Allow installing multiple-node Kubernetes
By setting loadbalancer_apiserver_localhost to false we tell the kubelets to register with 1st master rather than assuming there's an API proxy running on each host. Also Kubespray expects a specific format of inventory because it tries to enforce that hostname matches the invenotry name of the node. This previously resulted in incorrect hostnames being set. And we also open the necessary firewall ports to allow the cluster to communicate. Change-Id: I1c0251be58535d59fe0ec157cb9acaba209e8732changes/30/514730/5
Jiri Stransky
parent
d6a2160b82
commit
a314d1b546
|
|
@ -42,4 +42,14 @@ parameter_defaults:
|
|||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Kubernetes::Master
|
||||
- OS::TripleO::Services::Kubernetes::Worker
|
||||
ComputeServices:
|
||||
- OS::TripleO::Services::Docker
|
||||
- OS::TripleO::Services::Kernel
|
||||
- OS::TripleO::Services::Ntp
|
||||
- OS::TripleO::Services::Snmp
|
||||
- OS::TripleO::Services::Timezone
|
||||
- OS::TripleO::Services::TripleoPackages
|
||||
- OS::TripleO::Services::TripleoFirewall
|
||||
- OS::TripleO::Services::Sshd
|
||||
- OS::TripleO::Services::Kubernetes::Worker
|
||||
Debug: true
|
||||
|
|
|
|||
|
|
@ -38,7 +38,21 @@ outputs:
|
|||
description: Role data for the Kubernetes Service
|
||||
value:
|
||||
service_name: kubernetes_master
|
||||
config_settings: {}
|
||||
config_settings:
|
||||
tripleo.kubernetes_master.firewall_rules:
|
||||
'200 kubernetes-master api':
|
||||
dport: 6443
|
||||
proto: tcp
|
||||
'200 kubernetes-master etcd':
|
||||
dport:
|
||||
- 2379
|
||||
- 2380
|
||||
proto: tcp
|
||||
'200 kubernetes-master flannel':
|
||||
dport:
|
||||
- 8285
|
||||
- 8472
|
||||
proto: udp
|
||||
upgrade_tasks: []
|
||||
step_config: ''
|
||||
external_deploy_tasks:
|
||||
|
|
@ -75,16 +89,18 @@ outputs:
|
|||
kube-master:
|
||||
hosts:
|
||||
{% for host in groups['kubernetes_master'] -%}
|
||||
{{host}}:
|
||||
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
|
||||
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
|
||||
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
|
||||
{% endfor %}
|
||||
|
||||
kube-node:
|
||||
|
||||
hosts:
|
||||
{% for host in groups['kubernetes_worker'] -%}
|
||||
{{host}}:
|
||||
{{ hostvars.raw_get(host)['ansible_hostname'] }}:
|
||||
ansible_user: {{ hostvars.raw_get(host)['ansible_user'] | default(hostvars.raw_get(host)['ansible_ssh_user']) | default('root') }}
|
||||
ansible_host: {{ hostvars.raw_get(host)['ansible_host'] | default(host) }}
|
||||
{% endfor %}
|
||||
|
||||
etcd:
|
||||
|
|
@ -102,6 +118,7 @@ outputs:
|
|||
kubeconfig_localhost: true
|
||||
kubectl_localhost: true
|
||||
artifacts_dir: '{{playbook_dir}}/kubespray/artifacts'
|
||||
loadbalancer_apiserver_localhost: false
|
||||
- name: generate kubespray playbook
|
||||
copy:
|
||||
dest: "{{playbook_dir}}/kubespray/playbook.yml"
|
||||
|
|
|
|||
|
|
@ -41,6 +41,24 @@ outputs:
|
|||
# as workers. The actual installation is performed in
|
||||
# kubernetes-master service template.
|
||||
service_name: kubernetes_worker
|
||||
config_settings: {}
|
||||
config_settings:
|
||||
tripleo.kubernetes_worker.firewall_rules:
|
||||
'200 kubernetes-worker kubelet':
|
||||
dport:
|
||||
- 10250
|
||||
- 10255
|
||||
proto: tcp
|
||||
'200 kubernetes-worker external services':
|
||||
dport: '30000-32767'
|
||||
'200 kubernetes-worker flannel':
|
||||
dport:
|
||||
- 8285
|
||||
- 8472
|
||||
proto: udp
|
||||
'200 kubernetes-worker calico bgp':
|
||||
dport: 179
|
||||
proto: tcp
|
||||
'200 kubernetes-worker calico ipv4-in-ip':
|
||||
proto: ipv4
|
||||
upgrade_tasks: []
|
||||
step_config: ''
|
||||
|
|
|
|||
Loading…
Reference in New Issue