openstack/tripleo-heat-templates
Code Issues Proposed changes

Allow installing multiple-node Kubernetes

Browse Source 
By setting loadbalancer_apiserver_localhost to false we tell the
kubelets to register with 1st master rather than assuming there's an
API proxy running on each host.

Also Kubespray expects a specific format of inventory because it tries
to enforce that hostname matches the invenotry name of the node. This
previously resulted in incorrect hostnames being set.

And we also open the necessary firewall ports to allow the cluster to
communicate.

Change-Id: I1c0251be58535d59fe0ec157cb9acaba209e8732
This commit is contained in:
Jiri Stransky
2017-10-23 16:16:36 +02:00
parent d6a2160b82
commit a314d1b546
3 changed files with 49 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ci/environments/scenario006-multinode.yaml
View File

@@ -42,4 +42,14 @@ parameter_defaults:
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Kubernetes::Master
- OS::TripleO::Services::Kubernetes::Worker
ComputeServices:
- OS::TripleO::Services::Docker
- OS::TripleO::Services::Kernel
- OS::TripleO::Services::Ntp
- OS::TripleO::Services::Snmp
- OS::TripleO::Services::Timezone
- OS::TripleO::Services::TripleoPackages
- OS::TripleO::Services::TripleoFirewall
- OS::TripleO::Services::Sshd
- OS::TripleO::Services::Kubernetes::Worker
Debug: true

23
extraconfig/services/kubernetes-master.yaml
View File

@@ -38,7 +38,21 @@ outputs:
description: Role data for the Kubernetes Service
value:
service_name: kubernetes_master
config_settings: {}
config_settings:
tripleo.kubernetes_master.firewall_rules:
'200 kubernetes-master api':
dport: 6443
proto: tcp
'200 kubernetes-master etcd':
dport:
- 2379
- 2380
proto: tcp
'200 kubernetes-master flannel':
dport:
- 8285
- 8472
proto: udp
upgrade_tasks: []
step_config: ''
external_deploy_tasks:
@@ -75,16 +89,18 @@ outputs:
kube-master:
hosts:
{% for host in groups['kubernetes_master'] -%}
{{host}}:
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
{% endfor %}
kube-node:
hosts:
{% for host in groups['kubernetes_worker'] -%}
{{host}}:
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
{% endfor %}
etcd:
@@ -102,6 +118,7 @@ outputs:
kubeconfig_localhost: true
kubectl_localhost: true
artifacts_dir: '{{playbook_dir}}/kubespray/artifacts'
loadbalancer_apiserver_localhost: false
- name: generate kubespray playbook
copy:
dest: "{{playbook_dir}}/kubespray/playbook.yml"

20
extraconfig/services/kubernetes-worker.yaml
View File

@@ -41,6 +41,24 @@ outputs:
# as workers. The actual installation is performed in
# kubernetes-master service template.
service_name: kubernetes_worker
config_settings: {}
config_settings:
tripleo.kubernetes_worker.firewall_rules:
'200 kubernetes-worker kubelet':
dport:
- 10250
- 10255
proto: tcp
'200 kubernetes-worker external services':
dport: '30000-32767'
'200 kubernetes-worker flannel':
dport:
- 8285
- 8472
proto: udp
'200 kubernetes-worker calico bgp':
dport: 179
proto: tcp
'200 kubernetes-worker calico ipv4-in-ip':
proto: ipv4
upgrade_tasks: []
step_config: ''