes: - pool: - container: false - -Because k8s services run under kube user without root privileges, there is need to change secure port for apiserver. - -.. code-block:: yaml - - kubernetes: - master: - apiserver: - secure_port: 8081 - -Kubernetes with Flannel ------------------------ - -On Master: - -.. code-block:: yaml - - kubernetes: - master: - network: - engine: flannel - # If you don't register master as node: - etcd: - members: - - host: 10.0.175.101 - port: 4001 - - host: 10.0.175.102 - port: 4001 - - host: 10.0.175.103 - port: 4001 - common: - network: - engine: flannel - -On pools: - -.. code-block:: yaml - - kubernetes: - pool: - network: - engine: flannel - etcd: - members: - - host: 10.0.175.101 - port: 4001 - - host: 10.0.175.102 - port: 4001 - - host: 10.0.175.103 - port: 4001 - common: - network: - engine: flannel - -Kubernetes with Calico ------------------------ - -On Master: - -.. code-block:: yaml - - kubernetes: - master: - network: - engine: calico - # If you don't register master as node: - etcd: - members: - - host: 10.0.175.101 - port: 4001 - - host: 10.0.175.102 - port: 4001 - - host: 10.0.175.103 - port: 4001 - -On pools: - -.. code-block:: yaml - - kubernetes: - pool: - network: - engine: calico - etcd: - members: - - host: 10.0.175.101 - port: 4001 - - host: 10.0.175.102 - port: 4001 - - host: 10.0.175.103 - port: 4001 - -Post deployment configuration - -.. code-block:: bash - - # set ETCD - export ETCD_AUTHORITY=10.0.111.201:4001 - - # Set NAT for pods subnet - calicoctl pool add 192.168.0.0/16 --nat-outgoing - - # Status commands - calicoctl status - calicoctl node show - -Kubernetes with GlusterFS for storage ---------------------------------------------- - -.. code-block:: yaml - - kubernetes: - master - ... - storage: - engine: glusterfs - port: 24007 - members: - - host: 10.0.175.101 - port: 24007 - - host: 10.0.175.102 - port: 24007 - - host: 10.0.175.103 - port: 24007 - ... - -Kubernetes namespaces ---------------------- - -Create namespace: - -.. code-block:: yaml - - kubernetes: - master - ... - namespace: - kube-system: - enabled: True - namespace2: - enabled: True - namespace3: - enabled: False - ... - -Kubernetes labels ------------------ - -Create namespace: - -.. code-block:: yaml - - kubernetes: - pool - ... - host: - label: - key01: - value: value01 - enable: True - key02: - value: value02 - enable: False - name: ${linux:system:name} - ... - -Pull images from private registries ------------------------------------ - -.. code-block:: yaml - - kubernetes: - master - ... - registry: - secret: - registry01: - enabled: True - key: (get from `cat /root/.docker/config.json | base64`) - namespace: default - ... - control: - ... - service: - service01: - ... - image_pull_secretes: registry01 - ... - -Kubernetes Service Definitions in pillars -========================================== - -Following samples show how to generate kubernetes manifest as well and provide single tool for complete infrastructure management. - -Deployment manifest ---------------------- - -.. code-block:: yaml - - salt: - control: - enabled: True - hostNetwork: True - service: - memcached: - privileged: True - service: memcached - role: server - type: LoadBalancer - replicas: 3 - kind: Deployment - apiVersion: extensions/v1beta1 - ports: - - port: 8774 - name: nova-api - - port: 8775 - name: nova-metadata - volume: - volume_name: - type: hostPath - mount: /certs - path: /etc/certs - container: - memcached: - image: memcached - tag:2 - ports: - - port: 8774 - name: nova-api - - port: 8775 - name: nova-metadata - variables: - - name: HTTP_TLS_CERTIFICATE: - value: /certs/domain.crt - - name: HTTP_TLS_KEY - value: /certs/domain.key - volumes: - - name: /etc/certs - type: hostPath - mount: /certs - path: /etc/certs - -PetSet manifest ---------------------- - -.. code-block:: yaml - - service: - memcached: - apiVersion: apps/v1alpha1 - kind: PetSet - service_name: 'memcached' - container: - memcached: - ... - - -Configmap ---------- - -You are able to create configmaps using support layer between formulas. -It works simple, eg. in nova formula there's file ``meta/config.yml`` which -defines config files used by that service and roles. - -Kubernetes formula is able to generate these files using custom pillar and -grains structure. This way you are able to run docker images built by any way -while still re-using your configuration management. - -Example pillar: - -.. code-block:: bash - - kubernetes: - control: - config_type: default|kubernetes # Output is yaml k8s or default single files - configmap: - nova-control: - grains: - # Alternate grains as OS running in container may differ from - # salt minion OS. Needed only if grains matters for config - # generation. - os_family: Debian - pillar: - # Generic pillar for nova controller - nova: - controller: - enabled: true - versionn: liberty - ... - -To tell which services supports config generation, you need to ensure pillar -structure like this to determine support: - -.. code-block:: yaml - - nova: - _support: - config: - enabled: true - -initContainers --------------- - -Example pillar: - -.. code-block:: bash - - kubernetes: - control: - service: - memcached: - init_containers: - - name: test-mysql - image: busybox - command: - - sleep - - 3600 - volumes: - - name: config - mount: /test - - name: test-memcached - image: busybox - command: - - sleep - - 3600 - volumes: - - name: config - mount: /test - -Affinity --------- - -podAffinity -=========== - -Example pillar: - -.. code-block:: bash - - kubernetes: - control: - service: - memcached: - affinity: - pod_affinity: - name: podAffinity - expression: - label_selector: - name: labelSelector - selectors: - - key: app - value: memcached - topology_key: kubernetes.io/hostname - -podAntiAffinity -=============== - -Example pillar: - -.. code-block:: bash - - kubernetes: - control: - service: - memcached: - affinity: - anti_affinity: - name: podAntiAffinity - expression: - label_selector: - name: labelSelector - selectors: - - key: app - value: opencontrail-control - topology_key: kubernetes.io/hostname - -nodeAffinity -=============== - -Example pillar: - -.. code-block:: bash - - kubernetes: - control: - service: - memcached: - affinity: - node_affinity: - name: nodeAffinity - expression: - match_expressions: - name: matchExpressions - selectors: - - key: key - operator: In - values: - - value1 - - value2 - -Volumes -------- - -hostPath -========== - -.. code-block:: yaml - - service: - memcached: - container: - memcached: - volumes: - - name: volume1 - mountPath: /volume - readOnly: True - ... - volume: - volume1: - name: /etc/certs - type: hostPath - path: /etc/certs - -emptyDir -======== - -.. code-block:: yaml - - service: - memcached: - container: - memcached: - volumes: - - name: volume1 - mountPath: /volume - readOnly: True - ... - volume: - volume1: - name: /etc/certs - type: emptyDir - -configMap -========= - -.. code-block:: yaml - - service: - memcached: - container: - memcached: - volumes: - - name: volume1 - mountPath: /volume - readOnly: True - ... - volume: - volume1: - type: config_map - item: - configMap1: - key: config.conf - path: config.conf - configMap2: - key: policy.json - path: policy.json - -To mount single configuration file instead of whole directory: - -.. code-block:: yaml - - service: - memcached: - container: - memcached: - volumes: - - name: volume1 - mountPath: /volume/config.conf - sub_path: config.conf - -Generating Jobs -=============== - -Example pillar: - -.. code-block:: yaml - - kubernetes: - control: - job: - sleep: - job: sleep - restart_policy: Never - container: - sleep: - image: busybox - tag: latest - command: - - sleep - - "3600" - -Volumes and Variables can be used as the same way as during Deployment generation. - -Custom params: - -.. code-block:: yaml - - kubernetes: - control: - job: - host_network: True - host_pid: True - container: - sleep: - privileged: True - node_selector: - key: node - value: one - image_pull_secretes: password - -Documentation and Bugs -====================== - -To learn how to deploy OpenStack Salt, consult the documentation available -online at: - - https://wiki.openstack.org/wiki/OpenStackSalt - -In the unfortunate event that bugs are discovered, they should be reported to -the appropriate bug tracker. If you obtained the software from a 3rd party -operating system vendor, it is often wise to use their own bug tracker for -reporting problems. In all other cases use the master OpenStack bug tracker, -available at: - - http://bugs.launchpad.net/openstack-salt - -Developers wishing to work on the OpenStack Salt project should always base -their work on the latest formulas code, available from the master GIT -repository at: - - https://git.openstack.org/cgit/openstack/salt-formula-kubernetes - -Developers should also join the discussion on the IRC list, at: - - https://wiki.openstack.org/wiki/Meetings/openstack-salt - -Copyright and authors -===================== - -(c) 2016 tcp cloud a.s. -(c) 2016 OpenStack Foundation +Github: https://github.com/salt-formulas +Launchpad https://launchpad.net/salt-formulas +IRC: #salt-formulas @ irc.freenode.net diff --git a/VERSION b/VERSION deleted file mode 100644 index 170fa1a..0000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -2017.1.2 diff --git a/bindep.txt b/bindep.txt deleted file mode 100644 index ba84cc5..0000000 --- a/bindep.txt +++ /dev/null @@ -1 +0,0 @@ -python-yaml diff --git a/kubernetes/_common.sls b/kubernetes/_common.sls deleted file mode 100644 index 347048f..0000000 --- a/kubernetes/_common.sls +++ /dev/null @@ -1,118 +0,0 @@ -{% from "kubernetes/map.jinja" import common with context %} - -kubernetes_pkgs: - pkg.installed: - - names: {{ common.pkgs }} - -{%- if common.network.get('engine', 'none') == 'flannel' %} -flannel-tar: - archive: - - extracted - - user: root - - name: /usr/local/src - - makedirs: True - - source: https://storage.googleapis.com/kubernetes-release/flannel/flannel-0.5.5-linux-amd64.tar.gz - - tar_options: v - - source_hash: md5=972c717254775bef528f040af804f2cc - - archive_format: tar - - if_missing: /usr/local/src/flannel/flannel-0.5.5/ -{%- endif %} - -{%- if common.hyperkube %} -/tmp/hyperkube: - file.directory: - - user: root - - group: root - -hyperkube-copy: - dockerng.running: - - image: {{ common.hyperkube.image }} - - command: cp -v /hyperkube /tmp/hyperkube - - binds: - - /tmp/hyperkube/:/tmp/hyperkube/ - - force: True - - require: - - file: /tmp/hyperkube - -/usr/bin/hyperkube: - file.managed: - - source: /tmp/hyperkube/hyperkube - - mode: 751 - - makedirs: true - - user: root - - group: root - - require: - - dockerng: hyperkube-copy - -/usr/bin/kubectl: - file.symlink: - - target: /usr/bin/hyperkube - - require: - - file: /usr/bin/hyperkube - -/etc/systemd/system/kubelet.service: - file.managed: - - source: salt://kubernetes/files/systemd/kubelet.service - - template: jinja - - user: root - - group: root - - mode: 644 - -/etc/kubernetes/config: - file.absent - -/etc/kubernetes/manifests: - file.directory: - - user: root - - group: root - - mode: 0751 - -{%- if not pillar.kubernetes.pool is defined %} - -/etc/default/kubelet: - file.managed: - - source: salt://kubernetes/files/kubelet/default.master - - template: jinja - - user: root - - group: root - - mode: 644 - -{%- else %} - -/etc/default/kubelet: - file.managed: - - source: salt://kubernetes/files/kubelet/default.pool - - template: jinja - - user: root - - group: root - - mode: 644 - -{%- endif %} - -manifest_dir_create: - file.directory: - - name: /etc/kubernetes/manifests - - user: root - - group: root - - mode: 0751 - -/etc/kubernetes/kubelet.kubeconfig: - file.managed: - - source: salt://kubernetes/files/kubelet/kubelet.kubeconfig - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - -kubelet_service: - service.running: - - name: kubelet - - enable: True - - watch: - - file: /etc/default/kubelet - - file: /usr/bin/hyperkube - - file: /etc/kubernetes/kubelet.kubeconfig - - file: manifest_dir_create - -{% endif %} diff --git a/kubernetes/control/cluster.sls b/kubernetes/control/cluster.sls deleted file mode 100644 index f597c40..0000000 --- a/kubernetes/control/cluster.sls +++ /dev/null @@ -1,153 +0,0 @@ -{% from "kubernetes/map.jinja" import control with context %} -{%- if control.enabled %} - -/srv/kubernetes: - file.directory: - - makedirs: true - -{%- if control.job is defined %} - -{%- for job_name, job in control.job.iteritems() %} - -/srv/kubernetes/jobs/{{ job_name }}-job.yml: - file.managed: - - source: salt://kubernetes/files/job.yml - - user: root - - group: root - - template: jinja - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - job: {{ job|yaml }} - -{%- endfor %} - -{%- endif %} - -{%- for service_name, service in control.service.iteritems() %} - -{%- if service.enabled %} - -/srv/kubernetes/services/{{ service.cluster }}/{{ service_name }}-svc.yml: - file.managed: - - source: salt://kubernetes/files/svc.yml - - user: root - - group: root - - template: jinja - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - service: {{ service|yaml }} - -{%- endif %} - -/srv/kubernetes/{{ service.kind|lower }}/{{ service_name }}-{{ service.kind }}.yml: - file.managed: - - source: salt://kubernetes/files/rc.yml - - user: root - - group: root - - template: jinja - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - service: {{ service|yaml }} - -{%- endfor %} - -{%- for node_name, node_grains in salt['mine.get']('*', 'grains.items').iteritems() %} - -{%- if node_grains.get('kubernetes', {}).service is defined %} - -{%- set service = node_grains.get('kubernetes', {}).get('service', {}) %} - -{%- if service.enabled %} - -/srv/kubernetes/services/{{ node_name }}-svc.yml: - file.managed: - - source: salt://kubernetes/files/svc.yml - - user: root - - group: root - - template: jinja - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - service: {{ service|yaml }} - -{%- endif %} -/srv/kubernetes/{{ service.kind|lower }}/{{ node_name }}-{{ service.kind }}.yml: - file.managed: - - source: salt://kubernetes/files/rc.yml - - user: root - - group: root - - template: jinja - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - service: {{ service|yaml }} - -{%- endif %} - -{%- endfor %} - -{%- for configmap_name, configmap in control.get('configmap', {}).iteritems() %} -{%- if configmap.enabled|default(True) %} - -{%- if configmap.pillar is defined %} -{%- if control.config_type == "default" %} - {%- for service_name in configmap.pillar.keys() %} - {%- if pillar.get(service_name, {}).get('_support', {}).get('config', {}).get('enabled', False) %} - - {%- set support_fragment_file = service_name+'/meta/config.yml' %} - {% macro load_support_file(pillar, grains) %}{% include support_fragment_file %}{% endmacro %} - - {%- set service_config_files = load_support_file(configmap.pillar, configmap.get('grains', {}))|load_yaml %} - {%- for service_config_name, service_config in service_config_files.config.iteritems() %} - -/srv/kubernetes/configmap/{{ configmap_name }}/{{ service_config_name }}: - file.managed: - - source: {{ service_config.source }} - - user: root - - group: root - - template: {{ service_config.template }} - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - pillar: {{ configmap.pillar|yaml }} - grains: {{ configmap.get('grains', {}) }} - - {%- endfor %} - {%- endif %} - {%- endfor %} - -{%- else %} - -/srv/kubernetes/configmap/{{ configmap_name }}.yml: - file.managed: - - source: salt://kubernetes/files/configmap.yml - - user: root - - group: root - - template: jinja - - makedirs: true - - require: - - file: /srv/kubernetes - - defaults: - configmap_name: {{ configmap_name }} - configmap: {{ configmap|yaml }} - grains: {{ configmap.get('grains', {}) }} - -{%- endif %} - -{%- else %} -{# TODO: configmap not using support between formulas #} -{%- endif %} - -{%- endif %} -{%- endfor %} - -{%- endif %} diff --git a/kubernetes/control/init.sls b/kubernetes/control/init.sls deleted file mode 100644 index 35c5745..0000000 --- a/kubernetes/control/init.sls +++ /dev/null @@ -1,3 +0,0 @@ - -include: -- kubernetes.control.cluster diff --git a/kubernetes/files/basic_auth.csv b/kubernetes/files/basic_auth.csv deleted file mode 100644 index 00ee9c6..0000000 --- a/kubernetes/files/basic_auth.csv +++ /dev/null @@ -1,2 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{{ master.admin.password }},{{ master.admin.username }},admin \ No newline at end of file diff --git a/kubernetes/files/calico/calico-node.service.master b/kubernetes/files/calico/calico-node.service.master deleted file mode 100644 index 66acefd..0000000 --- a/kubernetes/files/calico/calico-node.service.master +++ /dev/null @@ -1,46 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -[Unit] -Description=calico-node -After=docker.service -Requires=docker.service - -[Service] -ExecStartPre=-/usr/bin/docker rm -f calico-node -ExecStart=/usr/bin/docker run --net=host --privileged \ - --name=calico-node \ - -e HOSTNAME={{ master.host.name }} \ - -e IP={{ master.apiserver.address }} \ - -e IP6={{ master.get('ipv6_address', '') }} \ - {%- if master.network.calico_network_backend is defined %} - -e CALICO_NETWORKING_BACKEND="{{ master.network.calico_network_backend }}" - {%- endif %} - -e AS={{ master.network.get('as', '64512') }} \ - -e NO_DEFAULT_masterS={{ master.network.get('no_default_masters', false ) }} \ - -e CALICO_LIBNETWORK_ENABLED={{ master.network.get('libnetwork_enabled', true ) }} \ - -e ETCD_ENDPOINTS={% for member in master.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \ - {%- if master.network.etcd.ssl is defined %} - ##TO BE DONE - -e ETCD_CA_CERT_FILE= \ - -e ETCD_CERT_FILE= \ - -e ETCD_KEY_FILE= \ - -v {{ calico_cert_dir }}:{{ calico_cert_dir }}:ro \ - {{ calico_node_image_repo }}:{{ calico_node_image_tag }} - {%- endif %} - -v /var/log/calico:/var/log/calico \ - -v /run/docker/plugins:/run/docker/plugins \ - -v /lib/modules:/lib/modules \ - -v /var/run/calico:/var/run/calico \ - {%- if master.network.volumes is defined %} - {%- for volume in master.network.volumes %} - -v {{ volume }} \ - {%- endfor %} - {%- endif %} - {{ master.network.get('image', 'calico/node') }}:{{ master.network.get('image', 'latest') }} - -Restart=always -RestartSec=10s - -ExecStop=-/usr/bin/docker stop calico-node - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/kubernetes/files/calico/calico-node.service.pool b/kubernetes/files/calico/calico-node.service.pool deleted file mode 100644 index 08424a0..0000000 --- a/kubernetes/files/calico/calico-node.service.pool +++ /dev/null @@ -1,46 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -[Unit] -Description=calico-node -After=docker.service -Requires=docker.service - -[Service] -ExecStartPre=-/usr/bin/docker rm -f calico-node -ExecStart=/usr/bin/docker run --net=host --privileged \ - --name=calico-node \ - -e HOSTNAME={{ pool.host.name }} \ - -e IP={{ pool.address }} \ - -e IP6={{ pool.get('ipv6_address', '') }} \ - {%- if pool.network.calico_network_backend is defined %} - -e CALICO_NETWORKING_BACKEND="{{ pool.network.calico_network_backend }}" - {%- endif %} - -e AS={{ pool.network.get('as', '64512') }} \ - -e NO_DEFAULT_POOLS={{ pool.network.get('no_default_pools', false ) }} \ - -e CALICO_LIBNETWORK_ENABLED={{ pool.network.get('libnetwork_enabled', true ) }} \ - -e ETCD_ENDPOINTS={% for member in pool.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \ - {%- if pool.network.etcd.ssl is defined %} - ##TO BE DONE - -e ETCD_CA_CERT_FILE= \ - -e ETCD_CERT_FILE= \ - -e ETCD_KEY_FILE= \ - -v {{ calico_cert_dir }}:{{ calico_cert_dir }}:ro \ - {{ calico_node_image_repo }}:{{ calico_node_image_tag }} - {%- endif %} - -v /var/log/calico:/var/log/calico \ - -v /run/docker/plugins:/run/docker/plugins \ - -v /lib/modules:/lib/modules \ - -v /var/run/calico:/var/run/calico \ - {%- if pool.network.volumes is defined %} - {%- for volume in pool.network.volumes %} - -v {{ volume }} \ - {%- endfor %} - {%- endif %} - {{ pool.network.get('image', 'calico/node') }} - -Restart=always -RestartSec=10s - -ExecStop=-/usr/bin/docker stop calico-node - -[Install] -WantedBy=multi-user.target diff --git a/kubernetes/files/calico/calico.conf b/kubernetes/files/calico/calico.conf deleted file mode 100644 index 97810eb..0000000 --- a/kubernetes/files/calico/calico.conf +++ /dev/null @@ -1,13 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{ - "name": "calico-k8s-network", - "type": "calico", - "etcd_endpoints": "{% for member in pool.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %}", - "log_level": "info", - "ipam": { - "type": "calico-ipam" - }, - "kubernetes": { - "kubeconfig": "/etc/kubernetes/kubelet.kubeconfig" - } -} \ No newline at end of file diff --git a/kubernetes/files/calico/network-environment.master b/kubernetes/files/calico/network-environment.master deleted file mode 100644 index 71d17c5..0000000 --- a/kubernetes/files/calico/network-environment.master +++ /dev/null @@ -1,7 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -# This host's IPv4 address (the source IP address used to reach other nodes -# in the Kubernetes cluster). -DEFAULT_IPV4={{ master.apiserver.address }} - -# IP and port of etcd instance used by Calico -ETCD_ENDPOINTS={% for member in master.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \ No newline at end of file diff --git a/kubernetes/files/calico/network-environment.pool b/kubernetes/files/calico/network-environment.pool deleted file mode 100644 index 7746947..0000000 --- a/kubernetes/files/calico/network-environment.pool +++ /dev/null @@ -1,10 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -# This host's IPv4 address (the source IP address used to reach other nodes -# in the Kubernetes cluster). -DEFAULT_IPV4={{ pool.address }} - -# The Kubernetes master IP -KUBERNETES_MASTER={{ pool.apiserver.host }} - -# IP and port of etcd instance used by Calico -ETCD_ENDPOINTS={% for member in pool.network.etcd.members %}http://{{ member.host }}:{{ member.port }}{% if not loop.last %},{% endif %}{% endfor %} \ No newline at end of file diff --git a/kubernetes/files/configmap.yml b/kubernetes/files/configmap.yml deleted file mode 100644 index d2469c0..0000000 --- a/kubernetes/files/configmap.yml +++ /dev/null @@ -1,18 +0,0 @@ -{%- from "kubernetes/map.jinja" import control with context %} -{%- macro load_support_file(file, pillar, grains) %}{% include file %}{% endmacro %} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ configmap_name }}-{{ configmap.get('version', '1') }} - namespace: {{ configmap.get('namespace', 'default') }} -data: - {%- for service_name in configmap.pillar.keys() %} - {%- if pillar.get(service_name, {}).get('_support', {}).get('config', {}).get('enabled', False) %} - {%- set support_fragment_file = service_name+'/meta/config.yml' %} - {%- set service_config_files = load_support_file(support_fragment_file, configmap.pillar, configmap.get('grains', {}))|load_yaml %} - {%- for service_config_name, service_config in service_config_files.config.iteritems() %} - {{ service_config_name }}: | - {{ load_support_file(service_config.source|replace('salt://', ''), configmap.pillar, configmap.get('grains', {}))|indent(4) }} - {%- endfor %} - {%- endif %} - {%- endfor %} diff --git a/kubernetes/files/flannel/default.master b/kubernetes/files/flannel/default.master deleted file mode 100644 index 2a8b881..0000000 --- a/kubernetes/files/flannel/default.master +++ /dev/null @@ -1,3 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} - -DAEMON_ARGS="--etcd-endpoints={% for member in master.network.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --ip-masq --etcd-prefix=/kubernetes.io/network" \ No newline at end of file diff --git a/kubernetes/files/flannel/default.pool b/kubernetes/files/flannel/default.pool deleted file mode 100644 index 9bf8bfb..0000000 --- a/kubernetes/files/flannel/default.pool +++ /dev/null @@ -1,3 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} - -DAEMON_ARGS="--etcd-endpoints={% for member in pool.network.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --ip-masq --etcd-prefix=/kubernetes.io/network" \ No newline at end of file diff --git a/kubernetes/files/flannel/network.json b/kubernetes/files/flannel/network.json deleted file mode 100644 index d45fef2..0000000 --- a/kubernetes/files/flannel/network.json +++ /dev/null @@ -1,9 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{ - "Network": "{{ master.network.private_ip_range }}", - "SubnetLen": 24, - "Backend": { - "Type": "vxlan", - "VNI": 1 - } -} \ No newline at end of file diff --git a/kubernetes/files/glusterfs/glusterfs-endpoints.yml b/kubernetes/files/glusterfs/glusterfs-endpoints.yml deleted file mode 100644 index 15d9cc9..0000000 --- a/kubernetes/files/glusterfs/glusterfs-endpoints.yml +++ /dev/null @@ -1,12 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Endpoints -metadata: - name: glusterfs-cluster -subsets: - {%- for member in master.storage.members %} -- addresses: - - ip: {{ member.host }} - ports: - - port: {{ member.port }} - {%- endfor %} \ No newline at end of file diff --git a/kubernetes/files/glusterfs/glusterfs-svc.yml b/kubernetes/files/glusterfs/glusterfs-svc.yml deleted file mode 100644 index d8c34fa..0000000 --- a/kubernetes/files/glusterfs/glusterfs-svc.yml +++ /dev/null @@ -1,8 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Service -metadata: - name: glusterfs-cluster -spec: - ports: - - port: {{ master.storage.port }} \ No newline at end of file diff --git a/kubernetes/files/job.yml b/kubernetes/files/job.yml deleted file mode 100644 index 95103b9..0000000 --- a/kubernetes/files/job.yml +++ /dev/null @@ -1,89 +0,0 @@ -{% from "kubernetes/map.jinja" import control with context %} -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ job.job }}-job - namespace: {{ job.get('namespace', 'default') }} -spec: - template: - metadata: - spec: - {%- if job.host_network is defined %} - hostNetwork: True - {%- endif %} - {%- if job.host_pid is defined %} - hostPID: True - {%- endif %} - containers: - {%- for container_name, container in job.container.iteritems() %} - - name: {{ container_name }} - image: {% if container.registry is defined %}{{ container.registry }}/{%- endif %}{{ container.image }}{%- if container.tag is defined %}:{{ container.tag }}{%- endif %} - imagePullPolicy: {{ container.get('image_pull_policy', 'IfNotPresent') }} - {%- if container.privileged is defined %} - securityContext: - privileged: True - {%- endif %} - {%- if container.variables is defined %} - env: - {%- for variable in container.variables %} - - name: {{ variable.name }} - {%- if variable.field_path is defined %} - valueFrom: - fieldRef: - fieldPath: {{ variable.fieldPath }} - {%- else %} - value: {{ variable.value }} - {%- endif %} - {%- endfor %} - {%- endif %} - {%- if container.command is defined %} - command: - {%- for command in container.command %} - - {{ command }} - {%- endfor %} - {%- endif %} - {%- if container.volumes is defined %} - volumeMounts: - {%- for volume in container.volumes %} - - name: {{ volume.name }} - mountPath: {{ volume.mount }} - readOnly: {{ volume.get('read_only', 'False') }} - {%- endfor %} - {%- endif %} - {%- endfor %} - {%- if job.volume is defined %} - volumes: - {%- for volume_name, volume in job.volume.iteritems() %} - - name: {{ volume_name }} - {%- if volume.type == 'empty_dir' %} - emptyDir: {} - {%- elif volume.type == 'host_path' %} - hostPath: - path: {{ volume.path }} - {%- elif volume.type == 'glusterfs' %} - glusterfs: - endpoints: {{ volume.endpoints }} - path: {{ volume.path }} - readOnly: {{ volume.get('read_only', 'False') }} - {%- elif volume.type == 'config_map' %} - configMap: - name: {{ volume_name }} - items: - {%- for name, item in volume.item.iteritems() %} - - key: {{ item.key }} - path: {{ item.path }} - {%- endfor %} - {%- endif %} - {%- endfor %} - {%- endif %} - restartPolicy: {{ job.restart_policy }} - {%- if job.node_selector is defined %} - nodeSelector: - {%- for selector in job.node_selector %} - {{ selector.key }}: {{ selector.value }} - {%- endfor %} - {%- endif %} - {%- if job.image_pull_secretes is defined %} - imagePullSecrets: - - name: {{ job.image_pull_secretes }} - {%- endif %} \ No newline at end of file diff --git a/kubernetes/files/known_tokens.csv b/kubernetes/files/known_tokens.csv deleted file mode 100644 index c17d03e..0000000 --- a/kubernetes/files/known_tokens.csv +++ /dev/null @@ -1,13 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{{ master.token.admin }},admin,admin -{{ master.token.kubelet }},kubelet,kubelet -{{ master.token.kube_proxy }},kube_proxy,kube_proxy -{{ master.token.scheduler }},system:scheduler,system:scheduler -{{ master.token.controller_manager }},system:controller_manager,system:controller_manager -{%- if master.addons.logging is defined %} -{{ master.token.logging }},system:logging,system:logging -{%- endif %} -{%- if master.addons.monitoring is defined %} -{{ master.token.monitoring }},system:monitoring,system:monitoring -{%- endif %} -{{ master.token.dns }},system:dns,system:dns \ No newline at end of file diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml deleted file mode 100644 index 8ca2a27..0000000 --- a/kubernetes/files/kube-addons/dashboard/dashboard-address.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Service -metadata: - name: kubernetes-dashboard-address - namespace: kube-system - labels: - k8s-app: kubernetes-dashboard - kubernetes.io/cluster-service: "true" -spec: - selector: - k8s-app: kubernetes-dashboard - deprecatedPublicIPs: ["{{ master.addons.ui.public_ip }}"] - type: LoadBalancer - ports: - - port: 80 - targetPort: 9090 \ No newline at end of file diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml deleted file mode 100644 index a4236ec..0000000 --- a/kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: v1 -kind: ReplicationController -metadata: - # Keep the name in sync with image version and - # gce/coreos/kube-manifests/addons/dashboard counterparts - name: dashboard - namespace: kube-system - labels: - k8s-app: kubernetes-dashboard - version: v1.4.0 - kubernetes.io/cluster-service: "true" -spec: - replicas: 1 - selector: - k8s-app: kubernetes-dashboard - template: - metadata: - labels: - k8s-app: kubernetes-dashboard - kubernetes.io/cluster-service: "true" - annotations: - scheduler.alpha.kubernetes.io/critical-pod: '' - scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]' - spec: - containers: - - name: kubernetes-dashboard - image: gcr.io/google_containers/kubernetes-dashboard-amd64:v1.4.0 - resources: - # keep request = limit to keep this container in guaranteed class - limits: - cpu: 100m - memory: 50Mi - requests: - cpu: 100m - memory: 50Mi - ports: - - containerPort: 9090 - livenessProbe: - httpGet: - path: / - port: 9090 - initialDelaySeconds: 30 - timeoutSeconds: 30 \ No newline at end of file diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml deleted file mode 100644 index 35ace0f..0000000 --- a/kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Endpoints -metadata: - name: kubernetes-dashboard - namespace: kube-system - labels: - k8s-app: kubernetes-dashboard - kubernetes.io/cluster-service: "true" -subsets: - - addresses: - - ip: {{ master.addons.ui.public_ip }} - - ports: - - port: 9090 - protocol: TCP \ No newline at end of file diff --git a/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml b/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml deleted file mode 100644 index 2c2ce3f..0000000 --- a/kubernetes/files/kube-addons/dashboard/dashboard-service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Service -metadata: - name: kubernetes-dashboard - namespace: kube-system - labels: - k8s-app: kubernetes-dashboard - kubernetes.io/cluster-service: "true" -spec: -{%- if master.network.engine != 'opencontrail' %} - selector: - k8s-app: kubernetes-dashboard - type: NodePort -{%- endif %} - ports: - - port: 80 - targetPort: 9090 diff --git a/kubernetes/files/kube-addons/dns/skydns-rc.yaml b/kubernetes/files/kube-addons/dns/skydns-rc.yaml deleted file mode 100644 index d5901fe..0000000 --- a/kubernetes/files/kube-addons/dns/skydns-rc.yaml +++ /dev/null @@ -1,104 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: ReplicationController -metadata: - name: dns - namespace: kube-system - labels: - k8s-app: kube-dns - version: v20 - kubernetes.io/cluster-service: "true" -spec: - replicas: {{ master.addons.dns.replicas }} - selector: - k8s-app: kube-dns - version: v20 - template: - metadata: - labels: - k8s-app: kube-dns - version: v20 - annotations: - scheduler.alpha.kubernetes.io/critical-pod: '' - scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]' - spec: - containers: - - name: kubedns - image: gcr.io/google_containers/kubedns-amd64:1.8 - resources: - limits: - memory: 170Mi - requests: - cpu: 100m - memory: 70Mi - livenessProbe: - httpGet: - path: /healthz-kubedns - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - readinessProbe: - httpGet: - path: /readiness - port: 8081 - scheme: HTTP - initialDelaySeconds: 3 - timeoutSeconds: 5 - args: - # command = "/kube-dns" - - --domain={{ master.addons.dns.domain }} - - --dns-port=10053 - - --kube-master-url=http://{{ master.apiserver.insecure_address }}:8080 - ports: - - containerPort: 10053 - name: dns-local - protocol: UDP - - containerPort: 10053 - name: dns-tcp-local - protocol: TCP - - name: dnsmasq - image: gcr.io/google_containers/kube-dnsmasq-amd64:1.4 - livenessProbe: - httpGet: - path: /healthz-dnsmasq - port: 8080 - scheme: HTTP - initialDelaySeconds: 60 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 5 - args: -{%- if master.addons.dns.get('dnsmasq', {}) %} -{%- for option_name, option_value in master.addons.dns.dnsmasq.iteritems() %} - - --{{ option_name }}{% if option_value %}={{ option_value }}{% endif %} -{%- endfor %} -{%- endif %} - ports: - - containerPort: 53 - name: dns - protocol: UDP - - containerPort: 53 - name: dns-tcp - protocol: TCP - - name: healthz - image: gcr.io/google_containers/exechealthz-amd64:1.2 - resources: - limits: - memory: 50Mi - requests: - cpu: 10m - memory: 50Mi - args: - - --cmd=nslookup kubernetes.default.svc.{{ master.addons.dns.domain }} 127.0.0.1 >/dev/null - - --url=/healthz-dnsmasq - - --cmd=nslookup kubernetes.default.svc.{{ master.addons.dns.domain }} 127.0.0.1:10053 >/dev/null - - --url=/healthz-kubedns - - --port=8080 - - --quiet - ports: - - containerPort: 8080 - protocol: TCP - dnsPolicy: Default # Don't use cluster DNS. diff --git a/kubernetes/files/kube-addons/dns/skydns-svc.yaml b/kubernetes/files/kube-addons/dns/skydns-svc.yaml deleted file mode 100644 index 88ebf0b..0000000 --- a/kubernetes/files/kube-addons/dns/skydns-svc.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Service -metadata: - name: kube-dns - namespace: kube-system - labels: - k8s-app: kube-dns - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "KubeDNS" -spec: - selector: - k8s-app: kube-dns - clusterIP: {{ master.addons.dns.server }} - ports: - - name: dns - port: 53 - protocol: UDP - - name: dns-tcp - port: 53 - protocol: TCP \ No newline at end of file diff --git a/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml b/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml deleted file mode 100644 index 28f2c24..0000000 --- a/kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Service -metadata: - labels: - k8s-app: heapster - kubernetes.io/cluster-service: 'true' - kubernetes.io/name: 'Heapster' - name: heapster-address - namespace: kube-system -spec: - ports: - - port: 80 - targetPort: 8082 - selector: - k8s-app: heapster - deprecatedPublicIPs: ['{{ master.addons.heapster_influxdb.public_ip }}'] - type: LoadBalancer \ No newline at end of file diff --git a/kubernetes/files/kube-addons/heapster-influxdb/heapster-controller.yaml b/kubernetes/files/kube-addons/heapster-influxdb/heapster-controller.yaml deleted file mode 100644 index 8b3f251..0000000 --- a/kubernetes/files/kube-addons/heapster-influxdb/heapster-controller.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v1 -kind: ReplicationController -metadata: - labels: - k8s-app: heapster - version: v6 - name: heapster - namespace: kube-system -spec: - replicas: 1 - selector: - k8s-app: heapster - version: v6 - template: - metadata: - labels: -# name: heapster - uses: monitoring-influxdb - k8s-app: heapster - version: v6 - kubernetes.io/cluster-service: "true" - spec: - containers: - - name: heapster - image: kubernetes/heapster:canary - imagePullPolicy: Always - command: - - /heapster - - --source=kubernetes:https://kubernetes.default - - --sink=influxdb:http://monitoring-influxdb:8086 \ No newline at end of file diff --git a/kubernetes/files/kube-addons/heapster-influxdb/heapster-endpoint.yaml b/kubernetes/files/kube-addons/heapster-influxdb/heapster-endpoint.yaml deleted file mode 100644 index 35a140c..0000000 --- a/kubernetes/files/kube-addons/heapster-influxdb/heapster-endpoint.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Endpoints -metadata: - name: heapster - namespace: kube-system - labels: - k8s-app: heapster - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "Heapster" -subsets: - - addresses: - - ip: {{ master.addons.heapster_influxdb.public_ip }} - - ports: - - port: 8082 - protocol: TCP \ No newline at end of file diff --git a/kubernetes/files/kube-addons/heapster-influxdb/heapster-service.yaml b/kubernetes/files/kube-addons/heapster-influxdb/heapster-service.yaml deleted file mode 100644 index f04cf83..0000000 --- a/kubernetes/files/kube-addons/heapster-influxdb/heapster-service.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - k8s-app: heapster - kubernetes.io/cluster-service: 'true' - kubernetes.io/name: 'Heapster' - name: heapster - namespace: kube-system -spec: - ports: - - port: 80 - targetPort: 8082 \ No newline at end of file diff --git a/kubernetes/files/kube-addons/heapster-influxdb/influxdb-controller.yaml b/kubernetes/files/kube-addons/heapster-influxdb/influxdb-controller.yaml deleted file mode 100644 index 6235c18..0000000 --- a/kubernetes/files/kube-addons/heapster-influxdb/influxdb-controller.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: ReplicationController -metadata: - labels: - name: influxGrafana - name: influxdb-grafana - namespace: kube-system -spec: - replicas: 1 - selector: - name: influxGrafana - template: - metadata: - labels: - name: influxGrafana - spec: - containers: - - name: influxdb - image: kubernetes/heapster_influxdb:v0.6 - volumeMounts: - - mountPath: /data - name: influxdb-storage - volumes: - - name: influxdb-storage - emptyDir: {} \ No newline at end of file diff --git a/kubernetes/files/kube-addons/heapster-influxdb/influxdb-service.yaml b/kubernetes/files/kube-addons/heapster-influxdb/influxdb-service.yaml deleted file mode 100644 index 64bed1e..0000000 --- a/kubernetes/files/kube-addons/heapster-influxdb/influxdb-service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - name: monitoring-influxdb - name: monitoring-influxdb - namespace: kube-system -spec: - ports: - - name: http - port: 8083 - targetPort: 8083 - - name: api - port: 8086 - targetPort: 8086 - selector: - name: influxGrafana \ No newline at end of file diff --git a/kubernetes/files/kube-addons/registry/registry-rc.yaml b/kubernetes/files/kube-addons/registry/registry-rc.yaml deleted file mode 100644 index 9e1a1de..0000000 --- a/kubernetes/files/kube-addons/registry/registry-rc.yaml +++ /dev/null @@ -1,59 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: ReplicationController -metadata: - name: registry - namespace: kube-system - labels: - k8s-app: kube-registry - version: v0 - kubernetes.io/cluster-service: "true" -spec: - replicas: 1 - selector: - k8s-app: kube-registry - version: v0 - template: - metadata: - labels: - k8s-app: kube-registry - version: v0 - kubernetes.io/cluster-service: "true" - spec: - containers: - - name: registry - image: registry:2.5.1 - resources: - limits: - cpu: 100m - memory: 100Mi - requests: - cpu: 100m - memory: 100Mi - env: - - name: REGISTRY_HTTP_ADDR - value: {{ master.addons.registry.bind.get('host', '0.0.0.0'}}:{{ master.addons.registry.bind.get('port', '5000'}} - - name: REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY - value: /var/lib/registry - ports: - - containerPort: {{ master.addons.registry.bind.get('port', '5000') }} - name: registry - protocol: TCP - {%- if master.addons.registry.volume is defined %} - volumeMounts: - - name: image-store - mountPath: /var/lib/registry - volumes: - - name: image-store - {%- if master.addons.registry.volume.get('type', 'emptyDir') %} - emptyDir: {} - {%- elif master.addons.registry.volume.type == 'hostPath' %} - hostPath: - path: {{ master.addons.registry.volume.path }} - {%- elif master.addons.registry.volume.type == 'glusterfs' %} - glusterfs: - endpoints: {{ master.addons.registry.volume.endpoints }} - path: {{ master.addons.registry.volume.path }} - readOnly: {{ master.addons.registry.volume.read_only }} - {%- endif %} - {%- endif %} diff --git a/kubernetes/files/kube-addons/registry/registry.svc b/kubernetes/files/kube-addons/registry/registry.svc deleted file mode 100644 index 708a1ba..0000000 --- a/kubernetes/files/kube-addons/registry/registry.svc +++ /dev/null @@ -1,17 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -apiVersion: v1 -kind: Service -metadata: - name: kube-registry - namespace: kube-system - labels: - k8s-app: kube-registry - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "KubeRegistry" -spec: - selector: - k8s-app: kube-registry - ports: - - name: registry - port: {{ master.addons.registry.bind.get('port', '5000') }} - protocol: TCP \ No newline at end of file diff --git a/kubernetes/files/kube-proxy/proxy.kubeconfig b/kubernetes/files/kube-proxy/proxy.kubeconfig deleted file mode 100644 index 4fb09d6..0000000 --- a/kubernetes/files/kube-proxy/proxy.kubeconfig +++ /dev/null @@ -1,20 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} - -apiVersion: v1 -kind: Config -current-context: proxy-to-cluster.local -preferences: {} -contexts: -- context: - cluster: cluster.local - user: kube_proxy - name: proxy-to-cluster.local -clusters: -- cluster: - certificate-authority: /etc/kubernetes/ssl/kubelet-client.crt -# server: https://{{ pool.apiserver.host }}:443 - name: cluster.local -users: -- name: kube_proxy - user: - token: {{ pool.token.kube_proxy}} \ No newline at end of file diff --git a/kubernetes/files/kubelet/default.master b/kubernetes/files/kubelet/default.master deleted file mode 100644 index 9fb3840..0000000 --- a/kubernetes/files/kubelet/default.master +++ /dev/null @@ -1,4 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} - -# test_args has to be kept at the end, so they'll overwrite any prior configuration -DAEMON_ARGS="--config=/etc/kubernetes/manifests --allow-privileged={{ master.kubelet.allow_privileged }} --cluster_dns={{ master.addons.dns.server }} --register-node=false --cluster_domain={{ master.addons.dns.domain }} --v=2" diff --git a/kubernetes/files/kubelet/default.pool b/kubernetes/files/kubelet/default.pool deleted file mode 100644 index a67b73c..0000000 --- a/kubernetes/files/kubelet/default.pool +++ /dev/null @@ -1,4 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} - -# test_args has to be kept at the end, so they'll overwrite any prior configuration -DAEMON_ARGS="--require-kubeconfig --kubeconfig=/etc/kubernetes/kubelet.kubeconfig --config=/etc/kubernetes/manifests --allow-privileged={{ pool.kubelet.allow_privileged }} --cluster_dns={{ pool.cluster_dns }} --cluster_domain={{ pool.cluster_domain }} --v=2 {% if pool.network.engine == 'opencontrail' %}--network-plugin={{ pool.network.engine }}{% endif %} {% if pool.network.engine == 'calico' %}--network-plugin=cni --network-plugin-dir=/etc/cni/net.d{% endif %} --file-check-frequency={{ pool.kubelet.frequency }}" diff --git a/kubernetes/files/kubelet/kubelet.kubeconfig b/kubernetes/files/kubelet/kubelet.kubeconfig deleted file mode 100644 index a33b7ba..0000000 --- a/kubernetes/files/kubelet/kubelet.kubeconfig +++ /dev/null @@ -1,24 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} - -apiVersion: v1 -kind: Config -current-context: kubelet-to-cluster.local -preferences: {} -clusters: -- cluster: - certificate-authority: /etc/kubernetes/ssl/kubelet-client.crt - server: https://{{ pool.apiserver.host }}:443 - name: cluster.local -- cluster: - certificate-authority: /etc/kubernetes/ssl/kubelet-client.crt - server: http://{{ pool.apiserver.host }}:8080 - name: cluster-http.local -contexts: -- context: - cluster: cluster-http.local - user: kubelet - name: kubelet-to-cluster.local -users: -- name: kubelet - user: - token: {{ pool.token.kubelet }} diff --git a/kubernetes/files/kubernetes.grain b/kubernetes/files/kubernetes.grain deleted file mode 100644 index 5d0a225..0000000 --- a/kubernetes/files/kubernetes.grain +++ /dev/null @@ -1,7 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context -%} -{%- if pool.get('service', {})|length > 0 %} -{%- set service_grains = {'kubernetes': {'service': pool.get('service', {}).get('local', {})}} -%} -{% else %} -{%- set service_grains = {'kubernetes': {}} -%} -{%- endif %} -{{ service_grains|yaml(False) }} diff --git a/kubernetes/files/manifest/contrail-vrouter-agent.manifest b/kubernetes/files/manifest/contrail-vrouter-agent.manifest deleted file mode 100644 index 7ed6826..0000000 --- a/kubernetes/files/manifest/contrail-vrouter-agent.manifest +++ /dev/null @@ -1,47 +0,0 @@ -{ -"apiVersion": "v1", -"kind": "Pod", -"metadata": { - "name":"contrail-vrouter-agent", - "namespace": "kube-system" -}, -"spec":{ -"hostNetwork": true, -"containers":[ - { - "name": "vrouter-agent", - "image": "opencontrail/vrouter-agent:2.20", - "securityContext": { - "Privileged": true - }, - "resources": { - "limits": { - "cpu": "250m" - } - }, - "command": [ - "/usr/bin/contrail-vrouter-agent" - ], - "volumeMounts": [ - {"name": "contrail-configs", - "mountPath": "/etc/contrail", - "readOnly": false - }, - {"name": "contrail-logs", - "mountPath": "/var/log/contrail", - "readOnly": false - } - ] - } -], -"volumes":[ - { "name": "contrail-configs", - "hostPath": { - "path": "/etc/contrail"} - }, - { "name": "contrail-logs", - "hostPath": { - "path": "/var/log/contrail"} - } -] -}} diff --git a/kubernetes/files/manifest/flannel-server.manifest b/kubernetes/files/manifest/flannel-server.manifest deleted file mode 100644 index 532a0ba..0000000 --- a/kubernetes/files/manifest/flannel-server.manifest +++ /dev/null @@ -1,78 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{ - "kind": "Pod", - "apiVersion": "v1", - "metadata": { - "name": "flannel-server", - "namespace": "kube-system", - "labels": { - "app": "flannel-server", - "version": "v0.1" - } - }, - "spec": { - "volumes": [ - { - "name": "varlog", - "hostPath": { - "path": "/var/log" - } - }, - { - "name": "etcdstorage", - "emptyDir": {} - }, - { - "name": "networkconfig", - "hostPath": { - "path": "/etc/kubernetes/network.json" - } - } - ], - "containers": [ - { - "name": "flannel-server-helper", - "image": "gcr.io/google_containers/flannel-server-helper:0.1", - "args": [ - "--network-config=/etc/kubernetes/network.json", - "--etcd-prefix=/kubernetes.io/network", - "--etcd-server=http://127.0.0.1:4001" - ], - "volumeMounts": [ - { - "name": "networkconfig", - "mountPath": "/etc/kubernetes/network.json" - } - ], - "imagePullPolicy": "Always" - }, - { - "name": "flannel-container", - "image": "quay.io/coreos/flannel:0.5.5", - "command": [ - "/bin/sh", - "-c", - "/opt/bin/flanneld -listen 0.0.0.0:10253 -etcd-endpoints {% for member in master.network.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} -etcd-prefix /kubernetes.io/network 2>&1 | tee -a /var/log/flannel-server.log" - ], - "ports": [ - { - "hostPort": 10253, - "containerPort": 10253 - } - ], - "resources": { - "requests": { - "cpu": "100m" - } - }, - "volumeMounts": [ - { - "name": "varlog", - "mountPath": "/var/log" - } - ] - } - ], - "hostNetwork": true - } -} \ No newline at end of file diff --git a/kubernetes/files/manifest/kube-apiserver.manifest b/kubernetes/files/manifest/kube-apiserver.manifest deleted file mode 100644 index 344cfe7..0000000 --- a/kubernetes/files/manifest/kube-apiserver.manifest +++ /dev/null @@ -1,84 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- from "kubernetes/map.jinja" import common with context %} -apiVersion: v1 -kind: Pod -metadata: - name: kube-apiserver - namespace: kube-system -spec: - dnsPolicy: ClusterFirst - hostNetwork: true - restartPolicy: Always - terminationGracePeriodSeconds: 30 - containers: - - name: kube-apiserver - image: {{ common.hyperkube.image }} - command: - - /hyperkube - - apiserver - --insecure-bind-address={{ master.apiserver.insecure_address }} - --etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} - --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota - --service-cluster-ip-range={{ master.service_addresses }} - --client-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt - --basic-auth-file=/srv/kubernetes/basic_auth.csv - --tls-cert-file=/etc/kubernetes/ssl/kubernetes-server.crt - --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key - --secure-port={{ master.apiserver.get('secure_port', '443') }} - --bind-address={{ master.apiserver.address }} - --token-auth-file=/srv/kubernetes/known_tokens.csv - --etcd-quorum-read=true - --v=2 - --allow-privileged=True - 1>>/var/log/kube-apiserver.log 2>&1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - host: 127.0.0.1 - path: /healthz - port: 8080 - scheme: HTTP - initialDelaySeconds: 15 - timeoutSeconds: 15 - ports: - - containerPort: {{ master.apiserver.get('secure_port', '443') }} - hostPort: {{ master.apiserver.get('secure_port', '443') }} - name: https - protocol: TCP - - containerPort: 8080 - hostPort: 8080 - name: local - protocol: TCP - resources: - requests: - cpu: 250m - volumeMounts: - - mountPath: /srv/kubernetes - name: srvkube - readOnly: true - - mountPath: /var/log/kube-apiserver.log - name: logfile - - mountPath: /etc/kubernetes/ssl - name: etcssl - readOnly: true - - mountPath: /usr/share/ca-certificates - name: usrsharecacerts - readOnly: true - - mountPath: /srv/sshproxy - name: srvsshproxy - volumes: - - hostPath: - path: /srv/kubernetes - name: srvkube - - hostPath: - path: /var/log/kube-apiserver.log - name: logfile - - hostPath: - path: /etc/kubernetes/ssl - name: etcssl - - hostPath: - path: /usr/share/ca-certificates - name: usrsharecacerts - - hostPath: - path: /srv/sshproxy - name: srvsshproxy diff --git a/kubernetes/files/manifest/kube-controller-manager.manifest b/kubernetes/files/manifest/kube-controller-manager.manifest deleted file mode 100644 index de1c3c8..0000000 --- a/kubernetes/files/manifest/kube-controller-manager.manifest +++ /dev/null @@ -1,64 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- from "kubernetes/map.jinja" import common with context %} -apiVersion: v1 -kind: Pod -metadata: - name: kube-controller-manager - namespace: kube-system -spec: - dnsPolicy: ClusterFirst - hostNetwork: true - restartPolicy: Always - terminationGracePeriodSeconds: 30 - containers: - - name: kube-controller-manager - image: {{ common.hyperkube.image }} - command: - - /hyperkube - - controller-manager - --master={{ master.apiserver.insecure_address }}:8080 - --cluster-name=kubernetes - --service-account-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key - --v=2 - --root-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt - --leader-elect=true - 1>>/var/log/kube-controller-manager.log 2>&1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - host: 127.0.0.1 - path: /healthz - port: 10252 - scheme: HTTP - initialDelaySeconds: 15 - timeoutSeconds: 15 - resources: - limits: - cpu: 200m - requests: - cpu: 200m - volumeMounts: - - mountPath: /srv/kubernetes - name: srvkube - readOnly: true - - mountPath: /var/log/kube-controller-manager.log - name: logfile - - mountPath: /etc/kubernetes/ssl - name: etcssl - readOnly: true - - mountPath: /usr/share/ca-certificates - name: usrsharecacerts - readOnly: true - volumes: - - hostPath: - path: /srv/kubernetes - name: srvkube - - hostPath: - path: /var/log/kube-controller-manager.log - name: logfile - - hostPath: - path: /etc/kubernetes/ssl - name: etcssl - - hostPath: - path: /usr/share/ca-certificates - name: usrsharecacerts diff --git a/kubernetes/files/manifest/kube-network-manager.manifest b/kubernetes/files/manifest/kube-network-manager.manifest deleted file mode 100644 index 1f1470a..0000000 --- a/kubernetes/files/manifest/kube-network-manager.manifest +++ /dev/null @@ -1,24 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{ - "apiVersion": "v1", - "kind": "Pod", - "metadata": { - "namespace": "opencontrail", - "name": "kube-network-manager" - }, - "spec":{ - "hostNetwork": true, - "containers":[{ - "name": "kube-network-manager", - "image": "{{ master.network.network_manager.image }}:{{ master.network.network_manager.tag }}", - "volumeMounts": [{ - "name": "config", - "mountPath": "/etc/kubernetes" - }] - }], - "volumes": [{ - "name": "config", - "hostPath": {"path": "/etc/kubernetes"} - }] - } -} diff --git a/kubernetes/files/manifest/kube-proxy.manifest.pool b/kubernetes/files/manifest/kube-proxy.manifest.pool deleted file mode 100644 index 93d2353..0000000 --- a/kubernetes/files/manifest/kube-proxy.manifest.pool +++ /dev/null @@ -1,52 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- from "kubernetes/map.jinja" import common with context %} -apiVersion: v1 -kind: Pod -metadata: - name: kube-proxy - namespace: kube-system -spec: - hostNetwork: true - containers: - - name: kube-proxy - image: {{ common.hyperkube.image }} - resources: - requests: - cpu: 200m - command: - - /hyperkube - - proxy - --logtostderr=true - --v=2 - --kubeconfig=/etc/kubernetes/proxy.kubeconfig - --master={%- if pool.apiserver.insecure.enabled %}http://{{ pool.apiserver.host }}:8080{%- else %}https://{{ pool.apiserver.host }}{%- endif %} - {%- if pool.network.engine == 'calico' %} --proxy-mode=iptables{% endif %} - 1>>/var/log/kube-proxy.log 2>&1 - securityContext: - privileged: true - volumeMounts: - - mountPath: /etc/kuberbetes/ssl - name: ssl-certs-host - readOnly: true - - mountPath: /var/log - name: varlog - readOnly: false - - mountPath: /etc/kubernetes/proxy.kubeconfig - name: kubeconfig - readOnly: false - - mountPath: /var/run/dbus/system_bus_socket - name: dbus - readOnly: false - volumes: - - hostPath: - path: /etc/kubernetes/ssl - name: ssl-certs-host - - hostPath: - path: /etc/kubernetes/proxy.kubeconfig - name: kubeconfig - - hostPath: - path: /var/log - name: varlog - - hostPath: - path: /var/run/dbus/system_bus_socket - name: dbus diff --git a/kubernetes/files/manifest/kube-scheduler.manifest b/kubernetes/files/manifest/kube-scheduler.manifest deleted file mode 100644 index b2814e2..0000000 --- a/kubernetes/files/manifest/kube-scheduler.manifest +++ /dev/null @@ -1,42 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- from "kubernetes/map.jinja" import common with context %} -apiVersion: v1 -kind: Pod -metadata: - name: kube-scheduler - namespace: kube-system -spec: - dnsPolicy: ClusterFirst - hostNetwork: true - nodeName: kubernetes-master - restartPolicy: Always - terminationGracePeriodSeconds: 30 - containers: - - name: kube-scheduler - image: {{ common.hyperkube.image }} - imagePullPolicy: IfNotPresent - command: - - hyperkube - - scheduler - --master={{ master.apiserver.insecure_address }}:8080 - --v=2 - --leader-elect=true - 1>>/var/log/kube-scheduler.log 2>&1 - livenessProbe: - httpGet: - host: 127.0.0.1 - path: /healthz - port: 10251 - scheme: HTTP - initialDelaySeconds: 15 - timeoutSeconds: 15 - resources: - requests: - cpu: 100m - volumeMounts: - - mountPath: /var/log/kube-scheduler.log - name: logfile - volumes: - - hostPath: - path: /var/log/kube-scheduler.log - name: logfile diff --git a/kubernetes/files/opencontrail/network.conf b/kubernetes/files/opencontrail/network.conf deleted file mode 100644 index a40cabd..0000000 --- a/kubernetes/files/opencontrail/network.conf +++ /dev/null @@ -1,15 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -[DEFAULT] -service-cluster-ip-range = {{ master.network.service_cluster_ip_range }} - -[opencontrail] -default-domain = {{ master.network.default_domain }} -public-ip-range = {{ master.network.public_ip_range }} -cluster-service = {{ master.network.cluster_service }} -api-server = {{ master.network.host }} -api-port = {{ master.network.port }} -default-project = {{ master.network.default_project }} -public-network = {{ master.network.public_network }} -private-ip-range = {{ master.network.private_ip_range }} -network-label = {{ master.network.network_label }} -service-label = {{ master.network.service_label }} \ No newline at end of file diff --git a/kubernetes/files/rc.yml b/kubernetes/files/rc.yml deleted file mode 100644 index d2cad43..0000000 --- a/kubernetes/files/rc.yml +++ /dev/null @@ -1,211 +0,0 @@ -{% from "kubernetes/map.jinja" import control with context %} -apiVersion: {{ service.apiVersion }} -kind: {{ service.kind }} -metadata: - name: {{ service.service }}-{{ service.role }} - namespace: {{ service.namespace }} - labels: - app: {{ service.service }}-{{ service.role }} -spec: - replicas: {{ service.replicas }} - {%- if service.kind == 'PetSet' %} - serviceName: {{ service.service_name }} - {%- endif %} - template: - metadata: - labels: - app: {{ service.service }}-{{ service.role }} - annotations: - {%- if service.hostname is defined %} - pod.beta.kubernetes.io/hostname: {{ service.hostname }} - {%- endif %} - {%- if service.init_containers is defined %} - pod.alpha.kubernetes.io/init-containers: '[ - {%- for container in service.init_containers %} - { - "name": "{{ container.name }}", - "image": "{% if container.registry is defined %}{{ container.registry }}/{%- endif %}{{ container.image }}{%- if container.tag is defined %}:{{ container.tag }}{%- endif %}", - "command": [{%- for command in container.command %}"{{ command }}"{% if not loop.last %},{% endif %}{%- endfor %}] - {%- if container.volumes is defined -%} - , - "volumeMounts": [ - {%- for volume in container.volumes %} - { - "name": "{{ volume.name }}", - {%- if volume.sub_path is defined %} - "subPath": "{{ volume.sub_path }}", - {%- endif %} - "mountPath": "{{ volume.mount }}" - } - {%- if not loop.last %},{% endif %}{%- endfor %} - ] - {%- endif %} - } - {%- if not loop.last %},{% endif %}{% endfor %} - ]' - {%- endif %} - {%- if service.affinity is defined %} - scheduler.alpha.kubernetes.io/affinity: > - { - {%- for affinity_name, affinity in service.affinity.iteritems() %} - "{{ affinity.name }}": { - {%- for expression_name, expression in affinity.expression.iteritems() %} - {%- if expression.name == 'matchExpressions' %} - "{{ affinity.get('type','required') }}DuringSchedulingIgnoredDuringExecution": { - "nodeSelectorTerms": [ - { - "matchExpressions": [ - {%- for selector in expression.selectors %} - { - "key": "{{ selector.key }}", - "operator": "{{ selector.operator }}", - "values": [{%- for value in selector['values'] %}"{{ value }}"{%- if not loop.last %},{% endif %}{%- endfor %}] - }{%- if not loop.last %},{% endif %} - {% endfor %} - ] - } - ] - } - {%- elif expression.name == 'labelSelector' %} - "{{ affinity.get('type','required') }}DuringSchedulingIgnoredDuringExecution": [ - { - "labelSelector": { - "matchLabels": { - {%- for selector in expression.selectors %} - "{{ selector.key }}": "{{ selector.value }}" - {%- if not loop.last %},{% endif %}{%- endfor %} - } - }, - {%- if affinity.name == 'podAntiAffinity' or affinity.name == 'podAffinity' %} - "topologyKey": "{{ affinity.topology_key }}" - {%- endif %} - } - ] - {%- endif %} - {%- endfor %} - {%- if not loop.last %}},{% endif %} - {%- endfor %} - } - } - {%- endif %} - spec: - {%- if service.hostNetwork is defined %} - hostNetwork: True - {%- endif %} - {%- if service.host_pid is defined %} - hostPID: True - {%- endif %} - containers: - {%- for container_name, container in service.container.iteritems() %} - - name: {{ container_name }} - image: {% if container.registry is defined %}{{ container.registry }}/{%- endif %}{{ container.image }}{%- if container.tag is defined %}:{{ container.tag }}{%- endif %} - imagePullPolicy: {{ container.get('image_pull_policy','IfNotPresent') }} - {%- if container.privileged is defined %} - securityContext: - privileged: True - {%- endif %} - {%- if container.variables is defined %} - env: - {%- for variable in container.variables %} - - name: {{ variable.name }} - {%- if variable.fieldPath is defined %} - valueFrom: - fieldRef: - fieldPath: {{ variable.fieldPath }} - {%- else %} - value: {{ variable.value }} - {%- endif %} - {%- endfor %} - {%- endif %} - {%- if container.ports is defined %} - ports: - {%- for port in container.ports %} - - containerPort: {{ port.port }} - name: {{ port.name }} - {%- endfor %} - {%- endif %} - {%- if container.command is defined %} - command: - {%- for command in container.command %} - - {{ command }} - {%- endfor %} - {%- endif %} - {%- if container.volumes is defined %} - volumeMounts: - {%- for volume in container.volumes %} - - name: {{ volume.name }} - mountPath: {{ volume.mount }} - readOnly: {{ volume.get('read_only', 'False') }} - {%- if volume.sub_path is defined %} - subPath: {{ volume.sub_path }} - {%- endif %} - {%- endfor %} - {%- endif %} - {%- if container.liveness_probe is defined %} - livenessProbe: - {%- if container.liveness_probe.type == 'http' %} - httpGet: - path: {{ container.liveness_probe.path }} - port: {{ container.liveness_probe.port }} - {%- elif container.liveness_probe.type == 'exec' %} - exec: - command: - {%- for command in container.liveness_probe.command %} - - {{ command }} - {%- endfor %} - {%- endif %} - initialDelaySeconds: {{ container.liveness_probe.initial_delay }} - timeoutSeconds: {{ container.liveness_probe.timeout }} - {%- endif %} - {%- if container.readiness_probe is defined %} - readinessProbe: - {%- if container.readiness_probe.type == 'http' %} - httpGet: - path: {{ container.readiness_probe.path }} - port: {{ container.readiness_probe.port }} - {%- elif container.readiness_probe.type == 'exec' %} - exec: - command: - {%- for command in container.readiness_probe.command %} - - {{ command }} - {%- endfor %} - {%- endif %} - initialDelaySeconds: {{ container.readiness_probe.initial_delay }} - timeoutSeconds: {{ container.readiness_probe.timeout }} - {%- endif %} - {%- endfor %} - {%- if service.volume is defined %} - volumes: - {%- for volume_name, volume in service.volume.iteritems() %} - - name: {{ volume_name }} - {%- if volume.type == 'emptyDir' %} - emptyDir: {} - {%- elif volume.type == 'hostPath' %} - hostPath: - path: {{ volume.path }} - {%- elif volume.type == 'glusterfs' %} - glusterfs: - endpoints: {{ volume.endpoints }} - path: {{ volume.path }} - readOnly: {{ volume.read_only }} - {%- elif volume.type == 'config_map' %} - configMap: - name: {{ volume_name }}-{{ volume.get('version', '1') }} - items: - {%- for name, item in volume.item.iteritems() %} - - key: {{ item.key }} - path: {{ item.path }} - {%- endfor %} - {%- endif %} - {%- endfor %} - {%- endif %} - {%- if service.nodeSelector is defined %} - nodeSelector: - {%- for selector in service.nodeSelector %} - {{ selector.key }}: {{ selector.value }} - {%- endfor %} - {%- endif %} - {%- if service.image_pull_secretes is defined %} - imagePullSecrets: - - name: {{ service.image_pull_secretes }} - {%- endif %} diff --git a/kubernetes/files/svc.yml b/kubernetes/files/svc.yml deleted file mode 100644 index b236417..0000000 --- a/kubernetes/files/svc.yml +++ /dev/null @@ -1,25 +0,0 @@ -{% from "kubernetes/map.jinja" import control with context %} -apiVersion: v1 -kind: Service -metadata: - labels: - name: {{ service.service }}-{{ service.role }} - app: {{ service.service }}-{{ service.role }} - name: {{ service.service }}-{{ service.role }} - namespace: {{ service.namespace }} -spec: - ports: - {%- for port in service.ports %} - - port: {{ port.port }} - name: {{ port.name }} - {%- endfor %} - type: {{ service.type }} - selector: - app: {{ service.service }}-{{ service.role }} - {%- if service.cluster_ip is defined %} - clusterIP: {{ service.cluster_ip }} - {%- endif %} - {%- if service.external_ip is defined %} - externalIPs: - - "{{ service.external_ip }}" - {%- endif -%} \ No newline at end of file diff --git a/kubernetes/files/systemd/kube-apiserver.service b/kubernetes/files/systemd/kube-apiserver.service deleted file mode 100644 index bfe7bd8..0000000 --- a/kubernetes/files/systemd/kube-apiserver.service +++ /dev/null @@ -1,30 +0,0 @@ -[Unit] -Description=Kubernetes API Server -Documentation=https://github.com/kubernetes/kubernetes -Documentation=man:kube-apiserver -After=network.target -After=etcd.service -Wants=etcd.service - -[Service] -EnvironmentFile=-/etc/kubernetes/config -EnvironmentFile=-/etc/default/%p -User=root -ExecStart=/usr/bin/hyperkube \ - apiserver \ - $KUBE_LOGTOSTDERR \ - $KUBE_LOG_LEVEL \ - $KUBE_ALLOW_PRIV \ - $KUBE_API_ADDRESS \ - $KUBE_API_PORT \ - $KUBELET_PORT \ - $KUBE_ETCD_SERVERS \ - $KUBE_SERVICE_ADDRESSES \ - $KUBE_ADMISSION_CONTROL \ - $DAEMON_ARGS -Restart=on-failure -Type=notify -LimitNOFILE=65536 - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/kubernetes/files/systemd/kube-controller-manager.service b/kubernetes/files/systemd/kube-controller-manager.service deleted file mode 100644 index 19c56fb..0000000 --- a/kubernetes/files/systemd/kube-controller-manager.service +++ /dev/null @@ -1,21 +0,0 @@ -[Unit] -Description=Kubernetes Controller Manager -Documentation=https://github.com/kubernetes/kubernetes -Documentation=man:kube-controller-manager -After=network.target - -[Service] -Environment=KUBE_MASTER=--master=127.0.0.1:8080 -EnvironmentFile=-/etc/kubernetes/config -EnvironmentFile=-/etc/default/%p -User=root -ExecStart=/usr/bin/hyperkube \ - controller-manager \ - $KUBE_LOGTOSTDERR \ - $KUBE_LOG_LEVEL \ - $DAEMON_ARGS -Restart=on-failure -LimitNOFILE=65536 - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/kubernetes/files/systemd/kube-proxy.service b/kubernetes/files/systemd/kube-proxy.service deleted file mode 100644 index 0620223..0000000 --- a/kubernetes/files/systemd/kube-proxy.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Kubernetes Kube-Proxy Server -Documentation=https://github.com/kubernetes/kubernetes -Documentation=man:kube-proxy -After=network.target - -[Service] -Environment=KUBE_MASTER=--master=127.0.0.1:8080 -EnvironmentFile=-/etc/kubernetes/config -EnvironmentFile=-/etc/default/%p -User=root -ExecStart=/usr/bin/hyperkube \ - proxy \ - $KUBE_LOGTOSTDERR \ - $KUBE_LOG_LEVEL \ - $KUBE_MASTER \ - $DAEMON_ARGS -Restart=on-failure -LimitNOFILE=65536 - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/kubernetes/files/systemd/kube-scheduler.service b/kubernetes/files/systemd/kube-scheduler.service deleted file mode 100644 index d29f9c9..0000000 --- a/kubernetes/files/systemd/kube-scheduler.service +++ /dev/null @@ -1,22 +0,0 @@ -[Unit] -Description=Kubernetes Scheduler Plugin -Documentation=https://github.com/kubernetes/kubernetes -Documentation=man:kube-scheduler -After=network.target - -[Service] -Environment=KUBE_MASTER=--master=127.0.0.1:8080 -EnvironmentFile=-/etc/kubernetes/config -EnvironmentFile=-/etc/default/%p -User=root -ExecStart=/usr/bin/hyperkube \ - scheduler \ - $KUBE_LOGTOSTDERR \ - $KUBE_LOG_LEVEL \ - $KUBE_MASTER \ - $DAEMON_ARGS -Restart=on-failure -LimitNOFILE=65536 - -[Install] -WantedBy=multi-user.target \ No newline at end of file diff --git a/kubernetes/files/systemd/kubelet.service b/kubernetes/files/systemd/kubelet.service deleted file mode 100644 index 5d5f7dc..0000000 --- a/kubernetes/files/systemd/kubelet.service +++ /dev/null @@ -1,30 +0,0 @@ -[Unit] -Description=Kubernetes Kubelet Server -Documentation=https://github.com/kubernetes/kubernetes -Documentation=man:kubelet -After=network.target -After=docker.service -Requires=docker.service -Conflicts=cadvisor.service - -[Service] -EnvironmentFile=-/etc/kubernetes/config -EnvironmentFile=-/etc/default/%p -User=root -ExecStart=/usr/bin/hyperkube \ - kubelet \ - $KUBE_LOGTOSTDERR \ - $KUBE_LOG_LEVEL \ - $KUBE_ALLOW_PRIV \ - $KUBELET_ADDRESS \ - $KUBELET_PORT \ - $KUBELET_HOSTNAME \ - $KUBELET_API_SERVER \ - $DOCKER_ENDPOINT \ - $CADVISOR_PORT \ - $DAEMON_ARGS -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Alias=cadvisor.service \ No newline at end of file diff --git a/kubernetes/init.sls b/kubernetes/init.sls deleted file mode 100644 index 22aad26..0000000 --- a/kubernetes/init.sls +++ /dev/null @@ -1,13 +0,0 @@ - -{%- if pillar.kubernetes is defined %} -include: -{%- if pillar.kubernetes.master is defined %} -- kubernetes.master -{%- endif %} -{%- if pillar.kubernetes.pool is defined %} -- kubernetes.pool -{%- endif %} -{%- if pillar.kubernetes.control is defined %} -- kubernetes.control -{%- endif %} -{%- endif %} diff --git a/kubernetes/map.jinja b/kubernetes/map.jinja deleted file mode 100644 index f36f9e3..0000000 --- a/kubernetes/map.jinja +++ /dev/null @@ -1,44 +0,0 @@ -{% set common = salt['grains.filter_by']({ - 'Debian': { - 'pkgs': ['curl', 'git', 'apt-transport-https', 'python-apt', 'nfs-common', 'socat', 'netcat-traditional', 'openssl'], - 'services': [], - }, - 'RedHat': { - 'pkgs': ['curl', 'git', 'apt-transport-https', 'python-apt', 'nfs-common', 'socat', 'netcat-traditional', 'python'], - 'services': [], - }, -}, merge=salt['pillar.get']('kubernetes:common')) %} - -{% set master = salt['grains.filter_by']({ - 'Debian': { - 'pkgs': [], - 'services': ['kube-apiserver','kube-scheduler','kube-controller-manager'], - }, - 'RedHat': { - 'pkgs': [], - 'services': [], - }, -}, merge=salt['pillar.get']('kubernetes:master')) %} - -{% set pool = salt['grains.filter_by']({ - 'Debian': { - 'pkgs': [], - 'services': ['kube-proxy'], - }, - 'RedHat': { - 'pkgs': [], - 'services': [], - }, -}, merge=salt['pillar.get']('kubernetes:pool')) %} - -{% set control = salt['grains.filter_by']({ - 'Debian': { - 'service': {}, - 'config_type': "default", - }, - 'RedHat': { - 'service': {}, - 'config_type': "default", - }, -}, merge=salt['pillar.get']('kubernetes:control')) %} - diff --git a/kubernetes/master/calico.sls b/kubernetes/master/calico.sls deleted file mode 100644 index f175a70..0000000 --- a/kubernetes/master/calico.sls +++ /dev/null @@ -1,40 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -/etc/calico/network-environment: - file.managed: - - source: salt://kubernetes/files/calico/network-environment.master - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - - template: jinja - -/usr/bin/calicoctl: - file.managed: - - source: {{ master.network.get('source', 'https://github.com/projectcalico/calico-containers/releases/download/') }}{{ master.network.version }}/calicoctl - - source_hash: md5={{ master.network.hash }} - - mode: 751 - - user: root - - group: root - -{%- if master.network.get('systemd', true) %} - -/etc/systemd/system/calico-node.service: - file.managed: - - source: salt://kubernetes/files/calico/calico-node.service.pool.master - - user: root - - group: root - - template: jinja - -calico_node: - service.running: - - name: calico-node - - enable: True - - watch: - - file: /etc/systemd/system/calico-node.service - -{%- endif %} - -{%- endif %} \ No newline at end of file diff --git a/kubernetes/master/controller.sls b/kubernetes/master/controller.sls deleted file mode 100644 index 418b351..0000000 --- a/kubernetes/master/controller.sls +++ /dev/null @@ -1,170 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -/srv/kubernetes/known_tokens.csv: - file.managed: - - source: salt://kubernetes/files/known_tokens.csv - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - -/srv/kubernetes/basic_auth.csv: - file.managed: - - source: salt://kubernetes/files/basic_auth.csv - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - -{%- if master.get('container', 'true') %} - -/var/log/kube-apiserver.log: - file.managed: - - user: root - - group: root - - mode: 644 - -/etc/kubernetes/manifests/kube-apiserver.manifest: - file.managed: - - source: salt://kubernetes/files/manifest/kube-apiserver.manifest - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - -/etc/kubernetes/manifests/kube-controller-manager.manifest: - file.managed: - - source: salt://kubernetes/files/manifest/kube-controller-manager.manifest - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - -/var/log/kube-controller-manager.log: - file.managed: - - user: root - - group: root - - mode: 644 - -/etc/kubernetes/manifests/kube-scheduler.manifest: - file.managed: - - source: salt://kubernetes/files/manifest/kube-scheduler.manifest - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - -/var/log/kube-scheduler.log: - file.managed: - - user: root - - group: root - - mode: 644 - -{%- else %} - -/etc/default/kube-apiserver: - file.managed: - - user: root - - group: root - - mode: 644 - - contents: DAEMON_ARGS=" --insecure-bind-address={{ master.apiserver.insecure_address }} --etcd-servers={% for member in master.etcd.members %}http://{{ member.host }}:4001{% if not loop.last %},{% endif %}{% endfor %} --admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota --service-cluster-ip-range={{ master.service_addresses }} --client-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --basic-auth-file=/srv/kubernetes/basic_auth.csv --tls-cert-file=/etc/kubernetes/ssl/kubernetes-server.crt --tls-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --secure-port={{ master.apiserver.get('secure_port', '443') }} --bind-address={{ master.apiserver.address }} --token-auth-file=/srv/kubernetes/known_tokens.csv --v=2 --allow-privileged=True --etcd-quorum-read=true" - -/etc/default/kube-controller-manager: - file.managed: - - user: root - - group: root - - mode: 644 - - contents: DAEMON_ARGS=" --master={{ master.apiserver.insecure_address }}:8080 --cluster-name=kubernetes --service-account-private-key-file=/etc/kubernetes/ssl/kubernetes-server.key --v=2 --root-ca-file=/etc/kubernetes/ssl/ca-{{ master.ca }}.crt --leader-elect=true" - -/etc/default/kube-scheduler: - file.managed: - - user: root - - group: root - - mode: 644 - - contents: DAEMON_ARGS=" --master={{ master.apiserver.insecure_address }}:8080 --v=2 --leader-elect=true" - -/etc/systemd/system/kube-apiserver.service: - file.managed: - - source: salt://kubernetes/files/systemd/kube-apiserver.service - - template: jinja - - user: root - - group: root - - mode: 644 - -/etc/systemd/system/kube-scheduler.service: - file.managed: - - source: salt://kubernetes/files/systemd/kube-scheduler.service - - template: jinja - - user: root - - group: root - - mode: 644 - -/etc/systemd/system/kube-controller-manager.service: - file.managed: - - source: salt://kubernetes/files/systemd/kube-controller-manager.service - - template: jinja - - user: root - - group: root - - mode: 644 - -master_services: - service.running: - - names: {{ master.services }} - - enable: True - - watch: - - file: /etc/default/kube-apiserver - - file: /etc/default/kube-scheduler - - file: /etc/default/kube-controller-manager - - file: /usr/bin/hyperkube - -{%- endif %} - - -{%- for name,namespace in master.namespace.iteritems() %} - -{%- if namespace.enabled %} - -/registry/namespaces/{{ name }}: - etcd.set: - - value: '{"kind":"Namespace","apiVersion":"v1","metadata":{"name":"{{ name }}"},"spec":{"finalizers":["kubernetes"]},"status":{"phase":"Active"}}' - -{%- else %} - -/registry/namespaces/{{ name }}: - etcd.rm - -{%- endif %} - -{%- endfor %} - -{%- if master.registry.secret is defined %} - -{%- for name,registry in master.registry.secret.iteritems() %} - -{%- if registry.enabled %} - -/registry/secrets/{{ registry.namespace }}/{{ name }}: - etcd.set: - - value: '{"kind":"Secret","apiVersion":"v1","metadata":{"name":"{{ name }}","namespace":"{{ registry.namespace }}"},"data":{".dockerconfigjson":"{{ registry.key }}"},"type":"kubernetes.io/dockerconfigjson"}' - -{%- else %} - -/registry/secrets/{{ registry.namespace }}/{{ name }}: - etcd.rm - -{%- endif %} - -{%- endfor %} - -{%- endif %} - -{%- endif %} diff --git a/kubernetes/master/flannel.sls b/kubernetes/master/flannel.sls deleted file mode 100644 index b7bbd65..0000000 --- a/kubernetes/master/flannel.sls +++ /dev/null @@ -1,66 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -/etc/kubernetes/network.json: - file.managed: - - source: salt://kubernetes/files/flannel/network.json - - makedirs: True - - user: root - - group: root - - mode: 755 - - template: jinja - -/etc/kubernetes/manifests/flannel-server.manifest: - file.managed: - - source: salt://kubernetes/files/manifest/flannel-server.manifest - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - - template: jinja - -/var/log/etcd-flannel.log: - file.managed: - - user: root - - group: root - - mode: 644 - -/var/log/flannel.log: - file.managed: - - user: root - - group: root - - mode: 644 - -{%- if not pillar.kubernetes.pool is defined %} - -flannel-tar: - archive: - - extracted - - user: root - - name: /opt/flannel - - source: https://storage.googleapis.com/kubernetes-release/flannel/flannel-0.5.5-linux-amd64.tar.gz - - tar_options: v - - source_hash: md5=972c717254775bef528f040af804f2cc - - archive_format: tar - - if_missing: /usr/local/src/flannel/flannel-0.5.5/ - -flannel-symlink: - file.symlink: - - name: /usr/local/bin/flanneld - - target: /usr/local/src/flannel-0.5.5/flanneld - - force: true - - watch: - - archive: flannel-tar - -/etc/default/flannel: - file.managed: - - source: salt://kubernetes/files/flannel/default.master - - template: jinja - - user: root - - group: root - - mode: 644 - -{%- endif %} - -{%- endif %} \ No newline at end of file diff --git a/kubernetes/master/glusterfs.sls b/kubernetes/master/glusterfs.sls deleted file mode 100644 index 8a94c14..0000000 --- a/kubernetes/master/glusterfs.sls +++ /dev/null @@ -1,22 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -/etc/kubernetes/glusterfs/glusterfs-endpoints.yml: - file.managed: - - source: salt://kubernetes/files/glusterfs/glusterfs-endpoints.yml - - makedirs: True - - user: root - - group: root - - mode: 644 - - template: jinja - -/etc/kubernetes/glusterfs/glusterfs-svc.yml: - file.managed: - - source: salt://kubernetes/files/glusterfs/glusterfs-svc.yml - - makedirs: True - - user: root - - group: root - - mode: 644 - - template: jinja - -{%- endif %} \ No newline at end of file diff --git a/kubernetes/master/init.sls b/kubernetes/master/init.sls deleted file mode 100644 index cff687f..0000000 --- a/kubernetes/master/init.sls +++ /dev/null @@ -1,20 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -include: -- kubernetes.master.service -- kubernetes.master.kube-addons -{%- if master.network.engine == "opencontrail" %} -- kubernetes.master.opencontrail-network-manager -{%- endif %} -{%- if master.network.engine == "flannel" %} -- kubernetes.master.flannel -{%- endif %} -{%- if master.network.engine == "calico" %} -{%- if not pillar.kubernetes.pool is defined %} -- kubernetes.master.calico -{%- endif %} -{%- endif %} -{%- if master.storage.get('engine', 'none') == 'glusterfs' %} -- kubernetes.master.glusterfs -{%- endif %} -- kubernetes.master.controller -- kubernetes.master.setup \ No newline at end of file diff --git a/kubernetes/master/kube-addons.sls b/kubernetes/master/kube-addons.sls deleted file mode 100644 index 6dc809c..0000000 --- a/kubernetes/master/kube-addons.sls +++ /dev/null @@ -1,122 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -addon-dir-create: - file.directory: - - name: /etc/kubernetes/addons - - user: root - - group: root - - mode: 0755 - -{%- if master.addons.dns.enabled %} - -/etc/kubernetes/addons/dns/skydns-svc.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/dns/skydns-svc.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/dns/skydns-rc.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/dns/skydns-rc.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -{% endif %} - -{%- if master.addons.dashboard.enabled %} - -/etc/kubernetes/addons/dashboard/dashboard-service.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/dashboard/dashboard-service.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/dashboard/dashboard-controller.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/dashboard/dashboard-controller.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -{%- if master.network.engine == "opencontrail" %} - -/etc/kubernetes/addons/dashboard/dashboard-address.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/dashboard/dashboard-address.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/dashboard/dashboard-endpoint.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/dashboard/dashboard-endpoint.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True -{% endif %} - -{% endif %} - -{%- if master.addons.heapster_influxdb.enabled %} - -/etc/kubernetes/addons/heapster-influxdb/heapster-address.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/heapster-influxdb/heapster-address.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/heapster-influxdb/heapster-controller.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/heapster-influxdb/heapster-controller.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/heapster-influxdb/heapster-endpoint.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/heapster-influxdb/heapster-endpoint.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/heapster-influxdb/heapster-service.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/heapster-influxdb/heapster-service.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/heapster-influxdb/influxdb-controller.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/heapster-influxdb/influxdb-controller.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -/etc/kubernetes/addons/heapster-influxdb/influxdb-service.yaml: - file.managed: - - source: salt://kubernetes/files/kube-addons/heapster-influxdb/influxdb-service.yaml - - template: jinja - - group: root - - dir_mode: 755 - - makedirs: True - -{% endif %} - -{% endif %} diff --git a/kubernetes/master/opencontrail-network-manager.sls b/kubernetes/master/opencontrail-network-manager.sls deleted file mode 100644 index 578abda..0000000 --- a/kubernetes/master/opencontrail-network-manager.sls +++ /dev/null @@ -1,23 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -/etc/kubernetes/manifests/kube-network-manager.manifest: - file.managed: - - source: salt://kubernetes/files/manifest/kube-network-manager.manifest - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - -/etc/kubernetes/network.conf: - file.managed: - - source: salt://kubernetes/files/opencontrail/network.conf - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - -{%- endif %} \ No newline at end of file diff --git a/kubernetes/master/service.sls b/kubernetes/master/service.sls deleted file mode 100644 index 46ada4d..0000000 --- a/kubernetes/master/service.sls +++ /dev/null @@ -1,8 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- from "kubernetes/map.jinja" import common with context %} -{%- if master.enabled %} - -include: -- kubernetes._common - -{%- endif %} diff --git a/kubernetes/master/setup.sls b/kubernetes/master/setup.sls deleted file mode 100644 index cf3d7a8..0000000 --- a/kubernetes/master/setup.sls +++ /dev/null @@ -1,15 +0,0 @@ -{%- from "kubernetes/map.jinja" import master with context %} -{%- if master.enabled %} - -{%- for addon_name, addon in master.addons.iteritems() %} -{%- if addon.enabled %} - -kubernetes_addons_{{ addon_name }}: - cmd.run: - - name: | - hyperkube kubectl apply -f /etc/kubernetes/addons/{{ addon_name }} - - unless: "hyperkube kubectl get rc {{ addon.get('name', addon_name) }} --namespace=kube-system" - -{%- endif %} -{%- endfor %} -{%- endif %} diff --git a/kubernetes/meta/sphinx.yml b/kubernetes/meta/sphinx.yml deleted file mode 100644 index 9afcc4d..0000000 --- a/kubernetes/meta/sphinx.yml +++ /dev/null @@ -1,15 +0,0 @@ -doc: - name: Kubernetes - description: Manage a cluster of Linux containers as a single system to accelerate Dev and simplify Ops. - role: - {%- if pillar.kubernetes.pool is defined %} - {%- from "kubernetes/map.jinja" import client with context %} - pool: - name: pool - param: {} - {%- endif %} - {%- if pillar.kubernetes.master is defined %} - master: - name: master - param: {} - {%- endif %} diff --git a/kubernetes/pool/calico.sls b/kubernetes/pool/calico.sls deleted file mode 100644 index fbe7bdb..0000000 --- a/kubernetes/pool/calico.sls +++ /dev/null @@ -1,88 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- if pool.enabled %} - -/tmp/calico/: - file.directory: - - user: root - - group: root - -copy-calico-ctl: - dockerng.running: - - image: {{ pool.network.calicoctl.image }} - -copy-calico-ctl-cmd: - cmd.run: - - name: docker cp copy-calico-ctl:calicoctl /tmp/calico/ - - require: - - dockerng: copy-calico-ctl - -/usr/bin/calicoctl: - file.managed: - - source: /tmp/calico/calicoctl - - mode: 751 - - user: root - - group: root - - require: - - cmd: copy-calico-ctl-cmd - -copy-calico-cni: - dockerng.running: - - image: {{ pool.network.cni.image }} - - command: cp -vr /opt/cni/bin/ /tmp/calico/ - - binds: - - /tmp/calico/:/tmp/calico/ - - force: True - -{%- for filename in ['calico', 'calico-ipam'] %} - -/opt/cni/bin/{{ filename }}: - file.managed: - - source: /tmp/calico/bin/{{ filename }} - - mode: 751 - - makedirs: true - - user: root - - group: root - - require: - - dockerng: copy-calico-cni - - require_in: - - service: calico_node -{%- endfor %} - -/etc/cni/net.d/10-calico.conf: - file.managed: - - source: salt://kubernetes/files/calico/calico.conf - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - - template: jinja - -/etc/calico/network-environment: - file.managed: - - source: salt://kubernetes/files/calico/network-environment.pool - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - - template: jinja - -{%- if pool.network.get('systemd', true) %} - -/etc/systemd/system/calico-node.service: - file.managed: - - source: salt://kubernetes/files/calico/calico-node.service.pool - - user: root - - group: root - - template: jinja - -calico_node: - service.running: - - name: calico-node - - enable: True - - watch: - - file: /etc/systemd/system/calico-node.service -{%- endif %} - -{%- endif %} diff --git a/kubernetes/pool/cni.sls b/kubernetes/pool/cni.sls deleted file mode 100644 index bf7f2bf..0000000 --- a/kubernetes/pool/cni.sls +++ /dev/null @@ -1,39 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- from "kubernetes/map.jinja" import common with context %} -{%- if pool.enabled %} - -{%- if common.hyperkube %} - -/tmp/cni/: - file.directory: - - user: root - - group: root - -copy-network-cni: - dockerng.running: - - image: {{ common.hyperkube.image }} - - command: cp -vr /opt/cni/bin/ /tmp/cni/ - - binds: - - /tmp/cni/:/tmp/cni/ - - force: True - - require: - - file: /tmp/cni/ - -{%- for filename in ['cnitool', 'flannel', 'tuning', 'bridge', 'ipvlan', 'loopback', 'macvlan', 'ptp', 'dhcp', 'host-local', 'noop'] %} -/opt/cni/bin/{{ filename }}: - file.managed: - - source: /tmp/cni/bin/{{ filename }} - - user: root - - group: root - - mode: 755 - - makedirs: True - - watch_in: - - service: kubelet_service - - require: - - dockerng: copy-network-cni - -{%- endfor %} - -{%- endif %} - -{%- endif %} diff --git a/kubernetes/pool/flannel.sls b/kubernetes/pool/flannel.sls deleted file mode 100644 index 6cc2513..0000000 --- a/kubernetes/pool/flannel.sls +++ /dev/null @@ -1,31 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- if pool.enabled %} - -flannel-tar: - archive: - - extracted - - user: root - - name: /opt/flannel - - source: https://storage.googleapis.com/kubernetes-release/flannel/flannel-0.5.5-linux-amd64.tar.gz - - tar_options: v - - source_hash: md5=972c717254775bef528f040af804f2cc - - archive_format: tar - - if_missing: /usr/local/src/flannel/flannel-0.5.5/ - -flannel-symlink: - file.symlink: - - name: /usr/local/bin/flanneld - - target: /usr/local/src/flannel-0.5.5/flanneld - - force: true - - watch: - - archive: flannel-tar - -/etc/default/flannel: - file.managed: - - source: salt://kubernetes/files/flannel/default.pool - - template: jinja - - user: root - - group: root - - mode: 644 - -{%- endif %} \ No newline at end of file diff --git a/kubernetes/pool/init.sls b/kubernetes/pool/init.sls deleted file mode 100644 index 713f849..0000000 --- a/kubernetes/pool/init.sls +++ /dev/null @@ -1,12 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -include: -- kubernetes.pool.cni -{%- if pool.network.engine == "calico" %} -- kubernetes.pool.calico -{%- endif %} -- kubernetes.pool.service -- kubernetes.pool.kubelet -{%- if pool.network.engine == "flannel" %} -- kubernetes.pool.flannel -{%- endif %} -- kubernetes.pool.kube-proxy diff --git a/kubernetes/pool/kube-proxy.sls b/kubernetes/pool/kube-proxy.sls deleted file mode 100644 index 8aa64be..0000000 --- a/kubernetes/pool/kube-proxy.sls +++ /dev/null @@ -1,52 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- if pool.enabled %} - -{%- if pool.get('container', 'true') %} - -/etc/kubernetes/manifests/kube-proxy.manifest: - file.managed: - - source: salt://kubernetes/files/manifest/kube-proxy.manifest.pool - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - - dir_mode: 755 - -{%- else %} - -/etc/kubernetes/proxy.kubeconfig: - file.managed: - - source: salt://kubernetes/files/kube-proxy/proxy.kubeconfig - - template: jinja - - user: root - - group: root - - mode: 644 - - makedirs: true - -/etc/systemd/system/kube-proxy.service: - file.managed: - - source: salt://kubernetes/files/systemd/kube-proxy.service - - template: jinja - - user: root - - group: root - - mode: 644 - -/etc/default/kube-proxy: - file.managed: - - user: root - - group: root - - mode: 644 - - contents: DAEMON_ARGS=" --logtostderr=true --v=2 --kubeconfig=/etc/kubernetes/proxy.kubeconfig --master={%- if pool.apiserver.insecure.enabled %}http://{{ pool.apiserver.host }}:8080{%- else %}https://{{ pool.apiserver.host }}{%- endif %}{%- if pool.network.engine == 'calico' %} --proxy-mode=iptables{% endif %}" - -pool_services: - service.running: - - names: {{ pool.services }} - - enable: True - - watch: - - file: /etc/default/kube-proxy - - file: /usr/bin/hyperkube - -{%- endif %} - -{%- endif %} diff --git a/kubernetes/pool/kubelet.sls b/kubernetes/pool/kubelet.sls deleted file mode 100644 index 6581ab2..0000000 --- a/kubernetes/pool/kubelet.sls +++ /dev/null @@ -1,31 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- if pool.enabled %} - -{%- if pool.host.label is defined %} - -{%- for name,label in pool.host.label.iteritems() %} - -{%- if label.enabled %} - -{{ name }}: - k8s.label_present: - - name: {{ name }} - - value: {{ label.value }} - - node: {{ pool.host.name }} - - apiserver: http://{{ pool.apiserver.host }}:8080 - -{%- else %} - -{{ name }}: - k8s.label_absent: - - name: {{ name }} - - node: {{ pool.host.name }} - - apiserver: http://{{ pool.apiserver.host }}:8080 - -{%- endif %} - -{%- endfor %} - -{%- endif %} - -{%- endif %} diff --git a/kubernetes/pool/service.sls b/kubernetes/pool/service.sls deleted file mode 100644 index 6abce3c..0000000 --- a/kubernetes/pool/service.sls +++ /dev/null @@ -1,24 +0,0 @@ -{%- from "kubernetes/map.jinja" import pool with context %} -{%- from "kubernetes/map.jinja" import common with context %} -{%- if pool.enabled %} - -include: -- kubernetes._common - -kubernetes_pool_container_grains_dir: - file.directory: - - name: /etc/salt/grains.d - - mode: 700 - - makedirs: true - - user: root - -kubernetes_pool_container_grain: - file.managed: - - name: /etc/salt/grains.d/kubernetes - - source: salt://kubernetes/files/kubernetes.grain - - template: jinja - - mode: 600 - - require: - - file: kubernetes_pool_container_grains_dir - -{%- endif %} \ No newline at end of file diff --git a/metadata.yml b/metadata.yml deleted file mode 100644 index 07fabcf..0000000 --- a/metadata.yml +++ /dev/null @@ -1,3 +0,0 @@ -name: "kubernetes" -version: "2017.1.2" -source: "https://github.com/openstack/salt-formula-kubernetes" diff --git a/metadata/service/common.yml b/metadata/service/common.yml deleted file mode 100644 index b02880d..0000000 --- a/metadata/service/common.yml +++ /dev/null @@ -1,5 +0,0 @@ -parameters: - kubernetes: - common: - network: - engine: none diff --git a/metadata/service/control/cluster.yml b/metadata/service/control/cluster.yml deleted file mode 100644 index e411788..0000000 --- a/metadata/service/control/cluster.yml +++ /dev/null @@ -1,6 +0,0 @@ -applications: -- kubernetes -parameters: - kubernetes: - control: - enabled: true \ No newline at end of file diff --git a/metadata/service/master/cluster.yml b/metadata/service/master/cluster.yml deleted file mode 100644 index 62e1042..0000000 --- a/metadata/service/master/cluster.yml +++ /dev/null @@ -1,65 +0,0 @@ -applications: -- kubernetes -classes: -- service.kubernetes.support -- service.kubernetes.common -parameters: - kubernetes: - master: - enabled: true - registry: - host: tcpcloud - service_addresses: 10.254.0.0/16 - admin: - username: ${_param:kubernetes_admin_user} - password: ${_param:kubernetes_admin_password} - kubelet: - allow_privileged: True - apiserver: - address: ${_param:cluster_local_address} - insecure_address: ${_param:cluster_local_address} - etcd: - members: - - host: ${_param:cluster_node01_address} - name: ${_param:cluster_node01_hostname} - - host: ${_param:cluster_node02_address} - name: ${_param:cluster_node02_hostname} - - host: ${_param:cluster_node03_address} - name: ${_param:cluster_node03_hostname} - addons: - dns: - enabled: true - replicas: 1 - domain: cluster.local - server: 10.254.0.10 - dnsmasq: - cache-size: 1000 - no-resolv: - server: 127.0.0.1#10053 - log-facility: "-" - dashboard: - enabled: True - heapster_influxdb: - enabled: False - token: - admin: ${_param:kubernetes_admin_token} - kubelet: ${_param:kubernetes_kubelet_token} - kube_proxy: ${_param:kubernetes_kube-proxy_token} - scheduler: ${_param:kubernetes_scheduler_token} - controller_manager: ${_param:kubernetes_controller-manager_token} - dns: ${_param:kubernetes_dns_token} - ca: kubernetes - storage: - engine: none - namespace: - kube-system: - enabled: True - network: - etcd: - members: - - host: ${_param:cluster_node01_address} - port: 4001 - - host: ${_param:cluster_node02_address} - port: 4001 - - host: ${_param:cluster_node03_address} - port: 4001 diff --git a/metadata/service/master/single.yml b/metadata/service/master/single.yml deleted file mode 100644 index 6a56ca5..0000000 --- a/metadata/service/master/single.yml +++ /dev/null @@ -1,57 +0,0 @@ -applications: -- kubernetes -classes: -- service.kubernetes.support -- service.kubernetes.common -parameters: - kubernetes: - master: - enabled: true - registry: - host: tcpcloud - service_addresses: 10.254.0.0/16 - admin: - username: ${_param:kubernetes_admin_user} - password: ${_param:kubernetes_admin_password} - kubelet: - allow_privileged: True - apiserver: - address: ${_param:single_address} - insecure_address: 0.0.0.0 - etcd: - members: - - host: ${_param:single_address} - name: ${linux:system:name} - addons: - dns: - enabled: true - replicas: 1 - domain: cluster.local - server: 10.254.0.10 - dnsmasq: - cache-size: 1000 - no-resolv: - server: 127.0.0.1#10053 - log-facility: "-" - dashboard: - enabled: True - heapster_influxdb: - enabled: False - token: - admin: ${_param:kubernetes_admin_token} - kubelet: ${_param:kubernetes_kubelet_token} - kube_proxy: ${_param:kubernetes_kube-proxy_token} - scheduler: ${_param:kubernetes_scheduler_token} - controller_manager: ${_param:kubernetes_controller-manager_token} - dns: ${_param:kubernetes_dns_token} - ca: kubernetes - storage: - engine: none - namespace: - kube-system: - enabled: True - network: - etcd: - members: - - host: ${_param:single_address} - port: 4001 diff --git a/metadata/service/pool/cluster.yml b/metadata/service/pool/cluster.yml deleted file mode 100644 index 7c42e12..0000000 --- a/metadata/service/pool/cluster.yml +++ /dev/null @@ -1,43 +0,0 @@ -applications: -- kubernetes -classes: -- service.kubernetes.support -- service.kubernetes.common -parameters: - kubernetes: - pool: - enabled: true - registry: - host: tcpcloud - host: - name: ${linux:system:name} - apiserver: - host: ${_param:cluster_vip_address} - insecure: - enabled: True - members: - - host: ${_param:cluster_vip_address} -# Temporary disabled until kubelet HA would be fixed -# - host: ${_param:cluster_node01_address} -# - host: ${_param:cluster_node02_address} -# - host: ${_param:cluster_node03_address} - address: ${_param:cluster_local_address} - cluster_dns: 10.254.0.10 - cluster_domain: cluster.local - kubelet: - config: /etc/kubernetes/manifests - allow_privileged: True - frequency: 5s - token: - kubelet: ${_param:kubernetes_kubelet_token} - kube_proxy: ${_param:kubernetes_kube-proxy_token} - ca: kubernetes - network: - etcd: - members: - - host: ${_param:cluster_node01_address} - port: 4001 - - host: ${_param:cluster_node02_address} - port: 4001 - - host: ${_param:cluster_node03_address} - port: 4001 diff --git a/metadata/service/pool/single.yml b/metadata/service/pool/single.yml deleted file mode 100644 index b01a719..0000000 --- a/metadata/service/pool/single.yml +++ /dev/null @@ -1,36 +0,0 @@ -applications: -- kubernetes -classes: -- service.kubernetes.support -- service.kubernetes.common -parameters: - kubernetes: - pool: - enabled: true - registry: - host: tcpcloud - host: - name: ${linux:system:name} - apiserver: - host: ${_param:master_address} - insecure: - enabled: True - members: - - host: ${_param:master_address} - address: 0.0.0.0 - cluster_dns: 10.254.0.10 - allow_privileged: True - cluster_domain: cluster.local - kubelet: - config: /etc/kubernetes/manifests - allow_privileged: True - frequency: 5s - token: - kubelet: ${_param:kubernetes_kubelet_token} - kube_proxy: ${_param:kubernetes_kube-proxy_token} - ca: kubernetes - network: - etcd: - members: - - host: ${_param:master_address} - port: 4001 diff --git a/metadata/service/support.yml b/metadata/service/support.yml deleted file mode 100644 index 661b1cf..0000000 --- a/metadata/service/support.yml +++ /dev/null @@ -1,11 +0,0 @@ -parameters: - kubernetes: - _support: - collectd: - enabled: false - heka: - enabled: false - sensu: - enabled: false - sphinx: - enabled: true diff --git a/tests/pillar/master_cluster.sls b/tests/pillar/master_cluster.sls deleted file mode 100644 index af37946..0000000 --- a/tests/pillar/master_cluster.sls +++ /dev/null @@ -1,66 +0,0 @@ -kubernetes: - common: - network: - engine: none - hyperkube: - image: hyperkube-amd64:v1.5.0-beta.3-1 - master: - addons: - dns: - domain: cluster.local - enabled: true - replicas: 1 - server: 10.254.0.10 - heapster_influxdb: - enabled: true - public_ip: 185.22.97.132 - dashboard: - enabled: true - public_ip: 185.22.97.131 - admin: - password: password - username: admin - registry: - host: tcpcloud - apiserver: - address: 10.0.175.100 - port: 8080 - ca: kubernetes - enabled: true - etcd: - members: - - host: 10.0.175.100 - name: node040 - kubelet: - allow_privileged: true - network: - engine: calico - hash: fb5e30ebe6154911a66ec3fb5f1195b2 - private_ip_range: 10.150.0.0/16 - version: v0.19.0 - service_addresses: 10.254.0.0/16 - storage: - engine: glusterfs - members: - - host: 10.0.175.101 - port: 24007 - - host: 10.0.175.102 - port: 24007 - - host: 10.0.175.103 - port: 24007 - port: 24007 - token: - admin: DFvQ8GJ9JD4fKNfuyEddw3rjnFTkUKsv - controller_manager: EreGh6AnWf8DxH8cYavB2zS029PUi7vx - dns: RAFeVSE4UvsCz4gk3KYReuOI5jsZ1Xt3 - kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe - kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r - logging: MJkXKdbgqRmTHSa2ykTaOaMykgO6KcEf - monitoring: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd - scheduler: HY1UUxEPpmjW4a1dDLGIANYQp1nZkLDk - version: v1.2.4 - namespace: - kube-system: - enabled: True - hyperkube: - hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd diff --git a/tests/pillar/pool_cluster.sls b/tests/pillar/pool_cluster.sls deleted file mode 100644 index 71dda18..0000000 --- a/tests/pillar/pool_cluster.sls +++ /dev/null @@ -1,51 +0,0 @@ -kubernetes: - common: - network: - engine: none - hyperkube: - image: hyperkube-amd64:v1.5.0-beta.3-1 - pool: - enabled: true - version: v1.2.0 - host: - name: ${linux:system:name} - apiserver: - host: 127.0.0.1 - insecure: - enabled: True - members: - - host: 127.0.0.1 - - host: 127.0.0.1 - - host: 127.0.0.1 - address: 0.0.0.0 - cluster_dns: 10.254.0.10 - cluster_domain: cluster.local - kubelet: - config: /etc/kubernetes/manifests - allow_privileged: True - frequency: 5s - token: - kubelet: 7bN5hJ9JD4fKjnFTkUKsvVNfuyEddw3r - kube_proxy: DFvQ8GelB7afH3wClC9romaMPhquyyEe - ca: kubernetes - network: - calicoctl: - image: calico/ctl - cni: - image: calico/cni - engine: calico - hash: c15ae251b633109e63bf128c2fbbc34a - ipam: - hash: 6e6d7fac0567a8d90a334dcbfd019a99 - version: v1.3.1 - version: v0.20.0 - etcd: - members: - - host: 127.0.0.1 - port: 4001 - - host: 127.0.0.1 - port: 4001 - - host: 127.0.0.1 - port: 4001 - hyperkube: - hash: hnsj0XqABgrSww7Nqo7UVTSZLJUt2XRd diff --git a/tests/run_tests.sh b/tests/run_tests.sh deleted file mode 100755 index 8c07e58..0000000 --- a/tests/run_tests.sh +++ /dev/null @@ -1,163 +0,0 @@ -#!/usr/bin/env bash - -set -e -[ -n "$DEBUG" ] && set -x - -CURDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -METADATA=${CURDIR}/../metadata.yml -FORMULA_NAME=$(cat $METADATA | python -c "import sys,yaml; print yaml.load(sys.stdin)['name']") - -## Overrideable parameters -PILLARDIR=${PILLARDIR:-${CURDIR}/pillar} -BUILDDIR=${BUILDDIR:-${CURDIR}/build} -VENV_DIR=${VENV_DIR:-${BUILDDIR}/virtualenv} -DEPSDIR=${BUILDDIR}/deps - -SALT_FILE_DIR=${SALT_FILE_DIR:-${BUILDDIR}/file_root} -SALT_PILLAR_DIR=${SALT_PILLAR_DIR:-${BUILDDIR}/pillar_root} -SALT_CONFIG_DIR=${SALT_CONFIG_DIR:-${BUILDDIR}/salt} -SALT_CACHE_DIR=${SALT_CACHE_DIR:-${SALT_CONFIG_DIR}/cache} - -SALT_OPTS="${SALT_OPTS} --retcode-passthrough --local -c ${SALT_CONFIG_DIR} --log-file=/dev/null" - -if [ "x${SALT_VERSION}" != "x" ]; then - PIP_SALT_VERSION="==${SALT_VERSION}" -fi - -## Functions -log_info() { - echo "[INFO] $*" -} - -log_err() { - echo "[ERROR] $*" >&2 -} - -setup_virtualenv() { - log_info "Setting up Python virtualenv" - virtualenv $VENV_DIR - source ${VENV_DIR}/bin/activate - pip install salt${PIP_SALT_VERSION} -} - -setup_pillar() { - [ ! -d ${SALT_PILLAR_DIR} ] && mkdir -p ${SALT_PILLAR_DIR} - echo "base:" > ${SALT_PILLAR_DIR}/top.sls - for pillar in ${PILLARDIR}/*; do - state_name=$(basename ${pillar%.sls}) - echo -e " ${state_name}:\n - ${state_name}" >> ${SALT_PILLAR_DIR}/top.sls - done -} - -setup_salt() { - [ ! -d ${SALT_FILE_DIR} ] && mkdir -p ${SALT_FILE_DIR} - [ ! -d ${SALT_CONFIG_DIR} ] && mkdir -p ${SALT_CONFIG_DIR} - [ ! -d ${SALT_CACHE_DIR} ] && mkdir -p ${SALT_CACHE_DIR} - - echo "base:" > ${SALT_FILE_DIR}/top.sls - for pillar in ${PILLARDIR}/*.sls; do - state_name=$(basename ${pillar%.sls}) - echo -e " ${state_name}:\n - ${FORMULA_NAME}" >> ${SALT_FILE_DIR}/top.sls - done - - cat << EOF > ${SALT_CONFIG_DIR}/minion -file_client: local -cachedir: ${SALT_CACHE_DIR} -verify_env: False -minion_id_caching: False - -file_roots: - base: - - ${SALT_FILE_DIR} - - ${CURDIR}/.. - - /usr/share/salt-formulas/env - -pillar_roots: - base: - - ${SALT_PILLAR_DIR} - - ${PILLARDIR} -EOF -} - -fetch_dependency() { - dep_name="$(echo $1|cut -d : -f 1)" - dep_source="$(echo $1|cut -d : -f 2-)" - dep_root="${DEPSDIR}/$(basename $dep_source .git)" - dep_metadata="${dep_root}/metadata.yml" - - [ -d /usr/share/salt-formulas/env/${dep_name} ] && log_info "Dependency $dep_name already present in system-wide salt env" && return 0 - [ -d $dep_root ] && log_info "Dependency $dep_name already fetched" && return 0 - - log_info "Fetching dependency $dep_name" - [ ! -d ${DEPSDIR} ] && mkdir -p ${DEPSDIR} - git clone $dep_source ${DEPSDIR}/$(basename $dep_source .git) - ln -s ${dep_root}/${dep_name} ${SALT_FILE_DIR}/${dep_name} - - METADATA="${dep_metadata}" install_dependencies -} - -install_dependencies() { - grep -E "^dependencies:" ${METADATA} >/dev/null || return 0 - (python - | while read dep; do fetch_dependency "$dep"; done) << EOF -import sys,yaml -for dep in yaml.load(open('${METADATA}', 'ro'))['dependencies']: - print '%s:%s' % (dep["name"], dep["source"]) -EOF -} - -clean() { - log_info "Cleaning up ${BUILDDIR}" - [ -d ${BUILDDIR} ] && rm -rf ${BUILDDIR} || exit 0 -} - -salt_run() { - [ -e ${VEN_DIR}/bin/activate ] && source ${VENV_DIR}/bin/activate - salt-call ${SALT_OPTS} $* -} - -prepare() { - [ -d ${BUILDDIR} ] && mkdir -p ${BUILDDIR} - - which salt-call || setup_virtualenv - setup_pillar - setup_salt - install_dependencies -} - -run() { - for pillar in ${PILLARDIR}/*.sls; do - state_name=$(basename ${pillar%.sls}) - salt_run --id=${state_name} state.show_sls ${FORMULA_NAME} || (log_err "Execution of ${FORMULA_NAME}.${state_name} failed"; exit 1) - done -} - -_atexit() { - RETVAL=$? - trap true INT TERM EXIT - - if [ $RETVAL -ne 0 ]; then - log_err "Execution failed" - else - log_info "Execution successful" - fi - return $RETVAL -} - -## Main -trap _atexit INT TERM EXIT - -case $1 in - clean) - clean - ;; - prepare) - prepare - ;; - run) - run - ;; - *) - prepare - run - ;; -esac